KubeCon + CloudNativeCon Europe 2020: Full Schedule

Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

08:00 CEST

Cloud Native ROOST Hack-a-thon presented by Zettabytes (Complimentary Registration Required)

Zettabytes is excited to present to you a Cloud Native Hackathon with over $10K in cash and amazing prizes. We invite you to showcase your skills in App Dev, ML, SRE, or DevOps to our panel of esteemed Judges leveraging the power of the ROOST. ROOST is a Cloud-Native Platform driving Collaboration & Observability. ROOST Kubernetes Desktop enables you to begin coding and collaborating almost immediately.
For more on ROOST, please visit: https://docs.roost.io/

How to Register: Pre-registration is required. To register for Cloud Native ROOST Hack-a-thon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to ROOST@zb.io.

Monday August 17, 2020 08:00 - 17:00 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

12:30 CEST

Expo Hall

Visit our sponsors in the virtual exhibit halls to try the latest demos, talk to experts, and score some swag.

Monday August 17, 2020 12:30 - 19:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

12:30 CEST

Sponsor Demo Theater

Join our sponsors for 15-minute technical demos as they showcase how they are adopting Kubernetes and other open source technologies. All sessions are available on-demand in the Demo Theater:

Cisco - All Your Policies Are Belong To Us
Remi Philippe, Principal Engineer. Technical Marketing, Cisco
Handout Attached

Red Hat - Knative, Kafka, Tekton, KubeVirt via OpenShift 4.5 with Red Hat Advanced Cluster Management
Burr Sutter, Director of Developer Experience, Red Hat
Michael Elder, Senior Distinguished Engineer, Red Hat
William Oliveira, Senior Manager - Product Management, Red Hat

IBM Cloud - IBM Cloud Satellite, IBM Cloud Anywhere You Need It
Briana Frank, Director of Product Management - IBM Cloud
Jason McGee, IBM Fellow, CTO & VP Cloud Platform IBM
Handout

VMware - Cluster API in TKG Service Architecture and Data Protection on TMC featuring Velero
Kendrick Coleman, TKG & Open Source, Technical Product Marketing Manager - VMware
Keith Lee, Sr. Tech Marketing Architect MAPBU - VMware

Rancher - K3s and Raspberry Pi to Go - Portable and Practical
Sheldon Lo-A-Njoe. Field Engineer, Rancher

SUSE - Power AI Using Kubeflow / Deliver Applications Faster using Kubernetes
Marek Counts, Senior Engineer, SUSE
Andrew Gracey, Developer Evangelist, SUSE

HPE - Utilizing Kubernetes in Hybrid and Multi-Cloud Environments
Terry Chiang, Data Scientist, HPE
Sandeep Deshmukh, Platform Product Manager, HPE
Don Wake, Technical Marketing Engineer, HPE
Handout Attached

Microsoft Azure - Kubernetes on Azure
Sean McKenna, Principal Program Manager, Microsoft

Mirantis - Lens - The world's most popular Kubernetes IDE
Miska Kaipiainen, Sr. Director, Product Development, Mirantis
Matt Bentley, Director, Presales, Mirantis

AWS - TorchElastic Controller for Kubernetes
Mike Stefaniak, Sr Product Manager, EKS, AWS

Palo Alto Networks - Get started with Cloud Native Security - OPA
Ashley Ward, Cloud CTO Prisma Cloud, Palo Alto Networks

NetApp - Kubernetes is Ready For Data: The Case For App Data Management
Paul Burt, Technical Marketing Engineer, NetApp

Google Cloud - Building a Software Delivery Platform
Vic Iglesias, Sr. Product Manager
Ameer Abbas, Cloud Solutions Architect
Steve McGhee, Cloud Solutions Architect

CircleCI - Increase App Confidence using CI/CD and Infrastructure as Code
Angel Rivera, Developer Advocate, CircleCI

GitLab - Developer Flow with Kubernetes
Cesar Saavedra, Technical Marketing Manager, GitLab

DataStax - Cloud Native Cassandra: Deploying on Kubernetes with cass-operator
Cédrick Lunven, Director of Developer Advocacy at DataStax
Handout Attached

HAProxy Technologies - Benchmarking 5 Popular Ingress Controllers
Daniel Corbett, Director of Product, HAProxy Technologies

Elastic - Elastic and Kubernetes: From Orchestration to Observability
Jamie Smith, Product Marketing, Observability, Elastic

Datadog - Autoscaling Workloads in Kubernetes
Ara Pulido, Technical Evangelist, Datadog

Dell Technologies - Enterprise Data Management and Protection for Kubernetes Workloads
Parasar Kodati, GTM Lead for Kubernetes, Dell Technologies

Cisco All Your Policies Are Belong To Us Cisco pdf

DataStax Cloud Native Cassandra Deploying on Kubernetes with cass operator pdf

HPE UTILIZING KUBERNETES Handout pdf

Monday August 17, 2020 12:30 - 19:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

13:00 CEST

Lightning Talks Opening Remarks: Vicki Cheung, KubeCon + CloudNativeCon Europe 2020 Co-Chair

Speakers

Vicki Cheung

Staff Software Engineer, Lyft

Vicki is a staff software engineer at Lyft, where she helped drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.

Monday August 17, 2020 13:00 - 13:02 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions

13:00 CEST

KubeAcademy: Kubernetes Application and Container Workflows hosted by VMware (Complimentary Registration Required)

Ready to dive a little deeper into the world of Kubernetes? Understand the first principles of a cloud native infrastructure, and then dig into our lab environment to containerise and deploy your first application on Kubernetes. This training is designed for attendees who are early in their cloud-native journey—you will walk out with more knowledge of basic concepts and greater comfort in working with containers.

Attendees will:

Learn about Containers and use Docker files to containerise applications
Become familiar with authoring YAML files and their syntax
Understand Kubernetes from a user facing concept perspective (Pods, Services, Deployments, Labels, etc.)
Become familiar with kubectl and its commands/usage
Understand the cloud native and design principles of Kubernetes and its architecture
And more

Prerequisites

Laptop with the latest version of Chrome or Firefox
Linux concepts and command line proficiency
General networking proficiency

How to Register: Coming soon. Limited to 100 attendees – don’t miss out!

For questions regarding this event, please reach out to boschem@vmware.com.

Monday August 17, 2020 13:00 - 16:00 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

13:00 CEST

Cloud Native Security Day hosted by CNCF (Additional Registration + Fee Required)

Cloud Native Security Day is designed to bring together the cloud native security community together to discuss and share current challenges and solutions in cloud native security. This event provides a single place for people involved or getting involved in cloud native security to get together in a vendor neutral space.

This event allows and encourages open collaboration and sharing of cloud native security accomplishments and roadblocks. Cloud native security is a multi-objective and multi-constrained problem space spanning many areas. Pretty much everything falls into security, from identity management to storage solutions. Cloud Native Security Day (#cnsecurityday) is intended to drive collaboration, discussion, and knowledge sharing of cloud native security accomplishments and roadblocks. Get connected with others that are passionate about security. Learn from practitioners about pitfalls to avoid, hurdles to jump, and how to integrate security into your cloud native project, architecture, and enhance team awareness on security.

Full details are available here.

How to Register: Pre-registration is required. To register for Cloud Native Security Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday August 17, 2020 13:00 - 19:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

13:00 CEST

ServiceMeshCon hosted by CNCF (Additional Registration + Fee Required)

ServiceMeshCon is a vendor-neutral conference on service mesh technologies, featuring maintainers across different service mesh projects and also showcasing the lessons learned from running service meshes in production.

Full details are available here.

How to Register: Pre-registration is required. To register for ServiceMeshCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday August 17, 2020 13:00 - 19:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

13:00 CEST

NSMCon hosted by the NSM Community (Complimentary Registration Required)

Why Attend NSMCon? Are you running workloads in multiple clusters? Across multiple clouds: on-premises, hybrid, multicloud, or public cloud? Do they need to interact with legacy workloads running in less “cloudy” environments? Network Service Mesh (NSM) ties them all together, at the granularity of individual workloads, not cluster/VPCs/data centers. NSM is a community-driven, CNCF Sandbox project that is rapidly gaining momentum because of its ability to simplify connectivity between workloads, independent of where they are running. It extends an IP reachability domain to workloads running in multiple clusters, legacy environments, on-premises, or in a public cloud, communicating with the protocols they are currently using.

NSM does this at the granularity of individual workloads. Your workloads have connectivity to just the workloads they need…nothing more, nothing less. NSM brings the useful features of a Service Mesh from the lofty heights of HTTP all the way down to IP itself. Applications and Application Service Meshes, such as Istio, run unaltered on top, leaving the hybrid/multicloud IP connectivity to NSM.

The project emerged organically as a community project to solve these problems by applying the Service Mesh thought process all the way down to IP with the global peering mentality of the Internet itself – without breaking your existing environment.

Join the people building and using NSM at NSMCon for a day of tutorials, deep dives, and use cases to learn how NSM works, what it can do for you, and, most importantly, what’s coming next. For more information and the schedule visit the NSMCon 2020 website.

How to Register: Pre-registration is required. To register for NSMcon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to nsmcon@networkservicemesh.io.

Monday August 17, 2020 13:00 - 20:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

13:00 CEST

Serverless Practitioners Summit hosted by CNCF (Additional Registration + Fee Required)

The goal is to unite the serverless practitioner community and present end users with comprehensive strategies to understand serverless in a cloud native context. To do that, we plan to create a full-day single-track serverless conference that follows our initial successful work in the CNCF serverless working group and surrounding projects.

Full details are available here.

How to Register: Pre-registration is required. To register for Serverless Practitioners Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday August 17, 2020 13:00 - 21:00 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

13:02 CEST

etcd Watchers Not Working? Improving Error Handling in Your Applications - Guillermo Nunez, IBM

When building services with etcd, one of the best features of etcd is watchers. It allows developers to create applications such that when a dataset is changed, the watcher for that dataset on another system receives the notification and performs user-specified action. A simple use case is a user has a program using etcd watchers to monitor the stock market and sell (user-defined action) if their stock of interest falls below price $X.

There are error failures that are not automatically covered with an etcd cluster such as network connectivity issues, DC outage, and cloud infrastructure maintenance. The talk consists of the following:
- what watchers are
- how to build your services using heartbeat key for monitoring etcd watchers
- perform locking on watchers to prevent race conditions
- caching data locally for your service to keep running until the etcd cluster is back up.

Speakers

Guillermo Nunez

Staff Software Developer, IBM

Guillermo Nunez joined IBM in March 2015 and works on the IBM Cloud - Network team. He played a critical development role in FSA 10G offering, upgraded the FW infrastructure to ensure security and compliance are met, and currently is working on the IBM VPC Load Balancer.

Monday August 17, 2020 13:02 - 13:07 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Application + Development

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/ftfZli-BvJ8

13:08 CEST

What's an Application in Kubernetes? - Antoine Legrand, Red Hat

A very simple question but with many different answers when asked. Kubernetes should provide a ground set of concepts that allows interoperability of systems and a shared knowledge in the ecosystem. In any kubernetes distribution, a Pod or a Service have the same definition, this is not the case for application. As end-users are mainly managing apps, it's time for kubernetes to get a representation and a definition of it.
The sig-apps community came to an agreement to provide this missing piece. They created a new Application resource and its controller. This talk is bringing light to this new upstream resource, the features it provides with concrete examples, and the next steps and how to get involved.

Speakers

Antoine Legrand

Engineering Manager, Red Hat

Antoine Legrand is an engineering manager at CoreOS/Red Hat. He co-founded Kubespray and works closely with major actors in the ecosystem to improve the user experience in managing application and Kubernetes clusters. Antoine is involved with open source and cloud-native software... Read More →

KubeconEU2020 alegrand pdf

Monday August 17, 2020 13:08 - 13:13 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Application + Development

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Pm4e9dttI-o

13:14 CEST

Users First: Why (and How!) We Internationalized Our Cloud-Native Project - Carol Scott, Buoyant

While there are many resources online about internationalization (i18n) in general, there are Kubernetes-specific lessons that we learned at Buoyant in the process of internationalizing Linkerd’s web dashboard that are vital for end users and CNCF project maintainers alike who are building robust, global projects.

This lightning talk will share Linkerd’s recent i18n journey, including

- Why internationalizing user-facing features affects your project's success
- What i18n has to do with accessibility (a11y)
- What we applied -- and what we didn’t! -- from the K8s community’s i18n practices
- Kubernetes-specific pitfalls when internationalizing content

Audience members will leave with an accessible, easy roadmap to go from i18n idea to execution, with minimal organizational hiccups.

Speakers

Carol Scott

Software Engineer, Buoyant

Carol Scott is a Software Engineer at Buoyant, where she contributes to the web dashboard and CLI of the open source Linkerd service mesh project. Her work on Linkerd includes guiding internationalization of the dashboard, reviewing PRs from contributors around the world, and making... Read More →

Monday August 17, 2020 13:14 - 13:19 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/qlM6Xo30oqs

13:20 CEST

Think Design About Pretty Kubectl Plugins - Aya Igarashi, Z Lab Corporation

What is a well-designed CLI?
How do we develop it?

Kubernetes is widely spread and people start to be interested in Day2 Operation. Along with this, the number of kubectl plugins is developed recently.

In this presentation, Aya Igarashi will talk about how to improve the design and develop a kubectl plugin based on her experience. She develops kubectl-bindrole which is a kubectl plugin that summarizes permissions for an RBAC account.
https://github.com/Ladicle/kubectl-bindrole

This session will be helpful for people who want to develop kubectl plugins, as well as for general CLI development.

Speakers

Aya Igarashi

Software Engineer, Z Lab Corp.

Aya Igarashi is a Software Engineer at Z Lab where she is working on k8s operator and serverless platform for Yahoo! Japan. At a previous job, she and her team built bare-metal and other cloud services based on OpenStack.

think design about pretty kubectl plugins by ladicle pdf

Monday August 17, 2020 13:20 - 13:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Application + Development

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/ACRPHEhliWI

13:26 CEST

Stayin' Alive: PodDisruptionBudgets for Maintenance and Upgrades - Matthew Robson, Red Hat

As we work harder to automate our clusters, it becomes more and more difficult to guarantee the availability requirements of our applications. In large clusters, operations teams may not have the insights to ensure an applications minimum capacity requirements are maintained. Without that understanding, you may inadvertently bring down or inhibit applications through routine maintenance activities.

Enter the Pod Disruption Budget (PDB). Simply put, PDBs allows application owners to define the minimum requirement for a service to operate in a stable manner.

In this Lightning Talk, let me walk you through the benefits, usage and implementation of PDB’s. As an attendee, you will walk away with the necessary knowledge on how to use PDBs to define enforceable operating requirements of your applications.

Speakers

Matthew Robson

Principal Technical Account Manager, Red Hat

Matt is a Principal Technical Account Manager working as a Kubernetes and Container Subject Matter Expert in Red Hat's Global Customer Success group. He has spent the last 10+ years working for and helping organizations design, implement, test and tune large scale infrastructure... Read More →

mrobson kubecon eu2020 stayin alive pdbs pdf

Monday August 17, 2020 13:26 - 13:31 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Operations

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/0AGZ5no6-yo

13:30 CEST

Building a DevOps Pipeline with Kubernetes and Apache Cassandra™ hosted by DataStax (Complimentary Registration Required)

Join this workshop to see the true power of Apache Cassandra™ combined with Kubernetes cloud-native resources and best practice DevOps pipelines to support today’s modern application needs.
Today’s applications require extreme performance, availability, and scalability in order to respond to hockey stick growth and viral trends. Cassandra has answered this call for over a decade as the premier distributed database for production-at-scale workloads. From financial services transactions to entertainment streaming services, Cassandra is present in the applications and backend architectures that impact our daily lives.
In this workshop, we will introduce you to Cassandra’s architecture and logical fault domains as well as the Kubernetes components that complement this architecture. We’ll then shift to simplifying your architecture by leveraging operators and custom resource definitions, so you can think about your Cassandra cluster as a logical unit instead of a collection of individual Kubernetes resources.

All attendees will receive a FREE Cassandra Certification voucher, normally priced at $375.

How to Register: Pre-registration is required. To register for Building a DevOps Pipeline, add it on during your KubeCon + CloudNativeCon registration.

You will receive an email from DataStax with instructions on how to access the workshop. For questions regarding this event, please reach out to jessica.benton@datastax.com.

Monday August 17, 2020 13:30 - 16:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

13:32 CEST

Making Envoy Contributions Feasible for Everyone - Yaroslav Skopets, Tetrate.io

Have you ever considered contributing to Envoy?
What stops you?
Is it C++?
Is it completely different toolset?
Just don't feel yourself productive?
Well, we've got some news for you.
Thanks to a shiny, brand-new technology (WebAssembly), Envoy is becoming a polyglot.
And putting the human factor first, it means that now You can contribute using the toolbox that works best for You.
Paraphrasing, a demo is worth a thousand words.
Let's pick a language that everybody claims to be good at (JavaScript) and, surprisingly, use it to extend Envoy.
We'll do it live, under 5 minutes and have fun along the away (instead of cursing the-never-ending C++ compilation).

Speakers

Yaroslav Skopets

Software Engineer, Tetrate

Yaro is a Software Engineer @ Tetrate and Envoy contributor. Currently, he works on `GetEnvoy Extension Toolkit` (https://www.getenvoy.io) and `Envoy SDK for Rust` (https://github.com/tetratelabs/envoy-wasm-rust-sdk). Previously, Yaro gave a talk `Making Envoy Contributions Feasible... Read More →

Making Envoy Contributions Feasible For Everyone Yaroslav Skopets pdf

Monday August 17, 2020 13:32 - 13:37 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Service Mesh

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/mJAYHHKmLhU

13:38 CEST

Using SOPS, Kube Secrets and a CD Pipeline For Secure Configuration - Tom Hipwell, Bulb

Managing configuration doesn't have to be complex, this lightening talk will show a super simple pattern for having configuration live within your repo and deployed to your Kubernetes cluster as a Secret or ConfigMap using a CD pipeline.

This is done using a CLI tool from Mozilla known as SOPS, with an envelope encryption model based on a master key supplied by a cloud based KMS provider such as AWS and a CD pipeline implemented using CircleCI. This pattern keeps your configuration secure, but allows it to be controlled in version control, under code-review and released using your build pipeline.

Speakers

Tom Hipwell

Principal Platform Engineer, Bulb

Tom is Principal Platform Engineer at Bulb, the fastest growing startup in the U.K and newly launched in Spain, France and Texas. Bulb is on a mission to make energy simpler, cheaper and greener. To do this, Tom led the design and build of Bulb's Billing Platform. Written in Python... Read More →

Monday August 17, 2020 13:38 - 13:43 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, CI/CD

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Gy7cTsbxbDI

13:44 CEST

Build & Deploy a CNF in 5 Minutes - Rastislav Szabo, PANTHEON.tech

Cloud Native Network Function (CNF) is a software implementation of a network function, traditionally performed on a physical device (e.g. IPv4/v6 router, L2 bridge/switch, VPN gateway, firewall), but built and deployed in a cloud-native way.

This talk will show a live demo on how a CNF providing cloud-native NAT (Network Address Translation) functionality can be built and deployed into a Kubernetes cluster within 5 minutes. To achieve that, several open source projects will be used: FD.io (an open source terabit software dataplane), Ligato.io (programming framework for building CNF control and management plane) and Network Service Mesh for interconnecting CNFs in a Kubernetes cluster on required network layers.

Speakers

Rastislav Szabo

Senior Software Engineer, Kubermatic

Rastislav is an enthusiastic and motivated infrastructure software engineer with more than 15 years of software development and 5 years of cloud-native experience. He is working as a software engineer at Kubermatic focusing mainly on the networking part of the Kubermatic Kubernetes... Read More →

KubeCon CNFs pdf

Monday August 17, 2020 13:44 - 13:49 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions, Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/CVz0fDSGj-U

13:50 CEST

Lightning Talks Closing Remarks: Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair

Speakers

Constance Caramanolis

Principal Software Engineer, Splunk

Constance is a principal software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and... Read More →

Monday August 17, 2020 13:50 - 13:52 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Lightning Talk Sessions

14:00 CEST

KubeCon + CloudNativeCon 101: A Beginner’s Guide to The Conference - Karen Chu & Michelle Noorali, Microsoft

First time attending KubeCon + CloudNativeCon? Not sure how to approach it? Getting decision paralysis from all there is to learn from? We gotchu.

Come join us at the start of the conference to learn the best ways to get the most out of your time here. Collectively, both Karen and Michelle have been to almost every KubeCon + CloudNativeCon event since its inception and have identified tricks/tips to help guide you through your first conference, including:

-Attending sessions
-Hallway tracks
-CNCF projects
-Meeting project maintainers
-Mentoring sessions
-Approaching the sponsor hall
-How to think about CFPs for the future

Speakers

Michelle Noorali

Senior Software Engineer, Microsoft

Michelle Noorali is a Sr. Software Engineer at Microsoft and was Co-Chair for KubeCon+CloudNativeCon 2017. She is a member of the CNCF Technical Oversight Committee and serves as a developer representative on the CNCF Governing Board. Michelle is also a core maintainer of several... Read More →

Karen Chu

Community PM, Microsoft

Karen Chu is a Community PM on the Microsoft Azure Container Compute Upstream team with a focus on open source tools such as Helm, CNAB, Brigade, CNAB, and more. She is a CNCF Ambassador, meet-up organizer, and conference organizer. She has also worked The Illustrated Children’s... Read More →

Close Captioning Transcripts BCDO 5186 txt

Monday August 17, 2020 14:00 - 14:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

101 Track

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/VDzp0HhF0vk

14:00 CEST

The New Stack "Pancake Breakfast": Is Kubernetes Boring Yet? What’s on Your Stack?

Kubernetes is boring and that’s a good thing. It’s what’s on top of Kubernetes that counts. So join us for a short stack with The New Stack as we ask: “What’s on your stack?” We’ll pass the virtual syrup, and talk about all that goes with Kubernetes. It may be stateless, but that also means there’s plenty of room for sides.

Speakers

Janakiram MSV

Principal Analyst, Janakiram & Associates

Janakiram is a practicing architect, analyst, and advisor with a focus on emerging infrastructure technologies. He provides strategic advisory to technology platform companies, startups, ISVs, and enterprises. As a practitioner working with a diverse Enterprise customer base across... Read More →

Priyanka Sharma

Executive Director, CNCF

Priyanka is the Executive Director of the Cloud Native Computing Foundation (CNCF) which serves as the vendor-neutral home for 100+ of the fastest-growing open source projects, including Kubernetes, Prometheus, and Envoy. She is also a co-creator of the Inclusive Naming Initiative... Read More →

Alex Williams

Founder and Publisher, The New Stack

Alex Williams is founder and publisher of The New Stack, a media platform for the people who build and manage software the world relies on. He was an editor at ReadWriteWeb and TechCrunch before leaving in 2014 to start The New Stack. Alex hosts The New Stack Makers podcast and pancake... Read More →

Bill Zajac

Regional Director, Dynatrace

Bill has spent his career working with customers specifically on their modernization strategies. In his current role as a Regional Director at Dynatrace, he has regular conversations with some of the largest enterprise companies who know they need to digitally transform but are looking... Read More →

Patrick McFadin

VP of Developer Relations, DataStax

Patrick McFadin is the VP of Developer Relations at DataStax, where he leads a team devoted to making users of Apache Cassandra successful. He has also worked as Chief Evangelist for Apache Cassandra and consultant for DataStax, where he helped build some of the largest and exciting... Read More →

Close Captioning Transcripts TPQM 8891 (1) txt

Monday August 17, 2020 14:00 - 14:50 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Experiences

Link to Video Recording https://youtu.be/gD0WG7OP45E

14:00 CEST

Meet the Maintainer: Strimzi

Monday August 17, 2020 14:00 - 15:00 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

14:35 CEST

Break

Monday August 17, 2020 14:35 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Breaks

14:45 CEST

Meet the Maintainer: Vitess

Monday August 17, 2020 14:45 - 15:45 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

15:05 CEST

From Minikube to Production, Never Miss a Step in Getting Your K8s Ready - Horacio Gonzalez & Kevin Georges, OVHcloud

So you have installed your Kubernetes cluster, and you have deployed some apps on it, but the idea of putting it into production makes you uneasy... Well, this talk is for you!

The path form a working Kubernetes cluster to a production-ready one can be rough and complicated, with lots of things to think of, and many pitfalls to avoid. In this talk Kevin & Horacio will share with you the common pitfalls and their best known antidotes, in order to make sure that you deliver a secure and highly available Kubernetes to your end-users.

After sharing with you a cost-effective HA setup for a typical Kubernetes production environnement, Kevin and Horacio will cover the basic security best practices, adapted to any enterprise context.

They will also discuss some of the most recognized CNCF projects tools to enhance Kubernetes observability, reliability, security and management.

Speakers

Horacio Gonzalez

DevRel, OVHcloud

Spaniard lost in Brittany, coder, speaker, dreamer and all-around geek.After some years as [Warp 10](https://twitter.com/warp10io) frontend leader as Cityzen Data (now [SenX](https://twitter.com/SenXHQ)), Horacio works as DevRel Leader at [OVHcloud](https://twitter.com/OVHcloud... Read More →

Kevin Georges

Engineering Manager, OVHcloud

Working at OVH since 3 year. He managed the kubernetes as a service offer on top of openstack.Kevin has spoken at conferences like the Open Infrastructure Summit in Shanghai in 2019, and in many meetups and regional conferences

Close Captioning Transcripts DEFU 6576 txt

2020 08 18 Kubecon Europe From Minikube to Production, Never Miss a Step in Getting Your K8s Ready pdf

Monday August 17, 2020 15:05 - 15:40 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

101 Track

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/q3pfpzWPgK8

15:05 CEST

Tutorial: From Notebook to Kubeflow Pipelines with HP Tuning: A Data Science Journey - Stefano Fioravanzo & Ilias Katsakioris, Arrikto

An introduction to Kubeflow, the ML toolkit for K8s and the workflows you can use as a data scientist to scale up your ML code effortlessly.

Ever thought how hard it is to convert your Jupyter Notebooks into deployable and composable pipelines, scale up computation and run hyperparameter tuning? With Kubeflow, this process becomes extremely easy as you make use of the many components of this ML toolkit: Pipelines, Kale, Katib, Snapshot Store.

You will learn how to deploy Kubeflow in minutes, explore your ML code inside a Jupyter Notebook, convert it to a composable and scalable workflow with the click of a button, make the pipeline reproducible using immutable snapshots, go back in history and debug it, run hyperparameter tuning and distribute your computation.

Did we mention you won’t need any specific SDK or CLI command to do this? Sounds like magic? Come and see for yourself!

Speakers

Ilias Katsakioris

Software Engineer, Arrikto

Ilias Katsakioris is a Software Engineer at Arrikto. He holds a Diploma in Electrical and Computer Engineering from the National Technical University of Athens. He is a Kubernetes and Kubeflow enthusiast, and he has been contributing to the Kubeflow project for almost a year. His... Read More →

Stefano Fioravanzo

Product Manager, Arrikto

Stefano Fioravanzo is a Product Manager at Arrikto. His focus is on building a delightful and functional Machine Leaning development platform. OSS advocate and creator of the Kale project, he loves technical challenges and solving complex problems and always strives for clean and... Read More →

August 17 Tutorial From Notebook to Kubeflow Pipelines with HP Tuning A Data Science Journey pdf

Close Captioning Transcripts CUSJ 1722 txt

Monday August 17, 2020 15:05 - 16:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials, Machine Learning + Data

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/QK0NxhyADpM

15:05 CEST

Tutorial: Getting Started With Cloud Native Security - Liz Rice, Aqua Security & Michael Hausenblas, Amazon

This tutorial will get you off the ground with Kubernetes security basics, using live demos and examples to work through yourself.

We’ll start with possible attack vectors, to help you map out the threat model that applies to your cluster, so you can figure out where you need to focus your efforts for security.

We’ll show you how to compromise a deployment with a pod running with a known vulnerability. Once you’ve had the attacker’s eye-view, we’ll walk you through the most important techniques and open source tools to prevent compromise.

· Using secure Kubernetes settings
· Including vulnerability scanning in your workflow
· Configuring pods to run securely (eg avoiding unnecessary privileges)
· Using GitOps to restrict user access to your cluster and provide an audit trail

You’ll leave this tutorial armed with practical actions for securing your deployment.

Speakers

Liz Rice

Chief Open Source Officer, Isovalent

Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She sits on the CNCF Governing Board, and on the Board of OpenUK. She was Chair of the CNCF's Technical Oversight Committee in... Read More →

Michael Hausenblas

Developer Advocate, Amazon Web Services

Michael is a Developer Advocate at AWS, part of the container service team, focusing on container security. Michael shares his experience around cloud native infrastructure and apps through demos, blog posts, books, and public speaking engagements as well as contributes to open source... Read More →

Close Captioning Transcripts UJJB 5046 txt

Monday August 17, 2020 15:05 - 16:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials, Security + Identity + Policy

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/MisS3wSds40

15:05 CEST

Tutorial: Using BPF in Cloud Native environments - Alban Crequy & Marga Manterola, Kinvolk

Kubernetes provides a high-level abstraction layer that makes it easy to deploy distributed computing resources without knowing what’s happening in the kernel and applications. But when debugging, Kubernetes does not provide any help in inspecting these low-level details.

We showcase the following tools specifically designed for running on Kubernetes:
- Inspektor Gadget, built on BPF Compiler Collection (BCC) and traceloop
- kubectl-trace, built on bpftrace

These allow devops teams to answer debugging questions such as:
- What were the last system calls executed before the crash?
- Was this function called? With which arguments and return value?
- Which TCP packets were retransmitted?
- Which queries run slow?
- Was this file opened?

You'll need access to a Linux machine and a Minikube installation. Please follow the instructions at https://github.com/kinvolk/cloud-native-bpf-workshop

Speakers

Alban Crequy

Co-founder and Director of Kinvolk Labs, Kinvolk

Alban is Co-founder of Kinvolk and director of engineering for Kinvolk Labs. He has a particular interest in integrating BPF into Kubernetes. He’s a maintainer of the gobpf library and has worked on software in the cloud space using BPF with Golang: Weave Scope, Traceleft, Project... Read More →

Marga Manterola

Staff Software Engineer, Kinvolk

A Debian Developer and Open Source enthusiast, Marga has been working with Linux for over 15 years. Back in her hometown of Buenos Aires she led a large migration to Linux and open source tools, where she learned to navigate the tricky line between satisfying user needs and keeping... Read More →

Close Captioning Transcripts GZMD 2351 (1) txt

KubeCon EU 2020 BPF Tutorial pdf

Monday August 17, 2020 15:05 - 16:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials, Observability

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/QhPXf4YFaJg

15:50 CEST

Help! My Cluster Is On The Internet: Container Security Fundamentals - Samuel Davidson, Google

You know security is important, but what does that actually mean in containers and Kubernetes, and more importantly, what are you supposed to do about it? If you’re new to Kubernetes, or at least Kubernetes security, this session will cover the fundamental concepts in container security -- including supply chain security and runtime security -- and give you context for the security tooling and open source projects like Falco and Open Policy Agent you will encounter in the cloud native ecosystem. We’ll use a real world example (“Oh no! This cluster is open to the internet!”) and cover a cheat sheet that you help you prevent bad things from happening.

You should expect to leave this session with a mental model of how to think about container security, a list of security-related decisions you need to make on “day 0," and resources for how to keep security front and center in your team.

Speakers

Samuel Davidson

Security Engineer, Google

Kubernetes Security for Google Cloud

Kubecon EU 2020 Samuel Davidson pdf

Close Captioning Transcripts AZRD 8198 txt

Monday August 17, 2020 15:50 - 16:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

101 Track

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/lEH7lEcCNeQ

16:25 CEST

Break

Monday August 17, 2020 16:25 - 16:55 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Breaks

16:30 CEST

CNCF Membership Benefits Office Hours

Have questions regarding CNCF membership benefits or what marketing programming you can participate in as a member? Join Katelin Ramer, CNCF Business Development Manager, and special guest, Kim McMahon, CNCF & RISC-V Director of Marketing, for office hours via Zoom during KubeCon Europe. Bring your questions and/or ideas to share and they will help ensure you’re making the most of your participation.

To be added to one of the office hours, email Katelin at kramer@linuxfoundation.org. See you there!

Monday August 17, 2020 16:30 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CNCF Membership Benefits Office Hours

16:55 CEST

Welcome to CloudLand! An Illustrated Intro to the Cloud Native Landscape - Kaslin Fields, Google

Like a kid in a theme park, the number of shiny exciting new technologies teams encounter as they move into and re-architect for the cloud can be overwhelming. Thus we welcome you, to CloudLand! Adopting the cloud comes with a lot of questions to explore and tools to learn. Why should I care about "Cloud Native?" What technologies count as “Cloud Native?" What Cloud Native technologies does my team/business need and why? Through colorful illustrations and a memorable theme park analogy, you will learn:
How to identify "Cloud Native" technology and why it matters,
The key characteristics of categories of technologies from the CNCF Landscape,
And get an introduction to many of the individual CNCF projects that fill in the Cloud Native Landscape.

Speakers

Kaslin Fields

Developer Advocate, Google

Kaslin Fields is a Developer Advocate at Google Cloud & contributor to Open Source Kubernetes. She is passionate about making technology accessible to a broad audience through creating content in many forms, such as videos, blogs, documentation, and even comics which she illustrates... Read More →

KubeConEU CloudLand Virtual pdf

Close Captioning Transcript VSRV 8898 txt

Monday August 17, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

101 Track

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/BG2DoNh8vyc

16:55 CEST

Tutorial: Building Secure & Decentralized Global Applications on Kubernetes with NATS - Waldemar Quevedo, Synadia

Learn how to build applications that span across more than one Kubernetes region by using a NATS based global communications network. In this talk, it will be covered how to setup a globally available NATS cluster using multiple Kubernetes regions from 4 different clouds (AWS, Digital Ocean, GKE & Azure) using NATS gateways and leafnode connections, as well as how to create applications that take advantage of the NATS decentralized authorization model by showing how to implement a simple Slack-like clone that runs under your terminal.

Attendees of this session will be able to follow through the implementation of the service (and interact with each other!) during the talk, to run the examples it is recommended to have Docker installed.

Speakers

Wally Quevedo

Software Engineer, Synadia

Waldemar Quevedo is a core maintainer of the NATS.io project and author of "Practical NATS". He currently works at Synadia Communications, Inc., developing a global communications network based on NATS.io called NGS.Before joining Synadia, he worked on a container orchestration system... Read More →

Close Captioning Transcripts LZRP 6967 txt

Monday August 17, 2020 16:55 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials, Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/kN-GbWRVFos

16:55 CEST

Tutorial: Communication Is Key -- Understanding Kubernetes Networking - Jeff Poole, Vivint Smart Home

Networking in Kubernetes has several aspects, including DNS, iptables, routing, software bridges, IP assignment, network policies, etc. While the practices for understanding the network were fairly easy to translate from physical servers to virtual machines, the level of complexity increases greatly when moving to containers in Kubernetes.

This tutorial will explain several of the networking concepts used in Kubernetes with accompanying lab exercises in a virtualized environment so that participants will become comfortable looking under the hood at how a Kubernetes cluster is working (or not working, as the case may be).

The material will be designed for people comfortable with SSH, bash, kubectl, and basic networking concepts, and will fill in the more advanced networking knowledge as the tutorial progresses. Please have Vagrant + VirtualBox installed to run the labs locally.

Speakers

Jeff Poole

Director, Platform Engineering, Vivint Smart Home

Jeff Poole is currently an engineering director over both operations and development teams at Vivint Smart Home, where his team maintains the backend platform that powers the smart home and security aspects of Vivint’s products. Over his career, he has held a diverse collection... Read More →

Communication is Key pdf

Close Captioning Transcripts AJXH 0070 txt

Monday August 17, 2020 16:55 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials, Networking

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/InZVNuKY5GY

16:55 CEST

Tutorial: Hands-On Intro to Cloud-Native CI/CD with Tekton - Jan Kleinert & Joel Lord, Red Hat

This hands-on tutorial introduces the key concepts of Tekton, a flexible, Kubernetes-native CI/CD framework that enables the automation of deployments across multiple platforms - including Kubernetes, serverless, and VMs - by abstracting away the underlying details.

In this tutorial, participants will:

- Learn about fundamental Tekton concepts and benefits and how to use the tkn CLI
- Install tasks and learn about task catalogs
- Create a pipeline for building, testing, and deploying an application on Kubernetes
- Add pipeline resources
- Trigger a pipelinerun
- Deploy the application using a pipelinerun

Pre-requisites:
Install the following prior to the tutorial:

minikube:https://kubernetes.io/docs/tasks/tools/install-minikube/ (Kubernetes v1.16 or higher)
tkn CLI: https://github.com/tektoncd/cli
(optional) VS Code Tekton extension: https://marketplace.visualstudio.com/items?itemName=redhat.vscode-tekton-pipelines

Speakers

Jan Kleinert

Manager, OpenShift Developer Advocates, Red Hat

Jan Kleinert leads the OpenShift Developer Advocate team at Red Hat, where she focuses on OpenShift and the developer experience for developers working with containers and Kubernetes. Prior to joining Red Hat, she worked in a variety of roles ranging from developer relations to web... Read More →

Joel Lord

Developer Advocate, Red Hat

Joel Lord is passionate about web and technology in general. He likes to learn new things but most of all, he likes to share his discoveries. He does so by traveling at various conferences all across the globe. As a developer advocate for Red Hat OpenShift, he meets with developers... Read More →

Close Captioning Transcripts LZRP 6967 txt

Monday August 17, 2020 16:55 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials, CI/CD

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/CnVCgMRE4xI

16:55 CEST

Tutorial: KubeEdge Hands on Workshop -- Build Your Edge AI App on Real Edge Devices - Zefeng Wang, Huawei & Zhang Jie, China Unicom

Here a hands-on KubeEdge workshop is proposed which ideally will run through the full length of the conference.

This workshop is intend to invite participants to get hands on experience building a real edge computing solution with KubeEdge, end-to-end.

Starting from deploying and provisioning an edge node(e.g. raspberry Pi), followed with device modeling and connectivity setup, then building a video stream machine learning based solution.

Through this exercise, participants will get first hand experience to understand the orchestration engine build on top of kurbenetes, understand the edge computing node setup mechanism, learn the device modeling concept for IoT Edge scenarios. And develop a state-of-art AI based video stream processing flow, all in a 30 minutes session.

Speakers

Kevin Wang

Lead of Cloud Native Open Source Team, Huawei Cloud

Kevin Wang is a contributor in the CNCF community since its beginning, leader of the cloud native open source team at Huawei, and co-founder of the CNCF KubeEdge, Volcano and Karmada projects.Kevin has contributed to Kubenretes upstream for years and now spends 100% of his work and... Read More →

Zhang Jie

Principal Engineer, China Unicom

kccnceu KubeEdge Tutorial pdf

1 device control demo mp4

2 facial recognition demo mp4

Close Captioning Transcripts RDAR 6446 txt

Monday August 17, 2020 16:55 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Tutorials

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/OkenX0U2y08

17:00 CEST

Meet the Maintainer: Crossplane

Monday August 17, 2020 17:00 - 18:00 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

17:00 CEST

AWS Container Day 2020 Amsterdam hosted by AWS (Complimentary Registration Required)

Join us for AWS Container Day at KubeCon Europe 2020! In this full-day virtual event, we’ll cover how Amazon EKS makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS. Join us for a day of technical deep dives, product demos, and product announcements. The AWS Kubernetes team will be streaming on Twitch all day, ready to answer your questions.

How to Register: Pre-registration is required. Please register for AWS Container Day here! The schedule run time is 8:00 am - 4:00 pm PT (17:00 -1:00 on Tuesday, August 18).

For questions regarding this event, please reach out to containers-pmm@amazon.com.

Monday August 17, 2020 17:00 - Tuesday August 18, 2020 01:00 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Co-Located Events

17:40 CEST

Panel: Ask Me Anything About Service Mesh - Lin Sun & Daniel Berg IBM; Christian Posta, Solo.io; Oliver Gould, Buoyant; & Sven Mawson, Google

As part of the cloud native journey, users are leveraging service mesh to solve the rising challenges of microservices in a consistent manner such as how to observe microservices, how to handle network failures, how to control traffic and how to secure microservices etc. without redeploying their services. Join us for a live interactive session where our panel of service mesh experts will address your most challenging inquiries around service mesh!

Speakers

Daniel Berg

Distinguished Engineer, IBM

Daniel is an IBM Distinguished Engineer responsible for the container and service mesh technical strategy within IBM Cloud. He has direct responsibility for the technical architecture and delivery of the IBM Cloud Kubernetes Service providing managed Kubernetes clusters worldwide... Read More →

Lin Sun

Senior Technical Staff Member, IBM

Lin has been working on container and cloud-native since 2014 from Docker to Kubernetes to Service Mesh. She is currently an Istio maintainer, a member of the Istio steering committee and technical oversight committee. She is passionate about new technologies and loves to play with... Read More →

Sven Mawson

Principal Software Engineer, Google

Sven is one of the founders of Istio, the open source Service Mesh, and he is a Principal Software Engineer at Google. He joined Google in 2006, and has spent the past 15+ years working on several generations of Google's API and Service Management platforms, beginning with the AtomPub-based... Read More →

Oliver Gould

CTO, Buoyant, Inc.

Oliver is the CTO & co-founder of Buoyant, where he leads engineering. Prior to founding Buoyant, he was a staff infrastructure engineer at Twitter, where he led the Observability, Traffic, and Configuration & Coordination teams---projects essential to Twitter's adoption of a modern... Read More →

Christian Posta

Solo.io, Global Field CTO

Christian Posta (@christianposta) is Global Field CTO at Solo.io, and well known in the cloud-native community for being an author (Istio in Action, Manning, Microservices for Java Developers, O’Reilly 2016), blogger, speaker, open-source enthusiast and contributor to various open-source... Read More →

Close Captioning Transcripts ZDVT 8584 txt

Monday August 17, 2020 17:40 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

101 Track

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/3BOfbgbHDY0

17:45 CEST

Meet the Maintainer: containerd

Monday August 17, 2020 17:45 - 18:45 CEST
Virtual Project Pavilion - Zoom Room 2

Meet the Maintainers

18:15 CEST

Virtual Sponsor Booth Crawl

Get a sneak peek of the virtual exhibit halls on Day 0! Visit our sponsor booths to watch the latest demos, talk to experts, and score some swag.

Monday August 17, 2020 18:15 - 19:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

18:30 CEST

Meet the Maintainer: Longhorn

Monday August 17, 2020 18:30 - 19:30 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

12:30 CEST

Meet the Maintainer: Serverless Workflow Specification

Tuesday August 18, 2020 12:30 - 13:30 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

12:30 CEST

Expo Hall

Visit our sponsors in the virtual exhibit halls to try the latest demos, talk to experts, and score some swag.

Tuesday August 18, 2020 12:30 - 21:00 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

12:30 CEST

Sponsor Demo Theater

Cisco All Your Policies Are Belong To Us Cisco pdf

DataStax Cloud Native Cassandra Deploying on Kubernetes with cass operator pdf

HPE UTILIZING KUBERNETES Handout pdf

Tuesday August 18, 2020 12:30 - 21:00 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

13:00 CEST

Deliver Your Cloud Native Application with Design Pattern as Code - Jun Makishi & Rintaro Sekino, NTT Communications

As Cloud Native landscape is evolving, and many practices become outdated quickly, it is hard to follow best practices for integrating Cloud Native tools.
NTT Communications has introduced a new idea to manage such integration: Design Pattern as Code. We break a Cloud Native architecture into a small portion of design pattern per context to make it reusable and composable. As this approach enables sharing a well designed and maintained integration pattern across organizations, our software delivery becomes safe and scalable.
We will throw a live demo to build an application from some practical design patterns to turn it to Cloud Native application and delivery it to production safely.
We leverage Tekton, Cuelang, and many other Open Source tools, and we will give all participants our insight to use those tools to achieve such scalable application delivery

Speakers

Jun Makishi

Senior Architect, NTT Communications

Jun Makishi is a senior architect at NTT Communications. Leading multiple NTT's SDN projects for 6 years, he has archived to create a software defined networking platform for enterprise cloud. Leveraging this experience, he has joined a DevOps platform project as a platform archi... Read More →

Rintaro Sekino

Site Reliability Engineer, NTT Communications

Rintaro Sekino is a SRE at NTT Communications. Making CI/CD pipelines to improve a product release cycle, he has joined a DevOps platform project as a DevOps lead.Previously, he was working on SDN controller development for enterprise cloud. Also has 4 years experiences of carrier... Read More →

Deliver Your Cloud Native Application with Design Pattern as Code pdf

Close Captioning Transcript ZBMM 9536 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/PHajuKqjNs8

13:00 CEST

Migrating Transactions Worth Billions of $ to Service Mesh With No Downtime - Mahendra Kariya & Shishir Joshi, Gojek

The word “Fintech” is generally associated with legacy systems and technologies. But that’s not the case at Gopay, one of the biggest payments companies in South East Asia. Gopay processes transactions worth billions of dollars, with peak scale of more than 15000 financial transactions per minute. Gopay has heavily adopted Kubernetes to run its few hundred microservices and has very recently migrated to a service mesh based architecture.

This talk is a case study of why Gopay chose to move to service mesh, and how it was accomplished with zero downtime. Mahendra will cover some of the critical decisions made by the team, the overall approach for migration, along with a few interesting war stories. He will also discuss the criticality of monitoring the health of service mesh and how the team is doing it using Prometheus and Cortex.

Speakers

Mahendra Kariya

Tech Lead, GOJEK

Mahendra joined Gojek back in 2016, when it was a unicorn. He is part of the core engineering team, that has seen the company become the first decacorn of Indonesia. Currently, Mahendra is leading the initiative to migrate Gopay - a Gojek product and the leading digital payments ecosystem... Read More →

Shishir Joshi

Product Engineer, Gojek

Interested in distributed systems, code and software practices. He has been writing code for 17 years and started earning a wage by writing code for 8 years.

Kubecon EU Virtual pdf

Closed Caption Transcript FZER 0084 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/OY0CxiKbX2o

13:00 CEST

Build an Automatic Canary Release Pipeline in a Kubernetes-native Way - Ying Chun Guo, IBM

Tekton and Knative are two Kubernetes-native open source projects to extend Kubernetes capabilities. They have defined a series of powerful and flexible Kubernetes objects, in order to build CI/CD pipeline, to create event driven flows, and to manage serverless applications. This presentation will introduce and demonstrate how Tekton and Knative collaborate seamlessly to build an automatic canary release pipeline in a Kubernetes-native way.

In this session, you will learn how to monitor CI/CD events with Knative Eventing, how to extract information from events payloads and feed these information into a CI/CD pipeline with Tekton Trigger, how to define a k8s-style pipeline to build and deploy serverless applications with Tekton Pipeline, how to manage traffics with Knative Serving, and more importantly, how these components work together to build the automatic canary release pipeline.

Speakers

Ying Chun Guo

Software Engineer, IBM

Ying Chun Guo, known as “Daisy”, is an open source developer in IBM China development lab. She has several years experiences in open source communities, starting from OpenOffice, then OpenStack, and recently serverless platforms Apache OpenWhisk and Knative. Now she concentrates... Read More →

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/xK1QD_aZWq8

13:00 CEST

Be a Good Corporate Citizen in Kubernetes - Dawn Foster, VMware

As an employee, it can be difficult to strike the right balance between the needs of the company and the needs of the open source Kubernetes project. This can create friction and put significant pressure on employees who participate in Kubernetes on behalf of their company when the needs of the individual, the company, and the community are not aligned. This talk will focus on ways to create this alignment between individuals, companies, and the community required to be successful participants in Kubernetes.

The talk contains three major sections:
* How collaboration happens within the Kubernetes project.
* How to build a strategy for participation that will benefit your company, your employees, and the Kubernetes community.
* Tips for being a good corporate citizen as you contribute to Kubernetes.

Speakers

Dawn Foster

Director of Open Source Community Strategy, VMware

Dawn is the Director of Open Source Community Strategy at VMware within the Open Source Program Office. She has 20+ years of experience at companies like Intel and Puppet with expertise in community building, strategy, open source software, metrics, and more. She is passionate about... Read More →

GoodCorpCitizenK8s final pdf

Closed Caption Transcript KLTS 1434 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/3johr2CCeZw

13:00 CEST

34 Truths We Learned About Kubernetes and Edge - Saiyam Pathak, Walmart Labs & Karthik Gaekwad, Oracle

Running Kubernetes on the Edge has gained a lot of popularity this year, but it is still complicated to develop, deploy, and maintain at scale.

In this talk, the speakers will demo how to run Kubernetes on Raspberry Pi clusters at scale from their experiences at Walmart Labs and Oracle Cloud. They will demo machine learning use cases on Raspberry Pi's using the K3s distribution.

Further, they will go into details of why K3s might be a good fit for k8s running on edge scenarios, how it is different from the regular kubernetes distribution, and how it works under the hood.

Talk outline:
Introduction to kubernetes and Edge computing
Problems faced with Edge devices involving kubernetes
K3s solutions for the Edge
Demo: Running kubernetes on Raspberry Pi's using k3s
Challenges using k3s on edge devices
Speaker Recommendations for kubernetes on edge

Speakers

Karthik Gaekwad

Internal Developer Relations, Google

Karthik Gaekwad is a veteran engineer who enjoys learning and building software and software products using cloud and container technologies.He has worked in large enterprises and startups, with his career spanning companies like Signal Sciences, StackEngine, Oracle, Verica. He currently... Read More →

Saiyam Pathak

Director of Technical evangelism, Civo

Saiyam is working as Director of Technical Evangelism at Civo, focusing on defining the Civo cloud platform for simplifying Kubernetes and making it accessible for developers. Previously at Walmart Labs, Oracle, and HP, Saiyam has worked on many facets of k8s including machine learning... Read More →

Closed Caption Transcript XDVP 4828 txt

34 Truths Kubecon 2020 2 pdf

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Customizing + Extending Kubernetes

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/2Eqg-oKRIR8

13:00 CEST

Anatomy of a Kubernetes Release: Success Through Team and Tools - Sascha Grunert, SUSE & Daniel Mangum, Upbound

As Kubernetes is one of the biggest open-source projects worldwide, the creation of a new release can be an overwhelming topic. The major burden is not only to release a new version every three months, but also to provide stability and security fixes over the whole support period of a release. In this talk, we will cover the details behind the lifecycle of a Kubernetes release. The presentation will contain everything from assembling the Release Team before the actual cycle begins up to maintaining the release branches, which provide continuous patch releases to the community. The talk will outline the technical process of branch management by covering all of the necessary stages during the release cycle. We will also demonstrate our Release Engineering tooling and dive into the design decisions we’ve made as a group that shape the overall process.

Speakers

Daniel Mangum

Principal Software Engineer, Upbound

Daniel Mangum is a Principal Software Engineer at Upbound and a maintainer of Crossplane, an open source CNCF incubating project. He has served in a variety of roles in the upstream Kubernetes project, most recently as a Tech Lead of SIG Release, and is active in multiple other open... Read More →

Closed Caption Transcript STCE 9765 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/Oro1XiuQrSg

13:00 CEST

Cloud Native Policy Deep Dive - Zhipeng Huang, Huawei & Erica von Buelow, Red Hat

In this session we will discuss many open source initiatives that the Policy WG have been discussing, including policy formal verification, Policy Violation CRD, Runtime Policy Interface and so forth

Speakers

Zhipeng Huang

Senior OpenSource Engineer, Director AI Open Source,, Huawei, Huawei

Zhipeng Huang currently serve as open source community manager for MindSpore. Zhipeng is now the TAC member of LFAI, TAC and Outreach member of the Confidential Computing Consortium, co-lead of the Kubernetes Policy WG, project lead of CNCF Security SIG, founder of the OpenStack Cyborg... Read More →

Erica von Buelow

Software Lead, Red Hat

Closed Caption Transcript HBGE 1989 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/GSeC49v1NRw

13:00 CEST

CRI-O: Development Process & How to Contribute - Urvashi Mohnani & Peter Hunt, Red Hat

Are you interested in contributing to Cloud Native projects, or open source, but are unsure on where to start? The CRI-O community strives to be welcoming and accessible for new contributors, and would love your help!
Urvashi Mohnani and Peter Hunt will dive into the basic workflow behind open source development, using CRI-O as an example. They will walk attendees through the entire process of contribution, including: finding a bug or feature to work on, submitting a PR, cooperating with the needs of CI/CD systems, the approval process, and having their work integrated downstream. After seeing this talk, budding community members should be ready to submit their first contribution to CRI-O.

Speakers

Urvashi Mohnani

Senior Software Engineer, Red Hat

Urvashi Mohnani is a Senior Softwar Engineer on the OpenShift Runtimes team at Red Hat. She has spent the last few years working on container technologies such as podman, buildah, cri-o, and OpenShift. She has given talks at multiple conferences about her work and also spends some... Read More →

Peter Hunt

Senior Software Engineer, Red Hat

Peter Hunt is a Senior Software Engineer working on Openshift at Red Hat. Passionate about free software, Peter focuses on maintaining CRI-O, attending SIG node, and ~writing~ squashing bugs. Outside of the virtual world, Peter likes collecting floral-printed pants, gardening, and... Read More →

Closed Caption Transcript KMVK 7998 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/0MB5tUT4u3Q

13:00 CEST

Intro to Rook: Storage for Kubernetes - Jared Watts, Upbound & Alexander Trost, Cloudical

In this talk, the Rook project will be introduced to attendees of all levels and experience. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook turns storage software into self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. The benefits and use cases of Rook will be explored along with an overview of each of the Rook storage providers: Ceph, EdgeFS, YugabyteDB, Cassandra, NFS, and CockroachDB. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.

Speakers

Jared Watts

Founding Engineer, Upbound

Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by enabling anyone to build their own cloud platform. He is also a founder and maintainer for the open source Rook (https://rook.io) and Crossplane (https://crossplane.io) projects... Read More →

Alexander Trost

Founding Engineer, Koor Technologies, Inc

I'm Alexander Trost, Founding Engineer of Koor Technologies, Inc. and maintainer of the Rook project. I'm happy to talk about anything container, storage and container storage related.

Intro to Rook Storage for Kubernetes pdf

Closed Caption Transcript PYOK 0777 (1) txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/dA29dIK6g5o

13:00 CEST

Intro: Harbor - Enterprise Cloud Native Artifact Registry - Alex Xu & Steven Ren, VMware

As container technology becomes widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage containerized application packages with either container image or Helm Chart format. Project Harbor is an open-source trusted cloud native registry project that stores, manages, signs, and scans content, thus resolving common image or Helm Chart management challenges. In this presentation, we will focus on the management of container images and Helm Charts through Harbor. We will review and provide solutions to the challenges faced by organizations, including RBAC (Role-Based Access Control), content replication, pluggable vulnerability scanning, large scale content distribution, content trust (notary), webhook, tag retention, online GC and DevOps integrations, etc.. Real-world use cases will be discussed in the session. Of course, fantastic demos will be shown to let you easily understand the related use cases.

Speakers

Steven Ren

Senior Manager, VMware

Alex Xu

Product Manager, VMware

Closed Caption Transcript AUVG 7790 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/zGK0Nre21Eo

13:00 CEST

Kubernetes SIG Architecture Intro and Update - Derek Carr, Red Hat & Davanum Srinivas, VMware

SIG Architecture maintains and evolves the design principles of Kubernetes, and provides a consistent body of expertise necessary to ensure architectural consistency over time. The SIG takes care of evolution of conformance definitions, API definitions/conventions, deprecation policy, design principles, and other cross-cutting concerns.

In this talk, we will provide an introduction to SIG architecture, including its role and the various subprojects that support its activities. Additionally, we will provide a community update on the status of those efforts.

Speakers

Derek Carr

Distinguished Engineer, Ancestry

Davanum Srinivas

Principal Engineer, Amazon Web Services

TOC member and Chair of SIG Architecture for Kubernetes

Closed Caption Transcript LBUR 1453 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/igcgbi6VfRM

13:00 CEST

Securing Container Delivery with TUF - Lukas Puehringer, NYU

One of the most pressing security problems in cloud native is the secure delivery of container images. Common solutions addressing this problem live under the assumption that a signing key, used to protect an artifact or its distribution, is kept safe. But time has shown again and again that this assumption is faulty, and that a single key loss or compromise can cause enormous damage. That is why The Update Framework (TUF) was designed not only to prevent and detect attacks, but also with risk mitigation (reducing the damage from a successful attack) as a core principle. Being the first security-focused project to graduate in the CNCF, TUF is widely used both in and outside of the cloud ecosystem. In this talk we will describe the basic architecture of TUF including how TUF protects against a variety of real-world attacks on any software distribution infrastructure. We will show how even if an organization makes a security error (a server is hacked, a private key is checked into github, etc.), TUF can bring a repository back into a secure state.

Speakers

Lukas Pühringer

Researcher / Engineer, NYU Tandon School of Engineering

Lukas Pühringer is a research scholar and software developer at the NYU Center for Cyber Security (CCS), where he leads the development of The Update Framework (TUF), and has been co-maintaining several of Prof. Justin Cappos’ software projects, most notably the supply chain security... Read More →

Aug18 Securing Container Delivery With TUF Lukas Puehringer pdf

Closed Caption Transcript AAMW 7156 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/GJP0_DEW-ro

13:00 CEST

Building the Cloud Native Telco with Network Service Mesh - Ivana Atanasova & Radoslav Dimitrov, VMware

Nowadays, the rapid technology development, significant increase of the number of connected devices and overall generated traffic, are challenging the networking solutions to evolve fast. Those solutions would hardly meet the higher demands for scalability and resiliency without adopting a cloud-native approach. Therefore, network service providers, like ISPs and Telco operators, are at the point of looking for a way to adopt the new cloud-native paradigm for their sophisticated network demands. Network Service Mesh is a CNCF project that offers a potential solution. In this talk we are going to introduce the approach Network Service Mesh is using to solve complicated L2/L3 challenges in Kubernetes and provide an example of building real cloud-native network topology using the tools provided by the NSM project. We are also going to show a demo of that topology implementation with NSM.

Speakers

Ivana Atanasova

Open Source Software Engineer, VMware

Ivana Atanasova is an Open Source Engineer in VMware's Open Source Program Office, where she has contributed to a variety of projects, including Tern, Python-TUF, CHAOSS' Augur, Network Service Mesh, OpenFaaS and others. Previously, Ivana worked at the Bulgarian Academy of Science... Read More →

Radoslav Dimitrov

Open Source Engineer, VMware

Radoslav Dimitrov is working as a full-time Open Source Software Engineer at VMware. Currently, he’s contributing to the Network Service Mesh project, but before that, he was working on other open-source projects like OpenStack, OPNFV, QEMU and OpenFaaS. He has spoken at previous... Read More →

KubeCon Virtual 2020 NSM pdf

Closed Caption Transcript UNXB 8499 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/zPKCZxHrERU

13:00 CEST

ClusterAPI: A Guide to Get Started - Katie Gamanji, American Express

In the past years, Kubernetes has been the nucleus of container orchestration frameworks. With the growing number of microservices, managing clusters at scale has become an imperative requirement. Additionally, from a technological landscape standpoint, the cloud platform teams are highly focused on delivering scalable, reliable and highly available platforms.
At Condé Nast, this constitutes in having a stable and coherent approach to deploy, manage and upgrade multiple Kubernetes clusters that are distributed globally. Also, it is imperative to keep the life-cycle management of the clusters consistent across all regions. Henceforth, this talk aims to present an overview of how Condé Nast prototypes tools, such as ClusterAPI, to ensure a sustainable cluster provisioning mechanism.

Speakers

Katie Gamanji

Senior Field Engineer, Apple

Katie is a cloud native leader, practitioner, and contributor, currently in a Senior Kubernetes Field Engineer role at Apple and a TOC for CNCF (Cloud Native Computing Foundation). As a cloud platform engineer, Katie has built the infrastructure for Conde Nast and American Express... Read More →

Closed Caption Transcript YLXX 1172 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/EgMNy-wAm4A

13:00 CEST

Startup Containers in Lightning Speed with Lazy Image Distribution - Kohei Tokunaga, NTT

Pulling image is one of the time-consuming steps in the container startup process. The most critical factor is the current OCI Image Spec with which a container cannot be started until its all image layers are downloaded. However, most of the contents in image layers are not being used for real-world workloads.

In this talk, Kohei will show state-of-the-art alternative image formats which lead to faster container startup by allowing container runtimes to start a container without waiting for all its contents to be locally available. He will also introduce CNCF containerd's fast image distribution approach "Remote Snapshotter" which leverages these formats (https://github.com/containerd/containerd/issues/3731). Finally, he will share the status of his current work on the remote snapshotter implementation and how to take advantage of the new functionality.

Speakers

Kohei Tokunaga

Software Engineer, NTT Corporation

Kohei Tokunaga is a software engineer at NTT Corporation, a Japan-based telecommunication company. He is a reviewer of CNCF containerd and a maintainer of BuildKit. He has talked about topics around container runtimes at FOSDEM, KubeCon+CloudNativeCon, and Japan-based events including... Read More →

lazy image distribution pdf

Closed Caption Transcript KFJL 7059 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Runtimes

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/H4Lbi26CqNU

13:00 CEST

How This Innocent Image Had a Party in My Cluster - Amir Jerbi & Itay Shakury, Aqua Security

As security practices and tools for scanning container images are becoming increasingly popular, malicious actors are introducing sophisticated techniques to obfuscate their intent and evade scanning tools. The malware they plant cannot be detected using static analysis, or based on signatures. But dynamic analysis that runs the image, and then traces the activity of the running container can detect and document the entire multi-stage attack.

In this talk, we will review the evolution of these attacks as observed by Aqua’s security research team, and demonstrate the full chain of events and IoCs (indicators if compromise) that were detected. We will give practical advice on what developers and cluster admins should do to detect similar techniques, and the security controls the should be employed to reduce the chances of such an attack succeeding, as well as reduce its potential impact.

Speakers

Itay Shakury

VP Open Source, Aqua Security

Itay Shakury is the VP of Open Source at Aqua Security, where he leads engineering for open source, cloud native security solutions. Itay has some 20 years of professional experience in various software development, architecture and product management roles. Itay is also a CNCF Cloud... Read More →

Amir Jerbi

Co-founder and CTO, Aqua Security

Amir is the co-founder and CTO of Aqua Security, which he started 4 years ago. Before joining Aqua , he was the Chief Architect at CA Technologies and has 14 cloud and virtual security related patents and published papers. Amir is the co-organizer of the Tel Aviv Cloud Native Computing... Read More →

How This Innocent Image Had a Party in My Cluster pdf

Closed Caption Transcript ODTU 5110 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/Ut3rrtMOkXk

13:00 CEST

Stateful Serverless and the Elephant in the Room - Stephan Ewen, Ververica

Kubernetes and FaaS have solved most of the challenges of dealing with stateless applications. But when it comes to handling state, it quickly becomes “someone else's problem”. Because of that, we have struggled with the same issues of data consistency and complex failure semantics for the past decade. For stateful applications, we are still far from the smooth development and operations experience associated with serverless.
Stateful Functions is a new pattern to solve this problem. It uses containerized, event-driven functions with a stream processor (Apache Flink), not a database, to manage the state and handle the messaging between functions. This talk walks through the ideas behind Stateful Functions and shows how this simple framework solves the problem of consistency and failure semantics within and across functions, at the same time staying true to the serverless experience.

Speakers

Stephan Ewen

CTO, Ververica

Stephan Ewen is a committer and Project Management Committee member of the Apache Flink project. He is one of the original creators of Apache Flink and a co-founder and CTO of Ververica (formerly data Artisans), a Berlin-based company that is bringing real-time data applications to... Read More →

KubeCon Stateful Serverless and the Elephant in the Room pdf

Closed Caption Transcript DWRV 8598 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Serverless

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/7iAvBcMtaKI

13:00 CEST

Weaving a Mesh for Multiple Clusters at bol.com - Remco Overdijk, bol.com & James Brook, Google

Bol.com, the largest online retailer in the Netherlands, has many teams running services on Kubernetes in cloud and on-prem. Over time, they have grown out of a single cluster. They will explain how adopting Envoy and service mesh gives them resilient and uniform connectivity across clusters and datacenters, while optimizing costs.

The goal was to go all in on service mesh with a cautious and incremental approach. Injecting Envoy into hundreds of mission-critical pods needs care. You'll learn about the reasons for choosing service mesh, the journey, architecture, challenges and the lessons learned along the way.

Speakers

James Brook

Solutions Architect, Google

James Brook is a Solution Architect at Google. He works with Google's biggest customers to help them use cloud technology in new ways and solve complex problems. Before Google, James worked as an architect, engineer and manager in various industries, at a startup and even on submarines... Read More →

Remco Overdijk

System Engineer, bol.com

As a System Engineer in Bol.com’s Compute Infrastructure Operations team, Remco Overdijk works on improving reliability and features across the company’s diverse compute platforms, ranging from Kubernetes in the Cloud to Bare Metal in multiple datacenters. With a development background... Read More →

Closed Caption Transcript FOQR 0551 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Service Mesh

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/pq1HVV6QKzU

13:45 CEST

Kubernetes Patterns - Roland Huß, Red Hat

The way developers design, build, and run software has changed significantly with the evolution of microservices, containers and Kubernetes. This talk dives into common, reusable patterns and principles for designing and implementing cloud-native applications on Kubernetes.

This talk focus on the most established patterns. It will revisit basic patterns like "Predictable Demands" or "Service Discovery" but also dive into prominent patterns "Sidecar", "Elastic Scale" or "Operator". Live demos back this presentation.

This presentation is ideal for developers and architects who want to learn more about a pattern-based approach to implementing common Kubernetes usage scenarios.

Speakers

Roland Huss

Senior Principal Software Engineer, Red Hat

Dr. Roland Huss is a Senior Principal Software Engineer and architect for Red Hat OpenShift Serverless. He has been a developer for over 25 years now. However, he has never forgotten his roots as a system administrator. Roland is an active Knative contributor and former member of... Read More →

Closed Caption Transcript EOOC 4560 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/eJmNSYvelSw

13:45 CEST

Autoscaling at Scale: How We Manage Capacity @ Zalando - Mikkel Larsen, Zalando SE

As of October 2019 Zalando has ~140 Kubernetes clusters varying in size from 5 to 400 nodes. This talk goes over how different applications both stateful and stateless are autoscaled using the HPA(Horizontal Pod Autoscaler) and VPA(Vertical Pod Autoscaler) and also the cluster using the Cluster Autoscaler. More specifically the talk explains the limitations and workarounds to each of these scaling strategies and also the techniques used to monitor so that applications always have sufficient capacity. It also discusses common pitfalls while scaling with these controllers and finally concludes with proposed enhancements to these controllers which would make autoscaling more reliable and efficient.

Speakers

Mikkel Larsen

Senior Software Engineer, Zalando SE

Mikkel is a Senior Software Engineer working at Europe's leading online Fashion platform, Zalando since 2016. He works in the Cloud Infrastructure team focusing on Kubernetes and AWS infrastructure and has a big interest in Continuous Delivery and automation.

2020 08 18 Autoscaling at Scale How We Manage Capacity @ Zalando KubeCon EU 2020 pdf

Closed Caption Transcript FOGF 5728 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/XTUsVK9F_Ds

13:45 CEST

Escaping the Jungle - Migration to Cloud Native CI/CD - Anton Weiss, Otomato Software

In the last 2 years Otomato has been helping a number of software companies to migrate their complex systems to Cloud Native infrastructure. This included rebuilding the CI/CD processes and tooling based on Cloud Native concepts and tooling. In this talk Anton will present the challenges organisations face when switching to modern approaches in software delivery. We will cover the topics of:
- Providing unified kubernetes-based CI/CD infrastructure
- Scalable CI/CD Pipelines and Environments
- Component and Contract testing vs. End-to-End testing
- Managing Deployments with Helm
- Evaluating Service Meshes
- Making the switch to GitOps

Speakers

Anton Weiss

Principal Consultant, Otomato Software

Anton has been dealing with optimising software delivery for the last 19 years. Worked at BMC, AT&T and a number of startups. Led integration and operation teams. In the last 4 years has been helping companies to migrate to CI/CD and cloud native technologies as the co-founder and... Read More →

Closed Caption Transcript NFYQ 3860 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/kgVe5cWSMZQ

13:45 CEST

Kubernetes? But I'm a Product Manager… - Matthew McNeeney, Independent & Miguel Luna, VMware

Good product teams care deeply about their users and the experience they provide to them, yet many Product Managers shy away from conversations about Kubernetes, believing that it’s something for their engineering counterparts to think about. But this is a critical mistake; many of the benefits Kubernetes brings can be harnessed to deliver better products, faster.

The Kubernetes.io tagline is ‘Production-Grade Container Orchestration’, so it’s easy to see why Product Managers tend to leave it aside as an engineering concern. But much of the innovative work happening in the ecosystem can be used to ship software faster and deliver great user experiences. This talk will cover how Product Managers building different types of software can utilise features in Kubernetes to build extensible, scalable and cloud-agnostic products that drive better customer outcomes.

Speakers

Matt McNeeney

Product Manager, Independent

Matt is a Product Manager who has spent the last few years building products that enable developers to easily discover and consume the tools they need to get their applications into production. Matt has presented talks on all things marketplaces and service brokers at various conferences... Read More →

Miguel Luna

Senior Product Manager, VMware

Miguel is a Senior Product Manager at VMware involved in projects aimed at leveraging the automation benefits of Kubernetes Operators for Enterprise users. Miguel has an Industrial Engineering background and was previously leading the handset and devices product program at the British... Read More →

Kubernetes? But I'm a Product Manager pdf

Closed Caption Transcript GFXT 6617 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/Jes-xq7ZEpo

13:45 CEST

Is Sharing GPU to Multiple Containers Feasible? - Samed Güner, SAP

Provisioning GPUs for ML workloads in data center can be very costly and more costly if they are not fully utilized. Thus, maximizing the GPU utilization is a must for ML workloads.

This session will show how a single GPU can be used to run multiple ML workloads, especially ML inference, in parallel and will deep dive into the understanding of how GPUs are provisioned and attached using K8s device plugins. It will show how the nvidia device plugin can be extended to schedule multiple ML workloads to a single GPU and collect desired GPU information with Prometheus.

This session will highlight and deep dive into native GPU sharing using K8s device plugin without additional technologies such as vGPUs from VMware.

Speakers

Samed Güner

Senior DevOps Engineer, SAP

Samed Güner is currently working as a software engineer at SAP Artificial Intelligence embedding large scale AI into enterprise applications. He mainly works on infrastructure and K8s with a strong focus on leveraging DevOps principles. He previously worked on projects such as distributed... Read More →

Closed Caption Transcript ROBS 9800 txt

August 18 Is Sharing GPU to multiple Containers feasible pdf

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Machine Learning + Data

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/MDkltK5JLCU

13:45 CEST

Intro to Falco: Intrusion Detection for Containers - Shane Lawrence, Shopify

How do you protect Kubernetes clusters from malicious behavior? Role-based access control won't stop a user who's authorized to create pods from deploying hundreds of coin miners, and Intrusion Detection Systems at a network edge won't catch requests from a compromised container to the API server. Falco joined CNCF Incubator as an open-source runtime monitoring tool that combines kernel-level visibility with cluster-level awareness, making it possible to implement security policy and assert if these policies have been violated. In this session, Shane will demonstrate detection use cases, and discuss how Shopify has been using Falco since 2018 to monitor containers in a cloud environment that processes $100 million+ per day. Attendees will learn how to deploy Falco at scale, implement and change the ruleset, avoid common pitfalls with eBPF probes and kernel modules, and manage alert volume.

Speakers

Shane Lawrence

Staff Infrastructure Security Engineer, Shopify

Shane is a Staff Infrastructure Security Engineer at Shopify, where he's working on a multi-tenant platform that allows developers to securely build scalable apps and services for crafters, entrepreneurs, and businesses of all sizes.

Intro to Falco pdf

Closed Caption Transcript CYYN 7220 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/rBqBrYESryY

13:45 CEST

Intro: Brigade - Radu Matei & Kent Rancourt, Microsoft

Brigade is a lightweight, Kubernetes-native framework which allows the creation of event-driven workflows. Using JavaScript, Brigade chains together containers and controls their execution in an in-cluster scripting environment that enables easy error handling and data sharing. In this session, you will learn how to get started with Brigade, how to use the existing GitHub, CloudEvents and generic event support and integrate them in your workflow, and how different companies are using Brigade to automate their internal workflows (from code quality assessment and security scanning, to automatically generating preview environments for each pull request), and ultimately allow teams to build massively distributed workflows using a few lines of JavaScript. Finally, we will explore future plans and share the progress for the next major version of Brigade, 2.0.

Speakers

Radu Matei

Software Engineer, Microsoft Azure

Radu is a Software Engineer at Microsoft Azure, working on Kubernetes and open source developer tools for distributed systems. He is a core maintainer of Brigade, as well as of the Cloud Native Application Bundles (CNAB) project.When he is not working on open source, he loves playing... Read More →

Kent Rancourt

Sr. Software Engineer, Microsoft

Kent is a Senior Software Engineer at Microsoft working primarily on Brigade and various other open source projects within the Kubernetes ecosystem. When he's not coding, Kent enjoys being a dad, hiking, comic books, teaching martial arts, and pub trivia.

Closed Caption Transcript MTTB 5100 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/SL2EIXLZjmw

13:45 CEST

Introduction to Autoscaling - Marcin Wielgus & Beata Lach, Google

Come and see how to reduce the cost of your cluster and make your workloads more robust by dynamically adjusting them to the current traffic. During this talk members of SIG-Autoscaling will explain why you should be autoscaling both applications and clusters, and what tools Kubernetes provides to do that. You will learn the mechanics of Cluster, Horizontal Pod and Vertical Pod Autoscalers, their new features as well as the best practices for applying them in production.

Speakers

Marcin Wielgus

Staff Software Engineer, Google

Marcin Wielgus is a Staff Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes before the 1.0 release... Read More →

Beata Lach

Software Engineer, Google

Beata is a Software Engineer at Google and has been working on Kubernetes autoscaling for the last 3 years, contributing to Cluster Autoscaling and Horizontal Pod Autoscaling, currently leading the effort of Vertical Pod Autoscaling.

Closed Caption Transcript CCSN 3150 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/VP7MzegrjTw

13:45 CEST

Introduction to CNI, the Container Network Interface Project - Casey Callendrello, Red Hat & Bryan Boreham, Weaveworks

CNI, the Container Network Interface, is a small but critical piece of infrastructure linking runtimes such as Kubernetes and CloudFoundry to dozens of different container network implementations. This session is aimed at users and developers who have little previous knowledge of container networking. Attendees will hear: - A broad overview of what CNI is - What the CNCF-hosted CNI project has delivered - How CNI relates to Kubernetes - How they can get more involved in the project

Speakers

Bryan Boreham

Distinguished Engineer, Grafana Labs

Bryan is a Distinguished Engineer at Grafana Labs, the observability company.After first getting into programming as a kid, creating a video game called "Splat", Bryan's career has ranged from charting pie sales at a bakery to real-time pricing of billion-dollar bond trades.At Grafana... Read More →

Casey Callendrello

Principal Engineer, Red Hat

Casey Callendrello is a Principal Software Engineer at Red Hat, where he works on Kubernetes networking and the libraries that support it. He is a maintainer of the CNI project as well as a Kubernetes contributor.He is a Track Chair for Networking at KubeCon EU 2021.

CNI Intro Aug 2020 pdf

Closed Caption Transcript UMSL 2598 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/YWXucnygGmY

13:45 CEST

Prometheus Introduction - Julius Volz, Prometheus

Prometheus is an open-source monitoring system and time series database. It features a multi-dimensional data model with a powerful query language and integrates many aspects of systems and service monitoring: from the instrumentation of services over the collection and storage of metrics data, all the way to dashboarding and alerting. Native support for various service discovery mechanisms also make it particularly suitable for dynamic cloud-based environments like Kubernetes. In the introduction, Prometheus co-founder Julius Volz explains the architecture of Prometheus and highlights its key features.

Speakers

Julius Volz

Founder, PromLabs

Julius co-founded the Prometheus monitoring system and originally led the project to success at SoundCloud and beyond. He now focuses on growing the Prometheus community, started PromCon, the first conference around Prometheus, and helps companies use and adapt Prometheus through... Read More →

Monitoring, the Prometheus Way KubeCon Online, July 2020 pdf

Closed Caption Transcript UDAD 8526 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/PzFUwBflXYc

13:45 CEST

SIG Scheduling Deep Dive - Aldo Culquicondor, Google & Mike Dame, Red Hat

Kube-Scheduler is the component of Kubernetes that assigns pods to nodes based on the configured scheduling requirements. These requirements can be high availability, resource efficiency and other policies and heuristics. This talk will provide an overview of the new and upcoming features in the scheduler, including the scheduler framework, and the new component config API that enables scheduling profiles. In addition, we'll present updates on other sig-scheduling projects like the Descheduler. We will dedicate about half of the time of the presentation to audience questions and users' feedback.

Speakers

Mike Dame

Senior Software Engineer, Red Hat

Mike is an engineer for Red Hat OpenShift and a sig-scheduling maintainer.

Aldo Culquicondor

Senior Software Engineer, Google

Aldo is a Senior Software Engineer at Google. He works on Kubernetes and Google Kubernetes Engine, where he contributes to kube-scheduler, the Job API and other features to support batch workloads. He is currently a TL at SIG Scheduling and a member of WG Batch. He is also a maintainer... Read More →

SIG Scheduling Deep Dive pdf

Closed Caption Transcript KKHB 9477 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/XrxDS-1F3dU

13:45 CEST

SIG Service Catalog Update - Jonathan Berkhahn, IBM & Mateusz Szostok, Kyma

Service Catalog lets you provision cloud services directly fromt he comfort of native Kubernetes tooling, regardless of where the service is actually hosted. Service Catalog is a Kubernetes implementation of the Open Service Broker API, an open standard to provision and manage cloud services. In this session,t he Service Catalog leads will demo the current Service Catalog functionality, and the activities around the sub-projects. This will be followed by a deep dive into the problems we are facing and the future of the Service Catalog project. At the end of this talk, we'll also go through a short comparison between Service Catalog and operators.

Speakers

Jonathan Berkhahn

Senior Software Engineer, IBM

Jonathan is a chair of Operator Framework and a maintainer on Operator SDK.

Mateusz Szostok

Senior Software Engineer, Kyma

I'm Kubernetes member and co-chairs of the Kubernetes Service Catalog SIG. I specialize in such domains as OSB API, Service Catalog, Helm, and Kubernetes controllers. I was a Tech Lead of a task to replace the Aggregate API Service with the CRDs in the Kubernetes SIG project. I’m... Read More →

Aug18 SIG Service Catalog Update pdf

Closed Caption Transcript KNOZ 0657 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/ieXSPmdsQ6I

13:45 CEST

SIG-CLI - Open Doors - Maciej Szulik, Red Hat

This session is intended for all interested in what SIG-CLI is and what it does. Whether you're fresh to Kubernetes or an old-timer you are more than welcome. This session will be fully interactive, and its contents will entirely rely on the expectations of the attendees. Topics will include, but are not limitted to: - Kubectl code tour which will provide basic knowledge for working on kubectl itself, as well as how to write kubectl plugins. - The main initiatives SIG-CLI is undertaking (splitting kubectl out of main Kubernetes repository, plugins - its development and management, resource configuration with kustomize, dynamic commands, etc.) - Gathering feedback and discussing problems people struggle the most with kubectl.

Speakers

Maciej Szulik

Senior Principal Software Engineer, Red Hat

Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.

KubeCon EU 2020 SIG CLI Open Doors pdf

Closed Caption Transcript VGDO 2060 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/xt6Pk5dpu1k

13:45 CEST

Network Service Mesh to Address Cloud Native 5G Telco Networking Challenges - Roshini Ratnam & Anders Franzen, Ericsson

Some of the key networking challenges of cloud native telco applications are VPN/traffic separation, no NAT protocols, path diversity, accelerated user plane traffic, legacy protocol etc. Kubernetes networking cannot address them. Currently they are addressed using approaches like Multus, Danm, CNI-Genie. All this still only works on a node level but will require a substantial amount of complex case specific, on-site DevOps to bottom-up build a functional multi-network cluster, with all challenges that come with that, like LCM.
This seminar will cover how Network Service Mesh (NSM) can address networking challenges of cloud native telco applications in 5G with the details of proof of concept and how NSM decouple infrastructure from applications. The speakers will also give details of the ongoing work with CNF test bed network separation use case.

Speakers

Anders Franzen

Technology Specialist, Ericsson

Anders Franzen is an engineer in Ericsson AB with 30+ years of professional experience in HA-systems, networking and operating systems for telco. Living in Stockholm, Sweden. He is currently working with the transition into the cloud native paradigm.

Roshini Ratnam

Networking and Connectivity Architect, Ericsson

Roshini Ratnam, is an Architect in Cloud Native Connectivity at Ericsson. Roshini has above 10 years of experience in various Telecom and Networking projects with different organizations including Ericsson, Nokia Networks and Cisco Systems. In her current role she mainly focuses on... Read More →

Closed Caption Transcript FGUT 9041 txt

Network Service Mesh to Address Cloud Native 5G Telco Networking Challenges pdf

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/uV-GtLv2AJc

13:45 CEST

Managing a Managed Kubernetes Platform - Annegies van 't Zand & Wiender Sarup, Nationale Nederlanden

Over the past year Nationale Nederlanden (NN) has built a managed Kubernetes platform for their DevOps teams.

Now, a year later, we are managing over twenty Kubernetes clusters that are running multiple production workloads. Although Kubernetes is the main component, it turned out that lifecycle management and reliable delivery of changes to in-use platforms proved to be the most challenging part. All-in-all there are fifteen components that provide all the platform features and services, so we had to get creative to make sure that we kept up to date with all of them.

In this talk we will share our solutions for setting up a platform delivery pipeline and the lifecycle management of our platform components. Fan-in/fan-out cluster deployments, platform integration tests, version dashboards and feature flagging are some of the subjects that we will address.

Speakers

Annegies van 't Zand

Kubernetes platform engineer, Nationale Nederlanden

Annegies is a Kubernetes platform engineer at the Nationale Nederlanden.

Wien Sarup

Kubernetes platform engineer, Nationale Nederlanden

Wien Sarup is a Kubernetes platform engineer at the Nationale Nederlanden.

managing a managed kubernetes platform 1.0 pdf

Closed Caption Transcript THGB 7930 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/TBydMGkWykQ

13:45 CEST

Kubernetes On Cgroup v2 - Giuseppe Scrivano, Red Hat

This talk will go over the current status of cgroups v2 in the Kubernetes and container ecosystem.

Efforts are underway to enable cgroups v2 in containers runtimes and up the stack in Kubernetes so users can benefit from new kernel features such as PSI and have better OOM handling through using projects such as oomd.

Particular focus will be placed on the changes required in the OCI (Open Container Initiative) specifications and how the containers runtime must be adapted to use the new version.

Speakers

Giuseppe Scrivano

Senior Principal Software Engineer, Red Hat

Giuseppe is a Software Engineer at Red Hat where he works in the containers runtime team on projects such as Podman and CRI-O. In the last year his main focus was on rootless containers and cgroup v2 support.

kubernetes on cgroup v2 pdf

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Runtimes

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/u8h0e84HxcE

13:45 CEST

OpenID Connect as SSO Solution: Strengths and Weaknesses - Álvaro Iradier, Sysdig

OpenID Connect (OIDC), an identity layer on top of OAuth2 protocol, makes user login easier and allows for a seamless SSO experience between multiple tools and services by delegating authentication to a trusted Identity Provider (Authorization Server). The concept is quite appealing at first sight. But different implementations and lack of agreement, both on the client applications and on the Authorization Servers, can ruin your trip.

In this talk we will explain the basic concepts of OIDC, how it works, how it compares to other Federated Authentication systems like SAML, and some integration examples like Harbor or Kubernetes. Then we talk about some common issues that are still rough edges, like the user onboarding and the roles and group management. Finally, we will see how we can make some non-OIDC aware applications work with OIDC by delegating authentication to an Nginx proxy.

Speakers

Álvaro Iradier

Solutions Engineer, Sysdig

Álvaro is a solutions engineer at Sysdig. Before that, he worked in an IoT and financial micro-transactions company for 11 years as a Ninja developer. Then, he discovered he had been doing the fuzzy concept of DevOps when Adidas hired him for CI/CD support and platform engineering... Read More →

openid slides pdf

Closed Caption Transcript GDJB 8333 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/Ezi7LkpaU6Q

13:45 CEST

Using Argo and Knative to Orchestrate Media-intensive Services in 5G Edge - David Breitgand, IBM

Kubernetes is at the core of the cloud-native transformation. In this talk, we will discuss how Argo Workflows, Argo Events and Knative can help with cost-efficient and extremely flexible orchestration of complex network-intensive services on Kubernetes. We will discuss a Knative based deployment of Argo Workflow and Argo Events and demonstrate how we used these technologies in 5G-MEDIA (http://www.5gmedia.eu/) to orchestrate media intensive network services, such as tele-immersive gaming and mobile journalism in a 5G Edge. We argue that CNCF technologies can very efficiently complement traditional orchestration tools used by telcos, such as OSM, which are not sufficiently flexible to orchestrate highly dynamic session-oriented container based workloads of this kind.

Speakers

David Breitgand

Research Scientist, Senior Technical Staff Member, IBM

David Breitgand is a technical leader at the Cloud and Data Technologies group in IBM Haifa Research Lab, Israel. He received his Ph.D. in Computer Science from the Hebrew University of Jerusalem in 2003. He is a member of the 5G-MEDIA and CloudButton projects focusing on applying... Read More →

Aug 18 Using Argo and Knative to Orchestrate Media Intensive Services in 5G Edge.David Breitgand pdf

Closed Caption Transcript OGZP 0147 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Serverless

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/wqpBqzOFdiI

13:45 CEST

Building a Distributed API Gateway with a Service Mesh - Rei Shimizu, Waseda University & Cynthia Coan, Tetrate

API Gateways are going through an identity crisis. As microservice architectures proliferate we're learning that really, we need API Gateway functionality between all of our services, and not just at ingress where API Gateways have been deployed traditionally. The ability to dynamically extend Envoy at runtime via WASM opens the door for many new capabilities, including moving API Gateway functionality into the service mesh layer.

In this talk, we'll explore how we helped extend Envoy to support executing WASM as a safe, sandboxed way to run arbitrary code in the proxy. We'll then go further by showing how we used WASM to move functionality typically reserved for the edge of our deployments - API Gateway functions like token validation, rate limiting, and payload transformation - into the service mesh in a real user's deployment.

Speakers

Rei Shimizu

Student, Waseda University

Rei is a computer engineering student at Waseda University, Japan. He is also a contributor to the Envoy proxy project.

Cynthia Coan

Software Engineer, Tetrate

Cynthia is a software engineer at tetrate trying to make networking a little less terrible for everyone. She works frequently on Envoy, and it's related projects.

Closed Caption Transcript ZNQO 2708 txt

building a distributed API Gateway with a service mesh pdf

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Service Mesh

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/YeK34lItg2Q

14:00 CEST

Meet the Maintainer: OpenEBS

Tuesday August 18, 2020 14:00 - 15:00 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

14:30 CEST

Architectural Caching Patterns for Kubernetes - Rafał Leszko, Hazelcast

Kubernetes brings new ideas of how to organize the caching layer for your applications. You can still use the old-but-good client-server topology, but now there is much more than that. This session will start with the known distributed caching topologies: embedded, client-server, and cloud. Then, I'll present Kubernetes-only caching strategies, including:
- Sidecar Caching
- Reverse Proxy Caching with Nginx
- Reverse Proxy Sidecar Caching with Hazelcast
- Envoy-level caching with Service Mesh

In this session you'll see:
- A walk-through of all caching topologies you can use in Kubernetes
- Pros and Cons of each solution
- The future of caching in container-based environments

Speakers

Rafał Leszko

Cloud Software Engineer, Hazelcast

Cloud software engineer at Hazelcast, author of the book "Continuous Delivery with Docker and Jenkins", trainer, and conference speaker. He specializes in Java development, Cloud environments, and Continuous Delivery. Former employee in a number of companies and scientific organizations... Read More →

[KubeCon] Architectural Caching Patterns for Kubernetes pdf

Closed Caption Transcript MQPK 1274 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/poO6KDRHAL0

14:30 CEST

Live Migration of Production Workloads from Apache Mesos PaaS to Kubernetes - Maria Camacho & Gufran Lutful, Nokia

In 2018 we started the migration of production workloads on our cloud-native big data analytics platform (PaaS) from Apache Mesos and Marathon to K8s.

Nokia has multiple production PaaS instances in its datacenters across the globe with various production workloads, including a distributed analytics engine, production databases, data streams and ML applications. These workloads are critical to telecom data scientists requiring high performance, availability and reliability without disrupting continuous delivery of big data services.

We want to share the story and lessons learnt when migrating production workloads to K8s while maintaining performance and reliability, and at the same time delivering new services to our demanding users.

You will hear how we seamlessly shared cloud resources, network traffic, internal DNS and telemetry systems between two orchestrators in production.

Speakers

Maria Camacho

Software Architect, Nokia

Software Architect, Nokia Software Architect with focus on cloud-native DevOps and automation, analytics platforms, performance, Container runtime, Kubernetes deployment and operations. Currently a member in the Nokia Software team building and automating digital operations software... Read More →

Gufran Lutful

Software Engineer, Nokia

Software Engineer, Nokia Gufran is a DevOps oriented Software Engineer at Nokia and an Entrepreneur. Over the years, he has worked in different roles such as Software Test Engineer, PaaS Developer, Site Reliability Engineer etc. Gufran is an active learner. He holds CKA, AWS, CCNA... Read More →

Closed Caption Transcript XFJN 9101 txt

Aug18 Live Migration of Production Workloads from Apache Mesos PaaS to Kubernetes pdf

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/xisI9sGvnMg

14:30 CEST

Progressive Delivery in Kubernetes - Carlos Sanchez, Adobe & Viktor Farcic, CloudBees

Progressive Delivery makes it easier to adopt Continuous Delivery, by deploying new versions to a subset of users and evaluating their correctness and performance before rolling them to the totality of the users, and rolled back if not matching some key metrics. Canary deployments is one of the techniques in Progressive Delivery, used in companies like Facebook to roll out new versions gradually. But good news! you don't need to be Facebook to take advantage of it.

We will demo how to create a fully automated Progressive Delivery pipeline with Canary deployments and rollbacks in Kubernetes using Jenkins X, an open source platform for cloud native CI/CD in Kubernetes, and Flagger, a project that uses Prometheus and your service mesh of choice to automate Canary rollouts and rollbacks.

Speakers

Viktor Farcic

Developer Advocate, Upbound

Viktor Farcic is a Developer Advocate at Upbound, a member of the Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.

Carlos Sanchez

Principal Scientist, Adobe

Carlos Sanchez is a Principal Scientist at Adobe Experience Manager, specializing in software automation, from build tools to Continuous Delivery and Progressive Delivery. Involved in Open Source for over 15 years, he is the author of the Jenkins Kubernetes plugin and a member of... Read More →

Progressive Delivery in Kubernetes pdf

Closed Caption Transcript CBJC 5788 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Jf29YXu1Q48

14:30 CEST

Building the Next Generation of Release Notes for Kubernetes and Beyond - Sascha Grunert, SUSE

Kubernetes is an open source project with a high velocity of PRs and releases. While the activity and interest in the project is awesome, communicating these changes to end users becomes difficult. For a long time, each release would generate a new release notes markdown document that required manual cleanup and curation. In recent months the format has been reconsidered and completely restructured. The majority of content in the previous markdown has become a widely used website!

Generating and publishing release notes for open source projects can be a pain point, especially as a project grows. Imagine if there was a solution usable with many different projects? This talk will go over the history of Kubernetes release notes, the current state of relnotes.k8s.io, and future plans for automated publishing of release notes and notifications.

Closed Caption Transcript QBAJ 4037 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/WCvnje5fdR0

14:30 CEST

Panel: CNCF Ambassadors: Building the Cloud Native Community – Ihor Dvoretskyi, CNCF; Kasper Nissen, Lunar; Alison Dowdney, Weaveworks; Jessica Andersson, Meltwater; & Saiyam Pathak

As the adoption of Cloud Native increases, the need for local communities increases. End users are looking for others in similar situations to share experiences and learn from each other. CNCF helps and supports local organizers through the meetup and ambassador program. In this session, the panelists will share their experiences in building and scaling local communities around the Cloud Native ecosystem. How can you get started? Where do you find speakers and venues? How to keep the momentum? These are just a few of the questions the panelists will try to answer.

Speakers

Kasper Borg Nissen

Lead Platform Architect, Lunar

Kasper is a Cloud Native Computing Foundation Ambassador, and co-founder of the Nordic meetup alliance, Cloud Native Nordics, where he serves as Community Lead. He works as Lead Platform Architect at Lunar. He has worked at Lunar for 6 years, and is one of the architects behind the... Read More →

Alison Dowdney

Customer Reliability Engineer, Weaveworks

Alison is a Customer Reliability Engineer at Weaveworks, a CNCF ambassador and an active member of SIG Contributor Experience for the Kubernetes project. She is passionate about helping others get more involved with the cloud native community. Coming from a startup background, she... Read More →

Ihor Dvoretskyi

Developer Advocate, Cloud Native Computing Foundation

Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation (CNCF), closely working with the open source communities within the Cloud Native ecosystem (including Kubernetes, Helm, and others).At CNCF, Ihor helps in driving multiple developer relations programs, including... Read More →

Saiyam Pathak

Director of Technical evangelism, Civo

Jessica Andersson

Product Area Lead Engineering Enablement, Kognic

Jessica is Product Area Lead for Engineering Enablement at Kognic, providing products and services for internal development teams. Jessica is also a CNCF Ambassador and engaged in the Nordic and local Meetup communities, as an attendee, speaker and organizer.

CNCF Ambassadors Building the Cloud Native Community pptx

Closed Caption Transcript YQGC 2487 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Link to Video Recording https://youtu.be/_Bm0TELIKaU

14:30 CEST

Kubernetes as a General Purpose Control Plane: Scaling on Kubernetes - Hasan Turken, Upbound

Kubernetes style APIs are becoming popular as it works great as a general purpose control plane. One can build operators on top of it to declaratively manage resources living outside of the cluster.

But how to scale when we want to run multiple isolated instances of such an operator? Do we really need a full fledged Kubernetes Cluster for each or can we run only a subset of control plane components by considering we are managing external resources?

In this talk, we will discuss the minimal control plane components when we want to use Kubernetes as a general purpose control plane. Building on top of that, we will propose a lightweight solution to run multiple isolated control plane instances as tenants on a single Kubernetes Cluster. At the end, a live demo will be shown that provides a practical example of the solution proposed.

Speakers

Hasan Türken

Principal Software Engineer, Upbound

Hasan Türken is a software engineer specialized in Kubernetes. As a certified Kubernetes administrator (CKA) and Security specialist (CKS), he actively participated in containerization and Kubernetes transformation of distributed enterprise applications, guided teams for cloud native... Read More →

Closed Caption Transcript QUHJ 7217 txt

HowToScaleKubernetesAsAGeneralPurposeControlPlane Slides pdf

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Customizing + Extending Kubernetes

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/KEQCyXZ8jm4

14:30 CEST

Enabling Multi-user Machine Learning Workflows for Kubeflow Pipelines - Yannis Zarkadas, Arrikto & Yuan Gong, Google

Kubeflow is an open source machine learning platform built on Kubernetes. Every service in Kubeflow is implemented either as a Custom Resource Definition (CRD) (e.g., TensorFlow Job) or as a standalone service (e.g., Kubeflow Pipelines).

As enterprises start to adopt Kubeflow, the need for access control, authentication, and authorization is emerging. Kubernetes CRDs come with their own auth story, but what about Services with their own API and database, like Kubeflow Pipelines? In this talk, we explore how we enabled multi-user workflows for Kubeflow Pipelines, in a Kubernetes-native way.

We present how we combined open-source, cloud-native technologies to design and implement a flexible, Kubernetes-native solution for services with their own API and database. The talk will include a live demo.

Speakers

Yannis Zarkadas

Software Engineer, Arrikto

Yannis is a software engineer at Arrikto, working with Kubeflow and the Kubernetes sig-storage group. He loves contributing to open source projects and has authored the Cassandra Operator in Rook and the official Scylla Operator, which he is currently maintaining.

Yuan Gong

Software Engineer, Google Cloud

I'm a software engineer at Google Cloud working on Kubeflow Pipelines project (https://github.com/kubeflow/pipelines).

[kubecon amsterdam] Enabling Multi user Machine Learning Workflows for Kubeflow Pipelines pdf

Closed Caption Transcript ULND 1515 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Machine Learning + Data

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/U8yWOKOhzes

14:30 CEST

Flux Deep Dive: A GitOps Approach to Progressive Delivery - Stefan Prodan & Hidde Beydals, Weaveworks

“Progressive Delivery” refers to a set of techniques for reducing deployment risk by decoupling the deployment from the release process. In this session, Stefan and Hidde will talk about implementing these techniques on Kubernetes. We will discuss in depth how canary releases can be orchestrated through Git operations, declaratively, using Kubernetes custom resources and Flux git-to-cluster synchronization. We will demo a GitOps pipeline that automates the release process of a web application. The demo will feature: - Flux for cluster state management - Flux Helm Operator for app deployments - Flagger for app testing and incremental rollout

Speakers

Stefan Prodan

Principal Engineer, Weaveworks

Stefan is a Principal Engineer at Weaveworks and an open source contributor to cloud-native projects. He is the creator of Flagger the progressive delivery operator for Kubernetes, and a core maintainer of the CNCF's Flux project. He worked as a software architect and a DevOps consultant... Read More →

Hidde Beydals

Senior Software Engineer, Weaveworks

Hidde is a Senior Software Engineer at Weaveworks, and a seasoned maintainer of the CNCF Flux project. With over 15 years of experience in software development, he has been a significant contributor to the project since 2018, developing and maintaining key features such as the Helm... Read More →

Closed Caption Transcript QGUP 5006 txt

flux v2 pdf

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/8v94nUkXsxU

14:30 CEST

in-toto: Securing the Entire Software Supply Chain - Santiago Torres, NYU

As attackers intensify their focus on the software development, distribution and deployment pipeline, supply chain security becomes more and more crucial to the overall security of software projects. in-toto, which has recently become a member of the CNCF, has tooling and a protocol that allows you to verifiably define all the steps of the supply chain, along with its authorized personnel, giving you and your customers the guarantee that everything happened according to your intentions and nothing else. This talk will walk you through the basics of software supply chain security, and show how a versatile tool like in-toto can add substantial security guarantees to any supply chain in- and outside of the cloud native ecosystem.

Speakers

Santiago Torres

PhD Student, New York University

Closed Caption Transcript QBLM 9946 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/W-5io6v3S1Y

14:30 CEST

Intro: Contributor Experience SIG - Jorge Castro, VMware & Bob Killen, University of Michigan

In this 30 minute session, we will explore the projects we have been working on with Contributor Experience and the future work we have on deck. We will provide an update to the following projects and have information on how to get involved.

Speakers

Bob Killen

Program Manager, Google

Bob is a Program Manager at the Google Open Source Programs Office with a focus on Cloud Native computing. He serves the Kubernetes project as a member of the Kubernetes Steering Committee, a chair of the Contributor Experience SIG and has been involved in many other cross-cutting... Read More →

Jorge Castro

Community Manager, VMware

Jorge is a Community Manager at VMware where he helps to support and advance the open Kubernetes ecosystem. He works in SIG Contributor Experience on the Kubernetes Office Hours, running the YouTube channel, forums admin, and a bunch of miscellaneous programs. He resides in Ann Arbor... Read More →

Closed Caption Transcript GYEH 0172 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/VeCMQoNHFMU

14:30 CEST

Intro: SIG Scalability - Wojciech Tyczynski & Matt Matejczyk, Google

This session will focus on the different efforts that SIG Scalability is involved in: defining what scalability means for Kubernetes, driving performance improvements, maintaining infrastructure for scalability testing, guarding Kubernetes against performance regressions. Time for Q&A will be reserved at the end of the session to understand how the SIG can better engage with the community as well as to allow the audience to provide the input about the roadmap.

Speakers

Wojciech Tyczyński

Senior Staff Software Engineer, Google

Wojciech is working on Google Technical Infrastructure & Cloud since 2012. Since February 2015 he works on Kubernetes and Google Kubernetes Engine. With the main focus on scalability, performance and reliability, he gained experience and contributed to many Kubernetes features and... Read More →

Matt Matejczyk

Senior Software Engineer, Google

Matt is a senior software engineer at Google and co-chair of SIG Scalability.

Closed Caption Transcript FKSP 1076 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/gNj19Icb32g

14:30 CEST

Introduction to Data Protection WG in Kubernetes - Xing Yang, VMware & Xiangqian Yu, Google

Data Protection WG in Kubernetes was formed following discussions at KubeCon in San Diego. This is a Working Group dedicated to promoting data protection support in Kubernetes, identifying missing functionality and working together across multiple SIGs to design features to enable data protection in Kubernetes. In this session, the co-chairs of this WG will explain the motivation behind the formation of this WG, the charter of this WG, who are involved, what is the current state of data protection in Kubernetes and where it is heading in the future. They will also talk about how interested parties (including backup and storage vendors, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.

Speakers

Xing Yang

Tech Lead, VMware

Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect of OpenSDS... Read More →

Xiangqian Yu

Software Engineer, Google

Xiangqian Yu is a Software Engineer at Google. He is also a co-chair of the Data Protection WG in Kubernetes and a co-lead of the Volume Snapshot project in SIG Storage.

Closed Caption Transcript UUCU 4957 txt

KubeCon Europe 2020 Introduction to Data Protection WG pdf

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://www.youtube.com/watch?v=6lVJcskauTU

14:30 CEST

Notary v2 Introduction and Status Report - Justin Cormack, Docker & Omar Paul, Amazon

The Notary v2 project is a rework of the infrastructure for container signing, supporting additional OCI Artifacts, such as Helm, Singularity and CNAB. It addresses the design and usability issues that have been found with Notary v1, and signing in a multi-registry world. The major focus being signatures as first class elements of registries rather than running a sidecar database. It addresses the signing usability issues enabling broad provider and customer adoption. This session will give an overview of the Notary v2 community project at present, and the roadmap. This session is for anyone interested in container signing and what the new project is working on.

Speakers

Justin Cormack

CTO, Docker

Justin is the CTO of Docker, a Notary maintainer, and a member of the CNCF TOC. He has been working with containers and in the security space for many years.

Omar Paul

Product Manager, Amazon

Closed Caption Transcript CXWJ 4985 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/8K4a7Ltk_4U

14:30 CEST

Vitess Intro: How to Migrate a MySQL Database to Vitess - Sugu Sougoumarane. & Morgan Tocker, PlanetScale

Vitess is a database clustering system for horizontal scaling MySQL. This session will cover a high level overview of all the Vitess features, the architecture, and what database workloads are a good fit. We will then walk through a demo of live-migrating an existing MySQL installation into Vitess. Because Vitess also speaks the MySQL protocol, it is easy to retrofit scaling into your existing database systems.

Speakers

Sugu Sougoumarane

CTO, Planetscale, Inc.

Sugu is the co-creator of Vitess, and has been working on it since 2010. Prior to Vitess, Sugu worked on scalability at YouTube and was also part of PayPal in the early days. His recent interest is in distributed systems and consensus algorithms. He occasionally shares his thoughts... Read More →

Morgan Tocker

Community Development Manager, Planetscale, Inc.

Closed Caption Transcript NGNN 1745 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/WRNftOqRVVY

14:30 CEST

Hacking on Network Service Mesh Dataplane for a True Multi-cloud Experience - Aleksandra Kowalska, Netcompany & Jaroslaw Lukow, Nine Fives Labs

In this session the presenters will guide you through integrating Network Service Mesh with the Tungsten Fabric SDN controller as the dataplane tunnel provider. The session will bring both information about the NSM architecture and its use-cases. The TF's ubiquity of integrations (Kubernetes, OpenStack, VMware, physical appliances etc.) enables to demonstrate the true concept of cloud-native networking - when the location of the network service is irrevelant to the consumer and she can focus only on the required functionality. Thus, we can mix and match different clusters, orchestrators and technologies to provide a flexible networking environment.

Speakers

Aleksandra Kowalska

DevOps Engineer, Netcompany

Aleksandra is an experienced Software Engineer that started to work as a DevOps Engineer to help bridge the gap between software and infrastructure. She works with Kubernetes-based clouds and develops tooling focused around automation and CI/CD. She is passionate about bringing the... Read More →

Jarek Lukow

DevOps Engineer, Nine Fives Labs

Hacking on NSM Dataplane for a true multicloud experience pdf

Closed Caption Transcript JLMM 5518 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/zzDAAMC7214

14:30 CEST

From Alert Notification to Comparison of Good and Bad Requests in One Click - Shreyas Srivatsan, Chronosphere

Metrics are a great tool for notifying when something goes wrong. Distributed tracing provides the ability to drill down deeper into an issue when triaging an alert with a non-obvious root cause. It’s already difficult to jump from metrics raising an alert to a representative problematic trace, but even once there, users often want to compare a problematic trace with a non-problematic one to help root cause the issue. This talk demonstrates how to jump straight from an alert notification to displaying a problematic trace along with a comparison to a non-problematic trace.

This is accomplished with a combination of open source tools such as Prometheus, Jaeger, Grafana and M3. The audience will learn how recent advances in the community can enable them to reduce their time-to-mitigation by providing the relevant context of a bad request vs a good request directly from a graph.

Speakers

Shreyas Srivatsan

Technical Lead, Chronosphere

Shreyas is a technical lead at Chronosphere working on all things monitoring. Shreyas is greatly interested in monitoring of all kinds and has contributed to Prometheus, upstreaming exemplar support for the OpenMetrics parser. Prior to working on monitoring Shreyas was a senior software... Read More →

From Alert Notification to Comparison of Good and Bad Requests in One Click pdf

Closed Caption Transcript TYQW 2980 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Observability

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/nsTEFLwRJRI

14:30 CEST

Kubernetes DNS Horror Stories (And How to Avoid Them) - Laurent Bernaille, Datadog

DNS is one of the Kubernetes core systems and can quickly become a source of issues when you’re running clusters at scale. For over a year at Datadog, we’ve run Kubernetes clusters with thousands of nodes that host workloads generating tens of thousands of DNS queries per second. It wasn’t easy to build an architecture able to handle this load, and we’ve had our share of problems along the way.

This talk starts with a presentation of how Kubernetes DNS works. It then dives into the challenges we’ve faced, which span a variety of topics related to load, connection tracking, upstream servers, rolling updates, resolver implementations, and performance. We then show how our DNS architecture evolved over time to address or mitigate these problems. Finally, we share our solutions for detecting these problems before they happen—and identifying misbehaving clients.

Speakers

Laurent Bernaille

Staff Engineer, Datadog

Laurent Bernaille worked several years as a consultant specialized in cloud, containers, and automation and helped organizations migrate to the public cloud, adopt containers and improve their deployment pipelines. He is now Staff Engineer at Datadog and works in the Compute team... Read More →

Kubernetes DNS Horror Stories pdf

Closed Caption Transcript XQNT 0971 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Yq-SVNa_W5E

14:30 CEST

Handling Container Vulnerabilities with Open Policy Agent - Teppei Fukuda, Aqua Security

A vulnerability scanner for containers doesn’t help a user decide how to handle vulnerabilities. For example, even if a critical vulnerability is found, some organizations may accept the risk of it. The policy for vulnerability handling depends on the organization, and in many cases, the person in charge has to make a manual judgement based on this policy every time. This is time-consuming.

This talk demonstrates how to automatically handle vulnerabilities detected by a scanner using OPA.
- The vulnerabilities found by a scanner in CI are handled automatically by Open Policy Agent
- Applying custom policy, OPA shows users which vulnerabilities to address

This automatic vulnerability handling in CI will be demonstrated live, along with Trivy, which is an open source vulnerability scanner for containers. The same policy handling model could be used with any scanner.

Speakers

Teppei Fukuda

Open Source Software Engineer, Aqua Security

Teppei Fukuda is a developer of Trivy and a maintainer of Vuls. He works at Aqua Security as an Open Source Software engineer.He has a wealth of software engineering experience working on network and security. Away from the work, he loves Manga. He dreams of reading all the comics... Read More →

2020:08 KubeCon Europe 2020 pdf

Closed Caption Transcript UKRY 0253 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/WKE2XNZ2zr4

14:30 CEST

Expanding Serverless to Scale-out Kubeflow Pipelines - Yaron Haviv, Iguazio

Serverless frameworks enable devops automation, resource allocation on demand and auto-scaling. However, so far they only addressed event-driven workloads and not distributed, batch oriented data science tasks like data preparation and ML training. Orit Nissan-Messing will introduce the recently announced Nuclio ML Functions which is tightly integrated with Kubeflow and extends the Nuclio open-source serverless framework to auto-scaling machine learning, training and data preparation tasks. Nuclio ML functions automatically tracks experiments and artifacts, is seamlessly integrated with Kubeflow pipelines and eliminates a significant amount of devops. Participants will learn how to work with Kubeflow and Nuclio to enable CI/CD for their machine learning workloads, enabling performance and horizontal scaling, while cutting infrastructure costs and tedious development tasks.

Speakers

Yaron Haviv

CTO, Iguazio

Yaron Haviv is a serial entrepreneur who has deep technological experience in the fields of ML, big data, cloud, storage and networking. Prior to Iguazio, Yaron was the Vice President of Datacenter Solutions at Mellanox, where he led technology innovation, software development and... Read More →

Closed Caption Transcript RGMR 6110 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Serverless

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/CNpbfXnENk4

14:30 CEST

Mesh in a Mesh: A Model for Stronger Multi-tenancy of Kubernetes Workloads - Nitish Malhotra & Akash Baid, Affirmed Networks

Most organizations use some flavor of multi-tenancy in their clusters for their teams, applications or customers. Namespaces paired with RBAC, ResourceQuota & NetworkPolicy provide ways to isolate tenants at some level. However these primitives are insufficient for setting L7 policies on the ingress/egress traffic per tenant.

If you’re administering clusters for multiple tenants, attend this talk to learn a new model for deploying workloads in tenant specific sub-meshes within your service mesh. This model uses Envoy based ingress/egress gateways per-tenant, which helps:
- set traffic policies and scale resources per-tenant
- hide tenant application topology when communicating with external entities
- assign per-tenant identities (SPIFFE) for use with transport authentication (mTLS), authorization (OAuth2) & origin authentication (JWT)
- share mesh control plane resources across tenants

Speakers

Akash Baid

Engineering Manager, Affirmed Networks

Akash Baid works in the Cloud Native Platform Engineering team at Affirmed Networks. In his current role, he leads a team of developers working on integrating open source projects such as Kubernetes, Envoy, Istio, etcd, EFK, Prometheus, Grafana, Consul and others. He has previously... Read More →

Nitish Malhotra

Technology Architect - Office of the CTO, Affirmed Networks

Nitish Malhotra is a Senior Principal Software Engineer at Affirmed Networks. As a member of the Cloud Native Infra team, he works on improving developer workflows for deploying 5G core VNFs on Kubernetes by contributing to and building abstractions for open-source projects like Envoy... Read More →

Aug18 Mesh in a mesh Nitish Malhotra Akash Baid pdf

Closed Caption Transcript BEDW 0853 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Service Mesh

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/cQFF3DqHQu0

14:45 CEST

Meet the Maintainer: Prometheus

Tuesday August 18, 2020 14:45 - 15:45 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

15:05 CEST

Break

Tuesday August 18, 2020 15:05 - 15:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Breaks

15:30 CEST

Meet the Maintainer: Vitess

Tuesday August 18, 2020 15:30 - 16:30 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

15:35 CEST

Keynote: End to End: The Foundation of Doers - Priyanka Sharma, General Manager, Cloud Native Computing Foundation

Speakers

Priyanka Sharma

Executive Director, CNCF

Tuesday August 18, 2020 15:35 - 15:50 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/u71aL6aVDPg

15:52 CEST

Keynote: Why End Users Are More Than Passive Consumers Why End Users Are More Than Passive Consumers - Cheryl Hung, Director of Ecosystem, Cloud Native Computing Foundation

Speakers

Cheryl Hung

VP Ecosystem, Cloud Native Computing Foundation

Cheryl Hung is VP Ecosystem at the Cloud Native Computing Foundation, where she drives adoption of cloud native infrastructure. As a non-profit under the Linux Foundation, the CNCF hosts open source projects including Kubernetes, Prometheus and Envoy.She founded the 5000+ strong Cloud... Read More →

Tuesday August 18, 2020 15:52 - 16:03 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

16:04 CEST

Keynote: CNCF Projects Update - Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Principal Software Engineer, Splunk

Speakers

Constance Caramanolis

Principal Software Engineer, Splunk

Tuesday August 18, 2020 16:04 - 16:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/_fJeyeImm0E

16:15 CEST

Meet the Maintainer: Envoy

Tuesday August 18, 2020 16:15 - 17:15 CEST
Virtual Project Pavilion - Zoom Room 2

Meet the Maintainers

16:21 CEST

Sponsored Keynote: Network, Please Evolve: Chapter 3, Stretching Out – Vijoy Pandey, Vice President and CTO of Cloud, Cisco

Cloud Native has become a synonym for scalable and reliable distributed applications. And a well-behaved, distributed system is synonymous with a highly-available, consumable, and composable Network.

Over the past 2 chapters of our evolutionary tale, we have discussed the need for the Network to evolve beyond the 35-year old concepts that still define it to this day. And we have demonstrated, through a real-world database (Vitess) use case, the developmental and operational power and simplicity this new paradigm delivers.

In this new Chapter, we will discuss how we can stretch these capabilities all the way into the enterprise, edge compute location, or a branch, and show how it eases the life of a developer building a new cloud native app.

Speakers

Vijoy Pandey

Vice President, Engineering for Emerging Technologies and Incubation, Cisco

Vijoy Pandey is Vice President, Emerging Technologies and Incubation (ET&I) at Cisco. ET&I is chartered to create and drive the next Bold Bets for Cisco in an agile, ambitious, and entrepreneurial manner. Vijoy runs both engineering and a global framework of customer-focused co-innovation... Read More →

Tuesday August 18, 2020 16:21 - 16:27 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/J1fdkT6HdX0

16:28 CEST

Keynote: Open Source Intrusion Detection for Containers at Shopify - Shane Lawrence, Senior Security Infrastructure Engineer, Shopify & Kris Nóva, Chief Open Source Advocate, Sysdig

Even well protected workloads may be compromised by 0-days and platform vulnerabilities. Observability is essential for detecting and stopping an attack before infrastructure and information is compromised. Shopify uses open source Falco, a CNCF incubating project, to track syscalls at the kernel level and reveal them to a Kubernetes-aware process in userspace. That uses predefined rules to decide which events to log. Additional tooling filters and aggregates logs, and generates alerts when suspicious activity is detected.

In this talk, Shane will describe how Shopify first deployed Falco in 2018 and continues to use it to monitor critical systems, including those that process payment card information. He will share tips and tricks for getting the most out of Falco, areas for improvement, and use cases for detecting compromise or data exfiltration when all else fails.

Speakers

Kris Nóva

Chief OSS, Sysdig

Kris Nova, Chief Open Source Advocate at Sysdig, focuses on security, intrusion detection, and the Linux kernel with Kubernetes and eBPF. As an active advocate for open source, Nova is an ambassador for the CNCF and the creator of kubicorn, a successful Kubernetes infrastructure management... Read More →

Shane Lawrence

Staff Infrastructure Security Engineer, Shopify

PUBLIC KubeCon EU 2020 Shopify & Falco pdf

Tuesday August 18, 2020 16:28 - 16:49 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/6pVci31Mb6Q

16:50 CEST

Sponsored Keynote: Happy Birthday, Open Container Initiative: Here’s to 5 Years of Collaborative Innovation - Sally Ann O'Malley, Software Engineer, & Urvashi Mohnani, Software Engineer, Red Hat

Five years ago, the Open Container Initiative (OCI) was formed under the Linux Foundation to provide vendor-neutral open governance standards for container runtimes and image formats. This has fueled cloud-native innovation and has led the Cloud Native Computing Foundation (CNCF) to where it is today. In this talk, we will highlight some of the critical decision points in OCI's evolution and forecast how Red Hat is collaborating with and empowering the OCI and CNCF communities.

Speakers

Sally O’Malley

Senior Software Engineer, Red Hat

Sally Ann O'Malley is a software engineer at Red Hat. She has worked on various teams within OpenShift over the past 6 years. Currently, she is with the Emerging Technologies group within Red Hat.

Urvashi Mohnani

Senior Software Engineer, Red Hat

Tuesday August 18, 2020 16:50 - 16:56 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/GTTeoN00Cl8

16:57 CEST

Keynote: The Beginner’s Guide to the CNCF TOC - Liz Rice, VP Open Source Engineering, Aqua Security

Who is the Technical Oversight Committee? What do its members do? How do projects get picked for adoption into the CNCF? Let’s shine a light on this group who determine which projects are adopted by the CNCF, set the future direction of the cloud native landscape, and are even responsible for the definition of the term “cloud native."

This talk discusses the pros & cons of a project’s participation in the CNCF from the perspective of end users, vendors, contributors, and maintainers. It covers the lifecycle for a CNCF project, including:

- why projects want to be in the CNCF
- how the project adoption process works
- the requirements that the CNCF has on projects at different phases of maturity

Attendees will leave this talk with insights into how the technical arm of the CNCF works, why it’s important, what the TOC wants to do next, and how they can get involved.

Speakers

Liz Rice

Chief Open Source Officer, Isovalent

Tuesday August 18, 2020 16:57 - 17:13 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/9zNAj5dL7J4

17:00 CEST

Meet the Maintainer: Keptn

Tuesday August 18, 2020 17:00 - 18:00 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

17:13 CEST

Keynote: Closing Remarks - KubeCon + CloudNativeCon Europe 2020 Co-Chairs: Constance Caramanolis, Principal Software Engineer, Splunk & Vicki Cheung, Engineering Manager, Lyft

Speakers

Vicki Cheung

Staff Software Engineer, Lyft

Constance Caramanolis

Principal Software Engineer, Splunk

Tuesday August 18, 2020 17:13 - 17:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

17:15 CEST

Break

Tuesday August 18, 2020 17:15 - 17:45 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Breaks

17:15 CEST

EmpowerUs: How Lean Innovation Turns Uncertainty into Opportunity, Sponsored by ITRenew (RSVP is required to attend, details in description)

An official RSVP for the EmpowerUs conversation is required.

Life, technology, and business are all a series of challenges and opportunities. How we respond to adverse circumstances, from startup pivots to struggling collaborations to global pandemics, can define our companies, and us. When faced with uncertainty, the best way to empower yourself, your company and each other is through innovation. And the best way to innovate is to commit, with confidence and conviction, to what you believe in, and yet be agile and open enough to identify and capitalize on the opportunities for learning that a diverse, fast-moving world creates. With this foundation of innovation, comes true empowerment and potential for progress.

Join Ali Fenn, President of ITRenew and Heather McGough, CEO of Lean Startup for a frank and candid conversation about what they’re seeing in the market today, what they’ve learned throughout their careers about continuing to drive important agendas forward without compromise, how they’re guiding their organizations through change, and why they’re coaching others to embrace diverse ideas, people and approaches that challenge traditional business dynamics.

Whether you are a seasoned professional or early in career, getting a startup off the ground or steering a multinational organization, join us for an open discussion about challenge, leadership innovation, and empowerment. You may just hear an idea that sparks you, or contribute one that helps someone else!

An official RSVP for the EmpowerUs conversation is required.

Speakers

Ali Fenn

ITRenew, President

She oversees all revenue channels at ITRenew and leads strategy for the company’s Circular Cloud initiatives, including principally the development of modeling, analytics platforms, and new business and market development. Ali has been building enterprise and cloud technology companies... Read More →

Heather McGough

CEO & Co-Founder, Lean Startup Co.

She aims to transform the way people think and work in the 21st century by empowering individuals and organizations with modern management education specifically designed for a fast-moving world. The first seven years of her career were spent in the nonprofit sector which still influences... Read More →

Tuesday August 18, 2020 17:15 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Experiences

17:45 CEST

Towards a Standardized Application Definition Model for Kubernetes - Phil Prasek, Upbound & Sudhanva Huruli, Microsoft

With multiple Kubernetes application models emerging to capture the complex set of cloud resources and their connectivity, how do these approaches stack up and is there a path towards a standardized Kubernetes application model that becomes the unit of scheduling across clusters, regions, and clouds?

In this talk we’ll explore two emerging application models: the KubernetesApplication in Crossplane (a multi-cloud control plane) and the Open Application Model (OAM) from Microsoft and Alibaba. We’ll provide an overview of strengths and opportunities of each approach and directions towards converging around a standardized application model as part of the newly formed CNCF SIG: sig-app-delivery.

Speakers

Sudhanva Huruli

Program Manager, Microsoft

Sudhanva is a Program Manager at Microsoft working on the Azure Container Compute team. He is a maintainer on the Rudr repository and frequent contributor to the Open App Model. His focus is building tools that makes it easy for developers and operators to build and manage cloud native... Read More →

Phil Prasek

Principal Product Manager, Upbound

Phil is a Principal Product Manager at Upbound where he is working on advancing cloud-native computing by building a more open cloud. Phil previously led the definition of the Chef Enterprise Automation Stack (EAS), was a founder at QuattroLabs where he built a bare-metal cloud service... Read More →

kubecon eu 2020 std app model for k8s FINAL pdf

Close Caption Transcript EQAJ 1216 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/JbhtR6VaVCM

17:45 CEST

Operating Enterprise Grade Kubernetes Clusters at Salesforce on Bare Metal - Anubhav Dhoot & Mayank Kumar, Salesforce

Many enterprises today don’t have the luxury of public cloud managed offerings, or VM’s in their private data centers. In the absence of these, it’s challenging to operate enterprise grade Kubernetes clusters and manage it seamlessly.

We will talk about specific challenges in bringing up a highly available kubernetes cluster on bare metal, securing it, upgrading it, monitoring it 24/7, and doing all of that using Puppet, while maintaining SLA for our customers.

We will cover a lot of lessons learnt in managing a fleet of 2600+ hosts across 20 + data centers over the last 4 years, including battle stories like dangers of etcd initial-cluster-state config, hairpin networking issues, and setting up service accounts with key rotation.

While we are well on the path to using managed K8s offerings in Public Cloud, this will be a cautionary tale for teams managing their own k8s clusters.

Speakers

Mayank Kumar

Software Engineering Architect, Salesforce

Mayank is an Architect at Salesforce who is passionate about building large scale and self healing distributed systems and policy based container management solutions, with a wide range of experience at Microsoft and Cisco. He is an active contributor to open source projects like... Read More →

Anubhav Dhoot

Senior Director Of Engineering, Salesforce

Anubhav is a Senior Director of engineering and is responsible for the Kubernetes based micro service platform team used by Salesforce engineering teams. He has experience building large scale systems at Microsoft as well as in open source as a committer in Hadoop for Yarn cluster... Read More →

Close Caption Transcript XYOM 5740 txt

Operating enterprise grade Kubernetes clusters at Salesforce Kubecon Amsterdam 2020 pdf

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/-7zPkznKWCs

17:45 CEST

How We Migrated Our Monolith to K8s and Became a High Performing Team - Mauricio Salatino, Camunda/LearnK8s & Tracy Miranda, CloudBees

Migrating your existing architecture from a monolith to microservices is a challenging task. Not only the technology landscape is different and overwhelming, but you also need a solid plan to bring the rest of the team along in the journey.

This talk shares our real-life journey and the lessons learned from migrating a monoliths open-source project to microservices while adding in CI/CD best practices. We looked at specific best practices from the Accelerate book and show how those became reality within our team.
The focus of this is:
- Best practices for refactoring monoliths into microservices
- Understanding how you can leverage tools such as Kubernetes, Helm, Jenkins X, and Zeebe to develop cloud-native applications
- Pitfalls you should avoid and how you can learn from our mistakes

Speakers

Mauricio Salatino

OSS Software Engineer, Diagrid

OSS Software Engineer @Diagrid working on @DaprDev and @KnativeProjectKnative Steering Committee member for the Knative Project, Knative Functions Co-Lead, and working on the Dapr.io project at @Diagrid. Manning Book Author: Continuous Delivery for Kubernetes. Previously I worked... Read More →

Tracy Miranda

Executive Director, Continuous Delivery Foundation, The Linux Foundation

Tracy Miranda is the executive director of the Continuous Delivery Foundation (CDF) where she leads the mission to improve the world's capacity to deliver software with security and speed. Prior to CDF, Tracy was the Director of Open Source at CloudBees. Tracy is a veteran of the... Read More →

Close Caption Transcript YRMF 7883 txt

Aug18 How we migrated our Monolith to K8s and became a high performing team pptx

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/RbGy4oK_0qw

17:45 CEST

Developing the Kubernetes Python Client - Scott Lee, Facebook

The Kubernetes Python client allows users to programmatically interact with clusters using the Python language. With Python being one of the most popular programming languages, the Python client provides a way for those unfamiliar with Golang to still reap the benefits of a code interface to Kubernetes. This session will cover the repositories and resources that are used to generate the Python client and dive into examples of how the client is used.

This talk will also cover how to get involved as a contributor to the Python client by covering processes and resources.

Note: Brendan Burns gave a talk titled "!go, Interacting with and Extending Kubernetes in a Polyglot World" but it covered Kubernetes clients generally while this talk is specifically about the Kubernetes Python client and dives deeper into the nuances of the client and how to get involved as a contributor.

Speakers

Scott Lee

Systems Engineer, Facebook

Scott Lee is a contributor to the Kubernetes project, mainly to the Kubernetes Python client. He also contributes to Kubeflow test infra.

DevelopingTheKubernetesPythonClient Kubecon2020EU pdf

Close Caption Transcript FRNY 9247 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/HRN3mWymA34

17:45 CEST

A Hard Multi-tenancy Solution: Use Case, Challenges and Work - Xiaoning Ding & Qian Chen, Futurewei

Multi-tenancy enables multiple organizations or teams to share the same cluster. There are different proposed multi-tenancy models in Kubernetes for different use cases, from soft-tenancy models where tenants trust each other to hard-tenancy models with no trust among tenants.

In this session, Xiaoning and Qian will share their use case of multi-tenant Kubernetes, where they share clusters with public cloud users. There is no trust among these users and a strong isolation among tenants is a must. They will talk about the use case, challenges, work, and also experience and lessons they learned from building such a hard multi-tenant cluster. And they will conclude the talk with a demo.

Speakers

Qian Chen

Sr.Staff Software Engineer, Futurewei

Qian Chen is a staff cloud development engineer in Futurewei Technologies. Right now she is working on the multi-tenancy project in Kubernetes. She has been working as a software developer in Microsoft and Amazon. She has a Ph.D degree from National University of Singapore.

Xiaoning Ding

Sr.Principal Architect, Futurewei

Xiaoning Ding is a senior principal architect and a senior director in Futurewei Technologies. He is leading the research and development projects about cloud infrastructure, including large-scale computing clusters, container technology and cloud networking. Xiaoning previously worked... Read More →

Close Caption Transcript AFSQ 0086 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Customizing + Extending Kubernetes

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/x5E1hBtdE8w

17:45 CEST

Building Docker Images with Cloud Native Buildpacks - Ben Hale, VMware & Terence Lee, Salesforce

In today’s cloud-native world, Docker Images are the lingua franca for platform portability. Unfortunately creating great, secure, and efficient images can be difficult and time consuming. In this talk, you'll learn about Cloud Native Buildpacks, a high-level abstraction for building application images. Buildpacks are a standardized tool for creating images in a secure, reproducible, and efficient manner. As an application developer, you don't need to know the best practices for command ordering to optimize layer reusability. As an operator, you will minimize the security hazards developers my introduce. Come learn how buildpacks meet developers at their source code, automate the delivery of both OS-level and application-level dependency upgrades, and help you efficiently handle day-two operations.

Speakers

Ben Hale

Technical Lead, VMware

Ben Hale is the Technical Lead for the VMware Tanzu® Application Platform™. Ben has long worked in open source communities including being a long-time member of the Spring team and founding the Cloud Native Computing Foundation Cloud Native Buildpacks, Service Binding for Kubernetes... Read More →

Terence Lee

Principal Languages Engineer, Salesforce

Terence co-created buildpacks in 2011 at Heroku. Since then, he's owned the Ruby experience which has lead to work as the maintainer of Bundler, joining the Ruby core team, and the Ruby security team. Now, he works across all 6 supported languages on the platform.

KubeConEU 2020 pdf

Close Caption Transcript ONQJ 3825 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/qoM3tLlcdfs

17:45 CEST

CloudEvents - v1.0 and Beyond - Discovery/Subscriptions - Doug Davis, IBM & Clemens Vasters, Microsoft

With the release of CloudEvents v1.0 the project has now expanded its scope to consider other potential pain points for the community. To that end, the group is focusing on Event Discovery and Subscriptions APIs in the hopes of reducing the friction of discovering which events are available from Event Producers as well as how someone can subscribe to those receive those events. In this session we'll quickly summarize, and review, the status of CloudEvents and then jump into the goals, design and status of the new Discovery and Subscription APIs specification being developed.

Speakers

Doug Davis

PM Microservices, Microsoft

Doug is currently focusing on improving the developer experience for cloud native computing in Azure Cloud. He’s been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker, Kubernetes... Read More →

Clemens Vasters

Principal Architect, Microsoft

Clemens Vasters is Lead Architect in Microsoft’s Azure Messaging team that builds and operates a fleet of hyper-scale messaging services, including Event Grid, Service Bus, and Event Hubs. Clemens represents Microsoft in messaging standardization in OASIS (AMQP) and CNCF (CloudEvents... Read More →

KubeCon 2020 CloudEvents pdf

Close Caption Transcript DPPR 4286 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/SrUR-XnnrHA

17:45 CEST

CNCF Research User Group - Eduardo Arango, Red Hat & Bob Killen, University of Michigan

Interested in improving the Research experience with Kubernetes, or simply running research workloads on it? The CNCF Research User Group’s purpose is to serve as a focal point for the discussion and advancement of Research Computing using “Cloud Native” technologies. Since the group’s inception 6 months ago, key areas have been identified as gaps within the ecosystem. This session would serve as an opportunity to share with a broader audience some of the key challenges the Research-user-group has identified, and showcase project updates on key tools that the research community is developing to address these challenges. For more information visit: https://github.com/cncf/research-user-group

Speakers

Bob Killen

Program Manager, Google

Carlos Eduardo Arango Gutierrez

Senior Software Engineer, Red Hat

Eduardo is a senior performance engineer at Red Hat, working on the OpenShift performance & latency sensitive applications. Eduardo is also a Computer Science PhD student at Universidad del Valle, Cali, Colombia, working on containerized distributed systems for research computing... Read More →

Close Captioning Transcript KPPT 7612 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/ryvjz_elPGk

17:45 CEST

Intro to gRPC - Abhishek Kumar, Google

gRPC is a modern, open source remote procedure call (RPC) framework that can run anywhere. Distributed systems and client-server applications are built using gRPC because it provides simple abstractions for application-layer communication, coupled with a broad and powerful feature set. A wide range of languages and platforms are supported by gRPC. Join us for this session to hear about the gRPC project, how you can use it in your applications, and how to get involved as a contributor or maintainer!

Speakers

Abhishek Kumar

Student

Close Caption Transcript VKWW 8999 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/n03sULIafeo

17:45 CEST

Introduction to containerd - Phil Estes, IBM & Derek McGowan, Docker

Join containerd maintainers and learn how containerd is an improvement to one of the most fundamental parts of the container ecosystem. They will discuss the latest updates to the containerd project as well as how it is being used by Kubernetes and other container systems. Come dive into what containerd is, how it is different from other runtimes, and how it is built. The agenda includes an introduction to the containerd project, the architecture of containerd, and upcoming features in containerd 1.4.

Speakers

Derek McGowan

Software Engineer, Apple

Maintainer of containerd since 2016, focusing primarily on image distribution, registries, overlay filesystems, and core architecture. A member of the OCI ("Open Container Initiative") Technical Oversight Board since 2019.

Phil Estes

Principal Engineer, AWS

Phil is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS.Phil is currently an active contributor and maintainer for the CNCF containerd runtime project, and participates in the... Read More →

2020 Kubecon EU Introduction containerd pdf

Close Caption Transcript JTHK 4384 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/q0xt_JrJiIg

17:45 CEST

Kubernetes VMware User Group Intro: Best Practices for Running on VMware - Steven Wong & Myles Gray, VMware

This will be an inaugural presentation by organizers and members of the recently formed Kubernetes VMware User Group. This group addresses running all forms of Kubernetes on VMware infrastructure. Come to this session if you want to meet other users, along with those who develop, test and support running K8s on vSphere and desktop hypervisors. This group is also here to support those building/using cluster installation tooling for VMware hypervisors. Agenda: - Intro to the vSphere cloud provider and related storage plugins - Recent features/changes: What are they? How to use them? - Running Kubernetes on "desktop" hypervisors - How to get involved in the User Group

Speakers

Steve Wong

VMware

Steve Wong has been active in the Kubernetes community since 2015. He is a co chair of the CNCF Working Group. Steve is co-chair of the VMware User Group on the Kubernetes project. He has implemented industrial control systems for many factories, pipelines, and process control systems... Read More →

Myles Gray

Staff Technical Marketing Architect, VMware

Kubernetes VMware User Group Europe KubeCon Virtual 2020 pdf

Close Caption Transcript EHHH 7078 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/VJ5FK-QrtHY

17:45 CEST

Save Your Services from Sneaky Snoops With SPIFFE? - Daniel Feldman, Scytale

Lurking inside almost every cloud native project is a hidden threat: hardcoded credentials for services like external APIs and databases. While these credentials can be set to long random strings and encrypted, they still can be stolen by an intruder or accidentally misused by insiders. In this talk, we’ll demonstrate how to use CNCF’s SPIFFE and SPIRE Projects to securely authenticate to workloads such as PostgreSQL, MongoDB, and AWS from inside your services, all without any hardcoded credentials -- eliminating an entire class of security vulnerabilities while decreasing your work as a DevSecOps team.

Speakers

Daniel Feldman

Software Engineer, HPE

Daniel Feldman works on SPIRE and other open-source security at Hewlett Packard Enterprise.

daniel feldman kubecon europe 2020 spiffe pdf

Close Caption Transcript BSLJ 6859 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/SBeQ20Xot7o

17:45 CEST

Scaling Prometheus: How We Got Some Thanos Into Cortex - Thor Hansen, HashiCorp & Marco Pracucci, Grafana Labs

Cortex is a long term storage for Prometheus, designed for scalability, multi-tenancy and high-availability. It can reliably ingest and query millions of time series per second with sub-second latency. The current storage design uses a NoSQL store to index series and an object store for compressed time series data - two dependencies, and one with significant cost implications. In this talk we will show the new experimental Cortex blocks storage, based on Thanos and Prometheus TSDB, aiming to reduce the Cortex operational cost without compromising scalability and performances. We’ll cover the trade-off between the standard chunks storage and the new blocks storage, and share lessons learned running Cortex at scale. Cortex is a CNCF sandbox project.

Speakers

Marco Pracucci

Principal Engineer, Grafana Labs

I love challenges, building products, distributed systems and all things observability. Cortex maintainer. Grafana Loki and Thanos contributor.

Thor Hansen

Software Engineer, Hashicorp

I'm a software engineer at Hashicorp. I love all things open source, distributed systems, corgis, and metrics and observability. Cortex contributor.

2020 08 KubeCon EU Cortex blocks storage pdf

Close Caption Transcript OSEY 0460 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/Z5OJzRogAS4

17:45 CEST

Network Isolation and Security Policies for Kubernetes Bare-metal Nodes - Girish Moodalbail, NVIDIA & Liel Shoshan, Mellanox

Running Kubernetes at scale in a multi-tenant Cloud requires strong network isolation and flexible stateful security policy enforcement for the bare-metal nodes used for both the tenant K8s clusters as well as in the Cloud control plane. Such isolation and security needs to be implemented in a way that consumes as little host resources as possible, while being immune to potentially malicious host root user. Additionally, the preferred implementation needs to be compatible with a high-performance (offloaded) K8s CNI. This presentation provides an overview of such an implementation for Software Defined (SDN) K8s node networking, based on Open Virtual Network (OVN) and Open vSwitch (OVS)) and offloaded to “bump-in-the-wire” Smart NICs .

Speakers

Girish Moodalbail

Principal Software Engineer, NVIDIA

Girish Moodalbail is a Principal Software Engineer at Nvidia Inc. Girish is responsible for building Kubernetes based GPU compute for gaming with low-latency, high-throughput, reliable, scalable, and secure networking build using OVS, OVN, and Smart NICs.Girish has over 15 years of... Read More →

Liel Shoshan

Senior Architect, Mellanox

Liel Shoshan is a senior SW architect at Mellanox Technologies. Ms. Shoshan is responsible for software and system architecture of cloud related networking solutions in the areas of Kubernetes and Open Vswitch (OVS), with emphasis on Single Root I/O Virtualization (SR-IOV), SDN, DPDK... Read More →

Close Caption Transcript ZDKZ 8899 txt

Aug18 Network Isolation And Security Policies For Kubernetes BareMetal Nodes Girish Liel pdf

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/AjEgSUN1aYw

17:45 CEST

Tracing is For Everyone: Tracing User Events with GraphQL and OpenTelemetry - Nina Stawski, Splunk

There's been a lot of talk about the importance of observability and tracing for microservice-based applications. The use cases involved are focused on backend engineers and DevOps. But what about us front-end engineers? Often, we get blamed first when something breaks and the lack of consistent observability tools makes it difficult to debug issues.

With the emergence of OpenTelemetry for JavaScript, more front-end developers are looking to instrument their code and connect their traces with the backend. A growing number of teams are adopting GraphQL as their interface between UI and backend as well. This talk will illustrate the process of setting up your app for tracing with OpenTelemetry, show what’s common in GraphQL instrumentation compared to other libraries and describe the potential pitfalls of the approach. Building on that, we will discuss how tracing affects user experience.

Speakers

Nina Stawski

Senior Software Engineer, Splunk

Nina currently works as a Senior UI/UX Engineer, building the enterprise-grade distributed tracing and observability platform as a part of the front-end team at Omnition. Previously she was the Expert Developer / Team Lead at SAP Conversational AI, and the Head of UI/UX and Front... Read More →

August 18 Tracing is For Everyone Tracing User Events with GraphQL and OpenTelemetry pptx

Close Caption Transcript EARP 4754 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Observability

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/8Ldp9w8wm-U

17:45 CEST

Running K3s, Lightweight Kubernetes, in Production for the Edge and Beyond - Darren Shepherd, Rancher

Within the short year since announcing k3s, the CNCF certified lightweight Kubernetes distribution, users have quickly put k3s into production in edge, on-premises, cloud, and pipeline use cases. In this presentation Darren Shepherd, the creator of k3s, will cover different strategies of running k3s and how they map to different use cases. Use cases range from thousands of clusters on the edge, to fast ephemeral clusters to power your pipeline, to running AI workloads, and much more.

Speakers

Darren Shepherd

Co-founder and CTO, Rancher Labs

Darren Shepherd is a co-founder and the chief architect at Rancher Labs where he has led the development and creation of numerous open source software projects such as k3s, RancherOS, Longhorn, and Rio. His goal is to provide the container industry with reliable tools that ease deployment... Read More →

K3s In Production KubeCon EU 2020 pptx

Close Caption Transcript NFWC 0466 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/aR12Oij4CYw

17:45 CEST

The Kubernetes Bug Bounty Program - What Researchers and Users Need to Know - Taahir Ahmed, Google & Reed Loden, HackerOne

In January, Kubernetes launched a bug bounty program (BBP), creating a centralized way for security researchers to report vulnerabilities they find in products in exchange for monetary rewards. Just as many organizations support open source by hiring developers, paying bug bounties directly supports security researchers. The Kubernetes BBP is particularly interesting as it’s still rare for a large scale, open-source infrastructure project to have a public BBP.

In this talk, we’ll cover what a BBP is and what it means for Kubernetes. We’ll cover vendor selection for the bug bounty, defining the scope and rewards, learnings from the private beta, and what you need to know as a researcher and user today. We’ll also reiterate how the Product Security Committee responds to new vulnerabilities, so you know what’s being done to keep clusters safe.

Speakers

Reed Loden

VP of Security, Teleport

Reed Loden is the Vice President of Security at Teleport, a technology company that helps organizations securely access their infrastructure. He is an information security expert, researcher, hacker, and developer. Reed bring over 15+ years of security experience to his role at Teleport... Read More →

Taahir Ahmed

Software Engineer, GKE Security, Google

Taahir Ahmed is a Software Engineer with the GKE Security team in Google Cloud. He is an active contributor to Kubernetes, as well as other open-source projects. Prior to his work on GKE, he worked on software and security certification at Amazon.

August 18 The Kubernetes Bug Bounty Program What Researchers and Users Need To Know pdf

Close Caption Transcript DYJG 9535 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/UUXq7wOxyxI

17:45 CEST

It’s a Polyglot World of Stateless Functions and Stateful Actors - Yaron Schneider & Aman Bhardwaj, Microsoft

Serverless applications are becoming dominate, but all too often they fall short by only supporting stateless functions, when most applications are polyglot in nature and combine both stateless and stateful services. What’s more when you write code, it's not portable across different clouds and hosting platforms. In this session we will dive into the Distributed Application Runtime, Dapr, an open source, vendor neutral project that has gained community attention as it enables developers to combine highly portable, stateless functions and stateful actors using any language or developer framework of their choice. With built in state management, distributed tracing based on Open Telemetry and pub/sub based on Cloud Events you can take advantage of Dapr to build highly available serverless applications that run on any cloud.

Speakers

Aman Bhardwaj

Principal Engineering Manager, Microsoft

Aman is a principal engineering manager working with Azure Container Compute team building programming models for distributed microservices applications and is an OSS advocate. He has built several actor developer frameworks in different language that have enabled developers to build... Read More →

Yaron Schneider

Principal Software Engineer, Microsoft

Yaron is a principal software engineer working on OSS technologies in the Azure incubations team. He is a core maintainer on the Distributed Application Runtime, Dapr https://github.com/dapr and the KEDA https://github.com/kedacore/keda projects. Yaron likes to write lots of code... Read More →

Close Caption Transcript BKBO 2366 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Serverless

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/cut8YazrUhM

17:45 CEST

Envoy, Take the Wheel: Real-time Adaptive Circuit Breaking - Tony Allen, Lyft

Modern service mesh deployments are equipped with hundreds of tunables, such as timeouts and circuit breakers. Finding ideal initial values requires deep technical expertise. Workloads change over time, requiring regular effort to re-tune stale parameters. As a consequence, configuration errors have become a source of operational toil and one of the major causes of system failures across the industry. The service mesh should aim to expose a minimal configuration surface by dynamically adjusting parameters based on observations.

Tony Allen will provide a deep-dive into how Envoy’s Adaptive Concurrency Control feature dynamically tunes circuit breaker thresholds using real-time sampling of request latencies, removing the need for periodic adjustment. He will also discuss lessons learned deploying the feature to Lyft’s production service mesh.

Speakers

Tony Allen

Software Engineer, Lyft

Tony is a software engineer and Envoy contributor at Lyft. Most of his Envoy work deals with resource management and load shedding.

Close Caption Transcript OVHG 8750 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Service Mesh

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/CQvmSXlnyeQ

17:45 CEST

Meet the Maintainer: Linkerd

Tuesday August 18, 2020 17:45 - 18:45 CEST
Virtual Project Pavilion - Zoom Room 2

Meet the Maintainers

18:30 CEST

Using Kubernetes to Make Cellular Data Plans Cheaper for 50 Million Users - Chandrasekhar Reddy Dodda, Mirantis & Amar Padmanabhan, Facebook Connectivity

A year ago, the CNCF Telecom User Group envisioned NFVi architecture where K8s replaces OpenStack as the virtual infrastructure manager. Today the first real-world use case of this has emerged, at an APAC telco with 50 million mobile subscribers.

The speaker will discuss the use case and technical implementation, where pure K8s based NFV infrastructure is used in production to run an open source evolved packet core. The system is designed to offload cellular data to WiFi and uses K8s to orchestrate all components of the packet core, including containerd pods and Virtlet pods running VMs. The talk will explain how Genie provides connectivity between various pods with multiple, different network interfaces per pod.

A demo will show how K8s powered NFVI makes it possible to seamlessly authenticate and roam between WiFi and LTE access points with no handover lag.

Speakers

Amar Padmanabhan

Lead Developer, Magma Project, Facebook Connectivity

Amar Padmanabhan is a lead developer on the magma project at Facebook.Prior to Facebook Amar led the controller implementation at Nicira which was subsequently acquired by VMware and has been involved in software networking for over a decade.Amar holds a masters from the University... Read More →

Chandrasekhar Reddy Dodda

Senior DevOps Engineer, Mirantis

Close Caption Transcript NOLR 6313 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/NHA83MTxxo4

18:30 CEST

State of Kubernetes in Africa - Tunde Oladipupo, Independent & Tunde Olu-isa, VMware

As Kubernetes adoption proliferates across different continents, we want to present the state of enterprises’ and startups’ adoption of Kubernetes in African countries. We will highlight the unique set of challenges that they face during migration to Kubernetes. These enterprises are looking for ways to improve and optimize infrastructure, and adopt cloud-native technologies. Startups want to build innovations on cloud-native architecture for rapid prototyping of their products, quick scalability as their businesses grow, and cost-saving on infrastructure.

In this talk, we will share the factors enabling and hindering the adoption of Kubernetes, community presence and its growth in Africa. We will share how people are contributing to Kubernetes and highlight some of the challenges they face in their journey.

Speakers

Tunde Olu-isa

Managing Consultant, Oteemo

Tunde is currently the Chief Architect at the Department of Defense, Platform One, and Managing Consultant at Oteemo. Tunde worked at VMware, Heptio, and IBM. Tunde brings a range of experience in Enterprise IT, having worked at financial services institutions, SaaS companies, and... Read More →

Tunde Oladipupo

Kubernetes Consultant, Independent

Tunde Oladipupo is a Cloud Native Consultant and was the SIG-Release Docs Lead for 1.16. He has a keen interest in system reliability and observability. Also, Tunde is passionate about training students in universities in Africa on open source contributions and using technologies... Read More →

State of Kubernetes In Africa pdf

Close Caption Transcript SFPV 1619 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/h8o6oGfc39M

18:30 CEST

Easy, Secure and Fast - Using NATS for Data Streams and Services - Colin Sullivan, Synadia

Distributed systems architecture has been disrupted via decomposition as cloud technology has matured - we’ve seen a migration from monolithic applications to microservices coordinating across large scale deployments. This has created a need for flexible deployments, secure and transparent data sharing, multiple communication patterns, location transparency, and the decoupling of data producers and consumers. NATS is a cloud-native messaging project that addresses these needs. While cloud-native, NATS and can also run on-premise, edge and even endpoints. In this discussion, we'll introduce you to NATS: how NATS came to be, its DNA and cover some of the problems that it solves. We’ll describe common messaging patterns, when to use them, and design principles to create NATS enabled cloud-native applications. For more information be sure to follow this up with the NATS deep dive!

Speakers

Colin Sullivan

Product Manager, Synadia

Colin is the product manager of NATS. He has extensive experience developing messaging products and designing distributed systems. Prior to Synadia, Colin worked at a number of companies including Apcera and TIBCO software.

August 18 NATS Easy, Secure and Fast Using NATS for Data Streams and Services pdf

Close Caption Transcript OPSY 6955 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/-IuFNF7D4AE

18:30 CEST

Intro to the Kubernetes Code of Conduct Committee - Tasha Drew, VMware

Did you know that Kubernetes community has an elected Code of Conduct Committee? This session will explain what the committee does, how it is formed, and some of the things the group is working on. Additionally, the presenters will share some insights on why such a committee is so important for maintaining a healthy, inclusive open source project.

Speakers

Tasha Drew

Senior Director, xLabs, VMware

Tasha has been an innovative product leader in Silicon Valley for over a decade. She is Senior Director of xLabs in the Office of the CTO’s Advanced Technology Group at VMware. She is co-chair of the Kubernetes Working Group for Multi-Tenancy and co-chair of the Kubernetes SIG Usability... Read More →

Close Caption Transcript UGCR 5234 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/_TDqY2YiLlQ

18:30 CEST

Intro: Linkerd - William Morgan, Buoyant

In this session, William Morgan will provide an introduction to Linkerd, the CNCF's service mesh project. Linkerd features blazing fast performance, an ultralight footprint, a Kubernetes-native design, and open governance. You'll learn what it does, why it's useful, differences with other service meshes, and finish with a brief Q&A.

Speakers

William Morgan

CEO, Buoyant

William Morgan is the CEO of Buoyant. Prior to founding Buoyant, he was an infrastructure engineer at Twitter, where he ran several teams building on product-facing backend infrastructure. He has worked at Powerset, Microsoft, adap.tv, and MITRE Corp, and has been contributing to... Read More →

Close Caption Transcript YKSD 5019 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/PxRAis8afAU

18:30 CEST

Jaeger Intro - Yuri Shkuro, Uber

This session is an introduction to Jaeger and distributed tracing. We will do a demo of the current Jaeger features, talk about the roadmap, and finish with a Q&A. After this session the attendees should better understand how Jaeger fits in the observability space for cloud native applications. For more information on the project everybody is welcome to attend the Jaeger Deep Dive Session.

Speakers

Yuri Shkuro

Software Engineer, Uber Technologies

Yuri Shkuro is a software engineer at Uber Technologies, working on distributed tracing, observability, reliability, and performance problems; author of the book ["Mastering Distributed Tracing"](https://www.shkuro.com/books/2019-mastering-distributed-tracing/); creator of Jaeger... Read More →

2020 KubeCon EU Jaeger Intro Part1 pdf

2020 KubeCon EU Jaeger Intro Part2 pdf

Close Caption Transcript QZKS 5204 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/UNqilb9_zwY

18:30 CEST

KubeEdge: Kubernetes Native Edge Computing Framework (Intro) - Yin Ding, FutureWei

KubeEdge is an open source edge computing framework that extends the power of kubernetes from central cloud to edge. It provides application management and service communication across cloud and edge sites, device management for multiple IoT/Edge device communication protocols with lightweight implementation. During this talk, Kevin and Jie will review KubeEdge motivation, architecture; then go through latest updates on new features and user adoptions. After that Kevin and Jie will introduce where the project is heading to and how new contributors to get involved. There will be an open Q&A for attendees to ask questions.

Speakers

Yin Ding

FutureWei

Close Caption Transcript BFEK 9611 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/Y6StZUBABdk

18:30 CEST

Kubernetes IoT Edge Working Group: Applications at the Edge - Cindy Xing, Microsoft & Steve Wong, VMware

This session will address unique considerations of edge applications. Edge workloads on Kubernetes can vary from: - Simple IoT solutions over Raspberry-pi - Video processing, image recognition, or machine learning apps on embedded device or server - Complicated industrial IoT or Teleco solutions requiring high availability, security, and reliability We will survey how edge impacts best practices of app development and operational management - and how Kubernetes and other related open source tools can be utilized for edge workloads. Agenda - Characteristics and requirements of different Edge Applications - Language / runtime considerations - Operational considerations with Kubernetes - App development, build, packaging and CI / CD considerations - Available tooling - How to get involved in the IoT Edge Working Group

Speakers

Steve Wong

VMware

Cindy Xing

Principal Software Engineering Manager, Microsoft

Cindy Xing has over 15 years of working experience on building large scale distributed cloud and enterprise products. She initiated/led the KubeEdge project and has been the co-chair of Kubernetes IoT/Edge working group. Cindy is currently working on Azure IoT and especially interested... Read More →

Kubernetes IoT Edge Europe KubeCon Virtual 2020 pdf

Close Caption Transcript YLLU 0414 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/brMhQ0C03RI

18:30 CEST

Open Policy Agent Introduction - Rita Zhang, Microsoft & Patrick East, Styra

Come to this session to learn about the Open Policy Agent (OPA) project. OPA is a general-purpose policy engine that solves a number of policy-related use cases in Kubernetes and the wider cloud native ecosystem. During this session the OPA maintainers will introduce the project and then provide updates on the latest and greatest features to land in OPA and OPA Gatekeeper.

Speakers

Rita Zhang

Principal Software Engineer, Microsoft

Rita Zhang is a software engineer at Microsoft, based in San Francisco. She leads the Azure Container Upstream team building features for Kubernetes upstream and various CNCF projects. Rita is a Kubernetes SIG Auth co-chair, a maintainer of the Secrets Store CSI Driver project, and... Read More →

Patrick East

Senior Software Engineer, Styra

Close Caption Transcript AGXY 6747 txt

OPA+Gatekeeper Intro & Update KubeCon EU 2020 pdf

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/tGVxKU5jRHY

18:30 CEST

Scaling Kubernetes Networking Beyond 100k Endpoints - Rob Scott & Minhan Xia, Google

As Kubernetes continues to grow, scalability is increasingly important. One of the key bottlenecks that emerged as clusters got larger was related to network endpoints. They became quite slow at scale, and had limitations preventing them from growing beyond approximately 5,000 endpoints per Service.

In this talk, Rob will show how the scalability of network endpoints has been dramatically increased in Kubernetes. He’ll cover the design and implementation of EndpointSlices, along with the impact they’ve had. He’ll walk through the process of profiling key components in the Kubernetes codebase to identify areas that could be optimized. Finally, he’ll show how all this work has improved Kubernetes network scalability, including real world performance metrics from large clusters with over 100,000 endpoints.

Speakers

Minhan Xia

Software Engineer, Google

Minhan Xia has been a member of Kubernetes networking team at Google since K8s 1.0 2015. He has contributed to various aspects of K8s networking, including pod networking, K8s service and K8s ingress.

Rob Scott

Software Engineer, Google

Scaling Kubernetes Networking Beyond 100,000 Endpoints pdf

Close Caption Transcript ROXO 5773 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/a6SfbeM06Qo

18:30 CEST

Observability at Scale: Running OpenTelemetry Across an Enterprise - Jonah Back & Kranti Vikram, Intuit

Observability has been a huge topic of interest in the software industry over the last few years. One of the major components in observability is distributed tracing. Tools like Jaeger, Zipkin, OpenCensus, and OpenTelemetry have made it really easy to get started. Less easy, however, is getting your tracing infrastructure to a place where it can be fully leveraged across hundreds, if not thousands, of services.

This talk will cover Intuit's experience deploying tracing infrastructure using Kubernetes, Jaeger, and OpenTelemetry. It will cover a few key areas in Intuit's journey to running a highly available, multi-region tracing solution.

1) Scaling ElasticSearch to support 500M+ traces per day.
2) Secure, automated on-boarding of OpenTelemetry agents to central collectors
3) Leveraging open-source libraries to provide high quality trace data, enhanced with domain-specific attributes

Speakers

Kranti Vikram

Staff Software Engineer, Intuit

Kranti Vikram is a software engineer with microservice expertise who enjoys dealing with problems that are challenging both in their functional, non-functional requirements and focus on tackling problems related to scale, security and performance. Currently, contributing to openzipkin... Read More →

Jonah Back

Principal Software Engineer, LegalZoom

Jonah Back is a Principal Software Engineer at LegalZoom

Observability at Scale pptx

Close Caption Transcript YZUK 9809 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Observability

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Dswj-nPy_Fs

18:30 CEST

Zero Database Downtime with etcd-operator - Tyler Lisowski & Kodie Glosser, IBM

Zero downtime upgrades, multi availability zone redundancy, automatic instance recovery, periodic backups, and restores in the case of disaster scenarios are all possible when you automate etcd operations with the Etcd-operator. This talk will walk through a live example of a multi availability zone etcd cluster managed by Etcd-operator and how Etcd-operator automates database administration tasks. We will visually step through how these operations are executed by Etcd-operator and how attendees can integrate it into their existing architectures to eliminate downtime and drastically reduce the time they spend on database administration tasks.

Speakers

Kodie Glosser

Software Developer, IBM

Kodie Glosser is a Software Engineering Developer at IBM. Kodie first started at IBM as a Site Reliability Engineer, monitoring and managing over 3000 OpenStack customer instances globally for 1.5 years. When IBM Cloud Kubernetes Service (IKS) launched in 2017, Kodie transitioned... Read More →

Tyler Lisowski

Lead Architect, IBM

Tyler Lisowski is the lead architect of IBM Cloud Satellite. He brings Cloud technologies where clients need it with the controls they require. He optimizes how regulated clients manage global technology fleets at the edge, on premise, and in public cloud environments. He unlocks... Read More →

Close Caption Transcript HVZV 4111 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/Za9RkS42nbU

18:30 CEST

Improving the Performance of Your Kubernetes Cluster - Priya Wadhwa, Google

Ever wonder if your Kubernetes cluster could be more performant? Most users of Minikube, a tool to run Kubernetes locally, have; in fact, improved performance has been one of the most requested features since the project began. In this talk, Priya Wadhwa will discuss how we tackled reducing the start latency and CPU overhead of a Kubernetes cluster.

You will walk away with knowledge of frameworks and tools to identify where performance issues exist in your own cluster. We’ll cover how we used these tools to identify where overhead was coming from and how we came up with solutions to reduce it, all while maintaining a great user experience.

Speakers

Priya Wadhwa

Software Engineer, Chainguard

Priya Wadhwa is a software engineer at Chainguard, where she works on a variety of open source projects with the goal of improving software supply chain security. She is a member of the Sigstore TSC and a maintainer of the Tekton Chains project. She's passionate about making security... Read More →

Improving the Performance of your Kubernetes Cluster pdf

Close Caption Transcript FXET 8606 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Performance

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/tvreJem3xIw

18:30 CEST

Hey, Did You Hear About This New CVE? - A Vulnerability Response Playbook - Andrew Lytvynov, Independent & Alexandr Tcherniakhovski, Google

Kubernetes provides a lot of great ways to harden the security of your infrastructure. But despite how much you have it locked down, things will inevitably go wrong. Hope is not a strategy, so you need a contingency plan.
In this prescriptive talk, you will learn how to prepare for complex vulnerabilities (like the Intel speculative execution or Go HTTP/2 DoS vulnerabilities), mitigate them and clean up afterwards. We’ll share our experiences with the GKE fleet, dealing with newly announced vulnerabilities, and lessons learned balancing both security and reliability of workloads.
You will learn how to develop a response playbook for vulnerabilities. You will also learn about the tools that Kubernetes provides to help make your vulnerability response less hectic, such as audit logs, network policies and RBAC.

This talk will not cover live attacks (attackers in your infrastructure).

Speakers

Alexandr Tcherniakhovski

Engineer, Google

Alex is a Security Engineer at Google, working on Kubernetes Engine Security team. Alex focuses on the encryption at rest features of Kubernetes. Alex also an owner of encryption of rest feature in Kubernetes. Before Google, Alex worked at Microsoft in various security roles. Outside... Read More →

Andrew Lytvynov

Software Engineer, Independent

Hey, Did You Hear About This New CVE pdf

Close Caption Transcript ELYS 1523 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Mi9t62vAXu0

18:30 CEST

Mutual TLS Adoption Made Simple, Safe and Secure - Lizan Zhou, Tetrate & Jianfei Hu, Google

Rolling out mutual TLS to service meshes is challenging. In the real world, service mesh adoptions are incremental. Services deployment are heterogenous, consisting of workloads with or without sidecar, able or unable to speak mutual TLS, on both client and server side. Coordinating the mutual TLS rolling out with service mesh adoption is hard.

In this talk, Jianfei and Lizan will explain the lessons learned from the last several years experience. Specifically, we walk through Envoy innovations to address the problem on both client and server side: TLS sniffing on the server side and per endpoint mutual TLS labeling mechanism on the client side. In the end, we show how these techniques combined together to offer a frictionless user journey to adopt mutual TLS safely.

Speakers

Lizan Zhou

Founding Engineer, Tetrate

Lizan Zhou is a Founding Engineer at Tetrate leading mesh backend team. He is a senior maintainer of Envoy and one of the core contributors of Istio. Previously he was working at Google Cloud, during his time at Google he worked on security and networking on Istio and Cloud Endpoints... Read More →

Jianfei Hu

Software Engineer, Google

Jianfei Hu is a Google software engineer, working on Istio. Since beginning, he's been working on improving mutual TLS adoption experience. Before that, he works on Google App Engine and Serverless products.

Mutual TLS Adoption pdf

Close Caption Transcript CXQG 7108 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Service Mesh

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/-20SUP6IWUs

18:30 CEST

Five Great Ways to Lose Data on Kubernetes (And How to Avoid Them) - Robert Hodges, Altinity LTD

Databases and stateful apps are gravitating rapidly to Kubernetes, so the sorrows of accidental data loss cannot be far behind. As long-time database engineers and authors of the ClickHouse Kubernetes operator, our team has seen lots of imaginative ways to lose data. We also learned how to prevent them.

The talk starts with standard high availability/disaster recovery models used in DBMS and demonstrates that classic ways to lose data are still alive and well on Kubernetes. We'll then pivot to Kubernetes-specific disasters-in-waiting, such as the PV that wasn't, affinity afflictions, and the dreaded fat fingers of fate. The talk will help instill a healthy sense of paranoia and give listeners tools to ensure their experiences with cloud-native data will be happy ones.

Speakers

Robert Hodges

CEO, Altinity

Robert Hodges is a data geek who has worked on or with 20 different DBMS types since 1983. He currently works on ClickHouse, a popular open source data warehouse. Besides databases, his technical interests including distributed systems, Kubernetes, and security. In his day job he... Read More →

Close Caption Transcript FBPY 1333 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Storage

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/zW7gLyPln3w

18:30 CEST

Meet the Maintainer: Cortex

Tuesday August 18, 2020 18:30 - 19:30 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

19:15 CEST

Songwriter Showcase + Meet & Greet with Michael Hicks + Band

Enjoy a private songwriter showcase performance by Michael Hicks followed by a live virtual meet + greet! Hicks is a unique blend of talent and humility which is rarely found in today’s emerging talent. As an artist, writer, and performer, Hicks is revered as one of the best in the diverse Funk and Soul music scene in Nashville and beyond. His Freshman album, This Is Life, highlights the talents of his writing ability, the moral message of his music, and the production talents of both himself and James Waddell. When he’s not writing and performing his own original music, Hicks is on the road touring the world with Blues icon, Keb’ Mo. International touring has lent him years of maturity that most young artists never get to experience. This interesting blend of influences and experiences have made him “the” artist to watch in Nashville.

Artists

Michael Hicks

Artist, Songwriter, Perfomer

Close Captioning Transcript DRRZ 4768 txt

Tuesday August 18, 2020 19:15 - 20:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Experiences

Link to Video Recording https://youtu.be/-d3kse2uYzs

19:15 CEST

Meet the Maintainer: Harbor

Tuesday August 18, 2020 19:15 - 20:15 CEST
Virtual Project Pavilion - Zoom Room 2

Meet the Maintainers

20:00 CEST

Meet the Maintainer: Helm

Tuesday August 18, 2020 20:00 - 21:00 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

12:30 CEST

Meet the Maintainer: Serverless Workflow Specification

Wednesday August 19, 2020 12:30 - 13:30 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

12:30 CEST

Expo Hall

Visit our sponsors in the virtual exhibit halls to try the latest demos, talk to experts, and score some swag.

Wednesday August 19, 2020 12:30 - 20:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

12:30 CEST

Sponsor Demo Theater

Cisco All Your Policies Are Belong To Us Cisco pdf

DataStax Cloud Native Cassandra Deploying on Kubernetes with cass operator pdf

HPE UTILIZING KUBERNETES Handout pdf

Wednesday August 19, 2020 12:30 - 20:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Expo Hall

13:00 CEST

Toolchains Behind Successful Kubernetes Development Workflows - L Körbes, Tilt

Kubernetes solved a lot of problems, but it created a clumsy development workflow: Every code change requires fiddling with containers, registries, and manifests. Managing config files isn't trivial. Distributed debugging; a mystery. Dev clusters are tricky to set up, and sharing cluster state among team-members is mostly fiction.

L Körbes, an expert in Kubernetes development tooling, outlines successful development workflows in three different settings: a very large enterprise, a small and agile startup, and a popular open source project.

L will share how they set up dev clusters, manage configs, automate the development feedback loop, share context across teams, debug, and, finally, deploy to production.

Learn how these teams made their Kubernetes dev workflows not only seamless, but amazing to use!

Speakers

Ellen Körbes

Developer Relations, Tilt

Ellen Körbes runs DevRel at Tilt and previously at Garden—two of the very few companies 100% focused on the development experience side of Kubernetes. Ellen got their start building Kubernetes CLI tooling under SIG-CLI. They've since spoken about Go and Kubernetes at many world-famous... Read More →

Toolchains v3 pdf

Close Captioning Transcript AGTL 8700 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/4YanEWCAPlk

13:00 CEST

How ABN AMRO Switched Cloud Providers Without Anyone Noticing - Mike Ryan, backtothelab.io & Laura Rehorst, ABN AMRO

People often talk about being cloud agnostic, but what actually happens when an enterprise with >3000 developers decides to switch cloud providers?

In this session Laura Rehorst (Product Owner, Stratus, ABN AMRO) and Mike Ryan (DevOps Consultant) will share the story of how ABN AMRO leveraged the power of Kubernetes to facilitate the transition between cloud providers, and explore the strategic benefits of adopting a cloud native posture at all levels of the organisation.

Laura and Mike will also delve into the practical side to demonstrate how tools such as Helm, OPA, and custom operators allowed the platform team to abstract away the differences between cloud providers, and the “compliant by default” approach that keeps their security and compliance teams smiling.

Speakers

Laura Rehorst

Product Owner, ABN AMRO

Laura is the two-times Dutch Boxing Champion and Product Owner for the Stratus Platform team, with responsibility for the delivery and operation of the cloud-native platform within ABN AMRO

Mike Ryan

DevOps Consultant, backtothelab.io

Mike is a DevOps Consultant specialising in automation and cloud native strategy. He is the author of AWS System Administration, and is currently designing and implementing ABN AMRO's Kubernetes platform.

Close Captioning Transcript DYSY 2193 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/i5HY-_TVnVI

13:00 CEST

When the Tekton Cat Misbehaves – Pitfalls, Mistakes, and Lessons Learned - Mark Nuttall, IBM

The Tekton project provides Kubernetes resources for declaring and launching CI/CD pipelines. You and your team's skills in working with Kubernetes can be applied directly to building and maintaining your CI/CD system. This is great once it's all set up and working - but a new kitten will sometimes misbehave! Tekton's design, and its Kubernetes-native implementation can make it fail in peculiar, distinctive ways. In this talk we'll show how Tekton can go wrong, explain why, and demonstrate how to fix it. We'll also use these failure modes to talk more generally about the strengths and weaknesses of Tekton's custom resource-based approach. We'll highlight the best methods and tools for debugging in this environment, and look forward to the key improvements needed - and planned - to raise a truly well-behaved CI/CD system.

Speakers

Mark Nuttall

Senior Software Engineer, IBM

Mark is a Senior Software Engineer with IBM Cloud. He currently leads a development team focussed on IBM's Hybrid and Cloud-Native DevOps offerings. He and his team are part of the Tekton project, with particular focus on the Dashboard, Triggers and Webhooks support. He's developed... Read More →

Close Captioning Transcript OTWA 8837 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/bFqNoiVlNNI

13:00 CEST

How to Work in Cloud Native Security: Demystifying the Security Role - Justin Cormack, Docker

Working in security can be intimidating and the shortage of people in the space makes hiring difficult. But especially in cloud native environments, security is something everyone must own. If you’ve ever asked yourself, “what does it take to work in security in a cloud native environment? How can you move into security from a dev or an ops position? Where should you start and what should you learn about?” then this talk is for you.

Justin Cormack, Security Lead at Docker and member of CNCF SIG Security will share his personal experience gradually moving from ops to dev to security, the reasons for his transitions, and what he learned along the way. He will break down why security really is one of the most interesting and different areas to specialize in and why working in security might be for you.

Speakers

Justin Cormack

CTO, Docker

Justin is the CTO of Docker, a Notary maintainer, and a member of the CNCF TOC. He has been working with containers and in the security space for many years.

How to work in cloud native security pdf

Close Captioning Transcript QUWH 5295 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/Qc0bvU0YSwI

13:00 CEST

Kubernetes Leader Election for Fun and Profit - Nick Young, VMware

Did you know that you can use the same code that core Kubernetes components use to elect a leader in your services? This can help with adding both reliability and scalability to your Cloud Native application.

Discover the ins and outs of how Kubernetes leader election works and what options it has. There have been significant changes recently, for example the addition of the Lease Object, GA in 1.16.

Using some real-world use cases, we’ll look at some patterns for using the leader election distributed lock.

You will come away from this talk with some understanding of:
- Possible interactions with standard mechanisms like Pod readiness and metrics serving
How both controller/operator services (services that listen to the API and take actions directly) and translator services (services that listen to the API and present a translated API) can use it.
- How one thing we tried didn’t work

Speakers

Nick Young

Senior Systems Engineer, Isovalent

Nick has been working to prevent the entropic downfall of systems for 20 years, across Windows and Linux, datacenters and clouds, networking, storage and compute. Currently he's a Senior Software Engineer at Isovalent, and a maintainer on the Kubernetes Gateway API project, where... Read More →

Close Captioning Transcript KZGP 4016 txt

Kubernetes Leader Election For Fun and Profit pdf

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Customizing + Extending Kubernetes

Link to Video Recording https://youtu.be/WslJyYb81w8

13:00 CEST

containerd Deep Dive - Akihiro Suda, NTT & Wei Fu, Alibaba

Join containerd maintainers to discuss the design of containerd’s core services and how to make use of them. This talk will dive into the plugin design and use cases for extending containerd. With knowledge of containerd’s service design, learn how to implement custom backend components such as special sandboxing and image storage. Finally, come away with an understanding of how to customize and configure containerd for your use case, whether through Kubernetes or a standalone deployment of containerd.

Speakers

Akihiro Suda

Software Engineer, NTT Corporation

Akihiro Suda is a software engineer at NTT Corporation, a Japan-based telecommunication company. He has been a maintainer of several opensource container software such as Moby, BuildKit, containerd, runc, and Lima. He has previously talked at several FLOSS conferences such as KubeCon... Read More →

Wei Fu

Software Engineer, Alibaba

containerd deep dive pdf

Close Captioning Transcript GFJV 3078 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/aVReM1D82iY

13:00 CEST

Deep Dive: CNI - Bryan Boreham, Weaveworks & Bruce Ma, Ant Financial

CNI, the Container Network Interface, is a small but critical piece of infrastructure linking runtimes such as Kubernetes and CloudFoundry to dozens of different container network implementations. This session is aimed at implementers of network plugins and runtimes using CNI, as well as anyone interested in contributing to the project or becoming a maintainer. In this session we will take a close look at the Tuning and Firewall plugins from the containernetworking/plugins repo. We will also have plenty of time for discussion and Q&A.

Speakers

Bryan Boreham

Distinguished Engineer, Grafana Labs

Bruce Ma

Senior Software Engineer, Ant Financial

CNI Deep Dive Aug 2020 pdf

Close Captioning Transcript HSEV 9274 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/0tbnXX7jXdg

13:00 CEST

Introduction to Strimzi: Apache Kafka on Kubernetes - Jakub Scholz & Paolo Patierno, Red Hat

Strimzi is a CNCF project focusing on running Apache Kafka on Kubernetes. Apache Kafka has emerged as a leading platform for building real-time data pipelines. It provides support for high-throughput/low-latency messaging, as well as sophisticated development options that cover all the stages of a distributed data streaming pipeline, from ingestion to processing. But running it on Kubernetes can be complex and tedious. This talk will introduce you to Strimzi - an operator which makes it easy to run Apache Kafka on Kubernetes. It addresses the whole lifecycle from creating, managing, and monitoring Kafka clusters to managing topics or users. This session will go through the main challenges of running Apache Kafka on Kubernetes, explain how they are solved by Strimzi and show a live demo.

Speakers

Jakub Scholz

Principal Software Engineer, Red Hat

Jakub is one of the maintainers of the Strimzi project which is part of CNCF Sandbox and focuses on running Apache Kafka on Kubernetes. He is also a contributor to Apache Kafka itself. He currently works for Red Hat as Principal Software Engineer. Before joining Red Hat he worked... Read More →

Paolo Patierno

Principal Software Engineer, Red Hat

Paolo is a Principal Software Engineer working for Red Hat on the messaging and IoT team. He is a maintainer of Strimzi, a CNCF sandbox project for running Apache Kafka on Kubernetes using operators. In his previous role, he worked on different integration projects about AMQP with... Read More →

August 19 Introduction to Strimzi Apache Kafka on Kubernetes pdf

Close Captioning Transcript YPAO 4973 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/GSh9aHvdZco

13:00 CEST

Kubeadm Deep Dive - Rostislav Georgiev, VMware & Rafael Lopez , SUSE

Don’t miss this talk if you want to understand what are the driving forces for kubeadm evolution, if you want to take your first opportunity to influence the roadmap, or, least but not last, if you are considering to step up as a new contributor helping making this happen. We’ll reserve time to talk about how to get involved with SIG Cluster Lifecycle and kubeadm, for all your questions, concerns, and feature requests!

Speakers

Rostislav Georgiev

Software Engineer, VMware

Rostislav (or simply Ross) started programming as a hobby in his early teens. Since then, he is interested in operating system architectures, IoT, storage, cluster computing and cloud-native design. He is part of the VMware Open Source Technology Center and Kubernetes community member... Read More →

Rafael Fernández López

Senior Software Engineer, SUSE

Rafa is a Senior Software Engineer at SUSE that loves to learn and experiment. He has special interest in the intersection between programming languages, distributed systems and infrastructure. When not in front of a computer he enjoys time with family, friends, city walks and ph... Read More →

KCEUV20 Kubeadm Deep Dive pdf

Close Captioning Transcript DBLJ 8610 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/DhsFfNSIrQ4

13:00 CEST

Kubernetes SIG Instrumentation: Instrumenting for Day Two Concerns - Marek Siarkowicz, Google

Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. This intro session will give an overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make Kubernetes' instrumentation even better!

Speakers

Marek Siarkowicz

Software Engineer, Google

Marek is a Software Engineer working at Google in Etcd team. He began his career in local startups where he loved open source and extreme programming. Currently he is a etcd maintainer and active member of SIG-instrumentation leading structured logging effort in Kubernetes. In his... Read More →

KubeCon 2020 Virtual Kubernetes SIG Instrumentation pdf

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/ozUKHvbOaLE

13:00 CEST

Minikube - Rohit Anand, NEC Corporation & Medya Ghazizadeh, Google

Join minikube maintainers for a deep dive into how minikube runs Kubernetes on your local machine. We'll cover how to get started with minikube and what customizations are available so you can have the best possible local development experience. We'll also go over how you can contribute to the project, new features we've recently added, and what you can expect from minikube in 2020. This session is intended for both new and seasoned minikube users.

Speakers

Medya Ghazizadeh

Technical Lead Manager, Google

Medya Ghazizadeh is a tech lead at Google's container tools team. holds masters degree from DePaul University. one of the minikube maintainers.loves open source, poetry and human languages.

Rohit Anand

Technical Lead, NEC Corporation

Rohit is a cloud native enthusiast and active contributor in Kubernetes. Rohit is currently working as Technical Lead at NEC. He is working in primary as well as secondary software development work based on Kubernetes. Rohit has expertise in python, go, shell scripts, docker, kubernetes... Read More →

minikube KubeCon 2020 virtual pptx

minikube KubeCon 2020 virtual.pptx pdf

Close Captioning Transcript OLKV 5980 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/xdoOmSSCxo8

13:00 CEST

TiKV: A Cloud Native Key-Value Database - Dongxu Huang & Nick Cameron, PingCAP

TiKV is a distributed Key-Value database that features in geo-replication, horizontal scalability, consistent distributed transactions, and coprocessor support. As a CNCF incubating project, TiKV has been widely used in production by over 500 companies. An adopter has even stored over 1.3 trillion rows of in TiKV.

In this talk, Dongxu Huang and Nick Cameron will share the story of how they built TiKV from scratch, including how they decided the technical solutions, how they interacted with other CNCF projects, and also how to apply Chaos Engineering on TiKV to guarantee system safety and robustness. In the end, Dongxu Huang and Nick Cameron will show the approach to a self-driving database in TiKV 4.0, which leverages Kubernetes to make TiKV more elastic and scalable.

Speakers

Dongxu Huang

CTO, PingCAP

Nick Cameron

Senior Engineer, PingCAP

Senior engineer at PingCAP, Rust core team alumnus.Talk to me about TiKV, TiDB, or Rust.

huang cameron tikv pdf

Close Captioning Transcript QKOP 6354 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/1B4riWTTAZg

13:00 CEST

Automating Load Balancing and Fault Tolerance via Predictive Analysis - Steven Rosenberg, Red Hat

Just imagine, wouldn't it be great if Kubernetes load balancing could predict application traffic in advance and react appropriately? We’ll explain how to improve performance, reduce costs, and increase reliability in order to provide more intelligent workload balancing.

The solution is Predictive Analysis which allows us to “predict” the future from historical events. We will discuss how predictive analysis can improve overall system performance while reducing costs and improve the reliability of Kubernetes and Hybrid Cloud based environments.

Attendees will come away with a better understanding of cutting edge technology for solving complex problems that are fast becoming the next generation of technological advances.

Speakers

Steven Rosenberg

Software Engineer, Red Hat

I have been in the Software Industry for more than 30 years. I currently work for Red Hat. I contribute to the Virtualization Team for oVirt Projects.

Predictive Analysis for Migration Schedulers pdf

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/RgksePRWr6k

13:00 CEST

Turn It Up to a Million: Ingesting Millions of Metrics with Thanos Receive - Lucas Servén Marín, Red Hat

Thanos is an open-source CNCF Sandbox project that builds upon Prometheus components to create a global-scale and highly available monitoring system. In this talk, Lucas Servén presents a solution for creating a multi-tenant horizontally scalable metrics ingestion system using the newest addition to the Thanos toolset: the Thanos Receive component. The talk considers the motivations for building a system capable of ingesting metrics from thousands of clusters, including: multi-cluster monitoring and cluster telemetry. Lucas discusses how Thanos Receive is able to satisfy these requirements and how its hash ring design allows it to scale and maintain ingestion availability even during upgrades. Finally, the talk demonstrates the practice of running an automatically scalable hash ring by leveraging the Thanos Receive Controller, Horizontal Pod Autoscaler, and the Prometheus Adapter.

Speakers

Lucas Servén Marín

Principal Software Engineer, Red Hat

Lucas Servén Marín is a principal software engineer from Spain currently working for Red Hat in Berlin. By trade he is an electrical engineer, with a Masters in robotics. After two years at CoreOS, he joined Red Hat where he works on the OpenShift Monitoring team and contributes... Read More →

KubeCon EU 2020 Virtual Turn It Up to a Million pdf

Close Captioning Transcript ZHGF 0110 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Observability

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/5MJqdJq41Ms

13:00 CEST

Do The Math: Auto-Scaling Applications with Kubernetes - Antoine Hamon, Nephely

What better place is there to host applications but inside a Kubernetes cluster? Yet what feature is more under-estimated than pod auto-scaling? Yes pod auto-scaling can be really hard, especially when searching for an optimized configuration. Whatever the application, goals are always the same: making sure our pods are able to scale-up quickly enough so users don't ever face any latency nor HTTP/5xx, while keeping the cost as low as possible. As both goals directly leverage the other, the complexity is all about finding the correct balance. Instead of putting the regular 80% CPU utilization threshold (which is sometimes fine-tuned with load-testing and/or feedback monitoring), would it be possible to have a more mathematical approach to solve this problem?

During this talk Antoine will present one he created and explain how to utilize it within Kubernetes.

Speakers

Antoine Hamon

SRE/DevOps, Cloud Architect, Nephely

Antoine is a DevOps/CloudArchitect specialized in Kubernetes, AWS and OpenStack. He started playing with Docker while it was still in beta release, and Kubernetes naturally followed soon after.With almost 10 years of experience, Antoine is now a freelance and helps companies improving... Read More →

Close Captioning Transcript AHED 6977 txt

DoTheMath AutoscalingApplicationsWithKubernetes pdf

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Performance

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/6RZNx58GKsg

13:00 CEST

Where Are Your Images Running? Stop Worrying and Start Encrypting! - Brandon Lum & Harshal Patil, IBM

Container image signing has made it possible for cluster operators to cryptographically verify that images are trusted. However, the same cannot be said of whether the nodes that run these images are trusted to view and use the contents of these images. This can be particularly important if compliance requires knowledge of WHERE a container image is running.

In this talk, we will show how DevOps, trust bootstrapping, and key management, in conjunction with container image encryption can achieve geofencing of execution. We will demo the new encrypted container images worker node model in containerd and cri-o working in such a context. In addition, we will explore how to bootstrap node trust, from simple setups to advanced key distribution using HW Root of Trust/TPM technologies like Keylime.

At the end, one should be able to “create an image only be usable by clusters in the EU region”.

Speakers

Harshal Patil

Advisory Systems Software Engineer, IBM

Harshal is an Open Source developer working on Kubernetes and Runtimes. At IBM Power Systems, he designs and implements container architectures focused on security that take advantage of Power's unique hardware features. In the container ecosystem, Harshal’s contributions span from... Read More →

Brandon Lum

Senior Software Engineer, IBM

Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). He enjoys tackling both technical and business challenges and has a side interest in organizational behavior and leadership. At IBM Research... Read More →

Close Captioning Transcript OCPJ 9303 txt

KubeCon Virtual 2020 ECI pdf

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/tRWMxuMEy9I

13:00 CEST

Cloudstate—Towards Stateful Serverless - Jonas Bonér & James Roper, Lightbend

The Serverless experience is revolutionary and will grow to dominate the future of Cloud. FaaS however—with its ephemeral, stateless, and short-lived functions—is only the 1st step. It's great for processing-intensive, parallelizable workloads, but limited in use-cases, making it hard to impl general-purpose apps.

What’s needed is a next-gen Serverless platform for general-purpose app dev for our new world of real-time data & event-driven systems. What’s missing is: ways to manage distributed state in a scalable & available fashion, long-lived stateful services, ways to co-locate data & processing, and options for data consistency.

This talk will discuss challenges, requirements, and introduce you to our proposed solution: CloudState—an OSS project building next-gen Stateful Serverless on Akka, gRPC, Kubernetes & GraalVM, with client support for Go, JavaScript, Java, Swift and more.

Speakers

Jonas Bonér

CTO, Lightbend

Jonas Bonér is founder and CTO of Lightbend, creator of the Akka project, initiator and co-author of the Reactive Manifesto, Chair of the Reactive Foundation, and a Java Champion. Learn more at: http://jonasboner.com... Read More →

James Roper

Cloud Architect, Lightbend

James is a long time open source contributor and Reactive systems expert. He is the creator of Cloudstate, the framework that brings distributed state management to the serverless world. He also created the Lagom Reactive microservices framework and is a core contributor to Play... Read More →

Cloudstate Kubecon EU 2020 pdf

Close Captioning Transcript PLNZ 4418 txt

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Serverless

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/D3bYGIo2kiQ

13:45 CEST

Simplify Your Cloud Native Application Packaging and Deployments - Chris Crone, Docker

With so many tools for declaring and deploying applications, developing cloud native apps can get complicated quickly. Single container images can be built and shared with a registry, but what about multi container or other more complex applications? Using the CNAB (Cloud Native Application Bundle) specification, open source projects like Docker App or Porter allow you to package apps that would normally require multiple tools like Terraform, Helm, and shell to deploy - into a single tooling agnostic packaging format. These packages can then be shared using existing container registries and used with other CNAB compliant tools.

In this talk, Chris Crone, co-executive director of the CNAB project, will share how to simplify cloud native development workflows using your favorite tools like Terraform, Helm and others, without requiring every developer to learn them.

Speakers

Chris Crone

Director of Engineering at Docker Inc., Docker

Chris Crone is a Director of Engineering at Docker, based on the US East Coast. He is responsible for a group of teams that provide low-level functionality (Build, Engine, Registry) as well as Content (Official Images, Verified Publishers, Extensions) at Docker. Previously, he worked... Read More →

Simplify Your Cloud Native Application Packaging and Deployments slides pdf

Close Captioning Transcript YZHH 9096 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/q1ioO9Tl4J8

13:45 CEST

Accelerating Drug Discovery by Competitive Cooperation Through Open Source - Bill Mulligan, Kubermatic & Camille Marini, Owkin

Historically, pharmaceutical companies have kept their machine learning (ML) models and data strictly confidential. The EU/EFPIA IMI2 Joint Undertaking funded “MELLODDY” (Machine Learning Ledger Orchestration for Drug Discovery, Grant n° 831472) initiative, a 3 year 18.4M EUR effort, brings together 10 leading pharma companies and 7 tech partners to build a new collaborative ML platform that boosts drug discovery model development while addressing both security and privacy preservation concerns (including commercial confidentiality). Kubernetes provides the consistent computing infrastructure across companies ensuring that data owners maintain control while running the common ML software and sharing the resulting models. This project demonstrates the potential of Kubernetes to accelerate drug discovery and enable cooperative competition in IP-sensitive industries.

https://www.melloddy.eu/
https://www.imi.europa.eu/projects-results/project-factsheets/melloddy

Speakers

Camille Marini

VP of Engineering, Owkin

Bill Mulligan

Kubernetes Advocate, Kubermatic

KubeCon MELLODDY Presentation VF (2) pptx

Close Captioning Transcript NYMQ 4783 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/k5J-9d1gUd4

13:45 CEST

Effective Kubernetes Onboarding - Kathleen Juell, DigitalOcean

Kubernetes has a steep learning curve, but many teams need to learn Kubernetes – quickly. This talk will cover strategies for onboarding developers to Kubernetes, taken from DigitalOcean's Developer Education team – the producers of DO's Community tutorials – and the Community Platform team, which develops the Community application. It will include 1. Core concepts and insights from DO's new Kubernetes for Full-Stack Developers curriculum; 2. An on-the-ground perspective taken from the Community Platform team's migration from a traditional VM environment to Kubernetes.

Key concepts the talk will cover:
1. How to onboard teams successfully by establishing knowledge baselines and effectively organizing, structuring, and delivering Kubernetes concepts.
2. How to situate Kubernetes in a larger arc of application development and integrate it into an existing development workflow.

Speakers

Kathleen Juell

Developer, DODX, DigitalOcean

Kathleen Juell is a Developer on the DODX team at DigitalOcean. She co-designed and contributed to the new Kubernetes for Full-Stack Developers curriculum, and worked on migrating DigitalOcean\'s Community Platform to Kubernetes. The talk will be a blend of perspectives from both... Read More →

Kathleen Juell KubeCon 2020 2 pdf

Close Captioning Transcript BBTK 7699 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/1sfoYf3TbQk

13:45 CEST

Taming Data/State Challenges for ML Applications and Kubeflow - Skyler Thomas, Hewlett Packard Enterprise

The Kubeflow project brings incredibly powerful Machine Learning frameworks like TensorFlow and PyTorch to Kubernetes. The ability to parallelize training and the ability to scale workflows up and down is revolutionary. However, state and persistent storage are a much bigger challenge for machine learning workloads because of their training data, library files, and models. We will discuss what it took to create AI/ML environments running thousands of pods and that request petabytes of training data.

We will explore the various state and storage challenges that crop up when you are building Kubeflow applications. We will discuss where distributed persistent storage solutions fit in the picture. We will address various storage api's including: POSIX/CSI solutions, NFS, S3, and HDFS fit into solutions. Data security and privacy issues will be discussed.

Speakers

Skyler Thomas

Distinguished Technologist, Hewlett Packard Enterprise

Skyler Thomas is a Distinguished Technologist and Hewlett Packard Enterprise. He the chief architect for Kubernetes based Artificial Intelligence and Machine Learning at HPE. He joined HPE in the MapR acquisition where he he helped customers design ML simulation environments with... Read More →

Close Captioning Transcript DGDN 8464 txt

Taming State Challenges pdf

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Machine Learning + Data

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/fPpcodldlVg

13:45 CEST

CRI-O: Deep Diving into the Security - Sascha Grunert, SUSE & Daniel Walsh, Red Hat

Container Runtime security is one of the most important aspects of the Kubernetes ecosystem. Runtimes have to ensure that all security constraints provided by the end-users are met on the system, as well as provide strong defaults for less experienced users. CRI-O is a container runtime that prides itself in its focus on security and safe defaults. In this talk Dan Walsh and Sascha Grunert will dive deep into CRI-O’s security principles. They will present common container workload securing practices and demonstrate how the container runtime will apply those to the target system. The talk will cover best practices in SELinux, AppArmor, seccomp, Linux capabilities and namespace isolation techniques which make Kubernetes based end-user applications more secure. At the end of the talk, they will also cover a general overview of the current status of container runtime security.

Speakers

Dan Walsh

Senior Distinguished Engineer, Red Hat, Inc.

Daniel Walsh has worked in the computer security field for over 30 years.Dan is a Consulting Engineer at Red Hat. He joined Red Hat in August 2001.Dan leads the Red Hat Container Engineering team since August 2013, but hasbeen working on container tec

Close Captioning Transcript QRAE 4078 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/RoiIx8mcECY

13:45 CEST

Deep Dive: Harbor - Enterprise Cloud Native Artifact Registry - Steven Zou & Daniel Jiang, VMware

Harbor is an open-source trusted cloud-native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve both the container image and Helm Chart management challenges. In this session, the speakers would like to talk more details about the evolution of making Harbor support managing kinds of cloud-native artifacts like Image, Helm Chart, CNAB and OPA bundle, etc. with simple and unified user experiences and promoting Harbor to be the best OCI compatible cloud-native artifact registry then. At the same time, they're going to share the future roadmap of Harbor project and community with the attendees, including but not limited to non-blocking online GC, Proxy cache, P2P distribution, and EDGE computing support, etc. Additionally, they'd like to update the current status of the Harbor community and encourage more participation in the Harbor community. Furthermore, the team would love to get feedback from users and contributors to current features and future roadmap.

Speakers

Steven Zou

Harbor Maintainer, VMware

Jia Zou (Steven) is a staff engineer of VMware China R&D. He is now working on the open-source Project Harbor that is an enterprise-class cloud-native artifact registry as a core maintainer and architect. He previously has worked in HPE, IBM, and Agilent as software engineer for many... Read More →

Daniel Jiang

Harbor Maintainer, VMware

I'm a software engineer from VMware, who joined the company around the end of 2015. Currently working on a open source registry project called Harbor. I'm one of the founding member of this project.I have been giving speech in different meet-ups talking about docker image management... Read More →

KubeCon Virtual 2020 breakouts Harbor deep dive v3 pdf

Close Captioning Transcript SBRK 8576 txt

Harbor Booth pptx

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/XOP6DKULmfk

13:45 CEST

Intro: Telepresence - Daniel Bryant, Datawire

This session will provide an intro to Telepresence, a CNCF Sandbox tool. We’ll talk about development workflows for Kubernetes. We’ll discuss the differences between traditional development, and different approaches people take to building Kubernetes services. We’ll then introduce Telepresence and discuss how it integrates with different organizational development workflows. Finally, we’ll talk about the evolution of Telepresence and how we are actively moving Telepresence forward from its heritage as a VPN-type approach into a more sophisticated L7 routing layer for developers.

Speakers

Daniel Bryant

Head of DevRel, Ambassador Labs

Daniel Bryant works as a Product Architect at Datawire, and is the News Manager at InfoQ, and Chair for QCon London. His current technical expertise focuses on ‘DevOps’ tooling, cloud/container platforms and microservice implementations. Daniel is a leader within the London Java... Read More →

KubeCon Intro to Telepresence pdf

Close Captioning Transcript PMQY 1629 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/tHehwEFMDG4

13:45 CEST

Jaeger Deep Dive - Pavol Loffay, Red Hat

This session is dedicated to an in-depth understanding of the Jaeger project. We will give a short demo of the recently added features, talk about various topics including the architecture, adaptive sampling, multi-tenancy, and configuration, and review the roadmap. After this session the attendees should better understand the Jaeger architecture, how to deploy it and get the best benefits, and to make contributions to the project.

Speakers

Pavol Loffay

Principal Software Engineer, Red Hat

Pavol Loffay is a principal software engineer at Red Hat working on open-source observability technology for modern cloud-native applications. Pavol contributes and maintains Cloud Native Computing Foundation (CNCF) projects OpenTelemetry and Jaeger. In his free time, Pavol likes... Read More →

Close Captioning Transcript FNSV 7027 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/BWtNelj_XUc

13:45 CEST

Prometheus Deep Dive - Goutham Veeramachaneni, Grafana Labs & Bartłomiej Płotka, Red Hat

The Prometheus deep-dive will present advanced use cases, in particular how to run and scale up a vanilla Prometheus setup for large organizations. A number of Prometheus maintainers will be around for the Q&A.

Speakers

Goutham Veeramachaneni

Software Engineer, Grafana Labs

Goutham Veeramachaneni is a developer from India who started his journey as an infra intern at a large company where he worked on deploying Prometheus. After the initial encounter, he started contributing to Prometheus and interned with CoreOS, working on Prometheus’ new storage... Read More →

Bartlomiej Plotka,

Senior Software Engineer, Google

Bartek Płotka is a Senior Software Engineer at Google. SWE by heart, with an SRE background, currently working on Cloud Observability. Previously Principal Software Engineer at Red Hat. Author of "Efficient Go" book with O'Reilly. As the co-founder of the CNCF Thanos project and... Read More →

KubeCon 2020 Prometheus Deep Dive Bartek Goutham (1) pdf

Close Captioning Transcript VFSO 5725 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/Xx16tAoqw70

13:45 CEST

Failure Stories From the On-premise Bare-metal World - Stephan Fudeus & David Meder-Marouelli, 1&1 Mail & Media Development & Technology GmbH

Setting up a Kubernetes cluster is not trivial in general and doing that on-premise with bare-metal machines has very specific challenges. In addition to "just" defining the pod overlay network and embedding the host network into an existing topology, ingesting and directing traffic into the cluster is an essential task. Regardless of the chosen solution, compromises need to be made and eventually, failures will occur.

In this session David and Stephan will show their real world setup of reasonably large clusters (up to 150 nodes currently), the reasoning behind the network design and the failure stories they experienced and had to deal with. The topics are ranging from ingress controllers via BGP, network routing, DNS and iptables to hardware load balancer appliances - and how those technologies are not as cloud native as one might wish.

Speakers

Stephan Fudeus

Expert Container Technologies, 1&1 Mail & Media

Stephan Fudeus is an Evangelist for Container Technologies by title and a backend and infrastructure engineer by heart. He used to develop scalable multi-tenant applications for up to a million customers in a DevOps fashion for 14 years at 1&1 Internet and now is Product Owner and... Read More →

David Meder-Marouelli

Expert Continuous Delivery, 1&1 Mail & Media

David Meder-Marouelli is a systems architect and expert for Continuous Delivery. After several positions in the web hosting environment he currently works at 1&1 Mail & Media since 2015. In this position he is responsible as the Product Owner for the design and development of the... Read More →

KubeConEU2020 FailureStories pdf

Close Captioning Transcript XSQV 9625 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/pmuzOWB64Sg

13:45 CEST

Hubble - eBPF Based Observability for Kubernetes - Sebastian Wicki, Isovalent

Troubleshooting network issues in Kubernetes often requires deep insight into different layers of your stack. Hubble is a new open-source observability platform that aims to assist you in understanding what is going on in all layers of your Kubernetes network. Based on the Cilium CNI and the Linux kernel eBPF technology, it is able to obtain fine-grained visibility into network traffic and applications behavior, with low overhead and without having to modify applications.

In this talk, you will get a introduction into Hubble, and the technologies that power it, the Cilium CNI and eBPF. You will be presented with practical examples of how Hubble can be used to interactively troubleshoot complex network issues. The talk will show how to write custom Hubble metrics which allow you to benefit from eBPF's superpowers without having to write or understand any kernel code.

Speakers

Sebastian Wicki

Software Engineer, Isovalent

Sebastian Wicki is a software engineer currently working on Hubble and Cilium at Isovalent. Previously he worked on distributed stream processing systems for real-time data center network monitoring and analytics at ETH Zurich.

Aug19 Hubble eBPF Based Observability for Kubernetes Sebastian Wicki pdf

Close Captioning Transcript XPGF 5864 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Observability

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/8WCbGSCyDSo

13:45 CEST

Banking on Kubernetes, the Hard Way, in Production - Miles Bryant & Suhail Patel, Monzo Bank

Have you ever wondered what it takes to deploy and operate Kubernetes at scale, in production? Self hosted clusters often have a bad reputation as a complex and costly choice when compared to managed services. Let’s look at an alternative viewpoint and evaluate the tradeoffs.

Monzo started self hosting Kubernetes out of necessity a few years ago when managed services were in their infancy. In this talk, Miles and Suhail will explain why Monzo has chosen to continue operating their own clusters, and how this can be a viable option.

This talk discusses Monzo’s experiences with operating, upgrading, customising and configuring the control plane, networking and cloud integrations. We think this has been the best choice, but we also want to discuss the challenges we’ve faced along the way - like the time when network policies took down a large chunk of Monzo's cluster.

Speakers

Miles Bryant

Platform Engineer, Monzo Bank

Miles is an Engineer on the Platform Squad. He focuses on scaling our Kubernetes and monitoring infrastructure to cater for the over 1500 microservices running the bank. Miles has spoken at various meetups like the Kubernetes London Meetup, Open Infra Days and the Prometheus London... Read More →

Suhail Patel

Platform Engineer, Monzo Bank

Suhail is an Engineer on the Platform Squad. He focuses on reliability and database operations, ensuring that Monzo customers have access to managing their money 24/7. Suhail has spoken at other conferences such as SRECon Ireland 2019 and QCon London 2019. He has also spoken in various... Read More →

Close Captioning Transcript ZAWU 3458 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Rf1sGlpdvmA

13:45 CEST

What You Didn’t Know About Ingress Controllers’ Performance - Mikko Ylinen & Ismo Puustinen, Intel

The Kubernetes Ingress is a way to connect cluster services to the world outside of the cluster. The incoming traffic is routed through a proxy server that is responsible for tasks such as load balancing and TLS termination. The proxy server performance plays a critical role in good service experience, contributing directly to HTTP request latency. In this talk we give a detailed performance breakdown of common proxy servers used in Kubernetes Ingresses and discuss where to pay attention to when configuring the proxy to gain the best performance. The focus is in CPU intensive TLS crypto operations (such as TLS handshakes), hardware acceleration, node resource allocation, and ideal workload placement.

Speakers

Mikko Yinen

Cloud Software Architect, Intel

Mikko Ylinen is a cloud and edge software architect at Intel’s Cloud Software open source team. He comes with an embedded linux and operating systems engineering background but has most recently worked on security and confidential computing related topics in containers and cloud... Read More →

Ismo Puustinen

Cloud Software Engineer, Intel

Ismo joined Intel Finland in 2011 to create interesting Linux software, and has enjoyed the work ever since. Ismo is nowadays occupied with creating cloud software, but he also has a strong interest in embedded Linux and engineering secure operating systems: he has previously presented... Read More →

KubeCon EU 2020 What you didn't know about Ingress Controller's performance pdf

Close Captioning Transcript SDKQ 9996 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Performance

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/6Dqon7Fs7kg

13:45 CEST

In a Container, Nobody Hears Your Screams: Next Generation Process Isolation - Andrew Martin, ControlPlane

Is it ever safe to run untrusted code in containers? Should process isolation keep workloads in, or attackers out? What would it take to run a malware test lab in Kubernetes?

With fast startup times and consistent execution environments containers beat traditionally slow, monolithic VMs -- but with the advancement of micro VMs the boundaries have become blurred. It is increasingly difficult to know which isolation technology to choose for our next application. Can we run different workloads in different “container” types -- on the same cluster?

In this talk we:
- examine the history of trying to safely run unsafe processes
- compare and contrast the emerging generation of process isolation and security techniques
- rationalise the design decisions that drive each project
- demo how to break in, out, and learn about what workloads are best suited to run in each technology

Speakers

Andrew Martin

CEO, Control Plane

Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →

ControlPlane Next Generation Process Isolation (Kubecon, July 2020) pdf

Close Captioning Transcript KDRL 2654 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/NQrs1mpfDNc

13:45 CEST

Serverless Integration on Kubernetes with Apache Camel K - Nicola Ferraro, Red Hat

“Serverless” is one of the most trending paradigms for designing applications, but what most early adopters find out is that doing something more than a “Hello World!” is hard. The more your application is deconstructed into smaller pieces, the more you need better communication patterns. Real-life applications also interact with tons of external systems and managing this complexity is hard.

Camel K is a lightweight integration platform for Kubernetes created specifically to address these issues. It’s based on Apache Camel, the most powerful open source integration framework, and it leverages Knative to deliver integration patterns in a serverless way.

We will show how Camel K works under the hood and, with coding examples, we’ll also demonstrate how Camel K makes it easy is to connect (almost) anything using integration patterns and the 300+ components that Apache Camel provides.

Speakers

Nicola Ferraro

Principal Software Engineer, Red Hat

Nicola Ferraro is a Principal Software Engineer at Red Hat. He is Apache Camel PMC member and co-creator of Camel K, the serverless integration platform for Kubernetes. He often contributes to Knative, Syndesis and the Fabric8 development tools for Kubernetes.

(KubeCon 2020) Serverless Integration on Kubernetes with Apache Camel K pdf

Close Captioning Transcript BEZT 8957 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Serverless

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/beJOCndVfaU

14:00 CEST

Meet the Maintainer: Strimzi

Wednesday August 19, 2020 14:00 - 15:00 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

14:30 CEST

Sharing Is Caring! Push Your Cloud Application to an OCI Registry - Silvin Lubecki & Djordje Lukic, Docker

Did you know that you can store anything into a container image registry? Did you ever wonder what black magic is behind multi-arch images? OCI Image specification is a standard purposely generic enough to enable use cases other than “just” container images.

While working on the Cloud Native Application Bundle (CNAB) project, we built tooling to package whole applications as OCI Images so that they could be pushed to and pulled from registries. We learnt a lot doing this and would like to share with the community.

During this talk, we will have a quick but in-depth view of:
* The OCI Image specification and its future
* How to push a multi service application to a registry
* Our battle scars with the different interpretations of the OCI spec by the mainstream registries

Speakers

Djordje Lukic

Senior Software Developer, Docker

Djordje is a Senior Software Engineer at Docker. He works on the Hub, contribute to docker-compose, docker app and maintain cnab-to-oci. He is a full stack developer, and brand new rustacean.

Silvin Lubecki

Senior Software Developer, Docker

Silvin is a Senior Software Engineer at Docker for 2 years, and an Open Source maintainer on different project suc as Docker CLI, Docker App, CNAB-Go and cnab-to-oci. Mostly a backend developer and a Gopher.

KubeconEU 2020 08 19 Sharing is Caring push your cloud application to an OCI Registry SilvinLubecki DjordjeLukic pdf

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/MIAJaAr3gCk

14:30 CEST

Why We Are Choosing Cloud Native Buildpacks at GitLab - Abubakar Siddiq, GitLab

GitLab provides a zero configuration build/test/deploy pipeline called "Auto DevOps" which relies on Herokuish for detecting how to build/test your source code into a runnable docker image. Currently, GitLab uses Herokuish to match projects with known languages and build them. The new tooling from CNB is capable of building smaller resultant images by separating the build layers from the runtime layers. In order to increase the speed and efficiency of GitLab's products, the Product team investigated the Cloud Native Buildpacks, which provide a cloud-native means of standardizing code detection and producing a standards-based container runtime.

In this talk, learn about GitLab’s goals, plan, and how they made the decision to move forward based on the greatest benefit to GitLab from CNAB - the larger community fixing CNAB issues.

Speakers

Abubakar Siddiq Ango

Developer Evangelism Program Manager, GitLab

Abubakar Siddiq Ango is a Developer Evangelism Program Manager at GitLab, where he finds better ways for the Developer Evangelism team to engage with the community and measure its impact. He is a Certified Kubernetes Administrator and when not working, he engages with the community... Read More →

Abubakar CNB Talk (2) pdf

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/oTC-itx6ubE

14:30 CEST

Managing Multi-Cluster/Multi-Tenant Kubernetes with GitOps - Chris Carty, Independent

Trying to go fully cloud native all at once can be intimidating. Learning GitOps best practices is a relatively small investment in time that has big operational payoffs. Good news! If you’re using Git, you’ve already started!

This talk with be a guide to effectively implementing GitOps through a real world example of modernizing deployments using FluxCD in a multi-cluster/multi-tenant environment. It will also introduce CI tools such as conftest/Kubeval, Open Policy Agent and Kind to make pipelines more consistent and secure.

Speakers

Chris Carty

Customer Engineer, Google Cloud

He is a Certified Kubernetes Administrator, Certified Kubernetes Application Developer, panelist for the Kubernetes Office Hours and a member of the Kubernetes 1.16 /1.17 Release Notes teams.

KubeCon Virtual 2020 breakouts.pptx pdf

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/yjflWxZaHY4

14:30 CEST

Neuro-Inclusivity: The Future of the Tech Industry - Kiran "Rin" Oliver, Independent & Leena Haque, BBC

According to a 2018 report from Tech Nation, 83% of the tech community in the UK believe their biggest challenge is accessing skilled workers. Too many talented people are going unnoticed by recruiters. As a result, there’s been much focus on attracting talent of all ethnicities and genders, but there’s a growing view emerging that more needs to be done in the area of neurodiversity.

Many cloud native companies are answering this issue by creating initiatives to hire neurodivergent people. Often, an entire division of recruiting/HR is dedicated to sourcing these individuals. There’s just one problem: They don't actually know what to do next. This panel will go into those next steps, in particular, focusing on on-boarding, retaining, and creating a welcoming work environment for neurodivergent individuals in today’s Kubernetes-based, cloud-native landscape.

Speakers

Rin Oliver

Content Marketing Manager, Esper

Rin is the Content Marketing Manager at Esper. They enjoy discussing all things open source, with a particular focus on diversity in tech, improving hiring pipelines in OSS for those that are neurodivergent, and removing accessibility barriers to learning programming. Rin is also... Read More →

Leena

Senior UX Designer, BBC

Leena is currently a Senior UX Designer at the BBC and also co-founder for a creative initiative called CAPE (Creating A Positive Environment) The aim of CAPE is to promote the idea that differences in brain functioning, such as autism and dyslexia, are not disabilities, but natural... Read More →

NEURO INCLUSIVITY THE FUTURE OF THE TECH INDUSTRY draft v.3.0 pptx

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Community

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/Z7k1nCZ6JNA

14:30 CEST

The Hidden Generics in Kubernetes' API - Eirik Albrigtsen, Babylon Health

A look into how apimachinery enforces strong conventions on kubernetes' api, how that impacts client-go, and how we can take advantage of these hidden generic properties to build an actually generic client in rust.

We will go through a kubernetes Object, its generic parts as modelled via a rust Trait, and how this enables the rust compiler to automatically populate all kubernetes objects' api calls and serialization code from a single generic impl.

We will also show examples on how to write single file, performant, async/await rust controllers that follow operator best practices.

Speakers

Eirik Albrigtsen

Eirik Albrigtsen is currently employed as an SRE at TrueLayer managing observability systems and improving developers' kubernetes experience. He has worked previously as a platform engineer at Babylon Health, and a platform engineer at Cisco. He has been speaking at public venues... Read More →

kubecon hidden generics kube reveal print pdf

Close Captioning Transcripts FGVH 3936 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Customizing + Extending Kubernetes

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/JmwnRcc2m2A

14:30 CEST

How to Use Kubernetes to Build a Data Lake for AI Workloads - Peter MacKinnon & Uday Boppana, Red Hat

The recent popularity of hybrid cloud architectures have left organizations with traditional data lakes behind. How do you build a data architecture that is cloud provider agnostic and is flexible enough to run in across public and private cloud data centers? How do you make this data available to data scientists and developers in a way that simplifies the creation of intelligent applications?

This talk will walk through a new way of building data lakes for the hybrid cloud using Rook and Ceph community projects running on Kubernetes. With a single data architecture deployment that can run in any cloud or across multiple clouds, IT and data engineers can use open source tools on Kubernetes such as Rook, Ceph, Hive metastore, Spark, and Presto to provide unified access to massive amounts of data across multiple data centers for data scientists and developers.

Speakers

Peter MacKinnon

Principal Software Engineer, Red Hat Inc.

Pete MacKinnon is a Principal Software Engineer in the AI Center of Excellence at Red Hat. He is actively involved in the Kubeflow and Open Data Hub open source projects. He works closely with Red Hat customers and partners to successfully bring their machine learning and analytics... Read More →

Uday Boppana

Senior Principal Product Manager, Red Hat

Uday Boppana is a Senior Principal Product Manager at Red Hat, responsible for Big Data and AI/ML data services . He has experience working in AI/ML, hybrid cloud, data center, data services and storage solutions in different roles and with a variety of technologies. In prior roles... Read More →

August 19 How to Use Kubernetes to Build a Data Lake for AI Workloads pdf

Close Captioning Transcripts VOLQ 6664 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Machine Learning + Data

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/0HIelZ3qMLE

14:30 CEST

Advanced Logging with Fluent Bit - Eduardo Silva, Arm Treasure Data & Wesley Pettit, Amazon

Fluent Bit is a Fluentd sub-project that aims to solve the newest challenges in the cloud-native space. In this deep dive session, we will talk about its architecture, how data workflows operate and the ability to perform advanced stream processing on the edge. You will learn how to gather data value using the new SQL engine, data snapshots, aggregation windows, and basic machine learning.

Speakers

Eduardo Silva

Principal Engineer, Arm Treasure Data

Eduardo is a Principal Engineer at Arm Treasure Data, he is the author and maintainer of Fluent Bit Log Processor, a CNCF sub-project under the umbrella of Fluentd. He is an international speaker in Open Source conferences, he has participated in Scale California, LinuxConf AU, Linux... Read More →

Wesley Pettit

Software Development Engineer, Amazon

Close Captioning Transcripts MNNY 6911 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/F73MgV_c2MM

14:30 CEST

An introduction to Helm - Bridget Kromhout, Microsoft & Marc Khouzam, City of Montreal

CNCF Helm is a package manager for Kubernetes manifests that helps you write, share, find, and manage applications on Kubernetes. In this session you will learn the basics of Helm. We’ll dive into the components that make up Helm, and what a Helm Package looks like. We’ll then look at ways you can share Helm Charts and we’ll show you how to deploy an existing Helm Chart as well as how to get started writing your own Helm Chart. We’ll finish off by talking about some of the other exciting tools in the Helm ecosystem.

Speakers

Bridget Kromhout

Principal Program Manager, Microsoft

Technologist, podcaster, conference speaker, devopsdays organizer. Herds cats and wrangles docs; still team #opslife.

Marc Khouzam

Solutions Architect, City of Montreal

Marc Khouzam is a Solutions Architect at the City of Montreal with a focus on cloud native solutions. Heavily involved in open-source since 2007, he has presented at multiple conferences over the years and is a core maintainer for Helm. Working with production workloads in Kubernetes... Read More →

Close Captioning Transcripts ZWVX 0240 txt

kubecon eu 2020 intro to helm pdf

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/x2w6T0sE50w

14:30 CEST

Cloud-Native Application Delivery Landscape Update (Deep-Dive) - Alois Reitbauer, Dynatrace & Lei Zhang, Alibaba

In the session the audience will learn about the state of the cloud-native application delivery landscape. The session will provide examples and guidance how to compose an application delivery stack following the application delivery model defined by the application delivery SIG. The audience will get first hand experience with sample projects and how they can be applied to common use cases.

Speakers

Lei Zhang

Staff Engineer, Alibaba

Lei is leading the engineering effort in Alibaba including its Kubernetes based large-scale cluster management system and unified application platform. Lei has been working as a maintainer on Kubernetes upstream since its beginning and a popular speaker in KubeCon.

Alois Reitbauer

Chief Technology Strategist, Dynatrace

Alois is an executive member of the technical staff at Dynatrace. He has been building monitoring and application management solutions for more than 15 years. Alois has successfully brought multiple products to market that are used by the biggest companies on the planet. His current... Read More →

Close Captioning Transcripts GPBV 8392 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/Mez0xvIvIHE

14:30 CEST

CNCF SIG Network Intro & Deep-Dive - Lee Calcote, Layer5

“It’s the network!” is the cry of every system administrator, every developer. With the increased prevalence of microservice-based distributed systems, it’s true - networking as a discipline has never been more critical in the efficient operation of cloud native deployments. Networking primitives, including load balancing, observability, authentication, authorization, policy, rate limiting, QoS, mesh networks, legacy infrastructure bridging, and so on are now receiving substantial development and investment throughout the industry and are the subject of focus of the CNCF Network SIG.

Join this talk for an intro to the SIG, its charter and a deeper discussion of current cloud native networking topics being advanced in this SIG. Current CNCF projects in-scope: CNI, CoreDNS, Envoy, gRPC, Linkerd, NATS, Network Service Mesh.

Speakers

Lee Calcote

Founder and CEO, Layer5

Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder and CEO of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus... Read More →

KubeCon EU 2020 CNCF SIG Network Intro and Deep Dive pptx

Close Captioning Transcripts YLOC 6070 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/oFNsD-N0IOo

14:30 CEST

Designing a gRPC Interface for Kernel Tracing with eBPF - Leonardo Di Donato, Sysdig

As a maintainer of the CNCF runtime security project, Falco, he was tasked with designing a mutually TLS authenticated API over gRPC in C/C++ to solve the runtime security problem. Join this talk to understand the challenges he faced with designing the interface, as well as the performance concerns with parsing millions of syscalls using eBPF over gRPC. The audience will walk away with an understanding of runtime security in cloud-native, as well as the technical concerns with building such an interface.

Speakers

Leonardo Di Donato

Senior Software Engineer

Leo is an Open Source Senior Software Engineer with a fondness for Security, eBPF, and Linux in general. He loves to mix such low-level concepts with Kubernetes and Cloud Native stuff. He's a core maintainer of Falco, the CNCF tool for Runtime Security, focusing on its low-level tech... Read More →

Close Captioning Transcripts AXOR 8934 txt

Aug19 Designing a gRPC Interface for Kernel Tracing with eBPF Leonardo DiDonato pdf

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/kjOJfNDPVSo

14:30 CEST

Introduction to SIG-Cluster Lifecycle - Lubomir Ivanov , VMware & Justin Santa Barbara, Google

The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and building a Cluster API to provide an abstraction of machines across different deployment environments and a common control plane configuration. In this introduction session, we will present the SIG's mission statement, review recent accomplishments, and discuss our future plans, where you are very welcome to contribute to the discussion. We will also focus on how new contributors can get involved in helping shape the future of Kubernetes' cluster lifecycle management.

Speakers

Justin Santa Barbara

Software Engineer, Google

Justin has been contributing to kubernetes since 2014, and loves helping users adopt and grow their use of kubernetes - initially as the primary maintainer of the kubernetes AWS support, he also started the kOps project. He joined Google in 2018 to work full time on Kubernetes, focusing... Read More →

Lubomir I. Ivanov

Software engineer, VMware

Lubomir started contributing to Kubernetes in 2017. His main area of interest has been SIG Cluster Lifecycle and subprojects like kubeadm and Cluster API. Currently he co-chairs the SIG and works for VMware's Open Source Program Office.

Intro to SIG Cluster Lifecycle KubeCon EU 2020 pptx

Close Captioning Transcripts VFYH 0702 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/x4YpUrvz46g

14:30 CEST

Running SPIRE In Large Scale, Enterprise-Grade Environments - Andrew Harding, HPE

SPIRE started as the reference implementation of SPIFFE back in 2017, and is now part of the core security architecture of many large enterprises. That means it has to be flexible and reliable in a wide variety of deployment scenarios. We’ll discuss the practical logistics of running SPIRE in a large enterprise: high availability, nested deployment for multiple availability zones, integration with upstream certificate authorities, observability, and monitoring. This talk will be useful for anyone who is already using SPIRE at scale, as well as anyone who is thinking about using SPIRE and wants to know what to expect as their infrastructure grows.

Speakers

Andrew Harding

Software Engineer, Hewlett-Packard Enterprise

Andrew is a software engineer who loves his craft. He enjoys building all sorts of software but has a soft spot for security, in particular, identity management. Andrew is a full-time maintainer of SPIRE (https://github.com/spiffe/spire). Before getting involved with SPIRE, Andrew... Read More →

Close Captioning Transcripts UKOY 9325 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/sKvDHi6vZTw

14:30 CEST

Thanos: Cheap, Simple and Scalable Prometheus - Giedrius Statkevičius, Adform & Matthias Loibl, Red Hat

Thanos is an open-source CNCF Sandbox project that builds upon Prometheus components to create a global-scale highly available monitoring system. It seamlessly extends Prometheus in a few simple steps and it is already used in production by dozens of companies that aim for high multi-cloud scale for metrics while keeping low maintenance cost. During this talk, core maintainers of Thanos will explain basic concepts behind the project, its use cases, and tradeoffs. You will learn where to start and how to quickly deploy Thanos on Kubernetes without impacting your existing Prometheus setup. This talk is recommended for those who want to know more about running highly available Prometheus setup at scale with potentially unlimited metric retention with the lowest possible effort and cost.

Speakers

Matthias Loibl

Senior Software Engineer, Polar Signals

Giedrius Statkevičius

Site Reliability Engineer, Vinted

Giedrius Statkevičius is a Site Reliability Engineer at Vinted where he works on observability. In his free time, he maintains an unofficial Golang Grafana SDK at https://github.com/grafana-tools/sdk & dabbles with C/Rust by contributing to projects such as systemd.

Close Captioning Transcripts JCTJ 8752 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/Wroo1n5GWwg

14:30 CEST

eBPF and Kubernetes: Little Helper Minions for Scaling Microservices - Daniel Borkmann, Cilium

eBPF has come a long way in the Linux kernel and is gaining more and more adoption
and popularity in the context of Kubernetes in the networking, tracing and security
space. In fact, it is changing the way we think about operating systems by opening
the doors to fully customise the Linux kernel as a platform. Given the rapid pace of
development of eBPF in the kernel, it is often times quite challenging to keep up
with all the exciting advances coming from the eBPF community.

This talk provides a deep dive from the perspective of one of the eBPF co-maintainers
and core developers in the Linux kernel of where we came from, where we currently are,
what the future brings, why eBPF has cloud native roots and how Kubernetes users can
benefit from all that. We will cover the user space landscape around eBPF as well as
its inner workings and interactions with the rest of the kernel.

Speakers

Daniel Borkmann

Software Engineer, Cilium

Daniel Borkmann is a Software Engineer at Isovalent working on eBPF, the Linux kernel and Cilium. He is a long-term Linux kernel core contributor in the eBPF and networking subsystem for almost a decade and co-maintains eBPF and XDP.

Aug19 eBPF and Kubernetes Little Helper Minions for Scaling Microservices Daniel Borkmann pdf

Close Captioning Transcripts PGMF 0136 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/99jUcLt3rSk

14:30 CEST

Reimagining the Worldwide LHC Computing Grid on Kubernetes - Lukas Heinrich, CERN & Alessandra Forti, University of Manchester

At CERN, the home of the web, the Large Hadron Collider at CERN hosts some of the largest physics experiments ever constructed. The distributed infrastructure built over the last 20 years -- the World-wide LHC computing grid (WLCG) would today be described a federated, multi-cloud and multi-cluster deployment, mostly made up of a diverse set of research institute batch systems deployed on bare-metal or VMs. The rise of containers is an opportunity to reimagine the WLCG deployed on Kubernetes. In this talk we will cover how we leverage CNCF tools in this transition. Using e.g. containerd snapshotters for worldwide image distribution, Helm GitOps for reproducible configuration of multi-cluster setups and our deployment of services and batch workloads in that system. In a demo, we will deploy a member of the federation which will then receive workloads to analyze subatomic collision data.

Speakers

Alessandra Forti

University of Manchester

Alessandra is senior system administrator and coordinator at one of the large UK Worldwide LHC Computing Grid sites. She has 20 years of experience on grid computing and as the coordinator of the Workflow Management System of the ATLAS Experiment she is leading the effort of moving... Read More →

Lukas Heinrich

Physicist, CERN

Lukas Heinrich is a particle physicist working on the ATLAS Experiment. He focuses on introducing modern cloud computing tools to more systematically search for phenomena beyond the Standard Model of Particle Physics.

Close Captioning Transcripts PJCK 8607 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/NX6U9U8ZTl8

14:30 CEST

Container Isolation via Virtualization: Don't Forget to Shrink the Guest - Dan Williams, IBM & Hsuan-Chi (Austin) Kuo, UIUC

Virtualization must be lightweight to be useful for improving the isolation of container runtimes (e.g., Kata containers): adding traditional (heavyweight) virtualization layers to container primitives would, for example, result in unacceptable boot time and performance for important use cases like serverless computing. Fortunately, the community has made great strides towards lightweight virtualization with new VM monitors (e.g., AWS Firecracker) and associated tooling (e.g., Weaveworks Ignite). However, there has been relatively little attention paid to the guest kernel itself, which remains unnecessarily bloated, affecting both performance and security. We will make the case for guest kernel specialization via kernel configuration and highlight key challenges in applying these techniques in a sandboxed container context.

Speakers

Dan Williams

Research Staff Member, IBM T.J. Watson Rearch Center

Dan Williams is a Research Staff Member at IBM Research, where he works on unikernels and secure containers.

Hsuan-Chi (Austin) Kuo

Student, UIUC

Hsuan-Chi (Austin) Kuo, is a Ph.D. candidate in the Dept. of Computer Science at the University of Illinois at Urbana-Champaign [UIUC]. He completed his B.S. in Computer Science from the National Tsing-Hua University in 2016. His research interests are in the area of systems, networking... Read More →

Aug19 Container Isolation via Virtualization Don't Forget to Shrink the Guest Read Only pdf

Close Captioning Transcripts QKAJ 0132 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Runtimes

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/P8VBf-2Mdjo

14:30 CEST

Securing Your Healthcare Data with OPA - Martin Pratt, Medudoc & Ash Narkar, Styra

In this talk, we will describe our “Shift Left” approach to security by using OPA to codify and enforce policies across our microservice architecture.

We will focus on the design of our OPA driven application development process that allows us to define custom security policies using OPA and enforce them by injecting our apps with an Envoy sidecar resulting in policy-enabled apps that are now ready to provide least-privilege access to PHI and PII data of our users.

In our demo we will show real-world examples of how we restrict access to sensitive data as well as how we control inbound and outbound traffic from our apps.

Speakers

Martin Pratt

CTO, Medudoc

Martin is the Technical Director for Platform at Ada Health. Martin has a degree in Human Computer Interaction, and has spent the last 13 years working in the technology sector in a wide range of roles, from product design & engineering through to system and organizational design... Read More →

Ash Narkar

Software Engineer, Styra

Ash Narkar is a maintainer of the Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc. working on OPA development and integrations. Previously he was a Principal Engineer at Verizon... Read More →

Securing Your Healthcare Data with OPA :: Martin Pratt & Ash Narkar :: Kubecon Europe 2020 pdf

Close Captioning Transcripts HCKG 1328 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/X8AhoSFXSzU

14:30 CEST

Zero Downtime Data Relocation with Vitess - Liz van Dijk & Deepthi Sigireddi, PlanetScale

Vitess has a flexible sharding architecture and natively supports "cells" which correspond to infrastructure located in multiple locations. This allows for the creation of jurisdiction-aware database clusters that solve data locality without having to re-architect your application. Also, Vitess's built-in support for resharding workflows makes migrating from existing databases into databases resident in multiple locations easy.
In this talk the speakers will show how to build a custom sharding scheme in Vitess that respects data locality requirements. They will then demonstrate a database cluster built using this scheme that enables transfer of existing data belonging to people from 8 different countries from one jurisdiction to four(4) separate jurisdictions with zero downtime at the application level.

Speakers

Deepthi Sigireddi

Software Engineer, PlanetScale

Deepthi is a Software Engineer at PlanetScale, where she leads the open-source engineering team for Vitess, a CNCF graduated project. She is also the Technical Lead for Vitess in the open-source community. She brings over 20 years of experience building scalable systems to this role... Read More →

Liz van Dijk

Solution Architect, PlanetScale

T(h)inker, Freelancer, Operational Swiss Army Knife. Coming from an engineering background, currently 100% focused on building solutions that accelerate all areas of business operations. Though strongly rooted in tech, Liz's true passion lies in understanding the drive and motivations... Read More →

Zero Downtime Data Relocation @ KubeCon EU 2020 pdf

Close Captioning Transcripts DGMD 3096 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Storage

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/6--4bQKMNF4

14:45 CEST

Meet the Maintainer: OpenEBS

Wednesday August 19, 2020 14:45 - 15:45 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

15:05 CEST

Break

Wednesday August 19, 2020 15:05 - 15:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Breaks

15:30 CEST

Meet the Maintainer: Thanos

Wednesday August 19, 2020 15:30 - 16:30 CEST
Virtual Project Pavilion - Zoom Room 1

Meet the Maintainers

15:35 CEST

Keynote: Opening Remarks - Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Principal Software Engineer, Splunk

Speakers

Constance Caramanolis

Principal Software Engineer, Splunk

Wednesday August 19, 2020 15:35 - 15:37 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

15:37 CEST

Keynote: Kubernetes Project Update - Vicki Cheung, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Engineering Manager, Lyft

Speakers

Vicki Cheung

Staff Software Engineer, Lyft

Wednesday August 19, 2020 15:37 - 15:52 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/O9ZctkEniU0

15:52 CEST

Sponsored Keynote: The Kubernetes Effect - Igniting Transformation in Your Team - Briana Frank, Director of Product, IBM Cloud

Kubernetes and Cloud Native architecture has begun to ignite transformation within companies in every industry. Growing from that first container project, team are starting to change how they build, work, collaborate and invent. Briana Frank will share how Kubernetes is the catalyst for this enterprise transformation and how to maximize the impact for your organization.

Speakers

Briana Frank

Director of Product Management, IBM Cloud

Briana Frank is the Director of Product Management at IBM Cloudfocusing on Developer Services. Briana lead the Offering Management and Design team that built the IBM Cloud Kubernetes service in 5 months and now manages 10's of thousands of clusters worldwide. Briana believes in creating... Read More →

Wednesday August 19, 2020 15:52 - 15:58 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/EuZPwAjUWjc

15:58 CEST

Keynote: How to Love K8s and Not Wreck the Planet - Holly Cummins, Worldwide IBM Garage Developer Lead, IBM

The past five years have been the warmest since records began. Human activity, including the IT industry, is driving worrying climate change. Data centres alone consume 3% of the world's energy, and more and more of that energy is being used by Kubernetes and workloads running on Kubernetes. Is k8s helping, or making things worse?

The beauty of the cloud is that it makes it easy to run code, virtualised and scheduled for efficiency... but it doesn't provide any guarantee that what's running is useful. Even when the workload is high-value and efficient, Kube sprawl can lead to low utilisation, unsatisfactory elasticity, and high costs - but mega-mono-clusters have their own problems around isolation, security, and management. How should these competing requirements be balanced? This talk discusses some of the trade-offs and provides a roadmap to figuring out the right thing.

Speakers

Holly Cummins

Worldwide IBM Garage Developer Lead, IBM

Holly Cummins is the worldwide development practice lead for the IBM Garage. As part of the Cloud Garage, Holly delivers technology-enabled innovation to clients across a range of industries, from banking to catering to retail to NGOs. She has led projects to count fish, help a blind... Read More →

Wednesday August 19, 2020 15:58 - 16:14 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/j5jql3e6hTA

16:14 CEST

Sponsored Keynote: Keep It Simple - A Human Approach to Coping with Complexity - Hannah Foxwell, Director – Platform Services, VMware Pivotal Labs

We humans are simple creatures. Our focus is finite. Wrestling with complexity can overwhelm and demotivate even the smartest engineers, but there are ways we can make life a little easier. In this talk Hannah will propose a human approach to coping with complexity—something we all need to consider when building successful engineering teams—and will share how to begin applying user-centric design to reduce the cognitive load on developers.

Speakers

Hannah Foxwell

Director – Platform Services, VMware Pivotal Labs

Wednesday August 19, 2020 16:14 - 16:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

Link to Video Recording https://youtu.be/VUW6VaXRIyc

16:15 CEST

Meet the Maintainer: Harbor

Wednesday August 19, 2020 16:15 - 17:15 CEST
Virtual Project Pavilion - Zoom Room 2

Meet the Maintainers

16:20 CEST

Keynote: Closing Remarks - Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Principal Software Engineer, Splunk

Speakers

Constance Caramanolis

Principal Software Engineer, Splunk

Wednesday August 19, 2020 16:20 - 16:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Keynote Sessions

16:25 CEST

Break

Wednesday August 19, 2020 16:25 - 16:55 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Breaks

16:30 CEST

CNCF Membership Benefits Office Hours

Have questions regarding CNCF membership benefits or what marketing programming you can participate in as a member? Join Katelin Ramer, CNCF Business Development Manager, and special guest, Kim McMahon, CNCF & RISC-V Director of Marketing, for office hours via Zoom during KubeCon Europe. Bring your questions and/or ideas to share and they will help ensure you’re making the most of your participation.

To sign up for office hours click here. See you there!

Wednesday August 19, 2020 16:30 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CNCF Membership Benefits Office Hours

16:55 CEST

Standardizing Applications For the Cloud at a Global Scale - Jared Watts, Upbound & Lei Zhang, Alibaba

In our rapidly maturing world of cloud native software, what exactly does it mean to be an “application”, especially as deployments become more complicated and move towards multiple clusters, regions, and even clouds at a global scale? In this talk, we will examine both the need and the benefits of a standard application definition model, as well as dive into the details of recent specific efforts in the ecosystem, such as the Open Application Model (OAM).

Once an “application” has a standard definition, it becomes easier to perform powerful higher level orchestration capabilities, such as scheduling the application and all of its infrastructure dependencies across multiple environments. We will learn about how scheduling works in Kubernetes and how the principles of scheduling pods to nodes can be applied to a global scale to schedule complete applications across multiple clouds.

Speakers

Jared Watts

Founding Engineer, Upbound

Lei Zhang

Staff Engineer, Alibaba

Standardizing Applications for the Cloud at a Global Scale pdf

CLOSE CAPTIONING TRANSCRIPT KNSZ 2239 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Application + Development

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/X5WBmPXBSCE

16:55 CEST

Sharing Clusters: Learnings From Building a Namespace On-Demand Platform - Lukas Gentele, DevSpace Technologies Inc.

Multi-tenancy is a hot topic in the Kubernetes community right now. IT teams want to enable engineers to work in shared clusters and allow them provision namespaces on-demand whenever needed. This creates a plethora of challenges that cluster admins have to address.

This case study will show how the team behind DevSpace Cloud built a public Kubernetes-Namespace-as-a-Service offering, including:
- Authentication via Dex
- Automatic RBAC configuration
- Dynamic admission control via Open Policy Agent
- On-Demand namespace provisioning via CRDs
- Network isolation using network policies
- Resource management using resource quotas and limit ranges
- Inactivity detection and automated cleanup of abandoned namespaces
- Sandboxing

This talk is intended for IT teams that want to create internal Kubernetes offerings to allow engineering teams to provision namespaces in an on-demand fashion.

Speakers

Lukas Gentele

CEO, DevSpace Technologies Inc.

Lukas Gentele is the CEO of DevSpace Technologies Inc., a startup that builds open-source developer tooling for Kubernetes and helps companies with their transition from traditional to cloud-native software development. Before starting DevSpace in Berkeley, California, Lukas founded... Read More →

Sharing Kubernetes Clusters KubeCon Europe 2020 pdf

CLOSE CAPTIONING TRANSCRIPT UWFL 8663 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Case Studies

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/hSdsdZL4lg8

16:55 CEST

KinD-ly Validating Your K8s Apps Automatically Per PR - Sarah Khalife, GitHub & Grant Griffiths, Portworx

Kubernetes application developers working on successful projects thrive on collaboration that is transparent, consistent, and rigorous. This is one of the reasons many open source projects excel. However, a common pitfall that app developers face is manually testing against inconsistent environments. Testing k8s application correctness can differ per developer environment. It is also very time consuming to spin up and down k8s clusters. In this talk, we will demonstrate a simple set of steps to create and automate a homogenous testing environment for your application. We will be using KinD, a tool for running Kubernetes in Docker, and CI to automatically run e2e tests across a common environment for a k8s application. To maintain consistency, we will automate the creation of this environment per pull request and run the test suite before deploying to production.

Speakers

Grant Griffiths

Software Engineer, Portworx

Grant Griffiths is a core contributor to the Kubernetes CSI and SIG Storage communities working at Portworx. For kubernetes-CSI, he is bringing the external-snapshotter to Beta, improved support for secrets, and improving release tooling. At Portworx, he works on control plane components... Read More →

Sarah Khalife

Enterprise Solutions Engineer, GitHub

Passionate about creating an environment to help organizations implement best practices and improve their Software Development Life Cycle operations, Sarah is a Solutions Engineer at GitHub. She helps drive open source and innersource, automated workflows, and more secure development... Read More →

Kind ly Validating your K8s Apps Automatically per PR pdf

CLOSE CAPTIONING TRANSCRIPT AELB 6825 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

CI/CD

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/Yt5wpZ6raDA

16:55 CEST

Optimized Resource Allocation in Kubernetes? Topology Manager is Here - Conor Nolan, Intel & Victor Pickard, Red Hat

To satisfy the resource demands of workloads, Kubernetes must be responsible for resources on the platform and the intricacies associated with them. The introduction of CPU Manager and Device Manager are two examples of K8s taking involved decisions for resource assignment. However, these two components act independently, which can lead to undesirable resource allocations most notable on a systems with multiple CPU Socket or NUMA Regions.

Under the guidance of SIG node, a new component is being introduced to Kubelet called Topology Manager, which will resolve this undesirable situation by enabling optimal resource allocation. This talk will introduce Topology Manager, how it works to solve these problems as well as the reasons behind introducing such a feature.

Speakers

Victor Pickard

Principal Sofware Engineer, Red Hat

Victor Pickard is a Principal Software Engineer at Red Hat. He is working on Kubernetes and Openshift, focusing on Telco use cases for advanced networking. Specifically, Victor is working with folks at Intel and NVidia to get Topology Manager component to Beta status for kubernetes... Read More →

Conor Nolan

Software Engineer, Intel

Conor Nolan is a Software Engineer on the Cloud Native Orchestration team at Intel, primarily focused on resource management. He is a Kubernetes contributor and member. Specifically, he has been involved in the development and upstream of the Topology Manager, a Kubelet component... Read More →

August 19 Optimized Resource Allocation in Kubernetes Topology Manager is Here pdf

CLOSE CAPTIONING TRANSCRIPT HGUN 2592 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Customizing + Extending Kubernetes

Link to Video Recording https://youtu.be/KU_EtejzXp0

16:55 CEST

Production Multi-node Jobs with Gang Scheduling, K8s, GPUs and RDMA - Madhukar Korupolu & Sanjay Chatterjee, NVIDIA

With the growing scale of DL and ML applications, distributed execution of jobs across multiple nodes becomes increasingly critical -- to solve bigger problems faster -- as illustrated by the recent MLperf results. However running such workloads in a production K8s cluster shared by multiple jobs/users has several challenges.

In this talk, we’ll give an overview of this area -- including distributed Tensorflow, Pytorch, Horovod, MPI -- and the use of GPU nodes with NCCL and RDMA for accelerated performance. We’ll describe our end-to-end flow for multi-node jobs in K8s including gang scheduling, quotas, fairness and backfilling implemented in our custom scheduler for GPUs. Our cluster includes high-speed networking through RoCE and SR-IOV / Multus CNI. We’ll share our design choices, learnings and operational experience including failure handling, performance and telemetry.

Speakers

Madhukar Korupolu

Distinguished Engineer, NVIDIA

Madhukar is an architect at NVIDIA working on GPU clusters for AI and ML workloads. Areas of interest and experience include AI / ML infra, GPU acceleration, Cloud computing, Distributed systems, Kubernetes, HPC, CDNs etc with previous stints at Google, IBM and Akamai. He holds a... Read More →

Sanjay Chatterjee

Senior Engineer, NVIDIA

Sanjay Chatterjee is a senior engineer at NVIDIA. He works on runtime system infrastructure and core Kubernetes components to support highly scalable HPC and DL/AI workloads. Previously he worked on DoE/DARPA funded research and advanced technology projects for exascale systems. His... Read More →

CLOSE CAPTIONING TRANSCRIPT GURR 5501 txt

Multi node jobs with K8s Kubecon 2020 pdf

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Machine Learning + Data

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording youtu.be/yWOcsNv1tKo

16:55 CEST

Birds of a Feather: Telecom User Group - Dan Kohn, CNCF & Taylor Carpenter, Vulk Coop

CNCF hosts the Telecom User Group (TUG) for service providers and their vendors to discuss the adoption of cloud native technologies. The community is invited to join this birds-of-a-feather (BoF) session to discuss the status of various initiatives and white papers in this space as well as ideas, requirements and best practices to continue moving forward. Some topics to discuss include the TUG Whitepaper, Cloud Native Networking Principles, Cloud Native Network Functions (CNFs) conformance testing, gap analysis and demonstrating different approaches using the CNF Testbed.

Speakers

Dan Kohn

General Manager, Linux Foundation Public Health, Linux Foundation

Dan leads Linux Foundation Public Health, a new initiative to use open source software to help public health authorities combat COVID-19 and serves as VP, Strategic Programs for the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes... Read More →

Taylor Carpenter

Principal Factotum,, Vulk Coop

Taylor is a CNF WG Co-Chair and Co-Owner of the software cooperative Vulk Coop residing in Austin, TX. Taylor has been an open source advocate and developer since the mid-90s with experience in multiple industries including Telecommunications, Finance, and Healthcare. He was an early... Read More →

[KubeCon EU 2020] Intro CNCF’s Telecom Initiatives pdf

CLOSE CAPTIONING TRANSCRIPT BLCY 5066 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/FnV4232HUP0

16:55 CEST

Cluster API Deep Dive - Naadir Jeewa, VMware & Cecile Robert-Michon, Microsoft

The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. In this deep dive, we will examine how the Cluster API simplifies the cluster management experience for cluster operators by enabling consistent machine management across environments, and bringing declarative upgrades to Kubernetes clusters.

Speakers

Cecile Robert-Michon

Software Engineer, Microsoft

Cecile Robert-Michon is a software engineer at Microsoft working on the Azure Cloud Native Compute team, where she spends most of her time contributing to various open source projects. She speaks French, English and Spanish and studied engineering at McGill University in Montreal... Read More →

Naadir Jeewa

Staff Engineer I, VMware Inc.

Chat to me about all things Cluster API related.

CLOSE CAPTIONING TRANSCRIPT OSEF 2231 txt

Cluster API Deep Dive pdf

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/9SfuQQeeK6Q

16:55 CEST

Deep Dive Into Building a Secure & Multi-tenant SaaS Solution with NATS - Wally Quevedo, Synadia

The NATS project turns 10 in 2020, and what started as a simple and high performance messaging system written in Go to build event-driven architectures using Pub/Sub, has since then evolved into a component that can allow the seamless communication of streams & services across multiple regions, thus simplifying further the stack required to deploy globally available services. In this talk, you will learn from one of the maintainers of the project how to create applications in Go that take advantage of NATS messaging and security features by demonstrating how to implement a minimal chat application that is secure and globally available.

Speakers

Wally Quevedo

Software Engineer, Synadia

August 19 Deep Dive Into Building a Secure & Multi tenant SaaS Solution with NATS pptx

CLOSE CAPTIONING TRANSCRIPT YDGF 9701 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/lmX5h886k20

16:55 CEST

Deep Dive: Linkerd - Zahari Dichev, Buoyant

In this session, Zahari Dichev, will focus on lessons learned, how to's, and what the future of Linkerd holds.

Speakers

Zahari Dichev

Software Engineer, Buoyant

Zahari Dichev is a software engineer working at Buoyant, the creator of Linkerd. He is passionate about performance, distributed systems and cloud-native technology.

kubecon eu slides pdf

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/GJVzSqYrflc

16:55 CEST

Kubernetes Steering Committee AMA - Lachlan Evenson, Microsoft; Aaron Crickenberger, Google; Paris Pittman, Apple; Nikhita Raghunath & Davanum "Dims" Srinivas, VMware ; Derek Carr & Christoph Blecker, Red Hat

Speakers

Lachlan Evenson

Principal Program Manager - Azure, Microsoft

https://www.linkedin.com/in/lachlanevenson

Derek Carr

Distinguished Engineer, Ancestry

Aaron Crickenberger

Staff Testing Engineer, Google

Aaron has been involved in open source since 2007, cloud since 2009, and Kubernetes since 2015. He co-founded the Kubernetes Testing SIG and K8s Infra WG, and is serving his second term on the Kubernetes Steering Committee since being elected in 2017.Aaron has actively contributed... Read More →

Paris Pittman

various project roles, independent

Paris Pittman has spent the last 20 years helping communities grow and flourish — from building hometown Baltimore tech communities to driving belonging and sustainability in massive open source ecosystems like Kubernetes. Paris has contributed to Kubernetes for 6 years and serves... Read More →

Christoph Blecker

Managed OpenShift Platform Architect, Red Hat

Christoph is an Architect and Senior Principal SRE on Red Hat's OpenShift team and a contributor to the Kubernetes project. He's a Technical Lead for SIG Contributor Experience, a member of the Kubernetes Steering Committee, and a regular contributor to SIG Architecture, SIG Testing... Read More →

Davanum Srinivas

Principal Engineer, Amazon Web Services

TOC member and Chair of SIG Architecture for Kubernetes

Nikhita Raghunath

Staff Engineer, VMware

Nikhita is a staff software engineer at VMware and a maintainer of the Kubernetes project. She is a CNCF Ambassador and has won the CNCF Top Committer Award in 2021 for her technical contributions. She is currently the technical lead for k8s SIG Contributor Experience and was al... Read More →

CLOSE CAPTIONING TRANSCRIPT NHAP 5934 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/7exbtga2AfM

16:55 CEST

Notary v2 Outstanding Issues Working Session - Justin Cormack, Docker & Steve Lasker, Microsoft

The Notary v2 project is a rework of the infrastructure for container signing, supporting additional OCI Artifacts, such as Helm, Singularity and CNAB, and fixing usability and other issues. This session examines the current state of the project, discussing the design decisions as they relate to the target scenarios. This session is a working session to engage face to face discussions for all participants.

Speakers

Justin Cormack

CTO, Docker

Justin is the CTO of Docker, a Notary maintainer, and a member of the CNCF TOC. He has been working with containers and in the security space for many years.

Steve Lasker

Principal PM Architect, Microsoft

Steve is a PM Architect for Registries at Microsoft, and an OCI & ORAS Artifacts maintainer. He's working on Notary v2 and Microsofts secure supply chain offerings. Prior to joining Microsoft, Steve worked in software consulting and broadcast engineering, where he learned the balance... Read More →

KubeCon2020eu Notary2Update pdf

Close Captioning Transcripts CONVx 3795 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Maintainer Track Sessions

Link to Video Recording https://youtu.be/svP-FLqXazs

16:55 CEST

Multicloud Vitess over Network Service Mesh - Tim Swanson, Cisco & John Watson, PlanetScale

This talk will describe using Network Service Mesh to create a private L3 network between Kubernetes clusters in different cloud providers to seamlessly deploy multiple Vitess cells across them. We will describe a multicloud Vitess use case and walk through the deployment details, highlighting the networking requirements in the process. We will describe NSM’s inter-domain feature and multicloud capabilities and a network service which fulfills the Vitess multicloud networking requirements by dynamically forming a common private L3 routing domain to interconnect specific workloads hosted in multiple clouds.

Speakers

Tim Swanson

Sr. Technical Leader, Cisco

Tim is a senior technical lead engineer at Cisco working in Emerging Technologies & Innovation. His current focus is application networking--particularly multicloud solutions, service meshes, and contributing to related opensource communities—primarily, Network Service Mesh & Istio... Read More →

John Watson

Site Reliability Engineer, PlanetScale

John is a seasoned SRE by the infrastructures of Dropbox, Disqus, and Mahalo. He's now bringing the lessons learned from operating various distributed systems in hybrid clouds to PlanetScale to build a cloud native database using Vitess and Kubernetes. You can often find John glued... Read More →

Vitess NSMvL3 KubeconEU 2020 pdf

CLOSE CAPTIONING TRANSCRIPT HXVB 4918 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Networking

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/NulLc7DxXg8

16:55 CEST

20,000 Upgrades Later: Lessons From a Year of Managed Kubernetes Upgrades - Adam Wolfe Gordon, DigitalOcean

Upgrading to a new release is one of the most disruptive operations we regularly inflict on our Kubernetes clusters. There are multiple strategies for doing an upgrade, but they all require rescheduling workloads and restarting cluster components.

We started offering upgrades on our managed Kubernetes platform, DigitalOcean Kubernetes Service (DOKS), in May 2019. Since then, our customers have kicked off about 20,000 automated patch and minor release upgrades on their clusters. Most of those upgrades went well, but some didn't and we've learned a few things from the ones that went wrong.

In this talk we will share lessons from a year of automated Kubernetes upgrades: what we got right, what we got wrong, workloads that caused us trouble, and changes we've made to make the process smoother. We hope these lessons will help others avoid pain in their Kubernetes upgrades.

Speakers

Adam Wolfe Gordon

Senior Engineer II, DigitalOcean

Adam Wolfe Gordon is a senior engineer focused on product strategy at DigitalOcean. Among other things, he previously worked as the tech lead for DigitalOcean's Kubernetes and container registry products. Adam is interested in infrastructure products, and likes to spend as much time... Read More →

KubeCon Upgrades AdamWolfeGordon pdf

CLOSE CAPTIONING TRANSCRIPT QTAU 1133 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Operations

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/apt8FUhrJiw

16:55 CEST

Virtual Cluster - A Practical Kubernetes Hard Multi-tenancy Solution - Fei Guo, Alibaba

Conventional, the concept of Kubernetes multi-tenancy is realized by namespaces. Tenants access controls are limited within tenant namespaces using RBAC rules. The Pod level isolation is primarily done using network policy.

This model faces various problems when applied in production since Kubernetes is far from tenancy-ready. For example:
1) APIServer is lack of tenant-aware flow control. A single tenant may generate large amount of concurrent traffic making APIServer unresponsive to other tenants;
2) Tenants cannot install customized CRDs which requires cluster scope permission;

We proposed Virtual Cluster solution to resolve the multi-tenancy problem from a different angle. Basically, every tenant will be assigned a dedicated K8s control plane. All tenant K8s shares a big super master. Virtual cluster is built based on CRDs. The entire solution is open sourced in Github.

Speakers

Fei Guo

Software Engineer, Microsoft

Fei Guo has been worked on various projects in the areas of workload automation, multitenancy, scheduling and edge computing in Kubernetes.

vc kubecon2020 pdf

zoom 0 mp4

CLOSE CAPTIONING TRANSCRIPT RSAE 8552 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Runtimes

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/5RgF_dYyvEY

16:55 CEST

Seccomp Security Profiles and You: A Practical Guide - Duffie Cooley, VMware

Have you wondered what a seccomp security profile is, and how it relates to Linux Capabilities?

Folks often dismiss seccomp profiles and Capabilities as a way of hardening applications as it is too difficult to determine what syscalls are in use by a given application.

In this session we will explore a couple of tools designed to make this more approachable.

Dockersl.im is an opensource project that can take a Dockerfile and an image and produce a smaller image containing only the necessary bits, a seccomp security profile derived from the system calls the application made while under test.

Inspektor Gadget is an opensource project by the folks at kinvolk that enables to make use of BPF to inspect a number of things about pods that are deployed. Providing better visibility into what pods are accessing from a syscall and filesystem perspective.

Come learn about these super powers!

Speakers