Loading…
Attending this event?
In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Sunday, October 23
 

2:00pm EDT

Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification
There are two locations at Huntington Place where you can go through Health + Safety to how proof of vaccination or negative COVID-19 test and pick up your badge:
  • Corner entrance on the cityside @ the corner of W Congress St. and Washington Blvd.
  • Riverside entrance @ Atwater St. (along the Riverwalk)

Sunday October 23, 2022 2:00pm - 6:00pm EDT
Huntington Place Detroit

2:00pm EDT

 
Monday, October 24
 

7:30am EDT

Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification
There are two locations at Huntington Place where you can go through Health + Safety to how proof of vaccination or negative COVID-19 test and pick up your badge:
  • Corner entrance on the cityside @ the corner of W Congress St. and Washington Blvd.
  • Riverside entrance @ Atwater St. (along the Riverwalk)

Monday October 24, 2022 7:30am - 6:00pm EDT
Huntington Place Detroit

7:30am EDT

7:30am EDT

9:00am EDT

Application Networking Day with Istio, Cilium, and Envoy Hosted by Solo.io (Additional IN-PERSON Registration Required)
Start with equal parts API-GW, Kubernetes Ingress and Service Mesh, then throw in some Security, Observability, and Multi-Tenancy. The world of application networking is changing fast. Join us at this off-site co-located event to learn about what’s new with open source technologies including Istio, Cilium and Envoy, and how to use them together to better power your applications.

- The Future of Service Mesh - Sidecars or Sidecarless
- Convergence of Gateway, Ingress and Mesh
- Multi-Tenancy, Multi-Cloud and Multi-Cloud
- Zero-Trust Networking and Cryptographic Identity
- Extensibility of Envoy - What’s Possible?
- Where does eBPF fit into Application Networking?

This event includes one full day of technical sessions presented by end users and industry leaders from across the cloud native ecosystem concurrent with live, hands-on Istio, Cilium and Envoy workshops so you can try out the technologies as you learn.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note that this is an off-site Sponsor Hosted Co-located Event
For questions regarding this event, please contact: events@solo.io


Monday October 24, 2022 9:00am - 5:00pm EDT
Waterview Loft 130 Atwater St, Detroit, MI 48226

9:00am EDT

BackstageCon Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
BackstageCon is a one-day conference focused on all things Backstage: an open platform for building developer portals. This event is designed to foster discussion, collaboration, and knowledge-sharing on Backstage. Get connected with people working within the Backstage community and building their own versions of Backstage in their organizations. Topics for this event include: developer portal use cases, getting started with Backstage, technical deep dives, best practices and learnings from Backstage adopters.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for BackstageCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Cloud Native eBPF Day North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
eBPF is transforming Cloud Native. Co-located with KubeCon + CloudNativeCon, eBPF Day is a vendor-neutral conference that explores this transformational technology and its impact on the future of Cloud Native.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Cloud Native eBPF Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Cloud Native SecurityCon North America Hosted by CNCF Day 1 (Additional IN-PERSON Registration + Fee Required)
Cloud Native SecurityCon will have a virtual component. Thank you to our live stream sponsor, ControlPlane.

Cloud Native SecurityCon is a two-day event designed to foster collaboration, discussion and knowledge sharing of discuss cloud native security projects and how to best use these to address security challenges and opportunities. The goal is not just to propose solutions that incrementally improve what has come before, but to give room to breakthrough technology and advances in modern security approaches. Topics of sessions and lightning talks presented by expert practitioners include architecture and policy, secure software development, supply chain security, identity and access, forensics, and more.

In addition to engaging sessions, a hosted Capture The Flag (CTF) learning experience will run in parallel to the event for attendees to learn first hand practical attack and defense techniques.

Please visit the event's website  and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Cloud Native SecurityCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Cloud Native Wasm Day North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Cloud Native Wasm Day will have a virtual component. Thank you to our live stream sponsor, Cosmonic!

As an open and portable technology WebAssembly is being applied and designed in numerous independent domains such as the edge or as a web browser specific technology. The emergence and adoption of WebAssembly as a cloud native platform, embedded into application, and as cloud native applications demonstrates the power and possibility of Cloud Native technologies and WebAssembly to be Better Together.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Cloud Native Wasm Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Data on Kubernetes Day Hosted by Constantia (Additional IN-PERSON Registration + Fee Required)
Data on Kubernetes Day (DoK Day) is where the industry convenes to share best practices and use cases and learn about advancements in the use of Kubernetes for data.

Featuring a full day of technical sessions presented by end users and industry leaders including Netflix, ING, Kurago, OpsVerse, Sourcegraph, A3Data & more.
In addition to talks, we host musical performances, art, interactive quizzes, and audience interaction to make it a memorable event.

Join us virtually or in-person! Event is FREE for virtual attendees.
150 IN-PERSON spots available and lunch will be provided. IN-PERSON registration fee is $50.

How to Register: To register for DoK Day, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

Please note that this is an off-site event. Please visit the event website and schedule for more details:
https://dok.community/dok-day-north-america-2022/
For questions regarding this event, please contact: Events@dok.community

Monday October 24, 2022 9:00am - 5:00pm EDT
DoubleTree Suites by Hilton Hotel Detroit Downtown | Main Ballroom 525 W Lafayette Blvd, Detroit, MI 48226

9:00am EDT

EnvoyCon North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
The Envoy maintainers are excited to announce the 5th annual EnvoyCon, a practitioner-driven community conference that emphasizes end-user case studies as well as deep technical talks from vendors that have chosen to build offerings on top of Envoy (zero product pitches!). Come join us for an exciting day of technical content and networking (both the social and computing kind).

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for EnvoyCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

gRPConf Co-Hosted by CNCF + Google Cloud (Additional IN-PERSON Registration + Fee Required)
Join key customers, project leads, and contributors that make up the gRPC ecosystem for a full day of talks, demos, case studies and code labs. Experts will discuss real-world implementations of gRPC, best practices for developers, and topic expert deep dives. This is a must-attend event for those using gRPC in their applications today as well as those considering gRPC for their enterprise microservices.

There will be ample time for meeting project leads, networking with peers, and Q & A.

Interested in speaking at gRPConf? Fill out the CFP here, due Oct 1!

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For questions regarding this event, please contact: javaclimber@google.com

Monday October 24, 2022 9:00am - 5:00pm EDT
430 A

9:00am EDT

KnativeCon North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
KnativeCon is the Knative community’s first conference on the Knative serverless project. Knative provides developer-friendly primitives for building serverless applications on Kubernetes.  Topics include: Installing and operating Knative, Developer experiences using and designing for Knative + Serverless and Event-Driven architecture patterns

Who Should Attend: KnativeCon is for all Knative users and contributors, as well as application developers interested in serverless technology, systems staff implementing event-driven architectures, distributed computing aficionados, and devops creators of event-based workflows. If you have any reason to care about serverless and event-based platforms and development, we’ll have something for you.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for KnativeCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Kubernetes Batch + HPC Day Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Processing data creates insight and helps make the world a better place. With a renowned focus on batch workloads for HPC, AI/ML in Kubernetes we want to bring together a community of experts – open source contributors, practitioners, researchers, and end users who want to make Kubernetes the best tool to manage infrastructure for research, training and scientific use cases.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Kubernetes Batch + HPC Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Open Observability Day North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Open Observability Day (#OpenO11yDay) fosters collaboration, discussion, and knowledge sharing of cloud-native observability projects (including but not necessarily limited to Prometheus, Fluentd, Fluent Bit, OpenTelemetry, and OpenMetric), as well as vendor-neutral best practices for addressing observability challenges. Sessions include a keynote, panel discussions, workshops, lightning talks, and individual presentations. This event is intended both for audiences that are new to observability as well as for seasoned practitioners. Open Observability Day will enable you to spend a day peeking under the hood of major Cloud Native Computing Foundation observability-related projects and broadening your knowledge of observability.

The event is vendor-neutral and organized by members of the community.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Open Observability Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Spinnaker Summit Hosted by Continuous Delivery Foundation (Additional IN-PERSON Registration + Fee Required)
The sixth annual Spinnaker Summit will be co-located (off site) with KubeCon in Detroit on October 23-24, 2022. The Summit will bring together a global community of collaborators, focused on the future of Spinnaker, the open-source continuous delivery platform. The event will include hands-on workshops, keynotes, happy hours, and more. Targeted toward developers, architects, operators, and technical leaders, this event will be a great place to share knowledge and build connections.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note this is an off-site Sponsor Hosted Co-Located Event, for details please visit: https://events.linuxfoundation.org/spinnaker-summit/
Questions, please contact events@cd.foundation

Monday October 24, 2022 9:00am - 5:00pm EDT
Detroit Marriott at the Renaissance Center 400 Renaissance Dr W. Detroit, MI 48243

12:00pm EDT

Learning Day Featuring Kubernetes Hosted by KubeCampus
For registration and more information, please visit our site:
https://learning.kasten.io/resources/kubernetes-events-kubecampus-learning-day/

KubeCampus Rookie Lab: 12:00 p.m. - 2:00 p.m ET (Kubernetes beginners!)
KubeCampus Pro Lab: 2:00 p.m. - 4:00 p.m. ET (Kubernetes skills!)

Take your Kubernetes knowledge to the next level at Learning Day Featuring Kubernetes hosted by KubeCampus, a community-focused, independent learning resource for Kubernetes users. This no cost, in-person Kubernetes learning session is designed for all levels!
At this event, you’ll have the opportunity to expand your Kubernetes skill set during one of two, 2-hour hands-on labs, where you’ll learn real-world cloud native skills from thought leaders and experts. Choose from two tracks: The Rookie Track offers an intro to Kubernetes, and the Pro Track is a deep dive for those with some Kubernetes experience.

During the labs, you will:
Gain valuable knowledge about Kubernetes, a highly in-demand skill
Build your resume and share your lab completion badge on LinkedIn
Make valuable contacts with industry experts and community members
KubeCampus consistently earns high scores for its informative, hands-on labs – and Learning Day Featuring Kubernetes is another way to ensure the community can benefit from them.

In addition to the labs, you’ll enjoy free food, and earn cool swag and prizes. Whether you’re a Kubernetes Rookie or a seasoned Pro, Learning Day Featuring Kubernetes Hosted by KubeCampus will provide ample opportunities to grow your Kubernetes skills and knowledge.

Please note this is an off-site Sponsor Hosted Co-Located Event
For questions, please contact: contact@kubecampus.io

Monday October 24, 2022 12:00pm - 4:00pm EDT
The Westin Book Cadillac 1114 Washington Boulevard, Detroit, MI, 48226

1:00pm EDT

Cloud Native Telco Day Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Adopting cloud native best practices and principles are critical to the success and growth of Service Providers as they scale to meet new demands for 5G and beyond.  Cloud Native Telco Day brings together Service Providers and Vendors across the Telco ecosystem to collaborate with the cloud native community to share lessons learned in their cloud native journey.  Anyone involved with the digital transformation of Telco applications and/or infrastructures should join our second Cloud Native Telco Day.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Cloud Native Telco Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Monday October 24, 2022 1:00pm - 5:00pm EDT
Huntington Place Detroit

1:00pm EDT

Flux Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
Flux Project Meeting
Monday, October 24 | 1:00 pm - 5:00 pm ET
Room 335, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Monday October 24, 2022 1:00pm - 5:00pm EDT
335

1:00pm EDT

LitmusChaos Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
LitmusChaos Project Meeting
Monday, October 24 | 1:00 pm - 5:00 pm ET
Room 336, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Monday October 24, 2022 1:00pm - 5:00pm EDT
336

1:00pm EDT

Operator Day Hosted by Canonical (Additional VIRTUAL Registration Required)
Software operators are crucial in the Kubernetes landscape. A software operator encapsulates the knowledge and expertise of a real-world operations team and codifies it into a dedicated piece of software. Software operators help human operators and administrators run their applications efficiently and effectively. Canonical provides an OSS-based platform and framework for building and running operators.

And what better place to talk about operators than KubeCon, the Cloud-Native Foundation’s flagship conference? Canonical has been hosting Operator Day at Kubecon since 2020. The fourth edition of Operator Day took place at Kubecon Europe earlier this year. We hosted various sessions about the basics behind operators, what they are, how to use them, how to create them and how your team can benefit from them. Speakers shared knowledge and insights about their software operator journey, from configuration management to application management. If you missed it, you can access everything freely on youtube.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For more information and updates, please visit our site: https://app.myonvent.com/event/operator-day
For questions, please contact: alina.toderenchuk@canonical.com

Monday October 24, 2022 1:00pm - 6:00pm EDT
 
Tuesday, October 25
 

7:30am EDT

Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification
There are two locations at Huntington Place where you can go through Health + Safety to how proof of vaccination or negative COVID-19 test and pick up your badge:
  • Corner entrance on the cityside @ the corner of W Congress St. and Washington Blvd.
  • Riverside entrance @ Atwater St. (along the Riverwalk)

Tuesday October 25, 2022 7:30am - 6:00pm EDT
Huntington Place Detroit

7:30am EDT

7:30am EDT

8:00am EDT

Backstage Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
Backstage Project Meeting
Tuesday, October 25 | 8:00 am - 12:00 pm ET
Room 335, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 8:00am - 12:00pm EDT
335

8:00am EDT

Cilium Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
Cilium Project Meeting
Tuesday, October 25 | 8:00 am - 12:00 pm ET
Room 334, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 8:00am - 12:00pm EDT
334

8:00am EDT

Kyverno Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
Kyverno Project Meeting
Tuesday, October 25 | 8:00 am - 5:00 pm ET
Room 336, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 8:00am - 12:00pm EDT
336

8:00am EDT

OpenShift Commons Gathering Hosted by Red Hat (Additional IN PERSON Registration Required)
OpenShift Commons Gathering will be held at the Westin Book Cadillac Hotel in the Woodward Ballroom (A/B, C&D) located at 1114 Washington Blvd, Detroit, MI 48226, just a short 10 minute walk from the convention center and hosted virtually via the Hopin Platform for those of you who cannot attend in person!
 
This Gathering includes Can’t-Miss Keynotes with Speakers From ING, Lockheed Martin, Ford, and Red Hat Distinguished Engineers including Erin Boyd (Director, Emerging Technology & CNCF TOC member) and Derek Carr (Kubernetes SIG Node Chair)
 
In-Person Break Out Sessions at the OpenShift Commons Gathering include:
- Konveyor Hackfest,
- Hands-on Operator Framework Workshop,
- Early Stage Startup Gathering,
- OKD Working Group F2F Lunch & Meetup
- Hosted Control Planes (HCP) Community Meetup
 
Space is limited, so register today for the day-long series of customer case studies, keynotes, lightning talks and our evening reception hosted by the KBE Insider crew!

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For more information and updates, please visit our site:
https://commons.openshift.org/gatherings/kubecon-22-oct-25
For questions, please contact: npazmino@redhat.com

Tuesday October 25, 2022 8:00am - 6:00pm EDT
The Westin Book Cadillac 1114 Washington Boulevard, Detroit, MI, 48226

9:00am EDT

AWS Container Day featuring Kubernetes Hosted by AWS (AM Session) [Additional IN-PERSON Registration is Required]
AWS Container Day Featuring Kubernetes is a free Day 0 event for attendees of KubeCon + CloudNativeCon North America 2022. AWS and guest speakers share technical deep dives, product demos, and best practices intended to help you deploy, manage, secure, and scale containerized applications using Kubernetes on AWS. Morning and afternoon sessions have different topics and speakers. Seating is limited, and pre-registration is required.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For more information please visit: https://pages.awscloud.com/AWSKubernetes-2022.html
For Questions, please contact: aws-container-day@amazon.com

Tuesday October 25, 2022 9:00am - 12:30pm EDT
430 B

9:00am EDT

Service Mesh in Production with Linkerd Workshop Hosted by Buoyant (Additional IN-PERSON Registration + Fee Required)
This (off-site) hands-on workshop will cover how to run a service mesh in production. Participants will install Linkerd, the only CNCF-graduated service mesh, on a Kubernetes cluster, then work through Linkerd’s installation, care, and feeding, following production-ready best practices. We will cover high-availability deployments, avoiding downtime during upgrades and certificate rotation, Linkerd 2.12’s new route-based policies and iptables-NFT mechanisms, and — of course — Linkerd's reliability, security, and observability features. If time permits, we will explore multicluster Linkerd as well.
This workshop is hosted by Buoyant, the creator of Linkerd, and will be taught by Linkerd maintainers. Attendees will be provided with individual Kubernetes clusters courtesy of Civo, the first cloud native service provider powered only by Kubernetes.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note this is an off-site Sponsor Hosted Co-Located Event
For Questions about this event, please contact: events@buoyant.io
Event location: https://hotelpontchartrain.com/


Tuesday October 25, 2022 9:00am - 1:00pm EDT
Fort Pontchartrain Hotel | Windsor Ballroom 2 Washington Blvd, Detroit, MI 48226

9:00am EDT

Azure Day with Kubernetes Hosted by Microsoft Azure (Additional IN-PERSON Registration + Fee Required)
Join Microsoft experts on Tuesday, Oct 25th from 9am to 5pm ET to learn best practices for building cloud-native apps with Kubernetes on Azure.

In this full-day session, you will:
• Learn how to build modern apps using Azure Kubernetes Service (AKS) and integrated development tools
• Understand best practices for managing your Kubernetes footprint, securely and at scale
• Learn how you can use open-source technologies such as KEDA, Open Service Mesh, and more, to implement cloud-native architectures on Microsoft Azure
• Get a preview into new and upcoming Kubernetes on Azure product updates, including AKS
• Learn how customers are using Kubernetes on Azure to drive business outcomes

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For Questions, please contact: nheinrich@dynamicevents.com, lpalmer@dynamicevents.com

Tuesday October 25, 2022 9:00am - 5:00pm EDT
410 B

9:00am EDT

Chaos Day Hosted by Harness (Additional IN-PERSON Registration + Fee Required)
Join Harness, the modern software delivery platform, in Detroit to learn how Chaos Engineering is transforming the reliability of cloud native services. Co-located with KubeCon, Chaos Day is a one-day conference that explores this transformational technology and its impact on the future of cloud native DevOps. By making chaos engineering cloud native, a new generation of reliable systems has enabled developers to focus on innovation rather than the distractions of system failures. No longer is it necessary to face the uncertainty of complex systems and failure; now, it’s possible to test and proactively improve without compromising reliability. 
 
The highly complex nature of orchestrated container environments, like Kubernetes, creates stress and pressure on developers to understand the new failure modes they need to consider when adopting this technology. Leveraging Chaos Engineering allows for greater reliability and understandability of complex systems for the developer. This conference will explore both Harness Chaos Engineering and the use of LitmusChaos (CNCF incubating project) to improve reliability of cloud native deployments.
 
Here’s what Harness and the ChaosNative team that founded the LitmusChaos project will present:
  • Overview of Chaos Engineering and how it accelerates cloud native adoption and transforms reliability
  • How to adopt Chaos Engineering in CI and CD systems to achieve shift left reliability
  • How to leverage Chaos Engineering in production environments
  • Learn how to scale the practice of Chaos Engineering using GitOps
  • Hands on workshop for how to run your own Chaos Day to level up your organization
  • Presentations from the Litmus Community on how the CNCF LitmusChaos project is playing an instrumental role in their reliability strategy and journey
  • State of Chaos Engineering adoption in the cloud native industry and the emergence of Chaos Maturity Model
 
Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For questions regarding this event, please contact: events@harness.io

Tuesday October 25, 2022 9:00am - 5:00pm EDT
411 ABC

9:00am EDT

Cloud Foundry Day Hosted by Cloud Foundry Foundation (Additional IN-PERSON Registration + Fee Required)
Cloud Foundry has long been the industry standard open source cloud application platform. Now, with Korifi and Paketo Buildpacks, the best-in-class developer experience that Cloud Foundry is known for is available on Kubernetes. Cloud Foundry Day is a full day of sessions, hosted by the Cloud Foundry Foundation, in which the technical community, end-users, and member companies will come together to discuss these new technologies and find out what’s new with the traditional Cloud Foundry architecture. Session topics will include Korifi, Paketo Buildpacks, new features in cf-deployment, updates from the TOC, adoption of new stemcells, and more. View the Schedule.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For more information, visit https://events.linuxfoundation.org/cloud-foundry-day/
For questions, please contact events@cloudfoundry.org

Tuesday October 25, 2022 9:00am - 5:00pm EDT
140 ABC

9:00am EDT

Cloud Native SecurityCon North America Hosted by CNCF Day 2, Track 1 (Additional IN-PERSON Registration + Fee Required)
Cloud Native SecurityCon will have a virtual component. Thank you to our live stream sponsor, ControlPlane.

Cloud Native SecurityCon is a two-day event designed to foster collaboration, discussion and knowledge sharing of discuss cloud native security projects and how to best use these to address security challenges and opportunities. The goal is not just to propose solutions that incrementally improve what has come before, but to give room to breakthrough technology and advances in modern security approaches. Topics of sessions and lightning talks presented by expert practitioners include architecture and policy, secure software development, supply chain security, identity and access, forensics, and more.

In addition to engaging sessions, a hosted Capture The Flag (CTF) learning experience will run in parallel to the event for attendees to learn first hand practical attack and defense techniques.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Cloud Native SecurityCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Cloud Native SecurityCon North America Hosted by CNCF Day 2, Track 2 (Additional IN-PERSON Registration + Fee Required)
Cloud Native SecurityCon will have a virtual component. Thank you to our live stream sponsor, ControlPlane.

Cloud Native SecurityCon is a two-day event designed to foster collaboration, discussion and knowledge sharing of discuss cloud native security projects and how to best use these to address security challenges and opportunities. The goal is not just to propose solutions that incrementally improve what has come before, but to give room to breakthrough technology and advances in modern security approaches. Topics of sessions and lightning talks presented by expert practitioners include architecture and policy, secure software development, supply chain security, identity and access, forensics, and more.

In addition to engaging sessions, a hosted Capture The Flag (CTF) learning experience will run in parallel to the event for attendees to learn first hand practical attack and defense techniques.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Cloud Native SecurityCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Continuous Delivery Summit Hosted by CD Foundation (Additional IN-PERSON Registration + Fee Required)
This full-day event aims to connect the Continuous Delivery community—from leaders, industry experts, practitioners, and open source developers—to allow them to share and discuss how to improve the world’s capacity to deliver software with security and speed.

The CD Summit will also enable community members of the CD Foundation and its projects to meet with their fellow contributors from cloud native communities and projects to identify additional collaboration opportunities, share ideas and shape the future of Continuous Delivery together.

It’ll be a great chance to catch up, learn from each other and hear about the latest trends in Continuous Delivery.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For questions regarding this event, please contact: events@cd.foundation

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Data Workshop on Kubernetes Hosted by Portworx (Additional IN-PERSON Registration + Fee required)
Join us in Detroit for our first ever Data Workshop on Kubernetes in North America, brought to you by Portworx by Pure Storage! In this one-day workshop. This workshop will take you through a number of labs that highlight how to enhance your Kubernetes application deployments with Kubernetes-native container storage, data management, and data protection. As part of the workshop, attendees will receive training and experience with the Portworx portfolio and walk away with the initial skills needed to complete the Portworx Enterprise Professional certification.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For questions regarding this event, please contact: agower@purestorage.com

Tuesday October 25, 2022 9:00am - 5:00pm EDT
141

9:00am EDT

GitOpsCon Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
GitOpsCon North America (#GitOpsCon) is designed to foster collaboration, discussion, and knowledge sharing on GitOps. This event is aimed at audiences that are new to GitOps as well as those currently using GitOps within their organization. Get connected with others that are passionate about GitOps. Learn from practitioners about pitfalls to avoid, hurdles to jump, and how to adopt GitOps in your cloud native environment.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for GitOpsCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Kubernetes AI Day North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Kubernetes is becoming a common substrate for AI that allows for workloads to be run either in the cloud or in its own data center, and to easily scale. Join us for Kubernetes AI Day to delve deeper into deploying AI at scale using Kubernetes.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Kubernetes AI Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Kubernetes on Edge Day North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Kubernetes on Edge Day brings together developers and adopters across the entire cloud native ecosystem to share their lessons learned in building, breaking, and bettering their edge infrastructure. Any developer interested in learning how to deploy Kubernetes and cloud native projects at the edge should attend.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for Kubernetes on Edge Day North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

PrometheusDay North America Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
The intent of this day is to provide a vendor-neutral space to learn about Prometheus. It’s intended as a more 101 & introductional day, as opposed to a PromCon with deeper technology. All submissions are welcome; we will try and balance towards easier content in scoring, but we will also accept a few deeper submissions. If in doubt, submit a Lightning Talk; we always try to have plenty of those.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for PrometheusDay North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

Reactive Summit Hosted by The Linux Foundation
Reactive Summit is where application architects and developers go to learn and collaborate on the latest Reactive patterns and projects for building distributed systems using Serverless, Cloud Native Design, Reactive programming, Reactive systems, Reactive Streams, event-sourcing, microservices, and more.

Since its inception in 2016, Reactive Summit has generated 1.8 million minutes of online video replay, reinforcing the desire of our cutting-edge community for access to expert insight.

For more information and event details, please visit: https://events.linuxfoundation.org/reactive-summit/
For questions, please contact: events@linuxfoundation.org

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.
 

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

ServiceMeshCon Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
ServiceMeshCon is a vendor-neutral conference on service mesh technologies. Topics include getting started with and adopting a mesh, lessons learned from production deployments, and technical sessions from service mesh maintainers.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for ServiceMeshCon North America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

SigstoreCon Hosted by CNCF (Additional IN-PERSON Registration + Fee Required)
Join us for the first-ever SigstoreCon and accelerate how you secure your software supply chain. Sigstore is a new standard for signing, verifying, and protecting software. Sigstore ensures that your software is all that it claims to be for developers and end users. SigstoreCon is a one-day vendor-neutral conference organized by the Sigstore community and focused on all things Sigstore.

Please visit the event's website and schedule for more details.

How to Register: *IN-PERSON pre-registration is required. To register for SigstoreConNorth America 2022, add it on during your KubeCon + CloudNativeCon registration. You must be registered for KubeCon + CloudNativeCon to attend this event.

For questions regarding this event, please reach out to CNCFcolocatedevents@cncf.io.

Tuesday October 25, 2022 9:00am - 5:00pm EDT
Huntington Place Detroit

9:00am EDT

DaprCon Community Day
Join us at DaprCon Community Day and help us celebrate Dapr’s 3rd anniversary as a project! This year as an incubating CNCF project, DaprCon will be hosted as a community day event during KubeCon NA – same great event but with a larger community to share it with!

This year, DaprCon will be a hybrid event allowing everyone to join either in-person at KubeCon or from the comfort of their home or office.

DaprCon will offer opportunities to:
  • Hear stories and experiences from companies who have integrated Dapr into their solutions.
  • Participate in hands-on Dapr technical sessions – code with us or just sit-in and listen.
  • Speak to Dapr project maintainers, co-founders and contributors.
  • Participate in our end-user panels for Dapr questions on their real scenarios and architectures.
  • Discuss stories, learnings, and best practices for Dapr and how it can positively impact cloud native development.

No matter what language you program in, platform you target or architecture setup you leverage, Dapr adds value to your application. Join the community at DaprCon 2022 and stop by during KubeCon to see Dapr in action.

Registration Fees: Free

AGENDA

Time - Time | Session Title - Speaker Name, Speaker Company

8:45 - 9:00 | Welcome & What to expect - Nyemade Uversky (Microsoft), Mark Fuessell (Diagrid)
9:00 - 9:10 | Keynote Opening - Karl Wehden, IBM
9:10 - 9:15 | Keynote Opening - Mark Fussell, Diagrid
9:15 - 9:30 | The Rise and Reign of Microservices - Mark Fussell, Diagrid
9:30 - 10:00 | Simplifying IoT Integration with Dapr - Xavier Geerinck, Proximus
10:00 - 10:30 | Writing resilient microservices with Dapr - Shubham Sharma, IBM
10:30 - 11:00 | Accelerating Scientific Discovery with DAPR - Karl Wehden, IBM
11:00 - 11:05 | Break
11:05 - 11:35 | How At-Bay improved operations with Dapr - Amit Mor, At-Bay
11:35 - 11:50 | Flexible and pluggable HTTP middleware in Application runtime - Loong Dai, Intel
11:50 - 12:05 | Lightweight Dapr Microservices in WebAssembly - Michael Yuan, SecondState
12:05 - 1:00 | Lunch On Own
1:00 - 1:30 | Dapr for Platform Engineering Teams - Yaron Schneider, Diagrid
1:30 - 2:00 | Managed Dapr with Azure Container Apps - Nick Greenfield & Kendall Roden, Microsoft 
2:00 - 2:30 | Delivery Usage Case Using Dapr - Alexandre Bencz, Mottu
2:30 - 3:00 | End User Panel - Kendall Roden (Microsoft) Karl Wehden (IBM) Alexandre Bencz (Mottu) Josh Carlisle (Zscaler)
3:10 - 3:15 | Break
3:15 - 3:45 | Exploring Pub/Sub Messaging with Dapr - Cecil Phillip, Stripe
3:45 - 4:00 | Dapr Configuration API Building Block Overview - Deepanshu Agarwal, Microsoft
4:00 - 4:15 | The Flywheel Effect of Kubernetes APIs - Bilgin Ibryam, Diagrid
4:15 - 4:55 | Maintainer& Approver Panel - Yaron, Artur, Nyemade, Xavier
4:55 - 5:05 | Keynote Closing - Nyemade & Artur, Microsoft
5:05 | Conference Close


Tuesday October 25, 2022 9:00am - 5:00pm EDT
311 AB

9:00am EDT

Keptn Community Day
In June 2022 Keptn reached the incubating state in the CNCF. We would like to celebrate it and to have a first ever global Keptn Community Day! This event provides a place for maintainers, contributors, and users of Keptn to come together and to discuss Keptn state and its future evolution. Join us for a day of community roundtables and discussion groups on Keptn itself, integrations and interoperability with other tools from the Cloud Native Landscape!

We’ll talk about where we’ve been and where we’re going, together. We will also have Keptn users who will join us and share their success stories. Some topics on our wishlist:
  • Stories from Keptn users. What works and what doesn’t?
  • Keptn 1.0 release - first stable release of Keptn
  • Keptn 2.x and beyond - what’s next for Keptn?
  • Keptn for modern Cloud Native CD - integrations ArgoCD, Flux and other projects
  • Orchestrating GitOps-based applications with Keptn
  • Keptn community governance and sustainability

We invite everyone interested in Keptn to join us and to contribute at the community day! 

Tuesday October 25, 2022 9:00am - 5:00pm EDT
331 ABC

9:00am EDT

Cloud Native Policy Day with OPA Hosted by Styra (Additional IN-PERSON Registration + Fee Required)
Cloud Native Policy Day with OPA hosted by Styra, the creators of Open Policy Agent, will bring together the OPA community for a day of sharing and discussing policy-as-code best practices, key learnings and creative use cases for OPA. Project maintainers will be on hand to field 1:1 questions and you’ll see proven real-world implementations from various OPA adopters during each of the sessions.

Whether you’re looking to start down your policy journey, or are an OPA adopter with Rego skills to share, join the community for sharing, learning and socializing. Attendees are invited to come for the full day with lunch provided or to stop by just for the sessions that interest them most.

Check out the speaker lineup and learn more about the event at https://www.styra.com/cloud-native-policy-day-with-opa-2022/.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note this is an off-site Sponsor Hosted Co-Located Event
Crystal Ballroom | The Westin Book Cadillac | 1114 Washington Boulevard, Detroit, MI, 48226

For questions regarding this event, please contact: jglennon@styra.com

Tuesday October 25, 2022 9:00am - 5:30pm EDT
The Westin Book Cadillac 1114 Washington Boulevard, Detroit, MI, 48226

9:30am EDT

Getting Started with Kubernetes: Hands-on Workshop Hosted by Nigel Poulton and Linode (Additional IN PERSON Registration + Fee Required)
8:30 AM - 9:30 AM Breakfast
9:30 AM - 12:00 PM Workshop

Are you new to Kubernetes and coming to KubeCon to learn? If you are, come and spend a morning with best-selling author and global video-trainer Nigel Poulton as he unpacks the architecture of Kubernetes and walks you through deploying an application.The workshop starts out with the basics so that everyone’s on the same level. It demystifies things like, “What is a cloud-native microservices app”, and what do we mean when we say things like “Kubernetes is a cluster” and “Kubernetes is an application orchestrator”...Once the groundwork is laid, the workshop explains the architecture of Kubernetes and introduces important Kubernetes primitives such as Pods, Services, and Deployments. Throughout the workshop, every new concept will be clearly explained.There’s also lots of hands-on examples. You’ll deploy a simple app, demonstrate some of the self-healing capabilities of Kubernetes, scale the application up and down, connect to it from the internet, perform a zero-downtime rolling update, and perform a versioned rollback. By the end of the morning, you’ll know exactly what Kubernetes is, you’ll have deployed your first Kubernetes application, and you’ll be ready to maximize the rest of your KubeCon experience! Includes free breakfast buffet, coffee, and non-alcoholic beverages.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note this is an off-site Sponsor Hosted Co-Located Event.
For questions regarding this event and/or location, please contact: ash@nigelpoulton.com

Tuesday October 25, 2022 9:30am - 12:00pm EDT
DoubleTree by Hilton 525 W Lafayette Blvd, Detroit, MI 48226

12:30pm EDT

CKAD Exam Cram: Hands-on Workshop Hosted by Nigel Poulton and Linode (Additional IN PERSON Registration + Fee Required)
12:30 PM – 1:30 PM Lunch
1:30 PM – 4:30 PM Workshop

Are you interested in gaining the most valuable Kubernetes certification? Do you want a hands-on exam cram session with best-selling author and video trainer Nigel Poulton?This rapid-fire cramming session will blast through every exam objective and walk you through exam-style tasks for every objective.The session includes hands-on tasks with a working app, the opportunity to ask questions about Kubernetes and the exam, and even stay late after the session is finished.This session is perfect for anyone interested in the CKAD certification and is ideal for everyone who’s used Kubernetes and wants to know if they’re ready to take the exam. Includes free lunch, and non-alcoholic beverages.
ABOUT THE TRAINER
Nigel is outrageously passionate about teaching Kubernetes getting people through the CKAD exam. He’s famous for his fun and exciting style of teaching and presenting. He’s the author of CKAD video training courses and has lots of experience with the exam environment. Some trainers are forgettable, Nigel gets inside your head!

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note that this is an off-site Sponsor Hosted Co-located Event.
For questions regarding this event and/or location, please contact: ash@nigelpoulton.com

Tuesday October 25, 2022 12:30pm - 4:30pm EDT
DoubleTree by Hilton 525 W Lafayette Blvd, Detroit, MI 48226

12:30pm EDT

Distributed SQL Day Hosted by Yugabyte (Additional IN-PERSON Registration Required)
Distributed SQL Summit co-located at KubeCon brings together the Distributed SQL community, customers, partners, and industry thought leaders, to explore the challenges and opportunities of database modernization and transformation.

Join us off-site at The Westin Book Cadillac in Detroit on October 25th for a wide range of thought-provoking technical demos, presentations, networking, and live discussions.

Who should attend?
• CTOs and IT leadership
• Digital transformation teams
• Application developers
• DevOps engineers
• DBAs
• System architects
• Anyone wanting to learn more about Distributed SQL!

What will you learn?
• Get the latest insights into emerging data architectures across different industries
• Discover how industry-leading companies are tackling database modernization
• Find out how to future proof your data infrastructure with a 100% open source Distributed SQL database
• Learn best practices to migrate your relational applications to a Distributed SQL database

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note this is an off-site Sponsor Hosted Co-located Event
For questions regarding this event, please contact: events@yugabyte.com
For details and location information, please visit: https://info.yugabyte.com/2022-dss-detroit

Tuesday October 25, 2022 12:30pm - 5:30pm EDT
The Westin Book Cadillac 1114 Washington Boulevard, Detroit, MI, 48226

1:00pm EDT

CNCF TAG App Delivery Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
CNCF TAG App Delivery Project Meeting
Tuesday, October 25 | 1:00 pm - 5:00 pm ET
Room 337, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 1:00pm - 5:00pm EDT
337

1:00pm EDT

Falco Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
Falco Project Meeting
Tuesday, October 25 | 1:00 pm - 5:00 pm ET
Room 335, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 1:00pm - 5:00pm EDT
335

1:00pm EDT

Knative Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
Knative Project Meeting
Tuesday, October 25 | 1:00pm - 5:00 pm ET
Room 334, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 1:00pm - 5:00pm EDT
334

1:00pm EDT

OpenTelemetry Project Meeting
Please note that you must be a KubeCon + CloudNativeCon North America registrant in order to attend this meeting. If you are not registered for KubeCon + CloudNativeCon click here to register.

Details
OpenTelemetry Project Meeting
Tuesday, October 25 | 1:00 pm - 5:00 pm ET
Room 336, LEVEL 300
Space is limited

*Please note: we will not have any live streaming, recordings, or any virtual component available for this meeting.

Tuesday October 25, 2022 1:00pm - 5:00pm EDT
336

1:30pm EDT

AWS Container Day featuring Kubernetes Hosted by AWS (PM Session) [Additional IN-PERSON Registration is Required]
AWS Container Day Featuring Kubernetes is a free Day 0 event for attendees of KubeCon + CloudNativeCon North America 2022. AWS and guest speakers share technical deep dives, product demos, and best practices intended to help you deploy, manage, secure, and scale containerized applications using Kubernetes on AWS. Morning and afternoon sessions have different topics and speakers. Seating is limited, and pre-registration is required.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

For more information please visit: https://pages.awscloud.com/AWSKubernetes-2022.html
For Questions, please contact: aws-container-day@amazon.com

Tuesday October 25, 2022 1:30pm - 5:00pm EDT
430 B

5:30pm EDT

⚡ Lightning Talk: Securing Envoy: Catching Vulnerabilities With Continuous Fuzz Testing - Teju Nareddy, Google
Service proxies are becoming increasingly complex data parsers. Out of the box, Envoy supports HTTP protocol translation, payload decompression, gRPC-JSON transcoding, and many other features that operate directly on raw request bytes. Coupled with the deployment of Envoy as a "front" edge proxy, these parser-like features become an attack surface for external clients — a malicious HTTP request may trigger undefined behavior, resulting in service mesh downtime. Envoy developers use coverage-guided fuzz tests to automatically discover parser bugs. When run with C++ sanitizers, fuzz tests capture intricate corner cases a developer may have missed. Integration with OSS Fuzz provides continuous fuzz testing and vulnerability reports, allowing developers to fix such bugs before the features are released. Join this talk for a case study on Envoy's multi-year adoption of fuzz testing. Learn about how we harden Envoy for production deployments and the surprising bugs our fuzz tests discovered!

Speakers
avatar for Teju Nareddy

Teju Nareddy

Software Engineer, Google
Teju Nareddy is a software engineer working on Google's API Service Infrastructure. He is involved in multiple efforts to create Envoy-based API Gateways at Google, from spearheading OSS ESPv2 for Cloud Endpoints to building Google Cloud Platform's managed API Gateway. Teju is an... Read More →


Tuesday October 25, 2022 5:30pm - 5:35pm EDT
Grand Ballroom AB
  Service Mesh, Lightning Talk ⚡

5:35pm EDT

⚡ Lightning Talk: Lightweight Dapr Microservices In WebAssembly - Vivian Hu, Second State
Dapr is a very popular sidecar-based application framework that supports microservices written in many languages. WasmEdge is a cloud-native WebAssembly runtime. It provides the necessary networking APIs to support WebAssembly-based microservices. In this talk, I will demonstrate how to create Rust and JavaScript functions, and run them as Dapr microservices through the WasmEdge runtime. I will also cover more advanced topics such as how to interact with Dapr APIs from the WebAssembly function and how to manage the WadmEdge microservices using Kubernetes. Source code and a live example are available here: https://github.com/second-state/dapr-wasm

Speakers
avatar for Vivian Hu

Vivian Hu

Product Manager, Second State
Vivian Hu is a Product Manager at Second State, and a columnist at InfoQ. She is a founding member of the WasmEdge project. She organizes Rust and WebAssembly community events in Asia.


Tuesday October 25, 2022 5:35pm - 5:40pm EDT
Grand Ballroom AB
  Service Mesh, Lightning Talk ⚡

5:40pm EDT

⚡ Lightning Talk: Paying Down Debt: Converting Kubernetes To Use Go "Workspaces" - Tim Hockin, Google
Kubernetes is one of the largest and most well known systems written in the Go programming language. Kubernetes is also a fairly complex codebase, which often pushes Go to its limits. To make it work, we sometimes have had to go outside of the "normal" usage of Go's tooling and ecosystem. Anyone familiar with the project will probably groan when they heard phrases like "staging repo" or "code generator". We have accrued a pretty significant amount of technical debt over the last few years. With Go 1.18 comes a powerful new feature - "workspaces". This is what happens when the language team looks at what their users are doing and as asks "how can we make this better?". We can wipe away a lot of that debt - "just use workspaces". But, sadly, it's not as easy as it might sound. This talk will introduce listeners to the problems we have, the gross workarounds we use, and how workspaces make it all better. We'll talk a bit about the work that is being done to make "just use workspaces" a reality.

Speakers
avatar for Tim Hockin

Tim Hockin

Principal Software Engineer, Google
Tim is a Principal Software Engineer at Google, where he works on the Kubernetes, Google Kubernetes Engine (GKE), and Anthos. He has been working on Kubernetes since before it was announced, and mostly pays attention to topics like APIs, networking, storage, nodes, multi-cluster... Read More →


Tuesday October 25, 2022 5:40pm - 5:45pm EDT
Grand Ballroom AB
  Community, Lightning Talk ⚡

5:45pm EDT

⚡ Lightning Talk: Build a Twitter Translation Bot In 5 Minutes With Knative Functions - Lance Ball, Red Hat
Come see how quickly and easily you can get started developing reactive Kubernetes apps with Knative Functions. In this quick 5 minute demonstration, you will see me develop a Twitter bot that translates Tweets into multiple languages using Google’s Translate API. With only a handful of commands to run and a simple API to learn, getting from zero to powerfully productive takes only minutes. Let me show you how - in only 5 minutes!

Speakers
avatar for Lance Ball

Lance Ball

Principal Software Engineer, Red Hat
Lance Ball is a Principal Software Engineer at Red Hat and the Architect for OpenShift Serverless Functions. In this role, he also serves as the working group lead for Knative Functions, and is on the Knative Steering Committee. In addition to his contributions to Knative, Lance is... Read More →


Tuesday October 25, 2022 5:45pm - 5:50pm EDT
Grand Ballroom AB

5:50pm EDT

⚡ Lightning Talk: Open Source, Kubernetes, And CloudNative From the Eyes Of a High-Schooler - Rishit Dagli, Narayana Junior College; Incoming University of Toronto
Being a high-school student involved in the Kubernetes and CloudNative, I have had a quite non-conventional path in the open-source community. This talk is aimed at seeing open-source through my perspective and motivate not just high-schooler but have valuable content for everyone in the audience to start contributing to the CloudNative ecosystem and open-source software in general. Though, this talk is not about how to make a PR or file an issue or git. I start the talk by introducing why and how I found the motivation to go into open-source apart from the olympiads and school work in the first place and talk about how the audience could find their motivation to make their first step in open-source. I also highlight how one could request feedback, make lasting connections, what it means to contribute and how anyone could make a meaningful impact. Finally, I also highlight my experience with k8s and CNCF and why it might be a great avenue for the audience to grow themselves with open-source.

Speakers
avatar for Rishit Dagli

Rishit Dagli

Student, Narayana Junior College; Incoming University of Toronto
I am a high school student. I work with ML and am an active contributor to multiple OSS projects like TensorFlow, KubeFlow, and Kubernetes. I also love building open-source projects, some of which have been #1 trending on GitHub. Seeing my work at a young age, I was invited to speak... Read More →


Tuesday October 25, 2022 5:50pm - 5:55pm EDT
Grand Ballroom AB
  Community, Lightning Talk ⚡

5:55pm EDT

⚡ Lightning Talk: The CNCF Cloud Native Glossary: Trusted. Simple. Community-driven. - Catherine Paganini, Buoyant
During this lighting talk, Catherine Paganini, co-creator and maintainer of the Cloud Native Glossary, will explain what the Glossary is, why you should use it, and how to contribute. Officially launched at KubeCon NA 2021, the Cloud Native Glossary (glossary.cncf.io) aims at explaining complex technical terms in simple words. As cloud native becomes more mainstream, increasingly more people seek to understand what these technologies, approaches, and concepts mean. Whether searching for a service mesh definition or trying to understand what CI/CD is, we need a trusted source with definitions anyone can understand — even without a computer science degree. But even if explained in simple terms, English definitions can still be hard to grasp for non-native speakers. To address this, nine teams set out to localize the Glossary in their native languages. With seven languages partially live and two more coming soon, there is still a lot of work ahead. Join this session to learn where to find it, and how to use and contribute to it.

Speakers
avatar for Catherine Paganini

Catherine Paganini

CNCF Cloud Native Glossary Maintainer, Buoyant
Catherine Paganini is a maintainer of the CNCF Cloud Native Glossary, co-author of the Cloud Native Landscape Guide, and Head of Marketing and Community at Buoyant, the creator of Linkerd. A marketing leader turned cloud native evangelist, Catherine is passionate about educating the... Read More →


Tuesday October 25, 2022 5:55pm - 6:00pm EDT
Grand Ballroom AB
  101 Track, Lightning Talk ⚡

6:00pm EDT

⚡ Lightning Talk: Metrics, How To Measure What Is Going On In Your Community - Peter O'Neill, Styra
The social structure of an Open Source project can be quite complex, and as the project grows it only becomes more complex over time. Understanding the reason members are joining your community, and why members choose to stick around is key to having the exponential growth your project deserves. Let's take some time to dive into some of the basic ways to start gathering the right metrics. To start how do you define a community member? With this definition, we can pinpoint the minimum requirements to be a community member and start to track this as part of the onboarding flow. As we follow the community journey, the next thing we want to measure is engagement. How has this user interacted with the other members and have they utilized any community resources? Do we know which of these activities result in the highest likelihood of them contributing in a meaningful way? You can probably tell by now, that just by having the right data you can start to nudge members on their way to being your community superstars, and catch some users before they fall out of the community funnel altogether. So join this talk to learn what is going on with your community and how you can make it even better.

Speakers
avatar for Peter O'Neill

Peter O'Neill

Community Advocate, Styra
Peter is a community architect for Cloud Native Developer communities. Currently, he is working as a Community Advocate for the OPA (Open Policy Agent) community. Previously, Peter has held engineering positions at both early stage startups and large scale enterprises. Some but not... Read More →


Tuesday October 25, 2022 6:00pm - 6:05pm EDT
Grand Ballroom AB
  Business Value, Lightning Talk ⚡

6:05pm EDT

⚡ Lightning Talk: Where Did All My IPs Go? - Cynthia Thomas, Google
Kubernetes cluster planning requires quite a few things to get started. What about IPs? Common IP management hurdles with Kubernetes clusters include IP assignments when building a cluster and challenges faced when deploying in a multi-faceted environment. Kubernetes Admins often need to use IP addressing handed out by Network Admins juggling other non-k8s workload IP assignments and IP exhaustion. In this talk, Cynthia will discuss new and existing KEPs that SIG-network has implemented to help mitigate IP challenges. Such features include discontiguous cluster CIDRs and the journey to IPv6. Cynthia will also discuss how the best practices for Kubernetes IP management are changing with these new capabilities to help scale and grow instead of rebuild.

Speakers
avatar for Cynthia Thomas

Cynthia Thomas

Networking Specialist, Google
Cynthia Thomas (@_techcet_) is a Networking Specialist at Google Cloud. Her background includes working with open source cloud & networking solutions. She is a frequent speaker at conferences, including ContainerCon, Container Camp, DevOps Days, DockerCon, IT Cloud Computing Conference... Read More →


Tuesday October 25, 2022 6:05pm - 6:10pm EDT
Grand Ballroom AB
  Networking, Lightning Talk ⚡

6:10pm EDT

⚡ Lightning Talk: Back To Basics: How To Measure Etcd Performance And Not To Die Trying - David Perez Rodriguez, Gorilla Logic
Everybody either knows what Kubernetes is or has heard it. It’s a critical component to scalable, high availability and distributed design of most cloud based productions systems. Why would I bother understanding how it behaves outside the cloud provider I commonly use? Well, that was the case of this project, which aimed to build an IoT system that handles Terabytes of data, entirely on-prem due to business needs. As expected, things were not behaving the same as in the cloud provider: lots of kube-api errors, missed heartbeats, database operators started rolling restarting deployments because of it; but the main reason was well hidden from the sight: etcd performance was not great on prem. etcd has an extremely and sustained high performance that is based on two factors: latency and throughput. But in this on-prem environment, latency was affected by the hardware’s initial design. How do you measure etcd performance? Benchmarks to the rescue! Learn about this experience, what is benchmark, what is latency, what is throughput and how to effectively measure etcd performance through benchmarks to correctly test your infrastructure when a brand new kubernetes cluster is created, particularly on-prem, and take advantage of the full potential of the Kubernetes environment.

Speakers
avatar for David Perez Rodriguez

David Perez Rodriguez

Lead DevOps Engineer, Gorilla Logic
David Perez is a software engineer with 12+ years of professional experience that has worked around the globe, including Norway, Spain, Costa Rica, Colombia, UK and Unites States. Graduated from Universidad Nacional (Costa Rica).  David is father, animal lover, pianist and a bit... Read More →


Tuesday October 25, 2022 6:10pm - 6:15pm EDT
Grand Ballroom AB

6:15pm EDT

⚡ Lightning Talk: A Puzzling Solution. How To Be Better At Accepting Others Experiences. - Duffie Cooley, Isovalent
As we gain experience and expertise in an area of study we often find ourselves struggling to meet our colleagues where they are. In this session I am going to share an experience I've had that I think can help you bring a little objectivity to the problem. We can all do better at listening and raising others up. I've spent years at this and I still make mistakes all the time. If you are interested in seeing someone solve a rubiks cube live on stage come on over and join me for this lightning talk!

Speakers

Tuesday October 25, 2022 6:15pm - 6:20pm EDT
Grand Ballroom AB
  Community, Lightning Talk ⚡

6:30pm EDT

Detroit DevOps Happy Hour Hosted by Harness (Additional IN-PERSON Registration Required)
Join us for a memorable evening at the historic, "Cliff Bell's" famous jazz club.

In this relaxed setting, you will have the opportunity to:
- Learn from GitOps experts during the GitOps Open Mic
- Network with your peers, including leaders at Harness
- Enjoy music, cocktails and appetizers

The next day, stop by our booth to learn how Harness can simplify your DevOps process from CI/CD (including GitOps), Feature Flags, Cloud Costs, Chaos Engineering and more.
Space is limited. Be sure to save your spot by registering today.

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Please note this is an off-site Sponsor Hosted Co-Located Event
For more information and questions, please contact: events@harness.io

Tuesday October 25, 2022 6:30pm - 9:00pm EDT

7:00pm EDT

House of Kube Hosted by Platform Engineering x Humanitec [Additional IN-PERSON Registration Required]
Can't wait to meet you in person and burn up the dance floor at the House of Kube a.k.a. the hottest party in cloud native. Join fellow platform engineers and cloud pioneers for the first IRL party by the platform engineering community.

Build real connections, enjoy the best food trucks in Detroit and dance to the funkiest techno beats.
7:00 pm - 10:00 pm  - networking, BBQ & cocktails, chill music
10:00pm - 12:00 am - party, techno and drinks

Location: House of Kube, 1042 Holbrook, Avenue Detroit, MI, 48211
For more information and updates, please visit our site: https://houseofkube.com/
For questions, please contact: mariya.skalka@humanitec.com

Click here to register for KubeCon + CloudNativeCon and add this workshop/event to your registration.
If you are already registered for KubeCon + CloudNativeCon, please modify your registration to add-on this workshop/event.

Tuesday October 25, 2022 7:00pm - Wednesday October 26, 2022 12:00am EDT
House of Kube | 1042 Holbrook, Avenue Detroit, MI, 48211
 
Wednesday, October 26
 

7:00am EDT

Wellness Session - Riverwalk Biking Tour

Tour will be a guided tour of the riverwalk area near the convention center taking about 1 hour. While the tour offers a great way to exercise, it's officially a site tour. Tour spots are first come, first serve and are limited to 15 people max.  

Wednesday October 26, 2022 7:00am - 8:00am EDT

7:30am EDT

Continental Breakfast 🥐
Wednesday October 26, 2022 7:30am - 9:00am EDT
Hall E

7:30am EDT

Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification
There are two locations at Huntington Place where you can go through Health + Safety to how proof of vaccination or negative COVID-19 test and pick up your badge:
  • Corner entrance on the cityside @ the corner of W Congress St. and Washington Blvd.
  • Riverside entrance @ Atwater St. (along the Riverwalk)

Wednesday October 26, 2022 7:30am - 6:00pm EDT
Huntington Place Detroit

7:45am EDT

EmpowerUs Breakfast 🥐
Attendees who identify as FTW (Femmes/Trans/Women) and allies are welcome to celebrate and connect with one another as we honor and uplift ourselves and our community. The focus of this hour is to highlight our individual wins, as well as thank those who have provided support and solace through our journeys, whether personal or professional. We hope this time allows you to find new connections and build on existing ones as we share, listen, and uplift one another as we share stories and hold space for one another in this space and beyond.

Breakfast will be served. Seating available on a first come, first serve basis.

Thank you to our sponsor, AWS!

Wednesday October 26, 2022 7:45am - 8:45am EDT
Huntington Place Detroit
  Diversity + Equity + Inclusion
  • Content Experience Level Any

9:00am EDT

Keynote: Welcome + Opening Remarks - Priyanka Sharma, Executive Director, Cloud Native Computing Foundation
Speakers
avatar for Priyanka Sharma

Priyanka Sharma

Executive Director, CNCF
Priyanka is the Executive Director of the Cloud Native Computing Foundation (CNCF) which serves as the vendor-neutral home for 100+ of the fastest-growing open source projects, including Kubernetes, Prometheus, and Envoy. She is also a co-creator of the Inclusive Naming Initiative... Read More →


Wednesday October 26, 2022 9:00am - 9:40am EDT
Halls CD

9:40am EDT

Keynote: Beyond Automation: Kubernetes Success Requires a GitOps Mindset - Shatarupa Nandi, Senior Director of Engineering, VMware Tanzu
As an industry we’ve come a long way to embrace automation. What once seemed like a scary proposition is now at the heart of a successful Kubernetes platform, and as we evolve as practitioners we’ve come to embrace GitOps to fully realize the value we can provide: value to the developer experience, security, and operations at scale across multiple environments.

In this talk, VMware's Shatarupa Nandi, will discuss how we can ship high quality software securely and repeatably on Kubernetes, and still keep developer experience simple. We'll discuss how the IT industry has embraced GitOps for applications, for 3rd party software, and for Kubernetes itself. We'll talk about how this mindset gives businesses a competitive edge and helps showcase IT’s strategic value and importance.

Speakers
avatar for Shatarupa Nandi

Shatarupa Nandi

Engineering Director @ VMware Tanzu, VMware
Shatarupa Nandi is an engineering leader focused on software distribution and lifecycle management problems with a strong emphasis on improving Day 2 operational experiences. Her interest follows naturally from past work building infrastructure management tools and tools for running... Read More →


Wednesday October 26, 2022 9:40am - 9:45am EDT
Halls CD

9:45am EDT

Keynote: CNCF Project Updates - Ricardo Rocha, Computing Engineer, CERN; Emily Fox, Security Engineer, Apple; Frederick Kautz
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →
avatar for Emily Fox

Emily Fox

Security Engineer, Apple
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 12 years to drive a cultural change where security is unobstructive, natural, and... Read More →
avatar for Frederick Kautz

Frederick Kautz

Cloud Native Infra and Security Enterprise Architect
Frederick collaborates on security and networking. He is on the SPIFFE Steering Committee, focusing on providing Zero Trust Workload Identity to compute workloads and resources. Frederick co-authored Solving the Bottom Turtle. He is a co-founder of GitBOM and maintains the reference... Read More →


Wednesday October 26, 2022 9:45am - 10:00am EDT
Halls CD

10:00am EDT

Keynote: Fostering Kubernetes Community Growth Through Learning - Le Tran, Member of Technical Staff, Kasten by Veeam
Growing the Kubernetes community is essential for ensuring its strong and prosperous future. But Kubernetes and cloud native ecosystems overall are a complex web of knowledge, and it’s critical to continue to create bridges into the community via open learning tools and platforms. In this way, we can eliminate the barriers of entrance and grow the community effectively. To that end, the team at Kasten by Veeam has been working on building a free Kubernetes training site, Learning.Kasten.io. Through the site, new and existing members of the Kubernetes community can access blog posts, videos, books and hands-on labs, in order to create a comprehensive environment for learning about Kubernetes – one that is engaging, diverse and welcoming.

During this session, Le Tran, a member of the technical staff from Kasten, will share her insights on the journey toward growing the Kubernetes community through learning tools, as well as her own story of becoming a member of the community.

Speakers
avatar for Le Tran

Le Tran

Member of Technical Staff, Kasten by Veeam
Le Tran has been a member of the technical staff at Kasten by Veeam since October 2021 and is new to cloud native development. Prior to joining Kasten, she worked in the automotive embedded systems industry as a software engineer. She led a team that launched new surround view camera... Read More →


Wednesday October 26, 2022 10:00am - 10:05am EDT
Halls CD

10:05am EDT

Keynote: What We Learned Dissecting the World’s Most Popular Containers - Ayse Kaya, Head of Strategic Insights + Analytics, Slim.AI
Data scientist and container enthusiast Ayse Kaya and her team at Slim.AI analyzed more than 100 of the world’s most popular public container images using open source tools to better understand what developers encounter when running containers in Kubernetes. What they found was a vast, varied, and complex world that gives developers massive opportunities to scale, but also presents risks to both security and productivity. This talk shares the data, visualizations, and insights they generated from their research. Kaya shows the current paradox in software supply chain practices (i.e. taking advantage of abstraction vs. knowing what’s in the software you ship), and that even small, special purpose containers could have thousands of packages, libraries, and licenses, not to mention critical vulnerabilities. Finally, she’ll highlight the current trade-offs teams make between “developer experience” and “production readiness”, and open a discussion about how we can improve as an industry.

Speakers
avatar for Ayse Kaya

Ayse Kaya

Senior Director, Strategic Insights & Analytics, Slim.AI
Ayse Kaya is the Senior Director of Strategy and Analytics at Slim.AI. She is an accredited data scientist and container enthusiast. A graduate of the MIT Sloan School of Management's Operations Research Center, Kaya was previously a strategy and analytics lead at CloudLock and Cisco... Read More →


Wednesday October 26, 2022 10:05am - 10:20am EDT
Halls CD

10:20am EDT

Keynote: Closing Remarks - Ricardo Rocha, Computing Engineer, CERN; Emily Fox, Security Engineer, Apple; Frederick Kautz
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →
avatar for Emily Fox

Emily Fox

Security Engineer, Apple
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 12 years to drive a cultural change where security is unobstructive, natural, and... Read More →
avatar for Frederick Kautz

Frederick Kautz

Cloud Native Infra and Security Enterprise Architect
Frederick collaborates on security and networking. He is on the SPIFFE Steering Committee, focusing on providing Zero Trust Workload Identity to compute workloads and resources. Frederick co-authored Solving the Bottom Turtle. He is a co-founder of GitBOM and maintains the reference... Read More →


Wednesday October 26, 2022 10:20am - 10:25am EDT
Halls CD

10:30am EDT

Coffee Break ☕
Wednesday October 26, 2022 10:30am - 11:00am EDT
TBA

10:30am EDT

Solutions Showcase
Visit our sponsors in the Solutions Showcase - whether onsite or virtually - to try the latest demos, watch live presentations, talk to experts during live office hours, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third party’s logo in the virtual exhibit hall or exhibitor directory, and any actions within the booth thereafter including viewing resources) or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Wednesday October 26, 2022 10:30am - 8:00pm EDT
Halls AB

11:00am EDT

Paradox Of Choice: How To Pick an Application Definition That Works For You! - Anusha Ragunathan & Kevin Downey, Intuit Inc
As Intuit’s platform engineering team, we support our 5000+ developers to build great Fin-Tech products. We strive to enhance our Developer Experience by accelerating their velocity and self-serve maturity, while abstracting away the complexities of the underlying Kubernetes platform. But, with so many CNCF Application Definition solutions and projects available, we were faced with the “Paradox of Choice”! Choosing the right toolset for our application abstraction was challenging, as the toolset had to satisfy our wide array of use cases as well as fit our existing toolchain. Come hear us talk about how we evaluated some of the powerful open source projects in this space, including but not limited to client-side solutions (Kustomize and Helm) and server-side solutions (KubeVela and Crossplane). We will talk about our proof of concept across these projects that helped us make data driven decisions, our deciding factors and our competitive analysis of these projects. We will finish off with a demo of the winning toolset, showcasing a simple yet powerful application definition for our developers.

Speakers
avatar for Anusha Ragunathan

Anusha Ragunathan

Principal Software Engineer, Intuit Inc
Anusha Ragunathan is a software engineer at Intuit, where she works on building and maintaining the company’s Kubernetes based Compute Infrastructure. Anusha is passionate about solving complex problems in systems and infrastructure engineering. Prior to Intuit, she worked on building... Read More →
avatar for Kevin Downey

Kevin Downey

Staff Software Engineer, Intuit Inc
Kevin Downey is a Staff software engineer at Intuit, core contributor to Keikoproj and Intuit Kubernetes Service (IKS). Kevin enjoys solving Platform scale problems in Systems and Infrastructure engineering. His interests include containers, virtualization, cloud-native technologies... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
430 AB

11:00am EDT

How To Build a Distributed System (And Should You?) - Rebecca Bilbro & Patrick Deziel, Rotational Labs
In this talk, we’ll tell the story of how we built our very own eventually consistent system which is currently deployed in production clusters across the US, Germany, and Singapore -- including all the mistakes we made along the way. We’ll walk through how we leveraged tools like gRPC, Kubernetes, LevelDB, and Prometheus to implement two new open source projects that serve as the heart of our system. We’ll also confess all the ways we messed up during the process — from struggling to debug protocol buffer errors, to tangling up send and receive goroutines, to reasoning about the phases of replication. It won’t all be pretty, but we hope you’ll benefit from the lessons we learned, including the most important lesson — that you *can* build your own distributed system. We’ll close out by talking about why rolling our own system (in spite of all the headaches and mistakes) made sense for our use case, and why it might also make sense for you. Attendees will walk away with a hearty introduction to distributed systems concepts, as well as a to-do list of things they can investigate in their own systems to determine how they might be able to reduce concurrency-related bugs and/or consistency-related costs, improve maintenance, and reach more daily active users around the world.

Speakers
avatar for Rebecca Bilbro

Rebecca Bilbro

Founder/CTO, Rotational Labs
Dr. Rebecca Bilbro is a teacher, speaker, and author who earned her doctorate in 2011 from the University of Illinois, Urbana-Champaign, where her research centered on communication and visualization in Engineering. A veteran of startups from public sector to media & entertainment... Read More →
PD

Patrick Deziel

Distributed Systems Engineer, Rotational Labs
Patrick is a full stack engineer who has contributed to many different types of distributed systems from large enterprise companies to small tech startups. He has presented talks on a number of related topics, from conflict-free replicated data types to testing machine learning code... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
251 ABC
  Business Value

11:00am EDT

Kubernetes Community Days For Fun And For Community Profit - Bill Mulligan, Isovalent & Katie Greenley, CNCF
Kubernetes Community Days (KCD) are a massive onramp for new people to the cloud native community and a great way to have non-code contributions to the community. This talk by KCD core organizers past and present will show the impact of the program on the community and how to get started or involved. In 2021, the program connected over 7,500 attendees across 12 countries in six languages to cloud native. It also had contributor summits, student days, and hands on workshops. By attending, the audience will learn what a KCD is, how the program works, how to avoid the perils and pitfalls of planning a community event, and what their community will get out of a KCD. Audience members will leave inspired to start or get involved in a KCD in their own region.

Speakers
KG

Katie Greenley

Meeting and Events Manager, CNCF
Katie has been an Event Manager at The Linux Foundation since 2014 working with numerous Foundation Collaborative Projects. She has over 10 years experience in producing and managing conferences, corporate meetings and trade shows for an arrange of startup and large IT companies... Read More →
avatar for Bill Mulligan

Bill Mulligan

Community Pollinator, Isovalent
Bill Mulligan is a cloud native pollinator and community builder. He has given talk and written articles about building the business case for cloud native. While at CNCF he restarted the Kubernetes Community Day program and worked to grow the student community. He is currently at... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
Ambassador Ballroom (Room 360)
  Community

11:00am EDT

API Evolution With CRDs: Best Practices For Authoring & Fuzz Testing APIs - James Munnelly & Andrea Tosatto, Apple
CustomResourceDefinitions are prolific in Kubernetes. With so many new projects being prototyped, developed and released into the ecosystem, it's essential to ensure you're designing your APIs in a scalable, well tested way. Projects like Kubebuilder and the Operator Framework provide plentiful tooling to keep you on 'the straight and narrow', but some fundamental issues still trip up even the most experienced Kubernetes engineers. In this talk, we'll go over strategies & tooling that can help ensure you are successful when authoring and evolving your APIs, including: * How to ensure your APIs follow best practices/standards (and linting OpenAPI schemas!) * Fuzz & integration testing API version conversion functions to ensure platform stability in your clusters * Automatically validating your OpenAPI schemas are up to date for your type definitions * Best practices in 2022 for writing validations & mutations * Ensuring your OpenAPI schema changes are backwards compatible within an API version James has helped bring various API groups to stability across projects in the ecosystem and both he and Andrea have experience with unique problems that are found when projects reach a certain scale & maturity, having helped take CRDs through a full alpha to beta to GA deprecation cycle.

Speakers
JM

James Munnelly

Staff Field Engineer, Apple
James Munnelly is a Field Engineer at Apple, helping customers adopt and adapt Kubernetes, as well as driving adoption of open source cloud native technologies. James is also the founder of the cert-manager project, a Kubernetes extension for managing x509 certificates using CRDs... Read More →
avatar for Andrea Tosatto

Andrea Tosatto

Site Reliability Engineer, Apple
Andrea works at Apple as an SRE, managing extremely large and multi-tenant Kubernetes clusters. He’s seen in practice the issues that managing custom APIs at scale can cause, and has helped consult both internally and within the community on how to build reliable platforms. Previously... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

11:00am EDT

A Containerd And Friends Update: What’s New In Runtimes? - Phil Estes, AWS; Mike Brown, IBM; Maksym Pavlenko, Apple; Michael Zappa, Microsoft
After five years as a CNCF project, containerd is still actively growing in contributors and maintainers who are busy working on interesting features and capabilities in the core and non-core containerd projects. During this project update from maintainers you'll learn about the latest work in containerd, including our recent addition of sandboxes, a handful of CRI and CNI improvements, as well as various improvements to the architecture and services that drive containerd's use by other projects and platforms. Outside of the core containerd project, our "non-core" projects have grown in number, including several Rust-based projects, new snapshotter implementations, and the increasingly popular client-focused project, nerdctl. Come join us for a fast-paced update on all these areas and to ask your containerd questions with the handful of on-site containerd maintainers.

Speakers
avatar for Mike Brown

Mike Brown

Software Engineer, IBM
Open Source Software Engineer, containerd maintainer, OCI maintainer, Kubernetes SIG-Node member, IBMer, github.com/mikebrow, Inventor, Coach, Proud Father. 
avatar for Phil Estes

Phil Estes

Principal Engineer, AWS
Phil is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS.Phil is currently an active contributor and maintainer for the CNCF containerd runtime project, and participates in the... Read More →
avatar for Maksym Pavlenko

Maksym Pavlenko

Software Engineer, Apple
containers, runtimes, microVMs, and Kubernetes.@containerd maintainer.
MZ

Michael Zappa

Technical Program Manager, Microsoft


Wednesday October 26, 2022 11:00am - 11:35am EDT
410 A

11:00am EDT

Achieving End-To-End Software Supply Chain Security With in-toto - Santiago Torres-Arias, Purdue University & Aditya Sirish A Yelgundhalli, New York University
in-toto is a CNCF Incubated project that can be used to secure software supply chains. Since joining incubation this year, in-toto has grown in various ways through community contributions. This includes features to perform better artifact tracking (e.g., to include Git, GitBOM, SBOMs and OCI images), as well as extending the base attestation type to include more expressive notions (e.g., SLSA provenance, measured execution, or to sign and attach SBOMs to their corresponding artifacts). Lastly, better integration with CNCF projects for cloud-native identity have been developed through projects such as SPIFFE and Sigstore. In this talk, we will showcase these exciting contributions, and help introduce new members of the audience to ways to particpate, collaborate, and use in-toto to protect their software supply chains. We will showcase in-toto's existing integrations. This will include projects such as Tekton Chains, Jenkins, Gitlab Runners, and rebuiderd (from the reproducible builds project). Finally, the talk will also feature current work on exciting features like Sigstore, SPDX, GitBOM and more!

Speakers
avatar for Santiago Torres-Arias

Santiago Torres-Arias

Assistant Professor, Purdue University
To put things simply: I care about how people can product software, securely, and I care about how people can consume software, securely.Talk to me about anything in-toto, Sigstore, TUF, and beyond. I do software supply chain security research, and I try to work with open source... Read More →
avatar for Aditya Sirish A Yelgundhalli

Aditya Sirish A Yelgundhalli

Ph.D. Candidate, New York University
I'm a Ph.D. student at New York University's Secure Systems Lab researching software supply chain security. I'm a co-maintainer of in-toto and I contribute to TUF. Reach out to me to talk about any cool applications or integrations you have in mind!


Wednesday October 26, 2022 11:00am - 11:35am EDT
321

11:00am EDT

Building a Day1/Day2 Application Operations Platform On CNCF Projects. - Alois Reitbauer, Dynatrace & Alex Jones, Canonical
Effectively delivering and operating large and complex cloud-native applications becomes more and more important as companies move an increasing number of applications to Kubernetes. Most companies are building self-service platforms which can be used by individual teams while enabling companies to drive company wide practices. The cloud-native ecosystem provides a large number of projects that help with different aspects of building these platforms. In this talk we will cover all major aspects of the application lifecycle from build, test over to provision, delivery and release all the way to operational management and showcase different tools and how they can be used and combined together. After the talk you will be able to answer all the below questions and more: How can I best build cloud native applications? What are the best approaches to provide standard components like databases, etc? How can I provision infrastructure following the same cloud native approach I use for my application? How can best manage the deployment and rollout process? How can I seamlessly integrate practices like chaos testing? How can I automate the setup of operations requirements like security, observability, …? How can I automate day2 operations at an infrastructure and application level? We will focus on sharing concepts combines with small examples which help illustrate how different aspects can be done with different tools.

Speakers
avatar for Alois Reitbauer

Alois Reitbauer

Chief Technology Strategist, Dynatrace
Alois is an executive member of the technical staff at Dynatrace. He has been building monitoring and application management solutions for more than 15 years. Alois has successfully brought multiple products to market that are used by the biggest companies on the planet. His current... Read More →
avatar for Alex Jones

Alex Jones

Kubernetes Engineering Director, Canonical
Alex works as both a contributor and end-user of cloud-native technology. When not building highly scalable and reliable services he contributes to CNCF TAG App Delivery as Tech Lead. Passionate about mentoring and collaboration, he thrives on working together to solve problems and... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
252 AB

11:00am EDT

How SIG Release Cooks Trustworthy Artifacts From Raw Source Code - Carlos Panato & Adolfo García Veytia, Chainguard; Jeremy Rickard, Microsoft; Sascha Grunert, Red Hat
Have you ever wondered how the Kubernetes source code is turned into artifacts for everyone to use? How do you know you can trust those artifacts? Have you heard about signing things and you're not sure how that fits in with Kubernetes? In this Kubernetes Special Interest Group (SIG) Release update, we will give a quick overview of SIG Release, highlight recent accomplishments, review our updated roadmap and discuss our continued efforts to move toward full SLSA (Supply-chain Levels for Software Artifacts) compliance. As part of this, we will deep dive into efforts to move all aspects of the build process and distribution to community controlled infrastructure and our efforts to expand artifact signing beyond just containers. Finally, we’ll talk about how attendees can become involved in SIG Release. These efforts are exciting and important, but we need your help! We’ll discuss how to contribute to SIG Release tooling, the Release Manager role, and discuss our contributor ladder.

Speakers
avatar for Carlos Panato

Carlos Panato

Staff Software Engineer, Chainguard
Carlos Panato is a Staff Software Engineer at Chainguard, Inc. who’s working on development and infrastructure using Kubernetes and containers. Previously, he’s worked on development, testing, processes, and management.
avatar for Jeremy Rickard

Jeremy Rickard

Principal Software Engineer, Microsoft
Jeremy Rickard is a Principal Software Engineer at Microsoft Azure, where he works on supply chain and security projects as part of the Azure Container Upstream Team. He also has worked on several other projects at Microsoft, including Virtual Kubelet, Open Service Broker for Azure... Read More →
avatar for Sascha Grunert

Sascha Grunert

Senior Software Engineer, Red Hat
Sascha is a Senior Software Engineer at Red Hat, where he works on many different container related open-source projects like Kubernetes and CRI-O. He joined the open-source community in November 2018, having gained container experience before. Sascha's passions include contributing... Read More →
avatar for Adolfo García Veytia

Adolfo García Veytia

Staff Software Engineer, Chainguard
Adolfo García Veytia (puerco) is a staff software engineer with Chainguard, based in Mexico City. He is a Technical Lead with Kubernetes SIG Release. He actively works on the Release Engineering team, specializing in improvements to the software that drives the automation behind... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
142 ABC

11:00am EDT

How To Build Production Grade DevOps Platform Using Argoproj - Alexander Matyushentsev, Akuity & Leonardo Luz Almeida, Intuit
Argo is an established CNCF project that helps hundreds of engineers to use Kubernetes. The project covers many use cases, from GitOps-based continuous deployment to event-based workflow automation, and can be used to create a powerful DevOps platform. However, it requires integration with various other systems and can be done in several ways. So what is the best way? We, maintainers of a project, spoke with dozens of users and learned the best patterns that worked really well and managed to scale to support large enterprise needs. In this session, we will demonstrate a production-grade Argo-based DevOps platform for Kubernetes. We will walk you through every key decision incorporated into the solution and highlight the pros and cons of every decision made. You can expect to learn a lot of useful tricks and well as enjoy an impressive demo and have fun!

Speakers
avatar for Alexander Matyushentsev

Alexander Matyushentsev

Chief Architect, Akuity
Co-founder and Chief Architect at https://akuity.io/. Co-creator of https://argoproj.github.io/ . I'm passionate about open-source, cloud-native infrastructure, and tools that increase developers' productivity.


Wednesday October 26, 2022 11:00am - 11:35am EDT
320

11:00am EDT

73,000 Pods a Day, Lessons From Misadventures In Multi-Tenant - Shane Corbett, Amazon Web Services & Wil Reed, Acquia
We spent over two years pouring through 800 page linux kernel performance books, tweaking obscure control plane settings, and developing detailed custom monitoring dashboards so you don’t have to! We found there is a large delta between what we learned in CKA training, and the layer upon layer of hard fought knowledge it takes run a large scale multi-tenant application in production. Join us as we take you through real world findings that took months of research to fully understand, and provide evidence that some of the things we were convinced were best practices, were the very things holding us back the most.

Speakers
avatar for Shane Corbett

Shane Corbett

Senior Containers Specialist, Amazon Web Services
Shane Corbett is a Senior Kubernetes Specialist focused on the design, performance, and troubleshooting of large scale clusters at AWS. Shane is a top rated speaker, blogger, and delivers train the trainer sessions for other Kubernetes specialists inside of AWS. Being in the position... Read More →
WR

Wil Reed

Principal Software Architect, Acquia
Wil is the lead Kubernetes Architect at Acquia responsible for all of their kubernetes infrastructure. Over the past three years, he's led the company in adopting kubernetes as a replacement for a hosting platform that runs tens of thousands of customer workloads as well as a microservices... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
140 ABC
  Multi-tenancy

11:00am EDT

Migrating From Single-Node Kubernetes Control Plane To HA In Production - Cong Yue & David Oppenheimer, Databricks
Databricks adopted Kubernetes in 2016, before highly available (HA) Kubernetes control plane deployments were common. As a result, we built our self-managed Kubernetes clusters using a single-node control plane in AWS, and then later also on Azure and GCP. Recently we migrated these production clusters to use a highly available control plane, which provides higher reliability and enables us to upgrade Kubernetes versions more safely and therefore faster across the fleet. In this talk we discuss the architecture we chose for our HA control plane, and compare it to kubeadm and kops. We share the lessons learned on how to safely migrate a fleet of clusters from a single-node control plane to HA, including how we built automation using Spinnaker and Jenkins to handle the process end-to-end for both rolling forward to HA and rolling back to single-node without affecting workloads in production.

Speakers
DO

David Oppenheimer

Software Engineer, Databricks
David Oppenheimer is a software engineer at Databricks, and prior to that at Google. He has worked on or with Kubernetes since 2014, and also worked on its predecessors Omega and Borg. His work on Kubernetes has focused primarily on scheduling and multi-tenancy, and he was the co-founder... Read More →
CY

Cong Yue

Software Engineer, Databricks
Cong Yue is a Senior Software Engineer on the Kubernetes Control Plane team at Databricks. He has been working in cloud infrastructure for more than 10 years, across Linux, data centers, private cloud, public cloud, observibility, containers, networking and storage. At Databricks... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
250 ABC

11:00am EDT

SBOM X-Ray Superpowers: Making Better SBOMs, Using SBOMs - Brandon Lum, Google & Chris Phillips, Anchore
Creating SBOMs (Software Bill of Materials) for our software artifacts is very important in understanding our software and responding to security attacks/vulnerabilities. However, creating SBOMs is challenging. To be effective, SBOMs must be as accurate and complete as possible, but at the same time be usable. Today, Software Composition Analysis (SCA) based SBOM generation tools strike a great balance in this regard. There are several great SCA-based SBOM generator tools today, but all of them have blind spots, such as finding an executable file that has no metadata associated with it. What if there was a way for SBOM tools to reliably fill in these gaps in order to produce a more complete SBOM? Enter the SBOM X-ray vision! In this talk, we demonstrate a novel way to peek into these opaque files through SBOM discovery and look-up. Through the use of the Rekor transparency log and In-toto attestations, we’ll show how easy it is for existing projects to share SBOM information with other projects using native CI integrations. We will then show our new superpowers in action through the Syft tool to generate more complete SBOMs!

Speakers
BL

Brandon Lum

OSS Security Software Engineer, Google
Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). Brandon is a Co-chair of the CNCF Security TAG, and as a part of Google's Open Source Security Team, he works on improving the security of the... Read More →


Wednesday October 26, 2022 11:00am - 11:35am EDT
420AB
  Security + Identity + Policy

11:00am EDT

Securing a Kubernetes Cluster From Top To Bottom - Ryler Hockenbury, Mastercard
This talk provides an overview of securing a production Kubernetes cluster at Mastercard Data and Services. Ryler will share both the process and technical aspects of the year-long journey to derive the security controls, build consensus on the security architecture, and implement the security practices. The datacenter landscape at Mastercard is a mix of on-premises, cloud, air-gapped, and at-edge. Kubernetes clusters were secured in all these environments by starting with CIS benchmarks, focusing on hardening, implementing audits, and leveraging open-source tools such as Kube-Hunter, Open Policy Agent, and Sonobuoy. While the talk will focus on many technical details, it also highlights the path of taking a vaguely-defined security initiative, putting useful structure around it, and coordinating it. Ryler will share insights to help organizations know where to start with cluster security, decide what security measures are most important, and then drive towards implementation.

Speakers
avatar for Ryler Hockenbury

Ryler Hockenbury

Software Development Director, Mastercard
Ryler currently works at Mastercard Data and Services as a Software Development Director. Over the past 10 years, he has led teams to build, operate, and modernize SaaS products of all types. He is a cloud-native and open-source advocate.


Wednesday October 26, 2022 11:00am - 11:35am EDT
140 DEFG
  Security + Identity + Policy

11:00am EDT

Virtual Project Office Hours: Strimzi
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Strimzi Project Office Hours here: ​https://community.cncf.io/j/r3nywfj5rv2hy/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 11:00am - 11:45am EDT
Project Office Hours

11:00am EDT

Virtual Project Office Hours: Work API a Kubernetes SIGs project
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Work API a Kubernetes SIGs project Project Office Hours here: ​https://community.cncf.io/j/2q8jxuxpx3uub/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 11:00am - 11:45am EDT
Project Office Hours

11:00am EDT

🚨 ContribFest - Knative: Level Up Knative Eventing, And Yourself!
Using Eventing Sources as a starting point, attendees will learn the tools and processes for contributing useful PRs to Knative. Working in small groups, the participants will install, review, code, document, and PR fixes to these projects to bring them up to current best practices. Participants will develop the skills and knowledge to participate and contribute to the Knative project, and should be able to end the day with a merged PR in the Knative project!

This Contribfest session is designed to provide projects with the space and resources to tackle outstanding technical debt, security issues, or outstanding impactful feature requests. They are intended to provide a place for maintainers to meet contributors and potential contributors and work together on solving a problem.

Speakers
avatar for Evan Anderson

Evan Anderson

Senior Staff Software Engineer, VMware, Inc
Founding member of the Knative project. I spent 15 years at Google in SRE and Cloud (Compute Engine, Serverless, Security) and 3 years at VMware (Serverless / Kubernetes). In between raising two kids, I also run Kubernetes in my own home and practice long-distance running.
avatar for Paul Schweigert

Paul Schweigert

Software Developer, IBM
Paul Schweigert is a software developer at IBM, working on open source software. He is a maintainer on the Knative project and has also contributed to various other projects in the Kubernetes ecosystem. In a previous life, he studied French history.
avatar for Mahamed Ali

Mahamed Ali

Customer Reliability Engineer, Rackspace Technology
Mahamed is a Customer Reliability Engineer at Rackspace Technology and helps customers run workloads reliably on Google Cloud and Kubernetes. He is also an OSS Contributor to Kubernetes, Knative, and a Lead for the Knative Productivity Working Group.


Wednesday October 26, 2022 11:00am - 12:30pm EDT
410 B

11:00am EDT

Tutorial: Unleash the Full Potential Of Kubernetes Scheduler: Configuration, Extension And Operation In Production - Yuan Chen, Yibo Zhuang & Wei Huang, Apple; Chen Wang, IBM Research
kube-scheduler is a key component of kubernetes. It has evolved with many new features over the years. In order to better use and manage kubernetes to meet practical needs of today’s increasingly diverse workloads in large production clusters with complex configurations, it’s essential to understand how kube-scheduler works, what features are available, and how to properly configure and manage them. This tutorial will review the basics of kube-scheduler, including kube-scheduler basic features, scheduling framework, scheduler plugins and profiles, how to configure kube-scheduler with different parameters, plugins and multiple profiles, and how to test and evaluate kube-scheduler on a local machine and in a cluster. The tutorial will present the latest scheduling features and how to use them. Advanced topics such as bin-packing, scheduling scalability, batch support, and how to extend the default kube-scheduler with custom scheduler plugins will be introduced too. The tutorial includes demos and hands-on sessions and is suited for kubernetes administers, users and developers, from beginning to advanced levels. The audience is expected to come prepared with a personal laptop with kubernetes, e.g., Minikube, installed.

Speakers
avatar for Wei Huang

Wei Huang

Software Engineer, Apple
Wei Huang is a software engineer from Apple. He currently co-leads Kubernetes SIG-Scheduling, and is the maintainer of projects scheduler-plugins and kwok.
avatar for Chen Wang

Chen Wang

Research Staff Member, IBM
Chen Wang is a Research Staff Member at the IBM T.J. Watson Research Center. Her interests lie in Kubernetes, Container Cloud Resource Management, Cloud Native AI systems, and applying AI in Cloud system management. She is an open-source advocate, a Kubernetes contributor, and a KubeCon... Read More →
avatar for Yuan Chen

Yuan Chen

Software Engineer, Apple Inc.
Yuan Chen is a Software Engineer at Apple. His current work focuses on Kubernetes scheduling and scalability. As a Kubernetes community member, he has made continuous contributions to multiple Kubernetes projects. He is a regular speaker at professional venues, including 6 talks at... Read More →
avatar for Yibo Zhuang

Yibo Zhuang

Software Engineer, Apple
Yibo Zhuang is a Software Engineer with Apple Cloud Services. His current work focuses on Kubernetes storage and scalability. At Apple, he has been working on building reliable and secure infrastructure for enabling more workloads and services to run on Kubernetes. Yibo has contributed... Read More →


Wednesday October 26, 2022 11:00am - 12:30pm EDT
330 AB
  Customizing + Extending Kubernetes

11:55am EDT

Who Knew Dogfood Could Taste This Good? A WebAssembly In Production Story - Taylor Thomas & Brooks Townsend, Cosmonic
One of the most common refrains we hear when we talk to people about WebAssembly (Wasm) is "well...I've seen tons of examples but it seems like it is just a toy and not ready for production." In this talk, we hope to prove the opposite! We will discuss how Cosmonic built almost its entire platform using Wasm and wasmCloud. To start, we will review what Wasm and wasmCloud are and how they work. Then, using what we built at Cosmonic as context, we will dive into concrete details of real databases, message queues, event sourcing, key-value stores, infrastructure provisioning, tracing, metrics, and security controls – all leveraging Wasm! With that knowledge, we will review the pros and cons of using Wasm, the gaps that need to be filled, the lessons we learned, and how it helped influence the Wasm community.

Speakers
avatar for Taylor Thomas

Taylor Thomas

Director of Engineering, Cosmonic
Taylor Thomas is an Engineering Director working on WebAssembly platforms at Cosmonic. He actively participates in the open source community and is one of the creators of Krustlet and Bindle. He is currently core maintainer of wasmCloud, Bindle, and Krustlet. He is a regular speaker... Read More →
avatar for Brooks Townsend

Brooks Townsend

Lead Software Engineer, Cosmonic
Brooks is a Lead Software Engineer at Cosmonic, focusing on harnessing WebAssembly to alleviate the pains of modern software development. Brooks started his software development career with Critical Stack, a Kubernetes container orchestration platform that is now open source. He joined... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
430 AB

11:55am EDT

Chaos Engineering Applied To the FinTech Domain - Rajeshwar Vadheraju, FIS & Neelanjan Manna, Harness
FIS, a Fintech company with more than 20,000 clients around the globe, offers Banking-as-a-Service Hub, which enables banks and corporations the ability to rapidly configure new financial services. The Delivery of “as-a-service” features across accounts, cards, and establishments is enabled by functional modules deployed on Kubernetes, which are used by thousands of customers each day. To bolster the resiliency of this critical infrastructure, FIS uses LitmusChaos to expose and help remediate the system flaws thereby ensuring highly available services for the customers. In this talk, Rajeshwar (FIS) & Neelanjan (Harness) will lay out the reliability challenges while delivering Banking-as-an-Service and demonstrate how chaos experimentation was leveraged as part of the organization’s “client-experience-year” initiatives to improve the banking APIs.

Speakers
avatar for Rajeshwar Vadheraju

Rajeshwar Vadheraju

Senior Enterprise Architect, FIS
Rajeshwar Vadheraju is an engineering leader with 20 years of experience in the development and delivery of multiple enterprise applications in digital and core banking services with a recent primary focus on operational excellence, reliability engineering, and data center transformation... Read More →
avatar for Neelanjan Manna

Neelanjan Manna

Software Engineer, Harness
Neelanjan Manna is a software engineer at Harness, where he develops Chaos Engineering at scale for every organization that prioritizes resilient services for its users. He is a core contributor to the LitmusChaos project, a CNCF incubating project for performing Chaos Engineering... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
Viewable In Platform
  Business Value

11:55am EDT

A Raccoon And a Group Of Turtles Secure Clusters Together! - Pushkar Joglekar & Naadir Jeewa, VMware
How does a Raccoon and a bunch of Turtles find common ground? Answer: You find a Goose who makes space where both feel welcome. In this session, Pushkar Joglekar and Naadir Jeewa will talk about how a multi-year collaboration where Kubernetes SIG Cluster Lifecycle, SIG Security & TAG Security came together to write the first community driven self-assessment of a Kubernetes sub-project: Cluster API. The session will cover how it all started from the basics with data flow diagrams to understand the internals of the project, then using that to model threats and assess next steps. Next, they will discuss challenges faced doing this exercise with folks around the globe (5 countries), limited maintainer time, doing our best to avoid zoom fatigue while trying and at times failing to be async first. Finally they will talk about what is happening with the findings from this exercise and how they plan to apply the lessons learnt from this exercise to future self-assessments across all Kubernetes sub-projects. Come for the stories from the animal kingdom; Stay for the real stories of humans bringing their best self to break some new ground in the form of community driven security improvements!

Speakers
avatar for Naadir Jeewa

Naadir Jeewa

Staff Engineer I, VMware Inc.
Naadir is an Engineering Co-lead for VMware Tanzu Kubernetes Grid. Naadir is an Emeritus Maintainer of Kubernetes Cluster API Provider AWS. He was previously a Kubernetes Field Engineer at Heptio, and an AWS Solutions Architect and Ambassador for the AWS Well-Architected Programme... Read More →
avatar for Pushkar Joglekar

Pushkar Joglekar

Staff Security Engineer, VMware Inc.
Pushkar Joglekar is a Staff Security Engineer currently working at VMware Tanzu with the goal to “Make Kubernetes Secure For All”. He wears multiple hats in the community as a: CNCF Security - TAG Tech Lead, Kubernetes SIG Security Tooling and Sub-Project Lead - Associate Kubernetes... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
Ambassador Ballroom (Room 360)
  Community

11:55am EDT

Resize Your Pods In-Place With Deterministic eBPF Triggers - Pablo Chico de Guzman, Okteto & Vinay Kulkarni, Futurewei Technologies
Cloud-native community has long desired the ability to resize pods in-place because pod restarts are expensive for long-running applications and disruptive to services. To resize pods, we commonly rely on Vertical Pod Autoscaler (VPA) to observe usage, recommend, and reactively enact resource updates.

An alternative approach is to resize pods based on deterministic events. For example, you can capture events with eBPF to detect when a CPU-intensive command is going to be executed, and proactively resize the pod CPU accordingly. In this talk, Pablo will show an interesting use case where remote development environments run inside pods. These pods need minimal resources when a developer is writing code, but need significantly higher CPU & memory when a developer issues a “build” command or runs a battery of tests. In-place resize is mandatory in this scenario, otherwise, the development experience would be broken on every pod restart.

Vinay will then talk about the current in-place pod resize feature design, which is soon landing as alpha in Kubernetes. He will go over the CRI changes, discuss the design rationale & trade-offs. He will then lay out the next steps and discuss what the community can do to help to drive this feature to a rock-solid GA over the next year.

Speakers
avatar for Pablo Chico de Guzman

Pablo Chico de Guzman

CTO, Okteto
Pablo is the Chief Technology Officer and founder of Okteto. Pablo is passionate about building the next-gen development experience for cloud-native applications. He loves to connect with the CNCF community by organizing the Cloud-Native Madrid and Docker Madrid meetups. Before Okteto... Read More →
avatar for Vinay Kulkarni

Vinay Kulkarni

Principal Architect, Futurewei Technologies
Vinay is a Lead Principal Architect at the Seattle Research Center of Futurewei R&D Labs. He leads the Mizar eBPF/XDP Pod Networking team at Futurewei, and has contributed to Kubernetes compute, container runtime, and scalability efforts of the Centaurus Cloud project at Futurewei... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

11:55am EDT

Backstage: Shaping the Future Of Developer Experience - Lee Mills & Francesco Corti, Spotify
The CNCF Landscape offers an incredible and diverse ecosystem of frameworks, technologies, and platforms. Your teams have their own implementations of these technologies. Onboarding new developers is super confusing, and docs are scattered around the place. In short: chaos and fragmentation in dozens of different tools. The solution to this might be… another portal? Backstage (https://backstage.io), an open source platform you can use to build your own developer portal. It is highly customisable and adopted by companies like Unity, Netflix, American Airlines, and Epic Games. Lee & Francesco will share the lessons learned and latest tips from the hundreds of Backstage adopters and thousands of contributors. We’ll cover how core features such as the Software Catalog and software templates are changing the way end users interact and manage their ecosystem. Let’s shape the future of developer experience together! 🎉

Speakers
avatar for Lee Mills

Lee Mills

Senior Engineering Manager, Mills
Hi! I'm Lee, an engineering manager at Spotify focused on developer experience. I have a great opportunity, I'm sat right next to my customers. I get to live and breathe their experiences right there with them, and then I get to solve problems for them, letting them focus on solving... Read More →
avatar for Francesco Corti

Francesco Corti

Product manager, Spotify
Product Manager, Open Source enthusiast, Tech writer, Speaker, Developer at heart.I'm a passionate and skillful software professional with more than 5 years in product management and developer relations as well as more than 20 years of experience in the industry, doing a variety of... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
320

11:55am EDT

Envoy Maintainer Q+A - Matt Klein, Lyft
Come ask questions of the Envoy maintainers in this open ended Q&A! Any and all questions and open ended discussion is fair game!

Speakers
MK

Matt Klein

Software Engineer, Lyft
Matt Klein is a software engineer at Lyft and the creator of Envoy. He has been working on operating systems, virtualization, distributed systems, networking, and making systems easy to operate for nearly 20 years across a variety of companies. Some highlights include leading the... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
410 A

11:55am EDT

Kubernetes Data Protection WG Deep Dive - Xiangqian Yu, Google
Data Protection WG is dedicated to promoting data protection support in Kubernetes. The Working Group is working on identifying missing functionalities and collaborating across multiple SIGs to design features to enable data protection in Kubernetes. In this session, the co-chairs of this WG will discuss what is the current state of data protection in Kubernetes and where it is heading in the future. They will also talk about how interested parties (including storage and backup vendors, cloud providers, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.

Speakers
XY

Xiangqian Yu

Software Engineer, Google


Wednesday October 26, 2022 11:55am - 12:30pm EDT
142 ABC

11:55am EDT

Mentoring WG And You - Nate Waddington, The Linux Foundation & Jay Tihema, II.com
Most CNCF projects want to participate in new contributor mentoring programs, but it's hard to get started -- and it's even harder to be successful. Meet the new Mentoring Working Group, who will help you with information, resources, and peer coaching. We'll also be introducing an exciting new program. LFX, GSOC, Outreach, and others let you grow and diversity project contributors through mentoring. We'll talk about the existing programs, how you can get involved, and ways to minimize the work involved. We'll also review how you can help build up the Mentorship WG to assist all CNCF projects, mentors, and mentees. We'll also introduce a new regional program, He Waka Eke Noa/HWEN, which is helping New Zealand and Maori students get involved in cloud native without leaving home. This program can serve as a model for new ways to recruit non-traditional contributors. You'll learn what you need to get started or become more successful in your project mentorship efforts.

Speakers
NW

Nate Waddington

Developer Advocate, CNCF, The Linux Foundation
avatar for Jay Tihema

Jay Tihema

Community Manager, II.com


Wednesday October 26, 2022 11:55am - 12:30pm EDT
252 AB

11:55am EDT

SIG Cluster Lifecycle Intro - Vince Prignano & Fabrizio Pandini, VMware; Cecile Robert-Michon, Microsoft
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and building a Cluster API to provide an abstraction of machines across different deployment environments and a common control plane configuration. In this introduction session, we will present the SIG's mission statement, review recent accomplishments, and discuss our future plans, where you are very welcome to contribute to the discussion. We will also focus on how new contributors can get involved in helping shape the future of Kubernetes' cluster lifecycle management.

Speakers
avatar for Fabrizio Pandini

Fabrizio Pandini

Staff Engineer 1, VMware
A Kubernetes contributor for about 5 years, I’m obsessed with making Kubernetes lifecycle simple and consistent across all the types of infrastructures, ​so everyone can build amazing applications on top of it. When I’m not busy as a SIG Cluster Lifecycle tech-lead or as a project... Read More →
CR

Cecile Robert-Michon

Senior Software Engineer, Microsoft
Cecile Robert-Michon is a Senior Software Engineer at Microsoft Azure and serves as a maintainer for multiple SIG Cluster Lifecycle, including Cluster API, Cluster API Provider Azure, and Image Builder.


Wednesday October 26, 2022 11:55am - 12:30pm EDT
321

11:55am EDT

Secure Multi-Tenant GitOps Application & Infrastructure Rollouts At Adobe - Vikram Sethi, Adobe & Manabu McCloskey, Amazon Web Services
Securing a multi-tenant deployment for an enterprise is very challenging. Adobe built a scalable GitOps based application deployment solution for their individual teams using Argo projects. However, due to a lack of a standard solution for infrastructure automation across teams, enabling secure multi-tenant rollouts was a challenge. Adobe leveraged Crossplane in tandem with Argo to broker the provisioning of cloud resources consistently and across all teams. With this solution, Adobe and Amazon designed a layered isolation mechanism for tenant teams on top of existing shared Kubernetes clusters via a mix of technologies such as OPA Gatekeeper, ServiceAccount boundaries, IAM roles etc. This solved the non-negotiable requirements of security and multi-tenancy, which are hard to achieve natively with Crossplane and Argo. Interested? Join Adobe and Amazon engineers to hear their vision, architecture, challenges, solutions, and key takeaways.

Speakers
avatar for Vikram Sethi

Vikram Sethi

Sr. Architect, Adobe Inc.
Vikram is a Sr. Architect at Adobe and has been working on creating Adobe's cloud foundation platform from scratch for the last 6 years. Vikram has had a diverse set of experiences in his 17 years at Adobe, including flagship desktop applications, mobile apps, web services and developer... Read More →
avatar for Manabu McCloskey

Manabu McCloskey

Solutions Architect, AWS
Manabu is a Solutions Architect at Amazon Web Services. He focuses on contributing to open source infrastructure toolings and works with AWS strategic customers to design and implement enterprise solutions using AWS resources and open source technologies. His interests include Kubernetes... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
140 ABC
  Multi-tenancy

11:55am EDT

Multi-Cluster Stateful Set Migration: A Solution To Upgrade Pain - Peter Schuurman, Google & Matt Schallert, Chronosphere
As more stateful workloads like Redis, Kafka, or custom DBs are migrated to Kubernetes, what operational paradigms need to change to support moving state across clusters and maintaining availability during migration? How do admins safely and reliably perform Day 2 operations and maintenance events while protecting the data and state of the app? What visibility is needed? Today, cluster administrators design complex workflows for data replication, pod and persistent volume migration, and state management for Day 2 ops. What if there was a way to seamlessly migrate StatefulSets between node pools or across clusters to simplify problems related to upgrades, workload migration, and stretching clusters? The speakers will demonstrate the complex patterns developed at Chronosphere to safely migrate stateful workloads to coordinate maintenance operations for thousands of pods across multiple zones and regions. They will then discuss a new enhancement to Kubernetes called StatefulSet Partition which is integrated into a multi-cluster deployment like Chronosphere's and how this can dramatically simplify their operations to focus instead on core business logic.

Speakers
avatar for Matt Schallert

Matt Schallert

Member of Technical Staff, Chronosphere
Matt is a Member of Technical Staff at Chronosphere, where he ensures Chronosphere's infrastructure meets the scale and reliability needs for cloud native observability. Previously, Matt was a Senior Site Reliability Engineer at Uber, where he helped launch the open source metrics... Read More →
avatar for Peter Schuurman

Peter Schuurman

Software Engineer, Google
Peter is a software engineer who works on Google Kubernetes Engine. His focus is on building technology to allow users to run reliable and highly available Stateful workloads.


Wednesday October 26, 2022 11:55am - 12:30pm EDT
250 ABC

11:55am EDT

Armoring Cloud Native Workloads With LSM Superpowers - Barun Acharya, Accuknox
Containers are not protected by default as the various tools for security into place provides perimeter security at the host, or the network and not necessarily the workload itself. LSMs(Linux Security Modules) provide with security hooks necessary to set up least permissive perimeter for various workloads. KubeArmor is a cloud-native runtime security enforcement system that leverages various LSMs to secure your workloads. LSMs are a really powerful system but they come with a high barrier of entry, steep learning curve and do not provide enough metadata for modern cloud native workloads. This talk will be about how KubeArmor leverages LSM superpowers to abstract away the complexities to help protect modern cloud native workloads, how we leverage eBPF to provide context about what's happening in the containers, how various kernel primitives fair with each to protect modern container workloads and what design considerations/challenges for integrating various LSM into KubeArmor.

Speakers
avatar for Barun Acharya

Barun Acharya

Software Engineer, Accuknox
Barun is a final year computer science undergraduate student in India and currently works as a Software Engineer at Accuknox. He loves to talk about Open Source and has been associated with programs like Google Summer of Code and LFX Mentorship. He is usually hacking on low level... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
Viewable In Platform
  Security + Identity + Policy

11:55am EDT

Securing the IaC Supply Chain - Jesse Sanford, Autodesk & Jason Hall, Chainguard
Secure software supply chain practices have begun to permeate all aspects of software development. But what about the orchestration of our infrastructure? With the proliferation of infrastructure as code, many of the same threats posed to software supply chains are also threats to our IaC ecosystems. IaC provides clear advantages to platform teams, bringing uniformity and productivity to developers, but with the great power bestowed to it, it also presents a juicy target for supply chain attacks, often while no one is looking. It's only a matter of time before our Site Reliability Engineers will need to defend against the same attack vectors as their Software Engineer counterparts. How can DevSecOps practitioners learn from the patterns and practices being developed by projects like SLSA? Can IaC pipelines build on tooling like Sigstore and in-toto? This talk covers the application of software supply chain security principles to modern IaC pipelines. Jesse and Jason discuss design changes to the Crossplane package management system and it’s forthcoming integration with Sigstore, enabling IaC provenance and attestations. Finally, a demo showcasing the equivalent of “admission control” for IaC will provide inspiration for further work on Secure IaC Supply Chains.

Speakers
avatar for Jesse Sanford

Jesse Sanford

Sr Principal Engineer, Autodesk
Lifelong software engineer focused on site reliability and Infosec. Currently directing traffic at the intersection of Developer Enablement and Security/Compliance at Autodesk. When away from his computer, he is a continuously delivering parent of two young daughters.
JH

Jason Hall

Engineer, Chainguard
Jason contributes to various projects related to container image construction, security and performance. He has never heard a joke about his name and the JavaScript Object Notation that didn't elicit a polite chuckle. He lives in Brooklyn with his wife and kids, and enjoys naps and... Read More →


Wednesday October 26, 2022 11:55am - 12:30pm EDT
420AB
  Security + Identity + Policy

12:00pm EDT

Virtual Project Office Hours: Fluid
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Fluid Project Office Hours here: ​https://community.cncf.io/j/72skrdsmhg2bh/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 12:00pm - 12:45pm EDT
Project Office Hours

12:00pm EDT

Virtual Project Office Hours: Meshery
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Meshery Project Office Hours here: ​https://community.cncf.io/j/8pgn8we7gg8mg/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 12:00pm - 12:45pm EDT
Project Office Hours

12:30pm EDT

Wellness Session - Flow for Irritability

Whether it’s a disruptive email or text or the traffic on your way to work, we all have irritable days. This sequence will stimulate blood circulation through twists and hip openers.

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Wednesday October 26, 2022 12:30pm - 1:00pm EDT
412 B

12:30pm EDT

Lunch 🍲
Wednesday October 26, 2022 12:30pm - 2:30pm EDT
TBA

1:00pm EDT

Virtual Project Office Hours: k8gb
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for k8gb Project Office Hours here: ​https://community.cncf.io/j/j939mbc8heaw8/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 1:00pm - 1:45pm EDT
Project Office Hours

1:10pm EDT

Wellness Session - Guided Meditation for Emotional Exhaustion

Did you know? The leading cause of burnout is emotional exhaustion. This meditation will make you feel less stuck.

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Wednesday October 26, 2022 1:10pm - 1:40pm EDT
412 B

1:50pm EDT

Wellness Session - Chair Yoga

Chair yoga is a gentle form of yoga that can be done sitting on a chair or standing on the ground while using the chair for support.  Benefits of chair yoga include
  • improved flexibility
  • better concentration
  • increased strength
  • boost your mood
  • reduced stress and joint strain

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Wednesday October 26, 2022 1:50pm - 2:20pm EDT
412 B

2:00pm EDT

Virtual Project Office Hours: Athenz
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Athenz Project Office Hours here: https://community.cncf.io/e/m85s39/


>> Full list of Project Office Hours


Wednesday October 26, 2022 2:00pm - 2:45pm EDT
Project Office Hours

2:00pm EDT

Virtual Project Office Hours: Teller
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Teller Project Office Hours here: ​https://community.cncf.io/j/hhn56r86x7vas/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 2:00pm - 2:45pm EDT
Project Office Hours

2:30pm EDT

Kubernet-Bees: How Bees Solve Problems Of Distributed Systems - Simon Emms & Christian Weichel, Gitpod
Many CNCF participants use bees as logos (e.g. eBPF, Cilium, GiantSwam, Honeycomb). This is no coincidence; the two worlds have more in common than you might think. Honey bees are social animals which operate as a distributed system. As experienced beekeepers and cloud-native engineers, the similarities between bees and Kubernetes are fascinating. Bee hives autoscale, self-heal, have message passing mechanisms, service discovery, and RBAC. For bee colonies, these are fundamental processes which must be cost-effective. This talk is an introduction to the fascinating world of honey bees, explains how bees have solved problems we face on a daily basis as Kubernetes users and gives an outlook on features that are missing from Kubernetes which bees support today.

Speakers
CW

Christian Weichel

CTO, Gitpod
Christian Weichel, CTO at Gitpod - Christian is interested in developer experience, distributed systems and Kubernetes. He holds a PhD in human computer interaction from Lancaster University. Currently a core contributor to Gitpod, he previously worked on the Internet of Things and... Read More →
avatar for Simon Emms

Simon Emms

Senior Engineer, Gitpod
Simon has been working as a software engineer since 2006, in which time he's done work for the likes of Gitpod, DPD, Specsavers, British Pathé, the NHS, the Red Cross and others. He's used pretty much all of the major languages over the years and since 2017 has been focused on building... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
140 DEFG
  101 Track

2:30pm EDT

Essential Patterns For Designing And Implementing Your Operator - Michael Hrivnak & Austin Macdonald, Red Hat
It’s easy to get started developing operators with kubebuilder and operator-sdk to manage your workloads and infrastructure – but what challenges will you face as your operator matures? This presentation will share the most essential lessons learned across years of experience helping teams and organizations design and implement real-world operators for a wide variety of use cases. Coding topics will focus on Go-based operators. You will learn about: - API anti-patterns: Common API design choices that lead to future regret, and how to overcome them in the wild. - Bridging the gap between slow (and complex and buggy) imperative infrastructure management and the declarative Kubernetes API. - Taking control of the client’s cache to maximize its usefulness and avoid memory bloat. - Interacting with multiple clusters efficiently from a single operator instance. - Minimizing load imposed on the API server. Attendees will be ready to face key challenges as they enhance their operators with new features and evolving APIs.

Speakers
avatar for Michael Hrivnak

Michael Hrivnak

Senior Principal Software Engineer, Red Hat
Michael Hrivnak is a Senior Principal Software Engineer and Software Architect at Red Hat, where he’s been focused on container technology since 2014. He’s been a leader in developing early registry and distribution technology, the Operator SDK, and Kubernetes-native infrastructure... Read More →
AM

Austin Macdonald

Software Engineer, Red Hat


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
430 AB
  Application + Development + Delivery

2:30pm EDT

Implementing Private 5G Networks For Enterprises With Kubernetes - Amar Kapadia, Aarna Networks & Christian Huebner, Mirantis
Images of large scale telecommunications wireless networks built using big iron boxes come to mind for many when they hear the term 5G. We will introduce you to a new type of private network built using 5G technology that brings with it numerous benefits over existing wired and wireless networks commonly found in enterprise environments. We will then continue to show how Private 5G networks will be built using cloud native (containerized) network functions that are orchestrated by Kubernetes as opposed to the legacy way of using purpose-built appliances. In this talk, you will learn: * What are Private 5G networks * What are the benefits of a Private 5G network * What hardware and software components are required to build a Private 5G network * How can Kubernetes be used as the orchestration layer for the software components * What special requirements are imposed on Kubernetes to support networking traffic * The role of Linux Foundation Anuket in supporting these requirements

Speakers
avatar for Christian Huebner

Christian Huebner

Principal Architect, Mirantis
Christian Huebner works at Mirantis, Inc. as Principal Architect with a focus on Storage and Infrastructure. Coming from conventional storage architecture, Christian moved into cloud storage before joining Mirantis and later into general cloud architecture. He provides architectural... Read More →
avatar for Amar Kapadia

Amar Kapadia

Software Engineer, Aarna Networks
Amar Kapadia is the CEO and Co-Founder of Aarna Networks, a SaaS solutions provider that leverages open source, cloud native, and DevOps methodologies to provide zero-touch edge and 5G service orchestration and management services. Prior to Aarna, he was the NFV product marketing... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
251 ABC
  Business Value

2:30pm EDT

The Course Of True Community Management Never Did Run Smooth, In 1 Act - Karsten Wade, Red Hat
Over the years the Open Source ecosystem has evolved community values and practices. The Kubernetes community centers kindness and inclusivity, practicing accessibility as a way of building a diverse community. While the K8s community has brought attention and change in the ecosystem, neither the values nor the practices originated there. K8s-flavored, yes, but also similar to other communities such as OpenInfra, Drupal, and the Linux distributions. In this one-act play with two practitioners, Celeste breaks down successful community management in the K8s community, and Karsten performs a live diff, comparing and contrasting the K8s model with the Open Source Way guidebook for community management practices. Embracing storytelling, two very different literary nerds provide an overview of how community management works in the cloud native world, and an understanding of the differences and similarities to a broader, extrapolated view from a diverse community of practice.

Speakers
avatar for Karsten Wade

Karsten Wade

Red Hat
For over two decades, Karsten has been teaching about and working in the Open Source way. In Red Hat's OSPO, his community architect portfolio centers on the people, principles, and practices of Open Source communities. His current community management work includes the Open Source... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
Ambassador Ballroom (Room 360)
  Community

2:30pm EDT

Efficient Scheduling Of High Performance Batch Computing For Analytics Workloads With Volcano - Krzysztof Adamski & Tinco Boekestijn, ING
Three years ago ING Wholesale Banking Advanced Analytics team set up an ambitious goal to gather in one place a curated portfolio of internal data sources together with a large scale compute platform. At its core the idea of allowing internal projects to get access to a rich toolset of open source and industry standards frameworks and preprocessed data to validate business ideas in the secure exploration environment. Extensive growth with over 300 internal projects so far and more than 2000 internal users proofs advanced analytics i.e. ML, AI, NLP capabilities should become easily consumable not only by specialized, dedicated teams, but make them close to subject matter experts. In this session we would like to shed more light on how a specialized cloud native Kubernetes scheduler (Volcano) enables us to deliver multi-tenant large scale processing capabilities. The optimal resource usage with stability of core services are key for our cloud native platform. To enable dynamic allocation and hdrf (hierarchical dominant resource fairness) we have created an extension to Apache Spark binaries. This allows users to use Volcano with Spark interactive mode in a Jupyter notebook. Additionally we have created interfaces to visualize all the scheduling metrics like the yarn ui.

Speakers
avatar for Krzysztof Adamski

Krzysztof Adamski

Tech Lead at ING Data Analytics Platform, ING
Enables companies to make use of data to fuel their product strategies. Closing the gap between IT infrastructure teams and business initiatives. With the experience in high frequency trading business, migrating Spotify biggest analytics cluster to the public cloud and rebellious... Read More →
TB

Tinco Boekestijn

Data Engineer, ING
Full time Data engineer at ING for 2.5 years with a passion for distributed computing and scheduling. Studied at the University of Groningen. Living in The Netherlands. Active and devoted climber. As a fun side project I yearly solve (difficult) puzzles with Prolog, since Prolog is... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

2:30pm EDT

Advanced API Machinery Topics: Aggregated API Servers and OpenAPI v3 - David Eads, Red Hat; Jeffrey Ying, Google; Federico Bongiovanni, Google
- The power and the Danger of Aggregated API Servers: we plan to explain the architecture around the Aggregated API servers in the Kubernetes API Machinery domain, and how they work chained together. What can you do with them and what you can't. More importantly we will go into concrete examples and recommendations on when to use it in concrete.

- OpenAPIv3, a powerlfull feature in Beta right now, and graduating to GA very soon. What is it good for? How can I use it? Advanced use cases, and GA Plan.

Speakers
avatar for Federico Bongiovanni

Federico Bongiovanni

Senior Engineering Manager, Google
Federico is an Engineering Manager who is passionate about people development and growth, building diverse and inclusive teams, and solving large scale technical challenges. With a large technical background in development, cloud computing, building and running successful teams, and... Read More →
DE

David Eads

Senior Principal Software Engineer at Red Hat, Red Hat
David Eads is a senior principal software engineer at Red Hat and co-lead for Kubernetes sig-apimachinery and an emeritus lead for sig-auth.
JY

Jeffrey Ying

Software Engineer, Google
Jeffrey is a contributor to Kubernetes with a focus on API Machinery and Cloud Provider. He has worked on projects such as Server Side Apply, OpenAPI, and APIServer Network Proxy.


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
Viewable In Platform

2:30pm EDT

Building Multi-Architecture Images With Buildpacks - Aidan Delaney, Bloomberg & Emily Casey, VMware
Buildpacks transform source applications into images that run on any cloud. We introduce the key architecture of buildpacks and explain the separation of concerns between the buildpack and platform API. In addition we take a deeper-dive into two platform implementations. We deep-dive into a stand-alone buildpack builder (`pack`) and a kubernetes native buildpack service (`kpack`) detailing how both use the lifecycle component to build source applications into images. Having established a deeper understanding of how a platform works, we workshop approaches to supporting multi-architecture builds. It is increasingly common for developers to require that their application runs on both x86_64 and ARM64. The current platform specification maps a platform onto a single architecture and implementations build x86_64 images on x86_64 build platforms and ARM64 images on ARM64 platforms. We ask how applications can be built on x86_64 and produce images for both x86_64 and ARM64? Are the necessary changes to the platform and buildpacks APIs backwards compatible? Is it feasible for `pack` and `kpack` to produce muti-architecture output?

Speakers
EC

Emily Casey

Engineer, VMware
avatar for Aidan Delaney

Aidan Delaney

Engineer, Bloomberg


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
320

2:30pm EDT

CoreDNS Intro And Deep Dive - Yong Tang, Ivanti & John Belamaric, Google
CoreDNS maintainers will give you an introduction with the latest project update and roadmap, followed by a deep dive into creative ways of using CoreDNS through the plugin system. Stay to learn how to write you own CoreDNS plugin and help contribute to the project itself!

Speakers
avatar for Yong Tang

Yong Tang

Director of Engineering, Ivanti
Yong Tang is director of engineering at Ivanti. He is a core maintainer of CoreDNS and contributes to many container, cloud-native, and machine learning projects for the open source community. In addition to CoreDNS, he is a maintainer of Docker/Moby. He is also a maintainer and SIG... Read More →
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, and a co-founder of Nephio, an LF project for K8s-based automation of large scale telco edge deployments. He is also a co-chair of Kubernetes SIG Architecture, leading efforts on production readiness, conformance, and software architecture, and a maintainer... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
410 A

2:30pm EDT

KEDA - Real Time And Serverless Scaling In Kubernetes - Zbynek Roubalik, Red Hat & Jeff Hollan, Snowflake
Event driven architectures are exploding in popularity, often coupled with the desire to make them real time. These applications enable us to design and develop scalable, distributed, and flexible systems. Kubernetes brings flexibility and a distributed platform, but it doesn't provide any built-in way to deal with event-driven scaling properly and in real time. KEDA is one of the fastest growing CNCF projects that solved these needs. Scaling based on CPU and/or memory usage doesn’t fit well with event-driven processes. Current autoscaling solutions are usually complex, and their scope is too attached to a specific provider. KEDA provides a simple way to gather the metrics from external sources (such as queues, streams, databases) and translates them into Kubernetes metrics to drive event-driven autoscaling. During this session, two of the current KEDA maintainers and creators will introduce KEDA: what it is, how it works (with demos), and discuss future development plans.

Speakers
avatar for Jeff Hollan

Jeff Hollan

Director of Product, Snowflake
Director of Product at Snowflake - leading the Developer Platform, Ecosystem, and Compute team. Helping create developer experiences and platform capabilities for the Data Cloud, and the tools and SDKs / APIs for projects and partners to integrate with Snowflake data and apps. Previous... Read More →
avatar for Zbynek Roubalik

Zbynek Roubalik

Principal Software Engineer, Red Hat
Principal Software Engineer working for Red Hat @ OpenShift Serverless team. Maintainer of KEDA project, which aims to help with event-driven applications autoscaling on Kubernetes. Member of Knative TOC (Technical Oversight Committee) and focusing on developing Functions on Knative... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
321

2:30pm EDT

Staring Into the Abyss With the Security Technical Advisory Group - Andrew Martin, Control Plane; Ragashree Shekar, Carnegie Mellon University; Marina Moore, NYU
The CNCF Security Technical Advisory Group provides analysis and helps guide the community at large on the most appropriate security mechanisms, architectures, design patterns, and tooling. This presentation covers an introduction to the Security TAG, their charter and scope, and highlights on several efforts the TAG has undertaken (completed and in progress) with their community impact such as the Security Reviews, Supply Chain Security Paper, Security Pals, and so much more. This session is for anyone interested in cloud native security, and wishes to understand how to get involved.

Speakers
avatar for Marina Moore

Marina Moore

PhD Candidate, NYU
Marina Moore is a PhD student at NYU Tandon’s Secure Systems Lab focusing on secure software updates and supply chain security. While at NYU she has worked primarily on research and development for The Update Framework (TUF), Uptane, and Notary. She has spoken at KubeCon + CloudNativeCon... Read More →
avatar for Ragashree M C

Ragashree M C

Student, Carnegie Mellon University
2021 Nokia Ada Lovelace Honoree, Ragashree M C is a Cloud Security enthusiast with 3+ years industry experience in the domain. She is an active member of several open source security forums such as OWASP, CNCF, CSA etc. She is currently serving Cloud Native Computing Foundation Security... Read More →
AM

Andrew Martin

CEO, Control Plane Limited
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
252 AB

2:30pm EDT

Simplified Experience Of Building Cluster API Provider In Multitenant Cloud - Sahithi Ayloo & Arun Krishnakumar, VMware
Cluster life cycle management is a challenging task and Cluster API promises to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. With the growing adoption of CAPI in recent times, are you looking into writing your own Cluster API provider for your infrastructure (or) cloud with a unique set of requirements and constraints? We got you covered. This talk will walk you through our journey as a Cluster API provider and all the lessons learned the hard way. - Building blocks to implement Cluster API provider, and bare essentials like CSI & CPI. - What are the common patterns around developing and debugging workflows? - How to enable multi-version API support via webhooks? - How to enable end-user Kubernetes access to the air-gapped clusters? - How to address common problems like multi-tenancy, and user quota management in a strong multitenant cloud environment with Enterprise customers? - How to migrate existing clusters into CAPI-based clusters? Come and learn from the maintainers of a Cluster API infrastructure provider - "our journey around moving from handcrafted Kubernetes life cycle management to Cluster API based life cycle management in a multitenant cloud".

Speakers
AM

Arun M. Krishnakumar

Staff II Engineer, VMware
Arun has been working with Kubernetes since 2016 initially building Data Science and ML platforms at a time when Docker would not always play well with Kubernetes and GPU was new. Recently Arun has been at VMware working on a KaaS engine for their Multi-Tenant provider named Cloud... Read More →
avatar for Sahithi Ayloo

Sahithi Ayloo

Staff Engineer 1, VMware
Sahithi Ayloo is the technical lead for Kubernetes-as-a-Service platform for a multi-tenant cloud provider platform at VMware. She holds a strong track record of engineering customer-centric, distributed system-based solutions stacked on top of complex software-defined datacenters... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
140 ABC
  Multi-tenancy

2:30pm EDT

How To Handle Node Shutdown In Kubernetes - Xing Yang & Ashutosh Kumar, VMware
Shutting down of a node is an inevitable event and it can be graceful or non graceful in a Kubernetes cluster. A node shutdown can be graceful only if it can be detected by the Kubelet ahead of the actual shutdown. A node shutdown may not be detected by the Kubelet due to a variety of reasons causing the shutdown to be non graceful. In the talk, Xing and Ashutosh will explain the graceful shutdown concepts and its impact on the running workloads including the systemd inhibitor locks mechanism and configuration settings. In Kubernetes v1.24, alpha support for handling non graceful shutdown is introduced which enables replacement pods for StatefulSets to be created successfully on a different running node which otherwise would be stuck. The talk will explain how to use the non graceful shutdown feature using taints and the future roadmap around making the feature more automated.

Speakers
AK

Ashutosh Kumar

Software Engineer, VMware
Ashutosh is a senior engineer at VMware cluster lifecycle team who has joined the team very recently and started to contribute upstream Kubernetes. Apart from the sig-cluster-lifecycle, he has interests in Kubernetes storage. Prior to VMware, he worked on the OpenEBS project and was... Read More →
XY

Xing Yang

Staff Engineer, VMware
Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect of OpenSDS... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
250 ABC

2:30pm EDT

Using the EBPF Superpowers To Generate Kubernetes Security Policies - Mauricio Vásquez Bernal & Alban Crequy, Microsoft
Kubernetes has several security mechanisms that can be used to secure your applications: - limit network connectivity with network policies - block some system calls with seccomp profiles - restrict access to some Linux capabilities in security contexts Defining those policies is difficult. It usually happens that the team defining them is not the one that created the application, hence they might not have a good enough view of the architecture to know how to write them. We will present and demo different ways to automatically generate the 3 different kind of policies mentioned above by monitoring the application's events with the following eBPF-based tools: - Inspektor Gadget - Kubernetes Security Profiles Operator - oci-seccomp-bpf-hook We'll discuss the limitations of this approach and the future ahead of these tools. Finally, we will explain how applications can be audited to see if the security policies are respected.

Speakers
avatar for Alban Crequy

Alban Crequy

Principal Software Engineer, Microsoft
Alban is Principal Software Engineer at Microsoft. He has a particular interest in integrating BPF into Kubernetes. He is a maintainer of Inspektor Gadget, a set of tools introspecting and debugging Kubernetes applications using BPF.
avatar for Mauricio Vásquez Bernal

Mauricio Vásquez Bernal

Software Engineer, Microsoft
Mauricio works as a software engineer in the Kinvolk team at Microsoft. He is mainly interested in eBPF, Kubernetes, networking and tracing technologies. He has been working with eBPF for some years now. Currently he focuses on developing tools for debugging and observability on cloud... Read More →


Wednesday October 26, 2022 2:30pm - 3:05pm EDT
420AB
  Security + Identity + Policy

2:30pm EDT

🚨 ContribFest - KubeVirt
This Contribfest session is designed to provide projects with the space and resources to tackle outstanding technical debt, security issues, or outstanding impactful feature requests. They are intended to provide a place for maintainers to meet contributors and potential contributors and work together on solving a problem.

Speakers
AW

Alexander Wels

Principal Software Engineer, Red Hat
I focus on KubeVirt storage related items, if it is kubevirt storage related I should have a good idea of what is going on.Core developer and release manager of containerized data importer, which allows ones to import disk images into your cluster for use with KubeVirt.Regular contributor... Read More →
MH

Michael Henriksen

Principal Software Engineer, Red Hat
RH

Ryan Hallisey

Senior Software Engineer Technical Lead, NVIDIA
KM

Kat Morgan

Senior Developer Advocate, Kong Inc


Wednesday October 26, 2022 2:30pm - 4:00pm EDT
410 B

2:30pm EDT

Tutorial: So You Want To Develop a Cluster API Provider? - Anusha Hegde & Winnie Kwon & Sedef Savas, VMware; Richard Case, Weaveworks; Avishay Traeger, Red Hat
With the motto of "making cluster lifecycle management easy", Cluster API adoption has been increasing each year since its inception. Its pluggable architecture via providers is vendor agnostic and makes its adoption across various infrastructure environments (public clouds, on-premises) easy and gives its users the flexibility of using a variety of infrastructures with the same set of tools and workflows. Writing a provider follows a de-facto pattern (there are >20 providers created following this pattern). The talk “Building Your Own Cluster API Provider the easy way” at KubeCon EU 2022 was well received with 600+ registering (and more than that attending), and many indicating they are at various levels in their provider journey. While the talk touched upon high-level constructs of writing a provider, there is a lot of functionality to be covered in order to make the provider usable or to reach the first release milestone. This tutorial aims to be an in-depth hands-on exercise where the audience can get to a fully CAPI conformant provider starting from scratch. Everything can be done from your laptop. The slides will contain a list of any prerequisites to install prior to coming to the session.

Speakers
avatar for Richard Case

Richard Case

Principal Engineer, Weaveworks
Richard Case is a Principal Engineer @Weaveworks where he works on building bare-metal & microVM Kubernetes products and open source. He’s currently one of the maintainers of AWS & Microvm Cluster API providers.
avatar for sedef savas

sedef savas

Senior Software Engineer, VMware
Sedef Savas works at VMware as a software engineer and she is one of the maintainers of Cluster API Provider AWS project. Prior to this, her experience mostly lies in the networking domain from Kubernetes networking to Optical networking.
avatar for Anusha Hegde

Anusha Hegde

Senior Member of Technical Staff, VMware
Anusha Hegde is a Senior Software Engineer @VMware who was introduced to the Kubernetes world via Cluster API. Over the past year, her work has been around writing a new provider from scratch - Cluster API Provider for Bring Your Own Host which recently crossed 100 stars on GitHub... Read More →
avatar for Winnie Kwon

Winnie Kwon

Engineering Manager, VMware
Winnie Kwon is an engineering manager and Kubernetes open source engineer @ VMware, contributing to SIG cluster lifecycle projects, mainly Cluster API AWS provider. She has also worked on VMware's Kubernetes distribution, Tanzu Kubernetes Grid, since 2019. Prior to this, she was a... Read More →
AT

Avishay Traeger

Senior Principal Software Engineer, Red Hat
Avishay Traeger is a Senior Principal Software Engineer @Red Hat, working on vertical markets and edge projects such as the OpenShift Assisted Installer and its associated Cluster API provider. Previously, he received his doctorate in Computer Science which focused on performance... Read More →


Wednesday October 26, 2022 2:30pm - 4:00pm EDT
330 AB
  Customizing + Extending Kubernetes

3:00pm EDT

Virtual Project Office Hours: sealer
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for sealer Project Office Hours here: ​https://community.cncf.io/e/mn78mv/​​​


>> Full list of Project Office Hours


Wednesday October 26, 2022 3:00pm - 3:45pm EDT
Project Office Hours

3:25pm EDT

The 10 Biggest Mistakes You Shouldn’t Make In Open Source - Bill Mulligan, Isovalent & Divya Mohan, SUSE
“How can I get started?” is a common refrain heard from newcomers wanting to enter open source. This talk is the exact opposite - where you shouldn't invest your efforts while getting started. Being a new contributor to open source can be intimidating because you don’t know exactly what is helpful and what could hurt the community and frustrated maintainers. While a part of this gap can be attributed to the choose-your-own-adventure nature inherent to open source, there's already tons of material on how to get started technically. What nobody actually shines light on is the cultural dynamics. With this talk, the speakers aim to retell their experience and list common pitfalls almost everyone (including the speakers!) have made. This isn’t just about the right way to make a PR. The hardest, and most rewarding part, of any community is the people. The audience will learn how to engage in open source to ensure that the community they join will continue to be happy and healthy.

Speakers
avatar for Divya Mohan

Divya Mohan

Technical Writer, SUSE
A systems nerd and a CNCF ambassador, Divya currently is a technical writer at SUSE. She is extremely passionate about contributing to Open Source & co-chairs the documentation efforts for the Kubernetes and LitmusChaos projects. She has served on a few Release cycles for Kubernetes... Read More →
avatar for Bill Mulligan

Bill Mulligan

Community Pollinator, Isovalent
Bill Mulligan is a cloud native pollinator and community builder. He has given talk and written articles about building the business case for cloud native. While at CNCF he restarted the Kubernetes Community Day program and worked to grow the student community. He is currently at... Read More →


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
140 DEFG
  101 Track

3:25pm EDT

Flagger, Linkerd, And Gateway API: Oh My! - Jason Morgan, Buoyant & Sanskar Jaiswal, Weaveworks
In this session, you’ll learn about Flagger, Linkerd, and the Gateway API specification. You’ll also learn how to use Flagger and Linkerd to enable automated progressive delivery. The Gateway API specification is gaining momentum in the Kubernetes space as it attempts to change how users manage traffic. Both Flagger and Linkerd were able to standardize on the Gateway API to enable their users to simplify how they define traffic management within, and between, their clusters. Join Jason and Sanskar to discuss how each project independently implemented the Gateway API, how those implementations benefitted their respective projects, and how this allowed them to work together without any explicit configuration.

Speakers
avatar for Jason Morgan

Jason Morgan

Technical Evangelist, Buoyant
Jason Morgan is Technical Evangelist for Linkerd at Buoyant, maintainer of the CNCF Cloud Native Glossary, and co-author of the CNCF Landscape guide. Passionate about helping others on their cloud native journey, Jason educates engineers on Linkerd, the original service mesh. You... Read More →
avatar for Sanskar Jaiswal

Sanskar Jaiswal

Associate Software Engineer, Weaveworks
Sanskar is a Flux & Flagger maintainer and passionate about open source software, contributing to Kuberentes, Linkerd, etc. He finished his engineering undergrad in Electronics and Communications a couple of months ago, and has been working as a Software Engineer at Weaveworks since... Read More →


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
430 AB

3:25pm EDT

Get Projects Approved By Articulating the Business Value Of a Cloud Native Solution - Larry Carvalho, RobustCloud LLC; Krisztián Flautner, Cisco; Betty Junod, VMware; Chris Rosen, IBM
Cloud native technology is a robust set of tools that enable the development of innovative solutions, but practitioners often do not understand the business value delivered. This panel discussion will focus on three examples of how cloud native tools provide significant benefits not possible with traditional technology. Larry Carvalho, Principal Consultant at RobustCloud LLC, will moderate this session. Krisztián Flautner from Cisco will touch upon how a financial enterprise customer with challenges around digital transformation and the acceleration of FinTech uses cloud native technology to accelerate the introduction of new applications with lifecycle management. Chris Rosen from IBM will highlight how a customer used cloud native technologies to build a hybrid cloud solution that leveraged insights from data to speed up the insurance claim process while preventing fraud. Betty Junod from VMware will discuss how a traditional retailer was able to turn a production downtime of their primary in-store system over a busy sale weekend into a modern system that is more resilient, scalable, and agile for their central IT and store associates. This panel discussion will help you articulate the bottom line value delivered by a collection of open source cloud native technologies.

Speakers
avatar for Chris Rosen

Chris Rosen

Director, Product Management, IBM Cloud, IBM
Chris Rosen is a Director of Product Management for IBM Cloud Native PaaS and IBM Cloud Satellite. Chris is responsible for IBM Cloud’s containers and microservices portfolio. Chris has held a variety of roles in his 22-year career with IBM and is currently responsible for delivering... Read More →
avatar for Larry Carvalho

Larry Carvalho

Principal Consultant, RobustCloud LLC
Larry Carvalho of RobustCloud LLC provides strategy and insight into the adaption of Edge and Cloud Computing technologies. He provides advisory services and works closely with customers and vendors to help all parts of the ecosystem understand cloud computing, map business goals... Read More →
KF

Krisztián Flautner

Director of Product Strategy, Cisco
Kris Flautner is responsible for product strategy in Cisco’s Emerging Technology & Incubation Group after having been CEO of Banzai Cloud, a Cisco acquisition, that turned Cloud Native dreams into enterprise reality through cloud software. Before that, he was general manager of... Read More →
avatar for Betty Junod

Betty Junod

Senior Director of Product Marketing, VMware
Betty Junod is the Senior Director of Product Marketing for VMware Tanzu focusing on products and solutions for cloud-native application development. She previously led product marketing for VMware end user computing business unit. Prior to VMware she held marketing leadership roles... Read More →


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
251 ABC
  Business Value

3:25pm EDT

SIGs Aren’t Silos: A Case Study Into Solving Inter-Domain Problems In Kubernetes Development - Swetha Repakula, Google & Antonio Ojea Garcia, RedHat
The Kubernetes project development activity is organized into Special Interest Groups (SIGs). Each SIG is composed of members from multiple companies and organizations, with a common purpose of advancing the project with respect to a specific topic, such as Networking, Testing, Node or Documentation . Most of the time, tasks fall neatly within a SIG that is vertically focused on a particular component or domain area. However, what happens when those changes have an impact broader than that SIG? What happens because SIGs operate as silos? This talk is a case study in a recent cross-sig bug where a subtle behavior change by one SIG led to an outage causing bug in another. Due to the subtlety and cross-SIG nature of the bug, it went unnoticed for 6 months. Antonio and Swetha will walk through the incident and share the lessons learned.

Speakers
avatar for Antonio Ojea Garcia

Antonio Ojea Garcia

Principal Engineer, Red Hat
Antonio Ojea is a Kubernetes contributor, member of SIG-Network and SIG-Testing, with a vast experience in Open Source, networking and distributed systems. He started his career as a Network Engineer and took advantage of this real-life, in-the-trenches business experience to to work... Read More →
SR

Swetha Repakula

Software Engineer, Google
Swetha Repakula currently works at Google on their GKE Networking team and is a Kubernetes contributor for SIG-Network. Prior to Google, she previously worked as an Open Source Contributor in IBM and had the opportunity to work on projects such as Hyperledger Fabric and Cloud Fou... Read More →


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
Ambassador Ballroom (Room 360)
  Community

3:25pm EDT

Beyond Kubebuilder - Generating Entire Kubernetes Controller Implementations - Amine Hilaly & Jay Pipes, Amazon Web Services
"Tales from the Kubernetes controller factory floor" If you have used the Kubernetes controller-tools and kubebuilder projects to create a custom Kubernetes controller, you already know the immense power of these tools. However, a significant amount of work remains to implement a controller once kubebuilder has produced API types and basic controller scaffolding. What if you had to build dozens of controllers managing thousands of resources? You'd need a factory to produce full controller implementations from API model schemas. Amine and Jay happen to work in such a Kubernetes controller factory! In this talk, they will give you a tour of the Kubernetes controller factory, showing you how to use the API machinery and what dangers linger on the factory floor. They will teach you how to be the most productive worker in the whole factory by building on top of controller-tools and kubebuilder functionality. You will be introduced to open source tools and strategies that make Kubernetes controller factory life safe and enjoyable!

Speakers
avatar for Jay Pipes

Jay Pipes

Principal Engineer, Amazon Web Services
Jay is a Principal Engineer at Amazon Web Services working on cloud-native technologies in the EKS team focused on open source contribution in the Kubernetes ecosystem. He's been involved in open source development for nearly two decades, working in both the cloud infrastructure and... Read More →
avatar for Amine Hilaly

Amine Hilaly

Software Development Engineer, Amazon Web Services
Amine is a Software Development Engineer at Amazon Web Services working on the Kubernetes and Open source related projects for about two years. Amine is a Go, open-source, and Kubernetes fanatic.


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

3:25pm EDT

2022 Observability TAG Update - Alolita Sharma, Apple & Matt Young, TAG Observability
The CNCF Technical Advisory Group (TAG) on Observability serves as a discussion forum for topics related to observability of cloud native systems and workloads. We also produce supporting material and best practices for end users and provide guidance and coordination for CNCF observability projects working within the TAG’s scope. This session will provide an update on major observability projects in the CNCF, technology updates from these projects and opportunities to get involved in the TAG to build momentum on cross-collaboration across observability projects, data protocols and new areas. We also invite observability practitioners, developers and contributors to join in for this session to discuss features, gaps and open source solutions for end-users.

Speakers
avatar for Alolita Sharma

Alolita Sharma

Engineering Leader, Apple
Alolita Sharma is co-chair of the Cloud Native Computing Foundation Technical Advisory Group for Observability, member of the OpenTelemetry Governance Committee and a board director of the Unicode Consortium. She contributes to open source and open standards at OpenTelemetry, Unicode... Read More →
avatar for Matt Young

Matt Young

Co-Chair, TAG Observability


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
252 AB

3:25pm EDT

Evolving the Cloud Native Maturity Model - John Forman & Robert Glenn, Accenture; Danielle Cook, Fairwinds; Simon Forster, Stackegy
Am I doing this cloud native stuff the right way? The Cloud Native Landscape is a great resource for users to see the technology in the cloud native space. But it can lead to uncertainty and constant second guessing if you are doing cloud native right. The Cartografos Working Group developed the Cloud Native Maturity Model, a five phase framework to help those new to cloud native and those deep in the trenches understand where they are in their journey and what they should be considering or doing. In this session, panelists from the Cartografos Working Group will discuss the maturity model and its phases. They’ll give an overview of what you should expect out of the people at your organization, the processes and policies to put in place, and where CNCF projects fit in. The session will also dive into how the Cloud Native Maturity Model should evolve with the ever-changing CNCF landscape. Audience members will be encouraged to join the group and offer suggestions on ways to improve the Maturity Model.

Speakers
avatar for John Forman

John Forman

Director; Master Technology Architect, Accenture, LLC NA
John T. Forman is a Director; Master Technology Architect and serves as the Global Anthos/Kubernetes lead for Accenture Cloud First. John has a passion for Cloud Native technologies and along with being a hands-on practitioner, he serves as a SME for Open Source, the Metaverse, DevSecOps... Read More →
avatar for Danielle Cook

Danielle Cook

VP, Fairwinds
Danielle Cook has worked in the cloud native industry for the last 5 years. She helped build the Fairwinds Kubernetes Maturity and the CNCF Cloud Native Maturity Model. As a co-chair of the CNCF Cartografos Working Group, Danielle works to build content to help users adopt cloud native... Read More →
avatar for Robert Glenn

Robert Glenn

Delivery Manager, Accenture
Robert is a cloud technology architect with experience leveraging automated infrastructure as code to deliver GCP foundations and configuring Kubernetes clusters of various flavors for a diverse portfolio of clients. His experience in designing cloud native tooling roadmaps of varied... Read More →
avatar for Simon Forster

Simon Forster

Founder and director, Stackegy
Simon is a technology engineer and architect with 23 years’ experience in all aspects of the operation, delivery, design and security of mission-critical technology covering a wide range of platforms and delivery methods.  Most recently Simon has been working with devops teams... Read More →


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
320

3:25pm EDT

Knative: More Than Just Serverless Containers - Lance Ball & Naina Singh, Red Hat; Mauricio Salatino & Evan Anderson, VMware
As a new incubating project in the CNCF, Knative brings a full complement of “serverless” technologies to Kubernetes. One of the exciting new developments within Knative is the addition of Knative Functions, a developer-focused, function-based serverless experience, simplifying the knowledge and background required to quickly get projects up and running on a Kubernetes/Knative cluster. In this session, we will introduce Knative Functions with a brief overview of the technology, and a short demonstration showing use cases for local function development, building an OCI container image for a function, and finally deploying the function to a cluster. With this groundwork in place, we will open the panel up to discuss potential future capabilities, and integration with other Knative components.

Speakers
avatar for Evan Anderson

Evan Anderson

Senior Staff Software Engineer, VMware, Inc
Founding member of the Knative project. I spent 15 years at Google in SRE and Cloud (Compute Engine, Serverless, Security) and 3 years at VMware (Serverless / Kubernetes). In between raising two kids, I also run Kubernetes in my own home and practice long-distance running.
avatar for Lance Ball

Lance Ball

Principal Software Engineer, Red Hat
Lance Ball is a Principal Software Engineer at Red Hat and the Architect for OpenShift Serverless Functions. In this role, he also serves as the working group lead for Knative Functions, and is on the Knative Steering Committee. In addition to his contributions to Knative, Lance is... Read More →
avatar for Mauricio Salatino

Mauricio Salatino

Staff Engineer, VMware
Mauricio is currently working at the Knative OSS Project as part of the VMWare MAPBU team. He is the author of the Continuous Delivery for Kubernetes book for Manning and he is passionate about Open Source, Cloud Native and Kubernetes. You can always get in touch with him via Twitter... Read More →
avatar for Naina Singh

Naina Singh

Principal Product Manager, Red Hat
Naina is currently working as Product Manager of OpenShift Serverless product based on Knative OSS. She is passionate about all things Serverless, OpenSource and the connection between Users & Technology. You can always get in touch with him via Twitter @madhatter_ns


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
321

3:25pm EDT

Kubernetes SIG Apps Updates - Janet Kuo, Google; Kenneth Owens, Brex; Maciej Szulik, Red Hat
SIG Apps is the special interest group covering deploying and operating applications in Kubernetes with a focus on the application developer and application operator experience. In this session the SIG Apps leads will provide an overview of what we’ve accomplished over the past year, including API promotions, controller improvements, leadership changes, subprojects status etc. They will also share the work that is being planned for the upcoming releases. The session will conclude with an open discussion and Q&A.

Speakers
avatar for Janet Kuo

Janet Kuo

Senior Software Engineer, Google
Janet Kuo is a Senior Software Engineer at Google. She's joined the Kubernetes project since before the 1.0 launch in 2015. She is Kubernetes project maintainer, SIG Apps chair, and KubeCon co-chair emeritus. In her free time, she enjoys traveling and taking photos.
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.
avatar for Kenneth Owens

Kenneth Owens

Software Engineer, Brex
SIG Chair for SIG Apps. Xoogler. Current FinTech enthusiast. Has been working with containers since Mesos was cutting edge in OSS.


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
142 ABC

3:25pm EDT

Lessons Learned From Etcd the Data Inconsistency Issues - Marek Siarkowicz, Google & Benjamin Wang, VMware
Earlier the year there was an event that shook the cloud native ecosystem. The latest release of etcd had a critical data inconsistency issue. Etcd, the critical component that powers many cloud native solutions including Kubernetes, could corrupt your data. The issue was so bad, that it required every single administrator to take an action or risk their system becoming unrecoverable. This presentation will discuss what led to the data inconsistency issues, how they were discovered, what was needed to fix them and what lessons we learned that could benefit the whole community.

Speakers
MS

Marek Siarkowicz

Software Engineer, Google
Marek is a Software Engineer working at Google in GKE Logging and Monitoring team. He began his career in local startups where he loved open source and extreme programming. Currently he is an active member of SIG-instrumentation leading structured logging effort in Kubernetes. In... Read More →
avatar for Benjamin  Wang

Benjamin Wang

Staff Software Engineer, VMware
Benjamin is an etcd maintainer, and is a staff software engineer in VMware, and he is working on etcd, CSI and TKGi (aka PKS).


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
410 A

3:25pm EDT

Running Isolated VirtualClusters With Kata & Cluster API - Chris Hein & Eric Ernst, Apple, Inc
Kubernetes is generally considered a single-tenant container orchestrator, but as companies have been running it and realizing the benefits of the Kubernetes architecture contrasted with the nontrivial level-of-effort of managing many single tenant clusters we’ve seen a spike in use cases & projects that support the need for multi-tenant & zero-trust deployments. You can see this in the growth of “Sandboxed Runtimes” like Kata, gVisor & Firecracker. As well as tools like vCluster, Kamaji & HNC. In this talk Chris Hein & Eric Ernst will demonstrate one way hard multi-tenancy can be achieved by leveraging Cluster API Nested with VirtualCluster running inside a Kubernetes cluster with workload isolation & virtual networking being provided by the Kata runtime. Users of this architecture get the benefits of per-tenant Kubernetes control planes to use CRDs, Admission Webhooks, Cluster level RBAC, Aggregate APIServers along with workload & network segregation while reducing the overall maintenance burden. Modeled after the ICDCS paper by folks from Alibaba - https://bit.ly/3tfnWnA If you are interested in sandboxed runtimes, hard multi-tenancy, scaling Kubernetes, Cluster API or multi-cluster Kubernetes this is the talk for you.

Speakers
avatar for Chris Hein

Chris Hein

Software Engineer, Apple, Inc
Chris is a Software Engineer at Apple with a focus on Kubernetes, multi-tenancy, open source and cloud-native technologies. Chris helps to maintain multiple open source projects such as the Cluster API Provider Nested and VirtualCluster. Prior to Apple, Chris worked for AWS, GoPro... Read More →
avatar for Eric Ernst

Eric Ernst

Software Engineer, Apple
Eric Ernst is a software developer at Apple, where he focuses on virtualization, containers, container runtimes and Kubernetes. Eric is a contributor to Kubernetes and an architecture committee member for the Kata Containers project.


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
140 ABC
  Multi-tenancy

3:25pm EDT

Building Container Images In Kubernetes: It’s Been a Journey! - Laurent Bernaille & Eric Mountain, Datadog
Almost all of Datadog now runs on Kubernetes, but for a long time we needed dedicated nodes running Docker to build container images. We have recently migrated container image builds to Kubernetes and it's been an interesting journey!

The main challenge to build container images inside Kubernetes is to achieve it without additional privileges. We will explain why we chose buildkit in rootless mode, the architecture we ended up using, as well as the challenges we faced.

Building container images in rootless mode worked flawlessly for over 90% of our images, but for the remaining 10% we encountered complex and interesting issues. We will dive into these problems and explain in detail how rootless builds work and why they sometimes behave differently. We will also explain how we addressed these issues together with the community.

Speakers
avatar for Laurent Bernaille

Laurent Bernaille

Staff Engineer, Datadog
Laurent Bernaille worked several years as a consultant specializing in cloud, containers, and automation and helped organizations migrate to the public cloud, adopt containers and improve their deployment pipelines. He is now Staff Engineer at Datadog and works in the Compute team... Read More →
avatar for Eric Mountain

Eric Mountain

Senior Engineer, Datadog
Eric Mountain began working with Kubernetes in 2014 helping Amadeus migrate to container and cloud technology. Eric is now a Senior Engineer in Datadog’s Compute team providing large scale Kubernetes to our internal users.


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
250 ABC

3:25pm EDT

Untrusted Execution: Attacking the Cloud Native Supply Chain - Andrew Martin, Control Plane Limited
Should we trust the code we run in production? Not if a motivated attacker can compromise our system’s complex supply chains. While hardened runtimes and detection can mitigate some zero day attacks, malicious internal threat actors and software implants are much harder to detect. Supply chain security looks to address some of these concerns, but with so many signing options available to us, what do we really care about? Our source code, open source dependencies, CI/CD, built containers, vendor software — or the hardware and operating systems we run on? Securing the whole supply chain is a non-trivial task, and requires consideration at all of these levels. In this talk we: - Undertake a risk-based threat model of supply chain attacks against our systems - Compare the open source supply chain security controls available to us - Examine trusted execution environments and their security properties - Propose a solution for end to end supply chain security

Speakers
AM

Andrew Martin

CEO, Control Plane Limited
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →


Wednesday October 26, 2022 3:25pm - 4:00pm EDT
420AB
  Security + Identity + Policy

4:00pm EDT

Coffee Break ☕
Wednesday October 26, 2022 4:00pm - 4:30pm EDT
TBA

4:00pm EDT

Wellness Session - Restorative Yoga Gong Bath

The gong is an ancient instrument that has been used to bring people into deep states of relaxation & meditation by slowing down the brain waves & calming the nervous system. We are working to repair the body from the inside out!

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Wednesday October 26, 2022 4:00pm - 4:30pm EDT
412 B

4:30pm EDT

Don't Be Greedy: Rightsize Your Kubernetes Cluster With Prometheus - Jesus Angel Samitier & David Lorite Solanas, Sysdig
Setting the proper limits and requests to a Kubernetes cluster is one of the most challenging tasks engineers have to face. Not doing this could have critical consequences, like outages or astronomical cloud bills. Sometimes, when engineers don't have the full picture of the cluster they're working on, they tend to use more resources than actually needed for their workloads. This is called the "greedy developer" problem. To avoid this, you'll have not only to identify the unused resources, containers without limits, or very tight ones. But also to set the right requests and limits. In this talk, Jesus and David will walk you through this process. You might have to add new nodes, or just resize your workloads. Since every cluster is different, also measure the optimizations made, to help our audience with their own clusters.

Speakers
DL

David Lorite

Integrations Engineer, Sysdig
David Lorite Solanas is an Integrations Engineer at Sysdig. Before that, he worked as SRE for a big retail company, monitoring all their infrastructure with Prometheus. He is a Computer Science Engineer, and he loves video games, craft beers, and hiking in the mountains.
avatar for Jesus Angel Samitier

Jesus Angel Samitier

Integrations Engineer, Sysdig
Jesus Angel Samitier is a Computer Science Engineer with a strong background in software engineering. He works as an integrations engineer at Sysdig, where he tries out new technologies, develops integrations with different products and applications, and documents them in articles... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
140 DEFG
  101 Track

4:30pm EDT

Overview Of Challenges And Solutions For Orchestrating Applications To Multiple DC And Edge Clusters - Ritu Sood & Cathy Zhang, Intel Corp
Deploying, monitoring, and managing complex applications across multiple clusters is a challenging task. A complex application is usually composed of multiple microservices that need to be deployed to different clusters based on the criteria like latency, bandwidth, local context, etc. Some microservices need to be replicated in multiple geo-locations. Some microservices have cross-cluster dependencies. Some of these microservices deployed across different clusters may also need to communicate with each other securely. Furthermore, various infrastructure-related configurations need to be done in order for some microservices to function properly. To reduce the operational cost of deploying and managing these complex applications, automation is a must, and the goal is to achieve zero-touch deployments. In this talk, we'll examine the landscape of available solutions such as Kubedge, ArgoCD, Karmada, EMCO, etc. and provide an in-depth analysis of each of them.

Speakers
avatar for Ritu Sood

Ritu Sood

Cloud Software Engineer, Intel Corp
Ritu Sood is a Cloud software engineer working at Intel. She has been working in Cloud technologies for last 7 years. During this time she worked on opensource projects like Openstack, ODL, ONAP, Kubernetes. She is one of the early contributors of the Nodus project (https://github.com/akraino-edge-stack/icn-nodus... Read More →
avatar for Cathy Zhang

Cathy Zhang

Senior Principal engineer, Intel
Cathy is a senior principal engineer at Intel, spearheading the development of high-performance cloud native SW stacks and solutions. She is responsible for shaping the company's cloud-native strategy and roadmap, and driving the company-wide contributions to CNCF projects/TAGs/WGs... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
Viewable In Platform
  Application + Development + Delivery

4:30pm EDT

Leveraging Community To Transform Ford's Software Development Teams - Rebecca "Beckie" Riss & Satish Puranam, Ford Motor Company; Langdon White, Boston University
This presentation from Ford Motor Company, Boston University, and Red Hat showcases the power of community to drive the transformation from traditional software development methodologies to next generation cloud native development. To do this, Ford has turned to Kube By Example, sponsored by Red Hat and supported by Boston University, as a means to upskill their workforce and accelerate the development of cloud native automotive software. This has led to increased community participation, optimized customer experiences and a transformation of Ford's software development culture that runs deeper than the technology itself.

Speakers
avatar for Langdon White

Langdon White

Clinical Assistant Professor, Boston University
Langdon White is a Clinical Assistant Professor and the Spark! Technical Director at Boston University. In these roles, he helps to provide industry-affiliated experiential learning to students and teaches with the goal of making computing and data sciences more accessible. White... Read More →
avatar for Rebecca

Rebecca "Beckie" Riss

IT Culture Transformation & Internal Communications Lead, Ford Motor Company
Culture transformation, organizational change, agile transformation, internal communications
SP

Satish Puranam

Sr. Security & Controls Engineer, Ford Motor Company
Satish is a technology specialist at Ford Motor Company and focuses on Kubernetes, hybrid cloud computing, and distributed systems. Satish attended The University of Memphis and Gulbarga University. He holds a Bachelor of Engineering degree.


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
251 ABC
  Business Value

4:30pm EDT

Balancing Yin (Community) And Yang (Company) In OSS - Nikhita Raghunath & Kiran Mova, VMware
The Kubernetes Annual Report [1] shows that there are very few contributors, especially senior and experienced folks, who are paid to work on k8s. The report also shows that PR reviews were down -24% across the k8s repo. The existing contributors are burnt out and have started to move away from the project. This is affecting the sustainability, quality and velocity of the project, with major regression-related backports in recent releases. It clearly shows that most companies profit from k8s but don’t contribute back. Continuing this model is a huge risk to the whole CNCF ecosystem. We will show strategies on how employers can practice “Business Aligned Open Source”. We will cover how to: - Add value to internal products, improve speed to market and innovation - Build expertise and better support customers - Have employees dedicate a certain percentage to upstream - Incentivize career growth - Surface areas of risk that require investment - Establish company’s influence and credibility in the community [1] https://www.cncf.io/reports/kubernetes-annual-report-2021/

Speakers
avatar for Nikhita Raghunath

Nikhita Raghunath

Staff Software Engineer, VMware
Nikhita is a staff software engineer at VMware and she is a core Kubernetes contributor. She's been working on Kubernetes over 4 years now, is the Technical Lead for SIG Contributor Experience and has also served on the Kubernetes Steering Committee in the past.
KM

Kiran Mova

Senior Open Source Engineering Manager, VMware
Kiran Mova is Senior Open Source Engineering Manager at VMware with the mission to create a Open Source Engineering team around the Tanzu platform focusing on Kubernetes and other upstream projects. Prior to joining VMware, Kiran was the co-founder of a storage startup where he worked... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
Ambassador Ballroom (Room 360)
  Community

4:30pm EDT

Windows HostProcess Containers For Configuration And Beyond - James Sturtevant & Mark Rossetti, Microsoft
The days of needing custom scripts and hard-won knowledge to set up and configure Windows Server hosts are over. The new Windows HostProcess Container feature in Kubernetes has begun to close a major feature gap between Windows and Linux containers. We now have a way to carry out key tasks such as running kube-proxy and CNIs (Container Network Interface) as containers in the cluster. Beyond the basics, HostProcess containers also open the door to more effective logging, monitoring and debugging of the Windows environment.   In this session, we will cover the basics of using HostProcess containers and see how they differ from other Windows containers. After gaining an understanding of these differences, we will explore three examples covering the common use cases for HostProcess containers: CNIs, debugging, and on-demand monitoring. The attendees will see concrete examples of HostProcess Containers, novel approaches to debugging, and gain inspiration for new ways of interacting with Windows enabled clusters.

Speakers
JS

James Sturtevant

Principal Software Engineer, Microsoft
James Sturtevant is a Kubernetes tech lead for sig-windows, and contributes to the cluster-api initiatives including the image-builder project. Previously, he helped blaze the trail for Windows support in upstream Kubernetes for enterprises by contributing to the stable release of... Read More →
avatar for Mark Rossetti

Mark Rossetti

Principal Software Engineer, Microsoft
Mark Rossetti is a software engineering focusing on open-source projects at Microsoft and is also the co-chair of Kubernetes' SIG-Windows. Mark focuses on improving the experience of using Windows containers in Kubernetes.


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

4:30pm EDT

Fluent Bit V2.0: Unifying Open Standards For Logs, Metrics & Traces - Eduardo Silva & Anurag Gupta, Calyptia
Fluent Bit is the next-generation tool to deliver a unified layer for Logs, Metrics, and Traces. In this session, Fluent maintainers will do a 101 intro to the observability space and also will do a deep dive into the new features available in Fluent Bit v2.0 . Attendees will benefit from this session by learning different techniques for observability associated with Fluent Bit, Prometheus, and OpenTelemetry, as well as a couple of tips and best practices that are a must when deploying observability tools in production.

Speakers
avatar for Anurag Gupta

Anurag Gupta

Cofounder, Calyptia
Anurag is a maintainer of the Fluentd and Fluent Bit project as well as a co-founder of Calyptia. Previously he has worked at Elastic, driving cloud product and creating the Elastic Operator product. He has also worked at Treasure Data heading enterprise open source with Fluentd... Read More →
avatar for Eduardo Silva

Eduardo Silva

CEO & Founder, Calyptia
Eduardo is an entrepreneur and Software Engineer. He is currently one of Fluentd project maintainers and creator of Fluent Bit, a lightweight Logs, Metrics and Traces processor. He also is the founder of Calyptia (the Fluent company).


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
410 A

4:30pm EDT

Jaeger: The Future with OpenTelemetry and Metrics - Jonah Kowall, Logz.io & Joe Elliott, Grafana
In this session, we will start with an introduction to the Jaeger distributed tracing project and the basics of distributed tracing. Jaeger recently deprecated its native clients in favor of the clients maintained by the upcoming OpenTelemetry project. We will explain what this means to you as users and why we are changing the path forward. To help facilitate this transition, we will cover auto instrumentation of an application using an OpenTelemetry client and we will cover multiple best practices to build a scalable trace pipeline to deliver this data to a Jaeger backend. Moving Jaeger from a tracing system to a monitoring system has been the big push for the project in the last year. Made possible by OpenTelemetry and the processor layer which allows for the creation of metrics derived from traces in the pipeline. Operational monitoring is now possible using the new monitoring tab, which adds metrics capabilities to Jaeger UI via another graduated project, Prometheus. We are always seeking new collaborators, contributors, and users. We need your help, please join us!

Speakers
avatar for Joe Elliott

Joe Elliott

Principal Software Engineer, Grafana
Joe Elliott has been working as an SRE/Devops/Infrastraucture person with Kubernetes for the last 6 years. Currently a Senior Engineer at Grafana, he is the creator of Tempo, a Jaeger maintainer, and has contributed to the OpenTelemetry Collector, Loki and Cortex.  When he's not... Read More →
avatar for Jonah Kowall

Jonah Kowall

CTO, Logz.io
Jonah Kowall a computer scientist and open-source contributor committing code to FreeBSD and built the first wireless cracking algorithms. Today Jonah focuses on observability contributing and maintaining projects such as OpenSearch, Jaeger, and OpenTelemetry. Jonah received his CISSP... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
430 AB

4:30pm EDT

KubeEdge: From Fixed Location To Movable Edge, Latest Updates And Future - Zefeng (Kevin) Wang, Huawei & Yin Ding, Google
KubeEdge is an open source edge computing framework that extends the power of kubernetes from central cloud to edge. Since last met, KubeEdge has made big progress on user adoption, community development, cross-community collaborations. In this talk, Kevin and Yin will cover: 1. latest user adoptions in several new industries, including: cloud native satellite, smart vehicles, offshore oil fields, etc; 2. development updates, including: significant scalability improvement, brand new device mapping interface, 3. Project roadmap, TSC, SIG and subproject updates. 4. Community Security updates including: security audit report, threat model and security protection analysis. 5. Useful informations on how new contributors to get involved. There will be an open Q&A for attendees to ask questions.

Speakers
WK

Wangzefeng (Kevin)

Lead of Cloud Native Open Source Team, Huawei
YD

Yin Ding

Software Engineering Manager, Google
Yin Ding is an Engineering Manager at Google, leading Kubernetes Hardening team. He has more than 15 years of experiences in the large scale and distributed computing area. He has led numerous cloud native efforts and projects in house, and also been an active member of open source... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
321

4:30pm EDT

Running the Observability As a Service For Your Teams With Thanos - Ben Ye, ByteDance & Bartłomiej Płotka, Red Hat
SaaS provides managed functionalities to external customers. However, we see a common trend in the CNCF ecosystem to provide specific features in an API-driven fashion to the internal teams. This includes the Prometheus-based monitoring and observability functionalities. Prometheus is a de facto standard for monitoring static and cloud-native workloads, but similar to Google Borgmon it's built on self-hosting premises. Given the data required for reliable monitoring, analysis, and observability, and its multi-tenant, multi-cluster aspect, creating a single observability team focused on providing tooling to others is very common. Running it as a service is a natural step. In this talk, Ben from ByteDance and Bartek from Red Hat will introduce you to the Thanos project that brings Prometheus API and storage to a scalable, multi-cluster, multi-tenant level. The audience will learn about the latest features that allow the observability teams to seamlessly deploy Thanos in SaaS mode!

Speakers
avatar for Deng Zhou

Deng Zhou

Site Reliability Engineer, ByteDance
Deng Zhou is a Site Reliability Engineer at ByteDance, Seattle, working on the edge platform, which uses the argocd to maintain workloads running hundreds of bare metal kubernetes. He is one of tech leads and covers the observability, storage, L7/L4 ingress, and kubernetes enhancement... Read More →
avatar for Bartlomiej Plotka

Bartlomiej Plotka

Principal Software Engineer, Red Hat
Bartek Płotka is a Principal Software Engineer at Red Hat with a background in SRE, working on Observability. Co-author of the CNCF Thanos project and core maintainer of various open-source projects including Prometheus. CNCF SIG Observability Tech Lead. He enjoys building OSS communities... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
252 AB

4:30pm EDT

SIG Architecture Intro And Deep Dive - John Belamaric, Google & Davanum Srinivas, VMware
SIG Architecture maintains and evolves the design principles of Kubernetes, and provides a consistent body of expertise necessary to ensure architectural consistency over time. The SIG takes care of evolution of conformance definitions, API definitions/conventions, deprecation policy, design principles, and other cross-cutting concerns. In this talk, we will provide an introduction to SIG architecture, including its role and the various subprojects that support its activities. Additionally, we will provide a community update on the status of those efforts.

Speakers
avatar for Davanum Srinivas

Davanum Srinivas

Senior Staff Engineer, VMware
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, and a co-founder of Nephio, an LF project for K8s-based automation of large scale telco edge deployments. He is also a co-chair of Kubernetes SIG Architecture, leading efforts on production readiness, conformance, and software architecture, and a maintainer... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
142 ABC

4:30pm EDT

What’s New In Chaos Mesh And Deep Dive Into Multi Clusters Support - Cwen Yin, PingCAP
Chaos Mesh is one of the most popular open-source chaos engineering platforms, with the goal of making chaos engineering easier and more accessible. In this session, In addition to a brief overview of Chaos Mesh, Cwen will provide an update about the latest feature developments, and deep into how to support chaos experiments on multiple Kubernetes clusters. In the real case, chaos experiments across multiple clusters are often needed, to achieve it and make it easy, chaos mesh supports this feature natively. In this session, Cwen will introduce how to design and implement this feature and introduce typical real world use cases.

Speakers
CY

Cwen Yin

Tech Lead, PingCAP


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
Viewable In Platform

4:30pm EDT

Cloud Governance With Infrastructure As Code (IaC) With Kyverno And Crossplane - Dolis Sharma, Nirmata
While self-service clusters are desirable, there are many cloud resources that need to be created for a cluster. In an enterprise, these may fall under a different team’s responsibilities. So, how does a cloud or infrastructure team provide the necessary guardrails to ensure that the Kubernetes environments created by developers are compliant with the organization’s security, governance, and cost management standards? In this talk, Dolis shares an approach where Crossplane and Kyverno, both CNCF projects, can be used to provide self-service Kubernetes environments on the cloud for developers with necessary checks and restrictions in place. While Crossplane, an increasingly popular IaC orchestrator running using Kubernetes, is used to provision different infrastructure resources, Kyverno can be utilized to provide governance on what type of resources can be created, by whom, and how the resources are configured. We can automate resource provisioning with governance using Crossplane and Kyverno. In addition to deploying and managing cloud resources, you can also create Kyerno policies to ensure that the generated resources are compliant with your company’s requirements.

Speakers
avatar for Dolis Sharma

Dolis Sharma

Customer Success Engineer, Nirmata
Dolis Sharma is a Customer Success Engineer at Nirmata. Dolis manages production Kubernetes clusters for Nirmata, in addition to assisting customers with Kubernetes deployment issues and other related work. Dolis is a Certified Kubernetes Administrator, Certified Kubernetes Administrator... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
140 ABC
  Multi-tenancy

4:30pm EDT

Cgroups V2: Before You Jump In - Tony Gosselin & Mike Tougeron, Adobe Systems
Adobe jumped into upgrading to cgroups v2 head-first and hit rocks beneath the surface. Our telemetry broke, HPA ceased to function, and then we started to notice some issues with our java apps. We ended up having to drag ourselves back to shore. However, that doesn’t mean you shouldn’t take the plunge! In this talk, we will give a background on what cgroups are (and why you should care) and how this impacts cloud-native architecture. We’ll also be touching on new cgroupv2 features in development for Kubernetes, such as tools to better manage resource utilization and an intelligent OOM killer for multi-container pods. At last spring’s KubeCon + CloudNativeCon Europe, SIG-Node shared their roadmap for Cgroups and Kubernetes, letting the community know where support for v1 and v2 is heading. This talk will help guide you in your transition and provide valuable feedback as you make the jump. Learn from our bumps and bruises, the water’s great!

Speakers
avatar for Mike Tougeron

Mike Tougeron

Lead Site Reliability Engineer, Adobe
For several years Mike has been building Kubernetes platforms and deployments. With a passion for automation and developer engagement, Mike works towards continuously improving development pipelines to take the complication out of managing services on large-scale infrastructure backed... Read More →
avatar for Tony Gosselin

Tony Gosselin

Senior Cloud Engineer, Adobe Systems
Tony Gosselin is a Senior Cloud Engineer at Adobe, where his day-to-day is filled helping to develop Ethos, Adobe’s de facto Kubernetes architecture. His previous work has also involved the building and management of large-scale OpenStack data center installations (as well as the... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
250 ABC

4:30pm EDT

Kubernetes to Cloud Attack Vectors: Demos Inside - Danny Hershko Shemesh & Alon Schindel, Wiz
Cloud service providers are constantly enhancing and releasing new capabilities to provide the best managed Kubernetes experience, intertwining cloud-specific capabilities within, to ease integrations and reduce friction. This talk is about the fine line between your managed Kubernetes cluster and its underlying Cloud environment, and how intertwining cloud-specific capabilities within the managed Kubernetes services introduces potential attack vectors and lateral movement paths – from Kubernetes outwards, or from the cloud inwards. This talk is demo-driven, we'll demonstrates several scenarios where an attacker can gain a foothold in a Kubernetes cluster and move laterally in order to compromise other cloud resources outside the cluster, or alternatively, gaining access to a cloud resource with the intent of compromising resources within a cluster. This talk also covers some of the best practices for configurations and standards to adopt in EKS, AKS and GKE to secure them from cluster-to-cloud or cloud-to-cluster attacks.

Speakers
avatar for Danny Hershko Shemesh

Danny Hershko Shemesh

Software Develop, Wiz
- 27- Married to an amazing wife- Uneducated (self-taught, some call it)- Programming for a living since 17- Had the chance to work with amazing people over the years and work across the stack - from the linux / windows kernels to the most abstracted, using-seven-3rd-party-libraries-for-2-lines-of-code... Read More →
AS

Alon Schindel

Director of Data & Threat Research, Wiz
Alon Schindel is the Director of Data and Threat Research at Wiz, the fastest growing unicorn in cloud security. He’s an experienced cybersecurity professional who has filled various lead roles in both development and research of cybersecurity products and specializes in threats... Read More →


Wednesday October 26, 2022 4:30pm - 5:05pm EDT
420AB
  Security + Identity + Policy

4:30pm EDT

🚨 ContribFest - Kyverno: Help Secure and Automate Kubernetes by Contributing to the Kyverno Project
Come work directly with some of the Kyverno maintainers on some ideas to expand the ability of Kyverno from a code and/or integration perspective. All potential contributors are welcome regardless of familiarity with Kyverno or Golang.

This Contribfest session is designed to provide projects with the space and resources to tackle outstanding technical debt, security issues, or outstanding impactful feature requests. They are intended to provide a place for maintainers to meet contributors and potential contributors and work together on solving a problem.

Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Co-founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy management company. Previously, Jim has held various leadership and engineering roles at companies such as Cisco, Pano Logic, Trapeze Networks, Bell Labs/Lucent, and Motorola. Jim is an active contributor in... Read More →
avatar for Chip Zoller

Chip Zoller

Technical Product Manager, Nirmata
Chip Zoller is a technologist, maintainer, and contributor to the Kyverno project where his primary focus is on process, enablement, documentation, automation, policy design and authoring, and community. Chip's background is as an architect, engineer, and cloud native consultant having... Read More →
avatar for Shuting Zhao

Shuting Zhao

Senior Software Engineer, Nirmata
Shuting Zhao is a Senior Software Engineer at Nirmata, working on Golang and distributed systems. She helped create Kyverno, a Kubernetes native policy engine which was recently adopted as a CNCF incubation project. She is a core contributor for Kyverno, and also contribute to the... Read More →


Wednesday October 26, 2022 4:30pm - 6:00pm EDT
410 B

4:30pm EDT

Tutorial: How To Write a Reconciler Using K8s Controller-Runtime! - Scott Rigby, Somtochi Onyekwere, Niki Manoledaki & Soulé Ba, Weaveworks; Amine Hilaly, Amazon Web Services
Kubernetes controllers are responsible for making the current state of your cluster continue to become closer to your desired state. Have you ever wondered how these built-in controllers work? Or have you ever wanted to write your own controller to manage Custom Resources? In this 90 minute tutorial, we'll walk you through building your own controller using controller runtime, the set of common libraries on which core controllers are built. We'll use Kubebuilder, a framework for building APIs using custom resource definitions (CRDs). We'll also explain lesser-documented best practices and conventions for writing controllers that the community has developed through trial and error learning, through projects such as Flux and Cluster API. Attendees will gain an understanding of what Kubernetes conditions are, how to set and respond to them, and why they matter. We’ll review common pitfalls and additional helper libraries to make writing these easier, more reliable, and enjoyable!

Speakers
avatar for Amine Hilaly

Amine Hilaly

Software Development Engineer, Amazon Web Services
Amine is a Software Development Engineer at Amazon Web Services working on the Kubernetes and Open source related projects for about two years. Amine is a Go, open-source, and Kubernetes fanatic.
avatar for Scott Rigby

Scott Rigby

DX, Weaveworks
Scott is a Brooklyn based interdisciplinary artist and Developer Advocate at Weaveworks. He co-founded the Basekamp art and research group in 1998 and the massively collaborative Plausible Artworlds international network. In technology he enjoys helping develop open source software... Read More →
avatar for Niki Manoledaki

Niki Manoledaki

Software Engineer, Weaveworks
Niki Manoledaki is a Software Engineer at Weaveworks. She is a maintainer of eksctl, the official EKS CLI, and has experience building multi-cloud platforms, including for the edge. She is an advocate for environmental sustainability initiatives at Weaveworks and is actively engaged... Read More →
avatar for Somtochi Onyekwere

Somtochi Onyekwere

Developer Experience Engineer, Weaveworks
Somtochi Onyekwere is a Developer Experience Engineer at Weaveworks and a maintainer of the CNCF Flux project. Somtochi particularly works on the Notification Controller and some aspects of Flagger. Prior to the current role, Somtochi was a participant of Google Summer of Code and... Read More →
SB

Soulé Ba

Consulting Reliability Engineer, Weaveworks
Soulé Ba is a Flux maintainer, is passionate about open source technologies, and actively contributes code to other projects in the CICD space like Tekton. Soulé has extensive experience as a Platform Engineer covering large enterprises in the finance and telecommunication industries... Read More →


Wednesday October 26, 2022 4:30pm - 6:00pm EDT
330 AB
  Customizing + Extending Kubernetes

5:00pm EDT

Wellness Session - Flow for reframing circumstances

The American Psychological Association estimates that 550 million workdays are lost each year due to stress on the job. Transforming challenges into growth opportunities takes practice and consistent effort.

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Wednesday October 26, 2022 5:00pm - 5:40pm EDT
412 B

5:25pm EDT

Storage Wars - Seán C McCord, Sidero Labs
Storage is always a sticky topic in Kubernetes, and all the more so when you have choices to make. When you are not using a cloud-provider's block storage, there are quite a number of options available to you. Which system should you use? In this talk, we will examine a number of the storage systems available to Kubernetes and give you tools to evaluate when it makes sense for you to use which. We look at performance, reliability, sustainability, cost, and many other factors to arm you with enough information to make the choice for yourself.

Speakers
avatar for Seán McCord

Seán McCord

CTO, CyCore Systems, Inc
Seán C McCord is the CTO at CyCore Systems, Inc, and he has been building fault-tolerant and scalable Linux systems since the mid '90s. His day-to-day life involves building Kubernetes-based systems for more interesting workloads.


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
140 DEFG
  101 Track

5:25pm EDT

Edge Computing Is Hot. Find Out the Business Value From Three Experts - Larry Carvalho, RobustCloud LLC; Stu Miniman, Red Hat; Marilyn Basanta, VMware; Muneyb Minhazuddin, Intel
Edge computing is drawing increased investments by organizations gaining efficiencies by taking advantage of automating physical activities. While consumer applications with connected homes have high awareness, significant business benefits are gained from using edge technology in commercial applications like the factory floor, mining operations, etc. Simulation of a digital twin of a complete factory or warehouse by embedding technology into devices can assist in making better decisions without large investments. Technologies used in edge solutions are AI/ML, 5G, IoT, and cloud native architectures.

This panel discussion will discuss how cloud native tools provide business benefits to applying edge technology for physical process efficiencies. Larry Carvalho, Principal Consultant at RobustCloud LLC, will moderate this session. Stu Miniman from Red Hat will highlight how a cruise line operator used a Kubernetes-powered edge solution to deliver an excellent digital experience to ship guests in disconnected environments. Marilyn Basanta will discuss how a large ground shipping service was able to add a modern application platform to their distribution centers, ensuring higher employee productivity and business continuity during natural events. Muneyb Minhazuddin will talk about how a manufacturer modernizes applications on the factory floor as they converge IT and OT to create a dynamic and agile production line in a factory shop by software defining constrained devices.

Join this session to learn more.

Speakers
avatar for Larry Carvalho

Larry Carvalho

Principal Consultant, RobustCloud LLC
Larry Carvalho of RobustCloud LLC provides strategy and insight into the adaption of Edge and Cloud Computing technologies. He provides advisory services and works closely with customers and vendors to help all parts of the ecosystem understand cloud computing, map business goals... Read More →
avatar for Stu Miniman

Stu Miniman

Director of Market Insights, Cloud Platforms, Red Hat
Stuart Miniman is the Director of Market Insights at Red Hat and an active member of cloud communities. He is the host of the Red Hat livestreaming show In The Clouds. He is a former cloud analyst who interviewed thousands as a host of theCUBE. Stu holds a BS in Mechanical Engineering... Read More →
avatar for Marilyn Basanta

Marilyn Basanta

Senior Director, Product Management, Edge Computing, VMware
Marilyn Basanta is the Senior Director of Product Management for VMware's Edge Compute product line. Formerly a software engineer for IBM, she came to VMware as a solutions architect and built out E2E vertical solutions. She moved into product management and launched VMware TestDrive... Read More →
MM

Muneyb Minhazuddin

CMO, Networking and Edge Division, Intel
Muneyb is the CMO for the Network & Edge Division at Intel. He is responsible for enabling businesses to digitize and automate their applications at the Edge while lowering the bar for using AI inferencing at the Edge. In the past, Muneyb worked at VMware as the VP for Edge Computing... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
251 ABC
  Business Value

5:25pm EDT

No One Is Saving Us But Us - Tabitha Sable, Datadog & Paris Pittman, Independent
No one corporation, individual, or organization can save or sustain open source. There is no sweeping solution to sustainability, as we have seen in decades of trying to maintain the commons we all depend on. Project funding, corporate support of full-time contributors, and balance in contributors’ lives are all critical to keep a large project healthy. But this isn’t all doom and gloom: we provide hope for our own future. Join Tabitha and Paris, as they discuss how your intentionality helps our sustainability. As an organization participating or an individual donating their time, how can we help each other successfully let our projects go on without us? How do mutual aid principles apply in open source? Where do corporations fit into the larger “us”? Intentional open source strategies sustain our long term needs by supporting the people doing the work. There isn’t one person or group working on open source sustainability - we all need to in whatever way we can: through participation, sticking around, and having a plan. Walk away with a beautiful idea of how you are contributing to the long term success of Kubernetes and the open source projects that you care about.

Speakers
avatar for Paris Pittman

Paris Pittman

various project roles, independent
Paris Pittman has spent the last 20 years helping communities grow and flourish — from building hometown Baltimore tech communities to driving belonging and sustainability in massive open source ecosystems like Kubernetes. Paris has contributed to Kubernetes for 6 years and serves... Read More →
avatar for Tabitha Sable

Tabitha Sable

Staff Engineer, Datadog
Tabitha Sable never met a system she didn't want to take apart. She serves the Kubernetes community as co-chair of SIG Security and a member of the Security Response Committee. At work, Tabitha leads Runtime Infrastructure Security at Datadog. She writes exploits, hardens infrastructure... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
Ambassador Ballroom (Room 360)
  Community

5:25pm EDT

Like Peas And Carrots: Argo CD And Crossplane For Infrastructure Management - Jesse Suen, Akuity & Viktor Farcic, Upbound
Kubernetes adopters have realized the benefits of declarative APIs and the ability to leverage modern deployment practices such as GitOps for safe and repeatable application delivery. These teams naturally wish to apply these same processes and tools to manage infrastructure deployments. The Crossplane project extends Kubernetes to enable the provisioning of cloud infrastructure. Combined with Argo CD, they become a powerful infrastructure management dashboard. This talk covers the benefits of using Kubernetes as a control plane of your cloud infrastructure over Terraform and CloudFormation, such as native RBAC and seamless integration with other cloud-native tools. See how Akuity uses Argo CD and Crossplane to manage its production AWS infrastructure. Learn to leverage advanced Argo CD features (health checks, resource actions, extensions) to get the most out of your Crossplane installation. Implement best practices recommended directly from the project maintainers Upbound and Akuity.

Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a Developer Advocate at Upbound, a member of the Google Developer Experts, CDF Ambassadors, and Docker Captains groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Jesse Suen

Jesse Suen

CTO, Akuity
Jesse Suen is the CTO and co-founder of Akuity, and co-creator and a project lead on the Argo project. Prior to founding Akuity, Jesse was a Principal Software Engineer and technical lead for the Argo team at Intuit, leading the design and architecture for Workflows, CD, and Rollouts... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

5:25pm EDT

Cilium Updates, News And Roadmap - Thomas Graf, Bill Mulligan & Liz Rice, Isovalent; Purvi Desai, Google
Welcome to Cilium! In this session you'll get an update on how the Cilium project has been progressing on the road towards graduation. You'll hear about the latest developments and future roadmap, including news about some of the largest and most interesting deployments of Cilium. And don't miss this session if you're interested in contributing to the project, as there will be guides on how to get involved and where your help is needed.

Speakers
PD

Purvi Desai

Director of Engineering, Google
https://www.linkedin.com/in/purvidesai/
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She... Read More →
avatar for Thomas Graf

Thomas Graf

CTO, Isovalent
Thomas is the CTO of Isovalent, chair of the eBPF governing board, and has been a Linux kernel developer for the last 15+ years focusing on eBPF, networking, and security. Thomas co-created the Cilium open-source project which provides eBPF-based networking, security, and observability... Read More →
avatar for Bill Mulligan

Bill Mulligan

Community Pollinator, Isovalent
Bill Mulligan is a cloud native pollinator and community builder. He has given talk and written articles about building the business case for cloud native. While at CNCF he restarted the Kubernetes Community Day program and worked to grow the student community. He is currently at... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
320

5:25pm EDT

Enterprise Cloud Native Artifact Registry - Yan Wang & Daojun Zhang & Chenyu Zhang, VMware; Vadim Bauer, 8gears Container Registry
Project Harbor is an open source trusted cloud-native registry project that stores, manages, signs and scans content to solve common OCI artifact management challenges. It has been widely used by organizations large and small around the world to address container image and other OCI-compatible artifact management challenges. In this presentation, we will cover some advanced features using Harbor such as OCI artifact management in cloud environments, management of artifacts and their attachments (cosign, nydus), recommended settings for high concurrent use, and high availability deployments. In addition, the team would like to get feedback from users and contributors on current features and future roadmap.

Speakers
DZ

Daojun Zhang

Staff Engineer, VMWare
Daojun works as Staff Software Engineer at VMware China R&D Center. He is one of the core contributors for open source project Harbor, an enterprise class Docker Registry server.
YW

Yan Wang

Staff Engineer, VMWare
Yan Wang is a Software Developer currently working at VMWare, living in Peking. I have a Master of Science in Computer Science from Beijing JiaoTong University and started my career in Adobe System 10 years ago. I am a core maintainer of open source project Harbor, which is an incubation... Read More →
CZ

Chenyu Zhang

Software Engineer, VMware
Software Engineer, maintain harbor project.
avatar for Vadim Bauer

Vadim Bauer

CEO, 8gears Container Registry
Vadim is a Container Silverback, who has been running containers in production since 2013. As a maintainer of the CNCF project Harbor, he today helps users to manage container images with Harbor and other CNCF projects. As someone who builds tools for developers every day, he has... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
Viewable In Platform

5:25pm EDT

From Pre-Population To Disasters: Manage And Protect the State Of VMs - Michael Henriksen, Red Hat
KubeVirt makes it possible to run traditional Virtual Machine workloads in a Kubernetes cluster. Since VMs are typically stateful and not as homogeneous as containerized applications, additional care must be given to ensure that VM state is properly initialized, managed, and protected. We will explore how the KubeVirt storage layer bridges the gap between QEMU/KVM Virtual Machines and K8s storage primitives to provide a feature-rich API that manages data for the entire lifecycle of a VM. We will discuss how new VMs can be created with pre-populated disks based on “golden images” and how running Virtual Machines can be safely snapshotted/restored. Disaster Recovery workflows are enabled by the VirtualMachineExport API as well as integration with Velero. Future initiatives, such as Volume Populator support will also be discussed. You will come away with enough of a high level understanding of the KubeVirt storage APIs and architecture to make meaningful contributions.

Speakers
MH

Michael Henriksen

Principal Software Engineer, Red Hat


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
Viewable In Platform

5:25pm EDT

Intro To Volcano: Cloud Native Batch System - William Wang, Huawei Cloud
Volcano is a system for running high-performance workloads on Kubernetes. In the year 2022, Volcano made big progress on user adoption, community development, cross-community collaborations and successfully moved to incubation level. In this talk, William will review Volcano motivation, architecture; then go through latest updates on new features, user adoptions, and new subprojects. After that William will introduce where the project is heading to, updated project roadmap and how new contributors to get involved. There will be an open Q&A for attendees to ask questions.

Speakers
avatar for William(LeiBo) Wang

William(LeiBo) Wang

Architect, HuaWei Cloud
William(LeiBo) Wang is an architect of Huawei Cloud Computing Co., Ltd. and is the team leader of the container scheduling team. He is responsible for planning and implementing cloud native scheduling on HUAWEI CLOUD. He is also the tech lead of Volcano's open source project, focusing... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
252 AB

5:25pm EDT

Kubernetes SIG CLI: Intro And Updates - Eddie Zaneski, Chainguard; Katrina Verey, Shopify; Sean Sullivan, Google; Maciej Szulik, Red Hat
SIG CLI is the special interest group for the command line tooling of the Kubernetes project. The SIG maintains kubectl, kustomize, and related libraries. In this session the SIG CLI leads will provide an introduction to the SIG and an overview of how to contribute. They will share the work done over the past year and an introduction to the kuberc KEP for defining user preferences. The session will conclude with Q&A.

Speakers
avatar for Sean Sullivan

Sean Sullivan

Software Engineer, Google
Sean Sullivan is a Software Engineer at Google, a co-chair of the SIG CLI (Command Line Interface), and an active SIG CLI and Kubernetes contributor since 2017. Sean has presented at a Kubecon conference every year since 2018. In his free time, Sean likes to surf and read.
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.
avatar for Katrina Verey

Katrina Verey

Senior Staff Software Developer, Production Engineering, Shopify
Katrina is a senior staff software developer working in Production Engineering at Shopify. She is passionate about upstream participation, and is delighted to be serving the Kubernetes community by co-leading SIG-CLI and its Kustomize and KRM Functions subprojects. She has been working... Read More →
avatar for Eddie Zaneski

Eddie Zaneski

Software Engineer, Chainguard
Eddie lives in Denver, CO with his wife and dog. He loves open source and works on the Kubernetes project. When not hacking on random things you'll most likely find him climbing rocks somewhere.


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
142 ABC

5:25pm EDT

Kcp: Towards 1,000,000 Clusters, Name^WWorkspaced CRDs - Stefan Schimanski, Red Hat
In 2014, namespaces were added to Kubernetes. Many tried to implement multi-tenancy on-top, with limited success. What if namespaces are just the wrong tool, and we better invest into cluster-like isolation called workspaces, built deeply into the apiserver. The kcp project explors Kubernetes - with logical cluster support to implement workspaces - with ability to scale horizontally via sharding, towards 1,000,000 clusters - with novel API service models disrupting CRDs. In contrast to other projects like vcluster or OpenClusterManager, kcp challenges years old decisions in Kubernetes by going deep into API-Machinery and apiserver. Strategically, we reduce the size of clusters to those of namespaces, and by that open up the space between workspaces for innovation, while within a workspace kcp is just Kubernetes. Outline: 1. from namespaces to workspaces 2. APIExport and APIBindings, identity based security 3. scaling up kcp to 1,000,000 workspaces.

Speakers
avatar for Stefan Schimanski

Stefan Schimanski

Senior Principal Engineer, Red Hat
Stefan is a Senior Principal Software Developer at Red Hat working on Kubernetes and kcp, with a focus on API machinery, extension points and developer tools as part of Sig API Machinery. He contributed a major part of the CRD feature set. Stefan is a 2nd time GoogleSummer of Code... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
140 ABC
  Multi-tenancy

5:25pm EDT

Improving Longhorn Performance With SPDK - Keith Lucas & David Ko, SUSE
Longhorn is a cloud-native distributed block storage solution for Kubernetes, providing an opinionated solution to cover different storage topology, data protection, and data services like snapshots, replication, encryption, backup restore, disaster recovery, etc. The Longhorn team is working on a new data plane backend for block storage to improve performance. SPDK is an open source, high performance development kit for storage applications. Longhorn’s engine component is being rewritten to take advantage of SPDK’s architecture to improve the performance. SPDK will simplify the architecture of Longhorn and make it more scalable. This presentation will go over the new architecture, some preliminary performance data, and areas of future growth. Longhorn was accepted as an incubating project by the Cloud Native Computing Foundation in November 2021.

Speakers
avatar for David Ko

David Ko

Senior Engineering Manager, SUSE
avatar for Keith Lucas

Keith Lucas

Staff Software Engineer
TBD


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
250 ABC

5:25pm EDT

SLSA FRSCA Recipe For Secure Supply Chain - Parth Patel & Michael Lieberman, Kusari
There are multiple tools out in the ecosystem trying to deal with parts of the software supply chain threat but what does an end-to-end solution look like? The OpenSSF - FRSCA is an implementation of the CNCF best practices that aims to protect the build system, secure ingestion and enforce policy in the production environment to minimize the attack vectors associated with software supply chain. With the integration of Tekton Pipelines/Chains, Sigstore, SPIFFE/SPIRE, and Kyverno, we can create a holistic approach that can meet SLSA Level 3 from beginning to end. Utilizing CUE, admission controller and short-lived certificates, we can cryptographically and based on policy protect the cluster. Building off binary authorization, FRSCA can validate the signature and attestation to authorize until the next release cycle. FRSCA aims to be an implementable architecture that the open source community and end-user organizations can utilize to ingest and produce SLSA compliant artifacts.

Speakers
avatar for Michael Lieberman

Michael Lieberman

CTO, Kusari
Michael Lieberman is an engineer and architect focused on technology transformation especially with regards to cloud native architectures, technologies and migrations. His passion is in applying his expertise to use cases where privacy and security are paramount. Most recently he... Read More →
avatar for Parth Patel

Parth Patel

Co-Founder, Kusari
Solutions Architect with 10+ years of CyberSecurity, DevOps, Software Development and Automation experience. Parth has successfully led multiple consulting and development projects in various industries (regulated and commercial) for modernization/migration, cloud adoption and secure... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
420AB
  Security + Identity + Policy

5:25pm EDT

Whose Packet Is It Anyway? Life of a Packet Through a Service Mesh - Kevin Leimkuhler, Buoyant & Doug Jordan, Airbnb
In this talk, Kevin and Doug will trace a packet through its journey between a meshed client and server. They'll explore how the path of a packet changes after installing a service mesh, the additional hops it introduces, and which networking changes ensure the application's behavior isn't affected.  First they'll observe the networking rule changes that allow for a proxy to intercept traffic. Once we understand what changes about how a packet travels through the kernel, we'll better understand how to observe it in the following steps. Next, in order to observe this packet on its journey they'll take a dive into the Kubernetes networking debugging space. How do you properly use debug containers to observe traffic between other containers? Once you have debugging capabilities, what tools can we use to observe the traffic? Using these tools, attendees will understand what is happening behind the scenes of a service mesh and how a packet travels within it.

Speakers
avatar for Kevin Leimkuhler

Kevin Leimkuhler

Software Engineer, Buoyant
Kevin Leimkuhler is a software engineer at Buoyant and works on Linkerd. Over several years, he has worked on all parts of the project—from each of the components in the control plane to the proxy and the ecosystem of libraries that it is built off of.
DJ

Douglas Jordan

Senior Software Engineer, Airbnb
Doug is a senior software engineer at Airbnb on the Cloud Foundation team. He has focused on TCP workloads as well as expanding the service mesh to include virtual machine based workloads. Previously, he worked at Microsoft Azure where he adopted Linkerd to secure and operationalize... Read More →


Wednesday October 26, 2022 5:25pm - 6:00pm EDT
430 AB
  Service Mesh

6:00pm EDT

Welcome Reception + Booth Crawl 👋
Join us onsite for drinks and appetizers, games, and conversations with old and new friends in the Solutions Showcase. If you are participating online, don't miss the expert office hours and interactive sessions presented by our sponsors. Explore nearly 250+ exhibit booths to learn more about the latest technologies, browse special offers and job posts, and much more.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third party’s logo in the virtual exhibit hall or exhibitor directory, and any actions within the booth thereafter including viewing resources) or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.


Wednesday October 26, 2022 6:00pm - 8:00pm EDT
Halls AB
 
Thursday, October 27
 

7:00am EDT

Wellness Session - Dequindre Cut Biking Tour

Tour will be a guided tour of the Dequindre Cut area near the convention center taking about 1 hour. While the tour offers a great way to exercise, it's officially a site tour. Tour spots are first come, first serve and are limited to 15 people max.  

Thursday October 27, 2022 7:00am - 8:00am EDT
Wheelhouse Detroit 1340 Atwater St, Detroit, MI 48207

7:30am EDT

Continental Breakfast 🥐
Thursday October 27, 2022 7:30am - 9:00am EDT
Hall E

8:00am EDT

Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification
There are two locations at Huntington Place where you can go through Health + Safety to how proof of vaccination or negative COVID-19 test and pick up your badge:
  • Corner entrance on the cityside @ the corner of W Congress St. and Washington Blvd.
  • Riverside entrance @ Atwater St. (along the Riverwalk)

Thursday October 27, 2022 8:00am - 6:00pm EDT
Huntington Place Detroit

9:00am EDT

Keynote: Kubernetes Project Updates - Ricardo Rocha, Computing Engineer, CERN; Emily Fox, Security Engineer, Apple; Frederick Kautz
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →
avatar for Emily Fox

Emily Fox

Security Engineer, Apple
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 12 years to drive a cultural change where security is unobstructive, natural, and... Read More →
avatar for Frederick Kautz

Frederick Kautz

Cloud Native Infra and Security Enterprise Architect
Frederick collaborates on security and networking. He is on the SPIFFE Steering Committee, focusing on providing Zero Trust Workload Identity to compute workloads and resources. Frederick co-authored Solving the Bottom Turtle. He is a co-founder of GitBOM and maintains the reference... Read More →


Thursday October 27, 2022 9:00am - 9:10am EDT
Halls CD

9:10am EDT

Keynote: To Be Announced
Thursday October 27, 2022 9:10am - 9:15am EDT
Halls CD

9:15am EDT

Keynote: What a RUSH! Let’s Deploy Straight to Production! - Whitney Lee, Staff Technical Advocate & Mauricio Salatino, Staff Engineer, VMware
Feel the adrenaline of deploying to production during business hours! Join as Whitney and Mauricio discuss how to enable your developers to tinker with the production environment while providing all the guardrails necessary to avoid catastrophic outcomes.  Terms like ‘supply chains’ and ‘continuous delivery’ can be confusing, but these concepts aim to tackle the same issue: how to efficiently ship more high-quality code while reducing the risk. By understanding the available supply chain tools in the CNCF landscape, your teams can avoid slowdowns, production downtimes, and failed compliance checks while speeding up their deliveries.  Watch a live demo showing tools including Keptn, Tekton, Crossplane, Cartographer, Kratix, ArgoCD, and Knative to gain a practical understanding of how to adopt, integrate and glue different tools to build your platform’s supply chain.  Learn how a platform team can provide a beautiful dev experience by paving the paths to production for the entire organization.

Speakers
avatar for Mauricio Salatino

Mauricio Salatino

Staff Engineer, VMware
Mauricio is currently working at the Knative OSS Project as part of the VMWare MAPBU team. He is the author of the Continuous Delivery for Kubernetes book for Manning and he is passionate about Open Source, Cloud Native and Kubernetes. You can always get in touch with him via Twitter... Read More →
avatar for Whitney Lee

Whitney Lee

Staff Technical Advocate, VMware
Whitney is a full stack developer who enjoys understanding and using tools in the cloud native landscape. Creative and driven, Whitney recently pivoted from an art-related career to one in tech. She is active in the open source community, especially around CNCF projects focused on... Read More →


Thursday October 27, 2022 9:15am - 9:30am EDT
Halls CD

9:30am EDT

Keynote: CNCF Project Updates Continued - Ricardo Rocha, Computing Engineer, CERN; Emily Fox, Security Engineer, Apple; Frederick Kautz
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →
avatar for Emily Fox

Emily Fox

Security Engineer, Apple
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 12 years to drive a cultural change where security is unobstructive, natural, and... Read More →
avatar for Frederick Kautz

Frederick Kautz

Cloud Native Infra and Security Enterprise Architect
Frederick collaborates on security and networking. He is on the SPIFFE Steering Committee, focusing on providing Zero Trust Workload Identity to compute workloads and resources. Frederick co-authored Solving the Bottom Turtle. He is a co-founder of GitBOM and maintains the reference... Read More →


Thursday October 27, 2022 9:30am - 9:45am EDT
Halls CD

9:45am EDT

Keynote: From Silicon to Serverless: A Full Stack Journey - Cathy Zhang, Senior Principal Engineer, Intel
The cloud native journey starts with silicon and ends with delivered applications. In this talk, Cathy Zhang will walk us through everything from cores to cloud.

Speakers
avatar for Cathy Zhang

Cathy Zhang

Senior Principal engineer, Intel
Cathy is a senior principal engineer at Intel, spearheading the development of high-performance cloud native SW stacks and solutions. She is responsible for shaping the company's cloud-native strategy and roadmap, and driving the company-wide contributions to CNCF projects/TAGs/WGs... Read More →


Thursday October 27, 2022 9:45am - 9:50am EDT
Halls CD

9:50am EDT

Keynote: CI/CD Isn't Reserved for Software! - Erin Boyd, Distinguished Engineer + Director of Emerging Technologies, Red Hat & Matt Farina, Software Architect, Rancher Labs
With more than 125 CNCF projects with various levels of maturity, the TOC is continuously evolving to meet the scale of project adoption and provide value to the cloud native community.This keynote will focus on how we are executing on our strategic objectives outlined in Valencia to improve the way we serve this community.

Speakers
avatar for Erin Boyd

Erin Boyd

Engineer, Red Hat
Erin is currently the Director of Emerging Technologies  and Distinguished Engineer at Red Hat in the Office of the CTO. Erin was previously an Apple Cloud Services Engineer at Apple. Erin is a Kubernetes contributor and an Apache Ambari committer. Erin is an active contributor to... Read More →
avatar for Matt Farina

Matt Farina

Software Architect, Rancher Labs
Matt works as a Software Architect at Rancher Labs where he focuses on cloud native technologies. He is an author, speaker, and regular contributor to open source. Matt has a particular interest in developer tooling and experience, CI/CD, dependency management, and, of course, cloud... Read More →


Thursday October 27, 2022 9:50am - 10:05am EDT
Halls CD

10:05am EDT

Keynote: To Be Announced
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →


Thursday October 27, 2022 10:05am - 10:20am EDT
Halls CD

10:20am EDT

Keynote: Closing Remarks - Ricardo Rocha, Computing Engineer, CERN; Emily Fox, Security Engineer, Apple; Frederick Kautz
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →
avatar for Emily Fox

Emily Fox

Security Engineer, Apple
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 12 years to drive a cultural change where security is unobstructive, natural, and... Read More →
avatar for Frederick Kautz

Frederick Kautz

Cloud Native Infra and Security Enterprise Architect
Frederick collaborates on security and networking. He is on the SPIFFE Steering Committee, focusing on providing Zero Trust Workload Identity to compute workloads and resources. Frederick co-authored Solving the Bottom Turtle. He is a co-founder of GitBOM and maintains the reference... Read More →


Thursday October 27, 2022 10:20am - 10:25am EDT
Halls CD

10:30am EDT

Coffee Break ☕
Thursday October 27, 2022 10:30am - 11:00am EDT
TBA

10:30am EDT

Solutions Showcase
Visit our sponsors in the Solutions Showcase - whether onsite or virtually - to try the latest demos, watch live presentations, talk to experts during live office hours, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third party’s logo in the virtual exhibit hall or exhibitor directory, and any actions within the booth thereafter including viewing resources) or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Thursday October 27, 2022 10:30am - 5:30pm EDT
Halls AB

11:00am EDT

“Why Can’t Kubernetes Devs Just Add This New Feature? Seems So Easy!” - Understanding the Feature Lifecycle In Kubernetes - Ricardo Katz, VMware & Carlos Panato, Chainguard
You started using Kubernetes. You are doing great! Then you figure out "hey if kubectl has colors probably it would be helpful for other people!" You go ahead, and open an issue in the Kubernetes repository, to figure out that there's another issue opened since 2016 about this! And with a lot of discussions! Yeah, it happens! But why does it take so long? Is this really necessary? In this talk, we will present to you how a new feature gets into Kubernetes and, most importantly, why it takes so long! We are going to pass through some simple scenarios to understand what is this review process, what problems were caught in some real life feature requests reviews, and also other examples of features that were promoted and now became a problem, trying to understand why they reached this status! Join us and learn a bit more about the enhancement process of Kubernetes!

Speakers
avatar for Carlos Panato

Carlos Panato

Staff Software Engineer, Chainguard
Carlos Panato is a Staff Software Engineer at Chainguard, Inc. who’s working on development and infrastructure using Kubernetes and containers. Previously, he’s worked on development, testing, processes, and management.
avatar for Ricardo Katz

Ricardo Katz

Staff Engineer, VMware
Ricardo is a Staff Engineer at VMware. Previously was the tech lead for the Brazilian Government Cloud and Platform infrastructure, being one of the persons responsible for implementing some of the first Kubernetes clusters in Brazil, clusters today that run some of the most mission-critical... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
140 DEFG
  101 Track

11:00am EDT

Production Practice For Large-Scale Financial Application Platform In China Merchants Bank - Jiahang Xu, China Merchants Bank & Jianbo Sun, Alibaba Cloud
China Merchants Bank(CMB) is one of the biggest bank in China which adopts cloud native technology for its rapidly evolving business needs. The challenges we meet are quite different from the practices of the internet industry, banking demand higher stability and security, at the same time, more complex historical architecture. For example, we need to handle the migration for diverse workloads from bare metal to serverless to provide a consistent experience. We must provide progressive rollout with traffic management to keep the stability without breaking any business continuity. We need to have insight for the application delivery and management process to meet the business SLO by observability, further more, to reduce the cost of resources and improve utilization. In this talk, we'll share our practices on building a modern banking cloud native platform, that mainly leverages CNCF projects such as KubeVela, KubeVirt, Envoy, Opentelemetry and others, to serve diverse workloads and solve all the above chanllenges.

Speakers
avatar for Jianbo Sun

Jianbo Sun

Senior Engineer, Alibaba Cloud
Jianbo Sun is a Senior Engineer at Alibaba Cloud. He has alomost 10 years experience working in the open source community and PaaS, and he's one of the creator of Open Application Model and KubeVela projects. He's mainly focus on how cloud native applications could be built and managed... Read More →
avatar for Jiahang Xu

Jiahang Xu

Senior Software Engineer, China Merchants Bank
Jiahang Xu is a Senior Software Engineer at China Merchants Bank. He has over 13 years unique cross-domain experience working in telecom, automotive, financial industry and startup as co-founder. He's mainly focus on cloud native application technology practice in the recent years... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
Viewable In Platform
  Application + Development + Delivery

11:00am EDT

Consumers To Contributors: Open Source As a Competitive Advantage - Brendan O'Leary, GitLab
As open source software has eaten the software world, it can be your biggest asset or cause your biggest problems. Most of the time, we consume open source without really considering the long-term impact on our business. So why would a business, enterprise, or organization decide to become a Contributor instead of just a Consumer? In this talk, we'll look at some of the biggest success stories in enterprise open source software partnerships and some of the cautionary tales. The more an organization is involved in co-creating the open source packages they use, the more both the organization and the open source project benefit. This session is for everyone: open source maintainers, OSPO leaders, or open source advocates in large enterprises. At the end of our session, you'll be able to articulate the tangible and emergent benefits organizations and enterprises gain when they stop just consuming open source software and instead embrace "Everyone can contribute."

Speakers
avatar for Brendan O'Leary

Brendan O'Leary

Staff Developer Evangelist, GitLab
Brendan O'Leary is a Staff Developer Evangelist at GitLab, the DevOps platform, and a governing board member at the Cloud Native Computing Foundation and advisor to various startups. He has a passion for software development and iterating processes just as quickly as we iterate on... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
251 ABC
  Business Value

11:00am EDT

ADHD: Understanding, Awareness, And Shared Experience - Bart Farrell, Data on Kubernetes Community; Heba elAyoty, Microsoft; Walid Shaari, Saudi Aramco; Farrah Campbell, Amazon Web Services; Rich Burroughs, Loft Labs
The cloud-native has a welcoming, diverse and inclusive community. However, are we as a community aware and inclusive of neurodivergent people? Are we neurodiverse? Is our documentation, talks, processes, conferences, applications, interactions and resources in line and aware of neurodivergent needs as it is for the neurotypical? How can we recognize and support our neurodivergent people? What efforts, approaches, and awareness programs are accomplished by the cncf or the community to accommodate and extend such inclusivity and strengthen our neurodiversity? What community data do we have on mental disorders among us, our developers, advocates, and the rest of the community? Join us, neurodivergent people answering the above questions and sharing our experiences, journeys, concerns, and insights reflecting on the CNCF community ecosystem and how it can benefit from being more neurodiverse. Presenting tips and tricks on how ADHD might be recognized as early as possible for you, a member of your family or the community? Our contribution is how to continue the self-care journey and extend inclusivity to mental health disorders, starting with ADHD. Hopefully, this will encourage more, including specialists and professionals, to come forward and help.

Speakers
avatar for Rich Burroughs

Rich Burroughs

Staff Developer Advocate, Loft Labs
Staff Developer Advocate at Loft Labs. Creator and host of the Kube Cuddle podcast. Founding member of the organizing team for DevOpsDays Portland. Advocating Kubernetes, DevOps and SRE. Diagnosed with ADHD and learning about it. https://linktr.ee/richburroughs... Read More →
BF

Bartholomew Farrell

Head of Community, Data on Kubernetes Community
Bart Farrell is a CNCF Ambassador and the Head of Community at the Data on Kubernetes Community DOK. He was diagnosed with ADHD in early 2022 at the age of 36. He embraces it and works to create spaces, contexts, and conversations to help others with ADHD share their experiences... Read More →
avatar for Walid Shaari

Walid Shaari

Platform Engineer, Saudi Aramco
Walid Shaari (Cloud Native Janitor) is a platform engineer supporting the application modernization initiatives. An AWS container hero and Red Hat Accelerator. He is a passionate advocate of Linux, containers, Kubernetes, and the cloud-native ecosystem. Also, an active community leader... Read More →
avatar for Heba elAyoty

Heba elAyoty

Senior Software Engineer, Microsoft
Heba is a software engineer in the AKS team. She is an active OSS contributor for various Kubernetes SIGs and a member of the k8s community. She was part of the 1.18 & 1.24 release teams and served as a Bug Triage lead for the 1.25 release. Also, worked as a Java developer for 10... Read More →
avatar for Farrah Campbell

Farrah Campbell

Senior Product Marketing Manager, Containers and Serverless, Amazon Web Services
After 10 years in healthcare management, a ride with Kara Swisher inspired Farrah to leap into tech. She has worked at many startups, eventually working her way to being the Sr. Product Marketing Manager, Containers and Serverless at AWS. Farrah's passions are technology and connecting... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
Ambassador Ballroom (Room 360)
  Community

11:00am EDT

Webhook Fatigue? You're Not Alone: Introducing the CEL Expression Language Features Solving This Problem - Joe Betz, Google
In Kubernetes 1.23 we integrated the CEL expression language into open source Kubernetes, making it possible to support the vast majority of CRD validation use cases without a webhook. This includes multi-field validation rules, immutability checks and more.  And this is just the beginning, we plan to extend admission control to support CEL expressions as well, which will make it possible to replace far more of those operationally troublesome webhooks with a much simpler alternative. We're convinced this leads to a better development experience for anyone extending Kubernetes. And more importantly, it makes cluster operations simpler and safer.  Learn about this future of Kubernetes extensibility from a contributor who has been involved in Kubernetes extensibility for over 5 years, including the projects to bring CRDs and Webhooks to GA, and who has been involved in improving the stability of Kubnernetes control planes in GKE for years.  In this talk I'll introduce CEL and how we've integrated it into Kuberentes and answer questions including: What can you do with CEL in Kubernetes today? What future features are planned? Can there really a future where webhooks are the exception instead of the norm?

Speakers
JB

Joe Betz

Staff Software Engineer, Google
Joe Betz is a contributor to Kubernetes with a focus on custom resource, admission webhook extensibility features and server side apply. Joe is also etcd project maintainer and directly responsible for the health and stability of the GKE etcd fleet and leads improvements to etcd via... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

11:00am EDT

CloudEvents And Beyond! - Doug Davis, Microsoft
Since CloudEvents v1.0 was released the project has been focused on what other eventing-related pain-points might benefit from some standardization. In this session, after a quick recap of the CloudEvents specification itself, we'll discuss how we're trying to ease the challenges associated with the remaining portion of the lifecycle of event management. In particular, around discovery of event producers, setting up subscriptions and event verification - all in a programmatic and interoperable fashion.

Speakers
avatar for Doug Davis

Doug Davis

PM Microservices, Microsoft
Doug is currently focusing on improving the developer experience for cloud native computing in Azure Cloud. He’s been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker, Kubernetes... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
320

11:00am EDT

Intro + Deep Dive: SIG Scalability - Marcel Zięba & Maciej Borsz, Google
This session will focus on the different efforts that SIG Scalability is involved in: defining what scalability means for Kubernetes, driving performance improvements, maintaining infrastructure for scalability testing, guarding Kubernetes against performance regressions. Time for Q&A will be reserved at the end of the session to understand how the SIG can better engage with the community as well as to allow the audience to provide the input about the roadmap.

Speakers
avatar for Marcel Zięba

Marcel Zięba

Software Engineer, Google


Thursday October 27, 2022 11:00am - 11:35am EDT
321

11:00am EDT

Kubernetes Policy, Governance, And Compliance: A WG Policy Update - Jim Bugwadia, Nirmata; Anca Sailer, IBM Research; Jayashree Ramanathan, Red Hat; Robert Ficcaglia, Sunstone Secure
Kubernetes policies can help simplify management particularly of multiple clusters, scale Day 2 operations, and automate security and resiliency and software engineering concerns, thereby optimizing cost of operations. Policies also serve as the building block to help enforce multi-cluster governance and deliver continuous compliance and readiness for audits. The Kubernetes Policy Working Group (WG) focuses on defining overall architecture recommendations and guidance on both current policy related implementations as well as future policy related proposals in Kubernetes. Join this session to find out about the working groups current and upcoming projects, and also learn how you can get involved to learn and contribute.

Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Co-founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy management company. Previously, Jim has held various leadership and engineering roles at companies such as Cisco, Pano Logic, Trapeze Networks, Bell Labs/Lucent, and Motorola. Jim is an active contributor in... Read More →
avatar for Jayashree Ramanathan

Jayashree Ramanathan

Distinguished Engineer, Chief Security and Governance Architect, Red Hat
Dr. Jaya Ramanathan is a Distinguished Engineer and Chief Security and Governance architect within Red Hat. She has held Chief Architect roles for identity and access management, audit logging and reporting, data loss prevention, and cloud security, compliance, and governance. Her... Read More →
avatar for Anca Sailer

Anca Sailer

Distinguished Engineer, IBM Research
Dr. Anca Sailer is a Distinguished Engineer at the T. J. Watson Research Center where she partners with clients, product providers, open communities to help transform their compliance processes through innovation into an engineering practice for automated continous compliance and... Read More →
RF

Robert Ficcaglia

CTO, Sunstone Secure


Thursday October 27, 2022 11:00am - 11:35am EDT
252 AB

11:00am EDT

Learn About Helm And Its Ecosystem - Andrew Block & Karena Angell, Red Hat; Matt Farina, SUSE; Scott Rigby, Weaveworks
Helm, the package manager for Kubernetes, isn't just a mature graduated CNCF project. It's a package manager with an ecosystem surrounding it that makes life better for those building and using Kubernetes packages. In this session you'll get a short introduction to Helm itself. From there we'll take a journey down two paths. One path will look at the ecosystem around building packages. This will include tools and processes to help you with that. On the other path we'll look at using Helm and its packages in your clusters. This will explore Helm and the various projects around it that you may want to use. When this session is done you'll have a good grasp on what Helm is and where you can get started using it.

Speakers
avatar for Matt Farina

Matt Farina

Distinguished Engineer, SUSE
Matt works as a Distinguished Engineer at SUSE where he focuses on cloud native technologies. He is an author, speaker, and regular contributor to open source. Matt is a maintainer of Helm, the package manager for Kubernetes, and a member of the CNCF Technical Oversight Committee... Read More →
avatar for Karena Angell

Karena Angell

Principal Product Manager, Technical, Red Hat
Karena Angell is a Principal Product Manager at Red Hat focusing on cloud native application workloads for Kubernetes as well as solutions for the 'open' hybrid cloud.
avatar for Scott Rigby

Scott Rigby

DX, Weaveworks
Scott is a Brooklyn based interdisciplinary artist and Developer Advocate at Weaveworks. He co-founded the Basekamp art and research group in 1998 and the massively collaborative Plausible Artworlds international network. In technology he enjoys helping develop open source software... Read More →
avatar for Andrew Block

Andrew Block

Distinguished Architect, Red Hat
Andrew Block is a Distinguished Architect at Red Hat that works with organizations to design and implement solutions leveraging cloud native technologies. He specializes in Continuous Integration and Continuous Delivery methodologies to reduce delivery time and automate how environments... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
410 A

11:00am EDT

SIG Contributor Experience Deep Dive - Nabarun Pal, Priyanka Saggu & Madhav Jivrajani, VMware; Marky Jackson, Equinix; Kaslin Fields, Google Cloud
The Kubernetes Contributor Experience Special Interest Group (SIG) is tasked with developing and sustaining a healthy contributor community. It also provides an excellent place to get involved with the Kubernetes project, either through code, non-code, or both. Join us and learn about ContribEx's many programs that you can participate in, including mentoring, meetings, community infrastructure, moderation, elections, contributor events, the contributor site, and more. Whether you're interested in helping the Kubernetes project run smoothly, or you want to see how these programs can benefit you, or just have questions about how the project is organized, you'll find answers here.

Speakers
avatar for Marky Jackson

Marky Jackson

Software Engineer, Methodair
Software developer. Lover of family and friends. Die-hard San Francisco Giants fan.
avatar for Nabarun Pal

Nabarun Pal

Senior Member of Technical Staff, VMware
Nabarun is a Senior Engineer at VMware working on the upstream Kubernetes project. Nabarun contributes to various Special Interest Groups like API Machinery, Architecture, Contributor Experience, CLI, Release and Testing in the community and focuses on forward-looking features in... Read More →
avatar for Priyanka Saggu

Priyanka Saggu

Member of Technical Staff, VMware
Priyanka Saggu is a open source software engineer at VMware, with contributions to many parts of the upstream Kubernetes project through SIGs such as Release, Testing, ContribEx, and CLI. She is also the Enhancement Lead for the Kubernetes v1.25 release cycle and has been on the Release... Read More →
avatar for Kaslin Fields

Kaslin Fields

Developer Advocate, Google Cloud
Kaslin Fields is a Developer Advocate at Google Cloud, a Cloud Native Computing Foundation (CNCF) Ambassador, and a contributor to Open Source Kubernetes. As a Developer Advocate, she engages with Open Source communities both as a member, and as an advocate for their needs as users... Read More →
avatar for Madhav Jivrajani

Madhav Jivrajani

Member of Technical Staff, VMware


Thursday October 27, 2022 11:00am - 11:35am EDT
142 ABC

11:00am EDT

Multicluster Kubernetes Management Made Easy With Open Cluster Management - Joshua Packer, Red Hat
Now that many people are deploying Kubernetes in production, they all have the same question: how do you manage multiple Kubernetes clusters? In this session, we’ll chat about the new CNCF Sandbox project Open Cluster Management (https://open-cluster-management.io) and how it can help you simplify multicluster container orchestration. Open APIs are evolving within the project for cluster registration, work distribution, dynamic placement of policies and workloads, and much more. Attendees will learn how they can use Open Cluster Management to take control of their sprawling infrastructure.

Speakers
avatar for Joshua Packer

Joshua Packer

Distinguished Engineer, Red Hat
I am the lead architect of Red Hat Advanced Cluster Management, a Steering Committee member of Open Cluster Management (CNCF Sandbox project) and a Distinguished Engineer at Red Hat. For the past five years I focused on the Kubernetes experience. First through a GitOps lens, and then... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
Viewable In Platform
  Multi-tenancy

11:00am EDT

Cloudy With a Chance Of Chaos: Verifying the Resiliency Of Cloud-Native Applications - Bella Wiseman, Goldman Sachs
Interest in chaos engineering has exploded over the last few years, with more and more organizations looking to adopt the practice.  But as those same organizations shift to using managed services in the cloud, traditional chaos engineering techniques are often no longer viable. Powering down a machine is a simple, powerful, and versatile way to uniformly inject failure across all types of applications.  But today, when we build cloud native apps, we often choose to use managed services that provide a layer of abstraction on top of the underlying machines.  How can we inject realistic chaos when we have no access to the underlying machines?  How can we verify that the faults we are injecting actually match the way the managed services will fail in real life?  Is it even possible? Join Bella Wiseman, head of Chaos Engineering at Goldman Sachs, as she explores the next frontier of Chaos Engineering on the cloud.

Speakers
avatar for Bella Wiseman

Bella Wiseman

Head of Chaos Engineering, Goldman Sachs
Bella Wiseman grew up listening to her mother expound on garbage collection algorithms and Algol thunks over the dinner table. Bella now leads Chaos Engineering at Goldman Sachs, where she leverages chaos engineering to uplift resiliency across the company. As a mother of four, Bella... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
430 AB

11:00am EDT

One VTOrc To Rule Them All – High Availability In a Distributed Database System - Deepthi Sigireddi & Manan Gupta, PlanetScale
Vitess is a scalable, highly available distributed database system built around MySQL. It achieves scalability through sharding and durability through replication. High availability is accomplished through a Vitess feature known as cluster management. The next generation cluster management service in Vitess is called VTOrc. Users can specify their durability rules as a system configuration, which is respected while performing planned failovers. VTOrc also performs failure detection with automatic failovers while honoring the durability rules. VTOrc is already running successfully in production in multiple deployments including at PlanetScale, and it will be Generally Available in Vitess release 15 (October 25). The session will provide an introduction to VTOrc and an outline of the theory that underpins its implementation, followed by a demo of its capabilities showing multiple failover scenarios.

Speakers
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Engineering Lead, PlanetScale
Deepthi is a Software Engineer at PlanetScale, where she leads the open source engineering team for Vitess, a CNCF graduated project. She is also the Technical Lead for Vitess in the open source community. She brings over 20 years of experience building scalable systems to this role... Read More →
avatar for Manan Gupta

Manan Gupta

Software Engineer, PlanetScale
At PlanetScale I work on building scalable distributed database systems. Seeking faster, simpler solutions stimulates me. Working with a high energy team even remotely keeps me vibrant. Learning and executing codes in paired or independent format is a novel experience. I have recently... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
250 ABC

11:00am EDT

Kubernetes On the Edge With K3s For a Smart Metering Use Case - Harry Lee, Melio AI
Running Kubernetes in the cloud is a common use case. You can make use of all the features that hyperscalers have to offer: resiliency, scalability, load-balancing etc. But what if you only have a single machine sitting on-premise that lacks consistent internet access? Should you still use Kubernetes? Our client has embarked on a journey to build a smart energy metering solution for remote industrial plants. The solution aggregates data produced by IoT measurement devices to a central point on site before sending the data to the cloud. The challenge for us, of course, is the design of this central aggregation point on site. This talk describes how we analysed the requirements to decide on using Kubernetes (K3s) as a central aggregation point on site. We will go through the why of the design and how we have also incorporated other CNCF projects (Prometheus, Helm, Cert-manager and Longhorn) into the final solution.

Speakers
avatar for Harry Lee

Harry Lee

Co-founder & DevOps Evangelist, Melio AI
Harry bridges software and infrastructure with his experience as a DevOps engineer. He builds resilient software & infrastructure to support the continuous delivery of business value. He is a DevSecOps evangelist with a strong background in financial technology. He specialises in... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
140 ABC

11:00am EDT

It's Dangerous To SLSA Alone Out There! Take This Artifact Knowledge Graph! - Santiago Torres Arias, Purdue University & Michael Lieberman, Independent
By now, we’re getting bored of hearing the “am I affected by X vulnerability?” question. However, as supply chain attacks become more sophisticated, answering just this question is insufficient. Instead, we need to think about: “If TravisCI was compromised, which software is affected? With a bad actor in your supply chain, what's the blast radius?” There is a ton of information today in SBOMs, in-toto/SLSA attestations, etc. However, these documents observed individually provide limited information, but when put together and related, super-additively expand the knowledge base of our software supply chain. We built a supply chain knowledge graph tool to help better understand the relationships between artifacts and their metadata/identities. Through this high-fidelity graph, we not only answer the hard questions posed earlier, but also make new discoveries. For example, we found that most build-systems rely not only on obvious dependencies like gcc, but often overlooked projects like libpcre and sed.

Speakers
avatar for Michael Lieberman

Michael Lieberman

CTO, Kusari
Michael Lieberman is an engineer and architect focused on technology transformation especially with regards to cloud native architectures, technologies and migrations. His passion is in applying his expertise to use cases where privacy and security are paramount. Most recently he... Read More →
avatar for Santiago Torres-Arias

Santiago Torres-Arias

Assistant Professor, Purdue University
To put things simply: I care about how people can product software, securely, and I care about how people can consume software, securely.Talk to me about anything in-toto, Sigstore, TUF, and beyond. I do software supply chain security research, and I try to work with open source... Read More →


Thursday October 27, 2022 11:00am - 11:35am EDT
420AB
  Security + Identity + Policy

11:00am EDT

Virtual Project Office Hours: KubeVela
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for KubeVela Project Office Hours here: ​https://community.cncf.io/j/94377hbkr6uzz/​​​


>> Full list of Project Office Hours


Thursday October 27, 2022 11:00am - 11:45am EDT
Project Office Hours

11:00am EDT

Virtual Project Office Hours: Open Cluster Management (Workload distribution with Placement API)
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Open Cluster Management (Workload distribution with Placement API) Project Office Hours here: ​https://community.cncf.io/j/d6g2kefcmegjd/​​​


>> Full list of Project Office Hours


Thursday October 27, 2022 11:00am - 11:45am EDT
Project Office Hours

11:00am EDT

Tutorial: Becoming a Kubernetes Developer: Writing Your First Operator - Abby Bangser, Syntasso
Kubernetes is effectively a blank canvas which we as engineers need to compose into a shape and style that fits our needs. This nearly always starts with running software through deployments. While this can get us started, many of our high value use cases require more complex compositions. Operators provide engineers a way to extend the building blocks of Kubernetes to build higher level abstractions. These abstractions can codify complex setup requirements, standardise capabilities across an organisation, and more. An example of operators at work include the Prometheus operator. This helps teams get started with monitoring and alerting with packaging and providing sensible defaults across an array of associated tools including Prometheus (for metric gathering), Thanos (for metric retention), Alertmanager (for alerts), and Grafana (for graphing). In this workshop we will build a basic operator which will enable a hands on exploration into use cases and structures of operators in more depth.

Speakers
avatar for Abby Bangser

Abby Bangser

Principal Engineer, Syntasso
Abby is a Principal Engineer at Syntasso delivering Kratix, an open-source cloud-native framework for building internal platforms on Kubernetes. Her keen interest in supporting internal development comes from over a decade of experience in consulting and product delivery roles across platform, site reliability, and quality... Read More →


Thursday October 27, 2022 11:00am - 12:30pm EDT
330 AB
  101 Track

11:00am EDT

🚨 ContribFest - Prometheus
This Contribfest session is designed to provide projects with the space and resources to tackle outstanding technical debt, security issues, or outstanding impactful feature requests. They are intended to provide a place for maintainers to meet contributors and potential contributors and work together on solving a problem.

Speakers
avatar for Richard Hartmann

Richard Hartmann

Director of Community, Grafana Labs
Richard "RichiH" Hartmann is the Director of Community at Grafana Labs, Prometheus team member, OpenMetrics founder, OpenTelemetry member, CNCF Technical Advisory Group Observability chair, CNCF Technical Oversight Committee member, CNCF Governing Board member, and more. He also leads... Read More →


Thursday October 27, 2022 11:00am - 12:30pm EDT
410 B

11:55am EDT

Tips To Fight Impostor Syndrome - Aurélie Vache, OVHcloud
Who has not once said the phrase: - I sucks - I don't know anything - I feel like an impostor - I don't feel legitimate to do this or do that Some people are convinced that they do not deserve their success, despite the efforts they make to succeed. They often convince themselves that their success is not linked to their work, their personal accomplishment, but simply to luck or the work of others. In fact, they live permanently with a feeling of deception and constantly fear that someone will unmask them from one day to another. Despite my stuttering, I am a speaker, a mentor, a conference organizer and very invested in women in tech and tech communities. In this talk, we will see what the impostor syndrome is, how it is reflected on a daily basis and we will see that it is not inevitable, on the contrary, that there are tips and tricks for the fight, overcome and improve. And I will also tell you several anecdotes that happened to me, which were very hard and which made me who I am today.

Speakers
avatar for Aurélie Vache

Aurélie Vache

DevRel, OVHcloud
Aurélie Vache is a DevRel (Developer Advocate) at OVHcloud in Toulouse, France. She is GDE (Google Developer Expert) for Cloud technologies, Docker captain, CNCF ambassador & Kubernetes for Developers certified. She has been working as a Developer and Ops for over 16 years. Cloud... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
140 DEFG
  101 Track

11:55am EDT

Energizing the Manufacturing Industry With Kubernetes And Cloud Native - Marcel Wagner, Intel
We present the Cloud Native Digital Twin architecture of IndustryFusion Foundation (IFF). The goal of IFF is to develop an open-source platform to digitize factory processes and achieve carbon neutrality in metal processing. From the start, IFF chose Cloud Native and Kubernetes as the foundation of all workload management. The machine gateways, the factory servers, and cloud deployments all run on CNCF certified K8s clusters and are, therefore, independent of a specific Cloud or Edge Service Provider. The Digital Twin architecture is fully declarative, based on Semantic Web frameworks like RDF and JSON-LD. We developed a special K8s operator to monitor and deploy the factory processes as Apache Flink jobs, defined with Streaming SQL. We will also describe our experience running K8s and Cloud Native in a manufacturing environment, especially the challenges we overcame with the machine builders and factory owners to make them comfortable with the Cloud Native and K8s approach.

Speakers
MW

Marcel Wagner

Principal Engineer, Intel
Marcel is Principal Engineer in Intel's Network and Edge Group (NEX) and located in Munich, Germany. His work focus is on developer and software eco-system enabling. He is mainly evangelizing Cloud Native advantages with Small and Medium Enterprises, especially in the Industrial Discrete... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
Viewable In Platform
  Application + Development + Delivery

11:55am EDT

How We Revolutionized Developer Experience With 3.5 Platform Engineers - Jessica Andersson, Annotell
As a small team there is a lot of leverage to be gained from using cloud native projects, but the task might seem daunting and something that you need to have a very large organisation to have any use of. This couldn’t be further from the truth! Join this case study and learn how Jessica and her team of three and a half Platform Engineers revolutionized the developer experience for 30 developers at Annotell with the help of cloud native projects.

Speakers
avatar for Jessica Andersson

Jessica Andersson

Product Area Lead Engineering Enablement, Annotell
Jessica is Product Area Lead for Engineering Enablement at Annotell, providing products and services for internal development teams. Jessica is also a CNCF Ambassador and engaged in the Nordic and local Meetup communities, as an attendee, speaker and organizer.


Thursday October 27, 2022 11:55am - 12:30pm EDT
251 ABC
  Business Value

11:55am EDT

Inclusive, Accessible Tech: Bias-Free Language In Code And Configurations - Anne Gentle, Cisco
Heard of suss? You can suss out more information or you can find someone's information to be suss. "Suss" shows the flexibility of language. It’s an ongoing process to change how we use certain words. It's important to choose words carefully to convey the correct meaning and avoid harmful subtext or exclusion. Let's explore some of the tools and triage methods that it takes from an engineering viewpoint to make bias-free choices. How can you ensure that biased words do not sneak into code, UI, docs, configurations, or our everyday language? First, let's walk through how to take an inventory of assets from code to config files to API specifications to standards. Next, by placing those findings into categories, prioritize the work to substitute with inclusive alternatives. Let's examine some examples using both API and code assets. Next is a demonstration of how to automate analyzing your source code or documentation with a linter, looking for patterns based on rules that are fed into the tool. What's in the future for these efforts? Inclusive language should expand beyond English and North American-centered efforts. To do so, let's organize the work with automation tooling, as engineers do.

Speakers
avatar for Anne Gentle

Anne Gentle

Developer Experience Manager, Cisco
Anne Gentle is an industry-recognized author whose books promote collaboration among developers and writers. She works as a developer experience manager at Cisco for the developer relations program. With her team of experts, she supports developer tools for API design, developer documentation... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
Ambassador Ballroom (Room 360)
  Community

11:55am EDT

Towards Something Better Than CRDs In a Post-Operator World - Stefan Schimanski, Red Hat
CustomResourceDefinitions are driving the extension ecosystem around Kubernetes. This talk is about the search for the next step, a successor for CRDs in a post-operator world where service providers use CRDs as first-class API for the services they are building and offering to tenants. CRDs as we know them are installed in customer clusters, usually together with operators or controllers. With that they are under control of the users: - users can tweak the CRDs. - users are the ones updating and controlling the operators with all the complexity and pitfalls updating operators and APIs can have. This situation is not a good fit for today's problems, and it's mostly an artifact of how CRDs and their life-cycle were conceived years ago as a tool to add in-cluster concepts. This talk is about lifting CRDs up to be a first-class verhicle for APIs provided and consumed by different parties, without the operator-glue, in different clusters, standardized, securely and federated.

Speakers
avatar for Stefan Schimanski

Stefan Schimanski

Senior Principal Engineer, Red Hat
Stefan is a Senior Principal Software Developer at Red Hat working on Kubernetes and kcp, with a focus on API machinery, extension points and developer tools as part of Sig API Machinery. He contributed a major part of the CRD feature set. Stefan is a 2nd time GoogleSummer of Code... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

11:55am EDT

Contributing To the Kubernetes Website: A Guide For Everyone - Divya Mohan & Rey Lejano, SUSE; Tim Bannister, The Scale Factory; Natali Vlatko, Wayfair; Arsh Sharma, Okteto
Are you curious about how a large project like Kubernetes maintains its documentation? Whether it be guides, reference documentation, or the official blog, SIG Docs is responsible for maintaining all the content you see on the Kubernetes website. Yes, even the localized versions! This session gives you a behind-the-scenes glimpse of how we do it with a quick tour through the tech stack, the people powering it, and some of the things we’ve worked on in the past. We will then dive deep into some of the ongoing efforts of the SIG as well as some targeted initiatives with a particular focus on how you (yes, YOU!) can get involved. This talk is for total newcomers, experienced Kubernetes contributors who want to document their new features, web developers, localization team members, people who would like to help a localization team, and anyone else interested in improving the main Kubernetes website.

Speakers
avatar for Tim Bannister

Tim Bannister

Consultant, The Scale Factory
Technical lead for Kubernetes SIG Docs;cloud consultant for The Scale Factory
avatar for Rey Lejano

Rey Lejano

Field Engineer, SUSE
Rey Lejano is a Field Engineer at SUSE by way of Rancher Labs. At SUSE & Rancher Labs, Rey has helped many organizations on their cloud native journeys. Rey is a contributor to the Kubernetes project as the Kubernetes v1.23 Release Lead, v1.25 Emeritus Adviser, Kubernetes SIG Docs... Read More →
avatar for Divya Mohan

Divya Mohan

Technical Writer, SUSE
A systems nerd and a CNCF ambassador, Divya currently is a technical writer at SUSE. She is extremely passionate about contributing to Open Source & co-chairs the documentation efforts for the Kubernetes and LitmusChaos projects. She has served on a few Release cycles for Kubernetes... Read More →
avatar for Natali Vlatko

Natali Vlatko

Global Lead, Open Source Program Office, Wayfair
Natali Vlatko (she/her) leads the Open Source Program Office (OSPO) at Wayfair, specializing in open software, communities, and governance. She is the SIG Docs Co-Chair for Kubernetes and plays on the fun computer in her spare time. Her academic background is in Egyptology and Archaeology... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
142 ABC

11:55am EDT

Edge-Native Application Principles: Taking Your App Beyond the Cloud - Kate Goldenring, Fermyon; Amar Kapadia, Aarna Networks
Over the past few years, edge computing has been thoroughly discussed, with different technology fields having varying views on what defines edge computing. But in the end, despite the varied use cases of telco, retail, industrial, etc., it's clear that edge is seen as an extension to the cloud and that everyone is interested in bringing their cloud-native infrastructure and applications to the edge. In this session we will focus on this migration. Can we identify common characteristics of edge native applications? How do we tackle some of the common issues like hardware diversity, resource constraints, network availability and more? Basic cloud-native principles are well known and represent a valuable resource for developers. They serve as a check-list for developers, instructing what to keep in mind in order to successfully develop and operate their cloud applications, such as considerations for scalability, observability, ease of deployment on the edge. In the same way we see edge computing as a superset of cloud computing, we can consider edge-native principles a superset of cloud-native principles. So instead of starting from zero, let's focus on additional considerations of the edge. Let's see what additional principles we need to consider for edge-native applications in order to enable successful projects. The CNCF IoT Edge working group has started working on a white paper that aims to define these principles. In this session we will present our progress so far and give a call to action to join the effort.

Speakers
avatar for Amar Kapadia

Amar Kapadia

Software Engineer, Aarna Networks
Amar Kapadia is the CEO and Co-Founder of Aarna Networks, a SaaS solutions provider that leverages open source, cloud native, and DevOps methodologies to provide zero-touch edge and 5G service orchestration and management services. Prior to Aarna, he was the NFV product marketing... Read More →
avatar for Kate Goldenring

Kate Goldenring

Senior Software Engineer, Fermyon Technologies, Inc.
Kate Goldenring is a Software Engineer at Fermyon, specializing in WebAssembly, IoT, and Kubernetes projects. She is an open source developer, contributing to WebAssembly projects (Spin, Krustlet) and maintaining Akri, an open source project that exposes IoT devices to Kubernetes... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
320

11:55am EDT

Longhorn: Intro, Deep Dive And Q+A - David Ko & Joshua Moody, SUSE
Longhorn is a cloud-native distributed block storage solution for Kubernetes, providing an opinionated solution to cover different storage topology, data protection, and data services like snapshots, replication, encryption, backup restore, disaster recovery, etc. In this talk, there will be several parts to have an introduction of Longhorn and have deep-dive discussions to talk about the technical details, the recent release, and future plans. Longhorn was accepted as an incubating project by the Cloud Native Computing Foundation in November 2021.

Speakers
avatar for David Ko

David Ko

Senior Engineering Manager, SUSE
avatar for Joshua Moody

Joshua Moody

Staff Software Engineer, SUSE


Thursday October 27, 2022 11:55am - 12:30pm EDT
321

11:55am EDT

Multi-Tenancy For Argo Workflows And Argo CD At Adobe - Srinivas Malladi, Adobe
Argo Workflows and Argo CD are powerful tools, but unifying them under a multi-tenant experience is necessary to run at scale across multiple teams in any large organization. Argo Workflows and Argo CD use different approaches to RBAC and both have different security considerations and available security features. We at Ethos, the Adobe Cloud Platform, have designed an architecture to create a secure multi-tenant CI/CD experience for our developer teams. Join our talk to learn how we achieved multi-tenancy through the isolation of each component of our developer CI/CD workflows, such as building, scanning, pushing, workflow artifacts, workflow secrets, as well as the restriction of application deployment with Argo CD AppProjects and RBAC.

Speakers
avatar for Srinivas Malladi

Srinivas Malladi

Software Engineer - Infrastructure, Adobe
Srinivas Malladi is a software engineer at Adobe working on Ethos, the Adobe Cloud Platform team, where he primarily works on CI/CD infrastructure and the cloud platform that powers Adobe's internal development teams. His interests include containerization, CI/CD automation and building... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
140 ABC
  Multi-tenancy

11:55am EDT

Remote Control Planes With Konnectivity; What, Why And How? - Jussi Nummelin, Mirantis & Rastislav Szabo, Kubermatic
It’s a pretty common pattern to run the Kubernetes control plane on a dedicated node or a set of nodes co-located with the worker nodes. But what if we want to run the control plane as truly separated from the workers? Can the control plane be located in a completely different datacenter than the worker nodes even with some network-level disconnection separating the control and worker planes? We’ll start the talk by looking at why to build clusters with a remote control plane, and use cases for such setups. The second part of the talk will introduce the technical concepts that can be used to make it happen. We will look at how the api-server can be set up to use an egress selector proxy for different use cases. Next, we’ll look at a practical example of how it can be used with the Konnectivity API server network proxy. Lastly, we will showcase how all of this works together in open-source Kubernetes platforms like k0s and Kubermatic.

Speakers
avatar for Rastislav Szabo

Rastislav Szabo

Senior Software Engineer, Kubermatic
Rastislav is an enthusiastic and motivated infrastructure software engineer with more than 15 years of software development and 5 years of cloud-native experience. He is working as a software engineer at Kubermatic focusing mainly on the networking part of the Kubermatic Kubernetes... Read More →
avatar for Jussi Nummelin

Jussi Nummelin

Senior Principal Engineer, Mirantis
Jussi has been working with and building cloud-native technologies for the past 9+ years, even before they were actually called “cloud native”. He’s excited to build technologies and tools to help bring cloud-native to the masses. Jussi is currently working at Mirantis OSS “division... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
252 AB
  Networking

11:55am EDT

What's Going ARM: Adopting ARM64 At Airbnb - Melanie Cebula, Airbnb
What’s going ARM? With all the recent developments in the architecture space, you may be wondering how these changes apply to your infrastructure. At Airbnb, we’re going through a multi-year journey to evaluate and adopt support for ARM64 and “multi-arch” support-- from our local laptop developer environments, to CI infrastructure, all the way through to production workloads. In this talk, we will go over: - An overview and evaluation of the current state of ARM - The pitfalls and challenges we faced - How we designed multi-arch support - And more!

Speakers
MC

Melanie Cebula

Staff Software Engineer, Airbnb
Melanie Cebula is an expert in Cloud Infrastructure, where she is recognized worldwide for explaining radically new ways of thinking about cloud efficiency and usability. She is an international keynote speaker, presenting complex technical topics to a broad range of audiences, both... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
430 AB
  Open Interfaces + Interoperability

11:55am EDT

Surviving From Endless Issues Coming From 7K+ Kubernetes Clusters - Wanhae Lee & Seok-yong Hong, Kakao Corp
Kakao is the 'mobile life platform' company dedicated to renewing daily lives and the leading player in the mobile messenger market in South Korea. As a member of the private Kubernetes as a Service team at Kakao Corp, we have seen an impressive expansion of the service which was 2K clusters with 20K nodes last year to be a 7K+ clusters with 100K+ nodes. With an unprecedented growing number of the clusters in our service, we have faced several problems never met before. One of them is an ever-growing number of on-call issues that are barely manageable with a DevOps team consisting of a small group of developers. In this session, we are going to reveal the secret of how the small team could successfully survive from endless issues generated from 7K+ Kubernetes clusters. We will also illustrate what tools we have made and why we opensource some of them.

Speakers
avatar for Seok-yong Hong

Seok-yong Hong

Software Development Engineer, Kakao Corp
Seok-yong is a leader of Cloud Native Cell at Kakao corp.He developed an OpenStack-based cloud platform, and based on his experience, he released the OpenStack Horizon AWS plug-in for hybrid clouds as an open source in the 2017 OpenStack Korea community.With the advent of container... Read More →
avatar for Wanhae Lee

Wanhae Lee

Software Development Engineer, Kakao Corp
Wanhae is a member of CloudPlatform team at Kakao Corporation in South Korea. He is developing and maintaining private Kubernetes as a Service working on private IaaS in the company. He did quite a sort of things for that system, which included designing and developing an API server... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
250 ABC
  Reliability + Operational Continuity

11:55am EDT

Path To Production: Sustainable Compliance In Strict Environments - Chip Zoller, Nirmata & Brandt Keller, Defense Unicorns
Getting an environment approved for production can be a painful process, case in point government and Department of Defense (DoD) which require the strictest of controls be met, however this is true for other highly-regulated industries. Engineering and security teams must validate that the security controls are satisfied while continuing to audit, except these are often siloed teams. Reviewing these standards is still an archaic and painful process of managing a spreadsheet or checking text boxes. In this talk, we will share how the Department of Defense is solving this by ensuring compliance through policy in order to capitalize on the promise of DevSecOps. Using Big Bang, a tool for providing secure-by-default environments with pre-integrated tools, and Iron Bank, a DoD repository of signed and hardened application images, along with Kyverno, a Kubernetes-native policy engine, teams are able to get compliant faster and reach mission-ready status sooner.

Speakers
avatar for Chip Zoller

Chip Zoller

Technical Product Manager, Nirmata
Chip Zoller is a technologist, maintainer, and contributor to the Kyverno project where his primary focus is on process, enablement, documentation, automation, policy design and authoring, and community. Chip's background is as an architect, engineer, and cloud native consultant having... Read More →
avatar for Brandt Keller

Brandt Keller

Software Engineer, Defense Unicorns
Brandt is a Software Engineer with a passion for Kubernetes/Open Source. His work has ranged from full-stack web development of micro-services at scale, to building and architecting Enterprise DevSecOps platforms for Fortune 100 companies. He considers himself a lifetime learner... Read More →


Thursday October 27, 2022 11:55am - 12:30pm EDT
420AB
  Security + Identity + Policy

12:00pm EDT

Virtual Project Office Hours: Service Mesh Performance
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for Service Mesh Performance Project Office Hours here: ​https://community.cncf.io/j/ge5ft6dxm3ac5/​​​


>> Full list of Project Office Hours


Thursday October 27, 2022 12:00pm - 12:45pm EDT
Project Office Hours

12:30pm EDT

Wellness Session - Flow for Irritability

Whether it’s a disruptive email or text or the traffic on your way to work, we all have irritable days. This sequence will stimulate blood circulation through twists and hip openers.

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Thursday October 27, 2022 12:30pm - 1:00pm EDT
412 B

12:30pm EDT

Lunch 🍲
Thursday October 27, 2022 12:30pm - 2:30pm EDT
TBA

1:10pm EDT

Wellness Session - Guided Meditation for Emotional Exhaustion

Did you know? The leading cause of burnout is emotional exhaustion. This meditation will make you feel less stuck.

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Thursday October 27, 2022 1:10pm - 1:40pm EDT
412 B

1:50pm EDT

Wellness Session - Chair Yoga

Chair yoga is a gentle form of yoga that can be done sitting on a chair or standing on the ground while using the chair for support.  Benefits of chair yoga include
  • improved flexibility
  • better concentration
  • increased strength
  • boost your mood
  • reduced stress and joint strain

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Thursday October 27, 2022 1:50pm - 2:20pm EDT
412 B

2:30pm EDT

How CNET (And Friends) Use the CNCF Landscape To Run High Traffic, Dynamic, Scaleable, And Cost-Effective Websites. - Corey McGalliard, Red Ventures
CNET is no stranger to the world of containers; having been an early adopter of Docker Swarm, we've been using containers for many years! Recently, we migrated our workloads to Kubernetes, and the CNCF ecosystem has been a core component of our tech stack. As we started our application modernization initiative, we quickly realized by utilizing tools like Prometheus, Cert-Manager, External DNS, Traefik Ingress controller, Open Policy Agent, and others, we could give our developers a robust environment. The Kubernetes-based platform is not only for Production but Development Environments as well. The consistency between environments has kept our error rates down and websites up! Let's look at the flexibility the open software platform has given our developers! Let's take a journey from the perspective of a requested change on the front door of the website! First, a Product Manager makes the request, then we can see how a developer makes the change to the codebase and how quickly we can give the product manager a sandboxed environment to validate the requested change. the whole process takes only a few minutes. All of this is possible using open technology and our cloud provider. Let us show you how these tools work together to accomplish this flexibility and scale!

Speakers
avatar for Corey McGalliard

Corey McGalliard

Engineering Manager, Red Ventures
Corey McGalliard is an Engineering Manager for Red Ventures and works on one of the Engineering teams that manage websites like CNET, TVGuide, GameSpot, GiantBomb, Metacritic, and more. Corey has been working in the computing industry since the early 2000s and took his first professional... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
140 DEFG
  101 Track

2:30pm EDT

Edge-Native: The New Paradigm For Operating And Developing Edge Apps - Frank Brockners, Cisco
“Cloud native?” Check! Apply the same principles at the Edge? Hmmm! How do I operate Apps across 1000s of locations, which are often hidden behind layers of NAT? How do I run AI apps on nodes that are too small to fit the AI model? How to make it operationally simple? Lets discuss and demo! We’re all familiar with “cloud native” -but once we start to operate applications at the edge, we have to adopt a new set of principles and evolve our cloud-native paradigms. We deploy Apps at the edge to achieve lower latency or higher performance, to comply with data sovereignty regulations, to reduce transit cost or to perform near real-time decision making on local data sources. Developing and operating Edge apps requires us to answer questions like: How do I operate Apps across 1000s of locations, which are often hidden behind layers of NAT and have spotty cloud connectivity? How do I run computation heavy tasks, like AI apps, on a set of nodes where each node does not have sufficient CPU and memory to run the entire model? How do I deal with a heterogeneous environment, with x86 and ARM-based devices? Which additional tools do I need to assure compliance to data-privacy rules, run AI models that just don’t fit a single compute element, or perform federated learning in an efficient way?

Speakers
avatar for Frank Brockners

Frank Brockners

Distinguished Engineer, Cisco
Frank is Distinguished Engineer in Cisco’s Emerging Technologies and Incubation group, driving software and architecture development for Edge platforms, solutions, associated services and applications. He is involved in several open source projects and is a Linux Foundation Networking... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
430 AB

2:30pm EDT

FinKube – Making the Business Case For Kubernetes At Your Company - Somik Behera, CloudNatix
This session is for DevOps leads and managers that are driving Kubernetes (K8s) adoption within their company and want to level up their influence and skill set in making the financial business case for adoption of K8s and associated CNCF ecosystem components. As Kubernetes crosses the “chasm” in the technology adoption lifecycle, K8s champions now have the opportunity to further drive K8s adoption and transformation of their enterprise. This new phase will require “T-shirts” (Dev & Ops teams) to speak the language of the “Suits” (Finance and execs), figuratively and literally. This session will provide you the toolkit to make that business case, capture results and demonstrate value from K8s roll-out and expansion across 4 dimensions: - Capacity & Cost Optimization - quantify the bottom line benefits - DevOps Productivity - quantify the benefits in % of FTE savings - Developer Velocity - quantify the reduction in time to value - Business agility - finally, quantify the business impact of new K8s based services on top line We will open-source and provide the Excel, Google Sheet, Google Slides and Powerpoint templates used in this talk to help the community create a compelling business case proposal with solid ROI.

Speakers
SB

Somik Behera

Founding Member, Head of Products, CloudNatix
Somik Behera is a Founding Member and Head of Products at CloudNatix, where he is working to simplify and optimize planet scale cluster operations for enterprises making the journey to multi cloud native apps. Previously, he held multiple product leadership roles at D2iQ (formerly... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
251 ABC
  Business Value

2:30pm EDT

A New Way To Roll: Supply Chain Choreography For Enterprise Grade Kubernetes - Kirti Apte & Steve Watkins, VMware
Kubernetes has become a popular choice for container orchestration as enterprises embark on their cloud-native application journey. We have observed that while enterprises quickly adopt Kubernetes by building and deploying microservices-based applications, full software development lifecycle (SDLC) considerations such as continuous integration and deployment (CI/CD) are often an afterthought. What does it take to incorporate DevSecOps practices into your CI/CD pipelines to deliver enterprise-grade cloud-native applications that adhere to best practices, and ensure a frictionless handoff between developers, operations and security? How do you make sure that your development, test, and production environments are consistent to deliver high-quality, secure, and reliable code at the velocity demanded by your business? In this talk, we will present all aspects of defining, building, and managing a secure software supply chain within your organization to deploy cloud-native applications into Kubernetes using a set of open standard based Tanzu Application Platform and DevSecOps best practices. We will also cover how supply chain choreography helps you define a delivery system with infrastructure as code while keeping it tools and programming language agnostic.

Speakers
avatar for Kirti Apte

Kirti Apte

Staff Solution Engineer, VMWare
Kirti is Staff Solution Engineer at VMware. In her current role, she brings her expertise in architecture, design, and leadership to create consumable hybrid cloud solutions for clients. she works directly with the enterprise customers to architect and deploy VMware Cloud solutions... Read More →
avatar for Steve Watkins

Steve Watkins

Advisory Solution Architect, VMWare
Came to Silicon Valley in 1999 to work with a couple of startups, and eventually landed at Cisco as a Technical Solution Architect in the Cloud Solutions group. From there, the allure of cloud-native applications led to tenures at Pivotal Software and eventually VMware as part of... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
Ambassador Ballroom (Room 360)
  CI/CD

2:30pm EDT

Good Fences Make Good Neighbors: Making Cross-Namespace References More Secure With ReferenceGrant - Nick Young, Isovalent
The Kubernetes security model is reliant on namespacing for enclosing trust boundaries. But what happens when resources need to cross those boundaries? How can we be confident that both parties in cross-namespace communications agree to the relationship between objects? In the Kubernetes Gateway API, we've found that this is a little tricky. The answer is that both parties have to agree. The owner of the resources in the target namespace has to agree to someone else accessing their stuff, and the resource that refers to that stuff has to explicitly ask. Learn about the solution the Gateway API has put in place, the ReferenceGrant resource, and how it can be used to ensure that a cross-namespace reference is agreed to by both parties. We've also used variants of the same approach in other parts of the Gateway API, and this talk will explain those as well. You will come away with knowledge of the ReferenceGrant resource, the history behind it, and how it fits into the Gateway API.

Speakers
avatar for Nick Young

Nick Young

Senior Systems Engineer, Isovalent
Nick has been working to prevent the entropic downfall of systems for 20 years, across Windows and Linux, datacenters and clouds, networking, storage and compute. Currently he's a Senior Systems Engineer at Isovalent, a maintainer on Envoy Gateway, and a maintainer on the SIG-Network... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
Portside Ballroom (Room 260)
  Customizing + Extending Kubernetes

2:30pm EDT

BoF: Intro to Open Source Licenses and Q&A - Jeff Shapiro, The Linux Foundation
All open source projects contain one, and possibly many open source licenses.  Whether you are consuming, contributing, or using a project downstream with your own code, you need to understand how those licenses will impact your project and your company.  We will start with an overview of basic license information, and then open up the floor to discussion and Q&A for more advanced license topics, as well as your specific project use cases.  This BoF session is suitable for anyone who wants to know more about open source licenses, from beginner to advanced topics.  The presenter is the License Scanning Manager for The Linux Foundation, and has 30 years experience in the software industry, including 10 years in software auditing, open source license scanning, and training developers in OSS license compliance.

Speakers
avatar for Jeff Shapiro

Jeff Shapiro

License Scanning Manger, Linux Foundation
Jeff Shapiro is the license scanning manager for The Linux Foundation. He has 30 years of experience in the software industry, including 10 years in software auditing, open source license scanning, and training developers in OSS license compliance. He is passionate about promoting... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
252 AB

2:30pm EDT

Cloud Native Storage: The CNCF Storage TAG, Projects, Technology & Landscape - Alex Chircop, Ondat; Xing Yang, VMware; Raffaele Spazzoli, RedHat
This talk will introduce the CNCF Storage TAG and discuss how the TAG operates, how we work with CNCF Storage projects, and the work we have done to build guidance and write whitepapers for the ecosystem. During this session we will cover an overview of storage projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Storage Whitepaper, Performance and Benchmarking whitepaper and the Cloud Native Disaster Recovery whitepaper. Join us to find out how to contribute and participate in the CNCF storage community and discover practical guidance on how to use cloud native storage in your environments.

Speakers
RS

Raffaele Spazzoli

Senior Principal Architect, RedHat
XY

Xing Yang

Staff Engineer, VMware
Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect of OpenSDS... Read More →
AC

Alex Chircop

Founder & CEO, Ondat


Thursday October 27, 2022 2:30pm - 3:05pm EDT
320

2:30pm EDT

Connect All the Things! Using NATS To Simplify Communication Everywhere - Jeremy Saenz & Todd Beets & Tomasz Pietrek, Synadia
NATS is an open source, high performance messaging system and connective fabric. It aims to simultaneously simplify the number of technologies you use for your services to communicate, while also empowering you to build systems that are globally available, multi-cloud, multi-geo, and highly adaptive to change and scale. In this session you'll receive a brief introduction to NATS, then dive in to some of the many features of NATS like communication patterns, streaming/persistence, key/value and more. This session is highly interactive so come ready to participate and have fun!

Speakers
JS

Jeremy Saenz

Senior Software Engineer, Synadia
avatar for Todd Beets

Todd Beets

Director, Product Solutions, Synadia
Todd is an enthusiast of the tech and art of connecting and amplifying composite applications.  With over 20 years of experience, he has designed service integration, hosting, and access solutions across a wide-spectrum of use-cases and scale.  Prior to Synadia, Todd served as principal... Read More →
TP

Tomasz Pietrek

Software Engineer, Synadia


Thursday October 27, 2022 2:30pm - 3:05pm EDT
321

2:30pm EDT

Kubernetes Infra SIG: Intro And Updates - Davanum Srinivas & Arnaud Meukam, VMware; Benjamin Elder, Google
In this session the SIG k8s Infra leads/TLs will provide an introduction to the SIG and an overview of how to contribute. They will share the work done over the past year and an introduction to the infrastructure used by the community. The session will conclude with Q&A.

Speakers
avatar for Arnaud MEUKAM

Arnaud MEUKAM

Open Source Engineer, Independent
Arnaud is a Open Source Engineer and he is a core Kubernetes contributor. He is been involved in the project for over 4 years now, is the SIG Chair for the Kubernetes Infrastructure Group and Release manager.
avatar for Davanum Srinivas

Davanum Srinivas

Senior Staff Engineer, VMware
BE

Benjamin Elder

Senior Software Engineer, Google


Thursday October 27, 2022 2:30pm - 3:05pm EDT
142 ABC

2:30pm EDT

Multi-Tenancy: Tips, Tricks, Tools And Tests - Tasha Drew, VMware; Jim Bugwadia, Nirmata; Ryan Bezdicek, Twilio; Fei Guo, Alibaba
Join the maintainers and leaders of the upstream Kubernetes working group for Multi-Tenancy for an overview of the tools, documentation, tests, and capabilities you can achieve to share Kubernetes clusters between teams and users. We'll also save time for audience questions, so bring your multi-tenancy hopes, dreams and woes!

Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Co-founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy management company. Previously, Jim has held various leadership and engineering roles at companies such as Cisco, Pano Logic, Trapeze Networks, Bell Labs/Lucent, and Motorola. Jim is an active contributor in... Read More →
avatar for Tasha Drew

Tasha Drew

Senior Director, xLabs, VMware
Tasha Drew leads product strategy for product incubation and innovation at VMware as part of the Office of the CTO. She also launched Tanzu Kubernetes Grid for vSphere and was part of the team that launched Project Pacific on vSphere. She is the co-chair for the Kubernetes Multi-tenancy... Read More →
avatar for Ryan Bezdicek

Ryan Bezdicek

Principle Software Engineer, Twilio
Ryan Bezdicek is using Kubernetes to build the next generation of supercomputer at Cray Inc. He’s active in several Kubernetes working groups including multi-tenancy and conformance. A tester and DevOps consultant by background, Ryan has experienced first hand the benefits of adding... Read More →
FG

Fei Guo

Software Engineer, Microsoft
Fei Guo has been worked on various projects in the areas of workload automation, multitenancy, scheduling and edge computing in Kubernetes.


Thursday October 27, 2022 2:30pm - 3:05pm EDT
Viewable In Platform

2:30pm EDT

Overview And State Of Linkerd - Alex Leong, Buoyant
In this talk, maintainers from the Linkerd project will present an overview of the project and an update on upcoming releases. They’ll cover what Linkerd is and how it compares to other service meshes; what the latest features and functionality are; what to expect in upcoming releases; and how you can get involved in one of the CNCF’s most talked-about projects. This talk will cover Linkerd's recent adoption of the Gateway API and the many new features that move unlocks.

Speakers
avatar for Alex Leong

Alex Leong

Software Engineer, Buoyant
Alex is a software engineer at Buoyant and a core contributor to Linkerd, the open source service mesh for cloud native applications. Prior to Buoyant, she worked at Twitter on core API infrastructure. She enjoys board games, type safety, and Tim Hortons.


Thursday October 27, 2022 2:30pm - 3:05pm EDT
410 A

2:30pm EDT

Five Ways With a CNI: Understanding Kubernetes Networking For Performance-Intensive Workloads - Stig Telfer, StackHPC Ltd & Erez Cohen, Nvidia
Network abstractions are a cornerstone of Kubernetes, interconnecting containers, pods and services, both across the cluster and beyond. Historically this rich functionality often came at the expense of performance. However, recent innovations and new implementations of the Kubernetes Container Network Interface (CNI) have transformed the Kubernetes networking landscape. Some classes of scientific computing workloads are highly network-intensive: sensitive to network performance to a degree that renders them unsuitable for execution in a Kubernetes context. In machine learning, the most demanding distributed training applications are also becoming increasingly network-intensive. The CNIs now available offer different architectures and technologies. Many claim performance advantages over their predecessors. How can we distinguish between them? In this talk we describe the leading CNIs, and use real-world benchmarks to compare and analyze performance for demanding workloads.

Speakers
avatar for Stig Telfer

Stig Telfer

CTO, StackHPC Ltd
Stig has a background in R&D working for various prominent technology companies, particularly in HPC and software-defined networking. Stig is now CTO for StackHPC, a consultancy specialising in the convergence of cloud, HPC and big data. Stig is also co-chair of the OpenStack Scientific... Read More →
EC

Erez Cohen

VP, nvidia
Erez Cohen acts as NVIDIA Mellanox Vice President for Cloud Programs, responsible for all aspects of the programs including strategy, architecture, and implementation. The Cloud programs span across multiple cloud solutions including OpenStack, Kubernetes, Microsoft and VMware and... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
Viewable In Platform
  Networking

2:30pm EDT

Thriving With Kubernetes On-Call: Best Practices & Lessons Learned - Sunil Shah & Ramya Krishnan, Airbnb; Ashley Cutalo, Lyft; Madhu C.S., Robinhood; Fabio Kung, Netflix
Kubernetes clusters are critical infrastructure at large, public companies, with large amounts of traffic, complex dependencies on 3rd party services, and constant change as developers release features and traffic scales up and down. In this panel discussion, engineers from Airbnb, Lyft, Netflix and Robinhood share their challenges, experiences and learnings when it comes to managing a sustainable on-call rotation that meets the needs of their internal users whilst maintaining a high uptime to serve business critical workloads. Topics covered will include: +Keeping on-call engineers happy + Balancing rapid response with alert fatigue + Strategies to proactively deal with production issues + Preparing engineers for on-call

Speakers
avatar for Sunil Shah

Sunil Shah

Engineering Manager, Airbnb
Sunil Shah is an Engineering Manager at Airbnb. His team builds and maintains the Kubernetes-based platform that powers Airbnb.com. Prior to Airbnb, Sunil managed compute for Yelp, helped commercialise Apache Mesos at Mesosphere, studied robotics at UC Berkeley, and build ingestion... Read More →
avatar for Ramya Krishnan

Ramya Krishnan

Staff Site Reliability Engineer, Airbnb
Ramya Krishnan is Staff Site Reliability Engineer at Airbnb. She has 15 years of experience working on Unix based systems, integrating services and improving reliability by undertaking large migrations. Last four years, she has been helping Airbnb with kubernetes adoption, scheduling... Read More →
avatar for Ashley Cutalo

Ashley Cutalo

Staff Software Engineer, Lyft
Ashley Cutalo (formerly Kasim) is the Tech Lead of the Application Runtime organization at Lyft and spends her time working on all things infrastructure related. She led Lyft recently through the transition from legacy infrastructure to running 100% on Kubernetes and is now focused... Read More →
avatar for Madhu C.S.

Madhu C.S.

Software Engineer, Robinhood Markets
Madhu is the Tech Lead for the Software Platform - Container Orchestration team at Robinhood which is responsible for developing and operating the Kubernetes-based compute infrastructure for all of Robinhood. Prior to Robinhood, Madhu worked at Google for 8 years where he developed... Read More →
avatar for Fabio Kung

Fabio Kung

Staff Software Engineer, Netflix
Fabio Kung is a Staff Software Engineer in the Compute team at Netflix (previously at Heroku), with 13+ years of experience on backend distributed systems and compute infrastructure. Fabio has built and led systems in all infrastructure layers of Cloud Computing, from hardware to... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
Viewable In Platform
  Reliability + Operational Continuity

2:30pm EDT

Sustainability Research the Cloud Native Way - Chen Wang, IBM & Huamin Chen, Red Hat
Do you want to help combat climate change? Are you interested in sustainability research? Then join our open systems for Cloud-native sustainability infrastructure. We present the research opportunities of using Cloud-native patterns, observing, optimizing, and executing, to improve Cloud efficiency in sustainable architecture. Core to this architecture is Project Kepler (Kubernetes-based Efficient Power Level Exporter) and its integration with Kubernetes ecosystems. By leveraging eBPF programs and other system libraries, Kepler probes the full spectrum of energy, performance, and resource measurements to enable energy-relevant observability and further empower advanced sustainable management on clusters. Kepler is an open system for exciting research topics like energy-efficient workload scheduling, energy-aware autoscaling, and frequency tuning. In this session, a sample Kepler integration is case-studied to help researchers build their advanced vertical autoscaler to improve the energy performance objectives of the Kubernetes applications.

Speakers
avatar for Huamin Chen

Huamin Chen

Sr Principal Software Engineer, Red Hat
Dr. Huamin Chen is a passionate developer at Red Hat' CTO office. He is one of the founding member of Kubernetes SIG Storage, member of Ceph, Knative, and Rook. He previously spoke at KubeCon, OpenStack Summits, ContainerCon and other technical conferences.
avatar for Chen Wang

Chen Wang

Research Staff Member, IBM
Chen Wang is a Research Staff Member at the IBM T.J. Watson Research Center. Her interests lie in Kubernetes, Container Cloud Resource Management, Cloud Native AI systems, and applying AI in Cloud system management. She is an open-source advocate, a Kubernetes contributor, and a KubeCon... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
140 ABC
  Research + Academia

2:30pm EDT

Migrating From PodSecurityPolicy - Tim Allclair & Sam Stoelinga, Google
Pod Security Policy (PSP) has been completely removed in Kubernetes v1.25, making it essential for users to migrate their clusters before upgrading to v1.25. The good news is that the Pod Security admission controller, designed as a simpler successor to PSP, just graduated to stable. The bad news is that the migration is not always straightforward. In this talk, you will see the quick-and-dirty migration path, and then dive deep into the nuances and challenges of migrating off PSP. We will also explore a couple of alternatives to the Pod Security admission controller, and when and why you might choose those alternatives instead. The goal of this talk is to empower you to confidently and safely begin upgrading your clusters, and bid farewell to PSP.

Speakers
avatar for Tim Allclair

Tim Allclair

Software Engineer, Google
Tim Allclair joined the Kubernetes project just after the 1.0 launch in 2015, and currently works on the GKE Control Plane team. He is a member of the Kubernetes Security Response Committee, and a SIG Auth maintainer (previous co-chair). He has led development of several Kubernetes... Read More →
avatar for Sam Stoelinga

Sam Stoelinga

Customer Engineer, Google
Sam Stoeling is a passionate Open Source advocate and contributor with contributions to K8s, OpenStack and Kaniko. He's also the creator of Websu.io, which is an open source project to help improve the speed of your websites. Sam works at Google Cloud as a Customer Engineer specializing... Read More →


Thursday October 27, 2022 2:30pm - 3:05pm EDT
420AB
  Security + Identity + Policy

2:30pm EDT

Tutorial: Set Up Your Shell For Kubernetes Productivity And Be Efficient Quickly - Sebastien “Prune” Thomas, Wunderkind & Archy Ayrat Khayretdinov, Google
You just started a new gig ? You switched laptop ? or you're new to using Kubernetes ?

From the new users of Kubernetes to the most experienced gurus, we all spend a large amount of time on the terminal* (shell).
This talk will focus on setting up your laptop and terminal, installing all the cool tools to get you productive fast with Kubernetes. It is intended for all levels of experience.

By mixing a presentation of the tooling and demos, you'll quickly see how some little tuning can increase your productivity by a large amount.

During this talk you'll learn (not limited to):
- setup your shell to connect to a Cloud K8s service
- add shortcuts to type less when using kubectl
- get a clean access to cluster's logs
- add colors to your kubectl outputs
- install and use a local k8s cluster for prototyping
- work with Containers without Docker-For-Desktop
- get to know a lot of small tools to ease the pain of maintaining a cluster, playing with yaml and more

Join us in this adventure and impress your co-workers on your first day at work !

Speakers
avatar for Ayrat Khayretdinov

Ayrat Khayretdinov

Ambassador, Cncf
CNCF Ambassador
avatar for Sebastien Prune Thomas

Sebastien Prune Thomas

Lead Devops Engineer, Wunderkind
20 years in sysadmin, devops, cloud-native. Kubernetes user since CNCF and K8s fan !


Thursday October 27, 2022 2:30pm - 4:00pm EDT
330 AB
  101 Track

2:30pm EDT

🚨 ContribFest - in-toto + The Update Framework: Help Us Protect the Software Supply Chain With TUF, in-toto and Sigstore!
Join us for some live collaboration on TUF, in-toto, and Sigstore where we will be implementing new features and creating more cohesive integrations between these software supply chain projects.

This Contribfest session is designed to provide projects with the space and resources to tackle outstanding technical debt, security issues, or outstanding impactful feature requests. They are intended to provide a place for maintainers to meet contributors and potential contributors and work together on solving a problem.

Speakers
avatar for Marina Moore

Marina Moore

PhD Candidate, NYU
Marina Moore is a PhD student at NYU Tandon’s Secure Systems Lab focusing on secure software updates and supply chain security. While at NYU she has worked primarily on research and development for The Update Framework (TUF), Uptane, and Notary. She has spoken at KubeCon + CloudNativeCon... Read More →
avatar for Santiago Torres-Arias

Santiago Torres-Arias

Assistant Professor, Purdue University
To put things simply: I care about how people can product software, securely, and I care about how people can consume software, securely.Talk to me about anything in-toto, Sigstore, TUF, and beyond. I do software supply chain security research, and I try to work with open source... Read More →


Thursday October 27, 2022 2:30pm - 4:00pm EDT
410 B

3:00pm EDT

Virtual Project Office Hours: CloudEvents
Project Office Hours is an opportunity for KubeCon + CloudNativeCon attendees to meet the maintainers of the projects, learn more about the project, ask questions, learn about new features and upcoming updates. Below you'll find a list of upcoming Project Office Hours for Graduated, Incubating, and Sandbox projects with the date the office hour will be hosted. Click on the 'View Details' button for the project office hour in order to view additional information. Login is required to RSVP for the event. Once you register for an office hour, you will receive a confirmation email after you RSVP with the event details and how to join the project office hours.

RSVP for CloudEvents Project Office Hours here: ​https://community.cncf.io/e/m2qkyp/​​​


>> Full list of Project Office Hours


Thursday October 27, 2022 3:00pm - 3:45pm EDT
Project Office Hours

3:25pm EDT

What Container Runtime Do I Need? - Abubakar Siddiq Ango, GitLab
Docker made container technology approachable and easy to adopt, but the recent need to replace Docker has opened up several options and complexity, which can be daunting to someone new to Container technologies. Knowing what runtime engine is suited for what type of use case is crucial in making the right choice when reaching for a replacement. In this talk, Abubakar will start with a brief primer about what the Container runtime does, the common ones available, what they have in common and what sets them apart. We will also see different use cases applicable to different container runtime engines. At the end of the talk, the listener will be better informed in choosing the most preferred runtime engine for their workload.

Speakers
avatar for Abubakar Siddiq Ango

Abubakar Siddiq Ango

Developer Evangelism Program Manager, GitLab
Abubakar Siddiq Ango is a Developer Evangelism Program Manager at GitLab, where he finds better ways for the Developer Evangelism team to engage with the community and measure its impact. He is a Certified Kubernetes Administrator and when not working, he engages with the community... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
Viewable In Platform
  101 Track

3:25pm EDT

Orchestrating Interconnected Apps Across Geographically Distributed Kubernetes Clusters - John Belamaric, Google
Imagine deploying a set of complex, interconnected workloads across a fleet of geographically distributed Kubernetes clusters. How do you decide where to run each workload? How do we specialize the configs for each site? How do we make sure those configs conform to our policies? How do we deliver the configs to the right clusters, and make sure they don't drift? What happens when we add a site - how do we know which interconnected workloads need to be reconfigured? How do we know what to change in each of those workloads? Do we just need to change Kubernetes manifests, or do the configuration files of the workloads themselves need to be changed? How do we do that? Can we really automate all this? Linux Foundation’s Nephio project (https://nephio.org) uses Kubernetes-based automation to solve these problems with an extensible platform for large scale, multi-site workload orchestration and configuration management. Come learn how we’re doing it!

Speakers
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, and a co-founder of Nephio, an LF project for K8s-based automation of large scale telco edge deployments. He is also a co-chair of Kubernetes SIG Architecture, leading efforts on production readiness, conformance, and software architecture, and a maintainer... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
430 AB

3:25pm EDT

The Windows Operational Readiness Specification - Amim Moises Salum Knabben & Xinqi Li, VMware
Windows nodes have been a bit of an enigma in the Kubernetes community for some time. What do they support? How are they different from Linux nodes? And what “Conformance” standards should they adhere to in an enterprise environment? In this talk, we’ll introduce the Sig-Windows operational readiness specification which does for Windows what the Kubernetes Conformance tests have provided for Linux clusters: A standard for defining a fully functional Kubernetes environment. We’ll go through the 6 categories of Enterprise Windows use cases that we’ve identified as part of our Operational Readiness tests for windows, how each one is tested and how this framework works under the hood. We’ll also demonstrate how we use it to verify advanced “realistic” Windows scenarios, such as GMSA and Windows NetworkPolicy support.

Speakers
avatar for Amim Knabben

Amim Knabben

Software Engineer, VMware
Software engineer with a focus on Cloud Native and Free and Open-Source Software, currently working at VMware as the Tanzu Kubernetes Grid Windows tech lead. Amim has been contributing to the Kubernetes community since 2020 mainly on SIG-Network and SIG-Windows initiatives. His main... Read More →
avatar for Xinqi Li

Xinqi Li

Software Engineer, VMware
Xinqi Li received her MS in Data Science from University of Pennsylvania and joined VMware directly after graduation. With an interest of cloud-native and distributed systems, she has been working on VMware Tanzu Kubernetes Grid for two years with a focus on networking and windows... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
Ambassador Ballroom (Room 360)
  CI/CD

3:25pm EDT

Observability In ArgoCD/Rollouts Using Streaming ML For Reducing MTTR - Vigith Maurice & Amit Kalamkar, Intuit
At Intuit 67% of all outages are caused by a change. As Intuit runs ~2500 services on K8s we need to quickly detect and resolve problems using AIOps. Our talk focuses on how we built a K8s native DAG-based streaming processing platform (Numa-Flow) and streaming ML platform (Numa-Logic) which is open-sourced under Numaprog to address this problem. We will show how we collect, process, and analyze in-cluster data in real-time and how our Numa-Logic computes anomaly scores for each deployment. This DAG-based ML platform has now been adopted by Intuit and helps our ML engineers focus on writing just the inference and pre/post-processing logic while the platform takes care of building the dynamic execution model, retries, buffering between the vertices, back-pressure, conditional-forwarding, and auto-scaling. We will also show how we integrated Observability into ArgoCD so users can understand and remediate the behavior induced by change and how this is helping Intuit reduce MTTD/MTTR.

Speakers
avatar for Amit Kalamkar

Amit Kalamkar

Director of Engineering, Intuit
Amit is Director of Engineering at Intuit responsible for Observability and Analytics which covers AIOps, Operational Data Lake and multiple open source projects like Argo and Numaproj He is currently working to deliver observability and actionable insights using AIOps at Intuit’s... Read More →
avatar for Vigith Maurice

Vigith Maurice

Principal Engineer, Intuit
Vigith is a Principal Software Engineer for the Intuit Observability and Analytics team in Mountain View, California. One of Vigith's current day-to-day focus areas is on the various challenges in building scalable data processing and AIOps solutions for both batch and high throughput... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
251 ABC
  Machine Learning + Data

3:25pm EDT

Beyond Orchestration: The Cloud Native Runtimes Ecosystem for Performance and Security - Alexander Jung, Unikraft
The ecosystem of runtimes for container-based applications has been growing dramatically over the last few years with new implementations providing deeper integration between host and application with two primary goals in mind: performance and security.

Many of these systems, however, rely on manually adapting your application for the runtime provider for performance which negatively impacts adoption or uses existing virtualized, ad-hoc and traditional OSes/kernels for security which negatively impacts performance.

In this talk, we introduce Unikraft: an open-source library Operating System which enables the construction of ultra-lightweight VMs quickly, easily and without time-consuming developer effort. These VM images are tailored to the application itself and have high-performance, low resource usage (e.g. 3-5ms boot times, MBs of memory and disk usage, to name a few metrics) and a small attack surface (e.g.: no co-processes, no shell). We make comparisons across the current runtime landscape and demonstrate how you can use Unikraft with Kubernetes today.

Speakers
avatar for Alexander Jung

Alexander Jung

Co-Founder & Chief Product Officer, Unikraft
Alexander Jung is a Co-Founder and Chief Product Officer at the Lightweight Virtualization company Unikraft, focusing on leading unikernels into market and mass deployment.  He is also a PhD student at Lancaster University, where he focuses primarily on optimizations of unikernels... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
320

3:25pm EDT

Kyverno Introduction And Overview - Chip Zoller & Dolis Sharma, Nirmata
Kyverno is a Kubernetes-native policy engine which allows for validation, mutation, generation, and software supply chain security use cases all without requiring knowledge of a programming language. In this session, we will introduce you to Kyverno and explain and demonstrate in detail all of its capabilities. We will also share future roadmap plans, how you can get involved in the community, and provide all the resources you need to start solving your use cases. Kyverno was accepted as a CNCF Incubation project in June 2022.

Speakers
avatar for Chip Zoller

Chip Zoller

Technical Product Manager, Nirmata
Chip Zoller is a technologist, maintainer, and contributor to the Kyverno project where his primary focus is on process, enablement, documentation, automation, policy design and authoring, and community. Chip's background is as an architect, engineer, and cloud native consultant having... Read More →
avatar for Dolis Sharma

Dolis Sharma

Customer Success Engineer, Nirmata
Dolis Sharma is a Customer Success Engineer at Nirmata. Dolis manages production Kubernetes clusters for Nirmata, in addition to assisting customers with Kubernetes deployment issues and other related work. Dolis is a Certified Kubernetes Administrator, Certified Kubernetes Administrator... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
252 AB

3:25pm EDT

Notary: State Of Development - Justin Cormack, Docker
This talk gives an overview of the status of the Notary project, and the Notary v2 work, and the context in the broader ecosystem. Supply chain security is becoming increasingly critical and its importance has been recognised, but the ecosystem of tools around this is confusing. So this talk will cover the context of the key ideas, including the TUF and in-toto projects and how they relate to the security outcomes people want to achieve.

Speakers
JC

Justin Cormack

CTO, Docker


Thursday October 27, 2022 3:25pm - 4:00pm EDT
321

3:25pm EDT

Prometheus - Intro, Deep Dive, And Open Q+A - Richard Hartmann & Ganesh Vernekar, Grafana Labs
Prometheus is the de facto standard in cloud-native metrics monitoring and beyond, in large part because Kubernetes is literally designing its custom metrics engine for Prometheus. With ever more people adopting cloud-native technologies, we will cover a mix of intro/101 content, a deeper dive into current developments, and open Q&A at the end.

Speakers
avatar for Ganesh Vernekar

Ganesh Vernekar

Senior Software Engineer, Grafana Labs
Ganesh has been contributing to Prometheus for nearly 5 years and is a Prometheus team member and maintainer of its Time Series Database (TSDB). He is currently working on the new native histograms in Prometheus. He has also contributed to Cortex, Grafana Mimir, and Grafana.
avatar for Richard Hartmann

Richard Hartmann

Director of Community, Grafana Labs
Richard "RichiH" Hartmann is the Director of Community at Grafana Labs, Prometheus team member, OpenMetrics founder, OpenTelemetry member, CNCF Technical Advisory Group Observability chair, CNCF Technical Oversight Committee member, CNCF Governing Board member, and more. He also leads... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
410 A

3:25pm EDT

SIG Security: Empowerment Through Autonomy - Ala Dewberry, VMware; Rey Lejano, SUSE; Savitha Raghunathan, Red Hat; Tabitha Sable, Datadog
SIG Security takes a community-building approach to improving Kubernetes security, both for the project itself and our end users. Join organizers Ala, Rey, Savitha, and Tabitha for an overview of how we make space for security collaboration to thrive. We'll share timely updates from our documentation, third-party audit, and tooling subprojects. Security self-assessments will be a special focus, with a deep-dive on this new service offered to Kubernetes by our newest subproject! The Self-Assessments subproject in SIG Security is here to make security introspection accessible to any and all SIGs and subprojects. We aim to give SIGs and subprojects a repeatable and rigorous way to think about their own security, making Kubernetes safer to use as more workloads find their way to it. You'll learn what's been going on, what’s next, and how you could join in, regardless of your experience from beginner to expert. We hope to see you there!

Speakers
avatar for Savitha Raghunathan

Savitha Raghunathan

Senior Software Engineer, Red Hat
Savitha is a Senior Software Engineer at Red Hat, working on Data Protection, Container Migration and Application Modernization technologies. She led the release cycle for Kubernetes v1.22. Currently, she is leading the SIG Security Documentation sub-project. She is passionate about... Read More →
avatar for Tabitha Sable

Tabitha Sable

Staff Engineer, Datadog
Tabitha Sable never met a system she didn't want to take apart. She serves the Kubernetes community as co-chair of SIG Security and a member of the Security Response Committee. At work, Tabitha leads Runtime Infrastructure Security at Datadog. She writes exploits, hardens infrastructure... Read More →
avatar for Rey Lejano

Rey Lejano

Field Engineer, SUSE
Rey Lejano is a Field Engineer at SUSE by way of Rancher Labs. At SUSE & Rancher Labs, Rey has helped many organizations on their cloud native journeys. Rey is a contributor to the Kubernetes project as the Kubernetes v1.23 Release Lead, v1.25 Emeritus Adviser, Kubernetes SIG Docs... Read More →
AD

Ala Dewberry

Senior Product Manager, VMware
I work at VMware on the xLabs team in the Office of the CTO, building cutting edge product to open up new opportunities while leveraging and growing the amazing open source technologies that let us solve some tough problems and make the world a better place. I love edge, distributed... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
142 ABC

3:25pm EDT

Stateful Apps On Kubernetes - Bring Them On! - Tina Gill, NetApp; Scott Surovich, HSBC Bank, USA; Scott Miller, DreamWorks Animation
Worried about brining stateful applications onto your Kubernetes clusters? Learn from the Kubernetes experts at DreamWorks, HSBC and NetApp how you can build and operate at scale. In this session, panel members from DreamWorks, HSBC and NetApp will share their experiences from running data rich stateful applications on Kubernetes for years. The panel discussion will cover the following topics and others as related to data management and protection in Kubernetes. (1) Addressing challenges in managing ‘state’ in stateful application. (2) Use of different tools and capabilities Kubernetes ecosystem has delivered. (3) Best practices to optimize storage resource utilization. (4) Future needs of their expanding Kubernetes environments in hybrid-cloud/multi-cloud.

Speakers
avatar for Tina Gill

Tina Gill

Director of Engineering, NetApp
Mom, Techie and Engineer at heart. Also a diversity advocate, business enthusiast and wine lover. Currently working as Director of Engineering at NetApp where I lead design and development of hybrid cloud products working with world class engineers! I've a MS (CS) from Cal State Fresno... Read More →
avatar for Scott Surovich

Scott Surovich

Global Container Engineering Lead, HSBC Bank, USA
Scott has been engineering solutions at HSBC for twenty years. His roles include Global engineering and leadership in Windows, Linux, Virtualization, and Kubernetes. He is currently the Global Container Engineering Lead, and Product Owner, designing and implementing the bank’s global... Read More →
avatar for Scott Miller

Scott Miller

Technology Fellow, DreamWorks Animation
Scott Miller is a Technology Fellow for Systems Architecture at DreamWorks Animation, where he guides the technical direction of the studio's infrastructure technology. Scott is focused on operations and implementing long-term strategies for high-performance computing, high-performance... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
250 ABC
  Reliability + Operational Continuity

3:25pm EDT

Kubernetes For GPU Powered Machine Learning Workloads In Academia - Camille Rodriguez, Canonical & John-Paul Robinson, University of Alabama at Birmingham
This talk aims to inform the architects and users of Kubernetes, as well as teams planning to transition for Kubernetes for research purposes, how we designed a high-performing Kubernetes cluster specifically geared towards machine learning and AI workloads. On the architectural side, the use of NVIDIA DGX A100 machines provides unprecedented compute density and performance for those workloads. Those nodes are integrated to the cluster with open-source software. We will also cover our challenges & successes in integrating to other components, such as external CEPH storage, gitlab registry and runners, and SAML authentication. The University of Alabama at Birmingham team will cover how they leverage container-enabled GPUs for their research and development workloads. Research workloads increasingly demand access to ad hoc, GPU-enable compute capacity, with complex software environments to power cloud-native workflows. K8s helps address needs ranging from regular ML training runs to supporting software development via CI pipelines.

Speakers
avatar for John-Paul Robinson

John-Paul Robinson

HPC Architect, Manager, University of Alabama at Birmingham
John-Paul Robinson supports HPC and distributed systems deployments at an academic research center. He is a proponent of open solutions and their ability to empower users. He is working to expand the functionality of campus high performance computing environments to deliver the tools... Read More →
avatar for Camille Rodriguez

Camille Rodriguez

Field Engineer Manager, Canonical
Camille works as a Field Engineering Manager at Canonical, where she designs and deploys private clouds, with technologies such as Kubernetes and Openstack, Juju Charms, MAAS, and other open-source integrations. She also leads the Women’s Resource Group at Canonical and is a hiring... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
140 ABC
  Research + Academia

3:25pm EDT

Hack Back; Let’s Learn Security With CTFs! - Lewis Denham-Parry, Control Plane & Natalia Reka Ivanko, Isovalent
Threat actors have always been looking to attack clusters. Do you have the right security in place to detect and defeat if they are targeting yours? Or they are already in? Kubernetes has become the de facto cloud operating system and production environments have increased in maturity. So have the threats. Security Teams don’t necessarily have the expertise to detect state-of-art attack scenarios specific to cloud-native environments, like Kubernetes. So, where do they get started? Capture-The-Flag (CTF) events are a great way to learn about the techniques of both attack (Red Team) and defence (Blue Team). This talk will give you a framework for your own internal CTF events, with Red and Blue Team assessments, as a best practice for improving security in your organisation. We'll give a hands-on, live walkthrough of the top 3 state-of-art attack scenarios as CTF exercises using common open source projects like Simulator and Tetragon. Remember, the best way to learn how to detect is to first know how to attack!

Speakers
avatar for Lewis Denham-Parry

Lewis Denham-Parry

Security Architect, Chainguard
Lewis enjoys helping others learn how to orchestrate the ocean of containers using Kubernetes and securing their infrastructure by teaching how to attack and defend Cloud Native infrastructure. He co-founded Cloud Native Wales, an initiative to help people learn Cloud Native technologies... Read More →
avatar for Natalia Reka Ivanko

Natalia Reka Ivanko

Security Engineer, Isovalent
Natalia Reka Ivanko is a security engineer with a strong background in container and cloud native security. She is passionate about building things that matter and working with site reliability and software engineers to develop and apply security best practices. She is inclined towards... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
420AB
  Security + Identity + Policy

3:25pm EDT

Run As “Root”, Not Root: User Namespaces In K8s - Marga Manterola, Isovalent & Rodrigo Campos Catelin, Microsoft
What if I told you that there's a bool you can set in your pod yaml that mitigates many CVEs out there? Not just any CVEs, but some HIGH and CRITICAL ones! This feature is coming to Kubernetes, thanks to user namespaces, and we'll tell you all about it.

User namespaces is a kernel feature that isolates the user in the container from the one in the host. A process running as root in a container can run as a different (non-root) user in the host. This is a HUGE improvement: if a process escapes the container, the privileges on the host are significantly reduced. Furthermore, some capabilities are void and others are only valid inside the user namespace.

Many container workloads that run as root today can benefit from this already: enable user namespace in their pod yaml and be more secure without additional changes.

This talk will explain how to use this feature in your cluster, how it is implemented, the current state of the KEP and future work and challenges in this area.

Speakers
RC

Rodrigo Campos Catelin

Software Engineer, Microsoft
Rodrigo studied Computer Science at the University of Buenos Aires (Argentina) and has been using Kubernetes in production since 1.1. He is a core Kubernetes reviewer, maintainer of MetalLB and a free software user and contributor for more than 15 years.He is currently working on... Read More →
avatar for Marga Manterola

Marga Manterola

Director of Engineering, Isovalent
A Debian Developer and Open Source enthusiast, Marga has been working with Linux for 20 years. She worked as an SRE at Google, in the team maintaining the internal Linux distribution used by Google engineers. She later joined the cloud native world, working on Flatcar, a container... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
Viewable In Platform
  Security + Identity + Policy

3:25pm EDT

Mentor-Mentee Framework To Build the Next Generation Of Cloud Native - Kunal Kushwaha & Mark Boost, Civo
The CNCF Students community has been around for a few months now. There have been various initiatives by the CNCF to get more young folks involved in the ecosystem. Some of the challenges faced by the community include finding contributors willing to get involved for a more extended period. In this talk, Kunal and Mark will cover a framework that proves mentor-mentee interactions to be productive in the long run. They’ve decided to share the learnings that led Kunal, a student, to start the CNCF Students community and scale it to thousands; student track at KubeCon with the help of mentors in the CNCF. Mark will share his experience and insights regarding being a great mentor to upskill the next generation. The talk starts with what the mentee is looking to accomplish from having a mentor and how they can find one in the CNCF community. Then, the framework will cover topics such as setting goals, asking the right questions, reviewing progress, assigning tasks to create a roadmap, and more, including advice for both mentors and mentees to make the most out of their journey. Last but not least, how contributors and students mentored can pay it forward to keep the cycle going.

Speakers
avatar for Kunal Kushwaha

Kunal Kushwaha

Developer Relations Manager, Civo
Kunal is working towards empowering communities via open-source and education. He finds passion in teaching and has taught thousands of folks online and in person. He is currently a Developer Relations Manager at Civo, CNCF Ambassador, track chair of the KubeCon + CloudNativeCon student... Read More →
avatar for Mark Boost

Mark Boost

CEO, Civo
Mark is the CEO of Civo.com, a disruptive cloud computing provider focused on providing Kubernetes hosting. He also holds Chairman positions for Bulletproof Cyber and ServerChoice. At the age of 20, he founded LCN.com and, over the course of 19 years, grew the company to become one... Read More →


Thursday October 27, 2022 3:25pm - 4:00pm EDT
Portside Ballroom (Room 260)
  Student

3:30pm EDT

Allyship Workshop: A Human-Centered Approach to Allyship
Conversations around DEI and allyship have come into focus in many areas of tech/STEM, especially in the past several years. From this heightened level of awareness have sprung common paradigms for thinking about and addressing how one might best show up in support of historically excluded groups, oftentimes focused on prescriptive or performative allyship behaviors.

In this talk, we intend to flip the script. Instead of focusing on the “correct behaviors” and “right responses” when demonstrating allyship, we’ll be taking a look at a human-centered approach on those we are intending to support while asking challenging questions about how we each show up in a given environment or situation.

Thank you to our sponsor, Google Cloud! 

Speakers
avatar for Radha Jhatakia

Radha Jhatakia

Program Manager, Google
Radha (she/hers) is a Program Manager, leading DEI and Comms initiatives in Google’s Open Source Programs Office in San Francisco. She has worked at the intersection of communications and DEI in different industries, which led her to open source in 2017, and joining the Google OSPO... Read More →
avatar for Mike Bufano

Mike Bufano

Program Manager, Google
Mike (he/him) has worked at Google in NYC since 2013 and is currently a Program Manager within Google’s OSPO team. In addition to working on ways in which we can bolster trust and safety in open source communities, Mike is globally active as a leader within Google’s LGBTQ+ community... Read More →


Thursday October 27, 2022 3:30pm - 4:30pm EDT
Huntington Place Detroit
  Diversity + Equity + Inclusion
  • Content Experience Level Any

4:00pm EDT

Coffee Break ☕
Thursday October 27, 2022 4:00pm - 4:30pm EDT
TBA

4:00pm EDT

Wellness Session - Sound Healing

You will be guided through a series of poses while the soothing vibrations of Crystal bowls, pyramids, Tibetan bowls, and Gongs wash over you to enhance the healing energy and further personalize the experience for each participant. The combination of these ancient healing modalities promotes deep relaxation and assists in releasing stress, anxiety, and energetic blockages.

Speakers
SM

Shannon Murphy

Instructor, Citizens Yoga Michigan


Thursday October 27, 2022 4:00pm - 4:30pm EDT
412 B

4:00pm EDT

Open Source Program Office BoF + Happy Hour
TODO Group is hosting an OSPO BoF + Happy hour meet-up at KubeCon + CloudNativeCon North America 2022 for OSPO professionals. Join us to network with open source peers involved in Open Source Program Offices and enjoy some appetizers & drinks while taking a break from the action!

This is a great opportunity to connect, learn and look for feedback from the wide diversity of open source & OSPO professionals’ visions that also engages with CNCF and CNCF projects.

Pre-registration Required

Thursday October 27, 2022 4:00pm - 6:00pm EDT
354

4:30pm EDT

How the Basics Of Kubernetes Auth Scale For Organizations - Leigh Capili, VMware
Every day, someone new wants to deploy their cloud-native app... then it ends up running on Kubernetes! Suddenly, all sorts of people have questions about the app and need to make changes. Developers, SREs, Product Folks, and Organization Leaders all have different needs and levels of experience with the myriad of Kubernetes resources needed for an app, so how should platform teams give folks the access they need? This session will show how the basics of Kubernetes Role-Based Access Control (RBAC) compose together to create a flexible system that lets teams work together. Come learn about: - RBAC Basics - The Details of Identity - Common Misunderstandings - RBAC's Limitations - Auditing - Useful Patterns for Real-world Implementations This session will also include some fun, relatable Live Demos! Expect to leave better equipped to support the transparent, collaborative, self-service ownership of a DevOps culture.

Speakers
avatar for Leigh Capili

Leigh Capili

Staff Developer Advocate, VMware
Leigh is an empathetic speaker and developer with niches in cloud-native systems and security. He has a background in building software to manage infrastructure. Leigh contributes to Kubernetes and Flux and is frequently working on his next software demo. He also co-maintains Ignite... Read More →


Thursday October 27, 2022 4:30pm - 5:05pm EDT
140 DEFG
  101 Track

4:30pm EDT

Writing Reliable, Scalable, Fault Oblivious Code On K8s the Easy Way - Kendall Roden, Microsoft & Alice Gibbons, Diagrid
Remember when writing connected application code to do something innovative was the hard part? These days developers have to do more than ever, not only to write innovative and elegant code to run their business, but now also have to deal with all the faults, outages, disasters, hot spots, scale points, and concurrency issues that come with building distributed apps and microservices at scale. In this session, you will learn about the best practices to write distributed app code that sings at scale directly from the team that helped bring you Dapr and a number of hyper-scale cloud services in production. It will focus on the topics of resiliency, distributed locking, and optimization in common tasks like async messaging & Pub-Sub, state management, secrets and more. You will also learn about abstractions and implementations to do this the easy way in your favorite programming model and language, while targeting Kubernetes.

Speakers
avatar for Alice Gibbons

Alice Gibbons

Customer Success Engineer, Diagrid
avatar for Kendall Roden

Kendall Roden

Senior Product Manager, Azure Container Apps, Microsoft


Thursday October 27, 2022 4:30pm - 5:05pm EDT
430 AB

4:30pm EDT

Trust But Verify: Bringing Supply Chain Integrity To CD GitOps - Yuji Watanabe & Hirokuni Kitahara, IBM Research
Using GitOps automation to deliver Kubernetes cloud native applications allows management of infrastructure in the same way you manage application code, but lacks the supply chain controls needed to ensure integrity and tamper-proof deployments. Whilst application source dependencies have quickly benefited from SBOMs, transparency logs, and cryptographic signatures, delivery side automation has not participated in the end to end integrity guarantees. Using CD Gitops, Kubernetes manifests are composed from multiple source assets, across several locations, each having their own potential sources of malicious or accidental tampering. Template based mutations occur throughout continuous deployment and prohibit typical signing and verification methods. This talk describes how a properly instrumented CD GitOps process can be extended to provide verification of source assets with cluster enforcement of signatures and policy permissions. By combining keyless signing via Sigstore and intersecting control points throughout GitOps, accurate cryptographic signing of source assets can be obtained and transparency of configuration provenance produced. Finally using an admission controller such as integrity shield, cluster enforcement validates pipeline integrity.

Speakers
avatar for Yuji Watanabe

Yuji Watanabe

Senior Technical Staff Member, IBM Research
Yuji Watanabe is a Senior Technical Staff member at IBM Research that lives in Tokyo, Japan. He leads a research team on cloud native security and has been delivering new integrity monitoring and enforcement technology to the open-source community and products. His current focus is... Read More →
avatar for Hirokuni Kitahara

Hirokuni Kitahara

Researcher, IBM Research
Hirokuni Kitahara is a Research Scientist at IBM Research that lives in Tokyo, Japan. His current focus is on software supply chain integrity for cloud native applications and has been delivering integrity assurance technology on CI/CD to open-source communities and products. He contributes... Read More →


Thursday October 27, 2022 4:30pm - 5:05pm EDT
Ambassador Ballroom (Room 360)
  CI/CD

4:30pm EDT

Human-Friendly, Production-Ready Data Science Stack With Metaflow & Kubernetes - Savin Goyal, Outerbounds & Saravanan Balasubramanian, Intuit
There is a pressing need for tools and workflows that meet data scientists where they are. This is also a serious business need: How to enable an organization of data scientists, who are not software engineers by training, to build and deploy end-to-end machine learning workflows and applications independently.

In this talk, we discuss the problem space and the approach we took to solving it with Metaflow, the open-source framework we developed at Netflix, which now powers hundreds of business-critical ML projects at Netflix and other companies from bioinformatics and drones to real estate. We wanted to provide the best possible user experience for data scientists, allowing them to focus on parts they like (modeling using their favorite off-the-shelf libraries) while providing robust built-in solutions for the foundational infrastructure: data, compute, orchestration, and versioning.

In this talk, we will demo our latest work that builds on top of Kubernetes.

You will learn about - What to expect from a modern ML infrastructure stack. - Using tools such as Metaflow & Kubernetes to boost the productivity of your data science organization, based on lessons learned from Netflix and many other companies.

Speakers
avatar for Saravanan Balasubramanian

Saravanan Balasubramanian

Staff Software Engineer, Intuit
Bala is the lead engineer and maintainer in Argo workflow project , Intuit- leading Argo workflow project for open source community and Intuit.