KubeCon + CloudNativeCon North America 2024: Full Schedule

In-person
November 12-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Mountain Standard Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis.

arrow_back View All Dates

11:00am MST

Artifact Hub: Discover, Analyze, and Share Cloud Native Artifacts - Matt Farina, SUSE

Thursday November 14, 2024 11:00am - 11:35am MST

Hyatt Regency | Level 4 | Regency Ballroom BCD

Finding cloud native artifacts, from Helm charts to security policies, can be difficult with general search engines. Analyzing what you find can be a very manual process and you're going to miss out on some useful projects. Artifact Hub was created to ease the pain of cloud native artifact discovery and now provides for discovery and analysis of over 20 different types of cloud native artifacts. In this session you'll learn: • How Artifact Hub came into existence • How you can discover and analyze artifacts, right on Artifact Hub • Making your artifacts discoverable • Running your own instance of Artifact Hub • How you can contribute to the project

Speakers

Matt Farina

Distinguished Engineer, SUSE

Matt works as a Distinguished Engineer at SUSE, where he works as the Chief Architect of the SUSE Rancher Team. He is a maintainer of multiple open source projects including Helm and Artifact Hub. Matt is an author, speaker, and regular contributor to open source.

Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

Maintainer Track, ArtifactHub

11:00am MST

GitOps at Production Scale with Flux - Leigh Capili, Flox & Priyanka Ravi, G-Research

Thursday November 14, 2024 11:00am - 11:35am MST

Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

In this session, Leigh and Pinky will cover best practices when running Flux at scale in production. We'll start with an overview of the scaling capabilities of Flux controllers: - Vertical Scaling - Horizontal Scaling - Sharding We'll dive deeply into each method and explain when and how to use them considering multi-tenancy, cluster fleet size, and workload complexity. We'll also introduce the Mean Time To Production benchmarking tool the Flux team has developed using CUE lang and Timoni. The benchmark measures the time it takes for Flux to deploy thousands of Helm charts and Kustomize overlays on Kubernetes clusters. We'll explain the benchmark results and share lessons from running it on different Kubernetes distributions and providers. The session will conclude with the Flux roadmap and our API promises now that Flux is GA.

Speakers

Leigh Capili

Senior DevRel Engineer, Flox

Leigh is an empathetic speaker and dev with niches in cloud-native systems and security. He has a background in building software to manage infra. Leigh is working in k8s SIG-Auth. He authored kubeadm’s etcd mTLS implementation and Flux 2’s multi-tenant security model. Leigh works... Read More →

Priyanka Ravi

Platform Tech Advocate, G-Research

Priyanka “Pinky” Ravi is a Platform Technical Advocate at G-Research. She is a Flux project member and an advocate for GitOps. She has worked on a multitude of topics including front end development, UI automation for testing and API development. Previously she was a developer... Read More →

Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Maintainer Track, Flux

11:00am MST

SIG-Apps: Powering Applications with High-Volume Data and APIs - Maciej Szulik, Red Hat & Janet Kuo, Google

Thursday November 14, 2024 11:00am - 11:35am MST

Salt Palace | Level 3| 355 BC

Over the last decade, Kubernetes expanded support for various workloads from stateless to stateful, from simple jobs to complicated batch workloads. All the APIs have become mature, consistent, and full-featured. We've been busy in SIG Apps, and there's more to come. In this session the SIG Apps leads will provide an overview of what has been accomplished since its inception. They will highlight major milestones, sub-projects and share various stories surrounding major events. They will also discuss how the work has been shared between SIG Apps, Work Groups and sub-projects. The session will conclude with an open discussion and Q&A. Attendees will learn about contributing to SIG Apps themselves.

Speakers

Janet Kuo

Staff Software Engineer, Google

Janet Kuo is a Staff Software Engineer at Google. She's joined the Kubernetes project since before the 1.0 launch in 2015. She is Kubernetes project maintainer, SIG Apps chair, and KubeCon co-chair emeritus. In her free time, she enjoys traveling and taking photos.

Maciej Szulik

Senior Principal Software Engineer, Red Hat

Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.

Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3| 355 BC

Maintainer Track, Apps

11:00am MST

SPIRE: Intro & In-Depth Exploration of the Upcoming Forced Rotation and Revocation Feature - Agustín Martínez Fayó & Marcos Yacob, Hewlett Packard Enterprise

Thursday November 14, 2024 11:00am - 11:35am MST

Salt Palace | Level 3 | 355 EF

Join us for an insightful session on the SPIRE project, where we’ll provide a comprehensive introduction covering the foundational aspects of SPIRE, detailing its architecture, capabilities, and the problems it solves. Additionally, we’ll delve into the exciting upcoming updates for the project, with a special focus on the highly anticipated forced rotation and revocation feature that will provide a rapid, reliable, and automated mechanism for recovering from key compromise. Whether you’re new to SPIRE or an experienced user, this talk will equip you with the knowledge of current developments and prepare you for the future enhancements that will further strengthen your infrastructure to provide secure identities for workloads.

Speakers

Marcos Yacob

Principal Software Engineer, Hewlett Packard Enterprise

I'm principal Software Engineer at Hewlett Packard Enterprise (HPE) and Maintainer of different SPIFFE projects.

Agustín Martínez Fayó

Principal Software Engineer, Hewlett Packard Enterprise

Agustín is a Principal Software Engineer at Hewlett Packard Enterprise (HPE) and Maintainer of the SPIRE project. Agustín has always been dedicated to building software that helps to improve the security of systems that operate at scale.

Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3 | 355 EF

Maintainer Track, SPIRE

11:00am MST

What's New with Kubectl and Kustomize … and How You Can Help! - Eddie Zaneski, Defense Unicorns & Arda Guclu, Red Hat

Thursday November 14, 2024 11:00am - 11:35am MST

Hyatt Regency | Level 4 | Regency Ballroom A

Have you ever wondered how kubectl and kustomize enhancements are designed and built? Curious why your favorite feature request wasn't accepted? Join the folks from Kubernetes SIG CLI to find out! In this session, the SIG CLI maintainers will provide an introduction to the tooling they are working on and an overview of how to get started contributing. They will share the work done over the past year and the roadmap for what is next. Join us to help shape your favorite tools!

Speakers

Eddie Zaneski

Staff OSS Engineer, Defense Unicorns

Eddie lives in Denver, CO with his wife and dog. He loves open source and works on the Kubernetes project. When not hacking on random things you'll most likely find him climbing rocks somewhere.

Arda Guclu

Senior Software Engineer, Red Hat

Senior software engineer at Red Hat, regular contributor to Kubernetes and one of the maintainers of kubectl.

Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom A

Maintainer Track, CLI

11:55am MST

0.1 to 1.16: How Has Knative Fulfilled Its Vision? - Dave Protasowski, Broadcom & Evan Anderson, Stacklok

Thursday November 14, 2024 11:55am - 12:30pm MST

Hyatt Regency | Level 4 | Regency Ballroom BCD

Knative 0.1 launched approximately 6 years ago. 0.1 promised a number of features, including supporting a developer workflow equivalent to AWS Lambda and other FaaS platforms, but with an “a la carte” design where each component could operate independently. How does that vision look 6 years and 40 releases later? Through the lens of a demo, where does Knative exceed the original vision, and where have things been dropped?

Speakers

Dave Protasowski

Staff Engineer, VMware/Broadcom

Dave Protasowski is part of Knative Technical Committee and a Serving Working Group Lead. During the night he works at VMware/Broadcom. Prior he worked on Cloud Foundry things at Pivotal.

Evan Anderson

Software Engineer, Stacklok

Co-founder and maintainer on Knative project. Member of sigstore-oncall. Previously worked on Google Compute Engine and Serverless (App Engine, Functions) and in SRE. Principal engineer at Stacklok. Ex-Google, ex-VMware. Author of Building Serverless Applications on Knative by O'Reilly... Read More →

Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

Maintainer Track, Knative

11:55am MST

Cilium: Connecting, Observing, and Securing Kubernetes and Beyond with eBPF - Ahmed Bebars, The New York Times; Liz Rice, Isovalent @ Cisco; Joe Stevens, Ascend.io

Thursday November 14, 2024 11:55am - 12:30pm MST

Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Welcome to Cilium's maintainer track session where you'll get an update on how Cilium is expanding the frontiers of cloud native networking, observability, and security. Cilium is CNCF's most widely adopted CNI, being the default choice for all major cloud providers. This talk dives into the bytecode behind all of the buzz around the project. We'll start with a brief overview of each part of the project before diving into how Cilium is expanding beyond Kubernetes with load balancing and multi-cloud networking and into runtime enforcement with Tetragon. In this session, you'll hear from Cilium contributors and users Isovalent and The New York Times.

Speakers

Joe Stevens

Tech Lead, Infra, Ascend.io

Kubernetes, multi-cloud, CI/CD

Liz Rice

Chief Open Source Officer, Isovalent, now a part of Cisco

Liz Rice is Chief Open Source Officer at Isovalent, the creators of the Cilium project, and now part of Cisco. Currently on the boards of the CNCF and OpenUK, she was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She... Read More →

Ahmed Bebars

Principal Engineer, The New York Times

As a seasoned Principal Engineer on the Delivery Engineering team at The New York Times, I specialize in developing robust and scalable Kubernetes-based solutions. My primary focus is on crafting a secure and flexible runtime environment that is pivotal in empowering service teams... Read More →

Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Maintainer Track, Cilium

11:55am MST

Cluster API Deep Dive - Roadmap to API Graduation - Fabrizio Pandini, Broadcom & Vince Prignano, Apple, Inc.

Thursday November 14, 2024 11:55am - 12:30pm MST

Hyatt Regency | Level 4 | Regency Ballroom A

The Cluster API is the de-facto project to manage the lifecycle of Kubernetes clusters at scale using simple declarative APIs. In 2021 the project reached production readiness, and today the community is working towards the next major milestone: graduating the APIs to v1 General Availability. Join us to get an overview how Cluster API is today used in production and discover what's planned for our APIs exciting new features like Karpenter, in-place upgrades, and more.

Speakers

Vince Prignano

Apple

Fabrizio Pandini

Staff Engineer 1, Broadcom

A Kubernetes contributor obsessed with making Kubernetes lifecycle simple and consistent across all types of infrastructures, so everyone can build amazing applications on top of it. When I’m not busy as a SIG Cluster Lifecycle tech lead or as a project maintainer in Cluster API... Read More →

Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

Maintainer Track, Cluster Lifecycle

11:55am MST

CNCF TAG Network: Intro & Deep Dive - Lee Calcote, Layer5

Thursday November 14, 2024 11:55am - 12:30pm MST

Salt Palace | Level 3 | 355 EF

“It’s the network!” is the cry of every engineer. With the increased prevalence of microservices and distributed systems, it’s true - networking as a discipline has never been more critical in the well-architected design and efficient operation of modern infrastructure. Join this talk for an intro to the TAG, its charter and a deeper discussion of current cloud native networking topics being advanced in this TAG.

Speakers

Lee Calcote

Founder, Layer5

Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus through... Read More →

Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3 | 355 EF

Maintainer Track, Network

11:55am MST

SIG Autoscaling Projects Update - Jack Francis, Microsoft

Thursday November 14, 2024 11:55am - 12:30pm MST

Salt Palace | Level 3| 355 BC

The last year’s been an exciting time for SIG Autoscaling, with Karpenter being accepted as a subproject just before Kubecon NA 2023, work to support more advanced workload types for operators, and more. Come along to hear about: Karpenter’s first year as a SIG Subproject - what’s happened over the last year, and what we’ve got planned for the next year. Dynamic Resource Allocation - how the SIG is involved in k8s’ efforts to make it easier for users to run cost effective and efficient workloads requiring GPUs and other custom resources. Provisioning Requests and Pod & Node Headroom - new APIs planned for the Cluster Autoscaler and Karpenter to support long standing requests for improved support for batch workloads and from cluster operators. Improvements in the SIG’s processes - the SIG’s been hard at work improving and extending our use of k8s’ test infra, expanding our test coverage, as well as improving our release processes over the last year.

Speakers

Jack Francis

Principal Software Engineer, Microsoft

Jack works on open source Kubernetes from his basement in Portland, Oregon, USA. When he’s not working, he’s usually upstairs hanging out with his family. On occasion he straps on a guitar and turns the amp to 11.

Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 BC

Maintainer Track, Autoscaling

2:30pm MST

Applications, Platforms, and Infrastructure Oh My! What Is the TAG App Delivery Doing to Support You - Daniel Oh, Red Hat; Roberth Strand, Sopra Steria; Ryan Nowak, Microsoft; Abby Bangser, Syntasso

Thursday November 14, 2024 2:30pm - 3:05pm MST

Salt Palace | Level 3 | 355 EF

TAG App Delivery focuses on how organizations can deliver cloud-native applications. To succeed, there are a number of hard questions that need to be answered: How can platform teams do a better job of enabling developers? How can developers help platform teams to understand better their development needs and their technology stack specific requirements? Which artifacts will be created and by whom? What does it take to provision a development environment? Which tools are involved? This panel will highlight how the TAG Working Groups including App Development, Platform, Infrastructure, and Artifacts are helping build a unified view of how to successfully deliver cloud native applications at scale.

Speakers

Daniel Oh

Senior Principal Developer Advocate, Red Hat

Daniel Oh is a Java Champion and Senior Principal Developer Advocate at Red Hat to evangelize developers for building cloud-native apps and serverless ob Kubernetes ecosystems. He's also contributing to various cloud open-source projects and ecosystems as a CNCF ambassador for accelerating... Read More →

Abby Bangser

Principal Engineer, Syntasso

Abby is a Principal Engineer at Syntasso delivering Kratix, an open-source cloud-native framework for building internal platforms on Kubernetes. Her keen interest in supporting internal development comes from over a decade of experience in consulting and product delivery roles across... Read More →

Roberth Strand

Principal Cloud Native Architect, Sopra Steria

Roberth is a self-proclaimed "cloud automator", and works primarily with Microsoft Azure infrastructure, Platform Engineering, DevOps and Cloud Native technology. He has been awarded the title Microsoft Azure MVP (2021, 2022, 2023), CNCF Ambassador (2023), as well as HashiCorp Ambassador... Read More →

Ryan Nowak

Incubations Architect, Microsoft

Ryan is an architect working on open-source projects from the Azure CTO's office. He's passionate about designing software for humans, incubating risky ideas, releasing them in open-source so everyone can benefit. At Microsoft, he's had a 15+ year career building developer-centric... Read More →

Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF

Maintainer Track, App Delivery

2:30pm MST

Bare Metal Kubernetes with KOps: Gathering Community Wisdom - Justin Santa Barbara, Google & Ciprian Hacman, Microsoft

Thursday November 14, 2024 2:30pm - 3:05pm MST

Hyatt Regency | Level 4 | Regency Ballroom A

Kubernetes on bare metal presents unique challenges compared to cloud deployments. While kOps is optimized for cloud environments, we have begun to explore bare metal support and identify key architectural trade-offs. We'll examine common architectures for bare metal Kubernetes, such as node discovery and availability without cloud services. Introducing a VM layer creates a familiar Kubernetes environment but adds complexity and can limit hardware performance. We'll discuss managing devices like GPUs and the need for tooling when hardware health isn't verified by a cloud provider. This talk will delve into the kOps project and its potential in supporting bare metal Kubernetes. However, our primary goal is to learn from the community. We invite you to share your successes, struggles, and insights to shape the future of our tooling for bare metal. Your feedback is crucial in guiding our development and ensuring kOps meets the needs of those deploying Kubernetes on bare metal.

Speakers

Justin Santa Barbara

Software Engineer, Google

Justin has been contributing to kubernetes since 2014, initially as the primary maintainer of the kubernetes AWS support, he also started the kOps project. He loves helping users adopt and grow their use of kubernetes, and believes that we have only scratched the surface of the kubernetes... Read More →

Ciprian Hacman

Software Engineer, Microsoft

Ciprian Hacman is a Software Engineer, working with cloud-native technologies. He is also an open source project maintainer for kOps (Kubernetes Operations), etcd-manager, cloud-provider-aws and frequent contributor to other projects in the Kubernetes ecosystem.

Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

Maintainer Track, Cluster Lifecycle

2:30pm MST

Celebrating Prometheus 3.0: A Deep Dive with the Maintainers - Kemal Akkoyun, fal.ai & Josh Abreu, Grafana Labs

Thursday November 14, 2024 2:30pm - 3:05pm MST

Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Prometheus is an open-source systems monitoring system and a CNCF Graduate project. It benefits from a rich ecosystem, including Alertmanager, efficient client libraries for many languages, the Prometheus Operator to install on Kubernetes, and numerous Exporters to provide the raw data. This year, Prometheus releases the 3.0 version, which includes new features, a refreshed UI/UX, and plenty of new things that build on what has worked well for years. Join two Prometheus maintainers, Josh and Kemal, to celebrate the 3.0 version and learn what it enables for new and existing users, how to upgrade, and how to get the most out of the latest version! Prepare tons of questions; we will have a lot of interactive time for questions; we want to hear community feedback!

Speakers

Kemal Akkoyun

Staff Software Engineer, Independent

Software Infrastructure Engineer. Programmer. Open Source Enthusiast. I help to build large-scale, distributed, real-time microservice systems and observability infrastructure.

Josue Abreu

Principal Software Engineer, Grafana Labs

Josue (Josh) Abreu has been involved in observability for the past 4 years. As a relative newcomer to this world, he was often puzzled at how alerting would function on a small and big scale. Josue works as the Alerting Lead at Grafana Labs and is a Prometheus Maintainer. Over a 10-year... Read More →

Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Maintainer Track, Prometheus

2:30pm MST

Cortex Intro: Multi-Tenant Scalable Prometheus - Charlie Le, Apple & Daniel Blando, Amazon

Thursday November 14, 2024 2:30pm - 3:05pm MST

Hyatt Regency | Level 4 | Regency Ballroom BCD

Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus. In this talk, we will do an introduction of Cortex architecture and project status. We will also walk through those new features added to Cortex and how to utilize them efficiently in production.

Speakers

Charlie Le

Senior Software Engineer, Apple

Charlie is a software engineer at Apple, specializing in building and scaling cloud native observability solutions and infrastructure. Deeply inspired by the collaborative spirit of open source, he actively contributes to projects like Cortex and OpenTelemetry, shaping the future... Read More →

Daniel Blando

AWS, Senior SDE, Cortex, Amazon

Daniel Blando is a Senior Software Engineer at AWS in the Amazon Managed Prometheus (AMP) team. He currently works with Cortex, Thanos, Prometheus among others open source projects. He is working to make Cortex more scalable and highly available recently focusing on the write path... Read More →

Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

Maintainer Track, Cortex

2:30pm MST

Kubernetes SIG Storage: Intro & Deep Dive - Saad Ali & Michelle Au, Google; Xing Yang, VMware by Broadcom; Hemant Kumar, Red Hat

Thursday November 14, 2024 2:30pm - 3:05pm MST

Salt Palace | Level 3| 355 BC

Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled, storage capacity management (container ephemeral storage usage, volume resizing, etc.), influencing scheduling of containers based on storage (data gravity, availability, etc.), and generic operations on storage (snapshotting, etc.). SIG Storage also has a project that provides APIs for object storage support in Kubernetes. In this session, we will deep dive into some projects that SIG Storage is currently working on, provide an update on the current status, and discuss what might be coming in the future.

Speakers

Hemant Kumar

Principal Software Engineer, Red Hat

Hemant is a Principal Software Engineer at Red Hat working on storage subsystem of Kubernetes. He is a member of SIG-Storage and author of persistent volume expansion, volume limits, mount options and various instrumentation bits in storage subsystems of Kubernetes. He is also a maintainer... Read More →

Saad Ali

Senior Engineering Manager, Google

Saad Ali is a Senior Engineering Manager at Google. He works on Google Distributed Cloud and the open-source Kubernetes project. He led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, has served as member of the CNCF... Read More →

Michelle Au

Software Engineer, Google

Michelle Au is a software engineer at Google and is a Kubernetes SIG Storage tech lead. She has been a Kubernetes maintainer since 2018, working on projects including the Container Storage Interface, volume security, volume topology, and local persistent storage.

Xing Yang

Tech Lead, VMware by Broadcom

Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware by Broadcom. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect... Read More →

Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC

Maintainer Track, Storage

3:25pm MST

Cloud Native Storage: The CNCF Storage TAG Projects, Technology & Landscape - Alex Chircop, Akamai & Raffaele Spazzoli, Red Hat

Thursday November 14, 2024 3:25pm - 4:00pm MST

Salt Palace | Level 3 | 355 EF

This talk will introduce the CNCF Storage TAG and discuss how the TAG operates, how we work with CNCF Storage projects, and the work we have done to build guidance and write whitepapers for the ecosystem. During this session we will cover an overview of storage projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Storage Whitepaper, Performance and Benchmarking whitepaper, Cloud Native Disaster Recovery whitepaper, and the Data on Kubernetes whitepapers on database patterns and AI/ML workloads. Join us to find out how to contribute and participate in the CNCF storage community and discover practical guidance on how to use cloud native storage in your environments.

Speakers

Alex Chircop

Chief Product Architect at Akamai, Akamai

Chief Product Architect at Akamai. Previously a founder and CTO of Ondat (formerly StoraeOS), building software defined solutions for cloud native environments. Alex is also a co-chair of the CNCF Storage TAG (previously SIG). Before embarking on the startup adventure he spent over... Read More →

Raffaele Spazzoli

Senior Principal Architect, red hat

Raffaele is a full-stack enterprise architect with 20+ years of experience. Currently Raffaele covers a consulting position of cross-portfolio application architect with a focus on OpenShift. Most of his career Raffaele worked with large financial institutions allowing him to acquire... Read More →

Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3 | 355 EF

Maintainer Track, Storage

3:25pm MST

Elevate Your Kubernetes Policy Game with Kyverno! - Vishal Choudhary, Nirmata; Lanting Chiang & Karen Tu, Robinhood Markets, Inc.

Thursday November 14, 2024 3:25pm - 4:00pm MST

Hyatt Regency | Level 4 | Regency Ballroom BCD

Struggling to find the balance between robust security and empowering developers? Join Robinhood's platform engineers Karen and Lanting as they share their migration journey from custom solutions and PSPs, to policy as code with Kyverno. Go beyond the basics of resource validation and enforcement, and learn the power of Kyverno for policy as code lifecycle management, including testing, deployment, performance optimizations, exception management, and reporting. Plus, Vishal, a Kyverno maintainer, will present a game-changing new feature in Kyverno 1.12: etcd offloading for policy reports, which is critical for large production workloads. This session is a must-attend for platform engineers and Kubernetes administrators looking to leverage policy as code for self-service automation, security, and compliance.

Speakers

Karen Tu

Robin Hood

Lanting Chiang

Software Engineer, Robinhood Markets, Inc.

Software Engineer on the Software Platform - Container Orchestration team at Robinhood Markets, Inc.

Vishal Choudhary

Software Engineer, Nirmata

Vishal is a student and a software engineer, working on cloud-native projects focusing on governance and securing software supply chains for everyone! He is a maintainer of Kyverno and an active contributor at several other projects in the space. He is always looking to discuss tools... Read More →

Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

Maintainer Track, Kyverno

3:25pm MST

Intro & Deep Dive - Kubernetes Infrastructure - Arnaud Meukam, Independent & Mahamed Ali, Cisco

Thursday November 14, 2024 3:25pm - 4:00pm MST

Hyatt Regency | Level 4 | Regency Ballroom A

This session will examine the intricacies of Kubernetes infrastructure, ongoing maintenance efforts, and strategic security enhancements. We will showcase notable achievements, address challenges, and emphasize the significance of our collaborative efforts with fellow SIGs. The session concludes with an interactive Q&A, welcoming invaluable feedback and insightful discussions from all participants to shape our future trajectory. Join us in this unique opportunity to contribute to the advancement of SIG k8s Infra together.

Speakers

Arnaud Meukam

Open Source Engineer, Independent

Arnaud is a Open Source Engineer and he is a core Kubernetes contributor. He is been involved in the project for over 5 years now, is the SIG Chair for the Kubernetes Infrastructure Group and Release manager.

Mahamed Ali

Senior DevOps Engineer, Cisco

Mahamed is a Senior DevOps Engineer at ThousandEyes by Cisco and improves developer experience for fellow engineers. He is also an OSS Maintainer and works on Kubernetes as the SIG K8s-Infra Tech Lead and on Knative as the Productivity Working Group Lead.

Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

Maintainer Track, K8s Infra

3:25pm MST

Kubernetes SIG Architecture Intro and Updates - John Belamaric, Google & David Eads, Red Hat

Thursday November 14, 2024 3:25pm - 4:00pm MST

Salt Palace | Level 3| 355 BC

SIG Architecture maintains and evolves the design principles of Kubernetes, and provides a consistent body of expertise necessary to ensure architectural consistency over time. The SIG takes care of evolution of conformance definitions, API definitions/conventions, deprecation policy, design principles, and other cross-cutting concerns. In this talk, we will provide an introduction to SIG architecture, including its role and the various subprojects that support its activities. Additionally, we will provide a community update on the status of those efforts.

Speakers

John Belamaric

Senior Staff Software Engineer, Google

John is a Sr Staff SWE, co-chair of K8s SIG Architecture and of K8s WG Device Management, helping lead efforts to improve how GPUs, TPUs, NICs and other devices are selected, shared, and configured in Kubernetes. He is also co-founder of Nephio, an LF project for K8s-based automation... Read More →

David Eads

Senior Principal Software Engineer, Red Hat

David Eads is a senior principal software engineer at Red Hat and co-lead for Kubernetes sig-apimachinery and TL for sig-auth.

Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3| 355 BC

Maintainer Track, Architecture

3:25pm MST

Peak Innovation and Cloud Tweaks: Falco’s Ongoing Runtime Security Development - Jason Dellaluce, Leonardo Grasso & Luca Guerra, Sysdig; Carlos Tadeu Panato Junior, Chainguard; Melissa Kilby, Apple

Thursday November 14, 2024 3:25pm - 4:00pm MST

Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

In the fast-paced world of cloud-native runtime security, Falco embraces innovation and adaptability. As a trusted CNCF-graduated project, Falco keeps evolving to meet today’s security challenges with new approaches. This session covers Falco’s latest developments, including better rule handling for flexible ruleset customization and output definition, integration with Prometheus metrics, and an improved installation experience. We will also look at new language extensions and operators, improvements in performance and testing, and powerful new plugins for advanced data modeling. Join us in celebrating Falco’s ongoing efforts to refining runtime security and its dedication to the future of cloud-native environments.

Speakers

Carlos Panato

Staff Software Engineer, Chainguard

Carlos Panato (@cpanato) is a Staff Software Engineer at Chainguard, Inc., specializing in development and infrastructure with Kubernetes and containers. He has a diverse background in development, testing, processes, and management. Carlos actively contributes to several Linux Foundation... Read More →

Leonardo Grasso

Open Source Tech Lead Manager / Falco Core Maintainer, Sysdig

Leonardo leads a talented group of open source engineers advancing security projects at Sysdig. Based in Italy, Leonardo combines his deep passion for Linux, Kubernetes, Containers, and Security with a strong background in software design and R&D. As a core maintainer of Falco, a... Read More →

Melissa Kilby

Security Engineer, Apple

Before joining Apple, Security Engineer Melissa Kilby contributed to US Government research projects and taught Applied Data Science at BlackHat. She has a Ph.D., specializing in machine learning and biomechanics. She has also contributed to NASA’s space suit engineering program... Read More →

Jason Dellaluce

Tech Lead, Manager, Sysdig

Jason Dellaluce is an Senior Engineer and Manager at Sysdig and a core maintainer of Falco, the CNCF tool for Cloud Native Runtime Security. On a daily basis, he contributes to the Falco Community and is exposed to Linux, Kubernetes, Containers, Security, eBPF, and the Open Source... Read More →

Luca Guerra

Sr. Open Source Engineer, Sysdig Inc.

Luca is an experienced software engineer, specializing in software design and security research. His professional experience includes designing security solutions, building and breaking secure systems, and vulnerability management. Luca is a core maintainer for the Falco project and... Read More →

Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Maintainer Track, Falco

4:30pm MST

Fluent Bit: Better Pipelines for Observability - Eduardo Silva, Chronosphere

Thursday November 14, 2024 4:30pm - 5:05pm MST

Salt Palace | Level 3 | 355 EF

Creating better data pipelines is constantly challenging when "better" is defined by performance, low resource usage, and total ecosystem integration. In this session, we will dive deep into Fluent Bit, a CNCF graduate project under the Fluentd umbrella that helps you build scalable data pipelines to manage all your needs for the collection and processing of telemetry data by integrating multiple data sources and formats and reliably sending it to your desired endpoints or vendors for analysis. Attendees of this session will learn about best practices for telemetry data handling and important concepts such as buffering, backpressure, monitoring, and retry logic, among many others. Fluent Bit, which was primarily known for managing logs, now also handles metrics and traces. It fully integrates with applications based on Prometheus or OpenTelemetry formats.

Speakers

Eduardo Silva

OSS Engineering Manager, Chronosphere

Eduardo is an entrepreneur and Software Engineer. He is one of Fluentd project maintainers and creator of Fluent Bit, a lightweight Logs, Metrics, and Traces processor.

Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3 | 355 EF

Maintainer Track, Fluentd

4:30pm MST

Gateway API: What's New, What's Next? - Christine Kim & Nick Young, Isovalent at Cisco; Mattia Lavacca, Kong; Guilherme Cassolato, Red Hat

Thursday November 14, 2024 4:30pm - 5:05pm MST

Hyatt Regency | Level 4 | Regency Ballroom A

Gateway API represents the next generation of ingress and service mesh APIs for Kubernetes. Since its promotion to GA (General Availability) last year, numerous features have been added, with many more in development. In this talk, we will introduce the latest enhancements, review all recent changes to the API, and discuss what lies ahead. Many features are planned to graduate to GA in the upcoming releases, while others will be introduced as experimental. This talk is the ideal opportunity to familiarize yourself with these changes, connect with the Gateway API community, and get answers to all your questions!

Speakers

Guilherme Cassolato

Principal Software Engineer, Red Hat

Guilherme is a Principal Software Engineer at Red Hat, core member of the Cloud Native Computing Foundation (CNCF) project Kuadrant, developer and maintainer of Authorino, active contributor in the Kubernetes community with the Gateway API project by SIG-Network.

Nick Young

Senior Software Engineer, Isovalent at Cisco

Nick has been working to prevent the entropic downfall of systems for 25 years, across datacenters, clouds, networking, and others. He's a Staff Engineer at Isovalent, and a maintainer on the Kubernetes Gateway API project, where he works on improving the ingress and mesh experiences... Read More →

Christine Kim

Developer Relations, Isovalent at Cisco

Christine Kim focuses on developer experience at Isovalent, where she dabbles in the world of Kubernetes and Service Meshes.

Mattia Lavacca

Software Enginner, Kong

Mattia is a Software Engineer at Kong, working on Kubernetes networking. He is a key contributor to SIG-Network projects, such as Gateway API, Ingress2Gateway, and Blixt, and the co-lead of Kong's Gateway API implementation. He is working on many Kong projects related to networking... Read More →

Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

Maintainer Track, Network

4:30pm MST

Navigate Cross SIG Collaborations with SIG Docs - Rey Lejano & Savitha Raghunathan, Red Hat; Divya Mohan, SUSE; Xander Grzywinski, Microsoft

Thursday November 14, 2024 4:30pm - 5:05pm MST

Salt Palace | Level 3| 355 BC

As one of the largest open source projects, Kubernetes is divided into twenty-four Special Interest Groups (SIGs). All SIGs share a common goal of advancing the project, and collaboration across SIGs is required to do so. In this session, learn how SIG Docs collaborates with other SIGs on Kubernetes releases, improving Kubernetes security and driving Kubernetes adoption with documentation.

Speakers

Savitha Raghunathan

Senior Software Engineer, Red Hat

Savitha Raghunathan is a Senior Software Engineer at Red Hat, working on Container Migration and Application Modernization. She leads K8s sig-security-docs sub-project aiming to create security awareness through docs. As a maintainer of the Konveyor project, she leads the community... Read More →

Xander Grzywinski

Open Source Program Manager, Defense Unicorns

Xander is an open source program manager at Defense Unicorns. Previously he worked in various roles on platform and open source teams at Microsoft, Twitter, Apple, and HashiCorp. When not at a computer, you'd most likely find him at a pottery wheel.

Rey Lejano

Solutions Architect @ Red Hat, CNCF Ambassador, K8s SIG Docs co-chair, SIG Security subproject lead, K8s v1.23 release lead, DevOps Institute Ambassador, Red Hat

Rey Lejano is a Solutions Architect at Red Hat and is the co-chair of Kubernetes SIG Docs. He contributes to Kubernetes SIG Security, Release, & Contributor Experience. He is a member of seven Kubernetes Release Teams including serving as the 1.23 Release Lead and 1.25 Emeritus Adviser... Read More →

Divya Mohan

Principal Technology Advocate, SUSE

Divya is a Senior Technical Evangelist at SUSE, where she contributes to Rancher’s cloud native open source projects. She co-chairs the documentation for the Kubernetes & LitmusChaos projects & has previously worked extensively in the systems engineering space during her tenure... Read More →

Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3| 355 BC

Maintainer Track, Docs

4:30pm MST

Open Policy Agent (OPA) Intro, Deep Dive & V1.0 Update - Charlie Egan, Styra

Thursday November 14, 2024 4:30pm - 5:05pm MST

Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Join us in this dedicated session on Open Policy Agent (OPA), the general-purpose policy engine for policy decision-making and management across the cloud native stack - from application authorization to Kubernetes admission, OPA has you covered. OPA maintainers will provide a comprehensive introduction for newcomers, followed by a deep dive into OPA v1.0 and recent updates. Whether you're a veteran OPA user, or just intrigued by policy as code in cloud-native environments, you will find this session valuable. Don't miss the opportunity to connect with other OPA users and to get your questions answered after the presentation too.

Speakers

Charlie Egan

Senior Developer Advocate, Styra

Charlie has been working with in the Cloud Native space since 2018. He currently works as a Developer Advocate at Styra and on the OPA project. Charlie is interested in authentication and authorization across the stack. You can find him in the OPA Community Slack.

Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Maintainer Track, Open Policy Agent (OPA)

4:30pm MST

Secure Release Processes with in-Toto Policy Verification - John Kjell, TestifySec & Aditya Sirish A Yelgundhalli, New York University

Thursday November 14, 2024 4:30pm - 5:05pm MST

Hyatt Regency | Level 4 | Regency Ballroom BCD

Ensuring software releases adhere to expected processes is crucial for both open-source projects and enterprise software. The in-toto project offers a solution by creating attestations for each step, providing verifiable evidence of compliance. Over the past five months, community contributors have worked to enhance the definition and capabilities of in-toto layouts to enforce policies for these attestations. This presentation will showcase the results of this effort, demonstrating how to create flexible policies for any software development lifecycle (SDLC) process, from source code commit to production release. We will explore how to formulate policies that verify attestations for code reviews, SBOM integrity, testing, vulnerability scans, build provenance (such as SLSA), and more. Join us to learn how to ensure your software development process is compliant and secure.

Speakers

Aditya Sirish A Yelgundhalli

Ph.D. Candidate, New York University

Aditya is a Ph.D. candidate at New York University where he researches software supply chain security. He is a maintainer of in-toto, which is incubated at the CNCF. He is also a contributor to TUF, another CNCF project, and a maintainer of gittuf, a sandbox project at the OpenSSF... Read More →

John Kjell

Director of Open Source, TestifySec

John is responsible for open source at TestifySec, a software supply chain security startup. He is a maintainer for the Witness and Archivista sub-projects under in-toto. Additionally, John is an active contributor to CNCF's TAG Security and multiple projects within the OpenSSF. Before... Read More →

Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

Maintainer Track, in-toto

5:25pm MST

Longhorn: Intro, Deep Dive and Q+A - David Ko, SUSE

Thursday November 14, 2024 5:25pm - 6:00pm MST

Hyatt Regency | Level 4 | Regency Ballroom BCD

Longhorn is a cloud-native, distributed block storage solution for Kubernetes, supporting persistent volume capacities and compatible with CSI protocols. It is designed for agnostic deployment across on-premises, edge, and cloud environments, serving as an independent storage solution within your cluster or as part of your broader infrastructure platform. Longhorn covers key data areas including data integrity, data locality, volume migration, replica rebalancing, automated volume operations, snapshot/revert, backup/restore, disaster recovery, data protection, data encryption, backing images for VM workloads, and so on. Besides, the new v2 data engine is under active development to enhance Longhorn's data plane performance. In this session, we will discuss the latest v2 status, like online replica rebuilding, new volume upgrade mechanism, volume trimming, and other significant features. We will also provide insights into the roadmap and engage in an in-depth discussion.

Speakers

David Ko

Engineering Director, SUSE

David Ko, a senior engineering manager at SUSE, is currently leading the Longhorn project (CNCF incubating) and is primarily dedicated to open-source development. David is not just a project/product/team/people manager, but also a hands-on developer and architect with 10+ years of... Read More →

Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

Maintainer Track, Longhorn

5:25pm MST

Scaling and Safeguarding the Heart of Kubernetes: Deep Dive Into etcd - Wenjia Zhang & Marek Siarkowicz, Google; James Blair, Red Hat; Ivan Valdes Castillo, Aki Technologies; Wei Fu, Microsoft

Thursday November 14, 2024 5:25pm - 6:00pm MST

Salt Palace | Level 3 | 355 EF

SIG-etcd are hard at work on scaling&safeguarding etcd, we need your help and feedback! This deep dive session will explore current & future etcd development efforts to share with both etcd & Kubernetes users & contributors. In particular we’ll focus on: -Feature gates:Reviewing recent KEPs for server & cluster level etcd feature gates. Discuss how feature gates empower us to introduce new capabilities while minimizing risk or breaking changes. -etcd Operator Working Group:Discuss the progress & next steps for the working group to release an officially supported etcd Operator. -Tackling compaction correctness:A post mortem exploration of the recent etcd watch correctness issue & resolution. -Community Update: A status update on the growth of the etcd community and project news. Highlight opportunities for you to get involved! Join etcd maintainers and contributors to learn about these recent developments & future plans, including how you can contribute to them. Bring questions, too.

Speakers

Wenjia Zhang

Engineering Manager, Google

Wenjia Zhang is an Engineer Manager at Google, working on Google Kubernetes Engine and Google Distributed Cloud. She is an active contributor for Kubernetes and etcd open source projects.

Wei Fu

Software Engineer, Microsoft

containerd maintainer: Building things for others who build things

Marek Siarkowicz

Senior Software Engineer, Google

Marek is a Software Engineer working at Google in Etcd team. He began his career in local startups where he loved open source and extreme programming. Currently he is a etcd maintainer and active member of SIG-instrumentation leading structured logging effort in Kubernetes. In his... Read More →

James Blair

Specialist Architect, Red Hat

James Blair is a Specialist Architect at Red Hat who works with organisations to design and implement solutions leveraging cloud native technologies. He is a vivid open source advocate and hands-on engineer who is an active Kubernetes and Etcd contributor and is passionate about growing... Read More →

Ivan Valdes Castillo

Independent

Ivan is a Site Reliability Engineer specializing in CI/CD pipelines, Infrastructure as Code, and automation. His dedication to spreading and mentoring the DevOps culture is evident in his efforts to foster collaboration and streamline development. In his free time, he is an active... Read More →

Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3 | 355 EF

Maintainer Track, etcd

5:25pm MST

Securing the Future of Ingress-Nginx - James Strong, Isovalent & Marco Ebert, Giant Swarm

Thursday November 14, 2024 5:25pm - 6:00pm MST

Hyatt Regency | Level 4 | Regency Ballroom A

Ingress NGINX is a very flexible Ingress controller that provides users with a lot of NGINX functionality through annotations. However, this flexibility also raises security concerns for maintainers and cluster administrators. There have been eight significant CVEs and RCEs in Ingress NGINX. To address these issues, we have created a security hardening guide, which will be presented as a preview in this talk. Additionally, we will enable restrictive features by default to offer a more secure out-of-the-box experience with Ingress NGINX such as annotation validations. To maintain and secure the project and its Gateway API implementation, we will not be adding any new features to the core functionality of ingress, and a significant amount of functionality, such as UDP/TCP Routing, will be moved to Gateway API. We will also unveil the new name of the project during this presentation.

Speakers

James Strong

Sr Customer Success Architect, Isovalent at Cisco

James has been working in the cloud for 7 years. He helped build a private cloud at GE Appliances and developed and supported REST API's in AWS on docker. Recently he has passed the CNCF's CKA exam and helps companies migrate their applications to Kubernetes.

Marco Ebert

Site Reliability Engineer, Giant Swarm

I'm Marco - working in Open Source for more than a decade, with Kubernetes since 2016 and as a maintainer of Ingress NGINX since 2023!As an SRE, I'm always interested in infrastructure & networking and love learning new stuff while troubleshooting complex platforms.After work, you... Read More →

Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

Maintainer Track, Network

5:25pm MST

The Path to Helm 4 - Matt Farina, SUSE & Andrew Block, Red Hat

Thursday November 14, 2024 5:25pm - 6:00pm MST

Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Helm, the package manager for Kubernetes, has had a long and storied history alongside Kubernetes, dating back to 2015. As Kubernetes has grown, matured, and evolved, so has Helm. Since Helm is used by communities and organizations throughout the world, it is important that the project remains stable and efficient. For this to occur, Helm utilizes semantic versioning which ensures the CLI and API remain stable. However, as Kubernetes has evolved, it has been difficult to add new capabilities while also complying with these standards. There becomes a point for which breaking changes must be made. For this reason, Helm is embarking on Helm 4 which will help shape the future of the project. In this session, attendees will learn: How Helm remains stable including the safeguards used Why Helm is embarking on a new major version The key the features associated with Helm 4 Helm 3 support, during and afterward How to get involved The future of Helm is NOW and you can participate!

Speakers

Andrew Block

Distinguished Architect, Red Hat

Andrew Block is a Distinguished Architect at Red Hat that works with organizations to design and implement solutions leveraging cloud native technologies. He specializes in Continuous Integration and Continuous Delivery methodologies with a focus on security to reducing the overall... Read More →

Matt Farina

Distinguished Engineer, SUSE

Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

Maintainer Track, Helm

5:25pm MST

What's New in SIG-Windows - Mark Rossetti, Microsoft & Aravindh Puthiyaparambil, Softdrive

Thursday November 14, 2024 5:25pm - 6:00pm MST

Salt Palace | Level 3| 355 BC

At this maintainer track talk we will cover what is new in the Windows Special Interest Group. This talk will mainly focus on kubelet related improvements including memory-pressure eviction support, cpu / topology manager support, and more!

Speakers

Mark Rossetti

Software Engineer, Microsoft

Mark Rossetti is a software engineering focusing on open-source projects at Microsoft and is also the co-chair of Kubernetes' SIG-Windows. Mark focuses on improving the experience of using Windows containers in Kubernetes. Mark has also served on the Kubernetes release team since... Read More →

Aravindh Puthiyaparambil

Director of Engineering, Softdrive

Director of Engineering at Softdrive

Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3| 355 BC

Maintainer Track, Windows