Loading…
Attending this event?
In-person
November 12-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Mountain Standard Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Simple
Expanded
Grid
By Venue
Monday, November 11
 

8:00am MST

Badge Pick-Up
Monday November 11, 2024 8:00am - 5:00pm MST
West Temple Entrance (East)
Monday November 11, 2024 8:00am - 5:00pm MST
West Temple Entrance (East)
  Registration

8:00am MST

Badge Pick-Up
Monday November 11, 2024 8:00am - 5:00pm MST
200 South Entrance (South)
Monday November 11, 2024 8:00am - 5:00pm MST
200 South Entrance (South)
  Registration

9:00am MST

WasmCon | ALL ACCESS PASS REQUIRED
Monday November 11, 2024 9:00am - Tuesday November 12, 2024 5:30pm MST
WasmCon schedule is LIVE!

WasmCon is the premier conference for technical developers and users interested in exploring the potential of WebAssembly. This two-day event will bring together leading experts, developers, and users from across the Wasm community.  To learn more please visit the event's website.

For questions regarding this event, please contact events@linuxfoundation.org.
Monday November 11, 2024 9:00am - Tuesday November 12, 2024 5:30pm MST
  CNCF-hosted Co-located Events
 
Tuesday, November 12
 

7:30am MST

Badge Pick-Up
Tuesday November 12, 2024 7:30am - 5:00pm MST
West Temple Entrance (East)
Tuesday November 12, 2024 7:30am - 5:00pm MST
West Temple Entrance (East)
  Registration

7:30am MST

Badge Pick-Up
Tuesday November 12, 2024 7:30am - 5:00pm MST
200 South Entrance (South)
Tuesday November 12, 2024 7:30am - 5:00pm MST
200 South Entrance (South)
  Registration

8:00am MST

OpenShift Commons Gathering Hosted by Red Hat
Tuesday November 12, 2024 8:00am - 6:00pm MST
Le Meridien Salt Lake City Downtown
Red Hat’s OpenShift Commons Gathering brings together users, partners, customers, and contributors to collaborate and work together on OpenShift and the cloud-native ecosystem. It is a community of OpenShift users, experts and open source enthusiasts, eager to share their experiences and ideas for the betterment of the technologies involved. Join us in Salt Lake City on November 12 for a day packed with interesting sessions, workshops, discussions, enabling lots of  learning, networking, and collaboration.  

Please note this is an off-site Sponsor-hosted Co-located Event.
For more information, and to register please visit: https://commons.openshift.org/gatherings/kubecon-24-nov-12/
For questions, please contact: amuhlach@redhat.com
Tuesday November 12, 2024 8:00am - 6:00pm MST
Le Meridien Salt Lake City Downtown 131 South 300 West, Salt Lake City, UT
  Sponsor-hosted Co-located Event

9:00am MST

Cloud Native University Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom B
Cloud Native University schedule is now LIVE!

Cloud Native knowledge is one of the most demanded skills for today’s professionals. That is why Cloud Native education is an important topic for both Academic higher education and professional training facilities. The Cloud Native University is where academics will be able to share their approach for teaching Cloud Native, where training professionals will have a chance to explain their techniques and approaches and anybody have an opportunity to discover tomorrow’s learning opportunities and up-skilling best practices. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom B
  CNCF-hosted Co-located Events

9:00am MST

Data on Kubernetes Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
Salt Palace | Level 2 | 250 A-C
Data on Kubernetes Day schedule is now LIVE!

Data on Kubernetes is positioned to become the operational default in a world where data and AI/ML applications are expected to grow. Scalability, flexibility, resilience, openness, and costs are among the reasons — and DoK has a transformative impact on organizations who benefit from increased productivity, revenue growth, market share and margin, according to the 2022 Data on Kubernetes Report. Data on Kubernetes Day is where the industry convenes to share best practices and use cases, forge critical relationships, and learn about advancements in using Kubernetes for data and groundbreaking exploration into the cutting edge of Database as a Service. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Salt Palace | Level 2 | 250 A-C
  CNCF-hosted Co-located Events

9:00am MST

EnvoyCon Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A
EnvoyCon schedule is now LIVE!

The Envoy maintainers are excited to announce the 8th annual EnvoyCon. This is a practitioner-driven, community conference emphasizing end-user case studies, and technical talks from contributors to Envoy. We do not have product pitches, but will hear about solutions which build on top of Envoy. So join us for an exciting day of technical content, knowledge sharing, and engagement with project maintainers. Envoy is a cloud-native proxy boasting high-performance, extensibility including a WASM run-time, API-driven configuration, and more. It has been a CNCF graduated project since 2017. Thanks to the open source community, Envoy has been widely adopted across industries in a variety of different deployment scenarios including edge proxy, service mesh sidecar, and middle-proxy load balancer, to name a few. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A
  CNCF-hosted Co-located Events

9:00am MST

OpenFeature Summit Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
Salt Palace | Level 2 | 250 D-F
OpenFeature Summit schedule is now LIVE!

Feature flagging is completely changing the game in modern software development! Organizations that have started using feature flags are seeing boosts in how fast they can deploy and how efficiently they can operate, no matter the industry. We’re excited to kick off the very first OpenFeature Summit, the ultimate meetup for tech enthusiasts to swap insights, best practices, and awesome success stories. This event is a fantastic chance for you to make new friends in the tech world, dive into lively discussions, and check out the latest in using feature flags to spark innovation and ramp up business agility. Come join us! To learn more, please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Salt Palace | Level 2 | 250 D-F
  CNCF-hosted Co-located Events

9:00am MST

Mastering Data Management for Kubernetes Hosted by Portworx by Pure Storage
Tuesday November 12, 2024 9:00am - 4:00pm MST
Squatters Pub Brewery
Welcome to our workshop on mastering data management for Kubernetes with Portworx. If you think you're ready to handle the smoke, we're here to show you how Portworx brings the heat to your data management strategy, ensuring your Kubernetes deployment is as flawless as championship BBQ.

Just like a perfectly grilled BBQ requires the right tools and techniques, managing data in Kubernetes demands robust solutions and expertise. Portworx provides the essential ingredients for success, from high availability and data security to seamless scalability.

Join us as we explore the recipe for a great Kubernetes environment, with Portworx as the key to achieving the perfect balance of performance and reliability.

The workshop will cover Data Management for Kubernetes topics such as:
- Application and data availability across fault domains
- Data Protection through Snapshots and Backups
- Managed databases and data services in Kubernetes
- Automated capacity management
- I/O prioritization and limits for Kubernetes data services
- Migration and disaster recovery for Kubernetes applications


Please note that this is an off-site Sponsor-hosted Co-located event and must be added-on to your KubeCon + CloudNativeCon registration ($20 fee applies with proceeds being donated to the Dan Kohn Scholarship Fund)

For questions regarding this event, please contact: ttung@purestorage.com


Tuesday November 12, 2024 9:00am - 4:00pm MST
Squatters Pub Brewery 147 W. Broadway, Salt Lake City, UT 84101
  Sponsor-hosted Co-located Event

9:00am MST

AppDeveloperCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | 151
AppDeveloperCon schedule is now LIVE!

AppDeveloperCon is designed for developers at all levels who are involved in the architecture, design, and development (using any programming language) of cloud-native applications. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | 151
  CNCF-hosted Co-located Events

9:00am MST

ArgoCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 2 | 251 A-F and 254 A-C
ArgoCon schedule is now LIVE!

ArgoCon is designed to foster collaboration, discussion, and knowledge sharing on the Argo Project, which consists of four projects: Argo CD, Argo Workflows, Argo Rollouts and Argo Events.

The Argo Project is a suite of open source tools for deploying and running applications and workloads on Kubernetes. It extends the Kubernetes APIs and unlocks new and powerful capabilities in application deployment, container orchestration, event automation, progressive delivery, and more.

Connect with others that are passionate about Argo and interact with project maintainers. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Argo in your cloud-native environment. Get inspired by and provide input to Argo leads on project roadmaps.

The event is vendor-neutral and is being organized by the CNCF Argo Community. Topics in the past have included getting started with Argo, scaling and managing Argo, lessons learned from production deployments, technical sessions, and thought leadership. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org

Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 2 | 251 A-F and 254 A-C
  CNCF-hosted Co-located Events

9:00am MST

BackstageCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
BackstageCon schedule is now LIVE!

BackstageCon is a one-day conference focused on all things Backstage: an open framework for building developer portals. At BackstageCon, we’ll provide a vendor-neutral space for collaboration and learning centered on improving developer experience and effectiveness through open source technologies. The event is vendor-neutral and organized by members of the Backstage community. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  CNCF-hosted Co-located Events

9:00am MST

Cilium + eBPF Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Cilium + eBPF Day schedule is now LIVE!

Cilium is an open source, widely-used, and highly scalable cloud native networking, observability, and security solution based on the kernel technology eBPF, that connects workloads in Kubernetes and beyond, with powerful built-in observability and security capabilities. Cilium + eBPF Day focuses on how Cilium and eBPF are being developed, deployed, and used across the cloud native landscape to revolutionize cloud native platforms.
At Cilium + eBPF Day you’ll hear from end users sharing how Cilium and other eBPF projects unlocked levels of scalability, performance, and security that weren’t possible before and from contributors who will teach you about how cloud native projects are leveraging eBPF to gain these benefits. From eBPF internals in cloud native projects to how Cilium and eBPF are helping businesses achieve their goals, you’ll hear it all at Cilium + eBPF Day. Dive deep into the world of high-performance networking, transparent security, and scalable observability at Cilium + eBPF Day! To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  CNCF-hosted Co-located Events

9:00am MST

Cloud Native + Kubernetes AI Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Cloud Native & Kubernetes AI Day schedule is LIVE!

Join us for an event dedicated to advancing batch and serving workloads for High Performance Computing (HPC) and seamlessly integrating AI/ML into Kubernetes. Whether you are new to the MLOps world or a seasoned practitioner, come hear from maintainers and end users about how Kubeflow and other ML platform tools are making cloud native the best option to manage your machine learning workloads. This gathering is tailored for a diverse range of technical enthusiasts, including open source contributors, practitioners, researchers, and end-users, all united by a common goal: enhancing Kubernetes as the ultimate infrastructure management tool for research, training, and production. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  CNCF-hosted Co-located Events

9:00am MST

Observability Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 2 | 255 BC
Observability Day schedule is now LIVE!

Observability Day fosters collaboration, discussion, and knowledge sharing of cloud-native observability projects (including but not necessarily limited to Prometheus, Fluentd, Fluent Bit, OpenTelemetry, and OpenMetrics), as well as vendor-neutral best practices for addressing observability challenges. To learn more, please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 2 | 255 BC
  CNCF-hosted Co-located Events

9:00am MST

Platform Engineering Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Platform Engineering Day schedule is now LIVE!

Internal Developer Platforms (IDPs) provide curated capabilities, frameworks and experiences to facilitate and accelerate the productivity of internal customers such as application developers. The process and techniques described in the CNCF Platforms White Paper and Platform Engineering Maturity Model highlight how organizations aspiring to build effective Developer Experience via an IDP require socio-technical investment. While many focus on the technical tools, this day will focus on how to grow an effective ecosystem around technical solutions. Platform Engineering Day brings together Platform Engineers, Product Managers, Solutions Architects and key stakeholders across the Cloud Native Community to share lessons learned in building and managing internal platforms, measuring platform maturity and improving golden paths and developer experience. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  CNCF-hosted Co-located Events

9:00am MST

SigstoreCon Supply Chain Day Hosted by Sigstore
Tuesday November 12, 2024 9:00am - 5:30pm MST
Hilton Salt Lake City Center
A day dedicated to Sigstore and software supply chain security. Attendees will learn about Sigstore, simplifying signing and verification for digital artifacts, as well as related software supply chain efforts such as SLSA, TheUpdateFramework, binary transparency and more!


Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://events.linuxfoundation.org/sigstorecon-supply-chain-day/
For questions regarding this event, please contact: sigstoreevents@linuxfoundation.org


Tuesday November 12, 2024 9:00am - 5:30pm MST
Hilton Salt Lake City Center 255 S W Temple St, Salt Lake City, UT 84101
  Sponsor-hosted Co-located Event

9:01am MST

Welcome and Introduction: A Hitchhiker's Guide to the CNCF Landscape - Katherine Druckman and Lori Lorusso
Tuesday November 12, 2024 9:01am - 9:22am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
“Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. Why you ask? We currently have over 190 projects, and finding information about them can be a challenge. “Just go to the website” isn’t enough, sometimes you need a guide to show you the ropes. In these introductory sessions we will go over some of the diverse set of projects inside the CNCF so that you’re well equipped to find what you’re looking for at KubeCon.
Tuesday November 12, 2024 9:01am - 9:22am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

9:24am MST

TAG Contributor Strategy: Beyond the Checkbox: Humanizing Accessibility | Project Lightning Talk
Tuesday November 12, 2024 9:24am - 9:29am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Accessibility is often an afterthought, a checklist item rather than a fundamental right. That is especially true for people who have never met a person with a disability. While recognized as important, accessibility is still an abstract concept. This talk challenges that perception by sharing personal stories and practical insights, putting a human face to accessibility. This CNCF Deaf and Hard of Hearing WG talk aims to bridge the gap and foster empathy. Discover how to shift from mere compliance to empathy, building a truly inclusive environment where everyone feels valued and belonged. Attendees will leave inspired to become accessibility advocates in their own communities.
Tuesday November 12, 2024 9:24am - 9:29am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

9:31am MST

Buildpacks: Container Builds at Scale with Buildpacks | Project Lightning Talk
Tuesday November 12, 2024 9:31am - 9:36am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Cloud Native Buildpacks transform your application source code into images that can run on any cloud. They enable advanced caching mechanisms that improve performance at scale. They also allow for modularity and reuse, which ensure developers across your organization aren’t wasting cycles repeating what other teams have already done.

After this short talk, you’ll be able to run buildpacks with the Pack CLI and find off-the-shelf buildpacks in the Buildpack Registry, including those from Google, Heroku, and Paketo. Finally, you’ll learn how operators of large platforms use buildpacks to make their container builds as scalable as possible.
Tuesday November 12, 2024 9:31am - 9:36am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

9:38am MST

Flux: What's Flux and What's New? | Project Lightning Talk
Tuesday November 12, 2024 9:38am - 9:43am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Get a quick intro of GitOps and Progressive delivery using Flux, how to get started, and new capabilities with the last release of 2024.

We'll walk you through key features of Flux (a graduated project and GA) such as being multi-everything (multi-tenant, multi-cluster, etc.). And Flux works with your existing tools (like CI and Kubernetes tools).

We'll cover reliability and security reasons that Flux is the GitOps tool of choice for cloud vendors, global enterprises, and other companies.
Tuesday November 12, 2024 9:38am - 9:43am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

9:45am MST

Vitess: Arewefastyet: Benchmarking Vitess and Mentorship Stories | Project Lightning Talk
Tuesday November 12, 2024 9:45am - 9:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Join us for a lightning talk on ""arewefastyet"", the benchmarking tool used by Vitess. We will present the highlights of our benchmarking methods and share insights from the LFX Mentorship program. Our LFX mentee will present their work and share their experience with open-source contributions and the LFX Mentorship program.
Learn about the latest in Vitess performance and the role of mentorship in driving innovation.
Tuesday November 12, 2024 9:45am - 9:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

9:52am MST

Strimzi: Strimzi and the Future of Apache Kafka on Kubernetes | Project Lightning Talk
Tuesday November 12, 2024 9:52am - 9:57am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Strimzi is a CNCF incubating project focusing on running Apache Kafka on Kubernetes. It provides a set of operators and other tools to make data streaming on Kubernetes as simple as possible. This lightning talk will give a quick introduction to Strimzi and its capabilities. It will also provide an update on the current and planned work - go through the main changes and new features and cover the future plans.
Tuesday November 12, 2024 9:52am - 9:57am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

9:59am MST

Jaeger: Distributed Tracing with Jaeger and OpenTelemetry | Project Lightning Talk
Tuesday November 12, 2024 9:59am - 10:04am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
In this session, we will provide project updates. Mostly focused on the future of Jaeger as we move towards our next major version V2, and further integration with the OpenTelemetry project. We will also include project updates since the last Kubecon in North America.
Tuesday November 12, 2024 9:59am - 10:04am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:00am MST

Distributed SQL Summit Hosted by YugabyteDB
Tuesday November 12, 2024 10:00am - 3:00pm MST
Hilton Salt Lake City Center
Distributed SQL Summit is a conference dedicated to modern transactional databases. For the sixth year, DSS is bringing together developers, architects, and database practitioners across the world to connect, learn, and share best practices. We are planning a hybrid event this year, so you can join us in Salt Lake City, or virtually from anywhere. We invite you to dive in and soak up the latest on distributed databases and modern app development through demos, workshops, tech deep dives, and live discussions.

Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://events.ringcentral.com/events/distributed-sql-summit-2024
For questions regarding this event, please contact: events@yugabyte.com
Tuesday November 12, 2024 10:00am - 3:00pm MST
Hilton Salt Lake City Center 255 S W Temple St, Salt Lake City, UT 84101
  Sponsor-hosted Co-located Event

10:00am MST

SUSE Day 2024 Hosted by SUSE
Tuesday November 12, 2024 10:00am - 6:00pm MST
The Little America Hotel
Join us for the first-ever SUSE Day (formerly Rancher Day) Get inspired by SUSE leaders and industry experts as they discuss cutting-edge advancements in Rancher Prime, SUSE Edge and SUSE AI. From insightful keynotes and breakout sessions to hands-on demos and fun networking opportunities, we have an action-packed day dedicated to those passionate about all things cloud native.In the evening, transportation will be provided to an amazing evening reception at the Natural History Museum of Utah. You will enjoy a night of food, drinks, entertainment and spectacular views across the valley with other members of the cloud native community. We can’t wait to see you!

Please note that this is an off-site Sponsor-hosted Co-located event.
For questions regarding this event, please contact: alexander.hampshire@suse.com

Tuesday November 12, 2024 10:00am - 6:00pm MST
The Little America Hotel 500 Main St, Salt Lake City, UT 84101
  Sponsor-hosted Co-located Event

10:06am MST

Kepler: How's Things Going in Kepler? | Project Lightning Talk
Tuesday November 12, 2024 10:06am - 10:11am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Kepler is envisioned for utmost transparency in estimating container power usage and offering insights into container energy efficiency and carbon footprint. Since Kepler's acceptance into the CNCF Sandbox one year ago, the project has significantly expanded its community and visibility. In this session, we will showcase our latest community engagements and updates, focusing on advancements in metric collection and power modeling. These include the adoption of cilium-go and the introduction of a new validation framework, promising to further enhance robustness.
Tuesday November 12, 2024 10:06am - 10:11am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:13am MST

OpenTelemetry: OpenTelemetry in Five Minutes | Project Lightning Talk
Tuesday November 12, 2024 10:13am - 10:18am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Why is OpenTelemetry so complicated? is a question that we hear -- a lot! There's a lot of reasons for it, and in this lightning talk, we'll briefly touch on the fundamentals behind the OpenTelemetry design and architecture, and why those design decisions help enable the projects goal of making observability a built-in feature of cloud-native software.
Tuesday November 12, 2024 10:13am - 10:18am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:20am MST

Prometheus: Celebrating Prometheus 3.0: All You Need To Know! | Project Lightning Talk
Tuesday November 12, 2024 10:20am - 10:25am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Prometheus is an open-source systems monitoring system, and a CNCF Graduated project.

This year Prometheus releases the 3.0 version, which comes with the new features, refreshed UI, UX cleanup, while building on top of what worked well for years!

Join this lightning talk to celebrate the Prometheus 3.0 version and learn what it enables for new and existing users, how to upgrade and how to get the most out of the new version!
Tuesday November 12, 2024 10:20am - 10:25am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:27am MST

OpenTelemetry: The OpenTelemetry Hero’s Journey: Working with Open Source Observability | Project Lightning Talk
Tuesday November 12, 2024 10:27am - 10:32am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Having correlated metrics, traces, and logs from our services and infrastructure is a vital component of observability. We will discuss what’s possible with OpenTelemetry and where the gaps are with today’s open source tools.
Tuesday November 12, 2024 10:27am - 10:32am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:34am MST

Inspektor Gadget: eBPF for Observability, Made Easy and Approachable | Project Lightning Talk
Tuesday November 12, 2024 10:34am - 10:39am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
eBPF is a powerful tool for observability. But better tooling can make it even more powerful and, importantly, more approachable.
In this short talk, we’ll use the mechanisms Inspektor Gadget has for distributing and deploying eBPF programs to quickly build a data collection pipeline with eBPF that can be integrated with popular observability tools or one's own applications.
By the end of the talk, the audience should feel empowered to work with eBPF using the high-level tooling and integrate it into their systems and tooling.
Tuesday November 12, 2024 10:34am - 10:39am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:41am MST

OpenTelemetry: Understanding How OpenTelemetry Network Uses eBPF for Network Observability | Project Lightning Talk
Tuesday November 12, 2024 10:41am - 10:46am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
The recent advancements in eBPF tooling, including the enhanced eBPF runtime embedded in the Linux kernel, the BPF Compiler Collection (BCC) for efficient kernel tracing, and the LLVM Compiler for converting C code to eBPF programs, have made it easier to provide always-on network visibility. OpenTelemetry Network leverages these foundational tools to provide out-of-the-box network observability for modern infrastructures.


In this talk, we'll explore the architecture of the OTel Network, focusing on its key components: the kernel collector, kubernetes collector, cloud collector, and reducer which together enable collecting, ingesting, aggregating, enriching, and exporting telemetry data collected from various sources. We'll show an end-to-end setup to demonstrate the use of these agents and reducer component to send data to the OTel collector. This session aims to equip end-users and contributors with the necessary information to get started with the OpenTelemetry Network project.
Tuesday November 12, 2024 10:41am - 10:46am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:48am MST

Fluentd: Fluent Bit - What's New? | Project Lightning Talk
Tuesday November 12, 2024 10:48am - 10:53am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
In this short session we will do a highlight on what's new in Fluent Bit v3: new processors, integrations with OpenTelemetry, performance improvements and much more!
Tuesday November 12, 2024 10:48am - 10:53am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

10:55am MST

Project Lightning Talk: Break
Tuesday November 12, 2024 10:55am - 11:10am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Tuesday November 12, 2024 10:55am - 11:10am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:10am MST

Crossplane: The Many Layers of Crossplane - A Lightning Tour | Project Lightning Talk
Tuesday November 12, 2024 11:10am - 11:15am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Crossplane (https://www.crossplane.io/) and its user experience has matured greatly over the years and there are now numerous layers you can interact with while designing and building your internal developer platform powered by Crossplane.

Should you directly declare the cloud resources you want Crossplane to create, should you create developer friendly simplified abstractions on top, should you stick with YAML or use a more full featured high level programming language?

We will explore each of these layers in further detail and provide practical examples in this lightning tour of the broad possibilities offered by Crossplane, all of which lead to a reliable and robust control plane to manage everything in the cloud that your organization could need!
Tuesday November 12, 2024 11:10am - 11:15am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:17am MST

k8gb: Global Load Balancing, the Kubernetes Way | Project Lightning Talk
Tuesday November 12, 2024 11:17am - 11:22am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Discover how the k8gb project brings global load balancing to Kubernetes clusters. This talk will introduce the k8gb project, highlighting its core features such as global load balancing, high availability, seamless failover, and its new extensibility feature that allows integration with various resources like Gateways and non-HTTP Services. Learn about its architecture, real-world use cases, future plans, and how you can get involved.
Tuesday November 12, 2024 11:17am - 11:22am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:24am MST

gRPC: The gRPC "Standard Library" | Project Lightning Talk
Tuesday November 12, 2024 11:24am - 11:29am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
gRPC has found widespread adoption in organizations around the world. You've probably written a protobuf yourself to define your own API. But did you know that the gRPC project actually defines several standard gRPC services that are generally applicable. In this talk, you will learn about gRPC's reflection, health, channelz, and status protos and how you can use them to get more out of your gRPC-based system.
Tuesday November 12, 2024 11:24am - 11:29am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:31am MST

KubeStellar: Multi-Cluster Configuration Management with KubeStellar | Project Lightning Talk
Tuesday November 12, 2024 11:31am - 11:36am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
KubeStellar is a flexible solution for challenges associated with multi-cluster configuration management for edge, multi-cloud, and hybrid cloud
Tuesday November 12, 2024 11:31am - 11:36am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:38am MST

wasmCloud: Declarative WebAssembly Orchestration for Cloud Native Applications | Project Lightning Talk
Tuesday November 12, 2024 11:38am - 11:43am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
wasmCloud released its 1.0 version in April of this year. Since then, the project has done everything but slow down. Maintainer Brooks Townsend demonstrates how wasmCloud enables users to build and orchestrate WebAssembly (Wasm) applications across distributed infrastructure. Learn how wasmCloud integrates the latest developments in WebAssembly standards to help users create and deploy applications “building block” style—connecting portable, interoperable Wasm components so they can focus on business logic. In this lightning project update, Brooks discusses wasmCloud’s component support, distributed networking, declarative orchestration, OpenTelemetry observability, the project roadmap, and more.
Tuesday November 12, 2024 11:38am - 11:43am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:45am MST

SIG Auth & SIG Storage: Secret Guardians - (Secrets Store) CSI Driver and Sync Controller | Project Lightning Talk
Tuesday November 12, 2024 11:45am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the (Secrets Store) CSI Driver and Sync Controller, sig-auth subprojects providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault.

In this lightning talk, Anish will introduce you to the (Secrets Store) CSI driver and Sync controller and discuss trade-offs of the CSI driver versus Sync controller.
Tuesday November 12, 2024 11:45am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:52am MST

Open Cluster Management: Scheduling AI Workload Among Multiple Clusters | Project Lightning Talk
Tuesday November 12, 2024 11:52am - 11:57am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Open Cluster Management (OCM) addresses the challenges of managing multiple Kubernetes distributions, providing open APIs for cluster registration, workload distribution, dynamic placement of policies, and more. The placement concept allows dynamic selection of clusters, enabling users to replicate Kubernetes resources or run advanced workloads across member clusters. For instance, as an application developer, I can deploy workloads to clusters with the most available memory and CPU. With the rise of AI technology, there's an increasing need to schedule AI workloads based on GPU/TPU resources. In this talk, we will demonstrate how to utilize the extensible placement scheduling mechanism and a GPU/TPU resource collector addon. Using an addon template, this setup can provide an AddonPlacementScore, facilitating placement decisions based on GPU/TPU resources. This approach enables OCM API consumers to intelligently schedule AI workloads to the most optimal clusters.
Tuesday November 12, 2024 11:52am - 11:57am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

11:59am MST

KubeSlice: Migrate Kubernetes Services With Confidence! | Project Lightning Talk
Tuesday November 12, 2024 11:59am - 12:04pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
SREs have been constantly asked to look for solutions to help them migrate K8S services from one Cloud cluster to another Cloud cluster while continuing to provide secure access to managed Cloud services left behind in the original Cloud.

The K8S services securely access these managed services using private endpoint FQDN. When SREs are asked to move the K8S services to a different Cloud cluster they hit a roadblock - there is no easy solution to provide private endpoint FQDN access to a managed service from a remote Cloud cluster.

CNCF sandbox project KubeSlice solves this use case in an elegant way.

KubeSlice enables SREs to create a Slice across clusters and slice overlay network connects services in the clusters. An external services gateway on the Slice in the original Cloud cluster will provide access to managed services via alias service FQDN import. Services in other clusters can reach the cloud service via the same private endpoint FQDN resolved by the Slice DNS .
Tuesday November 12, 2024 11:59am - 12:04pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

12:00pm MST

Google Container Day 2024 Hosted by Google
Tuesday November 12, 2024 12:00pm - 7:00pm MST
Carson Kitchen
This event will be packed with the latest information on running containers with Google Cloud. We'll end with a reception where you can meet other customers on their container journeys as well as the Googlers behind GKE and Cloud Run!

Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://rsvp.withgoogle.com/events/container-day-kcna-2024
For questions regarding this event, please contact: container-day@google.com
Tuesday November 12, 2024 12:00pm - 7:00pm MST
Carson Kitchen 241 W 200 S, Salt Lake City, UT 84101
  Sponsor-hosted Co-located Event

12:06pm MST

Knative: Eventing Advances | Project Lightning Talk
Tuesday November 12, 2024 12:06pm - 12:11pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Knative Eventing has learned a bunch of new tricks in the last year. In this talk, we’ll talk about advances in describing and controlling asynchronous messages between components, including authentication, authorization, and filtering.
Tuesday November 12, 2024 12:06pm - 12:11pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

12:13pm MST

Eraser: Cleaning Up Vulnerable Images from Kubernetes Nodes | Project Lightning Talk
Tuesday November 12, 2024 12:13pm - 12:18pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Supply chain security is an increasingly important issue in cloud-native computing. It is common for pipelines to build and push images to the cluster, but uncommon for those images to be removed from a node’s local store once a CVE has been disclosed. Kubernetes has no built-in solution to this problem: its garbage collection only responds to disk pressure. As images become outdated, they present a risk as users may run a vulnerable container. Eraser, a CNCF sandbox project, is an open source solution that automates the scanning and removal of non-running images.
What distinguishes Eraser is that it gives more control over removal: the developer decides what gets removed and when. By default, Eraser uses Trivy to scan images based on a given threshold of vulnerability. Images can also be removed based on custom logic, including support for using different scanners.
The talk will begin with an overview of Eraser and discuss new features added to the project.
Tuesday November 12, 2024 12:13pm - 12:18pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

12:20pm MST

Linkerd: Adding Cluster-Agnostic Services to Linkerd - Design Considerations and Debates | Project Lightning Talk
Tuesday November 12, 2024 12:20pm - 12:25pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Cluster-Agnostic Services (CAS) is a new feature in Linkerd which allows a single Service to transparently span multiple Kubernetes clusters while remaining resilient to failures in one or more clusters -- without needing to change the application. In this lightning talk, we'll discuss the design considerations and constraints navigated in the process of adding CAS to Linkerd. We discuss how this design process took into account prior art (such as work in SIG-Multicluster), explored a variety of designs, and focused on delivering a solution that was tractable, clear, explicit, simple, and valuable to Linkerd users.
Tuesday November 12, 2024 12:20pm - 12:25pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

12:27pm MST

Istio: Why Choose Istio in 2025 | Project Lightning Talk
Tuesday November 12, 2024 12:27pm - 12:32pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
With all of the cloud native and AI technology out there, it can be hard to figure out what technologies are best for your organization to adopt. Come to this quick lightning talk to figure out if Istio is right for you!
Tuesday November 12, 2024 12:27pm - 12:32pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

12:34pm MST

Kuma: What’s New in Kuma? | Project Lightning Talk
Tuesday November 12, 2024 12:34pm - 12:39pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Kuma is an open source service mesh that delivers advanced security mechanisms, traffic management and observability for microservices. In this session, we’ll talk about the latest releases and most exciting features from each.

Highlights include:
- MeshPassthrough - a new policy that allows exposing external endpoints for “thick” clients through the mesh and support for wildcard DNS records.
- MeshExternalService - a new resource that overcomes existing limitations with the ExternalService resource.
- HostnameGenerator - a new resource that provides a way to generate custom domains inside your mesh.
- MeshService - a replacement for “kuma.io/service” tag that allows better scalability and allows adding metadata to a service.
- Namespaced policies - allow Kubernetes-native UX where all app-related resources are applied in the application’s namespace.
Tuesday November 12, 2024 12:34pm - 12:39pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

12:39pm MST

Project Lightning Talk: Break
Tuesday November 12, 2024 12:39pm - 1:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Tuesday November 12, 2024 12:39pm - 1:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

1:25pm MST

Cloud Native StartupFest Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom B
Cloud Native StartupFest schedule is now live!

Join us for the third Cloud Native StartupFest. Cloud Native StartupFest will address topics only relevant to open source and cloud native startups. Get inspired by hearing from successful cloud native entrepreneurs, learn about some of the most exciting cloud native startups in the space, get a glimpse into the current state of fundraising and receive guidance on how to take your idea from community adoption to success. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom B
  CNCF-hosted Co-located Events

1:25pm MST

Istio Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A
Istio Day schedule is now LIVE!

Istio Day community event for the industry’s most popular service mesh, where you will find lessons learned from running Istio in production, hands-on experiences, and featuring maintainers from across the Istio ecosystem. To learn more visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A
  CNCF-hosted Co-located Events

1:25pm MST

Kubernetes on Edge Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Salt Palace | Level 2 | 250 A-C
Kubernetes on Edge Day schedule is now LIVE!

According to a forecast from the International Data Corporation (IDC) Worldwide Edge Spending Guide, combined enterprise and service provider spending across hardware, software, professional services, and provisioned services for edge solutions will sustain strong growth through 2027 when spending will reach nearly $350 billion. With hardware and software dispersed across hundreds or even thousands of locations, the simple paradigms around observability, loosely coupled systems, declarative APIs, and strong automation that have propelled the success of cloud native technologies in the cloud are the only feasible way to manage these distributed systems. Kubernetes is already a significant component of the edge ecosystem, driving integrations and operations.

Join us at Kubernetes on the Edge Day at KubeCon + CloudNativeCon and take part in defining the future intersection of cloud native and edge computing! To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Salt Palace | Level 2 | 250 A-C
  CNCF-hosted Co-located Events

1:25pm MST

OpenTofu Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Salt Palace | Level 2 | 250 D-F
OpenTofu Day schedule is now LIVE!

Join us for OpenTofu Day 2024, a dedicated day for the infrastructure-as-a-code community. We will bring practitioners, experts, and enthusiasts to in-person sessions on the essential topics of IaC, the plans for the OpenTofu releases, novel ideas, and projects built on top of OpenTofu. Don’t miss this opportunity to learn, contribute, and join the OpenTofu community. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Salt Palace | Level 2 | 250 D-F
  CNCF-hosted Co-located Events

1:30pm MST

Project Overview: A Hitchhiker's Guide to the CNCF Landscape - Katherine Druckman and Lori Lorusso
Tuesday November 12, 2024 1:30pm - 1:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
“Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. Why you ask? We currently have over 190 projects, and finding information about them can be a challenge. “Just go to the website” isn’t enough, sometimes you need a guide to show you the ropes. In these introductory sessions we will go over some of the diverse set of projects inside the CNCF so that you’re well equipped to find what you’re looking for at KubeCon.
Tuesday November 12, 2024 1:30pm - 1:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

1:47pm MST

Envoy: Highlights of Envoy Gateway v1.1.0 - What’s New and Improved | Project Lightning Talk
Tuesday November 12, 2024 1:47pm - 1:52pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Envoy Gateway (EG) released its latest version, 1.1.0, on July 22. This update marks the first feature release since the 1.0.0 GA (General Availability) version and includes multiple new features and improvements. In this lighting talk, I will highlight some of the most important new features, including Wasm extension, non-k8s support, IP allow/deny list, stateful service support, etc.
Tuesday November 12, 2024 1:47pm - 1:52pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

1:54pm MST

Kubean: Unlocking Operational Efficiency - Simplify Cluster Lifecycle Management with Kubean | Project Lightning Talk
Tuesday November 12, 2024 1:54pm - 1:59pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Kubean is a product-ready cluster lifecycle management tool built on the default kubespray engine.
It provides a declarative API, allowing us to deploy and manage clusters using a set of resource manifests.
The entire process is clear and concise.
We will introduce the core features of Kubean, along with some practical implementations in production environments.
Additionally, we will discuss the future development of the Kubean project, with the hope that Kubean can assist and alleviate the challenges people face in cluster management.
Tuesday November 12, 2024 1:54pm - 1:59pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:00pm MST

CalicoCon Hosted by Tigera, the creators of Project Calico
Tuesday November 12, 2024 2:00pm - 7:00pm MST
Hilton Salt Lake City Center - Canyon Conference Room
Join us for an immersive event led by the Calico team, where you'll gain education, training, and best practices of Kubernetes networking, security, and observability.

We will cover the state of Project Calico. Calico users and engineers will deep-dive into various areas, including eBPF, Windows HNS, multi-cluster mesh, best practices for network policies, egress gateway, scale, performance, encryption, and compliance. Attendees will get to ask their questions and network with the Calico engineering and leadership team.


We'll end with a reception where you can meet other Calico users on their Kubernetes journeys and the team behind Calico.


Please note that this is an off-site Sponsor-hosted Co-located event, and must be added to your KubeCon + CloudNativeCon registration ($5 fee applies with proceeds being donated to the Dan Kohn Scholarship Fund).


For more information, please visit: https://www.tigera.io/lp/calicocon-2024/


For questions regarding this event, please contact: marketing@tigera.io


Tuesday November 12, 2024 2:00pm - 7:00pm MST
Hilton Salt Lake City Center - Canyon Conference Room 255 S W Temple St, Salt Lake City, UT 84101
  Sponsor-hosted Co-located Event

2:01pm MST

Kubernetes (SIG-CLI): How Do We Improve kubectl Without Breaking Users? | Project Lightning Talk
Tuesday November 12, 2024 2:01pm - 2:06pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Quick session on how we are getting creative on the ways we implement new functionality and correct design decisions on your favorite 10 year old CLI tool!
Tuesday November 12, 2024 2:01pm - 2:06pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:08pm MST

Metal3: Metal3 Magics! What's New and Exciting? | Project Lightning Talk
Tuesday November 12, 2024 2:08pm - 2:13pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
This talk is a short format summary of the progress achieved by the Metal3 project and its community, particularly in last couple of years, aspiring for incubation. We will do a quick walkthrough of the latest and greatest features of the project and an overview of the road-map of the project.
Tuesday November 12, 2024 2:08pm - 2:13pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:15pm MST

Harbor: Harbor and the World of SBOMs | Project Lightning Talk
Tuesday November 12, 2024 2:15pm - 2:20pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Discover how integrating SBOM (Software Bill of Materials) with Harbor enhances your software supply chain security. In this lightning talk, we'll cover:

- What is SBOM?: Quick overview of its role in software transparency.
- Integration with Harbor: Highlights of the SBOM integration in Harbor v2.11.
- Security Best Practices: Using SBOM to identify and address vulnerabilities.

Perfect for software engineers, DevOps professionals, and security enthusiasts looking to strengthen their software supply chain.
Tuesday November 12, 2024 2:15pm - 2:20pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:22pm MST

SlimToolkit: Improving DX with Containers - Making it Easy to Understand, Optimize, and Debug Your Containers | Project Lightning Talk
Tuesday November 12, 2024 2:22pm - 2:27pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
This talk will introduce the key capabilities in SlimToolkit: inspecting, minifying, and debugging containers that will enhance your developer experience with containerized applications.

We'll walk through a number of short examples showing how common container related problems can be addressed using various commands provided by the tool.

* Are the popular recommendations to create production-ready containers not possible in your environment, or is it just too much work?
* Do you find it difficult to understand what's in containers when you are fixing bugs or when you are selecting new containers to use?
* Is one of the reasons why you avoid using minimal container images the challenges of debugging them?
* Are you not sure what minimal container images are?

If you answered yes to any of these questions, or if you are curious about how this CNCF project can improve your overall container developer experience, this talk is for you.
Tuesday November 12, 2024 2:22pm - 2:27pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:29pm MST

Kyverno: Level Up Your Cluster - 5 Kyverno Policies You Need Now! | Project Lightning Talk
Tuesday November 12, 2024 2:29pm - 2:34pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Struggling to secure your Kubernetes clusters and automate workloads? Kyverno offers a unique solution to combat configuration complexity! This fast-paced talk presents five real-world examples to show you how Kyverno can automate security and simplify workload management.
Tuesday November 12, 2024 2:29pm - 2:34pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:36pm MST

Open Policy Agent (OPA): That's One Small Bump for OPA, but One Giant Leap for Policy as Code | Project Lightning Talk
Tuesday November 12, 2024 2:36pm - 2:41pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
At last, OPA's made it to v1! Let's take a whistle-stop tour of what's involved in cutting a v1 release for a project over 3.5 billion downloads; its own language and large community. Get the latest updates, and glimpse into the future in this light speed overview!
Tuesday November 12, 2024 2:36pm - 2:41pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:43pm MST

Falco: Evolution of Real Time Cloud Security with Falco | Project Lightning Talk
Tuesday November 12, 2024 2:43pm - 2:48pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Falco, the CNCF runtime security project, can continuously monitor your entire environment looking for suspicious activity. From bare metal servers to massive Kubernetes clusters made of hundreds of thousands of nodes to your cloud provider activity, Falco and its powerful detection rule system have you covered. In this Lightning Talk, Luca and Melissa will focus on how the Falco project is constantly evolving to meet defenders' needs by providing rich libraries of detection rules, making it easier to customize them, catch bypass attempts and bring light to every dark corner of modern cloud infrastructures.
Tuesday November 12, 2024 2:43pm - 2:48pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:50pm MST

Copa: Project Copacetic - Directly Patch Container Image Vulnerabilities | Project Lightning Talk
Tuesday November 12, 2024 2:50pm - 2:55pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Maintaining secure container images and addressing new vulnerabilities quickly is a major challenge. To patch images, users face two options: wait for third-party authors to release updates, which can take weeks, or perform a full image rebuild, a time and resource-intensive process.
Project Copacetic (Copa) enhances the image patching process, reducing turnaround time and complexity. It integrates easily into existing build infrastructure, giving users greater control over their patching timeline and reducing costs.
Copa scans container images using tools like Trivy to generate a vulnerability report and parses the report for necessary OS-level package updates. It applies these updates to the target image using Buildkit (Docker’s default builder) to create a new patch layer on the original image. Copa can even patch distroless images by leveraging external tooling.
The talk will overview Copa, highlighting new features like scanner plugins and omitting reports to update all packages.
Tuesday November 12, 2024 2:50pm - 2:55pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

2:57pm MST

OpenFGA: The Cloud Native Way to Implement Fine Grained Authorization | Project Lightning Talk
Tuesday November 12, 2024 2:57pm - 3:02pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
This talk will be a short introduction to OpenFGA, a report on the state of the project and an exploration of different adoption use cases from companies all sizes.
Tuesday November 12, 2024 2:57pm - 3:02pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:04pm MST

Meshery: Visualizing Kubernetes Resource Relationships with Meshery | Project Lightning Talk
Tuesday November 12, 2024 3:04pm - 3:09pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Meshery and its extensions empower you to navigate cloud native infrastructure in complex environments. This lighting talk delves into the human-computer interaction (HCI) principles that underpin MeshMap's intuitive visualization of Kubernetes resources and the various forms of inter/relationships with other CNCF projects' resources.

Human-Computer Interaction Principles in Meshery:

- Cognitive Load: How Meshery reduces cognitive load by presenting complex information in a structured and visually digestible manner.
- Mental Models: How Meshery aligns with users' mental models of Kubernetes environments, facilitating comprehension and navigation.
- Visual Perception: How Meshery leverages visual cues, colors, and layout to guide users' attention and highlight critical information.
Tuesday November 12, 2024 3:04pm - 3:09pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:09pm MST

Project Lightning Talk: Break
Tuesday November 12, 2024 3:09pm - 3:25pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Tuesday November 12, 2024 3:09pm - 3:25pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:25pm MST

CNCF Runtime TAG: CNCF Runtime TAG and the Cloud Native Runtime Landspace: AI, WASM, OS, Edge, Workloads, and More | Project Lightning Talk
Tuesday November 12, 2024 3:25pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
In this lightning talk, we will introduce the CNCF Runtime TAG, discuss how we work with TOC and CNCF Runtime related projects, and highlight the work the TAG and the working groups have done to build guidance and write whitepapers for the ecosystem. Join us to find out how to contribute and participate in the CNCF Runtime community.
Tuesday November 12, 2024 3:25pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:32pm MST

CRI-O: First Class AI Model Teleportation - OCI Volume Mounts in CRI-O and Kubernetes | Project Lightning Talk
Tuesday November 12, 2024 3:32pm - 3:37pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Along with the Kubernetes community's corraling behind the usescases of generative AI comes a slew of implementation hurdles to overcome. One such hurdle is the problem of moving around bulky models. While many methods exist today, the SIG-Node and WG-Serving community sought to find a Kubernetes native approach. What better way than utilizing a foundational part of Kubernetes: the OCI distribution spec.

In this talk, we will discuss the process of designing KEP-4639, the status of the feature, and go through some real world use-cases for using OCI distribution methods we know, love and rely-upon to move AI models to your production servers.
Tuesday November 12, 2024 3:32pm - 3:37pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:39pm MST

WasmEdge: Cross-Platform, High-Performance, Lightweight, Embeddable Multi-Modal LLM Runtime | Project Lightning Talk
Tuesday November 12, 2024 3:39pm - 3:44pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
With the popularity of LLM apps, there is an increasing demand for running and scaling AI workloads in the cloud and on edge devices. Rust and Wasm offer a solution by providing a portable bytecode that abstracts hardware complexities. WasmEdge is a lightweight, high-performance and cross-platform LLM inference runtime. WasmEdge provides a standard WASI-NN API to developers. Developers only need to write against the API and compile to Wasm. The Wasm file can run on any device, where WasmEdge translates and routes Wasm calls to the underlying native libraries such as llama.cpp.
Tuesday November 12, 2024 3:39pm - 3:44pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:46pm MST

Spiderpool: DRA Helps Allocate RDMA Devices With GPU Affinity For AI Workload | Project Lightning Talk
Tuesday November 12, 2024 3:46pm - 3:51pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Currently, the CNI barely meets some increasingly prominent network demands. Especially AI workloads requiring network cards in buck, the node scheduling could not simultaneously fullfill requirements for the macvlan master interface, subnet availability, and RDMA resources. Additionally, the physical affinity between the allocated network cards and GPU is not guaranteed to achieve high-performance transfers such as GPUDirectRDMA. Therefore, many end users complain and have to write complex network configurations in yaml and simply insert all network interfaces for pods to ensure device affinity, which is rigid.
Based on the practice requirements of popular tail-optimized AI network topology, in latest version, Spiderpool introduces DRA to uniformly declare various network configurations, schedule AI workloads to proper nodes, and automatically allocate network interfaces, IP addresses, and RDMA devices with GPU affinity on demand. This greatly enhances the flexibility in AI clusters.
Tuesday November 12, 2024 3:46pm - 3:51pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

3:53pm MST

Project Lightning Talk: Closing - Jorge Castro, CNCF
Tuesday November 12, 2024 3:53pm - 3:58pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Tuesday November 12, 2024 3:53pm - 3:58pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Project Opportunties, Project Lightning Talk

5:30pm MST

⚡ Lightning Talk: `Kubectl Debug` Lacks an `IDE` Option. Let’s Fix That! - Mario Loriedo, Red Hat
Tuesday November 12, 2024 5:30pm - 5:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Don't get me wrong. `kubectl debug` is one of my favorite `kubectl` commands. But probably because I like it so much, I am convinced it deserves more love! This talk will present a `kubectl debug` extension that starts an IDE in an ephemeral container for debugging purposes. This extension uses the DevWorkspace operator, which is capable of running lightweight cloud development environments, including the IDE, in containers. If you like debugging by adding breakpoints in an IDE rather than inspecting your application's logs, you should attend this talk.
Speakers
avatar for Mario Loriedo

Mario Loriedo

Senior Principal Software Engineer, Red Hat
Mario is a Senior Principal Software Engineer at Red Hat. He works on Podman and on container-based developer tools. He has been a CNCF Ambassador and the tech lead of the Eclipse Che project. He has co-created the Devfile (a CNCF Sandbox Project). He has been a speaker at conferences... Read More →
Tuesday November 12, 2024 5:30pm - 5:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Cloud Native Experience
  • Content Experience Level Any

5:35pm MST

⚡ Lightning Talk: CloudEvents as APIs - Evan Anderson, Stacklok
Tuesday November 12, 2024 5:35pm - 5:40pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Most of us are familiar with tools like gRPC and OpenAPI for modelling synchronous calls between different applications or microservices. Sometimes, the right way to extend an application is through an asynchronous notification, or an event. CloudEvents is a CNCF project to standardize the format of asynchronous notifications, to make it easier for different projects and applications to communicate. CloudEvents is an envelope to make it easy to exchange asynchronous messages; in this talk, I'll highlight three useful patterns to leverage CloudEvents to connect applications, using examples from Stacklok's own experience.
Speakers
avatar for Evan Anderson

Evan Anderson

Software Engineer, Stacklok
Co-founder and maintainer on Knative project. Member of sigstore-oncall. Previously worked on Google Compute Engine and Serverless (App Engine, Functions) and in SRE. Principal engineer at Stacklok. Ex-Google, ex-VMware. Author of Building Serverless Applications on Knative by O'Reilly... Read More →
Tuesday November 12, 2024 5:35pm - 5:40pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, SDLC (Software Development Lifecycle)

5:40pm MST

⚡ Lightning Talk: Effortless, Sidecar-Less Mutual TLS and Rich Authorization Policies up and Running in 5 Minutes - Lin Sun, solo.io
Tuesday November 12, 2024 5:40pm - 5:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Do you need zero trust or mutual TLS (mTLS) among your application pods? You may be able to manage certificates within your applications, but how would you handle automatic periodic certificate rotation? The evolution of sidecar-less service mesh technology enables mTLS among application pods with just a simple namespace label. No sidecars or application pod restarts are required. This approach provides immediate benefits, including cryptographic identity for application pods, and ensures session-based data confidentiality and integrity in pod communications. In just 5 minutes, Lin will demonstrate live how developers and operators can effortlessly enforce mTLS and rich Layer 7 (L7) authorization policies without any sidecars!
Speakers
avatar for Lin Sun

Lin Sun

CNCF TOC member and Head of Open-Source at solo.io, solo.io
Lin is the Head of Open Source at Solo.io, and a CNCF TOC member and ambassador. She has worked on the Istio service mesh since the beginning of the project in 2017 and serves on the Istio Steering Committee and Technical Oversight Committee. Previously, she was a Senior Technical... Read More →
Tuesday November 12, 2024 5:40pm - 5:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Security

5:45pm MST

⚡ Lightning Talk: Evaluating Scheduler Efficiency for AI/ML Jobs Using Custom Resource Metrics - Dmitry Shmulevich, NVIDIA
Tuesday November 12, 2024 5:45pm - 5:50pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Kubernetes deployments frequently utilize custom resources beyond just CPU and memory, such as GPUs, which are essential for AI/ML workloads. While the Metrics API offers insights into CPU and memory usage at both the pod and node levels, it does not provide similar information for custom resources. Although resource requests for custom resources are specified in the pod spec, there is no visibility into how efficiently these resources are utilized at the node and cluster levels. To address this gap, we developed a Prometheus Node Resource Exporter tailored to monitor custom resources. Our case study focuses on evaluating the efficiency of Kubernetes schedulers when handling a high volume of AI/ML jobs, using GPU occupancy on the nodes as the primary indicator. In this lightning talk, we will present a comparative analysis of several scheduling frameworks based on the metrics collected by our custom exporter.
Speakers
avatar for Dmitry Shmulevich

Dmitry Shmulevich

Software Engineer, NVIDIA
Dmitry is a software engineer at NVIDIA with over 25 years of experience in software development, specializing in cloud computing for the past eight years. Throughout his career, he has made significant contributions to various systems and projects across the cloud stack. He is also... Read More →
Tuesday November 12, 2024 5:45pm - 5:50pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Observability
  • Content Experience Level Any

5:50pm MST

⚡ Lightning Talk: Future-Proofing Kubernetes: Impact of Storage Version Migration and Meaning of Resource Version (RV) - Nilekh Chaudhari, Microsoft
Tuesday November 12, 2024 5:50pm - 5:55pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Kubernetes relies on API data being actively rewritten to support some maintenance activities related to at-rest storage. Two prominent examples are the versioned schema of stored resources (i.e., the preferred storage schema changing from v1 to v2 for a given resource) and encryption at rest (i.e., rewriting stale data based on a change in how the data should be encrypted). The simplest way to rewrite data is to issue no-op update requests via kubectl. This approach is problematic for any resource that can contain a large amount of data, such as Kubernetes secrets, and it is also impractical to perform without automation, as the number of resources that need migration is always growing. Storage Version Migration (SVM), which is now available as a built-in alpha API since Kubernetes v1.30, helps achieve this. However, the implementation of SVM has significant implications for the entire Kubernetes project and its ecosystem.
Speakers
avatar for Nilekh Chaudhari

Nilekh Chaudhari

Software Engineer, Microsoft
Nilekh is a Software Engineer at Microsoft, specializing in Kubernetes. He actively contributes to SIG Auth and SIG API Machinery and is a core maintainer of the Secrets Store CSI Driver, the Azure Provider for the Secrets Store CSI Driver, and the Gatekeeper Library project.
Tuesday November 12, 2024 5:50pm - 5:55pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Platform Engineering
  • Content Experience Level Any

5:55pm MST

⚡ Lightning Talk: Is Everyone O-KEDA? “Exciting” Lessons Learned in Our Journey to Use KEDA Pod Autoscaling - Brian Davis, Red Canary
Tuesday November 12, 2024 5:55pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
We thought that changing our Kubernetes pod autoscaler seemed like a really straightforward thing to do. With relative ease, we yanked out our old custom pod autoscaler and replaced it with KEDA. We were impressed with the flexibility and control we now had in our cluster, but then discovered a set of really hard lessons that no one had anticipated. In this lightning talk, I’ll hit the highlights of secondary issues we encountered due to such a seemingly simple change, such as Docker Hub rate limits, Kubernetes metrics server failures and their exciting impact on our cluster, AWS rate limits, and late night fights with Argo CD for control of pod maximums. Lastly, I’ll share my personal favorite topic: the “Night Club Theory” of autoscaling tuning. If you or someone you love is thinking of changing your autoscaler, I recommend spending 5 minutes with me to learn the things you should be aware of before you make the switch!
Speakers
avatar for Brian Davis

Brian Davis

Principal Software Engineer, Red Canary
Brian Davis is a Principal Engineer at Red Canary and has built complex systems for the past two decades. His career started in signal processing algorithm research but has morphed through the years into software engineering, QA, system integration, system design, and architectur... Read More →
Tuesday November 12, 2024 5:55pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Operations + Performance

6:00pm MST

⚡ Lightning Talk: Kubernetes for Simulated Hardware in Radio Astronomy - Barbara Ojur, SARAO & Abednigo Matiba Lethole, South African Radio Astronomy Observatory(SARAO)
Tuesday November 12, 2024 6:00pm - 6:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
We use Kubernetes to deploy simulated hardware devices for the Square Kilometer Array (SKA), the world's largest radio telescope. The SKA has an Integrated Testing Facility (ITF) that tests subsystems before field deployment. One of those systems is our main focus for this lightning talk called the Dish Local and Monitoring and Control (LMC) system, which manages mid-frequency operations. Key Lightning Talk Points: - Dish LMC Components: Control, Monitoring, Communication Interface. - Kubernetes Utilization: - k9s: Manages and monitors deployments. - Networking: Simulates communication pathways. - Logging: Captures and analyzes system logs. Goals: - Presentation Aim: Share experiences and inspire adoption of our strategies. - Audience Takeaway: Understand Kubernetes' role in managing complex simulations. - Ecosystem Impact: Improve best practices and drive innovation.
Speakers
avatar for Abednigo Matiba Lethole

Abednigo Matiba Lethole

MR, South African Radio Astronomy Observatory(SARAO)
Abednigo Matiba Lethole is a Junior Software Engineer with over 2 years of experience at the South African Radio Astronomy Observatory (SARAO). Specializing in software development and radio astronomy applications, Abednigo is dedicated to advancing technological solutions in the... Read More →
avatar for Barbara Ojur

Barbara Ojur

Miss Barbara Ojur, SARAO
Barbara Apili Ojur is a software engineer from South Africa, Cape Town. She works for the South African Radio Astronomy Observatory and is seconded to the Square Kilometer Array Observatory which is an intergovernmental project, including countries such as Spain and Italy to mention... Read More →
Tuesday November 12, 2024 6:00pm - 6:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, SDLC (Software Development Lifecycle)

6:05pm MST

⚡ Lightning Talk: Minimizing Data Loss Within the OpenTelemetry (OTel) Collector - Alex Kats, Capital One
Tuesday November 12, 2024 6:05pm - 6:10pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
The OTel collector is meant to serve as a reliable and highly performant data pipeline. However, as a single component in a wider observability architecture, it is only as reliable as the downstream platforms/services it exports data to. The OTel collector has several built in mechanisms that aim to minimize the impact of unhealthy downstream exporters, including an out of the box sending queue with an additional configuration parameter for persistent queueing. There is a new component in the OTel contrib distribution, the Failover Connector. The Failover Connector allows for dynamic routing or “failover” of telemetry data based on downstream exporter health. This provides significant improvement to the data resiliency of the collector, as telemetry data can be continuously exported to a set of stable secondary locations, while the issues with the primary are resolved.
Speakers
avatar for Alex Kats

Alex Kats

Software Engineer, Capital One
Alex is a software engineer at Capital One. Alex has significant experience within the Observability space, with an emphasis on OpenTelemetry (OTel). Alex is a member of the OpenTelemetry community and has been contributing to various components within the OTel toolset.
Tuesday November 12, 2024 6:05pm - 6:10pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Observability

6:10pm MST

⚡ Lightning Talk: Running Kind Clusters with GPU Support Using Nvkind - Evan Lezar, NVIDIA
Tuesday November 12, 2024 6:10pm - 6:15pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Kind is a powerful tool for running local Kubernetes clusters using Docker. It is particularly useful for testing, development, and CI/CD workflows, offering features like multi-node cluster support, easy configuration, and cross-platform compatibility. However, providing access to GPUs in Kind is not a very straightforward process. There is no standard way to inject GPUs into a Kind worker node, and even with a series of "hacks" to make it possible, post-processing is still needed to isolate different sets of GPUs to different nodes. In this lightning talk, we introduce nvkind – a wrapper around Kind that encapsulates the steps necessary to make GPUs available to Kind worker nodes. Ideally, GPU support would have been added to Kind directly, but many challenges exist to make this possible. This talk discusses those challenges, how we've overcome them with nvkind, and the steps needed to eventually support GPUs directly within Kind itself.
Speakers
avatar for Evan Lezar

Evan Lezar

Senior Systems Software Engineer, NVIDIA
Evan Lezar is a Senior Systems Software Engineer on the Cloud Native team at NVIDIA. His focus is making GPUs and other NVIDIA devices easily accessible from containerized environments. This includes driving development and adoption of the Container Device Interface (CDI).
Tuesday November 12, 2024 6:10pm - 6:15pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, AI + ML
  • Content Experience Level Any

6:15pm MST

⚡ Lightning Talk: Safer Cluster Upgrades with Mixed Version Proxy - Richa Banker, Google
Tuesday November 12, 2024 6:15pm - 6:20pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Upgrading Kubernetes clusters often presents numerous challenges, including potential downtime, compatibility issues, and the complexity of managing multiple versions. The Mixed Version Proxy feature introduced in Kubernetes 1.28 aims to mitigate these challenges. This talk will delve into the technical intricacies of the Mixed Version Proxy, exploring its design and implementation. We will then highlight the substantial benefits it offers for cluster upgrades, such as minimizing downtime and enhancing overall reliability. Attendees will gain practical knowledge through (possibly a demonstration) on enabling and utilizing the Mixed Version Proxy. Finally, we will provide insights into the future roadmap for this feature, including upcoming beta releases and enhancements.
Speakers
avatar for Richa Banker

Richa Banker

Richa Banker, Google
Currently a software engineer at Google. Exploring and contributing to OSS Kubernetes on the side.
Tuesday November 12, 2024 6:15pm - 6:20pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Operations + Performance

7:00pm MST

House of Kube Hosted by Humanitec, Dash0 and Cloudsmith
Tuesday November 12, 2024 7:00pm - Wednesday November 13, 2024 2:00am MST
TBA
Build real connections and hang out with pioneers from the cloud native world, enjoy the best food trucks SLC has to offer (and cocktails too), and dance to the funkiest house and techno beats.


Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://www.houseofkube.com/
For questions regarding this event, please contact: mariya.skalka@humanitec.com
Tuesday November 12, 2024 7:00pm - Wednesday November 13, 2024 2:00am MST
TBA
  Sponsor-hosted Co-located Event
 
Wednesday, November 13
 

7:30am MST

Badge Pick-Up
Wednesday November 13, 2024 7:30am - 6:00pm MST
West Temple Entrance (East)
Wednesday November 13, 2024 7:30am - 6:00pm MST
West Temple Entrance (East)
  Registration

7:30am MST

Badge Pick-Up
Wednesday November 13, 2024 7:30am - 6:00pm MST
200 South Entrance (South)
Wednesday November 13, 2024 7:30am - 6:00pm MST
200 South Entrance (South)
  Registration

9:00am MST

Keynotes To Be Announced
Wednesday November 13, 2024 9:00am - 10:45am MST
Salt Palace | Level 1 | Hall DE
Wednesday November 13, 2024 9:00am - 10:45am MST
Salt Palace | Level 1 | Hall DE
  Keynote Sessions

10:45am MST

Coffee Break ☕
Wednesday November 13, 2024 10:45am - 11:15am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Wednesday November 13, 2024 10:45am - 11:15am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

10:45am MST

Solutions Showcase
Wednesday November 13, 2024 10:45am - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Wednesday November 13, 2024 10:45am - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Solutions Showcase

10:55am MST

Project Pavilion Tour with Jorge Castro
Wednesday November 13, 2024 10:55am - 11:15am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!
Wednesday November 13, 2024 10:55am - 11:15am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

11:15am MST

Advanced Model Serving Techniques with Ray on Kubernetes - Andrew Sy Kim, Google & Kai-Hsun Chen, Anyscale
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 255 EF
With the proliferation of Large Language Models, Ray, a distributed open-source framework for scaling AI/ML, has developed many advanced techniques for serving LLMs in a distributed environment. In this session, Andrew Sy Kim and Kai-Hsun Chen will provide an in-depth exploration of advanced model serving techniques using Ray, covering model composition, model multiplexing and fractional GPU scheduling. Additionally, they will discuss ongoing initiatives in Ray focused on GPU-native communication, which, when combined with Kubernetes DRA, offers a scalable approach to tensor parallelism, a technique used to fit large models across multiple GPUs. Finally, they will present a live demo, demonstrating how KubeRay enables the practical application of these techniques to real-world LLM deployments on Kubernetes. The demo will showcase Ray’s powerful capabilities to scale, compose and orchestrate popular open-source models across a diverse set of hardware accelerators and failure domains.
Speakers
avatar for Andrew Sy Kim

Andrew Sy Kim

Software Engineer, Google
Andrew Sy Kim is a software engineer at Google working on Kubernetes and GKE.
avatar for Kai-Hsun Chen

Kai-Hsun Chen

Software Engineer, Anyscale
Kai-Hsun Chen is a software engineer on the Ray Core team at Anyscale and the primary maintainer of KubeRay. He is also an open-source enthusiast, as well as a committer and PMC member of Apache Submarine.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 255 EF
  AI + ML

11:15am MST

Behind Schedule: Pod Resource Configuration from Beginning to... Huh? - Joe Thompson, Platform9
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 251
Pod resource requests, limits and priority are some of the most fundamental concepts of Kubernetes clusters, and they're easy to understand: if nodes have the resources you need, you get scheduled, and if not, you don't... right? Joe will walk you through some of the surprising behaviors you may encounter with the seemingly basic rules that Kubernetes follows when scheduling and running pods -- and how those rules themselves may not be what you think! We'll dig into eviction and preemption (and why the difference matters) and why priority sometimes doesn't solve the problems you think it will. We'll finish with recent changes to pod resource management that are upending long-standing basics of pod scheduling, particularly the in-place pod resizing feature alpha-released in the last few versions of Kubernetes. You'll leave with a deeper understanding of the (not-so-) simple mechanics, as well as how to debug them when things get messy.
Speakers
avatar for Joe Thompson

Joe Thompson

Technical Product Marketing Manager, Platform9
Joe Thompson's IT career is near the end of its third decade. He's been part of the cloud-native community since 2014, starting with OpenStack and adding Kubernetes a few months after it debuted. He's spoken at KubeCon, Cloud Native Rejekts and many local meetups and enjoys showing... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

11:15am MST

All Your Routes Are Ready, More or Less - Dave Protasowski, Broadcom
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 155 EF
Gateway API is the official next gen Kubernetes API for Ingress, Load Balancing and Service Meshes. Many proxies implement the API and pass conformance with glowing colours! But what is it really like to use the API? What isn't covered by the conformance tests that end-users should know. In the talk we'll highlight our experience adopting the Gateway API in the Knative Serving project. We'll talk about the problems we encountered and how we addressed them. Come to the talk and we'll pit some implementations against each other and show some numbers!
Speakers
avatar for Dave Protasowski

Dave Protasowski

Staff Engineer, VMware/Broadcom
Dave Protasowski is part of Knative Technical Committee and a Serving Working Group Lead. During the night he works at VMware/Broadcom. Prior he worked on Cloud Foundry things at Pivotal.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:15am MST

The Future of DBaaS on Kubernetes - Melissa Logan, Constantia; Sergey Pronin, Percona; Deepthi Sigireddi, PlanetScale; Gabriele Bartolini, EDB
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom GI
Running Database-as-a-Service (DBaaS) in the cloud is a common practice for organizations, and more are seeking to offer DBaaS on Kubernetes. Benefits include cost efficiencies, as well as providing a faster, more scalable development environment. While it has many benefits, managing a DBaaS on Kubernetes can be challenging. In this panel, database experts from the Data on Kubernetes Community will discuss how to get started with Kubernetes and operators to run DBaaS, storage and security requirements, common patterns for deployment and Day 2 operations, how to leverage AI for DBaaS, and pitfalls to avoid. They will also share real world experiences from users running DBaaS on Kubernetes.
Speakers
avatar for Melissa Logan

Melissa Logan

CEO, Constantia
Melissa Logan has worked in tech for 24 years and is currently director of the Data on Kubernetes and Data Mesh Learning communities, and founder of Constantia.io - a tech community and communications company. Constantia works with data and open source companies to provide marketing... Read More →
avatar for Gabriele Bartolini

Gabriele Bartolini

VP of Cloud Native, EDB
Gabriele, a co-founder of 2ndQuadrant and open-source advocate, has been instrumental in PostgreSQL's global growth. Focused on enhancing business continuity for large-scale databases, he has championed stateful workloads in cloud-native environments since 2019. As a co-founder and... Read More →
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Software Engineer, PlanetScale
Deepthi is the Technical lead for Vitess, a CNCF graduated open source project. She also leads the Vitess engineering team at PlanetScale which offers a database service built on Vitess. She brings over 20 years of experience building scalable systems to this role. She enjoys speaking... Read More →
avatar for sergey pronin

sergey pronin

Product guy, Percona
Sergey is a passionate technology “driver”. After graduation worked in various fields: internet service provider, financial sector and M&A business. Main focal points were infrastructure and products around it. At Percona as a Group Product Manager drives forward Kubernetes and... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage
  • Content Experience Level Any

11:15am MST

Architecting Tomorrow: The Heterogeneous Compute Resources for New Types of Workloads - Alexander Kanevskiy, Intel Finland
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 255 BC
Imagine managing a set of diverse workloads on a Kubernetes node, operating across dozens of CPU cores and several memory zones. But do you truly comprehend the difference between one CPU core versus another? Are you aware of the impact that different memory zone might have on your workload's efficiency? Will optimisations for one type of workloads be helpful for another? Do you think that your ML workload will behave same way as e.g. Redis? This presentation delves deep into CPU internals, memory types (DRAM, HBM, CXL), and diverse cache/core types and layouts. Explore recent hardware advancements and their impact on workloads. We'll examine native compute resource allocation strategies from a hardware point of view, crucial for enhancing workload performance and optimising energy usage and cost efficiency. Join and learn details of the modern hardware architecture that gives you a framework to make more informed choices on hardware resource optimisation for your infrastructure.
Speakers
avatar for Alexander Kanevskiy

Alexander Kanevskiy

Principal Engineer, Cloud Orchestration Software, Intel Finland
Alexander is currently employed by Intel as Principal Engineer, Cloud Software, focusing on various aspects in Kubernetes: Resource Management, Device plugins for hardware accelerators, Cluster Lifecycle and Cluster APIs. Alexander has over 25+ years of experience in areas of Linux... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

11:15am MST

SIG Network Intro and Updates - Daman Arora, VMware by Broadcom & Shaun Crampton, Tigera
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 3| 355 BC
SIG Network is responsible for networking for Kubernetes clusters, and there's never a shortage of interesting problems to solve in this space. In this session we'll provide some updates about SIG Network as a whole, including: * status and progress of core networking components * status and progress of sub-projects * considerations for the future If you're interested in hearing about what's going on in the networking space, or maybe even interested in joining the SIG and finding a place to contribute, please join us!
Speakers
avatar for Shaun Crampton

Shaun Crampton

Distinguished Engineer, Tigera
Shaun is a Distinguished Software Engineer at Tigera, looking after Project Calico's iptables and eBPF dataplanes. Before joining the Tigera team, Shaun worked on a number of Software Defined Networking products and cloud scale applications. He holds an MA in Computer Science from... Read More →
avatar for Daman Arora

Daman Arora

Software Engineer, VMware by Broadcom
Trying to maintain kube-proxy.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Network

11:15am MST

The Spice Must Flow Green: CNCF's Environmental Sustainability TAG - Marlow Warnicke (Weston), SchedMD & Saiyam Pathak, Loft Labs
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom A
The carbon must be counted. In the Environmental Sustainability TAG, we focus on current and emerging technologies regarding carbon measurement and minimization. As our digital landscape grows, so does its impact on the environment—a factor often overlooked in the pursuit of technological advancement, such as AI. Traditionally, companies focused primarily on financial metrics. However, with increasing awareness of climate issues, stricter regulations, and rising energy costs, environmental impact is now a crucial consideration. We highlight the Green Reviews Working Group and our project to measure impact. We're developing a pipeline that works with current tooling, such as Kepler, to measure the power consumption of CNCF Projects. We explore how to measure energy consumption and emissions of software projects. We also give the status of other projects, such as the sustainability landscape, initiatives such as our sustainability week, and collaborative organisations.
Speakers
avatar for Saiyam Pathak

Saiyam Pathak

Principal Developer Advocate, Loft Labs
Saiyam is working as Principal Developer Advocate at Loft Labs. He is the founder of Kubesimplify, focusing on simplifying cloud-native and Kubernetes technologies. Previously at Civo, Walmart Labs, Oracle, and HP, Saiyam has worked on many facets of Kubernetes, including machine... Read More →
avatar for Marlow Weston

Marlow Weston

Principal Cloud Engineer, SchedMD
Marlow is a Principal Cloud Engineer working on scheduling at SchedMD. She also is a chair for the CNCF Environmental Sustainability TAG. Marlow has expertise in resource management, the AI/ML Kubernetes cloud compute ecosystem, embedded systems, high performance compute system tools... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Environmental Sustainability

11:15am MST

The State of Cloud Native Business Value in 2024 - Danielle Cook, appCD; Simon Forster, Stackegy; Catherine Paganini, Buoyant; Colin Griffin, Krumware; Robbie Glenn, Accenture
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
In 2024, what is the state of cloud native business value? We hear that it is marked by unprecedented growth and innovation, but is that what we are seeing? In this panel discussion hosted by the Cartografos Working Group, we provide an update on how organizations of all sizes are leveraging cloud native technologies to enhance agility, scalability, and cost efficiency. Key advancements go beyond technology alone. Panelists will discuss how cloud native is streamlining operations, accelerating time-to-market, realizing ROI through more efficient resource utilization and reduced operational overhead. Attendees will hear how cloud native can drive business goals including how cloud native platforms drive intelligent automation and data-driven decision-making. Attendees will hear how security and compliance frameworks have matured and how cloud native strategies are proving essential for competitive advantage and digital transformation across industries.
Speakers
RG

Robbie Glenn

Tech Architecture Manager, Accenture
avatar for Colin Griffin

Colin Griffin

CEO, Krumware
Colin Griffin is CEO at Krumware, and a Co-Chair of the CNCF Platforms Working Group. Colin Griffin is a software engineer by trade, specializing in cloud-native application and infrastructure development; with an emphasis on developer enablement and platform engineering. He founded... Read More →
avatar for Catherine Paganini

Catherine Paganini

Head of Marketing, Buoyant
Catherine Paganini is TAG Contributor Strategy Co-chair, CNCF Deaf & Hard of Hearing WG facilitator, CNCF Cloud Native Glossary founder, and Head of Marketing at Buoyant, the creator of Linkerd. A marketing leader passionate about open source, Catherine started her contributor journey... Read More →
avatar for Simon Forster

Simon Forster

Technical Architect and CNCF Ambassador, Independent
Simon Forster is a CNCF Ambassador and cloud native technology architect and engineer based in London. Simon has extensive experience working in heavily regulated financial institutions on the design, delivery and security of critical cloud native applications. He has a specific focus... Read More →
avatar for Danielle Cook

Danielle Cook

VP, appCD
Danielle Cook has worked in the cloud native industry since 2016 helping organizations adopt the technologies that make cloud native enterprise ready. She co-authored and launched the CNCF Cloud Native Maturity Model in 2021, is a co-chair of the CNCF Cartografos Working Group and... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Cartografos

11:15am MST

TUF: Secure Distribution Beyond Software - Marina Moore, Independent
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 3 | 355 EF
As organizations improve their software supply chain, they may encounter an influx of metadata: attestations, SBOMs, VEX statements, and more. Have you ever wondered how to securely distribute all of this information to end users? Enter TUF! The Update Framework (TUF), has paved the way for secure software updates throughout the cloud native ecosystem and beyond, and is being expanded to securely distribute signing keys, attestations, and more. TUF allows organizations to ensure that all of this data is up-to-date and resilient to tampering. The TUF project is constantly improving and this talk will highlight some of these improvements, from recent integrations by groups such as Docker and Github to an effort to provide conformance testing across various TUF implementations. The TUF project has an active team of maintainers and contributors that make all of these improvements possible, and we will discuss how you can get involved to keep making the project better.
Speakers
avatar for Marina Moore

Marina Moore

Independent
Marina Moore has a PhD from at NYU where she performed research into software supply chain security. This research focused on real-world application through open source contribution. She is an open source maintainer and active in open source communities through the CNCF and OpenSSF... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, The Update Framework (TUF)

11:15am MST

Using Notary Project to Ensure Authenticity and Integrity of Artifacts Within the Enterprise - Toddy Mladenov, Microsoft & Tjark Rasche, Mercedes-Benz Tech Innovation GmbH
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
In this session, we will go over the steps and considerations the enterprise goes through to select a reliable and future-proof signing technology and improve the integrity and authenticity of their software artifacts. We will share the questions and constraints in the enterprise and how those were addressed by Notary Project. We will also provide an update on the latest features and the roadmap for Notary Project.
Speakers
avatar for Toddy Mladenov

Toddy Mladenov

Principal Product Manager, Microsoft
Toddy has over 25 years of experience in software engineering and design, consulting, and product management for companies like Microsoft, T-Mobile, and SAP. He started his cloud journey 14 years ago as part of the Azure team. Since then, Toddy worked on large-scale cloud implementations... Read More →
avatar for Tjark Rasche

Tjark Rasche

Senior Software Engineer, Mercedes-Benz Tech Innovation GmbH
Tjark works as a Cloud Software Engineer at Mercedes-Benz Tech Innovation GmbH. He focuses on automating the cluster lifecycle, cluster security and integrating custom cluster addons with Kubernetes. He is also highly involved with the local Kubernetes community, founder of the Kubernetes... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Notary

11:15am MST

Unlocking Cost Savings & New Possibilities: Your Guide to Prometheus Remote Write 2.0 - Callum Styan, Grafana Labs & Bartłomiej Płotka, Google
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom HJ
Prometheus Remote Write is the protocol used to send Prometheus metrics from Prometheus or any other metric source to compatible remote storage endpoints such as Thanos and Cortex. Remote Write is generally used for metric long term storage, centralization, and cloud services. It also enables users to run Prometheus in an agent mode, reducing local storage requirements. Welcome to Remote Write 2.0! In this talk, Bartek and Callum, Prometheus maintainers and RW2.0 spec. co-authors, will introduce you to the next iteration of the popular protocol which adds more functionality while cutting your egress costs up to 60%, and keeps the previous versions easy-to-implement stateless design! The audience will learn what's changed in the second version of Remote Write, what it unlocks, and how easy it is to update or adopt. Finally, the speakers will share the latest benchmarks and differences with the common alternatives.
Speakers
avatar for Bartłomiej Płotka

Bartłomiej Płotka

Senior Software Engineer, Google
Bartek Płotka is a Senior Software Engineer at Google. SWE by heart, with an SRE background, currently working on Cloud Observability. Previously Principal Software Engineer at Red Hat. Author of "Efficient Go" book with O'Reilly. As the co-founder of the CNCF Thanos project and... Read More →
avatar for Callum Styan

Callum Styan

Senior Software Engineer, Grafana Labs
Callum is a software engineer from Vancouver, Prometheus Team Member/Maintainer, and currently works on Loki at Grafana Labs.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

11:15am MST

ARM-Wrestling: Overcoming CPU Migration Challenges to Reduce Costs - Laurent Bernaille & Eric Mountain, Datadog
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 155 BC
When you have a significant cloud footprint, you always look for performance improvements and cost reductions. So when ARM instances became commonly available on one of our providers, seemingly providing great performance at a lower cost, we had to take a closer look! In this talk, we will first describe the steps we took to make our clusters ARM-ready and a few interesting issues we encountered during our initial tests: from performance regressions due to compiler behaviors to subtle memory corruption bugs. We will then discuss new challenges, in particular how to achieve load-balancing and auto-scaling when running workloads on a mix of CPUs with different performances, and share our results. If migrating real workloads to ARM proved challenging, it was worth the effort and we now run more than 50% of our workloads on ARM.
Speakers
avatar for Laurent Bernaille

Laurent Bernaille

Principal Engineer, Datadog
Laurent Bernaille worked several years as a consultant specializing in cloud, containers, and automation and helped organizations migrate to the public cloud and adopt containers. He is now Principal Engineer at Datadog and works closely with infrastructure teams, which are responsible... Read More →
avatar for Eric Mountain

Eric Mountain

Staff Engineer, Datadog
Eric Mountain began working with Kubernetes in 2014 helping Amadeus migrate to container and cloud technology. Eric is now a Staff Engineer in Datadog’s Compute team providing large scale Kubernetes to our internal users.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance
  • Content Experience Level Any

11:15am MST

All-Your-GPUs-Are-Belong-to-Us: An Inside Look at NVIDIA's Self-Healing GeForce NOW Infrastructure - Ryan Hallisey & Piotr Prokop PL, NVIDIA
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom BDF
GeForce Now is a game streaming platform used by 20+ million gamers worldwide. Kubernetes is at the core of its infrastructure powering game workloads and other containerized services and tools. The infrastructure includes many regional clusters with 10s of thousands of GPUs capable of supporting 100s of thousands concurrent gamers. To operate a large Kubernetes infrastructure efficiently, NVIDIA built a GPU maintenance API to enable automated lifecycle management of critical infrastructure components. When combined with a few operators, this API facilitates planning and coordination of crucial driver, GPU, and Kubernetes upgrades at an unprecedented scale, as well as empowering self-healing operators to detect and remediate failures to avoid outages. In this talk, we will share: - How K8s and KubeVirt powers Nvidia GeForce Now - Nvidia’s GPU Maintenance API solution - NVIDIA’s vision for doing automated GPU maintenance at scale in K8s
Speakers
avatar for Ryan Hallisey

Ryan Hallisey

Software Engineer, NVIDIA
Ryan is a software engineer at NVIDIA. He works on building data centers powered by Kubernetes and KubeVirt for NVIDIA products.
avatar for Piotr Prokop

Piotr Prokop

Senior Software Engineer, NVIDIA
Piotr is a Senior Software Engineer at NVIDIA. He works on running high performance workloads powered by Kubernetes for NVIDIA products.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

11:15am MST

AuthZEN: The “OpenID Connect” for Authorization - Omri Gazitt, Aserto
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 151
Today, the authorization world is fractured - each vendor supports its own APIs & protocols. But this is about to change. AuthZEN, a new OpenID Foundation working group, was created in late 2023 to establish authorization standards. OIDF is the home of OpenID Connect, the ubiquitous standard for federated login, and that’s where we’re setting our sights. In this talk, I'll describe the current state of cloud-native authorization, including the policy-as-code and policy-as-data approaches, and the various open source projects in each camp. I'll also share the progress we’ve made creating a single authorization API that works across both policy-as-code (OPA, Topaz) and policy-as-data (Zanzibar-style projects), present the API specs we've created so far, and show off the various interoperable implementations. With this foundation in place, engineering teams can be more confident in externalizing their authorization and picking a provider without being locked in to a proprietary API.
Speakers
avatar for Omri Gazitt

Omri Gazitt

Co-founder & CEO, Aserto
Omri is the co-founder/CEO of Aserto, an authorization startup, and his third entrepreneurial venture. He's spent the majority of his 30-year career working on developer and infrastructure technology, most recently as the CPO of Puppet. Previously he was the VP and GM of HP's Cloud... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 151
  Security
  • Content Experience Level Any

11:15am MST

GitOops... I Did It Again! Protecting Your GitOps System from Being Used for Privilege Escalation - Oreen Livni & Elad Pticha, Cycode
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 250
From data theft to privilege escalation in the Kubernetes cluster, you don't want to be the one telling your boss that your GitOps system has been compromised. This talk covers the security of GitOps tools, highlighting common misconfiguration pitfalls and how to avoid them. We will share the story of CVE-2024-31989, a critical vulnerability we discovered in the popular tool Argo. When installed with the default configuration, this vulnerability allowed privilege escalation from any access point to the cluster (such as a webshell) to complete cluster takeover. We will discuss common insecure configurations like this and provide examples from popular open-source projects to explain how your organization can protect itself from these risks. Attendees will receive a guide and practical tools to protect their GitOps systems against such threats.
Speakers
avatar for Elad Pticha

Elad Pticha

Security Researcher, Cycode
Elad is a passionate security researcher with a focus on software supply chain and web application security. He dedicates his time to writing security research tools and finding vulnerabilities across a broad spectrum, from open-source projects and web applications to IoT devices... Read More →
avatar for Oreen Livni

Oreen Livni

Security Researcher, Cycode
Oreen Livni is a passionate security researcher specializing in application and supply chain security, Domain, and networking. With a focus on software supply chain vulnerabilities. Alongside his professional commitments, he immerses himself in art, gardening, and the world of surfing... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 250
  Security
  • Content Experience Level Any

11:15am MST

Tutorial: A Mad Scientist's Guide to Automating CNI with Generative AI - Doug Smith, Red Hat, Inc
Wednesday November 13, 2024 11:15am - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Ready to make Kubernetes networking a little easier and a lot more fun? Join Doug for an experiment in configuring CNI (Container Networking Interface) using generative AI. Despite being advised by data scientists to avoid automating machine configurations with generative AI, Doug went into the mad scientist's lab (err, basement) and tested how often a workflow could generate CNI configurations that would establish network connectivity between pods – and the success rate might surprise you. In this session, you'll automate CNI configurations using a large language model (LLM) and gain experience with a nifty tech stack: Ollama for running a containerized LLM, Kubernetes, CNI, and some script wizardry to create your own auto-configurator. Best yet? No prior CNI or AI/ML knowledge needed, and you'll learn along the way! Just in case, have contingency plans ready should any Skynet or Space Odyssey 2001 scenarios arise during the tutorial.
Speakers
avatar for Doug Smith

Doug Smith

Principal Engineer, Red Hat, Inc
Doug Smith is a Principal Software Engineer for OpenShift Engineering at Red Hat. Focusing on Network Function Virtualization and container technologies, Doug integrates new networking technologies with container systems like Kubernetes and OpenShift. He is a member of the Network... Read More →
Wednesday November 13, 2024 11:15am - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, Cloud Native Novice

12:10pm MST

AI and ML: Let’s Talk About the Boring (yet Critical!) Operational Side - Rob Koch, Slalom Build & Milad Vafaeifard, Epam
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 EF
As AI and ML become increasingly prevalent, it’s worth looking harder at the operational side of running these applications. We need a lot of compute and access to GPU workloads. We also need to be reliable, while providing rock-solid separation between datasets and training processes. And we need great observability in case things go wrong, and must be simple to operate. Let's build our ML applications on top of a service mesh instead of spending resources reimplementing the wheel – or, worse, the flat tire. Join us for a lively, informative, and entertaining look at how a service mesh can solve real-world issues with ML applications while making it simpler and faster to actually get things done in the world of ML. Rob Koch, Principal at Slalom Build, will demonstrate how you can use Linkerd together with multiple clusters to develop, debug, and deploy an ML application in Kubernetes (including IPv6 and GPUs), with special attention to multitenancy and scaling.
Speakers
avatar for Rob Koch

Rob Koch

Principal, Slalom Build
A tech enthusiast who thrives on steering projects from their initial spark to successful fruition, Rob Koch is Principal at Slalom Build, AWS Hero, and Co-chair of the CNCF Deaf and Hard of Hearing Working Group. His expertise in architecting event-driven systems is firmly rooted... Read More →
avatar for Milad Vafaeifard

Milad Vafaeifard

Lead Software Engineer, Epam
Milad Vafaeifard, a Lead Software Engineer at EPAM Systems, has 9+ years of web design and development expertise. Deaf but undeterred, he is the creative force behind Sign Language Tech and an active contributor to a YouTube channel focused on tech content for the signing tech community... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML
  • Content Experience Level Any

12:10pm MST

Operationalizing High-Performance GPU Clusters in Kubernetes: A Case Study of Databricks' DBRX - Will Gleich & Wai Wu, Databricks
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Hall DE
Training large language models (LLMs) on GPUs within Kubernetes environments involves significant configuration and complexity, often leading to unique failure scenarios. This presentation will cover the lessons learned from training DBRX, a state-of-the-art LLM, that we developed on a 400-node cluster with a primary workload utilizing 3072 GPUs and the tooling needed to measure and maintain a healthy fleet of nodes and underlying interconnect fabric. This will include: * How we implemented GPU health detection leveraging Prometheus and DCGM Exporter * How we monitor GPU Direct Remote Direct Memory Access (GDRDMA) and the challenges of monitoring components that bypass CPU * Discussion of failure scenarios during training, and how they were addressed Databricks Mosaic AI Training leverages GPU clusters across many cloud providers to maximize availability; we will also discuss the variations we see and how we had to engineer around them.
Speakers
WW

Wai Wu

Databricks
avatar for Will Gleich

Will Gleich

Sr. DevOps Engineer, Databricks
Will Gleich is a Sr. DevOps engineer at Databricks specializing in MLOps and Site Reliability Engineering.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

12:10pm MST

Beyond 'Can You Mentor Me?' - Crafting the Contribution Ladder - Nitish Kumar, Akuity; Wenjia Zhang, Google; Lucas Käldström, Upbound; Carol Valencia, Elastic; Nabarun Pal, Broadcom
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 251
Mentorship, a cornerstone of the community's success, offers a transformative path to growth and development. However, finding the right mentor and building a successful mentorship relationship can be challenging. This panel discussion brings together experienced mentors from diverse roles within the Kubernetes community including maintainers, tech leads, and committee members. The panel members will share their insights on how to get the most out of mentorship at different stages of your Kubernetes journey, as you climb the Contributor ladder. By the end of this panel, the audience will understand essential takeaways for effective mentorship at different contributor ladder marks. The project maintainers can take inspiration from how the Kubernetes project maintainers make use of various mentorship techniques such as Role Based Shadowing, Peer-to-Peer Learning, and Mentorship Cohorts that can help any project especially CNCF incubating projects stick new contributors to the project.
Speakers
avatar for Lucas Käldström

Lucas Käldström

Senior Software Engineer, Upbound
Lucas is a Kubernetes and cloud native expert who has been serving the CNCF community in lead positions for 6 years. He’s awarded Top CNCF Ambassador 2017 with Sarah Novotny. Lucas was a co-lead for SIG Cluster Lifecycle, co-created kubeadm, Weave Ignite, and ported Kubernetes to... Read More →
avatar for Wenjia Zhang

Wenjia Zhang

Engineering Manager, Google
Wenjia Zhang is an Engineer Manager at Google, working on Google Kubernetes Engine and Google Distributed Cloud. She is an active contributor for Kubernetes and etcd open source projects.
avatar for Nabarun Pal

Nabarun Pal

Staff Engineer at VMware, Kubernetes Steering Committee and Maintainer, Broadcom
Nabarun is a Staff Software Engineer at VMware by Broadcom, a maintainer of the Kubernetes project, an elected Kubernetes Steering Committee member and a chair of Kubernetes SIG Contributor Experience. He is a Release Manager for Kubernetes and has been the Kubernetes 1.21 Release... Read More →
avatar for Nitish Kumar

Nitish Kumar

Software Engineering Intern, Akuity
Nitish is a Software Engineer at Akuity and a CNCF Ambassador. In the past, Nitish has served as a Linux Foundation Mentee under the Kubernetes Release Engineering Team, where he built the OBS library that is used by the Kubernetes project to automate the process of managing release... Read More →
avatar for Carolina Valencia

Carolina Valencia

Customer Architect, Elastic
Carol is a passionate software developer dedicated to implementing secure cloud-native practices. She actively contributes to CNCF projects and the Kubernetes community as an open-source contributor. She enjoys learning new technologies and creating material, some of which she shares... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

12:10pm MST

Can Your Kubernetes Network Handle the Heat? Building Resilience with AI Chaos - Lior Lieberman, Google & Surya Seetharaman, Red Hat
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 155 EF
Kubernetes networking is complex with many APIs, numerous configurations and potential failure points. In the rapidly evolving world of cloud-native applications, ensuring your Kubernetes network can withstand unexpected failures is not just an advantage—it is a necessity. In this talk Surya and Lior, holding distinct leadership roles in Gateway API and NetworkPolicy API, will demonstrate how you can leverage AI-powered Chaos Engineering to stress test Gateways, NetworkPolicies, and Services on a live cluster! They will share their experiences and lessons learned from using Litmus and enhancing K8sGPT to design and execute AI Chaos experiments, as well as focusing on how you can proactively find gaps and bottlenecks in the network infrastructure. This is a great opportunity to learn from real-world disruption scenarios and participate in a collaborative discussion on how we can leverage AI to build robust Kubernetes Networks.
Speakers
avatar for Surya Seetharaman

Surya Seetharaman

Principal Software Engineer, Red Hat Inc.
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Principal Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems... Read More →
avatar for Lior Lieberman

Lior Lieberman

Site Reliability Engineer, Google
Lior is site reliability engineer at Google working on Google Compute Engine. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

12:10pm MST

When Life Gives You Containers, Make an Open Source RDS: A Kubernetes Love Story - Sergey Pronin, Percona
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom GI
This isn't your typical technical talk. We'll take you on a step-by-step adventure, starting from a humble single database in a container and adding components one by one, just like we did. You'll witness firsthand how we tackled real-world challenges, from storage and scaling to monitoring and UI design, to create an Open Source Cloud Native database platform. You'll walk away with a deep understanding of how Kubernetes can be used to orchestrate complex and stateful applications (like databases clusters). Join us and discover how you can break free from vendor lock-in, save costs, and build a database that's truly yours. This is your chance to learn from our triumphs and tribulations, and be inspired to create your own open source success story.
Speakers
avatar for sergey pronin

sergey pronin

Product guy, Percona
Sergey is a passionate technology “driver”. After graduation worked in various fields: internet service provider, financial sector and M&A business. Main focal points were infrastructure and products around it. At Percona as a Group Product Manager drives forward Kubernetes and... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

12:10pm MST

Building Reliable Cross-Cloud Kubernetes Clusters on Spot Instances with Drafter and PVM - Felicitas Pojtinger, Loophole Labs
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 BC
Building Kubernetes clusters that span across multiple cloud providers prevents vendor lock-in and offers flexibility. Using spot instances can further cut costs by up to 90%, but they can terminate with only 30 seconds' notice. Traditionally, migrating VMs across cloud providers and CPUs to mitigate this has been challenging due to hardware constraints. PVM (Pagetable Virtual Machine) is an experimental kernel technology that changes this by enabling KVM without hardware assistance or emulation. Using the research paper, this session will explain how PVM works and how the open-source Drafter and Firecracker projects can use it to migrate VMs between cloud providers. The session includes a live demo of running Kubernetes components like the Kubelet, CRI, CSI and CNI inside VMs and migrating them in a heterogeneous EC2, GCP, and Azure environment. This allows evacuating a Kubernetes node and network without downtime if a spot instance is terminated or if another provider is cheaper.
Speakers
avatar for Felicitas Pojtinger

Felicitas Pojtinger

Software Developer, Loophole Labs
Felicitas Pojtinger is a software engineer working on all things cloud native. She has developed multiple popular OSS projects such as the WebRTC-based overlay networking tool weron, the Go network boot server bofied, the go-nbd library and more. Currently, she does research and development... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

12:10pm MST

AI for Policy and Policy for AI! - Poonam Lamba, Google; Boris Kurktchiev, Nirmata; Andy Suderman, Fairwinds; Ronald Petty, RX-M; Jimmy Ray, Boeing Digital
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 3 | 355 EF
As Kubernetes becomes the go-to for deploying AI, the need for strong governance and policies is critical. This panel will dive into how policies and AI intersect within Kubernetes. We'll explore challenges, best practices, and new standards for managing AI workloads to guarantee security, fairness, and transparency. We'll examine existing and new policy frameworks for governing AI workloads on Kubernetes, including industry standards and best practices. We'll also address security risks like data privacy and model integrity, and establish clear lines of accountability for AI workloads. This panel is ideal for engineers, operators, compliance officers, and anyone involved in deploying and managing AI workloads on Kubernetes.
Speakers
avatar for Ronald Petty

Ronald Petty

Consultant, RX-M
Ronald Petty is a consultant at RX-M, a global Cloud Native an AI advisory and training firm. Ronald works as a consultant/advisor/board-member for both for-profit and non-profit organizations focusing on technology and related policy issues. Additionally, he authors and edits technical... Read More →
avatar for Poonam Lamba

Poonam Lamba

Product Manager, Google
Poonam is a Product Manager at Google, where she leads Policy, Governance, and Compliance for GKE. An active contributor to the Kubernetes Policy Working Group and Gatekeeper project, she is passionate about open-source solutions. Outside of work, Poonam enjoys hiking, paddle boarding... Read More →
avatar for Andy Suderman

Andy Suderman

CTO, Fairwinds
Andy Suderman is CTO at Fairwinds, a managed Kubernetes-as-a-Service provider. Andy has worked with cloud native technologies for the last eight years helping organizations adopt and manage Kubernetes. Andy is the creator and primary developer of Goldilocks—an open source tool that... Read More →
avatar for Boris Kurktchiev

Boris Kurktchiev

Chief Plumber, Nirmata
In the world of tools, it's not 'one size fits all.' I'm the expert who always knows when to grab the hammer and when to reach for the screwdriver.
avatar for Jimmy Ray

Jimmy Ray

ISO, Boeing Digital
Underpinned by 30 years of technology, writing, and speaking experience, Jimmy Ray is recognized as a subject matter expert in Policy as Code, cloud-native computing, and software supply chain security.Jimmy is the author of Policy as Code - Improving Cloud Native Security, July 2024... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Policy

12:10pm MST

Best Friends Keep No Secrets: Going Secretless with Cert-Manager - Ashley Davis & Tim Ramlot, Venafi
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
In today's complex Kubernetes environments, managing secrets securely is a challenge. Traditional methods often involve complex configurations with secret vaults, secret syncing and secret backups. Regardless of which fancy technology is used, secrets always come with a risk of being leaked. Most of the secrets used in traditional applications can be replaced by short-lived certificates. Applications can prove to be the owner of a certificate without sharing any secrets. In Kubernetes, cert-manager can be used to provision these certificates to all applications without sharing any secret information. Table of contents: - Do we actually need secrets? Comparing authentication methods: static secrets vs short-lived secrets and proof of ownership - How to issue certificates using cert-manager without using [S|s]ecrets - Compatibility and other challenges
Speakers
avatar for Ashley Davis

Ashley Davis

Staff Software Engineer, Venafi
As a teenager, Ash taught himself to program after wondering how exactly video games were made. That led to adventures trawling through open source codebases, sparking an interest in computers spanning from bare-metal machine code right up to scalable distributed platforms like Kubernetes... Read More →
avatar for Tim Ramlot

Tim Ramlot

Senior Software Engineer - cert-manager maintainer, Venafi
Tim started working at Venafi as a software engineer after his graduation as computer science engineer at Ghent University. He learned about cert-manager and Venafi through a Google Summer of Code internship. His mission at Venafi is to advance his problem solving skills, whilst contributing... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, cert-manager

12:10pm MST

Dapr's Road Ahead: GenAI APIs, Distributed Scheduling at Scale and What It Means for Your Platform - Yaron Schneider, Diagrid
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
In this maintainer track we will cover the latest developments and updates of the Dapr project looking into 2025, focusing on how Dapr is adding APIs to abstract the complexities of interacting with LLM models at scale, a new distributed scheduling API and workflow engine that can serve millions of activities per second and how Dapr can be used by platform teams to provide golden paths for interacting with the underlying infrastructure
Speakers
avatar for Yaron Schneider

Yaron Schneider

CTO / Co-Founder at Diagrid, Dapr Co-Creator, Diagrid
Yaron co-created the CNCF projects Dapr and KEDA while at Microsoft and led the engineering architecture for serverless container platforms that run at scale using open source technologies. Yaron is an avid lover of open source tech and distributed systems, and is a co-founder and... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Dapr

12:10pm MST

Emissary-Ingress: Version 4 and the Road Ahead - Flynn, Buoyant
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Emissary-ingress 4.0 is shipping! This marks the first new major version in some years for Emissary, one of the first Kubernetes-native, self-service API gateways and ingress controllers, and it comes on the heels of some big changes in the project. In this session, we'll start with a quick overview of the need for ingress controllers in general, the benefits of self-service developer workflows, and how Emissary-ingress can help with these issues. We'll also talk about recent changes in the project, what Emissary 4 brings to the table, and how to get involved as a contributor, how to best offer feedback, and what's in store for the project in the future. Emissary's maintainer sessions are always great opportunities to talk directly with Emissary-ingress maintainers and make sure your voice is heard when it comes to the project's future -- looking forward to seeing you there!
Speakers
avatar for Flynn -

Flynn -

Tech Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering (from the kernel up through distributed applications, with a common thread of communications and security throughout... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Emissary-ingress

12:10pm MST

SIG Scheduling Intro & Updates - Aldo Culquicondor, Google & Kensei Nakada, Tetrate.io
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 3| 355 BC
SIG Scheduling is responsible for the components that make Pod scheduling decisions in a Kubernetes cluster, such as kube-scheduler for pod to node assignment, kueue for job queueing, Kwok for scheduling load testing, among other projects. In this session, you will learn the basics of these projects and how they can be extended. You will also learn about our recent advancements and ongoing work, such as higher scheduling throughput in kube-scheduler, fair sharing and hierarchical cohorts in Kueue and evaluating performance and scalability efficiently using Kwok.
Speakers
avatar for Aldo Culquicondor

Aldo Culquicondor

Sr. Software Engineer, Google
Aldo is a Senior Software Engineer at Google. He works on Kubernetes and Google Kubernetes Engine, where he contributes to kube-scheduler, the Job API and other features to support batch, AI/ML and HPC workloads. He is currently a TL at SIG Scheduling and an active member of WG Batch... Read More →
avatar for Kensei Nakada

Kensei Nakada

Software Engineer, Tetrate.io
Kensei Nakada is a platform engineer at Tetrate. In the community, he is a sig-scheduling approver, and a core maintainer of the project kube-scheduler-simulator and kube-scheduler-wasm-extension.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Scheduling

12:10pm MST

Towards Zero Change Incidents: Intuit's Strategy for Implementing AI-Driven Progressive Delivery - Avik Basu & Saravanan Balasubramanian, Intuit
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
At Intuit, rapid development is essential for swift feature updates and fixes. Yet, 33% of last year's incidents were due to new deployments, highlighting the need for a progressive delivery system with automated rollback capabilities. However, traditional static thresholds fall short for Intuit's ~2500 services, each with unique patterns across multiple key performance metrics. To tackle this, Intuit has implemented an ML-based progressive delivery system that utilizes Prometheus to monitor multivariate metrics, offering a comprehensive view of application health and performance during deployments. The talk will present a case study application, identify its critical metrics, and showcase how Intuit leverages Numaproj and its out-of-the-box ML models to generate anomaly scores during deployments using Argo Rollouts. This strategy enables Intuit to quickly identify and address issues using AIOps techniques, ensuring a smooth and dependable customer experience.
Speakers
avatar for Saravanan Balasubramanian

Saravanan Balasubramanian

Staff Software Engineer, Intuit
Bala is the lead engineer and maintainer in Argo workflow project , Intuit- leading Argo workflow project for open source community and Intuit.
avatar for Avik Basu

Avik Basu

Staff Machine Learning Engineer, Intuit
Avik is a data scientist and machine learning engineer with expertise across multiple ML domains such as computer vision, natural language understanding, reinforcement learning, and time series. Currently, he leads the machine learning initiatives for open-source AIOps at Intuit... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

12:10pm MST

Automated Multi-Cloud, Multi-Flavor Kubernetes Cluster Upgrades Using Operators - Ziyuan Chen, Databricks
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 155 BC
Databricks manages over a thousand k8s clusters across three major cloud providers which run critical workloads in cloud regions around the world. This talk describes the system we built to upgrade nodes’ operating system, k8s version, and other configs monthly, supporting EKS, AKS, GKE, and self-managed k8s. Our system is built on k8s operators and performs zero-downtime blue-green rolling updates, respects contracts with services with features like PDBs, maintenance windows, deferred node draining, and custom workload handling plugins. It enables easy rollbacks, has good observability, and incurs minimal human operational cost. This has allowed us to patch vulnerabilities and release infrastructure changes quickly and reliably across the fleet. We will also share our lessons learned on building several operators that work together using the controller-runtime framework, designing the declarative interfaces between them, and achieving consistent behavior across three clouds.
Speakers
avatar for Ziyuan Chen

Ziyuan Chen

Software Engineer, Databricks
Ziyuan Chen is a software engineer at Databricks. He has worked on Databricks' cloud platform and OS infrastructure.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

12:10pm MST

Automated Multi-Cloud Blue-Green Cluster Rotations: Zero Downtime Upgrades at Scale - Sourav Khandelwal, Databricks
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
I will present the system developed for cluster rotations across Databricks’ fleet of over a thousand cloud-managed k8s clusters on AWS, Azure, and GCP. Blue-green cluster rotations, or cluster swaps (upgrading by creating a new k8s cluster with a new version/configuration & shifting workloads from the old cluster), allow us to implement major infrastructure changes and upgrade k8s versions with low risk through staged rollouts, seamless rollbacks, zero downtime, and minimal operator intervention. Our system includes a k8s-style continuous reconciliation mechanism to manage cluster swap lifecycles, a fast and reliable cluster state change discovery system, and a k8s workload migration system. We will share methodologies and experiences in constructing this loosely coupled system that orchestrates product workloads and cloud provider APIs for automated cluster swaps. This session will explore the challenges faced, and the benefits of automating large-scale, multi-cloud k8s upgrades.
Speakers
avatar for Sourav Khandelwal

Sourav Khandelwal

Sr. Software Engineer, Databricks
I am a seasoned software engineer with over 10 years of experience in designing and managing large-scale platforms in cloud-native environments. At Databricks, my significant contributions have been pivotal in launching our next-generation cloud infrastructure that helped to transition... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

12:10pm MST

The Hard Truth About GitOps and Database Rollbacks - Rotem Tamir, Ariga
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 250
For two decades now, the common practice for handling rollbacks of database schema migrations has been pre-planned "down migration scripts". A closer examination of this widely accepted truth reveals critical gaps that result in teams relying on risky, manual operations to roll back schema migrations in times of crisis. In this talk, we show why our existing tools and practices cannot deliver on the GitOps promise of "declarative" and "continuously reconciled" workflows and how we can use the Operator Pattern to build a new solution for robust and safe schema rollbacks.
Speakers
avatar for Rotem Tamir

Rotem Tamir

CTO, Ariga
Rotem Tamir (38), father of two. Co-founder and CTO of Ariga, co-maintainer of Atlas and Ent. Ex-data platform architect at Nexar, infrastructure team lead at ironSource.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 250
  SDLC

12:10pm MST

Breaking Free from Vulnerability Scanning Noise: Automated VEX Aggregation for Accuracy - Teppei Fukuda, Aqua Security Software Ltd.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 151
Vulnerability scanners detect known vulnerabilities in software dependencies, but often produce inaccurate results (false-positives) due to their inability to automatically determine if a vulnerability is actually exploitable. Vulnerability Exploitability eXchange (VEX) is an industry-wide initiative that aims to address this issue, but the lack of standardized distribution hinders its effective utilization. This talk introduces VEX Hub, a central repository that automatically aggregates VEX documents published by open-source projects. VEX Hub’s unique architecture makes it easy and practical for software maintainers to start adopting VEX, while at the same time making it seamless for scanners and users to incorporate VEX in their workflow. The presentation showcases a practical use case of VEX Hub with Trivy, an open-source security scanner that popularizes VEX thanks to VEX Hub and delivers more accurate and actionable scanning results to its users.
Speakers
avatar for Teppei Fukuda

Teppei Fukuda

Open Source Engineer, Aqua Security Software Ltd.
Teppei Fukuda is the creator of Trivy and works at Aqua Security as an Open Source Software Engineer. He has a wealth of software engineering experience working on network and security. Away from the work, he is an avid manga enthusiast, dreaming of reading every comic book in the... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 151
  Security
  • Content Experience Level Any

12:10pm MST

🚩 An Introduction to Capture The Flag - Andy Martin & Kevin Ward, ControlPlane
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 A
The Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon North America attendees. In preparation for getting started with the activity, you are invited to attend an introductory session.

This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together. Want to know more about the CTF? [more details to be shared soon]
Speakers
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →
avatar for Kevin Ward

Kevin Ward

Principal Consultant, ControlPlane
Kevin is an Principal Consultant with over 10 years of experience designing, building and testing secure solutions for Government, Defence and Finance sectors. In his own time, Kevin enjoys hacking and hardening systems to discover the balance between security and usability. He co-authored... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 A
  Security

12:45pm MST

Lunch 🍲
Wednesday November 13, 2024 12:45pm - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Wednesday November 13, 2024 12:45pm - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

1:15pm MST

Project Pavilion Tour with Orlin Vasilev, CNCF Ambassador
Wednesday November 13, 2024 1:15pm - 1:35pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise
Wednesday November 13, 2024 1:15pm - 1:35pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

2:30pm MST

Architecting the Future of AI: From Cloud-Native Orchestration to Advanced LLMOps - Ion Stoica, Anyscale
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 EF
With the groundbreaking release of ChatGPT, large language models (LLMs) have taken the world by storm: they have enabled new applications, have exacerbated GPU shortage, and raised new questions about their answers’ veracity. This talk delves into an AI stack, encompassing cloud-native orchestration, distributed computing, and advanced LLMOps. Key topics include: - Kubernetes: The foundational technology that seamlessly manages AI workloads across diverse cloud environments. - Ray: The versatile, open-source framework that streamlines the development and scaling of distributed applications. - vLLM: The cutting-edge, high-performance, and memory-efficient inference and serving engine designed specifically for large language models. Attendees will gain insights into the architecture and integration of these powerful tools, driving innovation and efficiency in the deployment of AI solutions.
Speakers
avatar for Ion Stoica

Ion Stoica

Co-founder, executive chairman & president, Anyscale
Ion Stoica is a Professor in the EECS Department at the University of California at Berkeley, and the Director of SkyLab. He is currently doing research on cloud computing and AI systems. Past work includes Ray, Apache Spark, Apache Mesos, Tachyon, Chord DHT, and Dynamic Packet State... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML
  • Content Experience Level Any

2:30pm MST

Optimizing LLM Performance in Kubernetes with OpenTelemetry - Ashok Chandrasekar, Google & Liudmila Molkova, Microsoft
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Hall DE
Large Language Models are increasing in popularity and their deployments on Kubernetes have steadily increased. LLM applications bring new usage patterns that the industry does not have the expertise in. At the same time, there is a lack of observability in these deployments which makes it difficult to debug performance issues. We will present an end to end walkthrough of how you can leverage client and server LLM observability using Open Telemetry based on the recent efforts in the Kubernetes and Open Telemetry communities to standardize these across LLM clients and model servers. We will also demonstrate how to troubleshoot a real-world performance issue in your LLM deployment and how to optimize your LLM server setup for better performance on Kubernetes. We'll show how to use Kubernetes autoscaling based on custom model server metrics and demonstrate how they offer a superior alternative to using GPU utilization metrics for such deployments.
Speakers
avatar for Liudmila Molkova

Liudmila Molkova

Principal Software Engineer, Microsoft
Liudmila Molkova is a Principal Software Engineer at Microsoft working on observability and Azure client libraries. She is a co-author of distributed tracing implementations across the .NET ecosystem including HTTP client instrumentation and Azure Functions. Liudmila is an active... Read More →
avatar for Ashok Chandrasekar

Ashok Chandrasekar

Senior Software Engineer, Google
Ashok Chandrasekar is a Senior Software Engineer at Google working on AI/ML experience for Google Kubernetes Engine. Previously he was a Staff Engineer at VMware where he led the cluster lifecycle management area for Tanzu Mission Control. He has 7 years of Kubernetes experience working... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

2:30pm MST

Choose Your Own Adventure: The Observability Odyssey - Whitney Lee, CNCF Ambassador & Viktor Farcic, Upbound
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 251
Our hero, a running app in a secure K8s prod environment, knows they are destined for greater things! They’re serving end users, but currently, they have no idea what is going on. Are apps scaling correctly? Are automated deployments successful? What just went wrong, and how can it be fixed? Hero is desperate to escape this fog by adding CNCF tools for logs, metrics, traces, and dashboards. It is up to you, the audience, to guide our hero and help them grow from a lost and confused app to their final form⎯an app that knows their faults before their users do. In their fourth KubeCon ‘Choose Your Own Adventure’-style talk, Whitney and Viktor will present choices that an anthropomorphized app must make as they add observability to their cluster, enabling the ability to answer meaningful questions about their system. Throughout the presentation, the audience (YOU!) will vote to decide our hero's path! Can we navigate CNCF projects and add observability before the session time elapses?
Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a lead rapscallion at Upbound, a member of the CNCF Ambassadors, Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Whitney Lee

Whitney Lee

CNCF Ambassador
Whitney is a lovable goofball and a CNCF Ambassador who enjoys understanding and using tools in the cloud native landscape. Creative and driven, Whitney recently pivoted from an art-related career to one in tech. You can catch her lightboard streaming show ⚡️ Enlightning on her... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

2:30pm MST

Cilium, EBPF, WireGuard: Can We Tame the Network Encryption Performance Gap? - Daniel Borkmann & Anton Protopopov, Isovalent
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 EF
To increase data security for cloud and hybrid cloud deployments, many companies, governments, standards, and tenders require data in transit to be protected. However, network encryption comes at a cost - what is the performance impact and how can we reduce it? In this session, we explore how network encryption can be efficiently enforced with Cilium, eBPF, and WireGuard. We dive deep into Cilium’s integration of WireGuard and elaborate on both the management plane and Cilium’s eBPF datapath. We analyze and benchmark what performance cost one can expect and explore opportunities in the Linux kernel to reduce that price. This talk is for operators and security teams that need to encrypt network traffic, but also want to minimize its overhead. The audience will walk away understanding whether network encryption needs to come at a high toll and whether there are opportunities for optimizations.
Speakers
avatar for Daniel Borkmann

Daniel Borkmann

Software Engineer, Isovalent at Cisco
Daniel Borkmann co-created eBPF and is a kernel developer at Isovalent working on eBPF, the Linux kernel and Cilium. He is a long-term Linux kernel core contributor in the eBPF and networking subsystem for over a decade and co-maintains eBPF and XDP. In his spare time, he loves to... Read More →
avatar for Anton Protopopov

Anton Protopopov

Software Engineer, Isovalent at Cisco
Anton is a software engineer at Isovalent, which is now part of Cisco.Anton is leading a team building new generation of Isovalent products and also participates in developing eBPF-based parts of Cilium stack and on eBPF support in the Linux Kernel.During his career, Anton played... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

2:30pm MST

AIStore as a Fast Tier Storage Solution: Enhancing Petascale Deep Learning Across Cloud Backends - Abhishek Gaikwad & Aaron Wilson, NVIDIA
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
As deep learning continues to evolve, the demand for handling petascale datasets efficiently becomes paramount. Current cloud storage solutions often struggle with the speed (throughput) and cost-effectiveness required for these massive datasets, particularly due to the random access needs of machine learning workloads. This talk introduces AIStore (AIS) as a fast-tier storage solution designed to overcome these challenges by offering a fast, scalable, cost-effective tier for deep learning data. AIS features linear scalability with each added storage node - in fact, with each added drive. In this presentation, we will explore the architecture and benefits of AIStore, focusing on its linear scalability and high performance. This session will feature detailed benchmarks and use cases comparing the performance of accessing cloud datasets with and without AIStore, highlighting AIS's ability to deliver high per-GPU throughput and stable latencies.
Speakers
avatar for Aaron Wilson
avatar for Abhishek Gaikwad

Abhishek Gaikwad

Software Engineer, NVIDIA
Abhishek Gaikwad is a Software Engineer at NVIDIA with a Master of Science degree in Computer Science from San Jose State University. As a key developer and maintainer of AIStore, Abhishek has played a crucial role in its design, development, and management. His contributions include... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

2:30pm MST

Cloud Native Sustainability Speedrun: Tools from Infrastructure to Application Level - Saiyam Pathak, Loft Labs & Saloni Narang, Kubesimplify
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 BC
The cloud native sustainability landscape is rising rapidly with new tools that are solving new challenges. This session will provide a quick overview of the latest tools & initiatives within the landscape. The speaker will dive into different sections, from infrastructure to application, and cover tools within the landscape. They will explore key tools like Kepler for energy consumption monitoring, KubeGreen for scaling down deployments, Scaphandre for detailed power usage metrics, & Cloud Carbon Footprint for tracking and reducing carbon emissions. This talk will showcase the practical application of these tools, demonstrating how they can be integrated to create a comprehensive sustainability strategy. Attendees will learn landscape segmentation & how they can use it for their cloud native applications today in order to track & reduce their carbon emissions effectively. This talk will offer how these tools can be used together to make cloud native deployments more sustainable.
Speakers
avatar for Saiyam Pathak

Saiyam Pathak

Principal Developer Advocate, Loft Labs
Saiyam is working as Principal Developer Advocate at Loft Labs. He is the founder of Kubesimplify, focusing on simplifying cloud-native and Kubernetes technologies. Previously at Civo, Walmart Labs, Oracle, and HP, Saiyam has worked on many facets of Kubernetes, including machine... Read More →
avatar for Saloni Narang

Saloni Narang

Independent DevRel, Kubesimplify
Saloni is working as an independent DevRel, helping companies to form their DevRel strategies. Previously she worked at SAP Labs and has worked on different cloud tools including GCP,Oracle, & AWS. She loves to learn about new open-source tools in the CNCF landscape. She has been... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

2:30pm MST

Guiding Kubernetes: The Steering Committee's Role in Project Evolution - Maciej Szulik, Red Hat
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
The Kubernetes Steering Committee plays a crucial role in overseeing the non-technical aspects of the Kubernetes project and making important project-wide decisions. The committee has a wide scope of working and responsibilities. The committee has evolved over the years. In this session, let’s take a look at how the committee came to be created, the bootstrap era, how it works now and what’s in store for the future. We will have excerpts from our emeritus members who served to shape the goals and vision of the steering committee. We will explore how you can leverage our learnings to enhance the governance of your own cloud native projects. If you are eager to gain insights or have queries about the governance journey of the Kubernetes project, we encourage you to drop by and engage in an insightful discussion.
Speakers
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Steering

2:30pm MST

Harbor Project - The Maintainers Session What We Have Accomplished! - Orlin Vasilev, SUSE; Vadim Bauer, 8gears Container Registry; Miner Yang, Daniel Jiang & Yan Wang, Broadcom
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF
In Harbor v2.11, we've successfully integrated SBOM (Software Bill of Materials) within the platform, enhancing our security and compliance capabilities. We're also exploring innovative trends in AI, such as an AI-assisted registry (not to be confused with an AI-integrated bot). Join Vadim and Orlin as they guide you through the latest developments in the Harbor project, along with some exciting side projects within our community that you may find intriguing. This session is a perfect opportunity for software engineers and DevOps professionals to dive into Harbor's advancements and explore new possibilities together. We invite you to join us for firsthand information about what's coming next in Harbor and learn how you can actively contribute to the project. Together, let's make Harbor even better!
Speakers
avatar for Miner Yang

Miner Yang

CNCF Project Harbor Contributor, Member of VMware Kubernetes techinal staff, Broadcom
Join Cloud Native and Harbor team 2 years ago, Developer of Harbor, Harbor-helm and Harbor Carvel Package.
DJ

Daniel Jiang

Broadcom
YW

Yan Wang

Broadcom
avatar for Orlin Vasilev

Orlin Vasilev

Principal Open Source Technology Advocate, SUSE
Orlin Vasilev is Principal Open Source Technology Advocate and Community Manager for Project Harbor as part of the Cloud Native team at SUSE. Second term CNCF Ambassador and driving the CNCF Meetup Group(~1.7 K members) in Bulgaria. KubeCon CfP review board member. Previously SysAdmin/Dev/SRE/System... Read More →
avatar for Vadim Bauer

Vadim Bauer

Harbor Maintainer, 8gears Container Registry
Vadim Bauer is a Container Silverback with over a decade of experience in running containers in production. As a maintainer of the CNCF project Harbor, he focuses on extending the boundaries of OCI artifact management, adoption, and developer experience. At 8gears, Vadim helps cloud... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Harbor

2:30pm MST

Kubernetes Data Protection WG Deep Dive - Dave Smith-Uchida, Veeam
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Data Protection WG is dedicated to promoting data protection support in Kubernetes. The Working Group is working on identifying missing functionalities and collaborating across multiple SIGs to design features to enable data protection in Kubernetes. In this session, we will discuss what is the current state of data protection in Kubernetes and where it is heading in the future. We will also talk about how interested parties (including storage and backup vendors, cloud providers, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.
Speakers
avatar for Dave Smith-Uchida

Dave Smith-Uchida

Technical Leader, Veeam
Dave has been a leader in data protection for Kubernetes for the last several years. In addition to his work at Veeam on K10, he is a founding member of the Kubernetes Data Protection Working Group and was formerly the architect for the Velero Open Source Kubernetes backup project... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Data Protection

2:30pm MST

Kubernetes WG Device Management - Advancing K8s Support for GPUs - John Belamaric, Google; Patrick Ohly, Intel; Kevin Klues, NVIDIA
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
The goal of the recently formed WG Device Management is to enable simple and efficient configuration, sharing, and allocation of accelerators (such as GPUs and TPUs) and other specialized devices. This working group focuses on the APIs, abstractions, and feature designs needed to configure, target, and share the necessary hardware for both batch and serving (inference) workloads. The current focus of the working group is the Dynamic Resource Allocation (DRA) feature. Come to this talk to learn what we have delivered in Kubernetes 1.31, what is coming in 1.32 and beyond, and how you can influence the roadmap for Kubernetes support of accelerated workloads.
Speakers
avatar for Patrick Ohly

Patrick Ohly

Principal Engineer, Intel
Patrick Ohly is a software engineer at Intel GmbH, Germany. In the past he has worked on performance analysis software for HPC clusters ("Intel Trace Analyzer and Collector") and cluster technology in general (PTP and hardware time stamping). Since January 2009 he has worked for Intel... Read More →
avatar for Kevin Klues

Kevin Klues

Distinguished Engineer, NVIDIA
Kevin Klues is a distinguished engineer on the NVIDIA Cloud Native team. Kevin has been involved in the design and implementation of a number of Kubernetes technologies, including the Topology Manager, the Kubernetes stack for Multi-Instance GPUs, and Dynamic Resource Allocation (DRA... Read More →
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, co-chair of K8s SIG Architecture and of K8s WG Device Management, helping lead efforts to improve how GPUs, TPUs, NICs and other devices are selected, shared, and configured in Kubernetes. He is also co-founder of Nephio, an LF project for K8s-based automation... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Device Management

2:30pm MST

SIG-Multicluster Intro and Deep Dive - Jeremy Olmsted-Thompson & Laura Lorenz, Google; Ryan Zhang, Microsoft; Stephen Kitt, Red Hat
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC
SIG-Multicluster is focused on solving common challenges related to the management of many Kubernetes clusters, and applications deployed across many clusters, or even across cloud providers. In this session, we'll give attendees an overview of the current status of the multi-cluster problem space in Kubernetes and of the SIG. We’ll discuss current thinking around best practices for multi-cluster deployments and what it means to be part of a ClusterSet. Then we’ll highlight current SIG projects, focused use cases, and ideas for what’s next. Most importantly, we’ll provide information on how you can get involved either as a contributor or as a user who wants to provide feedback about the SIG's current efforts and future direction. Bring your questions, problems, and ideas - help us expand the multi-cluster Kubernetes landscape!
Speakers
avatar for Stephen Kitt

Stephen Kitt

Senior Principal Software Engineer, Red Hat
Stephen is one of the maintainers of the Submariner project, providing connectivity and service discovery across multiple Kubernetes clusters. He is a long-time open source contributor, and has been at Red Hat since 2015, working on OpenDaylight and Submariner.
avatar for Jeremy Olmsted-Thompson

Jeremy Olmsted-Thompson

Principal Engineer, Google
Jeremy is a software engineer who works on Google Kubernetes Engine. His main focus is on simplifying the Kubernetes experience, and making it as easy as possible to deploy applications both within a cluster with things like GKE Autopilot, and across clusters with multi-cluster solutions... Read More →
avatar for Laura Lorenz

Laura Lorenz

SWE, Google
Laura Lorenz is a software engineer at Google. She is an active member of Kubernetes’ upstream focused on SIG-Multicluster, SIG-Node, and releases.
avatar for Ryan Zhang

Ryan Zhang

Principal Software Engineering Manager, Microsoft
Dr. Ryan Zhang is a Principal Software Engineering Manager at Microsoft, working on Azure Kubernetes Service Team. Ryan has been working on Cloud Native open source projects for the past few years including CloudEvents, Open Application Model (OAM) and multi-cluster related initi... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Multicluster

2:30pm MST

Unifying Observability: Correlating Metrics, Traces, and Logs with Exemplars and OpenTelemetry - Anusha Reddy Narapureddy & Charlie Le, Apple
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
In modern distributed systems, observability is key to understanding application performance and behavior. While metrics, traces, and logs each provide valuable insights, their true power is realized when they are correlated. This talk will dive into the practical benefits and implementation of correlating these signals with exemplars using the OpenTelemetry SDK and Collector, and showcase the results in Grafana. Attendees will learn how to leverage OpenTelemetry to create exemplars which will allow them to navigate from either logs or metrics to their traces.
Speakers
avatar for Anusha Reddy Narapureddy

Anusha Reddy Narapureddy

Senior Software Engineer, Apple
Anusha is an enthusiastic software engineer who is passionate about observability, distributed systems, and cloud-native technologies. She has extensive experience in designing and building highly available, scalable, and fault-tolerant systems in the cloud.
avatar for Charlie Le

Charlie Le

Senior Software Engineer, Apple
Charlie is a software engineer at Apple, specializing in building and scaling cloud native observability solutions and infrastructure. Deeply inspired by the collaborative spirit of open source, he actively contributes to projects like Cortex and OpenTelemetry, shaping the future... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

2:30pm MST

Does My K8s Application Need CPR? Performance Evaluation of a Multi-Cluster Workload Management App - Braulio Dumba & Ezra Silvera, IBM
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 BC
KubeStellar (KS) is an open-source Kubernetes multi-cluster workload configuration management system that can be used to manage AI workloads in multi-cluster environments. Hence, understanding KS performance is crucial especially when managing resource intensive AI workloads. In this talk, we will present our experience in analyzing the performance metrics of KS across several dimensions of scalability (e.g., number of bindingPolicies, workload description spaces and number of managed remote clusters) and challenges that arise when conducting performance experiments in a multi-cluster environment. Our insights will demonstrate the utility of benchmarking the performance of a multi-cluster Kubernetes workload management application. Additionally, in this talk, we will demonstrate the usefulness of using several opensource tools such as clusterloader2, kube-burner & kwok to evaluate the performance of multi-cluster Kubernetes management applications.
Speakers
avatar for Ezra Silvera

Ezra Silvera

Senior Technical Staff Member, IBM
Ezra Silvera is a Senior Technical Staff Member at IBM Research. His interests include distributed systems, cloud management, and cloud infrastructure. Ezra is passionate about open-source technologies and has been involved in several notable open source projects such as Docker, KubeVirt... Read More →
avatar for Braulio Dumba

Braulio Dumba

Staff Research Scientist, IBM
Dr. Braulio Dumba is a Staff Research Scientist at IBM Research. In 2018, he joined IBM under the Hybrid Cloud organization. His current research is focus on edge computing and hybrid cloud computing. Dr. Dumba earned a Ph.D. in Computer Science from University of Minnesota, Twin... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

2:30pm MST

Better Pod Availability: A Survey of the Many Ways to Manage Workload Disruptions - Zach Loafman, Google
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Kubernetes Pods are ephemeral, but some are more ephemeral than others. Kubernetes provides a dizzying array of options to manage and handle Pod disruption. From PodDisruptionBudgets, to "safe-to-evict" annotations, GracefulTermination timeouts and more, it can be incredibly hard to determine the optimal solution for handling Pod disruption and how to manage gracefully terminating your application. Thankfully, due to the extensible nature of Kubernetes we can build CRDs and controllers that can simplify these complex topics for end users. In this talk, we'll present an in-depth analysis of the built-in options and how they work (or don't). While this problem is not unique to game-serving, we'll deep-dive and explain how Agones (an open-source session orchestration system layered on Kubernetes) solves this problem with a simple abstraction to hide the complexity!
Speakers
avatar for Zach Loafman

Zach Loafman

Staff Software Engineer, Google
Zach leads Google’s GKE Games team. He was previously lead of the Kubernetes Control Plane team for GKE, lead of the GKE Cluster Lifecycle team, worked on Kubernetes prior to GA, and was one of the founding members of the Google Kubernetes Engine team.
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

2:30pm MST

Secure by Design CI/CD: Practical Insights from Adobe and Autodesk - Vikram Sethi, Adobe Inc. & Jesse Sanford, Autodesk
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 250
Worried that your CI/CD pipelines and developer workflows are insecure? Lost in security buzzwords like SBOMs, provenance, attestation, SLSA, OpenSSF, and more? Seeking a clear, actionable reference architecture to secure your pipeline? Whether you are just getting started on your Software Supply Chain Security journey, or are ready to take it to the next level navigating this diverse ecosystem is challenging. Join Vikram and Jesse as they present a reference architecture for secure-by-default CI/CD pipelines and show you effective security controls at every step. See firsthand how these industry giants safeguarded their pipelines while maintaining agility and innovation. This talk will showcase their work, and the work of the CNOE (Cloud Native Operational Excellence) group, which aims to build a paved path through this problem space by producing opinionated software collections or “CNOE stacks” that can be adapted to meet you where your technology is.
Speakers
avatar for Jesse Sanford

Jesse Sanford

Software Architect, Autodesk
Jesse is a lifelong software engineer focused on site reliability and Infosec. Currently architecting the juncture of platform engineering and security/compliance for Autodesk's Developer Enablement team. He regularly contributes to open source and frequently speaks about his work... Read More →
avatar for Vikram Sethi

Vikram Sethi

Principal Scientist, Adobe Inc.
Vikram is a Principal Scientist in the Developer Platforms organization at Adobe. Vikram has been architecting and building the Developer Experience for Adobe's Internal Developer Platform for the last few years. In the last year or so, Vikram has been working on rearchitecting Adobe's... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 250
  SDLC
  • Content Experience Level Any

2:30pm MST

Bridging Clouds: TikTok’s Blueprint for Unified OIDC Access on Multi-Cloud Kubernetes - Naveen Mogulla, TikTok
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 151
As businesses embrace increasingly complex multi-cloud environments, managing access across diverse Kubernetes setups becomes paramount. At TikTok, we faced the challenge of unifying OpenID Connect (OIDC) access for Kubernetes clusters across GKE, EKS, OKE and on-prem clusters each providing different levels of support and integration. This talk will detail our journey to develop a scalable, centralized OIDC framework using a reverse proxy approach, ensuring seamless authentication and authorization across different cloud providers. We will discuss our architectural strategy, highlighting how we leveraged Envoy for request handling and dynamic configuration with external authorization filters to accommodate diverse OIDC implementations. Discover how TikTok overcame identifying OIDC discrepancies among providers to implementing a unified solution that not only simplifies k8s access management but also reinforces security and compliance across our global, multi-cloud infrastructure.
Speakers
avatar for Naveen Mogulla

Naveen Mogulla

Tech Lead, TikTok
Naveen Mogulla is a Tech Lead at TikTok kubernetes edge platform team. He has worked in Infrastructure engineering for almost 13+ years. He is also the main contributor to the AWS IAM operator in the keiko project. He was part of the Intuit core team which created multiple open source... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 151
  Security

2:30pm MST

🚩 An Introduction to Capture The Flag - Andy Martin & Kevin Ward, ControlPlane
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 A
The Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon North America attendees. In preparation for getting started with the activity, you are invited to attend an introductory session.

This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together. Want to know more about the CTF? [more details to be shared soon]
Speakers
avatar for Kevin Ward

Kevin Ward

Principal Consultant, ControlPlane
Kevin is an Principal Consultant with over 10 years of experience designing, building and testing secure solutions for Government, Defence and Finance sectors. In his own time, Kevin enjoys hacking and hardening systems to discover the balance between security and usability. He co-authored... Read More →
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 A
  Security

2:30pm MST

Tutorial: Confidential Containers 101: A Hands-on Workshop - Archana Choudhary & Suraj Deshmukh, Microsoft
Wednesday November 13, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
As traditional enterprises with stringent data protection requirements become cloud-native and migrate to Kubernetes on public clouds, they are wondering: “Is my data secure on this shared hardware? Can someone with a host access snoop on my data?” And especially, with the upcoming Digital Operational Resilience Act (DORA) in Europe mandating data protection in use, it’s crucial for users to familiarize themselves with solutions like Confidential Containers (CoCo), a CNCF sandbox project. In this, first of its kind, hands-on workshop we’ll dive deep into using CoCo with k8s. We’ll explore real-world challenges, such as ensuring data confidentiality from platform owners (cloud providers), and show you how to overcome them. Through practical exercises, you’ll learn to set up CoCo and secure your containerized workloads, turning theory into practice. Attendees will discover streamlined practices, find robust protection mechanisms, and gain strategic insights into adopting CoCo.
Speakers
avatar for Suraj Deshmukh

Suraj Deshmukh

Senior Software Engineer, Microsoft
Suraj is working on Confidential Containers open-source project for Microsoft. He has been working with Kubernetes since version 1.2. He is currently focused on integrating Kubernetes and Confidential Containers on Azure.
avatar for Archana Choudhary

Archana Choudhary

Ms, Microsoft
A software engineer who has been exploring cloud-native technologies, particularly focusing on confidential containers over the past several months.
Wednesday November 13, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, Security

3:25pm MST

A Tale of 2 Drivers: GPU Configuration on the Fly Using DRA - Alay Patel & Varun Ramachandra Sekar US, Nvidia
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 EF
NVIDIA’s GeForceNow is a cloud gaming service that allows users to stream video games from NVIDIA's servers to a wide range of devices, including PCs, Macs, Android devices, iOS devices, and smart TVs. Under the hood, it is powered by Kubernetes running Kubevirt VMs. For a seamless user experience, GeForceNow dynamically switches GPU drivers to accommodate either passing through an entire GPU or slicing it into multiple virtual GPUs, all while keeping utilization close to 100% across the datacenter. This poses significant challenges when using the traditional device plugin API provided by Kubernetes. In this talk, we explore GeForce Now’s journey to transition away from the traditional device plugin API in favor of Dynamic Resource Allocation (DRA). We'll share valuable insights for anyone looking to perform a similar migration of their own. Join us to learn about the challenges, solutions, and best practices to help optimize your GPU-accelerated workloads in the cloud.
Speakers
avatar for Alay Patel

Alay Patel

Senior Software Engineer, Nvidia
Alay is a Senior Software Engineer at Nvidia where he works on cloud gaming service, exposing infrastructure for GPU workloads. He is passionate about open source with a focus on Kubernetes and platform engineering.
avatar for Varun Ramachandra Sekar US

Varun Ramachandra Sekar US

Senior Software Engineer, Nvidia
Developer by day, Dog whisperer by night.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

3:25pm MST

Optimizing Load Balancing and Autoscaling for Large Language Model (LLM) Inference on Kubernetes - David Gray, Red Hat
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Hall DE
As generative AI language models improve, they are increasingly being integrated into business-critical applications. However, large language model (LLM) inference is a compute-intensive workload that often requires expensive GPU hardware. Making efficient use of these hardware resources in the public or private cloud is critical for managing costs and power usage. This talk introduces the KServe platform for deploying LLMs on Kubernetes and provides an overview of LLM inference performance concepts. Attendees will learn techniques to improve load balancing and autoscaling for LLM inference, such as leveraging KServe, Knative, and GPU operator features. Sharing test results, we will analyze the impact of these optimizations on key performance metrics, such as latency per token and tokens per second. This talk equips participants with strategies to maximize the efficiency of LLM inference deployments on Kubernetes, ultimately reducing costs and improving resource utilization.
Speakers
avatar for David Gray

David Gray

Senior Software Engineer, Red Hat
David Gray is a Senior Software Engineer on the Performance and Scale team at Red Hat. His role involves analyzing and improving AI inference workloads on Kubernetes platforms. David is actively engaged in performance experimentation and analysis of running large language models in... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML
  • Content Experience Level Any

3:25pm MST

Create & Distribute a Plugin for Kubernetes (Kubectl) in Few Minutes? Easy! 🙂 - Aurélie Vache, OVHcloud & Gaëlle Acas, Doctolib
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 251
Kubectl is the most powerful tool that allow you to interact with the API Server of a Kubernetes cluster. We use it everyday to list the pods, deploy a service, scale a deployment to 5 replicas... but do you know that you can add custom features to the kubectl CLI? Indeed, Kubernetes is an extensibe world that allows you to extends most of its components (Network, Storage, Container runtime, webhooks … ) and even the kubectl CLI. In this talk, Gaëlle and Aurélie will show you how it can be easy to create a plugin in a few minutes. For that, they will create, in live, a plugin in Bash, to make our pods more user-friendly. But that's not all! The goal of this talk is also to share our awesome plugin with others and for that, Krew is “The place to be”. At the end of this talk you will have all the marbles in hand in order to be able to create & share your own plugin to the world or only to your internal teams. Ready? Create your own plugins!
Speakers
avatar for Gaëlle Acas

Gaëlle Acas

Site Reliability Engineer, Doctolib
Site Reliability Engineer at Doctolib & co-organiser of the CNCF Nantes meetup. As a cloud addict, I love playing with containers, surfing Dev&Ops skills and juggling the world of serverless. I also love to share and pass on my passion for code to our kids.
avatar for Aurélie Vache

Aurélie Vache

Developer Advocate, OVHcloud
Aurélie is a CNCF Ambassador, a Docker Captain & Google Developer Expert. She created a new visual way to learn & understand Cloud technologies: "Understanding Kubernetes/Istio/Docker in a visual way" in sketchnotes, books and videos. She has been working as a Developer & Ops for... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

3:25pm MST

Extending the Gateway API: The Power and Challenges of Policies - Kate Osborn, NGINX
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 EF
From the beginning, the Gateway API has been designed to be extensible. With over 25 implementations to date, it’s crucial that these implementations have a way to support implementation-specific features without resorting to annotations. Among the various ways to extend the Gateway API, the Policy Attachment mechanism stands out as the most potent and challenging. In this session, we will explain what Policy Attachment is and share the lessons we learned at NGINX when implementing our own Policies. You will learn about: - The difference between direct and inherited policies. - How policy inheritance and merging works. - Corner cases, such as conflicting policies and invalid target refs. - Techniques to verify if a policy has been successfully applied. - Strategies for troubleshooting policies. We will show you examples of Gateway API policies as well as policies from multiple Gateway API implementations.
Speakers
avatar for Kate Osborn

Kate Osborn

Software Engineer, NGINX
Maintainer of NGINX Gateway Fabric. Kubernetes enthusiast since 2018.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

3:25pm MST

Architecting a Data Platform with Open Source Tools - Priyanka J. Naik, Palo Alto Networks Inc
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
The presentation will focus on - * The architecture of the data streaming platform which we built in Palo Alto Networks using open source tools like Strimzi, Kafka, Kafka Connect, Confluent Community licensed tools like Schema Registry and KSqlDB on K8s for supporting corp risk intelligence, health and compliance. * Application of core software engineering principles in architecting open source data platforms and its benefits * Some drawbacks which were identified in the data platform solutions and how we overcame those.
Speakers
avatar for Priyanka J. Naik

Priyanka J. Naik

Principal Software Engineer, Palo Alto Networks Inc
Priyanka J. Naik is at Palo Alto Networks Inc. where she works on secure networking software. In her career of 17 years, she has worked in Citrix Systems, Appfolio, with projects and work ranging on products like GoToMeeting, GoToTraining, GoToWebinar, and on data platforms. Interests... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

3:25pm MST

Deep Dive Into Generic Control Planes and Kcp - Stefan Schimanski, Upbound & Mangirdas Judeikis, Cast AI
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 BC
The Kubernetes code now allows native construction of generic control planes, without container types and in new form-factors other than your beloved clusters, be it customized apiserver binaries or embedded into other applications. This talk gives an in-depth explanation of what a generic controlplane is, how to construct it, how to extend it with custom types and how to control which native Kube APIs like secrets, configmaps, etc. or mechanisms like resource quota or RBAC are available. Specifically, we will cover 3 variants: 1. single-tenant generic control planes using upstream Kubernetes. 2. multi-tenant generic control planes using kcp to scale horizontally in one process. 3. multi-shard and multi-region generic control planes with focus of backing SaaS services.
Speakers
avatar for Stefan Schimanski

Stefan Schimanski

Senior Principal Software Engineer, Upbound
Stefan is a Senior Principal Engineer at Upbound working on control planes, Kubernetes, kcp, and as a tech-lead in Sig API Machinery. He contributed a major part of the CRD feature set. Stefan is a 2nd time GoogleSummer of Code mentor with CNCF, loves to teach and help people to learn... Read More →
avatar for MJ / Mangirdas Judeikis

MJ / Mangirdas Judeikis

Staff Engineer, Cast AI
With 10+ years in engineering, tech has been my passion from the start. Graduating in computer networks, I thrive on Go, Kubernetes, and an OpenSource approach. As an SRE practitioner, it's all about owning what you touch. No cloud preference, just adaptability. My motto? "Learn daily... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

3:25pm MST

How to Get Started Contributing in the CNCF - Destiny O'Connor, Women Blessing Women & Riaan Kleinhans, Linux Foundation
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
The CNCF fosters a dynamic and inclusive ecosystem where individuals of all skill sets and regardless of experience can contribute to cloud-native technologies. Let us delve beyond the traditional "how-to contribute" approach and empower you to unlock your potential as a contributor. We’ll get into the core principles of open source, drawing from real-world examples from my experience. Highlighting its collaboration and the inclusive environment it offers. We'll share valuable resources and practical steps to teach you how to get started in the open-source community. Learn how to: - Find projects that align with your skills & interests. - Navigate the open-source collaborative environment. - Contribute with guidelines for beginners. - Leverage your unique perspective. - Use resources to find your contribution niche. This presentation equips you to confidently enter the rewarding world of open-source cloud-native development.
Speakers
avatar for Destiny O'Connor

Destiny O'Connor

Co-Chair CNCF Deaf and Hard of Hearing WG, Web Developer, Women Blessing Women
As Co-Chair of the CNCF Deaf and Hard of Hearing Working Group, where I channel my passion for creating a more inclusive tech world for deaf and hard-of-hearing individuals. My mission is to educate the tech community about the unique challenges and experiences of being deaf in this... Read More →
avatar for Riaan Kleinhans

Riaan Kleinhans

Mr., Linux Foundation
Riaan Kleinhans is a seasoned project manager with extensive experience in customer-facing roles, open-source projects, and community management. Currently, he serves as a Program Manager at the Linux Foundation, collaborating with the Cloud Native Computing Foundation and the Confidential... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Contributor Strategy

3:25pm MST

Life of a Packet: Ambient Edition - John Howard, Solo.io & Keith Mattix, Microsoft
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Istio's new "ambient mode" promises to (and delivers!) dramatically simplify and reduce the cost of running a service mesh. This doesn't come easily, however; Istio employs some advanced and innovative techniques to deliver on this promise. In this talk, Keith and John - two leads on the ambient project - will give an in-depth look under the hood to show how ambient mode operates, walking through how a packet gets from point A to point B securely and efficiently.
Speakers
avatar for Keith Mattix

Keith Mattix

Senior Software Engineering Lead, Microsoft
Keith Mattix is an Engineering Lead at Microsoft focused on Istio, Gateway API, and other networking projects.
avatar for John Howard

John Howard

John Howard, Solo.io
John Howard is a Senior Architect at Solo.io and Istio Technical Oversight Committee member.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Istio

3:25pm MST

Mastering ApplicationSet: Advanced Argo CD Automation - Alexander Matyushentsev, Akuity
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3 | 355 EF
Argo CD has become an essential deployment tool that engineers use to automate various infrastructure management use cases across hundreds of clusters. This presents a new challenge of managing Argo CD applications at scale. The Argo CD team has explored multiple approaches to solving this, resulting in the creation of ApplicationSet. Over time, ApplicationSet has gained many features, becoming sophisticated and quite complex to use. In this session, we will dive into advanced ApplicationSet features: orchestrating complex rollouts of ingress controllers across multiple clusters and accommodating snowflake clusters. We will enable the audience to answer these and many other questions about using ApplicationSet. Finally, we will demonstrate an effective way to debug ApplicationSet specifications without digging through logs and altering production Argo CD settings.
Speakers
avatar for Alexander Matyushentsev

Alexander Matyushentsev

Co-founder and Chief Architect, Akuity
Argo Co-Creator, Argo CD Lead, and maintainer. Energetic and passionate software engineer with over a decade of software development experience. I'm an enthusiast of continuous integration, agile environments, and a huge open-source believer. Core contributor and maintainer of http://argoproj.io... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Argo

3:25pm MST

OpenTelemetry Project Update - Alolita Sharma, Apple; Juraci Paixão Kröhling, Grafana Labs; Ted Young, ServiceNow; Morgan Mclean, Splunk; Daniel Dyla, Dynatrace
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
This is the official OpenTelemetry session at Kubecon. OpenTelemetry started with distributed traces and metrics, but the project's vision has always been to provide whatever signals are needed from infrastructure, services, and more. This session will focus on what's coming next, including new signals and sources. Join to learn about OpenTelemetry's new logging functionality, including its two logging paths, the benefits of each, and real-world production examples. We'll show the power of the next wave of OpenTelemetry enhancements, including profiling and the insights that this unlocks in combination with distributed traces, and how we're extending your observability to client applications. We'll wrap up with a Q&A of 10+ project maintainers, who can speak to these topics and more.
Speakers
avatar for Morgan Mclean

Morgan Mclean

Director of Product Management, Splunk
Morgan is one of the co-founders of OpenTelemetry, and he sits on the project's governance committee and runs multiple initiatives within the project. He is a Senior Director of Product Management at Splunk, where he is responsible for the core platform behind Splunk Observability... Read More →
avatar for Juraci Paixão Kröhling

Juraci Paixão Kröhling

Software Engineer, Grafana Labs
Juraci Paixão Kröhling is a software engineer at Grafana Labs, a maintainer of the OpenTelemetry project, a member of the project's governing board and CNCF Ambassador. He has presented about distributed tracing, OpenTelemetry, and other related topics at conferences like KubeCon... Read More →
avatar for Daniel Dyla

Daniel Dyla

Senior Open Source Architect / OpenTelemetry GC, JS, Maintainer, Dynatrace
Daniel joined Dynatrace in 2015 working on the Davis Assistant natural language interface to the Dynatrace AI. He is an Open Source Architect, member of the W3C Distributed Tracing Working Group, OpenTelemetry specification contributor, maintainer of the OpenTelemetry JS client, and... Read More →
avatar for Ted Young

Ted Young

Director of Developer Education, ServiceNow
OpenTelemetry co-founder
avatar for Alolita Sharma

Alolita Sharma

Observability Engineering, Apple
Alolita Sharma is a member of OpenTelemetry GC, Observability TAG co-chair, CNCF End-User TAB Chair and Governing Board member. She leads Apple’s AIML observability teams. She contributes to open source, open standards at OpenTelemetry, Unicode, W3C. She has served on the boards... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, OpenTelemetry

3:25pm MST

SIG-Node: Intro and Deep Dive - Sergey Kanzhelev & Dawn Chen, Google; Mrunal Patel, Red Hat
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3| 355 BC
Kubernetes SIG Node maintainers track session will cover the latest updates in the Kubernetes Node subsystem. The emergence of Generative AI has introduced new challenges and workload behaviors. And SIG Node is up for the challenge. SIG Node owns components and interactions between pods and host resources, including the Kubelet, Container Runtime Interface, and Node API. SIG Node is responsible for the Pod’s lifecycle from allocation to teardown, to liveness checks and shared resource management. We work with various container runtimes, kernels, networking, storage, and more; anything a pod touches is SIG Node’s responsibility! The session will be led by Kubernetes SIG Node leads and will be interesting for seasoned contributors as well as people seeking to get involved in the project. Attendees will leave the session with a better understanding of the latest developments in the Kubernetes Node subsystem. The session is open to all Kubernetes users, regardless of experience level.
Speakers
avatar for Dawn Chen

Dawn Chen

Principal Software Engineer, Google
Dawn Chen is a principal software engineer at Google. Dawn has worked on Kubernetes and Google Container Engine (GKE) before the project was founded. She has been one of tech leads in both Kubernetes and GKE. Prior to Kubernetes, she was the one of the tech leads for Google internal... Read More →
avatar for Mrunal Patel

Mrunal Patel

Distinguished Engineer, Red Hat
Mrunal Patel is a Senior Principal Software Engineer at Red Hat working on containers for Openshift. He is a maintainer of runc/libcontainer and the OCI runtime specification. He started the CRI-O runtime. He is a SIG-Node chair and tech lead.
avatar for Sergey Kanzhelev

Sergey Kanzhelev

Staff Software Engineer, Google
Sergey Kanzhelev is a seasoned open source and cloud native maintainer working actively on Kubernetes. Sergey is serving as co-chair of SIG node. He is also one of the founders of OpenTelemetry. He is working on engineering aspect of software and its practical application. He is contributing... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Node

3:25pm MST

Using OpenTelemetry for Deep Observability Within Messaging Queues - Shivanshu Raj Shrivastava, SigNoz & Ekansh Gupta, Zeta
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
The recent changes in OpenTelemetry have made new semantic conventions and changes in agents to better monitor messaging queues such as Kafka, RabbitMQ, and Amazon SQS, etc. In this session, we'll discuss how those semantic conventions are standardizing the telemetry collected from producers, consumers, and the messaging queues, and how in-depth observability can be achieved by correlating producer-to-consumer spans with the metrics collected from Kafka. Additionally, We will demonstrate how the Kafka Java client side instrumentation enabled and JMX metrics collected from Kafka how OpenTelemetry instrumentation can help for metrics to trace and trace to metrics correlation and spot reasons for anomalies like increased consumer lag, partition failures, time taken by messaging queues. This will also help in giving the corresponding traces in time that can help end users to better delve into their infrastructures and optimize their asynchronous applications.
Speakers
avatar for Ekansh Gupta

Ekansh Gupta

SDE, Zeta
Ekansh is a Software Development Engineer with Zeta Suite, with active involvement in various open-source and cloud native communities for upwards two years now. He was previously an SDE Intern at SteamLabs. He is also a speaker for a couple of talks at PyCon, KubeCon and MozFests... Read More →
avatar for Shivanshu Raj Shrivastava

Shivanshu Raj Shrivastava

Founding Engineer, SigNoz
Shivanshu is a Founding Engineer at SigNoz, working on building an OTeL native observability product. He has a keen interest in deep tech and OSS. He is a CNCF ambassador and a member of CNCF projects like OTeL, k8s, and Istio. He has got the opportunity to mentor contributors in... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

3:25pm MST

Global Payments: Setting New Standards for Reliability in Cloud Native Multi-Region Applications - Trey Caliva, Global Payments
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 BC
As a multinational FinTech provider, processing over 32 billion card transactions for 816 million accounts, Global Payments requires globally available architectures with quick disaster recovery while maintaining subsecond latencies. In addition, these workloads require strict adherence to compliance standards. This session will explore the high-level architectural decisions implemented in a cloud-native redesign and cloud migration of a mission critical legacy .NET application. Key cloud native tools leveraged include Kubernetes on GCP, and the use of CockroachDB as a cloud native database solution. We will explore how leveraging these cloud native technologies achieved extreme fault tolerance in a multi-region deployment, setting new standards for performance and reliability.
Speakers
avatar for Trey Caliva

Trey Caliva

Principal Cloud Architect, Global Payments
Trey Caliva is an Architect and engineer with 10+ years of hands-on experience planning, developing, managing, and securing deployments in Google Cloud and AWS. He is currently Principal Cloud Architect at Global Payments, a Fortune 500 company and a member of the S&P 500 focused... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

3:25pm MST

Cash App's Journey Into a Multi-Cluster Ecosystem - Rachel Sheikh, Cash App
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Cash App's Compute team is responsible for the health and maintenance of the company's Kubernetes clusters, and the enablement of service owners to deploy their services into these clusters with confidence. Over the past year, we've made strides in improving our reliability and uptime, part of which involved introducing a paradigm around creating new Kubernetes clusters in our service ecosystem that allow us to seamlessly transition services in/out of to simplify cluster upgrades and provide us with guardrails against common outages. This talk intends to walk you through our experience introducing new Kubernetes clusters for our services at Cash App, migrating and splitting service traffic across clusters with zero downtime, and thinking through tooling adoption / creation to simplify cluster maintenance as our overhead scales.
Speakers
avatar for Rachel Sheikh

Rachel Sheikh

Ms., Cash App
I'm a software engineer with a decade of experience building and scaling backend services across various industries. When I'm not working on clusters or writing Go, I'm probably watching pro League of Legends or taking pictures of my dog.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

3:25pm MST

Scale Job Triggering with a Distributed Scheduler - Cassie Coyle & Artur Souza, Diagrid
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 250
Imagine scheduling thousands or millions of jobs that are persisted and triggered timely and resilient to downtime. Some jobs might be triggered every second while others need to reliably be triggered on the first day of the month. Achieving high throughput and reliability is critical for the performance and operational efficiency of modern distributed systems. How can traditional cron job scheduling be extended? How can distributed systems handle job scheduling with minimal downtime? What challenges arise when scaling job scheduling to thousands or millions of jobs? In this session, Artur and Cassie will delve into the design of Dapr’s distributed Scheduler and how users can start using it today. You will gain a comprehensive understanding of how Dapr’s Scheduler unblocks scalability of actors and workflows while also enabling new capabilities, like delayed pubsub and schedule job API.
Speakers
avatar for Artur Souza

Artur Souza

Head of Engineering, Diagrid
I am a maintainer of Dapr since 2019, helped the project reach the 1.0 stable version and keeping frequent releases since then. Currently Head of Engineering at Diagrid, leading the engineering teams building Conductor and the next generation of managed cloud native APIs via Dapr... Read More →
avatar for Cassie Coyle

Cassie Coyle

Software Engineer, Diagrid
Cassie, a devoted software engineer at Diagrid actively contributes to Dapr, focusing on Go backend development to simplify the creation of resilient, event-driven, and microservices-based apps. She is a member of the Dapr Day and AppDeveloperCon 2024 program committees. Her work... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 250
  SDLC

3:25pm MST

CEL-Ebrating Simplicity: Mastering Kubernetes Policy Enforcement - Kevin Conner, Getup Cloud & Anish Ramasekar, Microsoft
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 151
As Kubernetes deployments grow increasingly complex, robust policy enforcement is crucial. The Common Expression Language (CEL) provides a powerful solution, enabling the creation of sophisticated, human-readable expressions for Kubernetes policies. This session explores CEL's integration with Kubernetes, simplifying policy definition and enforcement. Key takeaways: - Fundamentals of CEL and its Kubernetes integration. - Practical use cases for CEL in admission control, resource management, and security. - Enhancing policy expressiveness and flexibility with CEL. - Introduction to CEL Playground for testing and validating CEL expressions. Through live demos, learn to leverage CEL and CEL Playground for streamlined policy management in Kubernetes. Ideal for administrators, developers, and DevOps professionals, this session equips you to enhance your Kubernetes policies using CEL. Join us to discover how CEL and CEL Playground can transform your Kubernetes policy management.
Speakers
avatar for Anish Ramasekar

Anish Ramasekar

Principal Software Engineer, Microsoft
Anish Ramasekar is a software engineer at Microsoft. He is on the Azure Container Upstream team building features for Kubernetes upstream and various CNCF projects that are part of the Azure Kubernetes Service. Anish is a maintainer of the Secrets Store CSI Driver project.
avatar for Kevin Conner

Kevin Conner

Chief Engineer, Getup Cloud
Kevin Conner is the Chief Engineer at GetUp Cloud, a startup focused on Kubernetes and DevSecOps. He has worked at startups like Integrated Micro Products, Arjuna Technologies, JBoss, and Aviatrix, as well as Sun Microsystems and Red Hat where he led teams for Cloud Enablement, Service... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 151
  Security

4:00pm MST

Coffee Break ☕
Wednesday November 13, 2024 4:00pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Wednesday November 13, 2024 4:00pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

4:30pm MST

Making Kubernetes Simpler for Accelerated Workloads - Susan Wu, Google; Lucy Sweet, Uber; Mitch McKenzie, Weave; Aditya Shanker, Crusoe
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 EF
Kubernetes and the open-source ecosystem for AI frameworks have been great for LLM innovation, empowering developers to build applications that use natural language as the interface to data. Yet, many developers and cluster operators struggle to put these frameworks into production use. In this session, hear from several platform engineers responsible for designing core infrastructure supporting accelerated workloads, services, large language model training and inference pipelines. You can expect to come away with guidance, hear of pitfalls to watch out for and learn how they successfully abstracted the infrastructure complexity to improve their research users' experience and velocity. Panelists include: Lucy Sweet, Senior Software Engineer (Infrastructure), Uber, Mitch McKenzie, Site Reliability Engineer - Machine Learning Operations, Weave, Susan Wu, Outbound Product Manager, Google
Speakers
AS
avatar for Susan Wu

Susan Wu

Outbound Product Manager, Google
Susan is an Outbound Product Manager for Google Cloud, focusing on GKE Networking and Network Security. She previously led product and technical marketing roles at VMware, Sun/Oracle, Canonical, Docker, Citrix and Midokura (part of Sony Group). She is a frequent speaker at conferences... Read More →
avatar for Lucy Sweet

Lucy Sweet

Senior Software Engineer at Uber, Uber
Lucy is a Senior Software Engineer at Uber Denmark who works on software infrastructure
MM
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

4:30pm MST

Platform Performance Optimization for AI - a Resource Management Perspective - Antti Kervinen, Intel & Dixita Narang, Google
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Hall DE
How much node resource management can affect AI workload performance? What options are there? What is the trade-off between total throughput and low latencies? In this talk we take a systematic approach to Platform Performance Optimization. We walk through the whole path from goal setting, gathering data, analysis, visualizations and conclusions. At each stop along the path we share our practical experiences in a case of LLM inference optimization. You will find many considerations, findings and practical tricks to take away. For instance, how to instrument PyTorch without touching the source or a container image, how to enable changing what we are measuring without new expensive benchmark reruns, and how much more we can learn from visualizations compared to numeric averages and percentiles. Finally we share real results from our case: how resource management increased total token throughput per worker node by more than 3.5x from the baseline.
Speakers
avatar for Antti Kervinen

Antti Kervinen

Cloud Orchestration Software Engineer, Intel
Antti Kervinen is a Cloud Orchestration Software Engineer working at Intel, whose interest in Linux and distributed systems has led him from academic research of concurrency to the world of Kubernetes. When unplugged, Antti spends his time outdoors discovering wonders of nature.
avatar for Dixita Narang

Dixita Narang

Software Engineer, Google
Dixita Narang is a Software Engineer at Google on the Kubernetes Node team. With a primary focus on resource management within Kubernetes, Dixita is deeply involved in the development and advancement of the Memory QoS feature, which is currently in the alpha stage. She is a new contributor... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

4:30pm MST

Museum of Weird Bugs: Our Favorites from 8 Years of Service Mesh Debugging - Tom Dean & Alen Haric, Buoyant
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Over the past 8 years, we've fixed a lot of bugs in Linkerd. Many of these were straightforward, but some manifested in strange ways, or only showed up in unique situations, or otherwise surprised us. Some of them were just plain funny. In this talk, we will run through a couple of Linkerd's favorites: the most interesting, weird, and memorable bugs we've found and fixed Linkerd. We describe how they originally manifested (usually in someone else's production system),  how we went about tackling them (often by educating the reporter on how to construct a useful bug report), and the sometimes long and windy path to finally fixing them.
Speakers
avatar for Tom Dean

Tom Dean

Field Engineer, Buoyant
Tom Dean started programming BASIC on Apple IIs over 40 years ago, and has been hooked on tech since then. A long-time user of Linux and Open Source, he has been expanding his Cloud, Cloud Native and adjacent subject matter knowledge to become a more well-rounded technologist, and... Read More →
AH

Alen Haric

Solutions Architect, Buoyant
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Cloud Native Experience
  • Content Experience Level Any

4:30pm MST

DNS Deep Dive in Kubernetes with CoreDNS - Jingming Guo, Airbnb
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 251
In the dynamic world of Kubernetes, efficient DNS resolution is critical for seamless application performance and scalability. CoreDNS, as the default DNS server for Kubernetes, offers flexible and high-performance DNS capabilities. This talk will delve into the lifecycle of a DNS request within a Kubernetes cluster using CoreDNS, offering insights into the flow of DNS traffic and enhancing your understanding of DNS requests and service discovery in Kubernetes—-key knowledge for effective debugging and issue resolution. Additionally, we will present a case study of Airbnb's successful integration of CoreDNS, highlighting the CoreDNS performance evaluation, our seamless migration approach, and scaling strategy. Finally, we will talk about the multi-cluster DNS resolution with CoreDNS. This section will demonstrate how multi-cluster DNS capabilities address the common challenges, discuss performance considerations and multi-cluster DNS limitations.
Speakers
avatar for Jingming Guo

Jingming Guo

Software Engineer, Airbnb
Jingming Guo, graduated from Northwestern University in 2017 and subsequently joined AWS EBS team. At AWS, Jingming led the development of Elastic Volume feature on the Block Express volume and led the EBS Server capacity increase release. In 2022, Jingming joined Airbnb and led the... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

4:30pm MST

From Observability to Performance - Nadia Pinaeva, Red Hat & Antonio Ojea, Google
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 EF
No matter how fast the Services on your Kubernetes cluster are, users would love them to be faster. But how do you get from a huge pile of metrics across a distributed system to real user experience improvements? There is a way, and with the right tools and the right approach, you can better understand and evaluate Service performance. In this talk, you'll learn how to identify the performance parameters that directly translate to user experience. We will explore how to collect performance metrics from running Kubernetes clusters without disrupting normal operations using tools like Prometheus, Grafana, kube-burner, and custom instrumentation. We will discuss how to translate the collected metrics and analysis into concrete actions and how to identify bottlenecks and implement optimizations to enhance Service performance. This talk is ideal for k8s networking developers, administrators, SREs, DevOps engineers, and anyone responsible for managing or optimizing Kubernetes networking.
Speakers
avatar for Antonio Ojea

Antonio Ojea

Software Engineer, Google
Antonio Ojea is a Software Engineer at Google, where he works on Kubernetes. He is one of the top contributors of the Kubernetes project, with a stronger presence on the areas of networking and reliability. He has a vast experience in Open Source, networking and distributed systems... Read More →
avatar for Nadia Pinaeva

Nadia Pinaeva

Senior Software Engineer, Red Hat
Nadia Pinaeva is a Senior Software Engineer at Red Hat working on Openshift Networking. She collaborates with the SIG-network-policy to improve network security for Kubernetes clusters, and works on ovn-kubernetes network plugin.
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

4:30pm MST

Building Resilience: Effective Backup and Disaster Recovery for Vector Databases on Kubernetes - Pavan Navarathna & Shwetha Subramanian, Veeam
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
As generative AI revolutionizes industries, reliance on vector databases - crucial for managing and querying high-dimensional data - has skyrocketed. These databases are often deployed on Kubernetes for its scalability and orchestration capabilities. However, ensuring robust backup and disaster recovery for these stateful applications presents unique challenges. Join Pavan and Shwetha as they discuss the critical need for an effective data protection strategy for vector databases in Kubernetes environments, emphasizing its importance in maintaining data integrity and availability. Attendees will learn about the growing significance of vector databases driven by AI applications and the specific considerations for their reliable deployment and management in cloud-native settings. Through a practical demonstration, this session will introduce Kanister, a CNCF Sandbox project, showcasing how it simplifies the complex process of backing up and recovering vector databases on Kubernetes.
Speakers
avatar for Pavan Navarathna

Pavan Navarathna

Engineering Manager, Veeam
Pavan joined Kasten by Veeam in March 2018, where he leads the open-source efforts and manages a team of cloud-native engineers developing innovative solutions for data protection in Kubernetes. He has previously worked in data protection and networking at NetApp and Aryaka. Pavan... Read More →
avatar for Shwetha Subramanian

Shwetha Subramanian

Software Engineer, Kasten by Veeam, Veeam
Shwetha Subramanian is a 2+ year experienced software professional, armed with a Master’s in Computer Science (Machine Learning track) from Columbia University, currently working as an SWE in the Kasten team at Veeam. An inherently curious individual, she is on a journey of learning... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage
  • Content Experience Level Any

4:30pm MST

Experience in Designing & Implementing a Cloud Native Framework for Farm Data Analytics - Braulio Dumba, IBM & Gloire Rubambiza, Cornell University
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 BC
This work is based on 17 months experience managing a digital agriculture platform that has aggregated and processed tens of gigabytes of data on 1500 cows on a commercial dairy farm. Significant challenges surfaced tied to multi-cluster management, fault-tolerance, and privacy as the number of applications and farm management models grew. To bridge this gap, we designed and implemented a cloud native networked system for multi-cluster configuration and management of farm data analytics that leverages KubeStellar and Software-Defined Farm paradigm. Our experience from designing, implementing and deploying this framework showcase how Kubernetes can enable farmers and agribusinesses to leverage the power of containerization and cloud-native computing to optimize workflows and streamline agricultural operations. This work presents progress towards cloud-native, scalable, and fault-tolerant data analytics in digital farming with potential environmental, financial, and societal impacts.
Speakers
avatar for Braulio Dumba

Braulio Dumba

Staff Research Scientist, IBM
Dr. Braulio Dumba is a Staff Research Scientist at IBM Research. In 2018, he joined IBM under the Hybrid Cloud organization. His current research is focus on edge computing and hybrid cloud computing. Dr. Dumba earned a Ph.D. in Computer Science from University of Minnesota, Twin... Read More →
avatar for Gloire Rubambiza

Gloire Rubambiza

Ph.D. Candidate, Cornell University
Gloire Rubambiza is a Ph.D. candidate in CS at Cornell University, where he conducts research in hybrid cloud computing for digital agriculture with an emphasis on societal impact. At Cornell, he was a University Fellow, a fellow of NSF National Research Traineeship in Digital Plant... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

4:30pm MST

CNI Updates and Direction! - Michael Zappa, Microsoft
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
The CNI or Container Networking Interface is one of the most important projects of Kubernetes and the surrounding ecosystem. Without it, nodes aren’t ready, and pods aren’t scheduled. This session will provide a brief overview of what the CNI is, where it intersects with Kubernetes, the latest updates, how you can get involved and the future of the CNI. We have talked a lot about CNI 2.0 and now it is becoming a reality. This will be the biggest change to the CNI however let's not get carried away, we will make this seamless for you! Attendees will leave with an understanding of what the CNI is and how it fits into the larger picture of Kubernetes networking so that you can contribute to the CNI community!
Speakers
avatar for Michael Zappa

Michael Zappa

Software Engineer, Microsoft
Hello, I am Zappa. I have been a technologist for over 20 years with a background in networking, systems, software and Devops engineering. I am a self-caught coder and started in the 6th grade. I am passionate about the ecosystem and container networking. My areas in the open-source... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Container Network Interface

4:30pm MST

How to Expand Your IDP: The New Building Blocks of Backstage - Ben Lambert & Patrik Oldsberg, Spotify
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Learn new ways to get the most out of your internal developer portal (IDP) and improve developer experience and productivity together with the Backstage community. The project maintainers will walk through brand new framework features and resources designed to help you build plugins and integrations. By expanding what a Backstage portal can do, you add value to your own IDP while strengthening the Backstage open source ecosystem. You’ll also hear the latest updates from the different Project Areas and a roadmap for what’s coming next. There will be plenty of time for Q&A, so here’s your chance to ask any burning questions!
Speakers
avatar for Patrik Oldsberg

Patrik Oldsberg

Senior Engineer, Spotify
Patrik is a Senior Software Engineer at Spotify and a core maintainer of Backstage. In 2019 he joined the team in Spotify’s platform organization that owned the Backstage platform, and worked together with the rest of the team to bring it out in the open. Before joining Spotify... Read More →
avatar for Ben Lambert

Ben Lambert

Core Maintainer of Backstage, Senior Engineer at Spotify, Spotify
Ben is an Engineer at Spotify and a Maintainer of Backstage.io
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Backstage

4:30pm MST

Linkerd Update: Ingress, Egress, IPv6, Enhanced Multicluster, Rust, and More - William Morgan, Buoyant
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3 | 355 EF
The pace of feature delivery in Linkerd has never been higher. In this whirlwind project update by Linkerd maintainers and directors, you'll learn about the latest developments and upcoming features. We'll discuss new support for egress traffic control and visibility, ingress traffic handling, UX improvements to multicluster, new support for IPv6, and more. Come prepared to learn about the world's fastest, lightest service mesh!
Speakers
avatar for William Morgan

William Morgan

Linkerd Director, Buoyant CEO, Buoyant
William is a director on the Linkerd project and the co-founder and CEO of Buoyant, the creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, a software engineer at Powerset, Microsoft, and Adap.tv, a research scientist at MITRE. He holds an MS in computer... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Linkerd

4:30pm MST

SIG Instrumentation Introduction and Deep Dive - Han Kang, David Ashpole & Richa Banker, Google; Damien Grisonnet, Red Hat
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3| 355 BC
Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. We will begin with an introductory overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. This deep dive session will go into detail about currently ongoing efforts happening within SIG Instrumentation to share with the audience concrete pieces of work to encourage future collaboration. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make instrumentation even better!
Speakers
avatar for Richa Banker

Richa Banker

Richa Banker, Google
Currently a software engineer at Google. Exploring and contributing to OSS Kubernetes on the side.
avatar for Han Kang

Han Kang

Senior Staff Software Engineer, Google
Han Kang is a Senior Staff Software Engineer at Google. Han co-chairs SIG instrumentation while also participating in SIG API Machinery, focusing on operational aspects of managing Kubernetes clusters.
avatar for David Ashpole

David Ashpole

David Ashpole, Google
TODO
avatar for Damien Grisonnet

Damien Grisonnet

Senior Software Engineer, Red Hat
Damien Grisonnet is a Software Engineer at Red Hat, he is very active in the monitoring ecosystem of Kubernetes for which he serves as a technical lead for Kubernetes SIG Instrumentation as well as a maintainer for projects such as kube-state-metrics, metrics-server, and prometheus-adapter... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Instrumentation

4:30pm MST

Understanding How OpenTelemetry Network Uses eBPF for Network Observability - Shivanshu Raj Shrivastava, SigNoz & Jonathan Perry, State-fu
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
The recent advancements in eBPF tooling, including the enhanced eBPF runtime embedded in the Linux kernel, the BPF Compiler Collection (BCC) for efficient kernel tracing, and the LLVM Compiler for converting C code to eBPF programs, have made it easier to provide always-on network visibility. OpenTelemetry Network leverages these foundational tools to provide out-of-the-box network observability for modern infrastructures. In this talk, we'll explore the architecture of the OTel Network, focusing on its key components: the kernel collector, kubernetes collector, cloud collector, and reducer which together enable collecting, ingesting, aggregating, enriching, and exporting telemetry data collected from various sources. We'll show an end-to-end setup to demonstrate the use of these agents and reducer component to send data to the OTel collector. This session aims to equip end-users and contributors with the necessary infomation to get started with the OpenTelemetry Network project.
Speakers
avatar for Jonathan Perry

Jonathan Perry

Founder, State-fu
Jonathan Perry is a maintainer of the OpenTelemetry eBPF network collector. His PhD research at MIT CSAIL focused on performance isolation in datacenter and cloud networks, aiming to enhance network efficiency and reduce latency. Jonathan founded Flowmill, where he developed eBPF-based... Read More →
avatar for Shivanshu Raj Shrivastava

Shivanshu Raj Shrivastava

Founding Engineer, SigNoz
Shivanshu is a Founding Engineer at SigNoz, working on building an OTeL native observability product. He has a keen interest in deep tech and OSS. He is a CNCF ambassador and a member of CNCF projects like OTeL, k8s, and Istio. He has got the opportunity to mentor contributors in... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, OpenTelemetry

4:30pm MST

Watching the Watchers: How We Do Continuous Reliability at Grafana Labs - Nicole van der Hoeven, Grafana Labs
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Nothing is foolproof. Everything fails eventually. Observability tools help predict and lessen the impact of those failures, as the watchers of your software systems. But who watches the watchers? At Grafana Labs, we're not immune to production incidents. Just like any company, we still sometimes move too quickly. We run complex, microservices-based systems ourselves, so we have to eat our own dogfood on a daily basis. In this talk, I reveal: - how we solved a years-long mystery that cost us $100,000+ - how we got our internal Mimir clusters to reliably hold 1.3 billion time series for metrics - what we've had to do to scale our Loki clusters to handle 324 TB of logs a day - what our Grafana dashboards to monitor Grafana Cloud look like Sometimes, it's easier to learn from failures in observability than from successes. This talk is a confession of some of our worst sins as well as a realistic look under the hood at how we're improving the continuous reliability of our stack.
Speakers
avatar for Nicole van der Hoeven

Nicole van der Hoeven

Senior Developer Advocate, Grafana Labs
Nicole is a Senior Developer Advocate at Grafana Labs and a performance engineer with over a decade of experience in breaking software and learning to build it back up again. She has lived in the Philippines, the US, Australia, the Netherlands, and Portugal, helping teams all over... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability
  • Content Experience Level Any

4:30pm MST

Kubernetes at Scale: Practical Solutions for Enhanced CNI and Kubelet Performance - Henrique Santana, Amazon Web Services & Bruno Gabriel da Silva, Sysdig
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 BC
In this session, we'll explore challenges faced in maintaining optimal performance for Container Network Interface (CNI) and Kubelet components in Kubernetes clusters. Based on recurring real-world scenarios, we will dive into troubleshooting and mitigations of issues such as IP address allocation delays, registry pull queries per second (QPS), disk throttling. These pose significant impacts on the performance, scalability and stability of Kubernetes clusters. Our discussion will revolve around practical strategies aimed at mitigating such challenges, leveraging multiple block storage volumes, adjusting instance types, tuning registryPullQPS settings, and exploring the benefits of prefix mode for faster IP address allocation. Additionally, we'll examine the role of warm IP pools, and the implications of WARM_ENI_TARGET settings on CNI performance, providing attendees with a comprehensive understanding on how to optimize CNI and Kubelet performance effectively.
Speakers
avatar for Bruno Gabriel da Silva

Bruno Gabriel da Silva

Sr. Solutions Engineer, Sysdig
I have been working as a Solutions Engineer for several years, with my passion for cloud-native technologies igniting around 2018. That year, I transitioned from a traditional IT Windows Sysadmin role to fully embracing DevOps, focusing entirely on Open Source and Cloud. My first... Read More →
avatar for Henrique Santana

Henrique Santana

Sr. Cloud Support Engineer, Amazon Web Service
I'm Containers Specialist with over 15 years of experience in infrastructure operations. Skilled at automating workflows and solving problems through user-centered design and emerging technologies. Currently focusing on containers and container orchestration. Adept at optimizing resource... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

4:30pm MST

Perform Laser Focused Deployments by Deciding in Advance the Blast Radius - Kostis Kapelonis, Octopus deploy
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 250
Progressive Delivery is an advanced deployment method that allows for zero-downtime application releases. Argo Rollouts is a Kubernetes controller that allows you to adopt progressive delivery in the form of blue/green and canary deployments. We see a lot of teams that choose an arbitrary number of clients that access the new version of a canary. Yes, it is very easy to send only 10% of the traffic to the new version of a Kubernetes deployment. But sometimes you want to choose WHICH 10% sees the new traffic. In this talk we will see several approaches on pinning down specific clients to the old or new version and advanced scenarios for sending canary traffic only to a specific subset of users such as internal employees or customers who have expressed their interest on seeing brand new releases as soon as possible.
Speakers
avatar for Kostis Kapelonis

Kostis Kapelonis

Developer Advocate, Codefresh by Octopus Deploy
Kostis is a software engineer/technical-writer dual class character. He lives and breathes automation, good testing practices and stress-free deployments with GitOps.
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 250
  SDLC

4:30pm MST

Expanding the Capabilities of Kubernetes Access Control - Jimmy Zelinskie, authzed & Lucas Käldström, Upbound
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 151
Kubernetes RBAC is an effective way of managing ACLs in one cluster. However, there are many other effective paradigms out there, such as Attribute- & Relation-based Access Control. In this talk, we’ll demystify how these differ, and when to use respective paradigms, giving context and guidance. We’ll highlight how Kubernetes access control has recently evolved towards supporting lots of different use-cases. We take this opportunity to cover multiple perspectives: security within a single cluster (zooming in) and security within real-life production environments with external services and multiple clusters (zooming out). As containers became ubiquitous first with excellent tools like Docker, we believe the same can and will happen for access control, yielding uniform, interoperable and understandable authorization. Finally, we'll propose future work that could be done to supercharge Kubernetes and ensure it keeps up with the ever increasing security requirements in our industry.
Speakers
avatar for Lucas Käldström

Lucas Käldström

Senior Software Engineer, Upbound
Lucas is a Kubernetes and cloud native expert who has been serving the CNCF community in lead positions for 6 years. He’s awarded Top CNCF Ambassador 2017 with Sarah Novotny. Lucas was a co-lead for SIG Cluster Lifecycle, co-created kubeadm, Weave Ignite, and ported Kubernetes to... Read More →
avatar for Jimmy Zelinskie

Jimmy Zelinskie

Co-founder, authzed
Jimmy Zelinskie is a software engineer and product leader with a goal of democratizing software via open source development. He's currently CPO of authzed where he's focused on bringing hyperscaler best-practices in authorization to the industry at large. At CoreOS, he helped pioneer... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 151
  Security

4:30pm MST

Tutorial: Get the Most Out of Your GPUs on Kubernetes with the GPU Operator - Eduardo Arango Gutierrez, Tariq Ibrahim, Amanda Moran & Christopher Desiniotis, NVIDIA; David Porter, Google
Wednesday November 13, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
NVIDIA’s GPU operator has become the de-facto standard for managing GPUs in Kubernetes at scale. This tutorial provides in-depth, hands-on training on the various GPU sharing techniques that are possible with the GPU operator. Participants will learn to deploy jobs utilizing these sharing techniques, as well as get hands-on experience on the installation and configuration of the NVIDIA GPU Operator itself. This includes an in-depth exploration of its two primary CRDs: ClusterPolicy and NVIDIADriver. These CRDs are essential for configuring GPU-accelerated nodes, enabling GPU sharing mechanisms, and performing GPU driver upgrades. The session will culminate with practical use cases, such as training an AI/ML model and giving participants firsthand experience in managing a GPU-accelerated Kubernetes cluster.
Speakers
avatar for Christopher Desiniotis

Christopher Desiniotis

Senior Systems Software Engineer, NVIDIA
Christopher Desiniotis is a Senior Systems Software Engineer on the Cloud Native team at NVIDIA where he works on enabling GPUs in containers and Kubernetes. He is a maintainer of the NVIDIA GPU Operator, a widely used tool for managing GPUs in Kubernetes, and is focused on increasing... Read More →
avatar for David Porter

David Porter

Senior Software Engineer Google, Google
David Porter is a Senior Software Engineer at Google on the Kubernetes node team. David’s focus is on the kubelet node agent and the resource management area. He is primary maintainer of cAdvisor, a resource monitoring library widely used in kubernetes, reviewer of a SIG Node, and... Read More →
avatar for Eduardo Arango Gutierez DE

Eduardo Arango Gutierez DE

Senior systems software engineer, NVIDIA
Eduardo is a Senior Systems Software Engineer at NVIDIA, working on the Cloud Native Technologies team. Eduardo has focused on enabling users to build and deploy containers on distributed environments.
avatar for Tariq Ibrahim

Tariq Ibrahim

Senior Software Engineer, NVIDIA
Tariq Ibrahim is a Senior Cloud Platform Engineer on the Cloud Native team at NVIDIA where he works on enabling GPUs in containers and Kubernetes. He is a maintainer of the NVIDIA GPU Operator. He has also contributed to several cloud native OSS projects like kube-state-metrics, Istio... Read More →
avatar for Amanda Moran

Amanda Moran

https://www.nvidia.com/en-us/, NVIDIA
Amanda has been working in technology since graduating from SCU in 2012 with a Master’s in Science in CS. Prior to this she had graduated with an BS in Biology from UW. Amanda has worked the last 12 years as a Software Engineer, a Solutions Architect, and an Engineering Manager... Read More →
Wednesday November 13, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, AI + ML

5:20pm MST

Project Pavilion Tour with Jorge Castro + Bob Killen
Wednesday November 13, 2024 5:20pm - 6:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise. 

This tour session will focus specifically on End Users and TABs.
Wednesday November 13, 2024 5:20pm - 6:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

5:25pm MST

Detecting and Overcoming GPU Failures During ML Training - Sarah Belghiti, Wayve & Ganeshkumar Ashokavardhanan, Microsoft
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 EF
Scaling ML training demands powerful GPU infrastructure, and as model sizes and training scale increases, GPU failures become an expensive risk. From outright hardware faults to subtle performance degradation, undetected GPU problems can sabotage training jobs, inflating costs and slowing development. This talk dives into GPU failure challenges in the context of ML training, particularly distributed training. We will explore the spectrum of GPU issues, and why even minor performance drops can cripple large jobs. Learn how observability (leveraging tools like NVIDIA DCGM) enables proactive problem detection through GPU health checks. Understand principles of fault-tolerant distributed training to mitigate GPU failure fallout. Drawing on cloud provider and autonomous vehicle company experience, we will share best practices for efficient identification, remediation, and prevention of GPU failures. We will also explore cutting-edge ideas like CRIU and task pre-emption for GPU workloads.
Speakers
avatar for Ganeshkumar Ashokavardhanan

Ganeshkumar Ashokavardhanan

Software Engineer, Microsoft
Ganesh is a Software Engineer on the Azure Kubernetes Service team at Microsoft, working on node lifecycle, and is the lead for the GPU workload experience on this kubernetes platform. He collaborates with partners in the ecosystem like NVIDIA to support operator models for machine... Read More →
avatar for Sarah Belghiti

Sarah Belghiti

ML Platform Engineer, Wayve
Sarah Belghiti is an ML Platform Engineer at Wayve, a leading developer of embodied intelligence for autonomous vehicles. She works on the infrastructure, scheduling and monitoring of ML workloads. With GPUs becoming an increasingly scarce resource, her focus has been on building... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 EF
  AI + ML

5:25pm MST

Production AI at Scale: Cloudera’s Journey in Building a Robust Inference Platform - Zoram Thanga & Peter Ableda, Cloudera
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Hall DE
In this session, we talk about Cloudera AI Inference Service, a secure, large scale platform for generative AI and predictive inference workloads, built using state of the art Kubernetes, CNCF and Apache open source projects. We take the audience through our journey in building this platform and share the experiences we gained along the way. The platform is built using openness, security, scalability, performance and standards compliance as guiding principles. We demonstrate that it is possible to be open and secure at the same time, and that organizations can incorporate production grade AI inferencing into their Big Data environments. This session will cover the architecture of the platform, and explain how we handle performance, scaling, authentication, fine grained authorization and audit logging, all of which are critical considerations for production inferencing.
Speakers
avatar for Peter Ableda

Peter Ableda

Director, Product Management, Cloudera
Peter Ableda is the Director of Product Management for Cloudera’s AI product suite, bringing over a decade of experience in data management and advanced analytics. Holding a Master of Science degree in Computer Science from the Budapest University of Technology, Peter has dedicated... Read More →
avatar for Zoram Thanga

Zoram Thanga

Principal Engineer, Cloudera
Zoram is a Principal Engineer, Enterprise AI Platform in Cloudera. He has been working in the software industry for over 23 years, and has been involved in building clustering software, containers, file systems, analytical query engines, and ML/AI platforms. He is a committer in the... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

5:25pm MST

Conquering Configuration Constraints: Real-World Patterns for Distributing Data at Scale in Kubernet - Daniel Hrabovcak, Google
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Did you know that major Cloud providers cap the amount of volumes you could attach to a node? You may be tempted to use a ConfigMap or a Secret instead; however, did you know that Kubernetes caps the size of all resources to 1 MiB? What if you need arbitrarily large data? After all, reaching these limits may effectively render your application completely useless and for commonly used operators, constraints are exacerbated. In this talk, we cover all built-in storage mechanisms and their pitfalls. Not only can your data be large, but what about auto-scaled workloads which access the same data? We explore patterns that we at Google explored while working on our open source Prometheus operator, including: variable expansion, compression, sharding, projected volumes and dynamically mounting resources. We discuss how to shape the user configuration surface and how to make your data available at scale. Especially a must-see for anyone distributing configurations in their operator!
Speakers
avatar for Daniel Hrabovcak

Daniel Hrabovcak

SWE, Google
Daniel Hrabovcak is a software engineer at Google working within Cloud Monitoring to build Google Cloud’s Managed Service for Prometheus. Daniel’s love of coding has lasted a decade, touching on open-source game development and a previous career in full stack development, giving... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

5:25pm MST

Container Image Workflows at Scale with Buildpacks - Jesse Brown, Heroku & Aidan Delaney, Bloomberg
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3 | 355 EF
Buildpacks transform source applications into images that run on any cloud. Each output image contains a full Software Bill of Materials which allows platform developers to know precisely what software is deployed. This makes them an excellent solution where a container runtime is provided to untrusted or semi-trusted development teams. There are wider use-cases where many application development teams share a common runtime, like Kuberenetes. In this talk we look at using Buildpacks to deploy web applications at scale, we consider batch processing in large workflows - particularly AI/machine learning workflows - and we look at an example Functions as a Service platform that uses Buildpacks.
Speakers
avatar for Jesse Brown

Jesse Brown

Software Engineer, Heroku
Jesse is a software engineer at Heroku, currently based in Memphis, TN. With a focus on the Heroku Builds suite of services, Jesse has been contributing to buildpacks.io since 2019 and earned maintainer status in 2021. Passionate about Kubernetes and large-scale systems, Jesse dedicates... Read More →
avatar for Aidan Delaney

Aidan Delaney

Bloomberg
Aidan is a Buildpacks.io maintainer and currently works in Bloomberg's Data Management Services team.  He has worked on Buildpacks (and other infrastructure) for AI and large scale data processing.  He likes to build well-tested platforms that have clean interfaces.
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Buildpacks

5:25pm MST

Distributed Tracing with Jaeger and OpenTelemetry - Jonah Kowall, Independent & Pavol Loffay, Red Hat
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
In this session, we will introduce the Jaeger project, explain distributed tracing concepts, and the value it brings compared to other telemetry signals like metrics and logs. The session will continue with a live Jaeger demo, after which the audience will understand the platform features. We will switch gears to focus on the exciting release of Jaeger v2, which is due to be released very soon. This new version will further incorporate OpenTelemetry into Jaeger natively. Then we’ll delve into service performance monitoring and the changes which have happened to this critical feature. We will finish by talking about the roadmap and how to get involved with the project, including our expanding LFX and Google Summer of Code mentorship programs.
Speakers
avatar for Pavol Loffay

Pavol Loffay

Principal Software Engineer, Red Hat
Pavol Loffay is a principal software engineer at Red Hat working on open-source observability technology for modern cloud-native applications. Pavol contributes and maintains Cloud Native Computing Foundation (CNCF) projects OpenTelemetry and Jaeger. In his free time, Pavol likes... Read More →
avatar for Jonah Kowall

Jonah Kowall

CTO, TBD (between roles)
Jonah Kowall, computer scientist and open-source contributor to OpenSearch, Jaeger, OpenTelemetry. A technical leader across startups to large enterprises specialized in operations, security, and performance. Led Gartner research on monitoring. Product leadership at AppDynamics, Cisco... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Jaeger

5:25pm MST

Observability TAG Round-up and What’s New for AI Observability - Alolita Sharma, Apple & Chris Larsen, Netflix
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
The Observability TAG has been busy in 2024. We've been hard at work on exciting initiatives designed to address the challenges of large-scale observability. This session will provide an update on our activities, workgroups, and achievements. The cloud is undergoing a supernova event! Massive deployments of GPUs and NPUs running AI workloads are fueling a revolution, but implementing observability for this new ecosystem can easily devour your budget. As CNCF’s Observability TAG, we'll dive into the latest trends in observability that address the cost challenges of the AI Cloud. See what’s new to help manage observability data more effectively, optimize operational efficiency, and keep costs under control.
Speakers
avatar for Chris Larsen

Chris Larsen

Senior Software Engineer, Netflix, Netflix
Observability engineer focusing on cross telemetry correlation and maintainer of OpenTSDB.
avatar for Alolita Sharma

Alolita Sharma

Observability Engineering, Apple
Alolita Sharma is a member of OpenTelemetry GC, Observability TAG co-chair, CNCF End-User TAB Chair and Governing Board member. She leads Apple’s AIML observability teams. She contributes to open source, open standards at OpenTelemetry, Unicode, W3C. She has served on the boards... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Observability

5:25pm MST

Squashing Trampoline Pods: The Future of Securely Enabling Hardware Extensions - Joe Betz, Google & David Eads, Red Hat
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3| 355 BC
Prevent a single node compromise from leaping to other nodes.  If you deploy or develop per-node agents, learn how to combine recent and developing features (validating admission policy, service account token node claims, CRD field selectors, and field selector authorization) to build secure hardware extensions.
Speakers
avatar for Joe Betz

Joe Betz

Staff Software Engineer, Google
Joe Betz is a tech lead of the Kubernetes api-machinery SIG. Joe has contributed to extensibility features including custom resources, admission webhooks, and CEL. Joe has also contributed to etcd as a project maintainer.
avatar for David Eads

David Eads

Senior Principal Software Engineer, Red Hat
David Eads is a senior principal software engineer at Red Hat and co-lead for Kubernetes sig-apimachinery and TL for sig-auth.
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, API Machinery

5:25pm MST

XRegistry - Looking Beyond CloudEvents - Calum Murray, University of Toronto
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
CloudEvents helps in the delivery of events by standardizing where common event metadata can be found in the messages carrying those events without the need to understand the schema of each event. But discovering which endpoints support those events, how to communicate with them, and finding the schema of the messages carrying those events can be challenging. This is where xRegistry can be used. xRegisty defines a core set of interoperable APIs for a generic "registry" that can be used to persist and query its contents to help discover resources and their metadata. On top of this extensible base registry model we are developing 3 domain specific registries: Endpoint, Message and Schema registries - specifically aimed at enabling the automation, tooling and code generation often needed in distributed systems development. In this session you will learn about CloudEvents, xRegistry and how we're trying to help users be more productive in an event-driven world.
Speakers
avatar for Calum Murray

Calum Murray

Engineering Science Student, University of Toronto, Faculty of Applied Science and Engineering
I'm a software engineer, and I love building cool things in open source. I like to seek out the most interesting and challenging problems which I think will have a large impact, and build creative solutions to them. I also like to share my passion for open source with others, and... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Cloudevents

5:25pm MST

The OTTL Cookbook: A Collection of Solutions to Common Problems - Tyler Helmuth, Honeycomb & Evan Bradley, Dynatrace
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Is your telemetry missing key attributes? Maybe there are details in your log bodies you’d rather have as attributes. It is common to find yourself in situations where your data doesn't look how you expect: it's too large, the wrong shape, or doesn't have everything you want. The OpenTelemetry Collector uses the OpenTelemetry Transformation Language (OTTL) to solve these problems. OTTL enables telemetry transformations based on any field of the payload, utilizing functions to execute the changes. In this session, Tyler and Evan will go over a brief intro to OTTL and then cover example after example of situations where you can use OTTL to solve processing problems in the Collector, like setting attributes, or defining an entire OTLP log record from a kubernetes event. Get ready with situations of your own, as we’ll save time at the end to try writing OTTL statements live on stage for your transformation or filtering issues so we can demonstrate how flexible OTTL truly is.
Speakers
avatar for Tyler Helmuth

Tyler Helmuth

Sr. Software Engineer, Honeycomb
Tyler is a Sr. Software Engineer at Honeycomb with a passion for observability and helping users start their observability journey. He is a maintainer for the OpenTelemetry Collector and OTel Helm Charts, and an active contributor to other OTel repositories. While not its originator... Read More →
avatar for Evan Bradley

Evan Bradley

Senior Software Engineer, Dynatrace
Evan helps maintain the OpenTelemetry Collector, where he is also a primary contributor to the OpenTelemetry Transformation Language (OTTL) and the OpenTelemetry Agent Management Protocol (OpAMP) Collector components. Evan has a background in developing DevOps tooling and observability... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability
  • Content Experience Level Any

5:25pm MST

Misadventures in Large Scale Cluster Performance - Shane Corbett, AWS & Dima Ilchenko, Lacework
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 BC
Join us for our follow up to one of the highest rated talks of kubecon 2022 (73,000 pods a day, lessons from misadventures in multi-tenant). We are on a new misadventure, asking the question what if some of the most popular advice about Kubernetes was just...wrong? We spent over two years pouring through 800 page linux kernel performance books, tweaking obscure control plane settings, and developing detailed custom monitoring dashboards so you don’t have to! Join us as we take you through real world findings that took months of research to fully understand, and provide evidence that some of the things we were convinced were best practices, were the very things holding us back the most.
Speakers
avatar for Dima Ilchenko

Dima Ilchenko

SRE, Lacework
Dima is a staff SRE on a Compute Platform Team focused on troubleshooting, observability and scalability of large-scale Kubernetes platform at Lacework. Lacework's unique features create unique challenges that push Kubenetes to its limits, offering Dima unique perspective into often... Read More →
avatar for Shane Corbett

Shane Corbett

Senior Kubernetes Specialist, AWS
Shane Corbett is a Senior Containers Specialist at AWS focused on helping customers with the finer points of Kubernetes large scale design and performance. When not pushing Kubernetes to extremes you will find Shane pursuing his lifelong obsession of exploring the edge of the extreme... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

5:25pm MST

Creating Paved Paths for Platform Engineers - Ritesh Patel, Nirmata; Abby Bangser, Syntasso; Viktor Farcic, Upbound; Nicholas Morey, Akuity; Praseeda Sathaye, Amazon
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
The platform engineering team's role has evolved into a pivotal one as the custodian of the internal developer platform. However, these teams often find themselves in a quagmire of identifying the right components to include in their platforms, particularly in the ever-expanding CNCF landscape. This panel session discusses these challenges by exploring the concept of 'Paved Paths' as a strategic approach to guide platform teams in their journey of building an internal developer platform (IDP). 'Paved Paths' offers a solution by providing platform engineering teams with proven reference architectures (e.g. CNOE and the BACK Stack). This approach prevents them from starting from scratch and getting lost in the vast CNCF landscape. By offering proven and opinionated reference architectures, platform teams can focus on enhancing developer experiences and optimizing higher-level workflows rather than grappling with the complexities of identifying foundational components for their IDP.
Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a lead rapscallion at Upbound, a member of the CNCF Ambassadors, Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Ritesh Patel

Ritesh Patel

Co-Founder & VP Product, Nirmata
Ritesh Patel is Co-founder and leads Products at Nirmata, the creators of Kyverno. At Nirmata, he is responsible for commercial products for Kubernetes security, governance, and automation. He also leads key technology partnerships. Ritesh has 20+ years of experience delivering enterprise... Read More →
avatar for Praseeda Sathaye

Praseeda Sathaye

Principal Specialist Solution Architect, Amazon (AWS)
Praseeda Sathaye is a Principal Specialist SA for App Modernization and Containers at Amazon Web Services based in Bay Area California. She has been focused on helping customers speed their cloud-native adoption journey by modernizing their platform infrastructure, internal architecture... Read More →
avatar for Nicholas Morey

Nicholas Morey

Senior Developer Advocate, Akuity
Nicholas Morey is a Platform Engineer with a passion for DevOps practices. He is on the team at Akuity as a Developer Advocate, working with the community on anything Argo and Kargo-related. He is an experienced Argo CD operator and a Certified Kubernetes Administrator.
avatar for Abby Bangser

Abby Bangser

Principal Engineer, Syntasso
Abby is a Principal Engineer at Syntasso delivering Kratix, an open-source cloud-native framework for building internal platforms on Kubernetes. Her keen interest in supporting internal development comes from over a decade of experience in consulting and product delivery roles across... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

5:25pm MST

Taming Your Application’s Environments - Marcos Lilljedahl, Dagger & Mauricio "Salaboy" Salatino, Diagrid
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 250
How coupled are your applications code and pipelines to its target cloud or on-prem environment? Kubernetes helps us to abstract how we run our workloads. However, there are other aspects, like infrastructure dependencies, service configuration, build process, deployment descriptors, etc., which need to be considered to make an application portable across multiple environments. Focusing on these aspects make a big difference when migrating apps to reduce costs, meeting compliance requirements or leveraging a specific tech only available somewhere else. Join us to cover three techniques you can implement to level up your SDLC: - Modularizing and enhancing our delivery pipelines to simplify complex environments (Crossplane and Dagger) - Building consistent experiences around well-known interfaces (CloudEvents, Dapr, and OpenFeature) to minimize runtime drift. - Design with separation of concerns to enable fast feedback loops between development and operation teams (Argo CD, Knative)
Speakers
avatar for Marcos Lilljedahl

Marcos Lilljedahl

Software Engineer, Dagger
Dad, Docker Captain, OSS lover, helmsman and wine drinker. Father of a joyful kid and wannabe surfer. I like listening to jazz music and tinker with some fun projects when possible. Avid open source contributor.
avatar for Mauricio Salatino

Mauricio Salatino

OSS Software Engineer, Diagrid
Mauricio works as an Open Source Software Engineer at @Diagrid, contributing to and driving initiatives for the Dapr OSS project. Mauricio also serves as a Steering Committee member for the Knative Project and Co-Leading the Knative Functions initiative. He published a book titled... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 250
  SDLC

5:25pm MST

From Observability to Enforcement: Lessons Learned Implementing eBPF Runtime Security - Anna Kapuścińska & Kornilios Kourtis, Isovalent
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 151
eBPF is getting widely adopted in cloud native runtime security tools like Falco, KubeArmor, and Tetragon. Using eBPF we can collect relevant security events right in the kernel and pass them to Security Engineers for retroactive attack detection and response. Having reliable and complete visibility is great, but wouldn't it be even better to proactively prevent attacks in progress? This talk covers the Tetragon team’s experience moving from security observability to enforcement and lessons learned along the way: from defining security models to hardening interactions between the local kernel and distributed Kubernetes systems. It will deep dive into how eBPF-based enforcement works, why it differs from observability, and the challenges of implementing it. The audience will walk away understanding the inner workings and common pitfalls of eBPF-based runtime security.
Speakers
avatar for Kornilios Kourtis

Kornilios Kourtis

Dr, Isovalent
I am a software engineer at Isovalent, working on cloud-native networking, security, and observability using eBPF. Before that, I worked in industrial (IBM) and academic research (ETH Zurich, NTU Athens) in systems, including operating systems, storage and network stacks, and high-performance... Read More →
avatar for Anna Kapuścińska

Anna Kapuścińska

Software Engineer, Isovalent, now part of Cisco
Anna is a software engineer at Isovalent, focusing on eBPF-based observability and security. Her previous roles span the industry: she wore both developer and SRE hats, and worked in AdTech, FinTech, public healthcare, end-user SaaS company and a hosting provider. On good weather... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 151
  Security

5:25pm MST

Workload Identity Federation – Stop Using Long-Lived Credentials - Benjamin Dronen, Ford Motor Company & Kristen Newcomer, Red Hat
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 BC
Workload identity federation is a somewhat daunting but extremely beneficial topic in Kubernetes security. In this session, we will share the lessons Ford Motor Company has learned through using workload identity federation with Google Cloud Platform, Microsoft Entra ID, and other platforms at scale from a wide variety of different workload types, how it has enhanced our security posture, improved developers’ lives, and reduced outages.
Speakers
KN
avatar for Benjamin Dronen

Benjamin Dronen

Kubernetes Platform Engineer, Ford Motor Company
Ben Dronen started at Ford Motor Company in 2022 as part of their Ford College Graduate rotational program. He currently holds a Kubernetes Platform Engineering position and focuses on bare metal Kubernetes deployments. Ben attended Andrews University in Southwest Michigan and holds... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 BC
  Security
  • Content Experience Level Any

6:00pm MST

🎉 #KubeCrawl + #CloudNativeFest Sponsored by CDW
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Thank you to our sponsor, CDW!

Join us for a captivating evening at #KubeCrawl + #CloudNativeFest, the highlight of our conference in Salt Lake City!

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Experiences

6:00pm MST

🪧 Poster Session: 0.0.0.0 Day: Exploiting Localhost APIs from the Browser - Avi Lumelsky, Oligo
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Browser-based attacks are not new in the malicious landscape of attack patterns. Browsers remain a popular infiltration method for attackers.  While seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface, and leaving the floodgates ajar to remote network attacks. In this live demo and attack simulation we’ll unveil a zero-day vulnerability (still under responsible disclosure) in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. In our talk, we will present novel attack techniques, targeting developers and employees within an organization, that are behind firewalls. This will be a first-ever deep dive into this newly discovered zero-day vulnerability.
Speakers
avatar for Avi Lumelsky

Avi Lumelsky

AI Security Researcher, Oligo
Avi has a relentless curiosity about business, AI, security—and the places where all three connect. An experienced software engineer and architect, Avi’s cybersecurity skills were first honed in elite Israeli intelligence units. His work focuses on privacy in the age of AI and... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Security

6:00pm MST

🪧 Poster Session: Accepting Mortality: Strategies for Ultra-Long Running Stateful Workloads in K8s - Sebastian Beyvers & Maria Hansen, Giessen University
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
"Pods are mortal" is a well-known quote in the official Kubernetes documentation. For ultra-long running stateful workloads that take months to complete, this mortality comes with its own challenges. How do you react to hardware failures? What resource quotas are appropriate? What if the workload has no built-in persistence and does all its work in memory? For such workloads, failures can be fatal, potentially wiping out months of work. This session will show that despite all the obstacles, Kubernetes can still be a reasonable choice for running stateful workloads that take months to complete. Using real-world examples based on production workflows, we will show how we design, configure, run, and operate such workloads using K8s and Argo workflows. We will also show how intelligent checkpointing using CRIU can help us deal with failures and enables us to avoid some problems even before they occur.
Speakers
avatar for Sebastian Beyvers

Sebastian Beyvers

Distributed Systems Researcher, Giessen University
Sebastian Beyvers is a distributed systems researcher in bioinformatics and a cloud-native Rust developer at Giessen University. Sebastian's current work focuses on cloud-native data storage and processing solutions that try to harmonize existing national and international data ecosystems... Read More →
avatar for Maria Hansen

Maria Hansen

Research Associate, Giessen University
Maria Hansen is a research assistant in the field of (bio)informatics at Justus Liebig University Giessen. She is currently working on a cloud-native data orchestration system that aims to unite existing national and international data ecosystems.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Emerging + Advanced

6:00pm MST

🪧 Poster Session: Climatik: Cloud Native Sustainable LLM via Power Capping - Chen Wang, IBM & Vincent Hou, Bloomberg L.P.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
As GenAI workloads grow, the need for advanced accelerators with higher power consumption is surging. NVIDIA GPU peak power has risen from 300W for V100 to 1000W for B100. However, current power infrastructure and cooling systems are not designed to handle rapid power increases, leading to challenges like limited accelerator deployment in some regions or overheating risks that could cause fire hazards. We propose Climatik, a dynamic power capping system that enables data center and cluster admins and developers to set power caps dynamically at the cluster, service namespace, and rack levels. Climatik leverages Kepler for observability and offers APIs for integration with Kubernetes control knobs, including autoscalers, schedulers, and queuing systems, to ensure power caps are maintained across all levels. We will demo how to use Climatik to configure power capping for a large language model (LLM) inference service on KServe and show how power capping influences KEDA on autoscaling.
Speakers
avatar for Chen Wang

Chen Wang

Senior Research Scientist, IBM
Chen Wang is a Staff Research Scientist at the IBM T.J. Watson Research Center. Her interests lie in Kubernetes, Container Cloud Resource Management, Cloud Native AI systems, and applying AI in Cloud system management. She is an open-source advocate, a Kubernetes contributor, and... Read More →
avatar for Vincent Hou

Vincent Hou

Senior Software Engineer, Bloomberg L.P.
Vincent Hou is a Chinese software engineer, who used to study in Belgium and is currently working in US. He has been an active open source contributor, since 2010. He used to be an active contributor to Cinder project, OpenStack block storage service, and a core committer of OpenWhisk... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, AI + ML

6:00pm MST

🪧 Poster Session: Kubernetes as a Geographically Distributed System - Ildiko Vancsa, Open Infrastructure Foundation
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Kubernetes was designed to be the best container orchestration platform on top of a cloud infrastructure in one data center. What do you do when you want to take your deployment and grow it in various geographical locations, but sill keep it as part of one system? You will have to face with complexity and figure out infrastructure management on a massive scale, and neither of these is easy to tackle. However, you don't have to go back to the drawing board, because the platform that delivers on requirements and expectations, already exists and it is called StarlingX. The StarlingX project is a fully integrated, open source cloud platform that is running in production at large telecom operators, who rely on its distributed cloud architecture along with next-level container orchestration support, which is provided by Kubernetes. This talk will introduce the StarlingX platform, share highlights from its latest release and show how it takes Kubernetes to the next level!
Speakers
avatar for Ildiko Vancsa

Ildiko Vancsa

Director of Community, Open Infrastructure Foundation
Ildikó is working for the Open Infrastructure Foundation as Director of Community. As part of her role, she is the Community Manager for StarlingX and Kata Containers, and a co-leader of the OpenInfra Edge Computing Group. Ildikó has been contributing to projects like OpenStack... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Operations + Performance

6:00pm MST

🪧 Poster Session: Optimizing Pod Affinity in Kubernetes: A Mathematical Approach to Workload Placement - Jack Xue, Microsoft
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
A standout feature of Kubernetes is its sophisticated mechanism for pulling container images from repositories, aligning containers with the appropriate pods, and strategically deploying pods to nodes that meet their resource requirements—such as CPU, GPU, RAM, network, and storage. This process adheres to the defined affinity and anti-affinity specifications between pods and nodes. Despite these capabilities, the challenge of optimally arranging a multitude of workloads, each comprising several pods within a cluster, remains an ongoing endeavor. In our research, we illustrate that a set of YAML files, which detail a workload deployment request, can be systematically transformed into a Binary Integer Linear Programming (BILP) model. Depending on the specific optimization goals, the objective functions of the model can be tailored accordingly. With the imposition of broad conditions, it is feasible to derive an optimal solution that adheres to polynomial time complexity constraints.
Speakers
avatar for Jack Xue

Jack Xue

Principal Cloud Solution Architect, Microsoft
PhD & MBA. Principal Cloud Solution Architect, Microsoft
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Platform Engineering

6:00pm MST

🪧 Poster Session: Revolutionizing Windows Container Startup Performance - Tina Wu & Shaheed Chagani, Microsoft
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Are you frustrated by Windows container delays and struggling to meet demand spikes? We are excited to introduce a suite of innovations that will revolutionize your Windows container startup and scaling experience. Conventional Windows container image download, import, and launch processes have long suffered from sluggishness and inefficiencies. By leveraging a new storage stack, CimFS & UnionFS, we anticipate a 30%+ improvement in container image import and launch times. Building on top of that, we are excited to announce Artifact Streaming for Windows Containers to drastically reduce image download time from minutes to seconds. This session will showcase an in-depth exploration of the architecture, implementation intricacies, and tangible benefits of the new storage stack. We will also guide you through compelling use cases and performance benchmarks that highlight the impact. Don't miss the opportunity to stay at the forefront of Windows container technology innovations.
Speakers
avatar for Shaheed Chagani

Shaheed Chagani

Principal Software Engineering Lead - Microsoft, Microsoft
Principal Software Engineering Lead for the File System Virtualization team.
avatar for Tina Wu

Tina Wu

Senior Product Manager, Microsoft
Tina is a Senior Product Manager on the Windows Storage & File Systems team and works on technologies such as Artifact Streaming for faster image downloads for Windows Containers, CimFS & UnionFS for a modern container launch stack, and Storage Spaces for storage virtualization.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Operations + Performance

6:00pm MST

🪧 Poster Session: Unleashing the Power of Init and Sidecar Containers in Kubernetes - Carlos Sanchez & Natalia Angulo, Adobe
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
This session dives deep into the power of init and sidecar containers, the issues they solve and why they are very useful when managing Kubernetes workloads. We will explore real-world use cases that show how these tools can: * Simplify complex deployments: Break down intricate deployments into manageable steps. * Enhance security: Isolate security critical tasks within your pods and ongoing security measures. * Facilitate rapid and isolated changes: when everyone is interested in updating the same service, separation of concerns is critical for rapid development. * Boost application functionality: Utilize sidecar containers to inject essential functionalities like logging, monitoring, and networking capabilities without modifying your main application code. Our goal is to share our experience and challenges managing thousands of environments in Kubernetes, how we manage init and sidecar containers and what problems they solve for us.
Speakers
avatar for Natalia Angulo

Natalia Angulo

Software Developer Engineer, Adobe
Natalia Angulo is a Software Development Engineer at Adobe Experience Manager, contributing to Site Reliability tasks and the development of new features inside AEM, and specially helping with their infrastructure management. She is passionate about maths, coding puzzles and teaching... Read More →
avatar for Carlos Sanchez

Carlos Sanchez

Principal Scientist, Adobe
Carlos Sanchez is a Principal Scientist at Adobe Experience Manager, specializing in software automation, from build tools to Continuous Delivery and Progressive Delivery. Involved in Open Source for over 20 years, he is the author of the Jenkins Kubernetes plugin and a member of... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Operations + Performance

6:00pm MST

🪧 Poster Session: Unleashing the Power of Prediction to Proactively Scale Control Plane Components - Anubhav Aeron & Ryan Tay, Intuit
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
At Intuit, our control plane components such as IstioD are responsible for hundreds of applications per cluster. It is responsible for configuring data plane, as well as injecting the istio-proxy container. With an increase in application traffic, there is an increase in application pods, which results in the control plane to scale up. For critical control planes such as IstioD, it is wise to scale proactively, rather than as a reaction to increase in load. With traditional approaches, like tuning HPA thresholds, to scale in advance, we might pre scale even when not required due to outliers, which could be wasteful. At Intuit a novel deep learning forecasting model called N-HiTS was employed to solve this issue. This session will discuss and demo how we train N-HiTS, our most important model features, and how we deploy our service on a per-cluster basis to provide contextualized predictions for cost effective and on time auto-scaling.
Speakers
avatar for Anubhav Aeron

Anubhav Aeron

Staff SE, Intuit
Anubhav is a seasoned software engineer in the field of Cloud Native Technologies, and has been doing Kubernetes and Service Mesh since 2016. He developed Redis Cluster as a Service, and a Templating Engine while working at Yahoo! He is the lead maintainer of Admiral, which is an... Read More →
RT

Ryan Tay

Software Engineer, Intuit Inc.
As a software engineer on the Service Mesh team at Intuit, Ryan works to support Intuit's extensive Istio deployment through contributions to projects like Admiral. He has previously worked to reduce costs of cloud development environments for the Intuit API Gateway team. His main... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Platform Engineering

6:00pm MST

🪧 Poster Session: Unveiling Anomalies: eBPF-Based Detection in High-Volume Encrypted Network Traffic - Ben Smith-Foley, Rensselaer Center for Open Source
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
The increased use of encryption in network traffic presents a significant challenge for traditional network monitoring and security tools. As encrypting traffic becomes the norm, so does the need for advanced methods to detect malicious activities hidden within encrypted traffic. This poster will focus on how eBPF can be utilized to gain early observability into incoming packets by capturing and analyzing metadata before packets are fully processed, and how eBPF offers a unique vantage point for identifying anomalies in real-time. It will discuss methods to detect abnormal patterns, the design of the eBPF programs used, and the integration of these programs into a broader monitoring framework. The insights from this research have the potential to significantly enhance network security by providing a scalable and efficient solution for monitoring network traffic without compromising privacy. Attendees will gain an understanding of the practical applications of eBPF in network security.
Speakers
avatar for Ben Smith-Foley

Ben Smith-Foley

University Student, Rensselaer Center for Open Source
Ben is a senior at Rensselaer Polytechnic Institute studying Computer Science with a concentration in Systems and Software. He is currently conducting undergraduate research in "Anomaly Detection in High-Volume Encrypted Network Traffic", helps lead the Rensselaer Center for Open... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Security
  • Content Experience Level Any

6:00pm MST

🪧 Poster Session: What's Happening with SPIFFE and WIMSE? - Daniel Feldman, Qusaic
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
This session will be a very brief overview of what's going on with the SPIFFE and WIMSE identity standards projects. SPIFFE is a CNCF effort to standardize workload identity implementations. That is, a SPIFFE implementation can grant services unique identities and credentials. WIMSE is an IETF effort to build on the SPIFFE foundation. In particular, it adds a new, unique token format that allows securely recording multi-hop identity information. Implementors will be able to use this token format to build complete, end-to-end, cryptographically auditable identity records.
Speakers
avatar for Daniel Feldman

Daniel Feldman

Founder, Qusaic
Daniel Feldman has worked with many companies, large and small, to deploy SPIFFE and SPIRE zero-trust identity.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Security

6:10pm MST

Project Pavilion Tour with Aditya Soni, CNCF Ambassador
Wednesday November 13, 2024 6:10pm - 6:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Wednesday November 13, 2024 6:10pm - 6:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties
 
Thursday, November 14
 

8:00am MST

Badge Pick-Up
Thursday November 14, 2024 8:00am - 6:00pm MST
West Temple Entrance (East)
Thursday November 14, 2024 8:00am - 6:00pm MST
West Temple Entrance (East)
  Registration

8:00am MST

Badge Pick-Up
Thursday November 14, 2024 8:00am - 6:00pm MST
200 South Entrance (South)
Thursday November 14, 2024 8:00am - 6:00pm MST
200 South Entrance (South)
  Registration

9:00am MST

Keynotes To Be Announced
Thursday November 14, 2024 9:00am - 10:30am MST
Salt Palace | Level 1 | Hall DE
Thursday November 14, 2024 9:00am - 10:30am MST
Salt Palace | Level 1 | Hall DE
  Keynote Sessions

10:30am MST

Coffee Break ☕
Thursday November 14, 2024 10:30am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Thursday November 14, 2024 10:30am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

10:30am MST

Solutions Showcase
Thursday November 14, 2024 10:30am - 5:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Thursday November 14, 2024 10:30am - 5:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Solutions Showcase

10:40am MST

Project Pavilion Tour with Julia Furst Morgado, CNCF Ambassador
Thursday November 14, 2024 10:40am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Thursday November 14, 2024 10:40am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

11:00am MST

Shifting Gears: Leveraging CNCF Tools to Streamline Operations at Toyota Connected - Benson Phillips & Rob Heckel, Toyota Connected
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 BC
In the evolving landscape of cloud-native ecosystems, aligning teams and standardizing practices is crucial for operational excellence. At Toyota Connected, we faced significant challenges due to inconsistent practices and fragmented collaboration across departments. To address this, we adopted a suite of CNCF tools including ArgoCD, Backstage, Harbor, External Secrets Operator, and OpenCost. This session will delve into our journey of implementing these tools to unify our approach, streamline workflows, and enhance cross-team collaboration. Attendees will gain insights into the practical application of these tools, our successes and failures, and the substantial reduction in time to market achieved. By focusing on the integration of technical solutions and effective team practices, we aim to foster a cohesive and efficient cloud-native environment. This presentation provides actionable strategies for leveraging CNCF tools to drive innovation and excellence in your organization.
Speakers
avatar for Benson Phillips

Benson Phillips

Platform Architect, Toyota Connected
Software oriented, primarily working with cloud native computing. But my interests do not stop there as my love for technology is boundless.
avatar for Rob Heckel

Rob Heckel

Platform Architect, Toyota Connected North America
Rob has over 15 years in technology, specializing in open source and developer enablement. As a Platform Architect for Toyota Connected, he enhances DevOps, SDLC, and SRE practices. He has led the creation of an internal developer platform, streamlined tool integrations, and promoted... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 BC
  Cloud Native Experience
  • Content Experience Level Any

11:00am MST

Harnessing the Power of Envoy Proxy for Building an LLM Gateway - Idit Levine, Solo.io
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 EF
As the demand for LLMs continues to soar, the need for secure, cost-conscious, and content-aware control over its usage is paramount. In this talk, we explore why Envoy Proxy is the optimal choice for building an LLM gateway, leveraging its unique architecture and capabilities. Unlike traditional proxies (e.g. NGINX), which rely on scripting languages for customization, Envoy Proxy stands out due to its extensibility features: filter architecture, callout architecture (ext-proc, ext-auth), and ability to dynamically load libraries. Combined with its high-performant, async core ( C++), Envoy can run as an ingress, egress and mesh gateway. We'll look at using Envoy proxy for LLM credential management, prompt guarding/decorting, analyzing content safety, usage controls, context-aware failover, and observability. Ideal for developers, architects, and tech enthusiasts looking to solve challenges around LLM usage and picking the right technologies for their platform infrastructure.
Speakers
avatar for Idit Levine

Idit Levine

Founder & CEO, Solo.io
Idit Levine is the founder and CEO of Solo.io, a company that creates open-source tools to assist enterprises in adopting and extending innovative cloud-native technologies while modernizing their existing IT investments. Solo.io is a top contributor to CNCF projects such as Envoy... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:00am MST

Cooperative Scheduling for Stateful Systems - Michael Youssef & Laxman Prabhu, LinkedIn
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom GI
At LinkedIn, we develop many stateful systems and run them on tens of thousands of machines in our datacenters. As we move LinkedIn’s infrastructure to Kubernetes, we quickly realized that StatefulSet was not going to be enough to support running critical stateful systems and satisfy the safety and durability goals of the teams developing stateful systems. We've built first-class support for running stateful workloads on bare metal where the stateful systems can coordinate with Kubernetes to stay available and ensure durability. With our design, we support planned/unplanned maintenance, swapping out hardware, and allow stateful systems to customize their rollout policies natively on Kubernetes. This talk covers: - Our LiStatefulSet API. - How we allow apps to customize safety checks and deployment policies via an ApplicationClusterManager, our pluggable policy engine. - The ApplicationClusterManager protocol that allows coordination of the lifecycle of workloads with Kubernetes.
Speakers
LP

Laxman Prabhu

Staff Software Engineer, Systems Infrastructure, LinkedIn
avatar for Michael Youssef

Michael Youssef

Staff Software Engineer, LinkedIn
Michael is a Staff Software Engineer at LinkedIn, currently making management and deployment of sharded systems a touch less painful on Kubernetes. In his free time he enjoys spending time with his cat, inhaling chocolate, and playing tennis.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

11:00am MST

Kubernetes Workspaces: Enhancing Multi-Tenancy with Intelligent Apiserver Proxying - James Munnelly & Andrea Tosatto, Apple
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 EF
Multi-tenancy in Kubernetes means sacrificing essential features like cluster-scoped list/watches and multi-namespace/cluster-scoped RBAC. This often leads to additional complexity when configuring operators and forces discrepancies and friction with cluster-as-a-service type offerings. In this talk we will go through a demonstration of an intelligent Kubernetes apiserver proxy that introduces the concept of a ‘workspace’. Borrowing the name from the KCP project, a Workspace is a virtual apiserver endpoint that provides a ‘cluster-scoped’ view over a group of namespaces in a remote cluster. We’ll then go on to discuss optimisations and changes that we’d like to make within Kubernetes to better support apiserver proxying for multi-tiered caching, routing and scoping purposes.
Speakers
avatar for James Munnelly

James Munnelly

Staff Field Engineer, Apple
James Munnelly is a Field Engineer at Apple, helping customers adopt and adapt Kubernetes, and driving adoption of OSS cloud native technologies. James is also the founder of the cert-manager project, a Kubernetes extension for managing x509 certificates. He's an active member of... Read More →
avatar for Andrea Tosatto

Andrea Tosatto

Site Reliability Engineer, Apple
Andrea works at Apple as a Site Reliability Engineer. His day to day job consists in managing the lifecycle and ensuring the reliability of a multi-tenant compute platform built on top of Kubernetes. He is deeply passionate about multi-tenancy and any related topic, ranging from runtime... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced

11:00am MST

Artifact Hub: Discover, Analyze, and Share Cloud Native Artifacts - Matt Farina, SUSE
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Finding cloud native artifacts, from Helm charts to security policies, can be difficult with general search engines. Analyzing what you find can be a very manual process and you're going to miss out on some useful projects. Artifact Hub was created to ease the pain of cloud native artifact discovery and now provides for discovery and analysis of over 20 different types of cloud native artifacts. In this session you'll learn: • How Artifact Hub came into existence • How you can discover and analyze artifacts, right on Artifact Hub • Making your artifacts discoverable • Running your own instance of Artifact Hub • How you can contribute to the project
Speakers
avatar for Matt Farina

Matt Farina

Distinguished Engineer, SUSE
Matt works as a Distinguished Engineer at SUSE, where he works as the Chief Architect of the SUSE Rancher Team. He is a maintainer of multiple open source projects including Helm and Artifact Hub. Matt is an author, speaker, and regular contributor to open source.
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, ArtifactHub

11:00am MST

GitOps at Production Scale with Flux - Leigh Capili, Flox & Priyanka Ravi, G-Research
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
In this session, Leigh and Pinky will cover best practices when running Flux at scale in production. We'll start with an overview of the scaling capabilities of Flux controllers: - Vertical Scaling - Horizontal Scaling - Sharding We'll dive deeply into each method and explain when and how to use them considering multi-tenancy, cluster fleet size, and workload complexity. We'll also introduce the Mean Time To Production benchmarking tool the Flux team has developed using CUE lang and Timoni. The benchmark measures the time it takes for Flux to deploy thousands of Helm charts and Kustomize overlays on Kubernetes clusters. We'll explain the benchmark results and share lessons from running it on different Kubernetes distributions and providers. The session will conclude with the Flux roadmap and our API promises now that Flux is GA.
Speakers
avatar for Leigh Capili

Leigh Capili

Senior DevRel Engineer, Flox
Leigh is an empathetic speaker and dev with niches in cloud-native systems and security. He has a background in building software to manage infra. Leigh is working in k8s SIG-Auth. He authored kubeadm’s etcd mTLS implementation and Flux 2’s multi-tenant security model. Leigh works... Read More →
avatar for Priyanka Ravi

Priyanka Ravi

Platform Tech Advocate, G-Research
Priyanka “Pinky” Ravi is a Platform Technical Advocate at G-Research. She is a Flux project member and an advocate for GitOps. She has worked on a multitude of topics including front end development, UI automation for testing and API development. Previously she was a developer... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Flux

11:00am MST

SIG-Apps: Powering Applications with High-Volume Data and APIs - Maciej Szulik, Red Hat & Janet Kuo, Google
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3| 355 BC
Over the last decade, Kubernetes expanded support for various workloads from stateless to stateful, from simple jobs to complicated batch workloads. All the APIs have become mature, consistent, and full-featured. We've been busy in SIG Apps, and there's more to come. In this session the SIG Apps leads will provide an overview of what has been accomplished since its inception. They will highlight major milestones, sub-projects and share various stories surrounding major events. They will also discuss how the work has been shared between SIG Apps, Work Groups and sub-projects. The session will conclude with an open discussion and Q&A. Attendees will learn about contributing to SIG Apps themselves.
Speakers
avatar for Janet Kuo

Janet Kuo

Staff Software Engineer, Google
Janet Kuo is a Staff Software Engineer at Google. She's joined the Kubernetes project since before the 1.0 launch in 2015. She is Kubernetes project maintainer, SIG Apps chair, and KubeCon co-chair emeritus. In her free time, she enjoys traveling and taking photos.
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Apps

11:00am MST

SPIRE: Intro & In-Depth Exploration of the Upcoming Forced Rotation and Revocation Feature - Agustín Martínez Fayó & Marcos Yacob, Hewlett Packard Enterprise
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3 | 355 EF
Join us for an insightful session on the SPIRE project, where we’ll provide a comprehensive introduction covering the foundational aspects of SPIRE, detailing its architecture, capabilities, and the problems it solves. Additionally, we’ll delve into the exciting upcoming updates for the project, with a special focus on the highly anticipated forced rotation and revocation feature that will provide a rapid, reliable, and automated mechanism for recovering from key compromise. Whether you’re new to SPIRE or an experienced user, this talk will equip you with the knowledge of current developments and prepare you for the future enhancements that will further strengthen your infrastructure to provide secure identities for workloads.
Speakers
avatar for Marcos Yacob

Marcos Yacob

Principal Software Engineer, Hewlett Packard Enterprise
I'm principal Software Engineer at Hewlett Packard Enterprise (HPE) and Maintainer of different SPIFFE projects.
avatar for Agustín Martínez Fayó

Agustín Martínez Fayó

Principal Software Engineer, Hewlett Packard Enterprise
Agustín is a Principal Software Engineer at Hewlett Packard Enterprise (HPE) and Maintainer of the SPIRE project. Agustín has always been dedicated to building software that helps to improve the security of systems that operate at scale.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, SPIRE

11:00am MST

What's New with Kubectl and Kustomize … and How You Can Help! - Eddie Zaneski, Defense Unicorns & Arda Guclu, Red Hat
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom A
Have you ever wondered how kubectl and kustomize enhancements are designed and built? Curious why your favorite feature request wasn't accepted? Join the folks from Kubernetes SIG CLI to find out! In this session, the SIG CLI maintainers will provide an introduction to the tooling they are working on and an overview of how to get started contributing. They will share the work done over the past year and the roadmap for what is next. Join us to help shape your favorite tools!
Speakers
avatar for Eddie Zaneski

Eddie Zaneski

Staff OSS Engineer, Defense Unicorns
Eddie lives in Denver, CO with his wife and dog. He loves open source and works on the Kubernetes project. When not hacking on random things you'll most likely find him climbing rocks somewhere.
avatar for Arda Guclu

Arda Guclu

Senior Software Engineer, Red Hat
Senior software engineer at Red Hat, regular contributor to Kubernetes and one of the maintainers of kubectl.
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, CLI

11:00am MST

Lesson’s Learned Adopting OpenTelemetry at Scale - Alex Arnell, Heroku / Salesforce
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom HJ
OpenTelemetry makes bold promises to unlock and unleash your observability, providing you with open standards, no vendor lock-in and interoperability with just about everything. You believe that your organization could really benefit from an uplift to modern observability. It would be easy to adopt if you were was starting out fresh, but let’s face it, most organizations have sprawling codebases and architectures. Decisions, infrastructure and often engineers that have been in place for decades. How do you even get started? This Heroku case study dives into our OpenTelemetry journey where you'll discover strategies on adoption, how to deal with internal resistance, and technical guidance on rolling out the change. Learn from our missteps and what we wished we had done differently. You’ll even see how a bit of luck can help drive adoption over the finish line. This session will equip you to navigate OpenTelemetry adoption in the most entrenched environments.
Speakers
avatar for Alex Arnell

Alex Arnell

Principal Engineer, Heroku / Salesforce
Alex Arnell is a Principal Engineer at Heroku / Salesforce with over two decades of software development experience. Alex has spent the last decade specializing in telemetry and observability systems. Alex is the lead engineer of the Telemetry team at Heroku, responsible for the collection... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability
  • Content Experience Level Any

11:00am MST

Navigating the Cgroup Transition: Bridging the Gap Between Kubernetes and User Expectations - Sohan Kunkerkar, Red Hat Inc
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 BC
As Kubernetes and container technologies evolve, shifting from cgroup v1 to cgroup v2 has become a pivotal development. With cgroup v2 available in Kubernetes since v1.25, we're at a crossroads where many users and organizations must decide when and how to transition fully to this new system. Despite the benefits of cgroup v2, including better resource management and enhanced capabilities, users frequently encounter unexpected challenges signaling a gap in readiness and understanding. This talk will address the practical implications of moving to cgroup v2, discuss the coordinated efforts to deprecate cgroup v1, and propose actionable strategies to bridge the gap between the Kubernetes community, system administrators, and developers. By focusing on real-world experiences and providing clear guidance, this session aims to equip you with the knowledge and tools to navigate this significant change confidently.
Speakers
avatar for Sohan Kunkerkar

Sohan Kunkerkar

Senior Software Engineer, Red Hat Inc
Sohan Kunkerkar is a Senior Software Engineer at Red Hat, bringing expertise in distributed systems, backend engineering, and containers. His active contributions extend to CRI-O, a container runtime engine, and various sub-projects within the Kubernetes Sig-Node community. Sohan... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

11:00am MST

Engineering a Kubernetes Operator: Lessons Learned from Versions 1 to 5 - Andrew L'Ecuyer, Crunchy Data
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom BDF
Join me to uncover insights and hard-learned lessons from our journey through the first five versions of a Kubernetes Operator for Postgres. I will trace the development lifecycle from version 1 started in 2017 to version 5 now. Each version represents a milestone in addressing specific challenges, functionality, stability, and performance. We will discuss the architectural decisions, design patterns, and implementation strategies that shaped the evolution of the Operator. Key topics will include handling stateful applications, ensuring high availability, building for flexible deployment models, scalability, and managing rolling upgrades for both the Operator and underlying software. By the end of this session, participants will be equipped with practical knowledge and actionable strategies for engineering their own Kubernetes Operators, ready to accelerate their development process and avoid common pitfalls.
Speakers
avatar for Andrew L'Ecuyer

Andrew L'Ecuyer

Sr. Director of Kubernetes Engineering, Crunchy Data
Andrew head’s up the Kubernetes Engineering Team at Crunchy Data. With a diverse background spanning both the public and private sectors, Andrew has played a key role in designing, building and integrating complex systems of all shapes and sizes. He holds degrees in both Computer... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

11:00am MST

Yahoo’s Kubernetes Journey from on-Prem to Multi-Cloud at Scale - Nandhakumar Venkatachalam & Payal Patel, Yahoo
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 251
Yahoo is an early adopter of Kubernetes, operating 37 on-prem and 42 multi-cloud production clusters hosting 2700 applications. Our team offers a simple yet powerful interface for users to deploy applications onto our managed clusters. Since 2015, we have handled multiple complex upgrades, including Operating Systems and Kubernetes, upgrading from version 1.0.3 to 1.30.0. In 2023, Yahoo announced plans to migrate to both GCP and AWS cloud platforms. Leveraging extensive knowledge, our team successfully provisioned Kubernetes clusters in a multi-cloud environment within a short period. Our team faced numerous challenges during the cloud adoption process, including networking, security, cluster autoscaling, and cost. In this talk, we will share managing K8S in a multi-cloud and discuss the challenges faced and solutions found. Key topics include Shared VPC, IP Space for K8s, securely accessing private clusters, multi-tenant workload identity, and maintaining a user interface to K8S.
Speakers
avatar for Nandhakumar Venkatachalam

Nandhakumar Venkatachalam

Sr Princ Production Engineer, Yahoo Inc
Nandhakumar Venkatachalam is a Senior Principal Production Engineer at Yahoo Inc. As a lead engineer responsible for operating the large-scale Kubernetes cluster, he has played a key architect role in building scalable cloud infrastructure. Nandha has been with Yahoo for over 17 years... Read More →
avatar for Payal Patel

Payal Patel

Principal Software Development Engineer, Yahoo
Payal Patel is a Principal Software Development Engineer in the Cloud Infrastructure team at Yahoo. She is currently developing a hybrid cloud solution for Kubernetes clusters in AWS and GCP to set up the Kubernetes clusters at scale. Before that, she worked on managing the Kubernetes... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 251
  Platform Engineering
  • Content Experience Level Any

11:00am MST

How We Made OpenTelemetry Be Our Fitness Tracker for Your CI/CD Pipelines! - Nicolas Woerner, Clario & Andreas Grabner, Dynatrace
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 250
CI/CD pipelines are the heartbeat of modern cloud-native software delivery. Healthy pipelines ensure rapid and continuous deployments every time code gets committed to the Git repositories! Every new repository and commit puts more load on the CI/CD tool making it more challenging to keep this crucial heartbeat healthy! In this session, engineers from Clario will demonstrate how they leverage OpenTelemetry to observe, validate, report and optimize their CI/CD pipelines, keeping their deployments healthy despite increased scale and unlocking the full potential of modern software delivery on Kubernetes with GitLab.
Speakers
avatar for Andi Grabner

Andi Grabner

CNCF Ambassador and DevRel, Dynatrace
Andreas Grabner (@grabnerandi) has 20+ years of experience as a software developer, tester and architect and is an advocate for high-performing cloud scale applications. He is a CNCF ambassador, contributor to the CNCF project keptn and a DevRel for Dynatrace. Andreas is also a regular... Read More →
avatar for Nicolas Woerner

Nicolas Woerner

Associate DevOps Engineer, Clario
Nicolas Wörner works in the Platform Engineering Team at Clario. With a background in software and DevOps engineering he focuses on continuously enhancing the software delivery workflow at Clario. Nicolas is passionate about leveraging CNCF software to drive efficiency and reliability... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 250
  SDLC

11:00am MST

From Silicon to Service: Ensuring Confidentiality in Serverless GPU Cloud Functions - Zvonko Kaiser, NVIDIA
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 151
With the widespread adoption of cloud computing, concerns about data privacy and infrastructure security are increasing. This session will focus on confidential cloud functions, including serverless environments and GPU-accelerated workloads, to ensure the security of your code and data within the cloud infrastructure. We will explore technologies such as hardware-based Trusted Execution Environments (TEEs) and confidential computing. In addition, we will cover hardware and software attestation to guarantee integrity from the silicon level upwards, complete stack attestation for end-to-end trust, and supply chain security to trace and verify all application components. Participants will learn practical steps to implement confidential serverless functions, utilizing GPUs for high-performance computing while ensuring data integrity and privacy. Join us to discover how to innovate securely, build your own secure cloud functions infrastructure, and enhance your cloud security posture.
Speakers
avatar for Zvonko Kaiser

Zvonko Kaiser

Principal Systems Software Engineer, NVIDIA
Zvonko is a Principal Systems Engineer at NVIDIA, working on the Cloud Native Technologies team. Focusing right now on all things related to confidential computing, especially in the context of accelerators.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 151
  Security

11:00am MST

Tutorial: Kubernetes Smart Scaling: Getting Started with Karpenter - Changsu Lee & Raj Saha, AWS; Wilson Darko & Charlie McBride, Microsoft; Praseeda Sathaye, Amazon
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Karpenter is an open-source node provisioner that simplifies infrastructure management for Kubernetes clusters. It automatically launches the right compute resources to handle application demands, allowing you to leverage the cloud's elastic capabilities with fast and simple provisioning. This hands-on workshop will guide you through setting up Karpenter in your Kubernetes clusters, how Karpenter automatically responds to changes in application load, scheduling and resource requirements, and placing new workloads onto available compute capacity. Additionally, you'll explore how Karpenter reduces cluster costs by removing under-utilized nodes, replacing expensive nodes with cheaper alternatives, and consolidating workloads onto efficient resources. Throughout the workshop, you'll gain hands-on experience with Karpenter's advanced capabilities, such as evaluating scheduling constraints, enabling continuous optimization through consolidation, and managing drift for day-2 operations.
Speakers
avatar for Wilson Darko

Wilson Darko

Microsoft
avatar for Praseeda Sathaye

Praseeda Sathaye

Principal Specialist Solution Architect, Amazon (AWS)
Praseeda Sathaye is a Principal Specialist SA for App Modernization and Containers at Amazon Web Services based in Bay Area California. She has been focused on helping customers speed their cloud-native adoption journey by modernizing their platform infrastructure, internal architecture... Read More →
avatar for Chance Lee

Chance Lee

Sr Container specialist Solutions Architect, AWS
Chance Lee is a Sr. Container Specialist Solutions Architect at AWS based in the Bay Area. He helps customers architect highly scalable and secure container workloads with AWS container services and various ecosystem solutions. Prior to joining AWS, Chance was an IBM Lab Services... Read More →
avatar for Raj Saha

Raj Saha

Principal Solutions Architect, AWS
Raj is the Principal Specialist SA for Containers, and Serverless at AWS. Rajdeep has architected high profile Kubernetes applications serving millions of customers. He is a published instructor on Kubernetes, Serverless, DevOps, and System Design, has published blogs, and presented... Read More →
avatar for Charlie McBride

Charlie McBride

SDE 2, Microsoft
Summa Cum Laude graduates from the University of Washington. I've been emersed within cloud containerization first interning at AWS within Elastic Container Registry, before going to a full-time position at Azure Kubernetes Services. The cloud feels like a natural home, where I'm... Read More →
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, Operations + Performance

11:00am MST

🚨 Contribfest: Backstage Onboarding: Your Journey to Community Contribution!
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 A
Join us for an in-depth session on Backstage, an incubating project within the CNCF ecosystem. Backstage is a framework for building Internal Developer Portals, enhanced with a variety of plugins. In this session we will guide you through your local environment, ensuring you have all the prerequisite tools like NodeJS and TypeScript. We will then walk through the Contributing Guide to help you familiarize yourself with the project and the contribution process. From there, we will dive into a curated list of GitHub Issues perfect for first-time contributors. You will have the opportunity to receive help from Backstage experts while we tackle these issues. Embark on your journey of contributing to Backstage and its vibrant community of plugins!
Speakers
avatar for Patrik Oldsberg

Patrik Oldsberg

Senior Engineer, Spotify
Patrik is a Senior Software Engineer at Spotify and a core maintainer of Backstage. In 2019 he joined the team in Spotify’s platform organization that owned the Backstage platform, and worked together with the rest of the team to bring it out in the open. Before joining Spotify... Read More →
avatar for Ben Lambert

Ben Lambert

Core Maintainer of Backstage, Senior Engineer at Spotify, Spotify
Ben is an Engineer at Spotify and a Maintainer of Backstage.io
avatar for André Wanlin

André Wanlin

Customer Success Engineer, Spotify
André, a full Stack Developer from Winnipeg, Manitoba, Canada, is an active member of the Backstage open source project having contributed 3 plugins - Azure DevOps, DevTools, and Linguist - as well as various features, bug fixes and documentation updates. He's often found on the... Read More →
avatar for Paul Schultz

Paul Schultz

Software Engineer, Red Hat
Hi! I'm Paul Schultz, a Software Engineer at Red Hat. I started as an intern in 2021 and now work on open-source projects like Devfile and Backstage. As engineer for Red Hat Developer Hub (based on Backstage), I tackle maintenance challenges – dependencies, version control, automated... Read More →
avatar for Yi Cai

Yi Cai

Software Engineer, Red Hat
Yi Cai is an enthusiastic developer and recent contributor to the Backstage ecosystem. Working with Red Hat, Yi helps deliver the Janus and Red Hat Developer Hub projects, adding valuable features and improving functionality. She migrated plugins from static to dynamic using a team-developed... Read More →
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 A
  🚨 Contribfest

11:00am MST

🚨 Contribfest: Collaborative WebAssembly Creation with WasmCloud
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 D
wasmCloud aims to provide a seamless developer experience for building, testing, and deploying WebAssembly components. Join maintainers and community contributors at this Contribfest to build WebAssembly components and enhance wasmCloud's core developer experience. We'll test our newest feature, wash dev, by rapidly building applications in Wasm. With support for Rust, Go, Python, and JavaScript/TypeScript, developers of all backgrounds can get hands-on with Wasm. Since applications built with wasmCloud use the latest Wasm standards, components created during the workshop will benefit the broader Wasm ecosystem. Contributors who find bugs, improvements, or new features can pair program with maintainers to contribute directly to wasmCloud.
Speakers
avatar for Bailey Hayes

Bailey Hayes

CTO, Cosmonic
Bailey Hayes is the CTO at Cosmonic. She believes the future is in distributed systems and WebAssembly (Wasm). She wears many hats in the open source ecosystem from standards to implementations as the W3C WebAssembly WASI Subgroup co-chair, Bytecode Alliance TSC Director, and maintainer... Read More →
avatar for Colin Murphy

Colin Murphy

Senior Software Engineer, Adobe
Colin Murphy is a senior software engineer on the Adobe Express team. Prior to his current role, he was responsible for infrastructure of Adobe Document Cloud microservices, including Adobe Sign and Acrobat Web. He has been responsible for the implementation of major portions of Adobe’s... Read More →
avatar for Taylor Thomas

Taylor Thomas

Engineering Director, Cosmonic
Taylor Thomas is an Engineering Director working on WebAssembly platforms at Cosmonic. He actively participates in the open source community and is one of the creators of Krustlet and Bindle. He is a CNCF Ambassador and a regular speaker at various open source conferences and meetups... Read More →
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 D
  🚨 Contribfest

11:00am MST

🚩 Capture The Flag Experience
Thursday November 14, 2024 11:00am - 5:05pm MST
Salt Palace | Level 2 | 255 A
The Capture The Flag (CTF) experience runs concurrently to KubeCon + CloudNativeCon North America 2024!

Delve deeper into the dark and mysterious world of Cloud Native security! Exploit a supply chain attack and start your journey deep inside the target infrastructure, utilize your position to hunt and collect the flags, and hopefully learn something new and wryly amusing along the way!

Attendees can play three increasingly treacherous and demanding scenarios to bushwhack their way through the dense jungle of Cloud Native security. Everybody is welcome, from beginner to seasoned veterans, as we venture amongst the low-hanging fruits of insecure configuration and scale the lofty peaks of cluster compromise!
Thursday November 14, 2024 11:00am - 5:05pm MST
Salt Palace | Level 2 | 255 A
  Security

11:55am MST

Democratizing AI Model Training on Kubernetes with Kubeflow TrainJob and JobSet - Andrey Velichkevich, Apple & Yuki Iwai, CyberAgent, Inc.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Hall DE
Running model training on Kubernetes is challenging due to the complexity of AI/ML models, large training datasets, and various distributed strategies like data and model parallelism. It is crucial to configure failure handling, success criteria, and gang-scheduling for large-scale distributed training to ensure fault tolerance and elasticity. This talk will introduce the new Kubeflow TrainJob API, which democratizes distributed training and LLM fine-tuning on Kubernetes. The speakers will demonstrate how TrainJob integrates with Kubernetes JobSet to ensure scalable and efficient AI model training with simplified Python experience for Data Scientists. Additionally, they will explain the innovative concept of reusable and extendable training runtimes within TrainJob. The speakers will highlight how these capabilities empower data scientists to rapidly iterate on their ML development, making Kubernetes more accessible and beneficial for the entire ML ecosystem.
Speakers
avatar for Andrey Velichkevich

Andrey Velichkevich

Senior Software Engineer, Apple
Andrey Velichkevich is a Senior Software Engineer at Apple and is a key contributor to the Kubeflow open-source project. He is a member of Kubeflow Steering Committee and a co-chair of Kubeflow AutoML and Training WG. Additionally, Andrey is an active member of the CNCF WG AI. He... Read More →
avatar for Yuki Iwai

Yuki Iwai

Software Engineer, CyberAgent, Inc.
Yuki is a Software Engineer at CyberAgent, Inc. He works on the internal platform for machine-learning applications and high-performance computing. He is currently a Technical Lead for Kubeflow WG AutoML / Training. He is also a Kubernetes WG Batch active member and a Kubernetes... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML
  • Content Experience Level Any

11:55am MST

Tick, TAG, TOC - Keeping Cloud Native Running - Karena Angell & Emily Fox, Red Hat; Rajas Kakodkar, Broadcom; Alex Chircop, Akamai; Ricardo Aravena, Truera
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 BC
With only so many hours in the day, how does the cloud native community keep things running? Over 190 projects, thousands of contributors, and an array of groups all contribute to what we know as “cloud native” but there is more going on behind the scenes that keep the machine of cloud native running smoothly and driving the technical direction of the landscape. In this panel discussion, you’ll hear from Chairs and Technical Leads of Technical Advisory Group (TAG) Runtime, Storage, App Delivery and the chair of the CNCF Technical Oversight Committee (TOC) on - How they are defining the roadmap for the future - The glue and oil of collaboration between advisory, oversight, and projects’ health - How you can time your engagement with these groups to have an outsized impact! This is not a maintainer track session. While they are separate tracks for specific CNCF TAG and TOC activities, this is meant to be your backstage pass to see how the CNCF landscape gets shaped!
Speakers
avatar for Alex Chircop

Alex Chircop

Chief Product Architect at Akamai, Akamai
Chief Product Architect at Akamai. Previously a founder and CTO of Ondat (formerly StoraeOS), building software defined solutions for cloud native environments. Alex is also a co-chair of the CNCF Storage TAG (previously SIG). Before embarking on the startup adventure he spent over... Read More →
avatar for Ricardo Aravena

Ricardo Aravena

Cloud Native Lead, Truera
Ricardo currently works at TruEra as a Cloud Infrastructure Lead helping automate everything with cloud native technologies. He's an open source enthusiast and co-chair of the CNCF TAG-Runtime. He has been working in tech for more than 20 years and comes from a diverse professional... Read More →
avatar for Karena Angell

Karena Angell

Senior Principal Chief Architect, Red Hat
Karena Angell is a Senior Principal Chief Architect at Red Hat focusing on cloud native application workloads for Kubernetes, open source software projects, as well as solutions for the 'open' hybrid cloud.
avatar for Rajas Kakodkar

Rajas Kakodkar

Senior Member of Technical Staff | Tech Lead TAG Runtime CNCF, Broadcom
Rajas is a senior member of technical staff at Broadcom and a tech lead of the CNCF Technical Advisory Group, Runtime. He is actively involved in the AI working group in the CNCF. He is a Kubernetes contributor and has been a maintainer of the Kube Proxy Next Gen Project. He has also... Read More →
avatar for Emily Fox

Emily Fox

Emerging Technologies Security Lead, Red Hat
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 14 years to drive a cultural change where security is unobstructive, natural, and... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 BC
  Cloud Native Experience
  • Content Experience Level Any

11:55am MST

Scratching the Surface: Simulating K8s in MIT Scratch - Mitch Connors, Microsoft & Jude Connors, Independent
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 251
Why would anyone re-implement Kubernetes from scratch? And why use Scratch, the graphical programming language from MIT? The best way to understand a machine is to take it apart and put it back together again, but how can we apply this to Kubernetes, which isn’t so easy to take apart? In the code, one is quickly overwhelmed with the nuances of protobufs, channels, and goroutines. Examples can be equally perplexing: why, exactly, would I cuddle a kube? Come see K8s through the eyes of a 14-year-old, re-creating core k8s components in their simplest form with Scratch. Topics include Explain It Like I’m 14 (because one of us is), some surprising things we learned (even after years of working with k8s), and how to pass the torch to the next generation. New users will learn Kubernetes by breaking it down into simple controllers, and veteran contributors will be empowered to tackle the most difficult task of all: explaining your job to your children.
Speakers
avatar for Mitch Connors

Mitch Connors

Principal Software Engineer, Microsoft
Mitch Connors is a Sr. Principal Software Engineer at Aviatrix, and serves on the Istio Technical Oversight Committee. Over the past 17 years, Mitch has worked at Google, F5 Networks, Amazon, an Industrial IoT startup, and State Farm Insurance, giving him a broad perspective on the... Read More →
avatar for Jude Connors

Jude Connors

Professional 14 Year Old, Unemployed
Jude is a freshman in high school with a passion for puzzles, music, and games of every sort.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

11:55am MST

How to Move from Ingress to Gateway API with Minimal Hassle - Keith Mattix, Microsoft
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 EF
For many, the Ingress resource was one of the first Kubernetes APIs they used, adding HTTP routing rules and SSL certs for cluster-external traffic. These APIs are used for production in clusters across the world today, configuring ingress gateways serving hundreds of thousands of connections per second. As of October 2023, the Ingress API has been superseded by the Gateway API, a new set of Kubernetes resources with over 20 implementations that enforces security best practices by design. However, migrating networking APIs is an intimidating task, and doing so safely is every company’s primary concern. Join this session to learn how to make this migration safe by identifying the best migration path, implementing Gateway API best practices, and utilizing community-supported migration tools such as ingress2gateway.
Speakers
avatar for Keith Mattix

Keith Mattix

Senior Software Engineering Lead, Microsoft
Keith Mattix is an Engineering Lead at Microsoft focused on Istio, Gateway API, and other networking projects.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:55am MST

Database DevOps: CD for Stateful Applications - Stephen Atwell, Harness.io & Christopher Crow, Pure Storage
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Running stateful applications on Kubernetes can provide many of the same advantages as stateless applications. In this talk, Stephen and Chris will share some thoughts on managing stateful applications as part of a CD Pipeline so that applications - and the application's data - can be versioned and deployed safely and repeatedly. This talk will discuss managing persistent data within kubernetes, as well as managing structural changes to a database as part of a CD process. With Kubernetes and liquibase, we can provide something better than before: A more testable, repeatable, and open way to deploy stateful applications. This talk features a practical demo of how CD tooling can empower users to automate data migrations within Kubernetes.
Speakers
avatar for Christopher Crow

Christopher Crow

Technical Marketing Engineer, Pure Storage
Chris Crow works as a cloud architect at Portworx. He has worked previously as an education, systems administrator. He is a lifelong open-source enthusiast.
avatar for Stephen Atwell

Stephen Atwell

Principal Product Manager, Harness.io
With over 26 years of technology experience, Stephen focuses on solving problems encountered in his previous roles. He has worn hats ranging from network administrator, to database administrator, to software engineer, to product manager. Outside of work, Stephen develops open source... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

11:55am MST

Running Quantum-Safe Applications on Kubernetes - Paul Schweigert & Michael Maximilien, IBM Quantum
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 EF
Quantum computers pose a unique threat to computer security, as the encryption standards we rely upon are vulnerable to powerful quantum computers. While those computers are still several years away, "harvest now, decrypt later" attacks put all data not protected using quantum-safe security at risk. So what can we do now to protect our applications? In this talk, Paul will demo how to deploy a quantum-safe application on Kubernetes. He'll provide a brief overview of quantum-safe cryptography and why it's needed, highlight key work being done in the open source community to migrate to quantum-safe cryptography, and conclude with a demo of how to build a quantum-safe cloud-native application. In particular, he'll show where and how to make changes to a Kubernetes environment to ensure users are protected by quantum-safe connections. At the conclusion of this session, listeners will have a set of practical steps they can take to help secure their applications in a post-quantum world.
Speakers
avatar for Michael Maximilien

Michael Maximilien

Distinguished Engineer, IBM
My name is Michael Maximilien, better known as max or dr.max, and I am a currently a Distinguished Engineer with IBM. I am the leader for IBM’s Open Source team contributing to all things Serverless and Platform-as-a-Service (PaaS). I have worked at various divisions of IBM. At... Read More →
avatar for Paul Schweigert

Paul Schweigert

Senior Software Engineer, IBM
Paul Schweigert works on quantum and serverless technologies at IBM. He has extensive experience in open source (Knative and Kubernetes in particular) and has spoken at numerous conferences. He has also led various platform engineering and data science teams. In a previous life, he... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced
  • Content Experience Level Any

11:55am MST

0.1 to 1.16: How Has Knative Fulfilled Its Vision? - Dave Protasowski, Broadcom & Evan Anderson, Stacklok
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Knative 0.1 launched approximately 6 years ago. 0.1 promised a number of features, including supporting a developer workflow equivalent to AWS Lambda and other FaaS platforms, but with an “a la carte” design where each component could operate independently. How does that vision look 6 years and 40 releases later? Through the lens of a demo, where does Knative exceed the original vision, and where have things been dropped?
Speakers
avatar for Dave Protasowski

Dave Protasowski

Staff Engineer, VMware/Broadcom
Dave Protasowski is part of Knative Technical Committee and a Serving Working Group Lead. During the night he works at VMware/Broadcom. Prior he worked on Cloud Foundry things at Pivotal.
avatar for Evan Anderson

Evan Anderson

Software Engineer, Stacklok
Co-founder and maintainer on Knative project. Member of sigstore-oncall. Previously worked on Google Compute Engine and Serverless (App Engine, Functions) and in SRE. Principal engineer at Stacklok. Ex-Google, ex-VMware. Author of Building Serverless Applications on Knative by O'Reilly... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Knative

11:55am MST

Cilium: Connecting, Observing, and Securing Kubernetes and Beyond with eBPF - Ahmed Bebars, The New York Times & Liz Rice, Isovalent @ Cisco
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Welcome to Cilium's maintainer track session where you'll get an update on how Cilium is expanding the frontiers of cloud native networking, observability, and security. Cilium is CNCF's most widely adopted CNI, being the default choice for all major cloud providers. This talk dives into the bytecode behind all of the buzz around the project. We'll start with a brief overview of each part of the project before diving into how Cilium is expanding beyond Kubernetes with load balancing and multi-cloud networking and into runtime enforcement with Tetragon. In this session, you'll hear from Cilium contributors and users Isovalent and The New York Times.
Speakers
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent, now a part of Cisco
Liz Rice is Chief Open Source Officer at Isovalent, the creators of the Cilium project, and now part of Cisco. Currently on the boards of the CNCF and OpenUK, she was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She... Read More →
avatar for Ahmed Bebars

Ahmed Bebars

Principal Engineer, The New York Times
As a seasoned Principal Engineer on the Delivery Engineering team at The New York Times, I specialize in developing robust and scalable Kubernetes-based solutions. My primary focus is on crafting a secure and flexible runtime environment that is pivotal in empowering service teams... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Cilium

11:55am MST

Cluster API Deep Dive - Roadmap to API Graduation - Fabrizio Pandini, Broadcom & Vince Prignano, Apple, Inc.
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
The Cluster API is the de-facto project to manage the lifecycle of Kubernetes clusters at scale using simple declarative APIs. In 2021 the project reached production readiness, and today the community is working towards the next major milestone: graduating the APIs to v1 General Availability. Join us to get an overview how Cluster API is today used in production and discover what's planned for our APIs exciting new features like Karpenter, in-place upgrades, and more.
Speakers
VP
avatar for Fabrizio Pandini

Fabrizio Pandini

Staff Engineer 1, Broadcom
A Kubernetes contributor obsessed with making Kubernetes lifecycle simple and consistent across all types of infrastructures, so everyone can build amazing applications on top of it. When I’m not busy as a SIG Cluster Lifecycle tech lead or as a project maintainer in Cluster API... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Cluster Lifecycle

11:55am MST

CNCF TAG Network: Intro & Deep Dive - Lee Calcote, Layer5
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3 | 355 EF
“It’s the network!” is the cry of every engineer. With the increased prevalence of microservices and distributed systems, it’s true - networking as a discipline has never been more critical in the well-architected design and efficient operation of modern infrastructure. Join this talk for an intro to the TAG, its charter and a deeper discussion of current cloud native networking topics being advanced in this TAG.
Speakers
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus through... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Network

11:55am MST

SIG Autoscaling Projects Update - Jack Francis, Microsoft
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 BC
The last year’s been an exciting time for SIG Autoscaling, with Karpenter being accepted as a subproject just before Kubecon NA 2023, work to support more advanced workload types for operators, and more. Come along to hear about: Karpenter’s first year as a SIG Subproject - what’s happened over the last year, and what we’ve got planned for the next year. Dynamic Resource Allocation - how the SIG is involved in k8s’ efforts to make it easier for users to run cost effective and efficient workloads requiring GPUs and other custom resources. Provisioning Requests and Pod & Node Headroom - new APIs planned for the Cluster Autoscaler and Karpenter to support long standing requests for improved support for batch workloads and from cluster operators. Improvements in the SIG’s processes - the SIG’s been hard at work improving and extending our use of k8s’ test infra, expanding our test coverage, as well as improving our release processes over the last year.
Speakers
avatar for Jack Francis

Jack Francis

Principal Software Engineer, Microsoft
Jack works on open source Kubernetes from his basement in Portland, Oregon, USA. When he’s not working, he’s usually upstairs hanging out with his family. On occasion he straps on a guitar and turns the amp to 11.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Autoscaling

11:55am MST

Cognitive and Self-Adaptive System for Effective Distributed-Tracing in Applications - Mitul Tandon & Akash Gusain, VMware; Susobhit Panigrahi, Broadcom
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
In response to challenges of limited trace capture in dynamic API tracing systems, the solution leverages Machine Learning and Cognitive approach for unbiased trace collection. Unlike existing implementations with a skewed distribution(~5%) towards normal traces, our self-adaptive system dynamically learns to prioritise and capture diverse traces, crucial for effective diagnosis of API failures and performance issues. This innovative approach significantly enhances the SREs ability to triage complex issues, leading to a game-changing reduction in Mean Time to Resolve (MTTR). The Adaptive Sampling approach analyses existing system traces and autonomously adjusts the sampling rate, eliminating manual configs. This ML-based solution outcome includes streamlined trace metric analysis, enhanced reliability work efficiency, and considerable infrastructure cost reduction through targeted trace collection, ultimately making a significant impact on operational effectiveness & reliability
Speakers
avatar for Susobhit Panigrahi

Susobhit Panigrahi

Senior Software Engineer
As a Developer and DevOps Engineer at VMware, I specialize in developing scalable cloud software. My focus includes deploying and managing services with Kubernetes, Helm, and Istio. I'm keen to contribute to the open-source community, especially in Kubernetes and other CNCF projects... Read More →
avatar for Akash Gusain

Akash Gusain

Software Engineer, VMware
Akash Gusain is a Software Engineer at VMware with over two years of experience in building and deploying cloud-native applications. At VMware, Akash has contributed to the development of scalable and robust cloud solutions, demonstrating expertise in various technologies and fra... Read More →
avatar for Mitul Tandon

Mitul Tandon

DevOps Engineer, VMware
A DevOps/SRE Engineer at VMware with 2+ years of experience with working on distributed systems and containerised applications.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability
  • Content Experience Level Any

11:55am MST

Multi-Zone Clusters Inside and Out - Tom Dean, Buoyant
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 BC
Multi-zone clusters are a great tool for improving application reliability — and also a great way to spend a ton of cash. Why? What really happens when you set these things up? How do you use them effectively without bankrupting your whole organization? In this session, we'll dig into the nuts and bolts of what goes on under the hood of a multi-zone cluster, including what a zone is, what Kubernetes understands about zones, how zones affect routing, and why multi-zone clusters can drive costs up. We'll spend some time on Kubernetes' Topology Aware Routing, covering its advantages as well as its very real limitations. Finally, we'll dive into how you can influence Kubernetes' choices to take advantage of multi-zone clusters' reliability while containing costs. Join us for learning and live demos!
Speakers
avatar for Tom Dean

Tom Dean

Field Engineer, Buoyant
Tom Dean started programming BASIC on Apple IIs over 40 years ago, and has been hooked on tech since then. A long-time user of Linux and Open Source, he has been expanding his Cloud, Cloud Native and adjacent subject matter knowledge to become a more well-rounded technologist, and... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

11:55am MST

Evolving Reddit’s Infrastructure via Principled Platform Abstractions - Karan Thukral & Harvey Xia, Reddit
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Reddit’s approach to infrastructure management has grown organically over time, adapted to solve tactical, near term problems. We have now reached a point where the only way to scale infrastructure capabilities to a growing engineering organization is through platform abstractions offering self-service management of standardized infrastructure patterns. Beginning in 2021, a concerted effort was made to reimagine infrastructure as an internal platform that empowers both application and infrastructure engineers to build impactful and maintainable systems. We present a case study of Reddit’s ongoing journey in evolving its infrastructure management practices from inefficient, human-in-the-loop processes to efficient, self-service interfaces. By treating Kubernetes as a universal control plane and extending it with custom control processes fronted by well-designed interfaces, we are moving the organization towards this vision. This will cover the the many trade-offs and lessons learnt.
Speakers
avatar for Harvey Xia

Harvey Xia

Staff Engineer, Compute Infrastructure @ Reddit, Reddit
I'm a software engineer with experience across a variety of disciplines including backend engineering, data engineering, and most recently, infrastructure engineering. I specialize in building cloud native infrastructure platform features.
avatar for Karan Thukral

Karan Thukral

Senior Engineer, Compute Infrastructure @ Reddit, Reddit
Karan is a Senior Software Engineer at Reddit working on the Compute team to build an easy to use internal developer platform which is scalable and reliable. He has been working in this problem space since 2017 building both internal and external developer platforms including App... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

11:55am MST

From Chaos to Calm: Building a Unified and Scalable CI/CD Pipeline at Akamai - Tomer Patel, Akamai Technologies Inc.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 250
Are you struggling with a chaotic development process? Join Akamai's talk and discover how we built a unified and scalable CI/CD pipeline, saving 40% of our QA, Performance, Dev, and Ops daily work, and how you can do that in your organization! This session dives into the architecture, key features, and its impact on development efficiency. You will learn how to: - Conquer cloud-native deployments by adding the right tools - such as Argo Rollouts, and Backstage - Integrate CI/CD tools (ArgoCD, Jenkins, DevSpace, Grafana, Prometheus, Thanos) for a smoother workflow. - Leverage best-in-breed, cost-efficient open-source solutions
Speakers
avatar for Tomer Patel

Tomer Patel

Senior Engineering Manager, Akamai Technologies Inc.
Tomer currently works as Senior Engineering Manager at Akamai Technologies, where he leads a group of Data engineers, Software developers and DevOps at scale. Previously Tomer worked as Team Lead at Clarizen (Now Planview).
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 250
  SDLC

11:55am MST

What Agent to Trust with Your K8s: Falco, Tetragon or KubeAmor? - Henrik Rexed, Dynatrace
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 151
In the CNCF landscape we have plenty of ebpf based security solutions that help us protect our k8s cluster from runtime vulnerabilities. On paper though Falco, Tetragon and KubeArmor look very similar. Eventually you have to make a choice on which one best fits your needs. To give you additional insights to make your decision join this session. We have run extensive benchmarks against those three solutions and will answer the following questions that came out of our testing: - What are the different featuresets? - What about the performance impact of each agent? - Which privileges does each solution need? - What are the pros and cons across the three options?
Speakers
avatar for Henrik Rexed

Henrik Rexed

Cloud Native Advocate, Dynatrace
Henrik is a Cloud Native Advocate at Dynatrace, the leading Observability platform. Prior to Dynatrace, Henrik has worked more than 15 years, as Performance Engineer. Henrik Rexed Is Also one of the Organizer of the conferences named WOPR, KCD Austria and the owner of the Youtube... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 151
  Security

12:30pm MST

Lunch 🍲
Thursday November 14, 2024 12:30pm - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Thursday November 14, 2024 12:30pm - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

1:00pm MST

Project Pavilion Tour with Orlin Vasilev, CNCF Ambassador
Thursday November 14, 2024 1:00pm - 1:20pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Thursday November 14, 2024 1:00pm - 1:20pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

2:30pm MST

Unlocking Potential of Large Models in Production - Yuan Tang, Red Hat & Adam Tetelman, NVIDIA
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Hall DE
The recent paradigm shift from traditional ML to GenAI and LLMs has brought with it a new set of non-trivial LLMOps challenges around deployment, scaling, and operations that make building an inference platform to meet all business requirements an unsolved problem. This talk highlights these new challenges along with best-practices and solutions for building out large, scalable, and reliable inference platforms on top of cloud native technologies such as Kubernetes, Kubeflow, Kserve, and Knative. Which tools help effectively benchmark and assess the quality of an LLM? What type of storage and caching solutions enable quick auto-scaling and model downloads? How can you ensure your model is optimized for the specialized accelerators running in your cluster? How can A/B testing or rolling upgrades be accomplished with limited compute? What exactly do you monitor in an LLM? In this session we will use KServe as a case study to answer these questions and more.
Speakers
avatar for Yuan Tang

Yuan Tang

Principal Software Engineer, Red Hat
Yuan is a principal software engineer at Red Hat, working on OpenShift AI. Previously, he has led AI infrastructure and platform teams at various companies. He holds leadership positions in open source projects, including Argo, Kubeflow, and Kubernetes. He's also a maintainer and... Read More →
avatar for Adam Tetelman

Adam Tetelman

Principal Product Architect, NVIDIA
Adam Tetelman is a principal architect at NVIDIA leading cloud native initiatives and CNCF engagements across the company; building inference platforms for NVIDIA AI Enterprise and DGX Cloud. He has degrees in computational robotics, computer & systems engineering, and cognitive science... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

2:30pm MST

What Istio Got Wrong: Learnings from the Last Seven Years of Service Mesh - Christian Posta & Louis Ryan, Solo.io
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 BC
Building complex systems often requires simplicity in components—a lesson the Istio project has learned throughout its seven(plus)-year journey. Although Istio offers a lot of powerful features for application networking, crucial for many organizations, the path to maturity and broader adoption was fraught with challenges. In this talk, we explore the key mistakes made during Istio's development, including its initially complex architecture, an overload of features, premature release of version 1.0, difficulties faced by contributors, and delays in joining the CNCF. We will discuss the impact of these mistakes, how these missteps were addressed, and how they have positioned Istio as a leader in the service mesh market. This presentation will detail how Istio's evolution reflects a shift towards simpler, more modular components that together offer effective solutions for managing APIs and service-to-service communication regardless of platform.
Speakers
avatar for Louis Ryan

Louis Ryan

CTO, Solo.io
Co-creator of Istio and gRPC
avatar for Christian Posta

Christian Posta

Global Field CTO, Solo.io
Christian Posta (@christianposta) is Global Field CTO at Solo.io. He is the author of Istio in Action and many other books on cloud-native architecture. He's well known in the cloud-native community for being a speaker, blogger (https://blog.christianposta.com) and contributor to... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 BC
  Cloud Native Experience
  • Content Experience Level Any

2:30pm MST

Solving the Kubernetes Networking API Rubik's Cube - Doug Smith & Surya Seetharaman, Red Hat; Shane Utt, Kong; Lior Lieberman, Google
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 251
AI/ML use cases are steering the Kubernetes wheel in exciting directions. If you’re interested in networking, it might be having a bigger impact on changes to core Kubernetes than you think. Are you hearing the acronyms DRA (Dynamic Resource Allocation) and KNI (Kubernetes Networking Interface) a LOT in the ecosystem lately and wondering how they are connected to AI/ML-Networking, Multi-Networking and CNI? We love the GPU allocation aspects of DRA - but did you know there are considerations for allocating hardware devices for networking too? You might be familiar with CNI - but have you come across the KNI effort to build a standardized set of Kubernetes Networking APIs? For those who are new to Kubernetes networking, trying to solve this networking Rubik’s cube can feel overwhelming. Join us for a fun and informative session where we'll simplify the landscape and help you fit the puzzle pieces together. Leave with confidence to navigate and contribute in this rapidly evolving space.
Speakers
avatar for Doug Smith

Doug Smith

Principal Engineer, Red Hat, Inc
Doug Smith is a Principal Software Engineer for OpenShift Engineering at Red Hat. Focusing on Network Function Virtualization and container technologies, Doug integrates new networking technologies with container systems like Kubernetes and OpenShift. He is a member of the Network... Read More →
avatar for Surya Seetharaman

Surya Seetharaman

Principal Software Engineer, Red Hat Inc.
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Principal Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems... Read More →
avatar for Shane Utt

Shane Utt

Senior Principal Software Engineer, Red Hat
TODO
avatar for Lior Lieberman

Lior Lieberman

Site Reliability Engineer, Google
Lior is site reliability engineer at Google working on Google Compute Engine. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

2:30pm MST

How the Tables Have Turned: Kubernetes Says Goodbye to Iptables - Casey Davenport, Tigera & Dan Winship, Red Hat
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 EF
For decades, iptables has been the preferred packet filtering system in the Linux kernel. Used extensively across the Kubernetes networking ecosystem, iptables is now on the way out and is expected to be removed from the next generation of Linux distributions. With iptables past its prime, where does that leave Kubernetes? The successor to iptables -- nftables -- is ready to carry the torch instead, with a newly released beta kube-proxy implementation in v1.31 and network policy using Calico’s nftables backend. In this talk, Dan and Casey will share what they have learned building Kubernetes Service and NetworkPolicy implementations using nftables. They will cover the history and current status of iptables usage in Kubernetes, the capabilities and performance characteristics of Kubernetes networks running on nftables, and why eBPF may not be the right tool for the job.
Speakers
avatar for Casey Davenport

Casey Davenport

Casey Davenport, Tigera
Casey is a core developer on Calico and has been building Kubernetes networking systems since 2016.
avatar for Dan Winship

Dan Winship

Senior Principal Software Engineer, Red Hat
Dan is a Tech Lead for Kubernetes SIG Network and has been working on Kubernetes and OpenShift networking for 7 years at Red Hat.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

2:30pm MST

Distributed Cache Empowers AI/ML Workloads on Kubernetes Cluster - Yuichiro Ueno & Toru Komatsu, Preferred Networks, Inc.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Today, storage technologies play a fundamental role in the realm of AI/ML. Read performance is essential for swiftly moving datasets from storage to AI accelerators. However, the rapid enhancement of AI accelerators' performance often outpaces I/O, bottlenecks the training. Due to the scheduling of pods in Kubernetes across multiple nodes, utilizing node-local storage effectively presents a challenge. To address this, we introduce a distributed cache system built atop node-local storages, designed for AI/ML workloads. This cache system has been successfully deployed on our on-premise 1024+ GPUs Kubernetes cluster within a multi-tenancy environment. Throughout our two-year experience operating this cache system, we have overcome numerous hurdles across several components, including the I/O library, load balancers, and the storage backend. We will share the challenges and the solutions we implemented, leading to a system delivering 50+ GB/s throughput and less than 2ms latency.
Speakers
avatar for Toru Komatsu

Toru Komatsu

Engineer, Preferred Networks, Inc.
Toru is a machine learning platform engineer at Preferred Networks in Japan. He is the creator and lead developer of youki, an OCI Runtime in Rust, and a maintainer of the OCI Runtime Specification. Additionally, he serves as a reviewer for runwasi and is involved in developing a world that utilizes containers and Wasm. Additionally, he is a member of the Kubernetes org and is especially interested in... Read More →
avatar for Yuichiro Ueno

Yuichiro Ueno

Engineer, Preferred Networks, Inc.
He is currently a machine learning platform engineer at Preferred Networks in Japan. His research and engineering interests include a range of high-performance computing (distributed deep learning, networking/RDMA, and storage technologies), performance engineering, and Kubernete... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

2:30pm MST

Running WebAssembly (Wasm) Workloads Side-by-Side with Container Workloads - Jiaxiao Zhou, Microsoft
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 EF
Sidecar containers are a powerful Kubernetes design pattern, running alongside the main application within the same pod to provide supporting features like observability, configuration and communication. However, sidecars can be resource-intensive, adding up to high CPU, memory and network bandwidth usage. WebAssembly (Wasm) offers a solution with its low resource usage and minimal memory footprint compared to Linux containers. Its quick start-up time enables scale-to-zero capability, making it a perfect fit for sidecar containers. The Containerd Runwasi project extends the sidecar pattern by enabling Kubernetes-native deployment and management of Wasm workloads.This talk will show how you can get started deploying Wasm sidecars to support your primary services with additional functionality. It will conclude with a demo of integrating these Wasm sidecars with your existing sidecar framework, whether that be Service Mesh or Dapr. Tune in to see Wasm sidecars on Kubernetes!
Speakers
avatar for Jiaxiao Zhou

Jiaxiao Zhou

Software Engineer, Microsoft
Jiaxiao (Joe) Zhou is a Software Engineer at Microsoft. He is on the Azure Container Upstream team and works on bringing WebAssembly to the cloud through projects like "runwasi", "SpiderLightning", and "containerd-wasm-shims". He is a Recognized Contributor to the Bytecode Alliance... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced

2:30pm MST

Applications, Platforms, and Infrastructure Oh My! What Is the TAG App Delivery Doing to Support You - Daniel Oh, Red Hat; Roberth Strand, Sopra Steria; Ryan Nowak, Microsoft; Abby Bangser, Syntasso
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF
TAG App Delivery focuses on how organizations can deliver cloud-native applications. To succeed, there are a number of hard questions that need to be answered: How can platform teams do a better job of enabling developers? How can developers help platform teams to understand better their development needs and their technology stack specific requirements? Which artifacts will be created and by whom? What does it take to provision a development environment? Which tools are involved? This panel will highlight how the TAG Working Groups including App Development, Platform, Infrastructure, and Artifacts are helping build a unified view of how to successfully deliver cloud native applications at scale.
Speakers
avatar for Daniel Oh

Daniel Oh

Senior Principal Developer Advocate, Red Hat
Daniel Oh is a Java Champion and Senior Principal Developer Advocate at Red Hat to evangelize developers for building cloud-native apps and serverless ob Kubernetes ecosystems. He's also contributing to various cloud open-source projects and ecosystems as a CNCF ambassador for accelerating... Read More →
avatar for Abby Bangser

Abby Bangser

Principal Engineer, Syntasso
Abby is a Principal Engineer at Syntasso delivering Kratix, an open-source cloud-native framework for building internal platforms on Kubernetes. Her keen interest in supporting internal development comes from over a decade of experience in consulting and product delivery roles across... Read More →
avatar for Roberth Strand

Roberth Strand

Principal Cloud Native Architect, Sopra Steria
Roberth is a self-proclaimed "cloud automator", and works primarily with Microsoft Azure infrastructure, Platform Engineering, DevOps and Cloud Native technology. He has been awarded the title Microsoft Azure MVP (2021, 2022, 2023), CNCF Ambassador (2023), as well as HashiCorp Ambassador... Read More →
avatar for Ryan Nowak

Ryan Nowak

Incubations Architect, Microsoft
Ryan is an architect working on open-source projects from the Azure CTO's office. He's passionate about designing software for humans, incubating risky ideas, releasing them in open-source so everyone can benefit. At Microsoft, he's had a 15+ year career building developer-centric... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, App Delivery

2:30pm MST

Bare Metal Kubernetes with KOps: Gathering Community Wisdom - Justin Santa Barbara, Google & Ciprian Hacman, Microsoft
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Kubernetes on bare metal presents unique challenges compared to cloud deployments. While kOps is optimized for cloud environments, we have begun to explore bare metal support and identify key architectural trade-offs. We'll examine common architectures for bare metal Kubernetes, such as node discovery and availability without cloud services. Introducing a VM layer creates a familiar Kubernetes environment but adds complexity and can limit hardware performance. We'll discuss managing devices like GPUs and the need for tooling when hardware health isn't verified by a cloud provider. This talk will delve into the kOps project and its potential in supporting bare metal Kubernetes. However, our primary goal is to learn from the community. We invite you to share your successes, struggles, and insights to shape the future of our tooling for bare metal. Your feedback is crucial in guiding our development and ensuring kOps meets the needs of those deploying Kubernetes on bare metal.
Speakers
avatar for Justin Santa Barbara

Justin Santa Barbara

Software Engineer, Google
Justin has been contributing to kubernetes since 2014, initially as the primary maintainer of the kubernetes AWS support, he also started the kOps project. He loves helping users adopt and grow their use of kubernetes, and believes that we have only scratched the surface of the kubernetes... Read More →
avatar for Ciprian Hacman

Ciprian Hacman

Software Engineer, Microsoft
Ciprian Hacman is a Software Engineer, working with cloud-native technologies. He is also an open source project maintainer for kOps (Kubernetes Operations), etcd-manager, cloud-provider-aws and frequent contributor to other projects in the Kubernetes ecosystem.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Cluster Lifecycle

2:30pm MST

Celebrating Prometheus 3.0: A Deep Dive with the Maintainers - Kemal Akkoyun, fal.ai & Josh Abreu, Grafana Labs
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Prometheus is an open-source systems monitoring system and a CNCF Graduate project. It benefits from a rich ecosystem, including Alertmanager, efficient client libraries for many languages, the Prometheus Operator to install on Kubernetes, and numerous Exporters to provide the raw data. This year, Prometheus releases the 3.0 version, which includes new features, a refreshed UI/UX, and plenty of new things that build on what has worked well for years. Join two Prometheus maintainers, Josh and Kemal, to celebrate the 3.0 version and learn what it enables for new and existing users, how to upgrade, and how to get the most out of the latest version! Prepare tons of questions; we will have a lot of interactive time for questions; we want to hear community feedback!
Speakers
avatar for Kemal Akkoyun

Kemal Akkoyun

Staff Software Engineer, Independent
Software Infrastructure Engineer. Programmer. Open Source Enthusiast. I help to build large-scale, distributed, real-time microservice systems and observability infrastructure.
avatar for Josue Abreu

Josue Abreu

Principal Software Engineer, Grafana Labs
Josue (Josh) Abreu has been involved in observability for the past 4 years. As a relative newcomer to this world, he was often puzzled at how alerting would function on a small and big scale. Josue works as the Alerting Lead at Grafana Labs and is a Prometheus Maintainer. Over a 10-year... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Prometheus

2:30pm MST

Cortex Intro: Multi-Tenant Scalable Prometheus - Charlie Le, Apple & Daniel Blando, Amazon
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus. In this talk, we will do an introduction of Cortex architecture and project status. We will also walk through those new features added to Cortex and how to utilize them efficiently in production.
Speakers
avatar for Charlie Le

Charlie Le

Senior Software Engineer, Apple
Charlie is a software engineer at Apple, specializing in building and scaling cloud native observability solutions and infrastructure. Deeply inspired by the collaborative spirit of open source, he actively contributes to projects like Cortex and OpenTelemetry, shaping the future... Read More →
avatar for Daniel Blando

Daniel Blando

AWS, Senior SDE, Cortex, Amazon
Daniel Blando is a Senior Software Engineer at AWS in the Amazon Managed Prometheus (AMP) team. He currently works with Cortex, Thanos, Prometheus among others open source projects. He is working to make Cortex more scalable and highly available recently focusing on the write path... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Cortex

2:30pm MST

Kubernetes SIG Storage: Intro & Deep Dive - Saad Ali & Michelle Au, Google; Xing Yang, VMware by Broadcom; Hemant Kumar, Red Hat
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC
Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled, storage capacity management (container ephemeral storage usage, volume resizing, etc.), influencing scheduling of containers based on storage (data gravity, availability, etc.), and generic operations on storage (snapshotting, etc.). SIG Storage also has a project that provides APIs for object storage support in Kubernetes. In this session, we will deep dive into some projects that SIG Storage is currently working on, provide an update on the current status, and discuss what might be coming in the future.
Speakers
HK

Hemant Kumar

Principal Software Engineer, Red Hat
Hemant is a Principal Software Engineer at Red Hat working on storage subsystem of Kubernetes. He is a member of SIG-Storage and author of persistent volume expansion, volume limits, mount options and various instrumentation bits in storage subsystems of Kubernetes. He is also a maintainer... Read More →
avatar for Saad Ali

Saad Ali

Senior Engineering Manager, Google
Saad Ali is a Senior Engineering Manager at Google. He works on Google Distributed Cloud and the open-source Kubernetes project. He led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, has served as member of the CNCF... Read More →
avatar for Michelle Au

Michelle Au

Software Engineer, Google
Michelle Au is a software engineer at Google and is a Kubernetes SIG Storage tech lead. She has been a Kubernetes maintainer since 2018, working on projects including the Container Storage Interface, volume security, volume topology, and local persistent storage.
avatar for Xing Yang

Xing Yang

Tech Lead, VMware by Broadcom
Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware by Broadcom. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Storage

2:30pm MST

Low-Overhead, Zero-Instrumentation, Continuous Profiling for OpenTelemetry - Christos Kalkanis, Elastic
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Elastic has recently donated its whole-system continuous profiling agent to OpenTelemetry. After a thorough community review process, the donation was enthusiastically accepted. Leveraging eBPF, the profiling agent provides unprecedented visibility into the runtime behavior of all applications: it builds stacktraces that go from the kernel to userspace native code, all the way into code running into higher level runtimes, enabling users to identify performance regressions, reduce wasteful computations, and debug complex issues faster. This session will explore: - Benefits of eBPF-based continuous profiling compared to conventional approaches that rely on application instrumentation - How the agent builds profiles that seamlessly span kernel, native code and most widely used application runtimes - Integration with the rest of OpenTelemetry: OTLP and Collector
Speakers
avatar for Christos Kalkanis

Christos Kalkanis

Principal Software Engineer, Elastic
Christos is the technical lead for the edge collection group at Elastic, a maintainer for the OpenTelemetry Profiling SIG and a co-author of the donated OpenTelemetry profiling agent previously known as the Elastic Universal Profiling agent. After more than a decade of focusing on... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

2:30pm MST

One Inventory to Rule Them All: Standardizing Multicluster Management - Corentin Debains, Google & Ryan Zhang, Microsoft
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 BC
Most Kubernetes users run more than one cluster, and some run hundreds or more. Crossing cluster boundaries has always been a challenge, because most Kubernetes APIs, tools, and operators are cluster-centric. In fact, there’s a remarkable lack of standard tools and patterns for multi-cluster. Over time users have found ways to stitch clusters together but the community has been asking for standardization.To share multi-cluster tools, Kubernetes sig-multicluster has introduced the “ClusterProfile” API, a critical building block for multi-cluster capabilities. This API provides a canonical way for multicluster controllers and users to iterate over clusters, and to install or manage multi-cluster features. In this talk, we will look at some of the problems inherent to multi-clustering, explain the concepts introduced by this new API and look at implementations and consumers of it.We dive into real life examples of patterns and usage, with products such as Kueue, ArgoCD, and Argo workflow.
Speakers
avatar for Ryan Zhang

Ryan Zhang

Principal Software Engineering Manager, Microsoft
Dr. Ryan Zhang is a Principal Software Engineering Manager at Microsoft, working on Azure Kubernetes Service Team. Ryan has been working on Cloud Native open source projects for the past few years including CloudEvents, Open Application Model (OAM) and multi-cluster related initi... Read More →
avatar for Corentin Debains

Corentin Debains

Software Engineer, Google
Corentin Debains is a software engineer at Google working on the GKE Fleet (multicluster platform). He is an active member of Kubernetes’ special interest group sig-multicluster.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

2:30pm MST

Exceeded Your Validation Cost Budget? Now What? - Joel Speed, Red Hat
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
With the introduction of the common expression language (CEL) for writing complex validations, this is also brought in validation cost budgeting. It can be easy to violate this budget and difficult to work out how to reduce your validation cost. This talk with dive into the runtime cost budgeting and help to prevent those pesky errors! In this talk, we will cover the basics of CEL to set some groundwork before taking a look at some relatively simple CEL validations that cause the API server to reject your CRD definition. We will look at why the API server suggests that the runtime cost is over 100x the allowable cost budget, exploring how it came to that conclusion, and what you need to know when building your own APIs to be able to prevent that from happening. When you walk away from this talk, you should understand the various factors that contribute to your CEL runtime cost and be able to prevent errors in the future, improving CRD validation one field at a time!
Speakers
avatar for Joel Speed

Joel Speed

Principal Software Engineer, Red Hat
Joel has been working with Kubernetes and building controllers since 2017. Joel cut his teeth with Kubernetes as an SRE, before eventually moving into full software development at Red Hat where he leads the Cluster Infrastructure team, responsible for both Cloud Controller Managers... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

2:30pm MST

Mastering Cell-Based Architecture: Practical Solutions and Best Practices - Shweta Vohra, Booking.com & Asanka Abeysinghe, WSO2
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 250
Are you struggling to validate your cell boundaries or facing challenges with greenfield versus brownfield cell-based architectures (CBA)? Do you find it difficult to define enterprise-wide cell boundaries or wish there were best practices to guide you? If these pain points sound familiar, this session is tailored for you. In this talk, we will first guide you through the process of defining an enterprise-wide cell-based architecture for your organization or context. Then we will explore best practices for greenfield, brownfield, and hybrid cell implementations using CBA. By translating common user challenges into actionable implementation references, we aim to elevate your understanding of CBA with real-world use cases and best practices. This session will also cover best practices for the data, security, application, and infrastructure layers, ensuring a comprehensive approach to CBA implementation. Join us to take your knowledge of CBA to the next level!
Speakers
avatar for Asanka Abeysinghe

Asanka Abeysinghe

CTO, WSO2
Asanka, WSO2's CTO, is a technology visionary with over 20 years of experience designing and implementing scalable distributed systems, microservices, and business integration solutions. He advances WSO2's corporate reference architecture, collaborates with customers and industry... Read More →
avatar for Shweta Vohra

Shweta Vohra

Enterprise Architect, Booking.com
Shweta is an Enterprise Architect and a Cloud Navigator! 🚀 As a seasoned Architect with a vast toolkit in Cloud, Platforms, Data, and ML technologies. She has spent over two decades crafting solutions across various domains and complexity levels. She is a frequent conference speaker... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 250
  SDLC

2:30pm MST

From Standards to Practice: The Journey to Container Maturity - Carmen Chow & Thomas Robinson, Yelp
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 151
Yelp runs tens of thousands of Docker containers in Kubernetes. How do we track their vulnerabilities, baseline their security needs, and prioritize our most critical findings? Security standards change constantly, so we need a robust model of container maturity to guide our adoption of these standards in a way that addresses Yelp’s specific needs and risk tolerance. Finally, to maximize our model’s value, over 1,000 engineers must understand its practical guidance well enough to apply it to their daily work. This talk covers designing and incorporating a container maturity model into Yelp’s development lifecycle, along with our strategy for proactively improving our security posture. We believe our experiences will assist others in creating similar models that work for their organizations, help evaluate and assess risks to their own containers, and drive next steps towards future risk evaluation platforms.
Speakers
avatar for Carmen Chow

Carmen Chow

Software Engineer, Yelp
Carmen Chow is a Software Engineer on Yelp’s Infrastructure Security team, where she has worked on cost modeling, data lifecycle tools, and Kubernetes observability. Previously, she was an infrastructure developer responsible for containerizing services and migrating them to Kubernetes... Read More →
avatar for Thomas Robinson

Thomas Robinson

Software Engineer, Yelp
Tom is a software engineer living near Seattle, Washington. Having previously worked in security research and antivirus software, he's spent the last decade helping keep Yelp secure.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 151
  Security

2:30pm MST

Tutorial: Live with Gateway API V1.2 - Flynn, Buoyant & Mike Morris, Microsoft
Thursday November 14, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Gateway API v1.2 is here! We have GA support for service mesh! We have timeouts in HTTPRoutes! We have GRPCRoutes! And we still have precious few real-world walkthroughs of using Gateway API to get real things done… In this hands-on workshop hosted by Gateway API contributors and GAMMA co-leads, we’ll start with completely unconfigured clusters, walk through installing a demo app with your choice of ingress controller and service mesh (Envoy Gateway + Linkerd, or Istio), then dig into actually using Gateway API for routing, resilience, and progressive delivery with an application using HTTP and gRPC at the same time. You’ll walk away with practical, real-world knowledge about what Gateway API can do and how to use it, and portable skills you’ll be able to apply to the many projects implementing Gateway API!
Speakers
avatar for Flynn -

Flynn -

Tech Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering (from the kernel up through distributed applications, with a common thread of communications and security throughout... Read More →
avatar for Mike Morris

Mike Morris

Senior Product Manager, Microsoft
Mike is a product manager at Microsoft working on upstream open source projects with a focus on Istio service mesh, and a Gateway API for service mesh co-lead. He is interested in building healthy, sustainable communities and scalable distributed systems, and working collaboratively... Read More →
Thursday November 14, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, SDLC (Software Development Lifecycle)
  • Content Experience Level Any

2:30pm MST

🚨 Contribfest: Enhancing Kubernetes Debugging and Observability with Inspektor Gadget
Thursday November 14, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 3 | 355 A
Let’s dive into the world of Kubernetes observability and debugging by joining the Inspektor Gadget Contribfest. Inspektor Gadget is both a collection of eBPF tools (Gadgets) and a systems inspection framework for Kubernetes, containers, and Linux hosts. In this session, maintainers will give a quick introduction to the Inspektor Gadget project and will guide participants to setup their development environment. The gadgets concept will be introduced, and we’ll guide participants to create a simple hello world gadget. Then, participants will be able to contribute in different ways: - By building gadgets for new use cases - By extending the existing gadgets - By brainstorming ideas of new features
Speakers
avatar for Mauricio Vásquez Bernal

Mauricio Vásquez Bernal

Principal Software Engineer, Microsoft
Mauricio works as a software engineer at Microsoft. He is interested in eBPF, Kubernetes, networking and low level programming. Mauricio has used eBPF in different scopes like implementing network virtual functions (polycube project), tracing solutions (Inspektor Gadget) and recently... Read More →
avatar for Jose Blanquicet

Jose Blanquicet

Senior Software Engineer, Microsoft
Jose is a Senior Software Engineer focused on Kubernetes and eBPF technologies for debugging and observability. He is currently working to maintain and develop Inspektor Gadget, an open-source project from the Kinvolk team at Microsoft.
Thursday November 14, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 3 | 355 A
  🚨 Contribfest

2:30pm MST

🚨 Contribfest: Helm 4: The Next Generation of the Kubernetes Package Manager
Thursday November 14, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 3 | 355 D
Love it or hate it, there is little argument that Helm remains a popular choice for packaging Kubernetes applications. As the project embarks on its first new major version since 2019, Helm 4, anyone who makes use of Helm, whether it be a producer or consumer, has the opportunity to help shape the future and direction. Join members of the Helm community to get a unique opportunity to take part in the development of Helm 4 so it can provide the next generation of Kubernetes applications and users the package manager for today and tomorrow.. In this session, attendees will learn: Learn about the key features being considered Support for Helm 3 before, during and after Helm 4 is released How to get involved in the Helm project, including the various roles and responsibilities The process for contributing to the Helm codebase This is a session any Kubernetes contributor does not want to miss
Speakers
avatar for Andrew Block

Andrew Block

Distinguished Architect, Red Hat
Andrew Block is a Distinguished Architect at Red Hat that works with organizations to design and implement solutions leveraging cloud native technologies. He specializes in Continuous Integration and Continuous Delivery methodologies with a focus on security to reducing the overall... Read More →
avatar for Matt Farina

Matt Farina

Distinguished Engineer, SUSE
Matt works as a Distinguished Engineer at SUSE, where he works as the Chief Architect of the SUSE Rancher Team. He is a maintainer of multiple open source projects including Helm and Artifact Hub. Matt is an author, speaker, and regular contributor to open source.
Thursday November 14, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 3 | 355 D
  🚨 Contribfest

3:25pm MST

Unlocking the Future of GPU Scheduling in Kubernetes with Reinforcement Learning - Nikunj Goyal, Adobe Systems & Aditi Gupta, Disney Plus Hotstar
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Hall DE
Scaling up Multi GPU setup using Kubernetes for large scale ML projects has been a hot topic equally stressed upon among both the AI and cloud community. While Kubernetes is able to providing computing power by scheduling GPU nodes, certain issues like resource fragmentation and low utilization plague the performance and results in cost issues. Why Reinforcement Learning (RL) in particular one would ask. Unlike the other algorithms, RL shines in its unique ability to continuously adapt to changing environments and efficiently handle Complex and Multi-dimensional Objectives making it particularly suitable for the dynamic and heterogeneous nature of Kubernetes clusters. In this talk, we shall explore the current landscape of GPU scheduling and some state of the art RL algorithms proposed for scheduling. Their current impact on Kubernetes and the possible use of RLHF shall be dived deep into. We hope that audience gain more insights into these new ways of scheduling GPUs on Kubernetes.
Speakers
avatar for Aditi Gupta

Aditi Gupta

Aditi Gupta, Software Developer at Disney + Hotstar, Disney Plus Hotstar
I'm Aditi Gupta, a Software Developer Engineer at Disney+ Hotstar. Graduated from Asia's largest tech college for women, Indira Gandhi Delhi Technical University,I've been deeply immersed in cloud-native technologies and AI/ML advancements. Skilled in containerisation, micro-service... Read More →
avatar for Nikunj Goyal

Nikunj Goyal

Developer at Adobe, AI and Machine Learning Specialist, Adobe Systems
Hi, I am Nikunj Goyal, working as a developer at Adobe and a Maths major from IIT Roorkee. I am working with AI and Machine Learning for some time mainly with Generative AI and graph based methods. I am a core part of Text-to-vector generation team at my org and previously worked... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

3:25pm MST

Tackling GPU Shortages and High Costs by Harnessing Hybrid Kubernetes Clusters - Xiaoman Dong & Alex Pucher, Parasail
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 BC
In the era of supporting AI and large language models, acquiring GPU supplies from major cloud providers is challenging and expensive. Meanwhile, a significant supply of affordable GPU resources is emerging from various third-party providers. Hybrid Kubernetes clusters are the perfect solutions to integrate these GPUs into existing services built on large cloud providers. At our startup focusing on cloud infrastructure, we have created numerous hybrid Kubernetes clusters based on K3s and P2P VPN using the Wireguard protocol. With this setup, we have successfully integrated more than ten sources of GPUs from different geographical locations, achieving nearly unlimited on-demand GPU resources while reducing GPU costs by 2x-4x. In this talk, we will discuss the architecture, pros and cons, requirements, and limitations of pure hybrid Kubernetes clusters for GPUs. We will also share lessons learned during the building and management of such true hybrid Kubernetes clusters.
Speakers
AP

Alexander Pucher

Parasail AI
avatar for Xiaoman Dong

Xiaoman Dong

Founding Engineer, Parasail
Xiaoman Dong has devoted his past 10+ years building cloud and data infrastructure, and hosted scalable distributed systems with multi region high availability. During his work in Parasail, Stripe and Uber, he has designed, built, and operated several large scale business critical... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 BC
  Cloud Native Experience

3:25pm MST

TLS and MTLS: Introduction to Modern Security - Andrew Davis, Independent & Sandeep Kanabar, Gen (formerly NortonLifeLock)
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 251
A constant presence in our lives for nearly 25 years, TLS is a cornerstone of modern security practice — especially in a zero-trust world. In cloud native, mTLS comes up every time service meshes get mentioned. Even so, both these technologies are still sources of endless questions. How do they work? How are they related? What problems do they solve – and which others do they not solve? How does it relate to end-user auth? What's all this stuff with certificates anyway? And why should you care about these things? Thankfully, answering these questions isn't that complex. Sandeep Kanabar, Lead Software Engineer at Gen, and Andrew Davis, a Cybersecurity Expert—both Deaf & Hard of Hearing WG members—will discuss what TLS and mTLS are, what they do, how they work, why they matter as standards, and what nearly 25 years of attacking them have to say about security. They'll use Linkerd as an example, but this talk will apply to any situation involving mTLS or TLS, no matter the implementation.
Speakers
avatar for Sandeep Kanabar

Sandeep Kanabar

Lead Software Engineer, Gen (formerly NortonLifeLock)
Hailing from India, Sandeep is a passionate software engineer working at Gen (formerly NortonLifeLock). A frequent meetup speaker, Sandeep enjoys sharing his lessons learned from 15+ years in the tech space with the community. He's a staunch advocate for diversity and inclusion and... Read More →
avatar for Andrew Davis

Andrew Davis

Cybersecurity Specialist, Not Applicable
A passionate self-taught cybersecurity expert, Andrew Davis is a big believer in life-long learning. He has worked for various Fortune 500 companies, including DELL and Fidelity Investments. Deaf himself, Andrew is a strong advocate for accessibility. He's an active member of the... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

3:25pm MST

Kubernetes Multi-Cluster Networking 101 - Niranjan Shankar, Microsoft & Ram Vennam, Solo.io
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 EF
You’ve (somewhat) grasped the networking model of a single Kubernetes cluster. But how do you enable Pods to communicate across clusters? How do service discovery and DNS work for a multi-cluster setup? How do you secure inter-cluster traffic and manage certificates? Not sure? Don’t worry - this session will have the answers. We’ll start by outlining the core requirements for workloads to communicate across clusters. You’ll then learn some common multi-cluster networking topologies, like flat and multi-network setups, and how inter-cluster connectivity and IP address management differ for each of them. Finally, we’ll cover some popular tools for managing and securing traffic between clusters, like service mesh, CNIs, and gateways, and discuss their use-cases. You’ll leave this session with a solid understanding of fundamental terms and concepts - like virtual networking peering, external DNS, trust domains, etc - needed for navigating the multi-cluster networking landscape.
Speakers
avatar for Ram Vennam

Ram Vennam

Solutions Engineer, Solo.io
Ram Vennam is the Director of Solutions Engineering at Solo.io where he helps companies design and build highly scalable, resilient, distributed systems with the latest cloud-native technology. Previously, he was at IBM where he was a Technical Product Manager and Developer Advocate... Read More →
avatar for Niranjan Shankar

Niranjan Shankar

Software Engineer, Microsoft
Niranjan Shankar is a software engineer at Microsoft working on the Istio-based service mesh add-on for Azure Kubernetes Service (AKS). He has experience with multi-cluster operations, edge traffic management and security, GitOps-based patterns, and policy enforcement with Kubernetes... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

3:25pm MST

Elastic Data Streaming: Autoscaling Apache Kafka - Jakub Scholz, Red Hat
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Autoscaling is an important part of modern cloud-native architecture. It allows applications to handle a big load at peak times while helping to optimize costs and make deployments more green and sustainable at the same time. Apache Kafka is well known for its scalability. It can grow with your project from a small cluster up to hundreds of brokers. But it was not very elastic for a long time and using dynamic autoscaling with it was very hard. This talk will guide the attendees through the main challenges of auto-scaling Apache Kafka on Kubernetes. It will show how these challenges can be solved with the help of new features added recently in Strimzi and Apache Kafka projects such as auto-rebalancing, node pools, or tiered storage. And it will help the users get started with the auto-scaling of Apache Kafka.
Speakers
avatar for Jakub Scholz

Jakub Scholz

Senior Principal Software Engineer, Red Hat
Jakub works at Red Hat as Senior Principal Software Engineer. He has long-term experience with messaging and currently focuses mainly on Apache Kafka and its integration with Kubernetes. He is one of the maintainers of the Strimzi project which provides tooling for running Apache... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

3:25pm MST

Load-Aware GPU Fractioning for LLM Inference on Kubernetes - Olivier Tardieu & Yue Zhu, IBM
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 EF
As the popularity of Large Language Models (LLMs) grows, LLM serving systems face challenges in efficiently utilizing GPUs on Kubernetes. In many cases, dedicating an entire GPU to a small or unpopular model is a waste, however understanding the relationship between request load and resource requirements has been difficult. This talk will study GPU compute and memory requirements for LLM inference servers, like vLLM, revealing an analytical relationship between key configuration parameters and performance metrics such as throughput and latency. This novel understanding makes it possible to decide at deployment time an optimal GPU fraction based on the model's characteristics and estimated load. We will demo an open-source controller capable of intercepting inference runtime deployments on Kubernetes to automatically replace requests for whole GPUs with fractional requests using MIG (Multi-Instance GPU) slices, increasing density hence LLM sustainability without sacrificing SLOs.
Speakers
avatar for Olivier Tardieu

Olivier Tardieu

Principal Research Scientist, Manager, IBM
Dr. Olivier Tardieu is a Principal Research Scientist and Manager at IBM T.J. Watson, NY, USA. He joined IBM Research in 2007. His current research focuses on cloud-related technologies, including Serverless Computing and Kubernetes, as well as their application to Machine Learning... Read More →
avatar for Yue Zhu

Yue Zhu

Research Scientist, IBM Research
Dr. Yue Zhu is a Research Scientist at IBM Research specializing in foundation model systems and distributed storage systems. Yue obtained a Ph.D. in Computer Science from Florida State University in 2021 and has consistently contribute to sustainability for foundation models and... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced

3:25pm MST

Cloud Native Storage: The CNCF Storage TAG Projects, Technology & Landscape - Alex Chircop, Akamai & Raffaele Spazzoli, Red Hat
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3 | 355 EF
This talk will introduce the CNCF Storage TAG and discuss how the TAG operates, how we work with CNCF Storage projects, and the work we have done to build guidance and write whitepapers for the ecosystem. During this session we will cover an overview of storage projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Storage Whitepaper, Performance and Benchmarking whitepaper, Cloud Native Disaster Recovery whitepaper, and the Data on Kubernetes whitepapers on database patterns and AI/ML workloads. Join us to find out how to contribute and participate in the CNCF storage community and discover practical guidance on how to use cloud native storage in your environments.
Speakers
avatar for Alex Chircop

Alex Chircop

Chief Product Architect at Akamai, Akamai
Chief Product Architect at Akamai. Previously a founder and CTO of Ondat (formerly StoraeOS), building software defined solutions for cloud native environments. Alex is also a co-chair of the CNCF Storage TAG (previously SIG). Before embarking on the startup adventure he spent over... Read More →
avatar for Raffaele Spazzoli

Raffaele Spazzoli

Senior Principal Architect, red hat
Raffaele is a full-stack enterprise architect with 20+ years of experience. Currently Raffaele covers a consulting position of cross-portfolio application architect with a focus on OpenShift. Most of his career Raffaele worked with large financial institutions allowing him to acquire... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Storage

3:25pm MST

Elevate Your Kubernetes Policy Game with Kyverno! - Vishal Choudhary, Nirmata; Lanting Chiang & Karen Tu, Robinhood Markets, Inc.
Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Struggling to find the balance between robust security and empowering developers? Join Robinhood's platform engineers Karen and Lanting as they share their migration journey from custom solutions and PSPs, to policy as code with Kyverno. Go beyond the basics of resource validation and enforcement, and learn the power of Kyverno for policy as code lifecycle management, including testing, deployment, performance optimizations, exception management, and reporting. Plus, Vishal, a Kyverno maintainer, will present a game-changing new feature in Kyverno 1.12: etcd offloading for policy reports, which is critical for large production workloads. This session is a must-attend for platform engineers and Kubernetes administrators looking to leverage policy as code for self-service automation, security, and compliance.
Speakers
avatar for Karen Tu

Karen Tu

Robin Hood
avatar for Lanting Chiang

Lanting Chiang

Software Engineer, Robinhood Markets, Inc.
Software Engineer on the Software Platform - Container Orchestration team at Robinhood Markets, Inc.
avatar for Vishal Choudhary

Vishal Choudhary

Software Engineer, Nirmata
Vishal is a student and a software engineer, working on cloud-native projects focusing on governance and securing software supply chains for everyone! He is a maintainer of Kyverno and an active contributor at several other projects in the space. He is always looking to discuss tools... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Kyverno

3:25pm MST

Intro & Deep Dive - Kubernetes Infrastructure - Arnaud Meukam, Independent & Mahamed Ali, Cisco
Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
This session will examine the intricacies of Kubernetes infrastructure, ongoing maintenance efforts, and strategic security enhancements. We will showcase notable achievements, address challenges, and emphasize the significance of our collaborative efforts with fellow SIGs. The session concludes with an interactive Q&A, welcoming invaluable feedback and insightful discussions from all participants to shape our future trajectory. Join us in this unique opportunity to contribute to the advancement of SIG k8s Infra together.
Speakers
avatar for Arnaud Meukam

Arnaud Meukam

Open Source Engineer, Independent
Arnaud is a Open Source Engineer and he is a core Kubernetes contributor. He is been involved in the project for over 5 years now, is the SIG Chair for the Kubernetes Infrastructure Group and Release manager.
avatar for Mahamed Ali

Mahamed Ali

Senior DevOps Engineer, Cisco
Mahamed is a Senior DevOps Engineer at ThousandEyes by Cisco and improves developer experience for fellow engineers. He is also an OSS Maintainer and works on Kubernetes as the SIG K8s-Infra Tech Lead and on Knative as the Productivity Working Group Lead.
Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, K8s Infra

3:25pm MST

Kubernetes SIG Architecture Intro and Updates - John Belamaric, Google & David Eads, Red Hat
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3| 355 BC
SIG Architecture maintains and evolves the design principles of Kubernetes, and provides a consistent body of expertise necessary to ensure architectural consistency over time. The SIG takes care of evolution of conformance definitions, API definitions/conventions, deprecation policy, design principles, and other cross-cutting concerns. In this talk, we will provide an introduction to SIG architecture, including its role and the various subprojects that support its activities. Additionally, we will provide a community update on the status of those efforts.
Speakers
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, co-chair of K8s SIG Architecture and of K8s WG Device Management, helping lead efforts to improve how GPUs, TPUs, NICs and other devices are selected, shared, and configured in Kubernetes. He is also co-founder of Nephio, an LF project for K8s-based automation... Read More →
avatar for David Eads

David Eads

Senior Principal Software Engineer, Red Hat
David Eads is a senior principal software engineer at Red Hat and co-lead for Kubernetes sig-apimachinery and TL for sig-auth.
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Architecture

3:25pm MST

Peak Innovation and Cloud Tweaks: Falco’s Ongoing Runtime Security Development - Jason Dellaluce, Leonardo Grasso & Luca Guerra, Sysdig; Carlos Tadeu Panato Junior, Chainguard; Melissa Kilby, Apple
Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
In the fast-paced world of cloud-native runtime security, Falco embraces innovation and adaptability. As a trusted CNCF-graduated project, Falco keeps evolving to meet today’s security challenges with new approaches. This session covers Falco’s latest developments, including better rule handling for flexible ruleset customization and output definition, integration with Prometheus metrics, and an improved installation experience. We will also look at new language extensions and operators, improvements in performance and testing, and powerful new plugins for advanced data modeling. Join us in celebrating Falco’s ongoing efforts to refining runtime security and its dedication to the future of cloud-native environments.
Speakers
avatar for Carlos Panato

Carlos Panato

Staff Software Engineer, Chainguard
Carlos Panato (@cpanato) is a Staff Software Engineer at Chainguard, Inc., specializing in development and infrastructure with Kubernetes and containers. He has a diverse background in development, testing, processes, and management. Carlos actively contributes to several Linux Foundation... Read More →
avatar for Leonardo Grasso

Leonardo Grasso

Open Source Tech Lead Manager / Falco Core Maintainer, Sysdig
Leonardo leads a talented group of open source engineers advancing security projects at Sysdig. Based in Italy, Leonardo combines his deep passion for Linux, Kubernetes, Containers, and Security with a strong background in software design and R&D. As a core maintainer of Falco, a... Read More →
avatar for Melissa Kilby

Melissa Kilby

Security Engineer, Apple
Before joining Apple, Security Engineer Melissa Kilby contributed to US Government research projects and taught Applied Data Science at BlackHat. She has a Ph.D., specializing in machine learning and biomechanics. She has also contributed to NASA’s space suit engineering program... Read More →
avatar for Jason Dellaluce

Jason Dellaluce

Tech Lead, Manager, Sysdig
Jason Dellaluce is an Senior Engineer and Manager at Sysdig and a core maintainer of Falco, the CNCF tool for Cloud Native Runtime Security. On a daily basis, he contributes to the Falco Community and is exposed to Linux, Kubernetes, Containers, Security, eBPF, and the Open Source... Read More →
avatar for Luca Guerra

Luca Guerra

Sr. Open Source Engineer, Sysdig Inc.
Luca is an experienced software engineer, specializing in software design and security research. His professional experience includes designing security solutions, building and breaking secure systems, and vulnerability management. Luca is a core maintainer for the Falco project and... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Falco

3:25pm MST

Measuring All the Costs with OpenCost Plugins - Alex Meijer, Stackwatch
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
The CNCF OpenCost project is approaching 5,000 stars on GitHub and has become one of the most popular cost monitoring systems in use. Originally focused on cloud provider and Kubernetes cost monitoring, OpenCost expanded its scope in May 2024 by launching OpenCost Plugins with Datadog as the first reference implementation. These plugins allow users to measure and visualize virtually any cost in OpenCost, without writing a single line of OpenCost code. Alex Meijer, OpenCost and OpenCost Plugins maintainer, will speak on how the OpenCost Plugins ecosystem works and will dive into the use of the open-source FOCUS spec in OpenCost, which is the key to being able to measure nearly any cost. A plugin-enabled OpenCost deployment will be demoed, with an external cost (Datadog) visualized alongside the traditional Kubernetes and cloud provider costs. Alex will also share how to get started with plugins so that users can start analyzing the costs of whatever matters to their unique use case!
Speakers
avatar for Alex Meijer

Alex Meijer

Staff Software Engineer, Stackwatch
Alex Meijer has been working with Kubernetes for his entire career, being at various times a user, operator, and currently as someone working to help others use Kubernetes better. He has served in startups ranging in size from 5-90 people. Alex contributes to the Opencost project... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

3:25pm MST

Orchestrating Quasi-Real Time Data Processing in the Computing Farm of the ATLAS Experiment at CERN - Giuseppe Avolio, CERN
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 BC
What has Kubernetes got to do with a High Energy Physics experiment collecting one million physics events per second at a data rate of 5 TB/s? That is what we would like to show you! The ATLAS experiment at CERN filters one million complex collision signatures per second provided by the Large Hadron Collider in quasi real-time, using a mixture of custom electronics and a large computing farm (the Event Filter – EF – farm) consisting of up to 5000 commodity servers. In this talk, we will tell you how we are going to exploit Kubernetes to orchestrate the ATLAS EF computing farm. In particular, we will focus on the strategy and optimizations we put in place in order to start more than 25000 PODs over more than 2500 worker nodes in about 50 seconds. We will also show the impact of the Kubernetes Scheduler and Controller Manager QPS values on POD start and stop throughputs and we will report about how custom scheduler profiles allow us to schedule PODs at an average rate of about 500 Hz.
Speakers
avatar for Giuseppe Avolio

Giuseppe Avolio

Dr., CERN
Giuseppe Avolio is a physicist working at CERN, with almost 20 years of experience in the field of Data Acquisition (DAQ) systems for High Energy Physics experiments. He is member of the ATLAS collaboration, and he is currently responsible for coordinating the ATLAS DAQ system upgrade... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

3:25pm MST

From Chaos to Harmony, Transforming ML Engineering: A Kubernetes Adoption Journey
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
How Ekstra Bladet’s Data Science team went from a small team of ML engineers, who needed to deliver quickly without deep technical infrastructure knowledge, to a rigid and proprietary ML pipeline built from AWS components and triggered by a large and chaotic Infrastructure as Code project. This made it difficult to achieve freedom and required a lot of work to implement and debug. One of the key reasons for adopting Kubernetes for our ML team emerged when we realized that we should serve all stakeholders across the JP/Politikens Hus organization, not just Ekstra Bladet. We then chose Kubernetes as our container infrastructure, which transformed the ML team into a dynamic ML ecosystem with great freedom under responsibility.

Initially, we focused on building robust frameworks for training and deploying ML models as API services and model training. Today, our ML team operates at the forefront of innovation, where we embrace GitOps principles to streamline our machine learning platform. Through careful adoption of advanced techniques such as autoscaling, scheduling, event triggers, and dynamic service deployment, we ensure seamless integration of new ML models into our infrastructure. This evolution has allowed us to effectively meet our diverse needs, while maintaining agility and scalability in our ML operations.
Speakers
avatar for Paris Nakita Kejser

Paris Nakita Kejser

Cloud Engineer, JP Politikens Hus
As a certified Cloud Engineer specializing in AWS and Kubernetes, I'm integral to Ekstra Bladet’s Data Science team. My focus lies in optimizing cloud infrastructure, integrating AWS and Kubernetes setups, and driving technological advancements. I contribute to Ekstra Bladet's digital... Read More →
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

3:25pm MST

You're Overpaying for CI - Kyle Penfound, Dagger
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 250
In recent years, the computational power of developer workstations has surged dramatically. With so much compute available at every developer's fingertips, why do we continue to waste time and money with lengthy build times on sluggish CI compute? Some forward-thinking organizations are re-evaluating this approach, questioning the necessity of paying for CI compute when the developers' workstations, which are already more powerful and paid for, remain underutilized. In this technical session we will transition a fully functioning production CI system from cloud-based compute to local workstation compute. We will explore the intricacies of replicating the functionality of a modern CI system, leveraging the power of developer workstations, all using open source software.
Speakers
avatar for Kyle Penfound

Kyle Penfound

Solutions Engineer, Dagger
Kyle is part of the ecosystem team at dagger.io working on the future of CICD. He has a background in DevOps and just loves giving demos!
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 250
  SDLC
  • Content Experience Level Any

3:25pm MST

It's Dangerous to Build It Alone, Take This. - Jeremy Rickard & Ashna Mehrotra, Microsoft
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 151
You've got high and critical CVEs in open source software packages that are critical to your platform or business. Time is almost up to patch them, and the upstream project hasn't fixed things. If you don't patch, your accreditation might be at risk. You're going to have to do it yourself! But where do you start? Fork the projects? Can you just patch in place? In this session, you'll learn about tools and strategies that can help you respond to CVEs in your container images faster, starting with patching existing images in place with Copacetic and moving on to patching and building projects from scratch. We'll look at challenges to building and testing upstream projects using existing tools and learn from emerging practices in industry. We'll also talk about how to inform your teams to stop using bad images! After this session, you'll have best practices and tools at your disposal, understand some of the pitfalls of owning your entire open source software supply chain.
Speakers
avatar for Ashna Mehrotra

Ashna Mehrotra

Software Engineer, Microsoft
Ashna Mehrotra is a software engineer on the Upstream Security team, working on cloud-native open source security projects at Microsoft.
avatar for Jeremy Rickard

Jeremy Rickard

Principal Software Engineer, Microsoft
Jeremy Rickard is a principal software engineer at Microsoft where he works on the Azure Container Upstream team. He is currently a co-chair for SIG Release and serves on both the CNCF and the Kubernetes Code of Conduct Committees. He was also the Kubernetes 1.20 Release Lead.
Thursday November 14, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 151
  Security
  • Content Experience Level Any

4:00pm MST

Coffee Break ☕
Thursday November 14, 2024 4:00pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Thursday November 14, 2024 4:00pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

4:10pm MST

Project Pavilion Tour with Annie Talvasto, CNCF Ambassador
Thursday November 14, 2024 4:10pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Thursday November 14, 2024 4:10pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

4:30pm MST

Which GPU Sharing Strategy Is Right for You? a Comprehensive Benchmark Study Using DRA - Kevin Klues & Yuan Chen, NVIDIA
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Hall DE
Dynamic Resource Allocation (DRA) is one of the most anticipated features to ever make its way into Kubernetes. It promises to revolutionize the way hardware devices are consumed and shared between workloads. In particular, DRA unlocks the ability to manage heterogeneous GPUs in a unified and configurable manner without the need for awkward solutions shoehorned on top of the existing device plugin API. In this talk, we use DRA to benchmark various GPU sharing strategies including Multi-Instance GPUs, Multi-Process Service (MPS), and CUDA Time-Slicing. As part of this, we provide guidance on the class of applications that can benefit from each strategy as well as how to combine different strategies in order to achieve optimal performance. The talk concludes with a discussion of potential challenges, future enhancements, and a live demo showcasing the use of each GPU sharing strategy with real-world applications.
Speakers
avatar for Kevin Klues

Kevin Klues

Distinguished Engineer, NVIDIA
Kevin Klues is a distinguished engineer on the NVIDIA Cloud Native team. Kevin has been involved in the design and implementation of a number of Kubernetes technologies, including the Topology Manager, the Kubernetes stack for Multi-Instance GPUs, and Dynamic Resource Allocation (DRA... Read More →
avatar for Yuan Chen

Yuan Chen

Principal Software Engineer, NVIDIA
Yuan Chen is a Principal Software Engineer at NVIDIA, working on building NVIDIA GPU Cloud for AI. He served as a Staff Software Engineer at Apple from 2019 to 2024, where he contributed to the development of Apple's Kubernetes infrastructure. Yuan has been an active code contributor... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML
  • Content Experience Level Any

4:30pm MST

The Maintainer Monologues - Sarah Christoff, Defense Unicorns; Karen Chu, Fermyon; Jason Hall, Chainguard; Scott Rigby, Independent; Ryan Nowak, Microsoft
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 BC
Are maintainers born? Or made? Made. They’re definitely made. Oftentimes it’s a combination of trial and error, luck, and lots of hard work. With a mixed group of first time and experienced maintainers, join us for a panel covering the origin stories and learnings of CNCF sandbox/incubating/graduated project maintainers. They’ll share their journeys as their projects evolved, and cover topics such as: - Project milestones (inception, MVP, & donation) - Learning the ecosystem - Blind spots - Navigating social dynamics (community building, getting more help, navigating challenges) - Work life balance / open source burnout With this knowledge, you’ll be better equipped to become the next open source contributor, maintainer, or creator of projects, ready to navigate the ecosystem.
Speakers
avatar for Karen Chu

Karen Chu

OSS Community PM
Karen Chu is an OSS Community PM. Having participated in the cloud native community since 2015, she is a CNCF Ambassador, Helm community manager/maintainer, emeritus Kubernetes Code of Conduct Committee member, meet-up organizer, and conference organizer. She has also worked on The... Read More →
avatar for Sarah Christoff

Sarah Christoff

Software Engineer, Defense Unicorns
Sarah is a software engineer at Defense Unicorns who loves making complex code more digestible. She is the self-proclaimed founder of the Leslie Lamport fan club. When she's not bugbusting, she is running her animal rescue and competing in triathlons. She believes code should be like... Read More →
avatar for Scott Rigby

Scott Rigby

Senior Cloud Solutions Architect, NASA / Navteca
Scott is an artist, engineer & dad, collaborating on a different kind of world. Into collective art, activism, therapy & open source nerdy stuff. Scott is a Cloud Native Ambassador, speaker, organizer of CNCF community events including the New York Kubernetes Meetup, and international... Read More →
avatar for Jason Hall

Jason Hall

Principal Software Engineer, Chainguard
Jason is a hopeless container image tooling nerd, living in Brooklyn with his wife, two children and (most importantly) lots of pizza.
avatar for Ryan Nowak

Ryan Nowak

Incubations Architect, Microsoft
Ryan is an architect working on open-source projects from the Azure CTO's office. He's passionate about designing software for humans, incubating risky ideas, releasing them in open-source so everyone can benefit. At Microsoft, he's had a 15+ year career building developer-centric... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 BC
  Cloud Native Experience
  • Content Experience Level Any

4:30pm MST

Understanding Kubernetes Networking in 30 Minutes - Ricardo Katz, Broadcom & James Strong, Isovalent at Cisco
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 251
You are learning Kubernetes and started to face concepts like Pod CIDRs, Services, CNI, kube-proxy? Welcome! you have reached the amazing area of Kubernetes networking! We all have already been there and know how complex it may seem on the beginning, but in this talk, Ricardo and James will demystify the Kubernetes network concepts and model on a fun way, exploring how it is designed, why the is a "pause" container on every Pods, how the communication between Pods work, what are kube-proxy and CNI and their importance. In the end of this talk we expect you to get your learning path on Kubernetes Networking clear to better understand not only what are the concepts about, but also see on a live demo how every component correlates and makes the communications possible on a Kubernetes cluster .
Speakers
avatar for Ricardo Katz

Ricardo Katz

Software Engineer, Broadcom
Software Engineer at VMware by Broadcom, Kubernetes contributor on spare time. Previously was the tech lead for the Brazilian Government Cloud and Platform infrastructure, being one of the persons responsible for implementing some of the first Kubernetes clusters in Brazil, clusters... Read More →
avatar for James Strong

James Strong

Sr Customer Success Architect, Isovalent at Cisco
James has been working in the cloud for 7 years. He helped build a private cloud at GE Appliances and developed and supported REST API's in AWS on docker. Recently he has passed the CNCF's CKA exam and helps companies migrate their applications to Kubernetes.
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

4:30pm MST

Microsegment Your Network Like Mastercard with AdminNetworkPolicy - John Zaiss, Mastercard & Surya Seetharaman, Red Hat
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 EF
Do you manage Kubernetes clusters and need to enforce airtight workload security on a cluster-wide level? This is vital in the Financial Services industry to comply with the PCI Data Security Standard. Mastercard was looking for a built-in Kubernetes solution enabling admins to govern network access between workloads at scale. While exploring different options, they found namespace-scoped NetworkPolicies but wanted to avoid duplicating policies for each namespace. When Kubernetes SIG-Network added AdminNetworkPolicies in v1.25, Mastercard found what they needed! In this session, we will introduce AdminNetworkPolicy and demonstrate applying granular, non-overridable network controls on a live cluster for multi-tenant isolation. Join us to learn how Mastercard is securing microservices in production based on the principle of least privilege and zero trust. We will also share our operational challenges and lessons learnt. Attendees will gain actionable strategies to secure clusters.
Speakers
avatar for John Zaiss

John Zaiss

Principal Software Engineer, Mastercard
As a Principal Engineer, John brings extensive expertise in Kubernetes, automation, cloud identity architecture, server architecture, VMware ESX, mobile device management, and IT strategy. He is a seasoned information technology professional with a BS in Cybersecurity and a MS in... Read More →
avatar for Surya Seetharaman

Surya Seetharaman

Principal Software Engineer, Red Hat Inc.
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Principal Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

4:30pm MST

Elevating Kubeflow Spark Operator's Future: Best Practices and Enhancements - Vara Bonthu, AWS & Chaoran Yu, Apple Inc
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
As Kubernetes becomes the leading platform for data processing, mastering the deployment and management of Apache Spark on it is crucial. In this presentation, you'll hear from the new maintainers of the Kubeflow Spark Operator project, who will provide an overview of scaling the Spark Operator on Kubernetes, emphasizing best practices to optimize performance and efficiency. Attendees will explore the migration of the Spark Operator repository from Google to Kubeflow, gaining insights into the roadmap and key takeaways. The session will cover strategies for achieving multi-tenancy, managing multiple Spark Operator instances for large-scale deployments, ensuring robust security, and performing seamless upgrades. Participants will learn advanced techniques to maximize their Spark on Kubernetes deployments, making their data processing pipelines more efficient, reliable, and secure. This talk is for Data, ML, DevOps, and MLOps pros to enhance their Spark on Kubernetes skills.
Speakers
avatar for Chaoran Yu

Chaoran Yu

Software Engineer, Apple Inc
Chaoran Yu is a software engineer at Apple. He leads a team that builds and operates a large-scale batch analytics data platform to meet the demanding requirements of data scientists and engineers. His passion lies in delivering the best value to stakeholders through best-of-breed... Read More →
avatar for Vara

Vara

Principal OSS Specialist, AWS
Vara Bonthu is a dedicated technology professional and Worldwide Tech Leader for Data on EKS, specializing in assisting AWS customers ranging from strategic accounts to diverse organizations. He is passionate about open-source technologies, Data Analytics, AI/ML, and Kubernetes, and... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage
  • Content Experience Level Any

4:30pm MST

WASM + KWOK Wizardry: Writing and Testing Scheduler Plugins at Scale - Dejan Pejchev & Jonathan Giannuzzi, G-Research
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 EF
In the world of Kubernetes, optimizing scheduler performance is key to maximizing cluster efficiency. This session dives into building custom Kubernetes scheduler plugins using WebAssembly and leveraging KWOK to test their performance. We'll begin by introducing the fundamentals of Kubernetes scheduling and the unique advantages of WebAssembly, such as fast startup times and secure sandboxing. We will show how the kube-scheduler-wasm-extension project can be used to create custom scheduling logic easily. Next, we'll explore KWOK (Kubernetes WithOut Kubelet), a tool that simulates Kubernetes clusters for testing and benchmarking purposes. Through hands-on examples, we'll demonstrate how to set up KWOK, create realistic test environments, and gather performance metrics to fine-tune your custom scheduler plugins.
Speakers
avatar for Jonathan Giannuzzi

Jonathan Giannuzzi

Open Source Evangelist, G-Research
avatar for Dejan Zele Pejchev

Dejan Zele Pejchev

Open Source Engineer, G-Research
Dejan is a seasoned Software Engineer with over 8 years of experience building and scaling distributed systems and an advocate of open source & Kubernetes-native solutions. Dejan is also a maintainer of Armada, the Kubernetes multi-cluster batch scheduling tool, Testkube, the Kubernetes-native... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced

4:30pm MST

Fluent Bit: Better Pipelines for Observability - Eduardo Silva, Chronosphere
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3 | 355 EF
Creating better data pipelines is constantly challenging when "better" is defined by performance, low resource usage, and total ecosystem integration. In this session, we will dive deep into Fluent Bit, a CNCF graduate project under the Fluentd umbrella that helps you build scalable data pipelines to manage all your needs for the collection and processing of telemetry data by integrating multiple data sources and formats and reliably sending it to your desired endpoints or vendors for analysis. Attendees of this session will learn about best practices for telemetry data handling and important concepts such as buffering, backpressure, monitoring, and retry logic, among many others. Fluent Bit, which was primarily known for managing logs, now also handles metrics and traces. It fully integrates with applications based on Prometheus or OpenTelemetry formats.
Speakers
avatar for Eduardo Silva

Eduardo Silva

OSS Engineering Manager, Chronosphere
Eduardo is an entrepreneur and Software Engineer. He is one of Fluentd project maintainers and creator of Fluent Bit, a lightweight Logs, Metrics, and Traces processor.
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Fluentd

4:30pm MST

Gateway API: What's New, What's Next? - Christine Kim & Nick Young, Isovalent at Cisco; Mattia Lavacca, Kong; Guilherme Cassolato, Red Hat
Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Gateway API represents the next generation of ingress and service mesh APIs for Kubernetes. Since its promotion to GA (General Availability) last year, numerous features have been added, with many more in development. In this talk, we will introduce the latest enhancements, review all recent changes to the API, and discuss what lies ahead. Many features are planned to graduate to GA in the upcoming releases, while others will be introduced as experimental. This talk is the ideal opportunity to familiarize yourself with these changes, connect with the Gateway API community, and get answers to all your questions!
Speakers
avatar for Guilherme Cassolato

Guilherme Cassolato

Principal Software Engineer, Red Hat
Guilherme is a Principal Software Engineer at Red Hat, core member of the Cloud Native Computing Foundation (CNCF) project Kuadrant, developer and maintainer of Authorino, active contributor in the Kubernetes community with the Gateway API project by SIG-Network.
avatar for Nick Young

Nick Young

Senior Software Engineer, Isovalent at Cisco
Nick has been working to prevent the entropic downfall of systems for 25 years, across datacenters, clouds, networking, and others. He's a Staff Engineer at Isovalent, and a maintainer on the Kubernetes Gateway API project, where he works on improving the ingress and mesh experiences... Read More →
avatar for Christine Kim

Christine Kim

Developer Relations, Isovalent at Cisco
Christine Kim focuses on developer experience at Isovalent, where she dabbles in the world of Kubernetes and Service Meshes.
avatar for Mattia Lavacca

Mattia Lavacca

Software Enginner, Kong
Mattia is a Software Engineer at Kong, working on Kubernetes networking. He is a key contributor to SIG-Network projects, such as Gateway API, Ingress2Gateway, and Blixt, and the co-lead of Kong's Gateway API implementation. He is working on many Kong projects related to networking... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Network

4:30pm MST

Navigate Cross SIG Collaborations with SIG Docs - Rey Lejano & Savitha Raghunathan, Red Hat; Divya Mohan, SUSE; Xander Grzywinski, Microsoft
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3| 355 BC
As one of the largest open source projects, Kubernetes is divided into twenty-four Special Interest Groups (SIGs). All SIGs share a common goal of advancing the project, and collaboration across SIGs is required to do so. In this session, learn how SIG Docs collaborates with other SIGs on Kubernetes releases, improving Kubernetes security and driving Kubernetes adoption with documentation.
Speakers
avatar for Savitha Raghunathan

Savitha Raghunathan

Senior Software Engineer, Red Hat
Savitha Raghunathan is a Senior Software Engineer at Red Hat, working on Container Migration and Application Modernization. She leads K8s sig-security-docs sub-project aiming to create security awareness through docs. As a maintainer of the Konveyor project, she leads the community... Read More →
avatar for Xander Grzywinski

Xander Grzywinski

Open Source Program Manager, Defense Unicorns
Xander is an open source program manager at Defense Unicorns. Previously he worked in various roles on platform and open source teams at Microsoft, Twitter, Apple, and HashiCorp. When not at a computer, you'd most likely find him at a pottery wheel.
avatar for Rey Lejano

Rey Lejano

Solutions Architect @ Red Hat, CNCF Ambassador, K8s SIG Docs co-chair, SIG Security subproject lead, K8s v1.23 release lead, DevOps Institute Ambassador, Red Hat
Rey Lejano is a Solutions Architect at Red Hat and is the co-chair of Kubernetes SIG Docs. He contributes to Kubernetes SIG Security, Release, & Contributor Experience. He is a member of seven Kubernetes Release Teams including serving as the 1.23 Release Lead and 1.25 Emeritus Adviser... Read More →
avatar for Divya Mohan

Divya Mohan

Principal Technology Advocate, SUSE
Divya is a Senior Technical Evangelist at SUSE, where she contributes to Rancher’s cloud native open source projects. She co-chairs the documentation for the Kubernetes & LitmusChaos projects & has previously worked extensively in the systems engineering space during her tenure... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Docs

4:30pm MST

Open Policy Agent (OPA) Intro, Deep Dive & V1.0 Update - Charlie Egan, Styra
Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Join us in this dedicated session on Open Policy Agent (OPA), the general-purpose policy engine for policy decision-making and management across the cloud native stack - from application authorization to Kubernetes admission, OPA has you covered. OPA maintainers will provide a comprehensive introduction for newcomers, followed by a deep dive into OPA v1.0 and recent updates. Whether you're a veteran OPA user, or just intrigued by policy as code in cloud-native environments, you will find this session valuable. Don't miss the opportunity to connect with other OPA users and to get your questions answered after the presentation too.
Speakers
avatar for Charlie Egan

Charlie Egan

Senior Developer Advocate, Styra
Charlie has been working with in the Cloud Native space since 2018. He currently works as a Developer Advocate at Styra and on the OPA project. Charlie is interested in authentication and authorization across the stack. You can find him in the OPA Community Slack.
Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Open Policy Agent (OPA)

4:30pm MST

Secure Release Processes with in-Toto Policy Verification - John Kjell, TestifySec & Aditya Sirish A Yelgundhalli, New York University
Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Ensuring software releases adhere to expected processes is crucial for both open-source projects and enterprise software. The in-toto project offers a solution by creating attestations for each step, providing verifiable evidence of compliance. Over the past five months, community contributors have worked to enhance the definition and capabilities of in-toto layouts to enforce policies for these attestations. This presentation will showcase the results of this effort, demonstrating how to create flexible policies for any software development lifecycle (SDLC) process, from source code commit to production release. We will explore how to formulate policies that verify attestations for code reviews, SBOM integrity, testing, vulnerability scans, build provenance (such as SLSA), and more. Join us to learn how to ensure your software development process is compliant and secure.
Speakers
avatar for Aditya Sirish A Yelgundhalli

Aditya Sirish A Yelgundhalli

Ph.D. Candidate, New York University
Aditya is a Ph.D. candidate at New York University where he researches software supply chain security. He is a maintainer of in-toto, which is incubated at the CNCF. He is also a contributor to TUF, another CNCF project, and a maintainer of gittuf, a sandbox project at the OpenSSF... Read More →
avatar for John Kjell

John Kjell

Director of Open Source, TestifySec
John is responsible for open source at TestifySec, a software supply chain security startup. He is a maintainer for the Witness and Archivista sub-projects under in-toto. Additionally, John is an active contributor to CNCF's TAG Security and multiple projects within the OpenSSF. Before... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, in-toto

4:30pm MST

Mastering OpenTelemetry Collector Configuration - Steve Flanders, Cisco
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Configuring the OpenTelemetry Collector can be a daunting task for both novices and seasoned professionals alike. Yet, mastering this crucial aspect is essential for unlocking the full potential of your observability stack. In this session, you will embark on a journey to gain the knowledge and skills needed to conquer common OpenTelemetry Collector configuration challenges. This session will draw from real-world experiences and best practices and provide live demonstrations to navigate the intricacies of OpenTelemetry Collector configuration. Whether you are a novice looking to get started or a seasoned veteran seeking to level up your skills, this session promises to empower you with the knowledge and confidence needed to properly and efficiently configure the OpenTelemetry Collector.
Speakers
avatar for Steve Flanders

Steve Flanders

Senior Director of Engineering, Cisco
Steve Flanders is a Senior Director of Engineering at Splunk (acquired by Cisco) responsible for the Observability Platform team, which includes contributions to the OpenTelemetry project. He was previously the Head of Product at Omnition (acquired by Splunk). Prior to Omnition, he... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability
  • Content Experience Level Any

4:30pm MST

Per-Node Api-Server Proxy: Expand the Cluster's Scale and Stability - Weizhou Lan & Iceber Gu, DaoCloud
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 BC
For lots of CNCF projects, kinds of daemonsets simultaneously synchronize datas from the Api-server from each node. Especially in large-scale clusters, it creates significant pressure on the Api-server, burdens the network, even affects the stability of the cluster. Some projects have implemented optimization to address this. For instance, Cilium aggregates endpoint information into the CRD CiliumEndpointSlice before distributing it to its daemonset. However, many projects have not yet adopted such data aggregation optimizations and Currently, there is still no project to help improve the communication between all components and the Api-server. ClusterPedia supports to launch per-node Api-server proxies to serve all local pods, and utilize eBPF to resolve the API server's clusterIP to the local proxy, which transparently implements API server access redirection on demand. In large-scale clusters, this can significantly improve the stability of all cluster's services.
Speakers
avatar for Iceber Gu

Iceber Gu

Software Engineer, DaoCloud
Senior open source enthusiast, focused on cloud runtime, multi-cloud and WASM. I am a CNCF Ambassador and founded Clusterpedia and promoted it as a CNCF Sandbox project. I also created KasmCloud to promote the integration of WASM with Kubernetes and contribute it to the WasmCloud... Read More →
avatar for Weizhou Lan

Weizhou Lan

Senior Tech Lead, Daocloud
Weizhou Lan, 13+ years of engineering experience, engaged in kubernetes since 2018. a senior tech lead at Daocloud focusing on private cloud, a speaker at KubeCon NA/EU and KCD China, a Program Committee Member for KubeCon, the initiator and maintainer of the CNCF sandbox project... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

4:30pm MST

GÖDel Scheduler: A Unified Scheduler for Online and Offline Workloads - Bing Li, Yue Yin & Lintong Jiang, ByteDance
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Gödel Scheduler, developed by ByteDance, has been open-sourced as a unified system for managing online and offline workloads efficiently. Created to surpass the capabilities of Kubernetes' default scheduler, it enhances resource utilization, operational efficiency, and scheduling throughput. Key features include optimistic concurrency, a two-layer scheduling abstraction, and a robust dispatcher and binder system. Gödel Scheduler aims to improve cloud-native experiences and reduce operational burdens, catering to ByteDance’s extensive and diverse computing needs. Join us to explore how Gödel Scheduler can revolutionize your workload management strategy, ensuring efficient and reliable operations across your cloud-native infrastructure.
Speakers
YY

Yue Yin

ByteDance
LJ

Lintong Jiang

ByteDance
avatar for Bing Li

Bing Li

Senior Software Engineer, ByteDance
Software Engineer at ByteDance CloudNative Infrastructure, building Gödel.
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

4:30pm MST

Bring the Joy Back to Deployments! - Murriel McCabe, Google Cloud & Elizabeth Ponce, Airbnb
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 250
Destination: deployment! Your feature is complete. Your application is ready. You want to share your hard work with the world. How do you pick the optimal deployment process? Where do you even start? In this talk, Murriel and Elizabeth will be your guides on a brief tour of several open source tools for deploying a workload into Kubernetes. Our journey will begin with manual hello world deployments and from there we will explore some of the most common modern tools for CI/CD, including a demo speedrun! Major destinations on this tour will include helm, kustomize, skaffold, ArgoCD, Tekton, Jenkins and JenkinsX. We will walk through the fundamentals of CI/CD, explore tradeoffs and discuss the process for implementing these tools in your software development lifecycle. By the end of this talk, you'll be equipped to begin navigating the CI/CD landscape and will leave with resources that will enable you to get started quickly and begin testing in your own environment.
Speakers
avatar for Murriel McCabe

Murriel McCabe

Customer Engineer, Google Cloud
Murriel is a Customer Engineer with Google Cloud. She is currently excited about all things DevOps and platform engineering, developer productivity, and container platforms. She is a big advocate for STEM mentorship of girls/youth and exploring how technology can be used for social... Read More →
avatar for Elizabeth Ponce

Elizabeth Ponce

Software Engineer, Airbnb
Elizabeth is a Software Engineer in Search Infrastructure at Airbnb and has a non traditional pathway from Customer Support Specialist to Software Engineering at Airbnb. As a Global Co-Chair for GemTech, Airbnb's Genders Marginalized in Tech employee resource group, Elizabeth actively... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 250
  SDLC

4:30pm MST

Mish-Mesh: Abusing the Service Mesh to Compromise Kubernetes Environments - Hillai Ben-Sasson & Nir Ohfeld, Wiz
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 151
Service mesh solutions are common components in almost every large Kubernetes environment. Many engineers and security teams have adopted solutions like Linkerd and Istio to better segment and isolate their Kubernetes networks. In this talk, we will demonstrate how we were able to exploit common misconfigurations and insecure features in popular service mesh solutions, to escalate low-severity vulnerabilities to critical service takeovers. Our real-life examples include several major cloud service providers, where these vulnerabilities allowed us to gain unauthorized access to internal systems and sensitive secrets. This talk will help engineers understand whether their service mesh deployment acts as a proper security barrier, and how to make sure that it does. Security teams – both attackers and defenders – will learn new techniques for hacking Kubernetes environments, and how to properly defend against them.
Speakers
avatar for Hillai Ben-Sasson
avatar for Nir Ohfeld

Nir Ohfeld

Security Researcher, Wiz
Nir Ohfeld is a 25-years-old senior security researcher at Wiz. Ohfeld focuses on cloud-related security research and specializes in research and exploitation of cloud service providers, web applications, application security, and in finding vulnerabilities in complex high-level systems... Read More →
Thursday November 14, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 151
  Security

4:30pm MST

Tutorial: No Mess Rollouts with Gateway API: Leveraging Gateway API and Argo Rollouts for Progressive Delivery - Nina Polshakova & Lawrence Gadban, Solo.io
Thursday November 14, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Modern application delivery has many pitfalls: version transitions, traffic management, quality assurance, performance monitoring, and rollbacks. If you encounter an upgrade issue, what can you do? Mirror traffic? Debug locally? Roll back? Argo Rollouts lets teams gradually and safely deploy new versions of applications. A standard Gateway API enables any provider to support Argo Rollouts without provider-specific code. Argo Rollouts monitors Prometheus metrics to verify performance and reverts if success criteria aren’t met. This hands-on lab guides you on integrating Argo Rollouts with applications using different Gateway API implementations. Using Argo and Gateway API resources (HTTPRoute), you’ll learn to adjust traffic weights and gradually direct more traffic to a new version. We will also explore challenges in route delegation and role-based access control within Gateway API and potential extensions to address gaps in traffic shaping, access control, and debugging rollouts.
Speakers
avatar for Lawrence Gadban

Lawrence Gadban

Software Engineer, Solo.io
Lawrence is a Field Engineer at Solo.io where he works with organizations of all sizes to architect, adopt, and operationalize components such as Envoy proxy, API gateways, and service mesh. Most recently, he has been working directly with several organizations at various stages of... Read More →
avatar for Nina Polshakova

Nina Polshakova

Software Engineer, Solo.io
Nina is a software engineer working on multi-cluster Istio solutions on the Gloo Platform team at Solo.io. She is a CNCF Ambassador and has also been on several Kubernetes release teams. She led the Enhancements team for the 1.29 release and is the current lead for the Release Notes... Read More →
Thursday November 14, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, Operations + Performance
  • Content Experience Level Any

4:30pm MST

🚨 Contribfest: Kickstart Your eBPF Journey with Tetragon
Thursday November 14, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 3 | 355 A
Tetragon and eBPF have a lot of buzz and this is your chance to get involved diving into the bytecode or docs! Tetragon’s docs are still young and your new contributor's perspective will be a superpower for spotting issues or unclear wording in the various quickstarts, guides, and concepts pages. The project’s CLI, tetra, is another great opportunity for those interested in code contributions around ease of use, testing, and consistency in flags and output. Tetragon’s documentation tech stack uses Markdown, built with Hugo, and a customized Docsy theme. The CLI is written in Go with the Cobra library and uses gRPC to communicate with the agent. While this session should help you get more familiar with Tetragon and can lead to more contributions in the future, those technologies are also used in Kubernetes and many other CNCF projects.
Speakers
avatar for Mahé Tardy

Mahé Tardy

Software Engineer, Isovalent at Cisco
Mahé is a security engineer at Isovalent and an active contributor to Kubernetes SIG Security. He was previously working as a security researcher and loves working with Linux, security, and Kubernetes!
avatar for Kornilios Kourtis

Kornilios Kourtis

Dr, Isovalent
I am a software engineer at Isovalent, working on cloud-native networking, security, and observability using eBPF. Before that, I worked in industrial (IBM) and academic research (ETH Zurich, NTU Athens) in systems, including operating systems, storage and network stacks, and high-performance... Read More →
avatar for Joe Stringer

Joe Stringer

Cilium Maintainer, Isovalent
Passionate about building efficient network dataplanes, and actively involved in the communities around Cilium, eBPF and the Linux kernel.
avatar for John Fastabend

John Fastabend

Director of Engineering, Cisco
John is currently leading the Security and Observability team at Isovalent where he created Tetragon a runtime security and observability tool. When not working on Tetragon he maintains various bits and pieces of the Linux kernel contributing primarily to the BPF subsystem and networking... Read More →
Thursday November 14, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 3 | 355 A
  🚨 Contribfest

4:30pm MST

🚨 Contribfest: Meshery Contribfest: Extending the Cloud Native Manager
Thursday November 14, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 3 | 355 D
Join the Meshery maintainers and community in improving the leading cloud native management plane. This is your chance to get hands-on with the tools shaping the future of collaborative cloud native management. Opportunities: Work on core functionality in the Server (Golang) or UI (React) or extend Meshery by building your own plugin. Contribute to the Meshery documentation by incorporating your own examples of cloud native solution architectures using Meshery Designer. Why Contribute to Meshery? - Gain experience with cloud native technologies, including essentially every CNCF project and open source development practices. As is the 10th fastest growing CNCF project, Meshery has a vibrant community. Work alongside passionate maintainers and contributors. No Prior Experience Needed: We welcome contributions from all levels of experience. Join us at Meshery Contribfest and be part of the growing community shaping the future of collaborative cloud native management.
Speakers
avatar for Shivay Lamba

Shivay Lamba

Developer Relations Engineer, Couchbase
Shivay Lamba is a software developer specializing in DevOps, Machine Learning and Full Stack Development. He is an Open Source Enthusiast and has been part of various programs like Google Code In and Google Summer of Code as a Mentor and is currently a MLH Fellow. He has also worked... Read More →
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus through... Read More →
Thursday November 14, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 3 | 355 D
  🚨 Contribfest

5:25pm MST

Managing and Distributing AI Models Using OCI Standards and Harbor - Steven Zou & Steven Ren, VMware by Broadcom
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Hall DE
Just as container images are vital to cloud-native technology, AI models are crucial to AI technology. Effectively, conveniently, and safely managing, maintaining, and distributing AI models is critical for supporting workflows like AI model training, inference, and application deployment. This presentation explores AI model management based on OCI standards and the Harbor project. Standardizing AI model structures and characteristics using OCI specifications and extension mechanisms like OCI Reference to link datasets and dependencies. When large models require efficient loading or privacy considerations, model replication or proxy with upstream repositories like Hugging Face becomes essential. Enhancing model distribution security through signing, vulnerability scanning, and policy-based governance is often necessary. Additionally, introducing acceleration mechanisms such as P2P can significantly improve the efficiency of large model loading.
Speakers
avatar for Steven Ren

Steven Ren

Senior Manager, Broadcom
avatar for Steven Zou

Steven Zou

Staff II Engineer, VMware by Broadcom
Steven Zou is a senior engineer with years of experience in cloud computing and cloud-native technology. He is currently working as a Staff II engineer at VMware, focusing on cloud-native and Kubernetes-related platform services. In addition, he is a core maintainer of the CNCF open-source... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML
  • Content Experience Level Any

5:25pm MST

Navigating Failures in Pods with Devices: Challenges and Solutions - Sergey Kanzhelev, Google & Mrunal Patel, Red Hat
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 250
Pods are no longer running with just CPU and Memory. We provision GPUs, network cards, request special placement of those devices and allocated memory. And the more efficient or effective you want your set up to be, the more complicated those device requirements are, the more chances you will hit an edge case Kubernetes has not accounted for yet. Come to the talk to learn from Node Maintainers about some of those shortcomings in Kubernetes. If you are only starting with AI/ML and devices, you will be interested to learn what to expect. If you have lots of experience, you may still learn new things. With the increased focus on AI/ML workloads, highlighting those scenarios is important. As Kubernetes plans to fix those problems, you can give feedback on what would work best for you.
Speakers
avatar for Sergey Kanzhelev

Sergey Kanzhelev

Staff Software Engineer, Google
Sergey Kanzhelev is a seasoned open source and cloud native maintainer working actively on Kubernetes. Sergey is serving as co-chair of SIG node. He is also one of the founders of OpenTelemetry. He is working on engineering aspect of software and its practical application. He is contributing... Read More →
avatar for Mrunal Patel

Mrunal Patel

Distinguished Engineer, Red Hat
Mrunal Patel is a Senior Principal Software Engineer at Red Hat working on containers for Openshift. He is a maintainer of runc/libcontainer and the OCI runtime specification. He started the CRI-O runtime. He is a SIG-Node chair and tech lead.
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 250
  AI + ML
  • Content Experience Level Any

5:25pm MST

Engaging the KServe Community, The Impact of Integrating a Solutions with Standardized CNCF Projects - Adam Tetelman, NVIDIA; Taneem Ibrahim, Red Hat; Johnu George, Nutanix; Tessa Pham, Bloomberg; Andreea Munteanu, Canonical
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Building a new solution and contemplating whether or not the OSS path is right for you? Wondering where to get started with a large cloud initiative and where the pitfalls may lie? Curious to know all the benefits waiting if your organization embraces a rich CNCF ecosystem? In this talk we will discuss the trade-offs between building a product on a full OSS platform vs. a DIY approach. We will delve into the issues of working with internal stakeholders or partners to embrace an OSS community and will cover the benefits and scaling factors that come when embracing open standards. We will use the recent integration of NVIDIA NIM into KServe as a case study and talk through the trials and tribulations that paid off in a win-win-win situation for our solutions, the OSS projects, and our users. We will cover Kubeflow, Knative, Istio, KServe, and wg-serve as well as a network of companies building enterprise K8s platforms and enterprise AI applications on top of these foundations.
Speakers
avatar for Andreea Munteanu

Andreea Munteanu

AI Product Manager, Canonical
I lead AI at Canonical, the publisher of Ubuntu and a provider of open source security, support and services. With a background in data science across industries like retail and telecommunications, I help enterprises make data-driven decisions with AI. I am passionate about amplifying... Read More →
avatar for Tessa Pham

Tessa Pham

Senior Software Engineer, Bloomberg
Tessa Pham is a Senior Software Engineer on Bloomberg's Cloud Native Compute Services organization. She works on building an inference platform for Bloomberg’s Data Science Platform, used by engineers and data scientists for training, deploying and serving ML models. Tessa is a... Read More →
avatar for Johnu George

Johnu George

Staff Engineer, Nutanix
Johnu George is a staff engineer at Nutanix with a background in distributed systems and large-scale hybrid data pipelines. He is an active in open-source and has steered several industry collaborations on projects like Kubeflow, Apache Mnemonic and Knative. His research interests... Read More →
avatar for Adam Tetelman

Adam Tetelman

Principal Product Architect, NVIDIA
Adam Tetelman is a principal architect at NVIDIA leading cloud native initiatives and CNCF engagements across the company; building inference platforms for NVIDIA AI Enterprise and DGX Cloud. He has degrees in computational robotics, computer & systems engineering, and cognitive science... Read More →
avatar for Taneem Ibrahim

Taneem Ibrahim

Senior Engineering Manager, Red Hat
Taneem is an engineering leader at Red Hat where his organization is responsible for building and delivering Model Serving, Responsible AI, and Model Registry solution in OpenShift AI.
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Cloud Native Experience
  • Content Experience Level Any

5:25pm MST

Pick My Project! Lessons Learned from Interviewing 20+ End Users for Cloud Native Case Studies - Shedrack Akintayo & Bill Mulligan, Isovalent at Cisco
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 BC
Cloud native projects can promise the moon in their READMEs, but have you ever wondered what actually causes end users to adopt a project? Shedrack and Bill have interviewed over 20 companies in industries ranging from media to financial services about why they picked a project for their cloud native platform. In this talk, they will reveal what end users truly want when adopting cloud native technologies and what the forcing function was for each of them. You’ll hear firsthand accounts of the triumphs and tribulations faced by companies like Bloomberg, DigitalOcean, The New York Times, and more as well as the specific benefits these organizations are reaping, from enhanced security and observability to improved performance and cost savings. Additionally, they’ll teach other projects their process for creating impactful case studies. By the end, the audience will understand the real-world applications and advantages of cloud native technologies and why end users pick a project.
Speakers
avatar for Shedrack Akintayo

Shedrack Akintayo

Technical Marketing Engineer, Isovalent at Cisco
Shedrack Akintayo is a software engineer and technical writer based in London with six years of experience spanning Web Engineering, DevOps, Technical Writing, and Developer Relations. Shedrack works as a Technical Marketing Engineer at Cisco, via the Isovalent acquisition. He actively... Read More →
avatar for Bill Mulligan

Bill Mulligan

Community Pollinator, Isovalent at Cisco
Bill Mulligan is a cloud native pollinator and community builder. He has given talks, written articles, and appeared on podcasts on a wide range of topics around cloud native. While at CNCF he restarted the Kubernetes Community Day program. He is currently at Isovalent growing the... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 BC
  Cloud Native Experience
  • Content Experience Level Any

5:25pm MST

Why Serverless Is Trending Again - Matt Butcher, Fermyon
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 251
The idea of serverless computing really took off in 2016. But after an apparent peak in 2019, it seemed to be on the decline. Yet things took an about face again in 2022. The idea of serverless functions not only regained lost ground, but even now it is hitting new levels of interest. Why? In this session, we first get very clear about what “serverless” means as a design pattern. Then we dive into what it is good for, and mention a few of the major successes of serverless computing. From there, we look into the present and future of serverless technology, particularly inside of Kubernetes. WebAssembly is the runtime technology that enables serverless in Kubernetes to outperform Amazon Lambda and other competitors.
Speakers
avatar for Matt Butcher

Matt Butcher

CEO, Fermyon
Matt Butcher (CEO) is a founder of Fermyon. He is one of the original creators of Helm, Brigade, CNAB, OAM, Glide, and Krustlet. He has written or co-written many books, including "Learning Helm" and "Go in Practice." He is a co-creator of the "Illustrated Children’s Guide to Kubernetes... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

5:25pm MST

One Gateway API to Rule Them All (and in the Cluster Configure Them) - Flynn, Buoyant
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 EF
Ingress, egress, east-west, north-south… Kubernetes has always had a lot of different ways to talk about network traffic, each with its own concerns. For years, the possibility of unifying these kinds of configuration under a single API was a tantalizing but far-off possibility until Gateway API v0.8 took the first step of combining ingress and mesh configuration. Now Gateway API is taking the next step: bringing egress to the party. Join us for a look into how Linkerd is using these new egress capabilities to meet real user needs! We’ll start with a quick overview of what egress policy covers and what people need from it, how Gateway API makes egress work within its existing model, continue to cover how Linkerd implements it, and finish up with a live demo showing off a real-world example of egress management through the Gateway API. Welcome to the grand unified world!
Speakers
avatar for Flynn -

Flynn -

Tech Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering (from the kernel up through distributed applications, with a common thread of communications and security throughout... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity
  • Content Experience Level Any

5:25pm MST

What if Kubernetes Was a Compiler Target? - David Morrison, Applied Computing Research Labs & Tim Goodwin, UC Santa Cruz
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 EF
Multi-tier programming is a classic concept from the programming languages community, which provides abstractions for building multiple layers of a distributed application at once. For example, there might be a “presentation” tier that displays a user interface, a “data” tier that interacts with a backing database, and a “business logic” tier that connects the two, all of which can be expressed succinctly as part of the same program and compiled into independently-deployable units. However, Kubernetes has pushed modern software development in the opposite direction: SOA applications are composed of hundreds of independent units of code, often written in different languages and development environments. In this talk we provide an overview of multi-tier programming and how it might apply to software development on Kubernetes. We also present a prototype “Kubernetes compiler” that can turn a monolithic codebase into a distributed application that runs on top of Kubernetes.
Speakers
DM

David Morrison

Applied Computing Research Labs
avatar for Tim Goodwin

Tim Goodwin

PhD Student, UC Santa Cruz
I am a 3rd year PhD student in the LSD lab at UC Santa Cruz. I am broadly interested in distributed systems and the abstractions we use to build them. I focus on cloud-native programming models and the challenges they present to developers, and my current research is focused on Kubernetes... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced

5:25pm MST

Longhorn: Intro, Deep Dive and Q+A - David Ko, SUSE
Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Longhorn is a cloud-native, distributed block storage solution for Kubernetes, supporting persistent volume capacities and compatible with CSI protocols. It is designed for agnostic deployment across on-premises, edge, and cloud environments, serving as an independent storage solution within your cluster or as part of your broader infrastructure platform. Longhorn covers key data areas including data integrity, data locality, volume migration, replica rebalancing, automated volume operations, snapshot/revert, backup/restore, disaster recovery, data protection, data encryption, backing images for VM workloads, and so on. Besides, the new v2 data engine is under active development to enhance Longhorn's data plane performance. In this session, we will discuss the latest v2 status, like online replica rebuilding, new volume upgrade mechanism, volume trimming, and other significant features. We will also provide insights into the roadmap and engage in an in-depth discussion.
Speakers
avatar for David Ko

David Ko

Engineering Director, SUSE
David Ko, a senior engineering manager at SUSE, is currently leading the Longhorn project (CNCF incubating) and is primarily dedicated to open-source development. David is not just a project/product/team/people manager, but also a hands-on developer and architect with 10+ years of... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Longhorn

5:25pm MST

Scaling and Safeguarding the Heart of Kubernetes: Deep Dive Into etcd - Wenjia Zhang & Marek Siarkowicz, Google; James Blair, Red Hat; Ivan Valdes Castillo, Aki Technologies; Wei Fu, Microsoft
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3 | 355 EF
SIG-etcd are hard at work on scaling&safeguarding etcd, we need your help and feedback! This deep dive session will explore current & future etcd development efforts to share with both etcd & Kubernetes users & contributors. In particular we’ll focus on: -Feature gates:Reviewing recent KEPs for server & cluster level etcd feature gates. Discuss how feature gates empower us to introduce new capabilities while minimizing risk or breaking changes. -etcd Operator Working Group:Discuss the progress & next steps for the working group to release an officially supported etcd Operator. -Tackling compaction correctness:A post mortem exploration of the recent etcd watch correctness issue & resolution. -Community Update: A status update on the growth of the etcd community and project news. Highlight opportunities for you to get involved! Join etcd maintainers and contributors to learn about these recent developments & future plans, including how you can contribute to them. Bring questions, too.
Speakers
avatar for Wenjia Zhang

Wenjia Zhang

Engineering Manager, Google
Wenjia Zhang is an Engineer Manager at Google, working on Google Kubernetes Engine and Google Distributed Cloud. She is an active contributor for Kubernetes and etcd open source projects.
avatar for Wei Fu

Wei Fu

Software Engineer, Microsoft
containerd maintainer: Building things for others who build things
avatar for Marek Siarkowicz

Marek Siarkowicz

Senior Software Engineer, Google
Marek is a Software Engineer working at Google in Etcd team. He began his career in local startups where he loved open source and extreme programming. Currently he is a etcd maintainer and active member of SIG-instrumentation leading structured logging effort in Kubernetes. In his... Read More →
avatar for James Blair

James Blair

Specialist Architect, Red Hat
James Blair is a Specialist Architect at Red Hat who works with organisations to design and implement solutions leveraging cloud native technologies. He is a vivid open source advocate and hands-on engineer who is an active Kubernetes and Etcd contributor and is passionate about growing... Read More →
avatar for Ivan Valdes Castillo

Ivan Valdes Castillo

Independent
Ivan is a Site Reliability Engineer specializing in CI/CD pipelines, Infrastructure as Code, and automation. His dedication to spreading and mentoring the DevOps culture is evident in his efforts to foster collaboration and streamline development. In his free time, he is an active... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, etcd

5:25pm MST

Securing the Future of Ingress-Nginx - James Strong, Isovalent & Marco Ebert, Giant Swarm
Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Ingress NGINX is a very flexible Ingress controller that provides users with a lot of NGINX functionality through annotations. However, this flexibility also raises security concerns for maintainers and cluster administrators. There have been eight significant CVEs and RCEs in Ingress NGINX. To address these issues, we have created a security hardening guide, which will be presented as a preview in this talk. Additionally, we will enable restrictive features by default to offer a more secure out-of-the-box experience with Ingress NGINX such as annotation validations. To maintain and secure the project and its Gateway API implementation, we will not be adding any new features to the core functionality of ingress, and a significant amount of functionality, such as UDP/TCP Routing, will be moved to Gateway API. We will also unveil the new name of the project during this presentation.
Speakers
avatar for James Strong

James Strong

Sr Customer Success Architect, Isovalent at Cisco
James has been working in the cloud for 7 years. He helped build a private cloud at GE Appliances and developed and supported REST API's in AWS on docker. Recently he has passed the CNCF's CKA exam and helps companies migrate their applications to Kubernetes.
avatar for Marco Ebert

Marco Ebert

Site Reliability Engineer, Giant Swarm
I'm Marco - working in Open Source for more than a decade, with Kubernetes since 2016 and as a maintainer of Ingress NGINX since 2023!As an SRE, I'm always interested in infrastructure & networking and love learning new stuff while troubleshooting complex platforms.After work, you... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Network

5:25pm MST

The Path to Helm 4 - Matt Farina, SUSE & Andrew Block, Red Hat
Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Helm, the package manager for Kubernetes, has had a long and storied history alongside Kubernetes, dating back to 2015. As Kubernetes has grown, matured, and evolved, so has Helm. Since Helm is used by communities and organizations throughout the world, it is important that the project remains stable and efficient. For this to occur, Helm utilizes semantic versioning which ensures the CLI and API remain stable. However, as Kubernetes has evolved, it has been difficult to add new capabilities while also complying with these standards. There becomes a point for which breaking changes must be made. For this reason, Helm is embarking on Helm 4 which will help shape the future of the project. In this session, attendees will learn: How Helm remains stable including the safeguards used Why Helm is embarking on a new major version The key the features associated with Helm 4 Helm 3 support, during and afterward How to get involved The future of Helm is NOW and you can participate!
Speakers
avatar for Andrew Block

Andrew Block

Distinguished Architect, Red Hat
Andrew Block is a Distinguished Architect at Red Hat that works with organizations to design and implement solutions leveraging cloud native technologies. He specializes in Continuous Integration and Continuous Delivery methodologies with a focus on security to reducing the overall... Read More →
avatar for Matt Farina

Matt Farina

Distinguished Engineer, SUSE
Matt works as a Distinguished Engineer at SUSE, where he works as the Chief Architect of the SUSE Rancher Team. He is a maintainer of multiple open source projects including Helm and Artifact Hub. Matt is an author, speaker, and regular contributor to open source.
Thursday November 14, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Helm

5:25pm MST

What's New in SIG-Windows - Mark Rossetti, Microsoft & Aravindh Puthiyaparambil, Softdrive
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3| 355 BC
At this maintainer track talk we will cover what is new in the Windows Special Interest Group. This talk will mainly focus on kubelet related improvements including memory-pressure eviction support, cpu / topology manager support, and more!
Speakers
avatar for Mark Rossetti

Mark Rossetti

Software Engineer, Microsoft
Mark Rossetti is a software engineering focusing on open-source projects at Microsoft and is also the co-chair of Kubernetes' SIG-Windows. Mark focuses on improving the experience of using Windows containers in Kubernetes. Mark has also served on the Kubernetes release team since... Read More →
avatar for Aravindh Puthiyaparambil

Aravindh Puthiyaparambil

Director of Engineering, Softdrive
Director of Engineering at Softdrive
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Windows

5:25pm MST

Now You See Me: Tame MTTR with Real-Time Anomaly Detection - Kruthika Prasanna Simha & Raj Bhensadadia, Apple Inc.
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Picture this! You are running an application on a Kubernetes cluster & you notice that your nodes have been restarting and your users are noticing that your application is unreachable. As an engineer, you want to identify these failures in real-time & differentiate these from known states, at scale. But we know, static thresholds fail for dynamic metrics! This session explores real-time anomaly detection for cloud-native systems. We'll show you how to reduce MTTR and mean time to analyse by proactively identifying abnormal application behavior using statistical & machine learning algorithms on time series data from Prometheus. Learn to pinpoint issues, identify missing instrumentation, and visualize anomalies using Grafana. This session equips you to achieve faster issue resolution and maintain optimal application health. We'll demo practical techniques for metrics selection, anomaly detection and proactive issue identification to manage your cloud-native applications.
Speakers
avatar for Raj

Raj

Machine Learning Engineer, Apple Inc.
Raj Bhensadadia, a machine learning engineer with a passion for leveraging ML technologies to enhance monitoring and analysis of large scale systems and ensure robustness and performance of infrastructure and services.
avatar for Kruthika Prasanna Simha

Kruthika Prasanna Simha

Software Engineer, Apple Inc.
Kruthika is a software engineer at Apple specializing in building ML enabled observability solutions. She holds a Masters in Computer Engineering and has specialized in Machine Learning. In her free time, she likes to dabble with Jupyter Notebooks for running experiments with data... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability
  • Content Experience Level Any

5:25pm MST

Pod Power: Liberating Kubernetes Users from Container Resource Micromanagement - Dixita Narang, Google & Peter Hunt, Red Hat
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 BC
In the dynamic world of Kubernetes, efficient resource management is crucial for optimizing performance and costs. Traditionally, managing resource requests and limits in Kubernetes has focused on individual containers within a pod. While this approach offers granular control, it can become cumbersome and error-prone, particularly for complex applications with multiple containers. Join us as we'll examine the challenges and scalability limitations posed by container resource micromanagement resource allocation. To address this issue, the pod-level feature specification is introduced. In this session, we'll delve into the transition towards pod-level resource specifications, providing an intuitive method for defining resource requests and limits at the pod level, in conjunction with the existing container-level settings. This innovative approach offers enhanced flexibility and optimized resource utilization for a variety of workloads, including those with init containers and sidecars.
Speakers
avatar for Peter Hunt

Peter Hunt

Senior Software Engineer, Red Hat
Peter Hunt is a Senior Software Engineer working at Red Hat. Passionate about free software, Peter focuses on maintaining CRI-O, attending SIG node, and ~writing~ squashing bugs. Outside of the virtual world, Peter likes collecting floral-printed pants, gardening, and dancing.
avatar for Dixita Narang

Dixita Narang

Software Engineer, Google
Dixita Narang is a Software Engineer at Google on the Kubernetes Node team. With a primary focus on resource management within Kubernetes, Dixita is deeply involved in the development and advancement of the Memory QoS feature, which is currently in the alpha stage. She is a new contributor... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

5:25pm MST

How Google Build Its New Cloud on Top of Kubernetes - Saad Ali, Jie Yu & Prashanth Venugopal, Google
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
“Build a new air-gapped cloud with open source technologies” – this is what a small team at Google was tasked with in late 2021. The team delivered a private cloud platform, complete with managed VMs, databases, AI services, and more. Moreover, it did so by leveraging a number of CNCF technologies, including Kubernetes, Istio, etc. We’ll share the potential of these technologies, as well as their limitations, by explaining how they were used to build a scalable, reliable, and secure cloud platform. We’ll discuss how to implement cloud tenancy concepts, enforce isolation among tenants, and how we built a cloud API leveraging k8s API machinery and service mesh. A key innovation in building the private cloud platform was the “Kubernetes Defined Networking” (KDN) stack we created: by leveraging existing k8s networking features (e.g. load balancer, etc.) along with a few key enhancements, we implemented most of the traditional cloud SDN concepts, like VPC, firewall, VM support, etc.
Speakers
avatar for Saad Ali

Saad Ali

Senior Engineering Manager, Google
Saad Ali is a Senior Engineering Manager at Google. He works on Google Distributed Cloud and the open-source Kubernetes project. He led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, has served as member of the CNCF... Read More →
avatar for prashanth venugopal

prashanth venugopal

Kubernetes Networking Lead, Google
Prashanth has an almost two decades long career, across various networking market segments. In his current role as the lead architect of Google's Kubernetes networking stack, he helps drive the networking stack's evolution for Google Kubernetes Engine (for the Public Cloud Market... Read More →
avatar for Jie Yu

Jie Yu

Principal Software Engineer, Google
Jie Yu is a currently a Principal Software Engineer at Google. Jie is currently working on Google Distributed Cloud, and is the leading architect for the product. Prior to Google, Jie was a Chief Architect at Mesosphere (D2IQ), and worked at Twitter. Jie joined Kubernetes community... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

5:25pm MST

Multi-Tier Security in WasmCloud: From Developer Constraints to Platform Extensibility - Brooks Townsend, Cosmonic
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 151
In 2024, 96% of codebases contain open source, and 74% of these have high-risk vulnerabilities — a 54% increase from 2023. As open source adoption grows and the cloud native landscape evolves, robust security practices are critical. This session explores wasmCloud, a CNCF platform for distributed WebAssembly applications, focusing on achieving a secure-by-default environment. wasmCloud's multi-tier security model addresses the needs of both developers and platform engineers. Developers work in a deny-by-default mode, requiring explicit declaration of all application capabilities. Platform engineers grant these capabilities in a fine-grained manner and extend security through pluggable services. Grounded in real-world experience and practical demos, you’ll leave this talk with the knowledge to configure and extend security using pluggable services, enabling you to leverage WebAssembly to secure your cloud native applications.
Speakers
avatar for Brooks Townsend

Brooks Townsend

Senior Software Engineer II, Cosmonic
Brooks is a Lead Software Engineer at Cosmonic, focusing on harnessing WebAssembly to alleviate the pains of modern software development. Brooks started his software development career with Critical Stack, a Kubernetes container orchestration platform that is now open source. He joined... Read More →
Thursday November 14, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 151
  Security
 
Friday, November 15
 

8:00am MST

Badge Pick-Up
Friday November 15, 2024 8:00am - 4:00pm MST
West Temple Entrance (East)
Friday November 15, 2024 8:00am - 4:00pm MST
West Temple Entrance (East)
  Registration

8:00am MST

Badge Pick-Up
Friday November 15, 2024 8:00am - 4:00pm MST
200 South Entrance (South)
Friday November 15, 2024 8:00am - 4:00pm MST
200 South Entrance (South)
  Registration

9:00am MST

Keynotes To Be Announced
Friday November 15, 2024 9:00am - 10:30am MST
Salt Palace | Level 1 | Hall DE
Friday November 15, 2024 9:00am - 10:30am MST
Salt Palace | Level 1 | Hall DE
  Keynote Sessions

10:30am MST

Coffee Break ☕
Friday November 15, 2024 10:30am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Friday November 15, 2024 10:30am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

10:30am MST

Solutions Showcase
Friday November 15, 2024 10:30am - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Friday November 15, 2024 10:30am - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Solutions Showcase

10:40am MST

Project Pavilion Tour with Aditya Soni, CNCF Ambassador
Friday November 15, 2024 10:40am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Friday November 15, 2024 10:40am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

11:00am MST

Better Together! GPU, TPU and NIC Topological Alignment with DRA - John Belamaric, Google & Patrick Ohly, Intel
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 250
AI/ML workloads on Kubernetes demand ultra-high performance. If your training or multi-GPU inference job spans nodes, your GPUs will use the network, talking through a NIC over local PCIe. But not all NICs are equal! To get the best performance, you need a NIC which is as "close" to the GPU as possible. Unfortunately, the Kubernetes extended resources API does not have enough information and does not give you control over which specific devices are assigned. Dynamic Resource Allocation, the successor API, gives you this power. Come to this session to learn about DRA, how it is improving overall device support in K8s, and how to use it to allocate multiple GPUs, NICs, and TPUs to get the maximum performance out of your infrastructure.
Speakers
avatar for Patrick Ohly

Patrick Ohly

Principal Engineer, Intel
Patrick Ohly is a software engineer at Intel GmbH, Germany. In the past he has worked on performance analysis software for HPC clusters ("Intel Trace Analyzer and Collector") and cluster technology in general (PTP and hardware time stamping). Since January 2009 he has worked for Intel... Read More →
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, co-chair of K8s SIG Architecture and of K8s WG Device Management, helping lead efforts to improve how GPUs, TPUs, NICs and other devices are selected, shared, and configured in Kubernetes. He is also co-founder of Nephio, an LF project for K8s-based automation... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 250
  AI + ML

11:00am MST

Open Source 2.0: The Maintainers' Perspective - William Morgan, Buoyant; Ashley Davis, Venafi; Deepthi Sigireddi, PlanetScale
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 EF
Open source rules the world, and for a good reason: The code is generally better and more secure, bugs are fixed faster, and more. Virtually all modern applications run on it. But the landscape has changed since the early Linux days. Nights and weekends, volunteer-led projects are increasingly rare. Especially in the CNCF landscape, open source is maintained almost exclusively by companies that pursue a strategic goal, and they need a business justification for paying their engineers. So, who writes the code has changed, but the community's expectations — that it should be free — hasn't. While open source will remain free, the companies behind it must find ways to monetize it — whether through support, enterprise editions, or licensing models. Recent changes, including projects like Terraform, Flux, and Linkerd, highlight the need for a paradigm shift. Join this panel to hear from project maintainers why that is and the future they envision.
Speakers
avatar for William Morgan

William Morgan

Linkerd Director, Buoyant CEO, Buoyant
William is a director on the Linkerd project and the co-founder and CEO of Buoyant, the creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, a software engineer at Powerset, Microsoft, and Adap.tv, a research scientist at MITRE. He holds an MS in computer... Read More →
avatar for Ashley Davis

Ashley Davis

Staff Software Engineer, Venafi
As a teenager, Ash taught himself to program after wondering how exactly video games were made. That led to adventures trawling through open source codebases, sparking an interest in computers spanning from bare-metal machine code right up to scalable distributed platforms like Kubernetes... Read More →
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Software Engineer, PlanetScale
Deepthi is the Technical lead for Vitess, a CNCF graduated open source project. She also leads the Vitess engineering team at PlanetScale which offers a database service built on Vitess. She brings over 20 years of experience building scalable systems to this role. She enjoys speaking... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 EF
  Cloud Native Experience
  • Content Experience Level Any

11:00am MST

Securing Outgoing Traffic: Building a Powerful Internet Egress Gateway for Reliable Connectivity - Edie Yang & Akshita Agarwal, Airbnb
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 EF
Concerned about secure and reliable outgoing traffic from your organization's mesh network? With the increasing demand to use external vendor apis for LLMs, along with vulnerabilities like Log4j, the need for preventing data exfiltration and maintaining strong safeguards is critical. But managing access to multiple external domains within the service mesh can be daunting. Discover the secrets behind building a powerful Internet Egress gateway using Istio and Envoy. This enlightening talk unveils a way to define fine-grained access policy to monitor and audit outgoing traffic from your mesh network. Besides, it demonstrates how to build a generic multi-tenant gateway that can be used across heterogeneous services and save years of repeated engineering work. By the end of the talk, attendees will gain an understanding of what an Internet Egress Gateway is, why it is necessary, and how they can configure it for their own services using the open-source Istio/Envoy based solution.
Speakers
avatar for Akshita

Akshita

Senior Software Engineer, Airbnb
Akshita is a Senior Software Engineer at Airbnb working in the Service Mesh team which the handles interservice networking at scale. She currently is focused on designing a secure network edge solution at Airbnb. Previously she worked at Microsoft developing the Nginx Load Balancer... Read More →
avatar for Edie Yang

Edie Yang

Senior Software Engineer, Airbnb
Edie is a Senior Software Engineer at Airbnb on the Cloud Infrastructure team which develops the Service Mesh system that powers the entire Airbnb stack. Edie has been working on developing service mesh API, service migration automation, Google IAP-based ingress gateway and internet... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:00am MST

How We Scale a Distributed SQL Database to 1 PB - Sam Dillard, PingCAP
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom GI
TiDB is a distributed SQL database that we built to solve the scalability problems of traditional SQL databases such as MySQL and PostgreSQL. Using TiDB, users do not need to shard their data across multiple MySQL or PostgreSQL database instances, nor do they need to sacrifice some key database features such as JOIN and transactions. Users only need to add storage nodes and computing nodes to the cluster as needed. However, we also encountered many scalability challenges when building TiKV - the stateful storage layer of TiDB. Challenges such as workload skew issues making it difficult to scale performance, management challenges of millions of dynamic data partitions, latency impact during scaling, interference between different workloads when consolidating multiple workloads into the same cluster, etc. In this talk, I will provide an in-depth look at these challenges and our solutions.
Speakers
avatar for Sam Dillard

Sam Dillard

Principle Engineer, PingCAP
Principal Engineer at PingCAP, TiKV maintainer and committer, RocksDB contributor, the author of "MariaDB Principles and Implementation". Mainly engaged in the design and development of cloud-native large-scale distributed storage systems, data platforms, 10+ years of experience in... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

11:00am MST

Achieving and Maintaining a Healthy CI with Zero Test Flakes - Antonio Ojea, Michelle Shepardson & Benjamin Elder, Google
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 3| 355 BC
In the fast-paced world of software development, a reliable and efficient Continuous Integration pipeline is essential. However, flaky tests can cause delays, frustration, and decreased confidence in the codebase. This session will go deep into the strategies, best practices, and tools that the Kubernetes projects use to eliminate flaky tests and achieve a robust CI pipeline that delivers high-quality software consistently.
Speakers
avatar for Benjamin Elder

Benjamin Elder

Senior Software Engineer, Google
Benjamin Elder is a Senior Software Engineer at Google working on Kubernetes. Ben is a long time contributor to the project since writing kube-proxy's iptables mode for GSoC 2015 and is an elected member of the Kubernetes Steering Committee.
avatar for Michelle Shepardson

Michelle Shepardson

Senior Software Engineer, Google
Michelle is a Senior Software Engineer at Google, with over 10 years of experience in developing tooling and helping engineer productivity. As a member and chair of SIG Testing, they primarily focus on developing TestGrid, a tool for visualizing test results in a grid to track patterns... Read More →
avatar for Antonio Ojea

Antonio Ojea

Software Engineer, Google
Antonio Ojea is a Software Engineer at Google, where he works on Kubernetes. He is one of the top contributors of the Kubernetes project, with a stronger presence on the areas of networking and reliability. He has a vast experience in Open Source, networking and distributed systems... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Testing

11:00am MST

Bloomberg's Journey to Manage Multi-Cluster Training Application with Karmada - Leon Zhou & Yao Weng, Bloomberg
Friday November 15, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Bloomberg provides an on-premises Data Science Platform using cloud-native software to support internal AI model training. It runs on Kubernetes spanning multiple data centers and featuring a diverse range of GPU types. However, managing such a large-scale and heterogeneous GPU environment poses many challenges, such as improving resource utilization, reducing operational costs, and scheduling workloads across different GPU types. In collaboration with the Karmada community, Bloomberg's Data Science Platform team has aimed to tackle these challenges by addressing multi-cluster batch job management problems. This talk will delve into the approaches the team has adopted, including: - Intelligently scheduling GPU workloads across multiple clusters - Using Karmada's resource interpreter to support Custom Resource Definitions (CRDs) on top of a multi-cluster architecture - Building a highly available Karmada control plane - Establishing a consistent training job submission interface
Speakers
avatar for Yao Weng

Yao Weng

Senior Software Engineer, Bloomberg
Yao Weng is a Senior Software Engineer on Bloomberg’s Data Science Platform engineering team. She has contributed extensively to optimizing the company’s Kubernetes environment for high performance compute, model inference, and workflow orchestration. Yao Weng obtained her Ph.D... Read More →
avatar for Leon Zhou

Leon Zhou

Software Engineer, Bloomberg
Leon Zhou is a software engineer on the Data Science Platform engineering team at Bloomberg. With prior NLP experience, he is now building ML platforms to facilitate machine learning development. He is interested in ML infrastructure to enable large-scale training and complex pipelines... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Karmada

11:00am MST

CRI-O Features for Fun and Profit - Peter Hunt & Sohan Kunkerkar, Red Hat
Friday November 15, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Are you a cluster admin looking to be on the cutting edge of Kubernetes features? How about an end-user looking to take full advantage of the capabilities of your cluster? This is the talk for you! Join Sohan Kunkerkar and Peter Hunt as they explore recent features in CRI-O and Kubernetes. They'll cover topics such as native sigstore signature support, running Podman in a Kubernetes pod, using OCI artifacts as a volume, and more. In each, they will highlight potential use cases, pitfalls and common patterns, as well as show how to use each in your cluster. If you're interested in the newest at the intersection of Kubernetes and container runtimes, step right up and learn away!
Speakers
avatar for Peter Hunt

Peter Hunt

Senior Software Engineer, Red Hat
Peter Hunt is a Senior Software Engineer working at Red Hat. Passionate about free software, Peter focuses on maintaining CRI-O, attending SIG node, and ~writing~ squashing bugs. Outside of the virtual world, Peter likes collecting floral-printed pants, gardening, and dancing.
avatar for Sohan Kunkerkar

Sohan Kunkerkar

Senior Software Engineer, Red Hat Inc
Sohan Kunkerkar is a Senior Software Engineer at Red Hat, bringing expertise in distributed systems, backend engineering, and containers. His active contributions extend to CRI-O, a container runtime engine, and various sub-projects within the Kubernetes Sig-Node community. Sohan... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, cri-o

11:00am MST

Discover CNCF TAG Runtime: From AI, WASM, OS, Edge to Workloads in the Heart of Salt Lake City - Stephen Rust, Akamai; Rajas Kakodkar, Broadcom; Danielle Tal, Microsoft; Ricardo Aravena, TruEra
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 3 | 355 EF
In this session, we will cover the following: 1) Overview of CNCF open source projects that enable running cloud native workloads. 2) The latest on the many TAG-Runtime working groups, including topics like: a. The Cloud Native AI working group including how AI can help Cloud Native and Cloud Native enables AI. b. Progress in the WASM, Edge, Batch, CDI, and Special Purpose OS working group. 4) Future trends in cloud-native technologies within the TAG scope. 7) How to get involved, grow in the contributor ladder, and have a say in the runtime related projects that get inducted in the CNCF landscape. Come join us and be a part of the many exciting projects under the TAG-Runtime umbrella! By the end of the session, you'll master the runtime related CNCF landscape, discover the latest developments in the TAG-Runtime working groups, learn how to join the communities of your interest, and dive into open-source project contributions. Be a part of this vital and vibrant CNCF community!
Speakers
avatar for Ricardo Aravena

Ricardo Aravena

Cloud Native Lead, Truera
Ricardo currently works at TruEra as a Cloud Infrastructure Lead helping automate everything with cloud native technologies. He's an open source enthusiast and co-chair of the CNCF TAG-Runtime. He has been working in tech for more than 20 years and comes from a diverse professional... Read More →
avatar for Rajas Kakodkar

Rajas Kakodkar

Senior Member of Technical Staff | Tech Lead TAG Runtime CNCF, Broadcom
Rajas is a senior member of technical staff at Broadcom and a tech lead of the CNCF Technical Advisory Group, Runtime. He is actively involved in the AI working group in the CNCF. He is a Kubernetes contributor and has been a maintainer of the Kube Proxy Next Gen Project. He has also... Read More →
avatar for Danielle Tal

Danielle Tal

PM, Microsoft
Danielle Tal is a Program Manager at Microsoft and an integral part of the team responsible for maintaining Flatcar Container Linux. The team is contributes to Linux OS distributions and Linux Security within Azure and other upstream projects. With a background in supporting diverse... Read More →
avatar for Stephen Rust

Stephen Rust

Principal Architect, Akamai
Stephen Rust is a Principal Architect at Akamai, where he leads Cloud Native architecture within the Akamai Linode Cloud. Stephen has over 20 years of experience in operating systems, storage, and working in open source with containers, Kubernetes, and Cloud Native systems. At Akamai... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Runtime

11:00am MST

Thanos: Intro and Updates - Ben Ye, Amazon Web Services
Friday November 15, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom A
Thanos is a popular open-source, highly available Prometheus setup with long-term storage capabilities. Users trust Thanos with deployments that manage billions of series and years of retention in globe-spanning clusters. In this talk, Thanos maintainer will do a introduction and provide updates for the project.
Speakers
avatar for Ben Ye

Ben Ye

Software Development Engineer, Amazon Web Services
Ben Ye is a software development engineer at AWS. He is a maintainer of Thanos and Cortex, and contributor to many CNCF and Prometheus ecosystem projects, such as Prometheus itself, Prometheus operator, Kubernetes, etc. His interests include observability, distributed systems, storage... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Thanos

11:00am MST

Shopify’s Open Source Approach to Network Monitoring with eBPF, Vector and ClickHouse - Sebastian Rabenhorst & Matt Franklin, Shopify
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom HJ
At Shopify, we’ve successfully implemented a scalable, open-source network monitoring solution for the cloud. In this talk, we will demonstrate how we built a network monitoring solution leveraging eBPF, Vector, ClickHouse, and Grafana. This solution enables us to monitor over 30 million network flow, DNS and other networking-related events per second at the container level for thousands of services across hundreds of Kubernetes clusters in the Shopify Cloud. We will also share the lessons we learned regarding these technologies and provide insights on how you can implement your own purely open-source monitoring solution capable of handling millions of events per second.
Speakers
MF
avatar for Sebastian

Sebastian

Senior Production Engineer, Shopify
Sebastian is a Senior Production Engineer at Shopify mostly working on a Thanos-based monitoring solution as part of the observability team.
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Observability

11:00am MST

The State of Kubernetes Optimization and the Role of AI - James Wilson, nOps; Haoran Qiu, Microsoft; Katie Gamanji, Apple; Jasmine James, Square; Josh Cypher, Sonos
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 BC
Featuring a diverse panel of experts, attendees will hear the latest in Kubernetes optimization. The session will encourage and engage attendees to challenge conventional wisdom and explore innovative approaches to optimization. Participants will leave with actionable knowledge and new perspectives they can apply to their own environments. Topics include: - Valuable insights into the current state of AI in optimization, highlighting both its potential and barriers to adoption - How and when AI can be used for real-time decision-making - Exploring the intersection of sustainability and optimization, emphasizing the importance of visibility in driving sustainable practices - The state of multidimensional pod autoscaling and potential to resolve conflicts between horizontal and vertical autoscaling - How new computing options and tools like Karpenter have the potential to disrupt the bin packing problem - How cloud-native projects can leverage new tools to track efficiencies
Speakers
avatar for Katie Gamanji

Katie Gamanji

Sr Field Engineer, Apple
Katie is a cloud native leader and practitioner, currently in a Senior Field Engineer role at Apple and a TOC for CNCF. As a platform engineer, Katie contributed to Conde Nast and American Express platforms and at CNCF led the End User Community. Katie is the author of the Cloud Native... Read More →
avatar for Haoran Qiu

Haoran Qiu

Research SDE, Microsoft
Haoran Qiu is a Research Software Development Engineer at Microsoft Azure Systems Research. His research interests are in cloud efficiency, ML systems, and applying ML for cloud systems design and operation. Haoran was a recipient of ML and Systems Rising Star by MLCommons in 2023... Read More →
avatar for Jasmine James

Jasmine James

Head of Development Infrastructure, Square
Jasmine James is an engineering leader at Square heading the Development Infrastructure for the Devices Platform overseeing CI Infrastructure, Developer Experience, and Test Rack teams aiming to streamline development and foster continuous feedback. She is passionate about diversity... Read More →
avatar for James Wilson

James Wilson

VP of Engineering, nOps
James has over two decades of experience in tech, with a strong focus in leading engineering teams in building cloud-based solutions. His expertise includes container orchestration, high-speed data transport, and cloud-native architectures. Currently, he leads the engineering team... Read More →
avatar for Josh Cypher

Josh Cypher

Senior DevOps Engineer, Sonos
Josh, a Senior DevOps Engineer at Sonos, has a diverse background in quality assurance and automation. Throughout his career, he has held roles such as tester, backend developer, automation engineer, engineering manager, and head of quality before specializing in DevOps and Kubernetes... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance
  • Content Experience Level Any

11:00am MST

Upgrade Safely: Avoid the Pitfalls of Kubernetes Versioning - Rob Scott, Google
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 BC
Have you ever upgraded a cluster or controller only to realize everything was broken due to some kind of versioning mismatch? Do you remember the pain of upgrading to a new Kubernetes API version like Ingress v1? Do you get a little twinge any time you see a feature or API deprecated in release notes? This is the talk for you. Kubernetes versioning is surprisingly complex and widely misunderstood. This talk will cover all the relevant versioning concepts, from storage versions to feature gates. It will show how they interact with each other, and how you can use this information to safely and confidently upgrade your clusters and controllers. This talk will provide real examples of how versioning mixups can lead to broken clusters and downtime. You’ll learn exactly how you can avoid each of these potential failure modes, and gain some insights into how API and Controller authors are trying to minimize the impact of these kinds of changes in the future.
Speakers
avatar for Rob Scott

Rob Scott

Software Engineer, Google
Rob is an open source enthusiast currently working on Kubernetes Networking at Google. He's been a maintainer of Gateway API since the very early days of the project and led the development of other Kubernetes networking APIs like EndpointSlices.
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 BC
  Operations + Performance

11:00am MST

Platform Engineering in Financial Institutions: The Practitioner Panel - Paula Kennedy, Syntasso; Chris Plank, NatWest Bank; Suhail Patel, Monzo; Jinhong Brejnholt, Saxo Bank; Rachael Wonnacott, Fidelity International
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom BDF
In the world of small and large financial institutions, platform engineering is a driver for shipping quickly, safely, and efficiently. This panel brings together seasoned practitioners from leading banks and financial institutions to share their firsthand platform experiences, successes, and challenges. - Discover how platform engineering can enhance developer experience, facilitate rapid innovation and drive efficiencies. - Delve into the complexities of navigating regulatory compliance, specifically when using open source technologies such as Kubernetes. - Learn from the experts' successes, setbacks and strategies (across technology and people), gaining actionable insights for successful implementation. Join us as we discuss the journey of adopting and deploying CNCF technologies at scale within the highly regulated financial sector. We’ll explore practical examples of both successes and incidents where things have gone wrong, providing the audience with valuable takeaways.
Speakers
avatar for Paula Kennedy

Paula Kennedy

Chief Operating Officer, Syntasso
Paula is Co-Founder & Chief Operating Officer of Syntasso; previous roles include Senior Director at VMware Tanzu, Pivotal and Co-Founder & Chief Operating Officer of CloudCredo. With 20+ years experience in IT, Paula champions community, diversity and inclusion and has a range of... Read More →
avatar for Suhail Patel

Suhail Patel

Senior Staff Engineer, Monzo
Suhail is a Staff Engineer at Monzo focused on building the Core Platform. His role involves building and maintaining Monzo's infrastructure which spans over two thousand microservices and leverages key infrastructure components like Kubernetes, Cassandra, Etcd and more. He focuses... Read More →
avatar for Jinhong Brejnholt

Jinhong Brejnholt

Chief Cloud Architect, Saxo Bank
Jinhong is an accomplished cloud and platform architect, deeply committed to advancing DevSecOps practices and cloud-native technologies. She holds an MSc in Software Development and Technology and is certified as a Kubernetes application developer, administrator, and security specialist... Read More →
avatar for Chris Plank

Chris Plank

Enterprise Architect & Joint Product Owner, NatWest Bank
Chris Plank is a Enterprise Architect working for NatWest Bank in Edinburgh, Scotland. He has been leading a Platform as a Product initiative within the Bank over the last year looking to radically change the Banks approach to provisioning and maintaining services. Outside of work... Read More →
avatar for Rachael Wonnacott

Rachael Wonnacott

Technical Product Owner, Kubernetes Platform, Fidelity International
Rachael has spent the last decade focused on platform engineering. She places a conscious emphasis on improving flow and is on the quest to smooth the application lifecycle for developers in the enterprise. With a background in astrophysics, Rachael brings her scientific approach... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

11:00am MST

Still Don't Do What Charlie Don't Does - Making CRD Changes Safer - Nick Young, Isovalent
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 251
Many Kubernetes installations use controllers that include Custom Resource Definitions (CRDs) to extend their capabilities. However, because CRDs can only have one version installed in a cluster at any one time, version and change management can be very difficult. This talk will benefit both controller implementers and users. For implementers, I have tips on how to more safely make API changes to their CRDs, and for CRD users, some tips on what to look out for when installing CRD updates. All of this is based on using experience from projects like Contour, Gateway API, and Cilium among others. Learn things like: Different CRD version management strategies - what’s worked and what hasn’t How to make schema changes like pluralizing a field or changing field validation in a safe way How not to make the same mistakes I did Expect to come away from this talk having learned from my painful experiences handling CRD changes badly, but also having heard a bunch of Simpsons references.
Speakers
avatar for Nick Young

Nick Young

Senior Software Engineer, Isovalent at Cisco
Nick has been working to prevent the entropic downfall of systems for 25 years, across datacenters, clouds, networking, and others. He's a Staff Engineer at Isovalent, and a maintainer on the Kubernetes Gateway API project, where he works on improving the ingress and mesh experiences... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 251
  Platform Engineering

11:00am MST

Powering Automatic Authorization in Envoy Through Live Traffic Inspection - Dom Del Nano, Pixie core maintainer
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 151
The dynamic nature of today’s environments coupled with the importance of data privacy has made AuthN/Z crucial for safeguarding sensitive data. However, many large scale environments existed before these best practices and tooling were commonplace. Retrofitting systems requires a deep understanding of service to service access patterns and requires significant effort to achieve least privilege access. While service dependencies are often difficult to track, the rise of zero instrumentation Observability tools has eased access to this data, providing a potential baseline for AuthZ rules. Projects such as CNCF Pixie and Hubble expose language agnostic protocol traces providing full visibility of their environments. Pixie even supplies access to the span payloads making L7 analysis possible. In this talk, we present a case study of using Pixie to generate OPA policies for Envoy AuthZ using real traffic. This approach provides a starting point for scoping permissions on a L7 basis.
Speakers
avatar for Dom Del Nano

Dom Del Nano

Dom Delnano, Pixie core maintainer
Dom is a Principal Software Engineer at New Relic working on the Pixie open source project, which provides observability to Kubernetes applications through eBPF based auto instrumentation. Prior to his full time work on Pixie, Dom was at Twitter scaling its internally developed time... Read More →
Friday November 15, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 151
  Security

11:00am MST

Tutorial: OpenTelemetry Hands-on - Automatic and Manual Instrumentation for Java and Python Apps - Matthias Haeussler, Novatec Consulting GmbH & Tiffany Jernigan, Independent
Friday November 15, 2024 11:00am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
In today's software landscape - in the cloud-native one in particular - observability has become a critical aspect of ensuring the performance, reliability, and security of applications. OpenTelemetry, a standard and OSS observability framework, provides a unified way to collect and export telemetry data from applications and services. This tutorial will guide participants through the process of using OpenTelemetry to instrument a simple application, collect metrics, traces, and logs, and send them to various backends for analysis. It covers the implementation and usage of OpenTelemetry into Python and Java-based applications. The exercises include: the instrumentation of a polyglot microservice application, auto vs. manual instrumentation, evaluating the collected traces, logs and metrics, configuring a collector, analysing the results in Jaeger and Prometheus. This tutorial is made for everyone seeking a pragmatic understanding of OpenTelemetry's immediate benefits.
Speakers
avatar for Matthias Haeussler

Matthias Haeussler

Chief Technologist, Novatec Consulting GmbH
Matthias Haeussler is Chief Technologist at Novatec Consulting, university lecturer for distributed systems, awarded ambassador of Cloud Foundry and the organizer of the Stuttgart Cloud Foundry Meetup. He advises clients on Cloud strategies and supports implementations and migrations... Read More →
avatar for Tiffany Jernigan

Tiffany Jernigan

Developer Advocate, www.tiffanyfay.dev
Tiffany is a seasoned technologist and content creator in the Cloud Native space. She most recently was a senior developer advocate at VMware. She also formerly worked as a software developer and developer advocate at Amazon, Docker, and Intel. Prior to that, she graduated from Georgia... Read More →
Friday November 15, 2024 11:00am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, Observability

11:00am MST

🚨 Contribfest: Kyverno: Lets Build Together!
Friday November 15, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 D
Come meet the Kyverno maintainers and community for an hands-on, interactive, workshop and session where we deep dive into the Kyverno project. Kyverno is a cloud native policy as code solution that elegantly solves critical challenges across security, automation, and compliance. You will learn about Kyverno’s architecture, the role of each component, how to try Kyverno, and set up your environment to contribute to the project. This hands-on session will be led by Kyverno maintainers and organized so that both developers as well as non-developers can learn, explore, and contribute!
Speakers
avatar for Chip Zoller

Chip Zoller

Product Manager, Kubecost
Chip Zoller is a technologist, maintainer, and contributor to the Kyverno project where his primary focus is on process, enablement, documentation, automation, policy design and authoring, and community. He is a maintainer and contributor to several other open source projects in the... Read More →
Friday November 15, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 D
  🚨 Contribfest

11:00am MST

🚨 Contribfest: Making SlimToolkit XRAY Even Easier to Use: Building a Terminal UI
Friday November 15, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 A
SlimToolkit has an interactive prompt mode that makes it easy to pick the right flags and values you'd need to configure the tool commands that let you inspect, minify and debug your containers. The interactive prompt mode helps you only with the setup part of the command execution. The command output is still the same CLI text output and it can be improved by presenting the output in a more tabular and a more interactive way. The "XRAY" command in SlimToolkit is a great candidate for this enhancement. The command output gives you a lot of information about the target image including what's inside including the files inside. Let's build a TUI to make it easy navigate the container file system and the discovered metadata. No low level SlimToolkit or container technology domain is necessary. You only need to know basic Go and you need to be open to learning a few of TUI Go libraries (e.g., Bubble Tea, Bubbles and Lip Gloss)
Speakers
avatar for Kyle Quest

Kyle Quest

Founder, AutonomousPlane
Kyle is the creator of DockerSlim, a popular tool to inspect, minify and debug containers. He's the founder/CEO of AutonomousPlane & he's also the founder/CTO of Slim.AI. He's building an autopilot to fix vulnerabilities in application dependencies. Kyle has been building applications... Read More →
Friday November 15, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 A
  🚨 Contribfest

11:55am MST

Building Massive-Scale Generative AI Services with Kubernetes and Open Source - John McBride, OpenSauced
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 250
At OpenSauced, we power over 40,000 generative AI inferences every day, all through our in-house platform ontop of Kubernetes. The cost of doing this kind of at-scale AI inference with a third party provider API would be astronomic. Thankfully, using Kubernetes, the public cloud, and open-source technologies, we've been able to scale with relatively low costs and a lean stack. In this talk, John will walk through the journey of building a production grade generative AI system using open source technologies, open large language models, and Kubernetes. We'll also explore why we chose to build ontop of Kubernetes for our AI workloads over using a third party provider, and how we're running and managing our AI/ML clusters today. Additionally, we'll dive into the techniques we used to groom our Retrieval-Augmented-Generation pipelines for efficiency ontop of Kubernetes and other practical tips for deploying your own AI services at-scale.
Speakers
avatar for John McBride

John McBride

Sr. Software Engineer, OpenSauced
John is a Sr. Software Engineer at OpenSauced where he also serves as Head of Infrastructure and AI engineer. He is the maintainer of spf13/cobra, the Go CLI bootstrapping library used throughout the CNCF landscape. In the past, he has worked on open source Kuberenetes platforms... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 250
  AI + ML
  • Content Experience Level Any

11:55am MST

Improving Service Availability: Scaling Ahead with Machine Learning for HPA Optimization - Avni Sharma & Estela Ramirez, Intuit
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Hall DE
In this talk, we will explore employing machine learning (ML) algorithms to enhance the Kubernetes autoscaling capabilities beyond the traditional, reactive horizontal pod autoscaler (HPA). Attendees will be introduced to how to leverage recommendation algorithms to predict future load and usage patterns, allowing for smarter, proactive scaling decisions. This approach not only ensures high availability and responsiveness of applications but also offers a pathway to substantial cost optimizations by preventing over-provisioning and minimizing resource wastage.
Speakers
avatar for Avni Sharma

Avni Sharma

Product Manager, Intuit
Avni is a Product Manager at Intuit, working on Intuit’s Modern SaaS Kubernetes platform. She also worked on ArgoCD as a PM. Avni is passionate about Developer tooling and strives to make developers' life easier by delivering them delightful experiences. She is also an Open Source... Read More →
avatar for Estela Ramirez

Estela Ramirez

Software Engineer, Intuit Kubernetes Service, Intuit
Estela is a Software Engineer at Intuit focusing on Intuit Kubernetes Developer Platform. She works on abstracting the autoscaling for developers.
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

11:55am MST

Accessibility at KubeCon: Deaf Voices in Cloud Native - Rob Koch, Slalom Build; Jay Jackson, CallRevu; Destiny O'Connor, Women Blessing Women; Anastasiia Gubska, BT Group; Travis Johnson, Convo Communications
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Never met a deaf person at a conference? That is not surprising. While there are lots of deaf engineers, until recently, most conferences — and virtually any other community activity — haven't been accessible to deaf community members. But for KubeCon, that all changed exactly a year ago! During this discussion, deaf panelists from various countries will shed light on their unique experiences being deaf in tech and the impact that making KubeCon accessible has had on their lives and hopes for the future. Attendees will learn why the technology space is a great fit for deaf individuals, the benefits and opportunities deaf professionals bring to the table, and what it takes to be an accessible and welcoming community. Panelists will also debunk common misconceptions and empower *you* to take steps toward a more inclusive cloud native ecosystem.
Speakers
avatar for Anastasiia Gubska

Anastasiia Gubska

SRE/DevOps Engineer, BT Group
Anastasiia Gubska, a Deaf SRE/DevOps Engineer at BT Group, develops and implements best practices for software delivery at the UK-based multinational telecommunications company. Passionate about discovering new communities and embracing diverse cultures, Anastasiia is an active member... Read More →
avatar for Travis Johnson

Travis Johnson

Level 3 Engineer, Convo Communications
A Linux aficionado, Travis Johnson is a deaf Level 3 Engineer with 10+ years of experience in the VoIP industry, where he has gained deep knowledge of networking and scripting. A firm believer in lifetime learning, Travis continuously acquires new skills and certifications. Off work... Read More →
avatar for Rob Koch

Rob Koch

Principal, Slalom Build
A tech enthusiast who thrives on steering projects from their initial spark to successful fruition, Rob Koch is Principal at Slalom Build, AWS Hero, and Co-chair of the CNCF Deaf and Hard of Hearing Working Group. His expertise in architecting event-driven systems is firmly rooted... Read More →
avatar for Destiny O'Connor

Destiny O'Connor

Co-Chair CNCF Deaf and Hard of Hearing WG, Web Developer, Women Blessing Women
As Co-Chair of the CNCF Deaf and Hard of Hearing Working Group, where I channel my passion for creating a more inclusive tech world for deaf and hard-of-hearing individuals. My mission is to educate the tech community about the unique challenges and experiences of being deaf in this... Read More →
avatar for Jay Jackson

Jay Jackson

Senior Software Engineer, CallRevu
Jay Jackson, a Senior Software Engineer at CallRevu, brings over 2 decades of experience in the tech industry. Jay has navigated this tech journey as a deaf individual, with American Sign Language (ASL) as his primary mode of communication and is passionate about exploring ways to... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Cloud Native Experience
  • Content Experience Level Any

11:55am MST

Public Technical Oversight Committee (TOC) Meeting - Moderated by Chris Aniszczyk, CTO, The Linux Foundation
Friday November 15, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
This session is a panel discussion moderated by Chris Aniszczyk with members of the Technical Oversight Committee. Feel free to come with questions, but we'll be doing an overview of the Technical Oversight Committee's governance structure, scope, mission and processes.

To learn more about the TOC, visit https://github.com/cncf/toc
Speakers
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO, CNCF
Chris Aniszczyk is an open source executive and engineer with a passion for building a better world through open collaboration. He's currently a CTO at the Linux Foundation focused on developer relations and running the Open Container Initiative (OCI) / Cloud Native Computing Foundation... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Cloud Native Experience

11:55am MST

Introduction to Distributed ML Workloads with Ray on Kubernetes - Mofi Rahman & Abdel Sghiouar, Google
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 EF
The rapidly evolving landscape of Machine Learning and Large Language Models demands efficient scalable ways to run distributed workloads to train, fine-tune and serve models. Ray is an Open Source framework that simplifies distributed machine learning, and Kubernetes streamlines deployment. In this introductory talk, we'll uncover how to combine Ray and Kubernetes for your ML projects. You will learn about: - Basic Ray concepts (actors, tasks) and their relevance to ML - Setting up a simple Ray cluster within Kubernetes - Running your first distributed ML training job
Speakers
avatar for Abdel Sghiouar

Abdel Sghiouar

Developer Relations Engineer, Google
Abdel Sghiouar is a senior Cloud Developer Advocate @Google Cloud. A co-host of the Kubernetes Podcast by Google and a CNCF Ambassador. His focused areas are GKE/Kubernetes, Service Mesh and Serverless.
avatar for Mofi Rahman

Mofi Rahman

Developer Relations Engineer, Google
Mofizur Rahman (@moficodes) is a Developer Advocate at Google. His favorite programming language these days is Go. He is a strong believer of the power of open source and importance of giving back to the community. He is a self proclaimed sticker collecting addict and has collected... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 EF
  Cloud Native Novice

11:55am MST

Seeing Double? Implementing Multicast with eBPF and Cilium - Louis DeLosSantos, Isovalent at Cisco
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 EF
Multicast is a popular networking technology used in finance, telecommunications, and media CDNs, among others to efficiently replicate and deliver data streams to multiple clients. However, this advantage can be overshadowed by the complexity involved in configuring the necessary infrastructure leaving the overworked platform team rather than the end users seeing double. To combat this complexity, Cilium explored using eBPF to implement pod-to-pod multicast delivery within a Kubernetes cluster. This talk will provide both a high and low level understanding of how eBPF can be used to implement multicast delivery. It will discuss how Cilium’s multicast works and the hurdles faced by the project along the way. By the end of this talk the audience will have a better understanding of how multicast functions, how eBPF can be used in-place of traditional multicast infrastructure, and how Cilium can be used as a multicast-enabled CNI, letting your audience - and not you- see double.
Speakers
avatar for Louis De Los Santos

Louis De Los Santos

Louis DeLosSantos, Isovalent at Cisco
Louis DeLosSantos is a multi-disciplined technologist who has worn network, systems, and software engineer hats at various times. Presently he works at Isovalent at Cisco where he focuses on Linux Kernel networking and implementing eBPF datapath networking solutions.
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:55am MST

Kubernetes on Multisites – A Story About Stateful App, Hybrid Clouds, and High Availability - Florian Coulombel, Dell Technologies & Jan Šafránek, Red Hat
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
The day has come! Kubernetes has won the hearts and minds of your leadership and entire organizations, and everyone wants to benefit. Projects are launched to migrate legacy apps, run proprietary systems, and even use virtual machines in your Kubernetes infrastructure! But wait a minute. VMs and good' ol RDBMS are not microservices developed with 12 factors in mind where data is either hosted on an external service or replicated by the application. How are we going to warranty the availability of these applications and systems? Do I need to do a backup of these things? What if my business is fragmented across edge, on-prem, and public clouds? Members from SIG Storage will guide you through the options to compose with, including the latest CSI features, Kubernetes architecture design, and even hardware solutions. We will evaluate the benefits to consider and the pitfalls to avoid when implementing stateful workloads in Kubernetes on multiple sites.
Speakers
avatar for Jan

Jan

Software Engineer, Red Hat
Jan is a Senior Principal Software Engineer at Red Hat working on storage aspects of Kubernetes. He started developing Kubernetes more than 8 years ago, and is one of the founding members of SIG-Storage. He’s the author of PersistentVolume controller, dynamic provisioning and StorageClass... Read More →
avatar for Florian Coulombel

Florian Coulombel

Senior Software Engineer, Dell Technologies
Father of 2, living in France. Nerd since 1996 when Quake alpha version leaked, Linux user since 2001, Kubernetes enthusiast since 2016, member of Kubernetes SIG Storage since 2023.
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

11:55am MST

Crossplane Intro and Deep Dive - The Cloud Native Control Plane Framework - Jared Watts, Upbound
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3 | 355 EF
The maintainers of Crossplane, a CNCF Incubating project, will lead this session that will introduce the project to new attendees, as well as dive deeper into details of Crossplane’s latest features and releases. There is always something new to show off at Kubecon! We will start with the basics on how Crossplane enables you to compose cloud infrastructure and services into custom platform APIs, and accelerate the journey of folks new to Crossplane to build a control plane of their own. Then we will take a detailed tour through the key features from the latest releases and how to adopt them into your platforms, including high level metrics, change logs, claim errors/status, and more! Finally, there will be an interactive opportunity to engage with the maintainers, ask questions, and influence the future of the project direction.
Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by enabling anyone to build their own cloud platform. He is also a co-creator of the open source Crossplane (https://crossplane.io) and Rook (https://rook.io) projects. Prior to... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Crossplane

11:55am MST

WG Serving: Accelerating AI/ML Inference Workloads on Kubernetes - Eduardo Arango Gutierrez, NVIDIA & Yuan Tang, Red Hat
Friday November 15, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
The emergence of Generative AI (GenAI) has introduced new challenges and demands in AI/ML inference, necessitating advanced solutions for efficient serving infrastructures. The recently created Kubernetes Working Group Serving (WG Serving) is dedicated to enhancing serving workload on K8s, especially for hardware-accelerated AI/ML inference. This group prioritizes compute-intensive inference scenarios using specialized accelerators, benefiting various serving workloads such as web services and stateful databases. This session will dive into WG Serving's initiatives and workstreams. We will spotlight discussions and advancements in each workstream. We are also actively looking for feedback and partnership with model server authors and other practitioners who want to utilize powers of K8s for their serving workloads. Join us to gain insight into our work and learn how to contribute to advancing AI/ML inference on K8s.
Speakers
avatar for Yuan Tang

Yuan Tang

Principal Software Engineer, Red Hat
Yuan is a principal software engineer at Red Hat, working on OpenShift AI. Previously, he has led AI infrastructure and platform teams at various companies. He holds leadership positions in open source projects, including Argo, Kubeflow, and Kubernetes. He's also a maintainer and... Read More →
avatar for Eduardo Arango Gutierez DE

Eduardo Arango Gutierez DE

Senior systems software engineer, NVIDIA
Eduardo is a Senior Systems Software Engineer at NVIDIA, working on the Cloud Native Technologies team. Eduardo has focused on enabling users to build and deploy containers on distributed environments.
Friday November 15, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, Serving

11:55am MST

What's New in Operator Framework?! - Bryce Palmer, Rashmi Gottipati & Lalatendu Mohanty, Red Hat; Attila Meszaros, Apple
Friday November 15, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
The Operator Framework has gone through a lot of change in the last year! Interested in the current state of Operator Lifecycle Manager (OLM)? Join us as we highlight the OLM v1.0.0 roadmap, current progress, plans beyond v1.0.0 (helm support?!), and the core tenets behind the OLM v1 design. Want to know what’s new with the Java Operator SDK? Stop by to learn what’s coming up in Java Operator SDK v5. Curious about what is happening with the Operator-SDK? Swing in for an update on the current state of the Operator-SDK and future plans.
Speakers
avatar for Attila Meszaros

Attila Meszaros

Senior Software Engineer, Apple
For more than ten years I was designing and implementing software solutions, architectures and services and related tooling. Then I spent a few years focusing more on building platforms on top of Kubernetes in some excellent platform teams. I'm one of the creators and currently full... Read More →
avatar for Lalatendu Mohanty

Lalatendu Mohanty

Principal Software Engineer at Red Hat, Red Hat
I am a free software enthusiast and advocate. I have been contributing to open source or free software for more than 12 years now.
avatar for Bryce Palmer

Bryce Palmer

Senior Software Engineer, Red Hat
Software engineer passionate about building developer tooling in the cloud native space.
avatar for Rashmi Gottipati

Rashmi Gottipati

Senior Software Engineer, Red Hat
Rashmi joined Red Hat in 2020 as a Senior Software Engineer. Since then she has been a part of Operator SDK, and has been an active maintainer of the Operator-Framework project. Currently, her focus lies in the next major iteration of Operator Lifecycle Manager, which provides APIs... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Operator Framework

11:55am MST

Working Together to Improve Security Visibility in Kubernetes - Rita Zhang & Jeremy Rickard, Microsoft
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 BC
Ensuring the security of Kubernetes is a team sport. When a CVE is reported to the SRC for Kubernetes, a process is kicked off that involves a lot of coordination between SRC, contributors from different SIGs, and SIG Release, ultimately resulting in new Kubernetes Releases. Once released, an automatic CVE feed provides a programmatic way to understand the security of the releases. For other security issues, like dependency vulnerabilities and false positives, it isn’t quite as easy to get a full picture. SIG Security, SIG Release, and SRC are working to make this better and in this session we will share more about how things work today and what we plan to do in the future to improve the security visibility of the releases and artifacts produced by the project!
Speakers
avatar for Jeremy Rickard

Jeremy Rickard

Principal Software Engineer, Microsoft
Jeremy Rickard is a principal software engineer at Microsoft where he works on the Azure Container Upstream team. He is currently a co-chair for SIG Release and serves on both the CNCF and the Kubernetes Code of Conduct Committees. He was also the Kubernetes 1.20 Release Lead.
avatar for Rita Zhang

Rita Zhang

Principal software engineer, Kubernetes SIG Auth co-chair, Security Response Committee, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco bay area. She leads the Azure Container Upstream team of maintainers and contributors building features for Kubernetes upstream, CNCF projects, and for Azure Kubernetes Service. She is a Kubernetes sig-auth... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Security

11:55am MST

Strategies for Mitigating Performance Interference in Cloud-Native Systems - Jonathan Perry, Startup
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 BC
In cloud-native environments, application performance often degrades due to contention over shared resources such as CPU caches and memory bandwidth. Current container technologies lack mechanisms to isolate these resources, which compels operators to maintain low utilization by scaling out their deployments. This session explores strategies used by hyperscalers like Google, Microsoft, Facebook, and Alibaba to mitigate such performance interference. We will review their published methodologies, extracting key principles that could guide the development of a Kubernetes-native performance isolator. Participants will gain insights into the design trade-offs and operational impacts of these tools. Additionally, we will discuss integration strategies for deploying such isolators in existing Kubernetes environments, aiming to optimize resource utilization while preserving application performance.
Speakers
avatar for Jonathan Perry

Jonathan Perry

Founder, State-fu
Jonathan Perry is a maintainer of the OpenTelemetry eBPF network collector. His PhD research at MIT CSAIL focused on performance isolation in datacenter and cloud networks, aiming to enhance network efficiency and reduce latency. Jonathan founded Flowmill, where he developed eBPF-based... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

11:55am MST

What Containerd 2.0 Means for You - Samuel Karp, Google
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 BC
containerd 2.0 is the first major new version of containerd since 1.0.0 was released in 2017. This new version of containerd introduces new features, new extension points, and new backends for image operations and CRI with the goal of increased flexibility and better efficiency for certain types of workloads. containerd 2.0 also removes some previously-deprecated features in favor of modern replacements. This talk will discuss how to prepare for containerd 2.0 in your production environments, including strategies for incorporating containerd 2.0's new functionality and detecting/remediating any impact of removed features prior to upgrading.
Speakers
avatar for Samuel Karp

Samuel Karp

Staff Software Engineer, Google
Samuel Karp is a containerd maintainer and a Staff Software Engineer at Google, focused on the container runtime for Google Kubernetes Engine. Sam has been involved in the container ecosystem since 2014 and serves as the Chair of the Open Container Initiative's Technical Oversight... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 BC
  Operations + Performance

11:55am MST

Kubernetes Upgrades: Less Pain, More Gain (and Maybe a Little Swearing) - Jago Macleod, Google
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Kubernetes upgrades are a major pain point for many users, often due to the complexity of managing multiple, independently versioned components. This talk will delve into the strategies and best practices for minimizing disruption and maximizing success during Kubernetes upgrades. We'll explore: - Common pitfalls and challenges faced during upgrades - Practical tips for smoother, more reliable upgrade processes - The risks of relying solely on Long Term Support (LTS) versions - Improving upgrade reliability for all Kubernetes users, regardless of their chosen platform Led by the head of both OSS Kubernetes and GKE Release and Upgrades at Google, this talk will provide valuable insights and actionable advice for anyone looking to create a sustainable and successful upgrade strategy. Whether you're a seasoned Kubernetes veteran or just getting started, this session will equip you with the knowledge and tools to navigate the complex landscape of Kubernetes upgrades.
Speakers
avatar for Jago Macleod

Jago Macleod

Engineering Director, Google
Jago Macleod is an Engineering Director at Google, where he leads much of the Kubernetes and Google Kubernetes Engine (GKE) team, which gives him the opportunity to work with some of Google Cloud’s largest customers. Prior to working at Google, Jago helped make the smart homes that... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

11:55am MST

Share the Ride: Robust Multi-Tenancy in Kubernetes at Uber - Sashank Appireddy & Apoorva Jindal, Uber
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 251
Multi-tenancy in Kubernetes involves the coexistence of multiple users or teams (tenants) on a single Kubernetes cluster while ensuring isolation, security, and performance. Our use cases at Uber span from scenarios with disruptive neighbors to those with large container sizes, specialized hardware, sticky placement preferences, and dynamic resource scaling demands, necessitating robust isolation measures. In this proposal, we present a comprehensive exploration of multi-tenancy in Kubernetes, covering strategies, the challenges we have faced and the effective solutions implemented to overcome them at Uber. Further, we will deep dive into the key aspects of building and managing multi-tenant Kubernetes clusters, by establishing strong tenant boundaries leveraging the ideas around node pools and tightly integrating with namespaces.
Speakers
avatar for Apoorva Jindal

Apoorva Jindal

Senior Staff Software Engineer, Uber Inc
Apoorva Jindal is working as Senior Staff Software Engineer at Uber. At Uber, he leads the Compute platform which powers all stateless and batch containerized workloads at Uber.
avatar for Sashank Reddy

Sashank Reddy

Staff Software Engineer, Uber Technologies Inc
I am software engineer with over a decade of experience specializing in containerization and distributed systems. As a Staff Software Engineer in the container platform team at Uber Technologies Inc, I lead the design, development and deployment of scalable multi-tenant architecture... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 251
  Platform Engineering

11:55am MST

Rogue No More: Securing Kubernetes with Node-Specific Restrictions - Anish Ramasekar, Microsoft & James Munnelly, Apple
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 151
Did you know that a component running across multiple nodes, such as in a daemonset, intended to perform node-specific actions, can pose a significant security risk? If any node the component is running on goes rogue, it can lead to attacks on the cluster, or even worse, a complete takeover of it. What if we could restrict the component's ability to write resources only to those belonging to the node it is running on to prevent such escalation attacks? In this talk, Anish and James will introduce new Kubernetes security enhancements to bound service account tokens, which can be used with validating admission policies to enforce per-node restrictions on service accounts. This session will provide you with practical implementation guidelines and show you how these enhancements can mitigate risks and protect your infrastructure with robust node isolation.
Speakers
avatar for James Munnelly

James Munnelly

Staff Field Engineer, Apple
James Munnelly is a Field Engineer at Apple, helping customers adopt and adapt Kubernetes, and driving adoption of OSS cloud native technologies. James is also the founder of the cert-manager project, a Kubernetes extension for managing x509 certificates. He's an active member of... Read More →
avatar for Anish Ramasekar

Anish Ramasekar

Principal Software Engineer, Microsoft
Anish Ramasekar is a software engineer at Microsoft. He is on the Azure Container Upstream team building features for Kubernetes upstream and various CNCF projects that are part of the Azure Kubernetes Service. Anish is a maintainer of the Secrets Store CSI Driver project.
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 151
  Security

12:30pm MST

Project Pavilion Tour with Seema Saharan, CNCF Ambassador
Friday November 15, 2024 12:30pm - 12:50pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Friday November 15, 2024 12:30pm - 12:50pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Project Opportunties

12:30pm MST

Lunch 🍲
Friday November 15, 2024 12:30pm - 2:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Friday November 15, 2024 12:30pm - 2:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  Breaks

2:00pm MST

Bloomberg’s Journey to Improve Resource Utilization in a Multi-Cluster Platform - Yao Weng & Leon Zhou, Bloomberg
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 250
Bloomberg provides an on-premises Data Science Platform (DSP) using cloud-native software to support internal AI model training. It runs on Kubernetes clusters spanning multiple data centers and featuring a diverse range of GPU types. However, managing such a large-scale and heterogeneous GPU environment poses many challenges, such as improving resource utilization, reducing operational costs, and scheduling workloads across different GPU types. In collaboration with the Karmada community, Bloomberg's DSP team has aimed to tackle these challenges by addressing multi-cluster batch job management problems. This talk will delve into the approaches the team has adopted, including: - Intelligently scheduling GPU workloads across multiple clusters - Using Karmada's resource interpreter to support Kubernetes Custom Resource Definitions (CRDs) on top of a multi-cluster architecture - Building a highly available Karmada control plane - Establishing a consistent training job submission interface
Speakers
avatar for Leon Zhou

Leon Zhou

Software Engineer, Bloomberg
Leon Zhou is a software engineer on the Data Science Platform engineering team at Bloomberg. With prior NLP experience, he is now building ML platforms to facilitate machine learning development. He is interested in ML infrastructure to enable large-scale training and complex pipelines... Read More →
avatar for Yao Weng

Yao Weng

Senior Software Engineer, Bloomberg
Yao Weng is a Senior Software Engineer on Bloomberg’s Data Science Platform engineering team. She has contributed extensively to optimizing the company’s Kubernetes environment for high performance compute, model inference, and workflow orchestration. Yao Weng obtained her Ph.D... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 250
  AI + ML

2:00pm MST

From Vectors to Pods: Integrating AI with Cloud Native - Rajas Kakodkar, Broadcom; Kevin Klues, NVIDIA; Joseph Sandoval, Adobe; Ricardo Rocha, CERN; Cathy Zhang, Intel
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Hall DE
The rise of AI is challenging long-standing assumptions about running cloud native workloads. AI demands hardware accelerators, vast data, efficient scheduling and exceptional scalability. Although Kubernetes remains the de facto choice, feedback from end users and collaboration with researchers and academia are essential to drive innovation, address gaps and integrate AI in cloud native. This panel features end users, AI infra researchers and leads of the CNCF AI and Kubernetes device management working groups focussed on: - Expanding beyond LLMs to explore AI for cloud native workload management, memory usage and debugging - Challenges with scheduling and scaling of AI workloads from the end user perspective - OSS Projects and innovation in AI and cloud native in the CNCF landscape - Improving resource utilisation and performance of AI workloads The next decade of Kubernetes will be shaped by AI. We don’t yet know what this will look like, come join us to discover it together.
Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Lead Platforms Infrastructure, CERN
Ricardo leads the Platform Infrastructure team at CERN with a strong focus on cloud native deployments and machine learning. He has led for several years the internal effort to transition services and workloads to use cloud native technologies, as well as dissemination and training... Read More →
avatar for Kevin Klues

Kevin Klues

Distinguished Engineer, NVIDIA
Kevin Klues is a distinguished engineer on the NVIDIA Cloud Native team. Kevin has been involved in the design and implementation of a number of Kubernetes technologies, including the Topology Manager, the Kubernetes stack for Multi-Instance GPUs, and Dynamic Resource Allocation (DRA... Read More →
avatar for Joseph Sandoval

Joseph Sandoval

Principal Product Manager, Adobe Inc.
Joseph Sandoval, a seasoned tech expert with 25 years in various roles running distributed systems, infrastructure platforms and thrives on empowering developers to scale their applications. An advocate for OpenSource software, he harnesses its transformative power to champion change... Read More →
avatar for Cathy Zhang

Cathy Zhang

senior principal engineer, Intel
As a member of the CNCF TOC, Cathy has been sponsoring and guiding projects' applications for graduation/incubating, and reviewing/approving new sandbox projects. She has been a committee member for several KubeCon. Cathy is a currently Senior Principal Engineer at Intel, leading... Read More →
avatar for Rajas Kakodkar

Rajas Kakodkar

Senior Member of Technical Staff | Tech Lead TAG Runtime CNCF, Broadcom
Rajas is a senior member of technical staff at Broadcom and a tech lead of the CNCF Technical Advisory Group, Runtime. He is actively involved in the AI working group in the CNCF. He is a Kubernetes contributor and has been a maintainer of the Kube Proxy Next Gen Project. He has also... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML
  • Content Experience Level Any

2:00pm MST

Can You Put a Price Tag on Open Source? - Mario Fahlandt, Kubermatic & Bob Killen, CNCF
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Earlier this year, the Harvard Business School released the paper titled “The Value of Open Source Software,” estimating the worldwide value of OSS at 8.8 trillion, and on average, it would cost companies at least 3.5x more to develop similar projects internally. Yet, many organizations and engineers struggle to understand or realize this kind of value from contributing to these projects. In this talk, Bob and Mario will discuss the many benefits individuals and companies can achieve by contributing to open source and guide you through the first steps to becoming a contributor. They will also cover how to develop a lightweight open source strategy and convince your organization that an open source first approach can yield great returns.
Speakers
avatar for Mario Fahlandt

Mario Fahlandt

Service Delivery Architect, Kubermatic
Mario is working as a Customer Delivery Architect @Kubermatic with the focus on planning and building concepts and architecture for Infrastructure in the cloud native world.He started the GDG Munich for Cloud and became a GDE in 2019. In the Kubernetes project he is involved in SIG-ContribEx... Read More →
avatar for Bob Killen

Bob Killen

Senior Technical Program Manager, CNCF
Bob is a Program Manager at the Google Open Source Programs Office with a focus on Cloud Native computing. He serves the Kubernetes project as a Steering Committee member and chair of the Contributor Experience SIG. Bob comes from an academic background, spending 15 years at the University... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Cloud Native Experience
  • Content Experience Level Any

2:00pm MST

Testing Kubernetes Without Kubernetes: A Networking Deep Dive - John Howard, Solo.io
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | 155 EF
There are few things more tedious than waiting for a long end-to-end test to run. Waiting for a new cluster to spin up, images to build and push - not to mention things like debugging or running on slow internet connections. Unfortunately, these complex setups are hard to avoid, especially if we are testing things deeply integrated into Kubernetes networking, such as CNIs, kube-proxy, services meshes, and more. It doesn't have to be this way! In this talk, I will give a deep dive on how we built out our testing strategy for our Kubernetes networking proxy to not really depend on Kubernetes (or docker, or root). In doing so, I will not only offer a glimpse behind the scenes of Istio development, but also give viewers a deeper understand of how the fundamentals of Kubernetes (Linux primitives like namespaces) work, and how they can be effectively used to improve tests in the Istio ecosystem and beyond.
Speakers
avatar for John Howard

John Howard

John Howard, Solo.io
John Howard is a Senior Architect at Solo.io and Istio Technical Oversight Committee member.
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

2:00pm MST

Object Storage Is All You Need - Justin Cormack, Docker
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Grand Ballroom GI
When Jeff Bezos commissioned Amazon S3 he called it "malloc for the web"; since then many people have considered cloud object storage to be a weird kind of non Posix filesystem, but also a great backing store for websites or storing lots of data. Recently more and more applications are being built with object storage as the entire persistence layer. This started with analytics databases such as Snowflake and Databricks, and the open source Delta Lake and Apache Iceberg projects. More recently the use is spreading to even more applications, from observability to streaming data and more. In this talk we look at why it is becoming so popular, the benefits, downsides and performance characteristics, and how and when to use it effectively.
Speakers
avatar for Justin Cormack

Justin Cormack

CTO, Docker
Justin is the CTO of Docker, recently a member of the CNCF TOC, and has been working in the container ecosystem and in supply chain security for many years.
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

2:00pm MST

Faster Containerized LLM Serving via Knowledge Sharing - Junchen Jiang, University of Chicago & Zhou Sun, Mooncake Labs
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 255 EF
Imagine once an LLM learns something from a document, the knowledge can be instantly shared with other LLMs. Unfortunately, today, LLMs must read the same document multiple times, causing a significant slowdown. This session will introduce a new KNOWLEDGE-SHARING system that enables LLMs to share their digested knowledge, in the form of KV caches, so only one LLM needs to process each document. The key challenge is how to store the KV caches cheaply and serve them quickly. Instead of keeping the KV caches of all reusable chunks in GPU/CPU memory, we show a DEMO that with careful implementation on Kubernetes, storing them on cheaper devices is not only economically superior but also delivers significant reductions in LLM serving delay, especially the time to the first token.
Speakers
avatar for Junchen Jiang

Junchen Jiang

Professor, University of Chicago
Junchen Jiang is an Assistant Professor of Computer Science at the University of Chicago. He works at the intersections between networked systems and machine learning. He received his Ph.D. from CMU in 2017 and his bachelor’s degree from Tsinghua in 2011. He has received a Google... Read More →
avatar for Zhou Sun

Zhou Sun

CEO, Mooncake Labs
Mooncake Labs is working on the next generation of stateless data architecture, bringing database performance and functionality to structured and unstructured data in datalakes and raw datasets. Previous I lead the query team at SingleStore (cloud-native distributed HTAP database... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 255 EF
  Emerging + Advanced

2:00pm MST

Are Your Microservices Truly Scaling? A Framework for Unlocking the Stateful Backend - Sam Dillard, PingCAP
Friday November 15, 2024 2:00pm - 2:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Kubernetes has forged the way to microservice applications. Most of the reasons we disaggregate applications lead back to how each component scales. The backend components of these scaling applications are a sticking point for R&D organizations and a major reason applications aren't as agile as they otherwise could be. When applications scale, data systems undergo a lot of change proportionally. For example, table and index scans travel further, index creation re-organizes more data, backups and restores get slower, data integrity loosens, changefeeds get thicker, and staff spreads thinner. The system that scales best is the one in which these dimensions are impacted the least.
Speakers
avatar for Sam Dillard

Sam Dillard

Principle Engineer, PingCAP
Principal Engineer at PingCAP, TiKV maintainer and committer, RocksDB contributor, the author of "MariaDB Principles and Implementation". Mainly engaged in the design and development of cloud-native large-scale distributed storage systems, data platforms, 10+ years of experience in... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, TiKV

2:00pm MST

Contributing to Kubernetes in Its Second Decade - SIG ContribEx Style! - Kaslin Fields, Google; Priyanka Saggu, SUSE; Madhav Jivrajani, UIUC; Nabarun Pal, Independent
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 3| 355 BC
The success and sustainability of the Kubernetes project hinges on its diverse contributor base. In this session, we will explore how the Kubernetes Special Interest Group Contributor Experience (SIG ContribEx) empowers contributors, optimizes workflows, & fosters sustained project growth. We will address the challenges of managing an expanding contributor base, the tradeoffs between attracting new contributors and growing existing ones, all while upholding high standards of code quality, stability, and the right balance between feature development, bug fixes & security enhancements. We will highlight the importance of clear communication channels, our mentorship programs, and knowledge sharing initiatives. We will also share valuable insights into the recent updates about Kubernetes community org membership, the advancements made in the automated assessment tool for membership statistics & more. So, join us in this session to gain insights about ContribEx's many diverse programs.
Speakers
avatar for Nabarun Pal

Nabarun Pal

Staff Engineer at VMware, Kubernetes Steering Committee and Maintainer, Broadcom
Nabarun is a Staff Software Engineer at VMware by Broadcom, a maintainer of the Kubernetes project, an elected Kubernetes Steering Committee member and a chair of Kubernetes SIG Contributor Experience. He is a Release Manager for Kubernetes and has been the Kubernetes 1.21 Release... Read More →
avatar for Priyanka Saggu

Priyanka Saggu

Kubernetes GitHub Admin, SIG Contribex Technical Lead, 1.31 Emeritus Advisor, 1.29 Release Lead, SUSE
Priyanka Saggu is a Kubernetes Engineer at SUSE, and has made significant contributions to Kubernetes project via Release, ContribEx, Testing and CLI SIGs. She's the Emeritus Advisor for Kubernetes 1.31 release cycle, Release Lead for Kubernetes 1.29, Kubernetes GitHub Admin, and... Read More →
avatar for Madhav Jivrajani

Madhav Jivrajani

Independent, UIUC
Madhav is currently working at VMware on upstream Kubernetes. He has been a part of the Kubernetes community for about a year and mainly helps out with SIG-{Contribex, Node, Architecture, API-Machinery}. He was also involved with the structured logging efforts in the Kubernetes project... Read More →
avatar for Kaslin Fields

Kaslin Fields

OSS K8s & GKE Developer Advocate, Google
Kaslin Fields is a Developer Advocate at Google Cloud, a Container enthusiast and creator of tech comics. She uses her knowledge of DevOps technologies and methodologies to help others as they enter the Cloud Native world. By creating comics about DevOps tech, she hopes to make learning... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Contributor Experience

2:00pm MST

Exploring KubeEdge: Architecture, Use Cases, and Project Graduation Updates - Yin Ding, Google & Hongbing Zhang, Daocloud
Friday November 15, 2024 2:00pm - 2:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
In this session, KubeEdge project maintainers will provide an overview of KubeEdge's architecture and its industry-specific use cases. The session will begin with a brief introduction to edge computing and its growing importance in IoT and distributed systems. The maintainers will then delve into the core components and architecture of KubeEdge, demonstrating how it extends Kubernetes' capabilities to manage edge computing workloads efficiently. They will share success stories and insights from organizations that have deployed KubeEdge in various edge environments, such as smart cities, industrial IoT, edge AI, robotics, and retail, highlighting the tangible benefits and transformational possibilities. Additionally, the session will introduce the certified KubeEdge conformance test, discuss advancements in technology and community governance within the KubeEdge project, and share the latest updates on the project's graduation status.
Speakers
avatar for Hongbing Zhang

Hongbing Zhang

Chief Operating Officer, Daocloud
Hongbing Zhang is Chief Operating Officer of DaoCloud. He is a veteran in open source areas, he founded IBM China Linux team in 2011 and organized team to make significant contributions in Linux Kernel/openstack/hadoop projects. Now he is focusing on cloud native domain and leading... Read More →
avatar for Yin Ding

Yin Ding

Engineering Manager, google
Yin Ding, an Engineering Manager at Google, lead the Kubernetes Hardening team and brings over 15 years of expertise in large-scale and distributed computing. As a co-founder of the CNCF KubeEdge open-source project and the TSC Chair of LF Edge Akraino, Yin Ding has made significant... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, KubeEdge

2:00pm MST

KubeVirt: Enhancements and the Road Ahead - Vladik Romanovsky & David Vossel, Red Hat
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 3 | 355 EF
It's been a big year for KubeVirt. Join us for a detailed update on major advancements introduced over the past year and our plans, including CNCF Graduation. We'll cover some of our recent features: "VM rollout strategy," which changes the update management for running virtual machines; "VM Volume migration," which provides a declarative API to move data between volumes; and we introduce the "Application Aware Quota" operator, a solution that addresses the limitations of Kubernetes' native resource quota system and provides an alternative implementation of resource counting. Looking forward, we will also discuss our desire to improve the control over migration convergence, support for (DRA) Dynamic Resource Allocation to optimize resources handling and allocation, and introduce SWAP support for virtual machines, enabling performance improvements and flexibility. This session is designed to provide valuable insights for current users and those who are new to KubeVirt.
Speakers
avatar for Vladik Romanovsky

Vladik Romanovsky

Senior Principle Software Engineer, Red Hat
Developer and a maintainer of the KubeVirt Project. Interested in Kubernetes and Virtualization.
avatar for David Vossel

David Vossel

Senior Principal Software Engineer, Red Hat
David Vossel is a Senior Principal Software Engineer at Red Hat. He is currently the lead developer working on the Hosted Control Planes for OpenShift Virtualization platform and is a core contributor to the open source KubeVirt project.
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, KubeVirt

2:00pm MST

Vitess: Introduction, New Features and Running in Production - Deepthi Sigireddi, PlanetScale; Derek Perkins, Nozzle; Sudhi Vijayakumar, Backblaze
Friday November 15, 2024 2:00pm - 2:35pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Welcome to the Vitess maintainer track session! Today, you will learn what Vitess is, hear about its high level architecture and the feature set it offers. After that, you will hear real-world stories about Vitess adoption and production usage at Backblaze, Nozzle and PlanetScale. You will finally hear about what is new in recent Vitess releases and get a preview of planned features.
Speakers
SV
avatar for Derek Perkins

Derek Perkins

CEO, Nozzle
Derek is the Founder and CEO of Nozzle. He has been building database driven software since 1999, is a maintainer of Vitess.io, and has been a top BigQuery user for over a decade.
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Software Engineer, PlanetScale
Deepthi is the Technical lead for Vitess, a CNCF graduated open source project. She also leads the Vitess engineering team at PlanetScale which offers a database service built on Vitess. She brings over 20 years of experience building scalable systems to this role. She enjoys speaking... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Vitess

2:00pm MST

Supercharge Your Kubernetes Autoscaling with Custom Metrics - Vamshi Krishna Samudrala & Sravan Akinapally, American Airlines
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | 155 BC
Out-of-the-box, Kubernetes provides native horizontal scaling capabilities driven by conventional resource consumption signals like CPU and memory utilization. However, in the real world, numerous applications demand dynamic scaling orchestrated by custom business telemetry such as queue depths, throughput volumes, or other domain-specific indicators. This session will unravel the secrets of extending Kubernetes' Horizontal Pod Autoscaler (HPA) to leverage custom metrics as scaling triggers, unlocking unprecedented scaling autonomy. Attendees will witness live demos showcasing: Deploying a custom metrics provider to expose application-centric metrics to the Kubernetes control plane Configuring the HPA to consume these custom metrics for intelligent scaling decisions A sample application dynamically scaling based on a custom metric like queue length or requests per second Best practices for crafting bespoke scaling policies tailored to custom metrics.
Speakers
avatar for Vamshi krishna Samudrala

Vamshi krishna Samudrala

Enterprise Cloud Architect, American Airlines
Enterprise Architect with a distinguished career spanning 14 years in the fields of DevOps and Cloud Architecture. Focused on automation, configuration management and innovation with cutting-edge technologies.Worked extensively with leading cloud service providers, including Amazon... Read More →
avatar for Sravan Akinapally

Sravan Akinapally

Product Tech Lead, American Airlines
Product Tech Lead
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

2:00pm MST

Micro-Segmentation and Multi-Tenancy: The Brown M&Ms of Platform Engineering - Jim Bugwadia, Nirmata & Rachael Wonnacott, Fidelity International
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
A key requirement for internal developer platforms is that they serve multiple workloads. The reality of platform engineering is that while it seeks to lower the barrier to entry for teams to deliver applications, it must also balance cost and ensure appropriate levels of security. It’s therefore essential to consider how application components running on shared infrastructure are allowed to communicate with each other and weigh up the cost of each architecture. In industry, we have seen differing approaches to deploying Kubernetes to achieve these goals, from multiple single-tenant clusters through to shared clusters that deliver namespaces-as-a-service. Rachael and Jim will define the concepts of multi-tenancy and micro-segmentation for cloud native systems, explain why they are critical to success with platform engineering. They will also show real-world examples of how they can be implemented, and demonstrate full automation using best practices like GitOps and Policy as Code.
Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Co-founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy and governance company. Jim is an active contributor in the cloud native community and currently serves as co-chair of the Kubernetes Policy and Multi-Tenancy Working Groups. Jim is also a co-creator and maintainer... Read More →
avatar for Rachael Wonnacott

Rachael Wonnacott

Technical Product Owner, Kubernetes Platform, Fidelity International
Rachael has spent the last decade focused on platform engineering. She places a conscious emphasis on improving flow and is on the quest to smooth the application lifecycle for developers in the enterprise. With a background in astrophysics, Rachael brings her scientific approach... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

2:00pm MST

The Missing Talk About API Versioning & Evolution in Your Developer Platform - Stefan Schimanski, Upbound & Sergiusz Urbaniak, Independent
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 251
In the realm of developer platforms, individuals without extensive experience in the cloud-native ecosystem are now venturing into the creation of Kubernetes-based APIs. Tools like Crossplane are transforming every platform engineer into an API designer. Ten years in, the ecosystem still offers little guidance on Kubernetes versioning and API evolution in practice. A naive understanding is not helpful, and many have been burned by relying on intuition. This talk will provide deep, yet applicable knowledge, starting from the first principles of the invariants to maintain when changing APIs in Kubernetes. It will cover tools like schemas, conversion, validation, and admission, and present very concrete and directly applicable API Evolution Patterns. These patterns will help navigate the life cycle of CRD-based projects. This talk aims to educate on how to evolve APIs effectively and safely without inadvertently breaking users.
Speakers
avatar for Sergiusz Urbaniak

Sergiusz Urbaniak

Team Lead - Kubernetes, https://mongodb.com
Sergiusz is a Kubernetes Team Lead at MongoDB. He is enthusiastic about modern infrastructure software while still enjoying minimalistic networking techniques like morse code. He worked on Mesos, container runtimes, Prometheus Operator, Thanos, upstream Kubernetes, Operators, and... Read More →
avatar for Stefan Schimanski

Stefan Schimanski

Senior Principal Software Engineer, Upbound
Stefan is a Senior Principal Engineer at Upbound working on control planes, Kubernetes, kcp, and as a tech-lead in Sig API Machinery. He contributed a major part of the CRD feature set. Stefan is a 2nd time GoogleSummer of Code mentor with CNCF, loves to teach and help people to learn... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 251
  Platform Engineering

2:00pm MST

Seccomp and eBPF; What’s the Difference? Why Do I Need to Know? - Natalia Reka Ivanko & Duffie Cooley, Isovalent @ Cisco
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | 151
Containers in Kubernetes share a common Linux kernel so how can we limit access where it isn’t required so we can follow the principle of least privilege? Join Natalia and Duffie as they each explore different approaches to harden your container security with Secure Computing (seccomp) and eBPF! The talk will begin with an overview and comparison between seccomp and eBPF and how they both can solve the same problem - limiting access to the Linux Kernel that all containers share. This will be a fun talk, showing each solution with a live demo. You will leave this talk with a better understanding of how to limit what system calls a process can make and restrict your containers’ behavior to only access the files, binaries and external DNS names they need and nothing more. Which is the right solution for your environment? Come and learn about two of the commonly used technologies in use today!
Speakers
avatar for Natalia Reka Ivanko

Natalia Reka Ivanko

Sr. Product Manager, Isovalent, now part of Cisco
Security Product Lead and previous Security Engineer with a strong background in Container and Cloud Security. Passionate about building things that matter and working with Site Reliability and Software Engineers to apply Security Best Practices. Inclined towards modern and innovative... Read More →
avatar for Duffie Cooley

Duffie Cooley

Field CTO, Isovalent @ Cisco
Duffie is Field CTO at Isovalent focused on helping enterprises find success with Cilium and modern security tooling. Duffie has been working with all things systems and networking for 20 years and remembers most of it. A student of perspective, Duffie is always interested in working... Read More →
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 1 | 151
  Security

2:00pm MST

The Policy Engines Showdown - Gabriel L. Manor, Permit.io; Andres Aguiar, Okta; Omri Gazitt, Aserto; Anders Eknert, Styra; Sarah Cecchetti, AWS
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 255 BC
OPA, Cedar, OpenFGA, Topaz, OPAL, OSO, should I continue? Policy engines, languages, and standards are everywhere, making the decision for a good decision engine increasingly difficult. In this panel, I'll host four talented engineers, each from a different policy engine's core team, for a friendly showdown. We will assist the audience in making the most important decision - choosing a suitable and fitting decision engine for their specific use case. We will also delve into the nuances of running multiple engines together and learn how to scale them properly.
Speakers
avatar for Sarah Cecchetti

Sarah Cecchetti

Head of Product, Cedar, AWS
Sarah is the Head of Product for Cedar Policy Language, an open-source project designed to express permissions in an easy-to-read and fast-to-execute format. She co-founded a professional organization for identity practitioners called IDPro. She is a contributor to NIST 800-63-C Digital... Read More →
avatar for Anders Eknert

Anders Eknert

Develeper Relations Lead, Styra
Developer advocate at Styra with a long background in software development, security and identity systems in primarily distributed environments. When not in front of his computer he enjoys watching football, cooking and Belgian beers.
avatar for Gabriel Manor

Gabriel Manor

Director of DevRel, Permit.io
Gabriel is a senior full-stack developer who blends his passion for technical leadership, security, authorization, and devtools into his current role as the Head of Growth and DevRel at Permit.io. Before joining Permit.io, Gabriel worked as a technical leader and principal engineer... Read More →
avatar for Omri Gazitt

Omri Gazitt

Co-founder & CEO, Aserto
Omri is the co-founder/CEO of Aserto, an authorization startup, and his third entrepreneurial venture. He's spent the majority of his 30-year career working on developer and infrastructure technology, most recently as the CPO of Puppet. Previously he was the VP and GM of HP's Cloud... Read More →
avatar for Andres Aguiar

Andres Aguiar

Product Manager, Okta
Andres has spent his 20+ year career building tools for developers, wearing different hats. He’s been working on the identity space for the last 6 years, and is currently the Product Manager for OpenFGA.
Friday November 15, 2024 2:00pm - 2:35pm MST
Salt Palace | Level 2 | 255 BC
  Security

2:00pm MST

Tutorial: Simplify and Optimize Your YAML with YAMLScriptb - Ingy döt Net, YAML LLC
Friday November 15, 2024 2:00pm - 3:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Nobody likes YAML (or anything for that matter) when its a giant and repetitive mess. Of course, there are already existing technologies like Helm and Kustomize that help provide make YAML nicer for Kubernetes. The new kid on the block is YAMLScript. Being a complete programming language (built over a vast and mature ecosystem) its capabilities are effectively limitless. That said, its primary focus is on refactoring and improving existing and new large YAML configurations. YAMLScript can help you make the most of YAML in any domain; even those that already make great use of Helm and Kustomize. Having been created by an original inventor and current lead maintainer of the YAML data language (Ingy döt Net) you can count on it meshing well with the YAML you already know. In this hands on interactive tutorial, Ingy will teach you how to make the most of YAML and YAMLScript.
Speakers
avatar for Ingy döt؜؜ Net­

Ingy döt؜؜ Net­

Ingy döt Net, YAML LLC
Ingy döt Net is one of the original inventors of the YAML data language, and its primary maintainer. He has continuously contributed to Open Source efforts since before it was called Open Source. His passion is creating software libraries that work in as many programming languages... Read More →
Friday November 15, 2024 2:00pm - 3:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, SDLC (Software Development Lifecycle)

2:00pm MST

🚨 Contribfest: Hop Aboard and Contribute to Headlamp
Friday November 15, 2024 2:00pm - 3:30pm MST
Salt Palace | Level 3 | 355 A
Headlamp is a Kubernetes UI with a focus on usability, flexibility, and extensibility. It is an open source, CNCF Sandbox, project, and can be run as a desktop application, or as a web app. One of Headlamp’s main features is its plugin system, which allows users and vendors to extend its basic functionality and create their own customized Kubernetes user experience. In this Contribufest session, Headlamp’s maintainers will work with the participants to onboard them to Headlamp development. Participants will start by building the project and creating a small plugin. We also invite everyone interested to join us in brainstorming ideas for the project and its community.
Speakers
avatar for Joaquim Rocha

Joaquim Rocha

Principal Software Engineering Manager, Microsoft
Joaquim has been involved in a number of Free and Open Source Software projects for the past 15 years, from the Linux desktop and phones to the cloud. He is an Emeritus Member of the GNOME Foundation and has been a speaker in events such as KubeCon, GUADEC, and FOSDEM. Joaquim currently... Read More →
avatar for René Dudfield

René Dudfield

Rene Dudfield, Microsoft
Hey hey! I'm René, and I make things. Using tech like Kubernetes, Go, Python, C, JavaScript/TypeScript, React. By day: I'm a mild mannered software developer working on open source K8s UIs for Microsoft. For fun: I ❤️ data audio reactive video synths, and make pygame. My passion... Read More →
Friday November 15, 2024 2:00pm - 3:30pm MST
Salt Palace | Level 3 | 355 A
  🚨 Contribfest

2:00pm MST

🚨 Contribfest: Sidecar-Less Service Mesh: Let’s Work Together on Istio V2
Friday November 15, 2024 2:00pm - 3:30pm MST
Salt Palace | Level 3 | 355 D
Attendees will gain an overview of the sidecar-less service mesh architecture and learn how to contribute to the Istio project. We will explore the necessary tooling to build Istio from source, and run unit and end-to-end tests. After setting up the environment, we will contribute to the Istio project. Maintainers will provide a curated set of GitHub issues for the session, focusing on good-first-issues and Istio V2. We will review useful resources and ways to interact with the project and community, highlighting the benefits of sidecar-less Istio and guiding you through your first contribution.
Speakers
avatar for Lin Sun

Lin Sun

CNCF TOC member and Head of Open-Source at solo.io, solo.io
Lin is the Head of Open Source at Solo.io, and a CNCF TOC member and ambassador. She has worked on the Istio service mesh since the beginning of the project in 2017 and serves on the Istio Steering Committee and Technical Oversight Committee. Previously, she was a Senior Technical... Read More →
Friday November 15, 2024 2:00pm - 3:30pm MST
Salt Palace | Level 3 | 355 D
  🚨 Contribfest

2:55pm MST

Cloud-Native AI: Wasm in Portable, Secure AI/ML Workloads - Miley Fu, Second State
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 250
In this talk, we present Wasm as a pioneering solution for running AI/ML workloads in cloud-native environments. Our focus is on demonstrating how Wasm (on the server) facilitates the execution of AI models, such as Llama3, Grok by X, Mixtral etc, across diverse cloud and edge platforms without sacrificing performance. We will discuss the advantages of using Rust and WebAssembly in AI/ML workloads, highlighting aspects like portability, speed, and security. Real-world examples will illustrate the deployment of AI inference models using Wasm runtime in Kubernetes environments, showcasing seamless orchestration and execution across varied devices. This session is aimed at cloud-native practitioners and AI/ML enthusiasts eager to explore innovative approaches in AI deployment.
Speakers
avatar for Miley Fu

Miley Fu

DevRel, WasmEdge
Miley is a Developer Advocate with a passion for empowering developers to build and contribute to open source. With over 5 years of experience working on WasmEdge runtime in CNCF sandbox as the founding member, she talked at KubeCon, KCD Shenzhen, CloudDay Italy, DevRelCon, Open Source... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 250
  AI + ML

2:55pm MST

Enabling Fault Tolerance for GPU Accelerated AI Workloads in Kubernetes - Arpit Singh & Abhijit Paithankar, NVIDIA
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | Hall DE
In K8s based ML platforms, job failures from hardware errors such as GPU malfunctions, network disruptions, ECC errors, and OOM events pose significant challenges. These failures cause resource underutilization, wasted engineering time, and high operational costs, often requiring users to resubmit jobs. Current AI/ML frameworks lack adequate fault tolerance strategies, typically requiring manual intervention and causing delays before jobs can resume. This talk explores fault tolerance strategies including naive job restarts on failure, job restarts with hot spares, and job restarts by replacing faulty nodes. We discuss how to achieve fault propagation by leveraging node and pod conditions and address gaps in fault discovery and error propagation in the existing Kubernetes ecosystem. Our talk will also include ways to enhance components like the node-problem-detector and introduce new elements to close the gaps in fault detection , propagation reaction and remediation.
Speakers
avatar for Abhijit Paithankar

Abhijit Paithankar

Tech Lead and Engineering Manager, NVIDIA
Abhijit Paithankar is the AI and HPC Systems Tech Lead and Engineering Manager at NVIDIA, focusing on advanced computing technologies. Previously, he co-founded Crave.IO and served as CTO, and held key roles at Nutanix and VMware, developing critical hypervisor and storage solutions... Read More →
avatar for Arpit Singh (SW-CLOUD) US

Arpit Singh (SW-CLOUD) US

Senior Software Engineer, Nvidia
Arpit Singh specializes in AI infrastructure at Nvidia, enhancing deep learning applications. Besides being a Kubernetes contributor, Arpit has 10+ years of experience spanning Nvidia, Nutanix and Cisco. He holds multiple patents (2 granted, 4+ pending) and has dual master's degr... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

2:55pm MST

How GoTo Financial Automates Upgrading 60+ Istio Service Mesh Seamlessly! - Didi Yudha Perwira & Zufar Dhiyaulhaq, GoTo Financial
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 255 EF
Istio, one of the most popular service meshes, is widely used by many companies. Service meshes simplify observability, traffic management, security, and policy on Kubernetes. While they offer significant benefits, day-to-day operations like upgrades can be challenging. These upgrades require active monitoring during the process. GoTo Financial, for instance, took more than 45 days to upgrade 60+ clusters. This talk will share their journey of building an open-source, opinionated automation solution to simplify the Istio service mesh upgrade process. This solution has shortened upgrade time to 14 days, reduced active monitoring, and frees up valuable engineering resources and minimized downtime risks.
Speakers
avatar for Zufar Dhiyaulhaq

Zufar Dhiyaulhaq

Engineering Manager, GoTo Financial
Zufar recently joins Gojek as Cloud Platform Engineer, He has been in the IT industry for 3 years, mostly working with Linux, Cloud, and Kubernetes. He also loves to contribute to open source projects like Istio and help to organize CNCF meetups in Indonesia.
avatar for Didi Yudha Perwira

Didi Yudha Perwira

Sr. Software Engineer, GoTo Financial
Didi has been working in GoTo Financial for 3 years and he has been working for Kubernetes and Istio since the day 1 he's working in GoTo Financial. Didi also have experience and passionate in software engineering field, usually he codes Golang, Javascript, Typescript and Python... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 255 EF
  Connectivity

2:55pm MST

Thousands of Gamers, One Kubernetes Network - Surya Seetharaman, Red Hat & Girish Moodalbail, NVIDIA Inc
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | 155 EF
Uninterrupted gameplay with minimal network latency, jitter, and maximum throughput is crucial for a great gamer experience. But how do we maintain consistent network quality in cloud gaming production environments at NVIDIA when 2K+ players (pods) share the same physical network for game storage and streaming? When a new player joins and a pod starts downloading large contextual game data, it is vital to shield other players on the same node from this 'noisy neighbor'. Kubernetes provides limited pod-level traffic shaping but we needed more than that. In this talk we will show how we achieved true Quality of Service and wire-speed networking on Kubernetes clusters using Differentiated Services Code Point (RFC7657) markings on pod traffic. Through a live demo that will involve a noisy pod and a victim pod, attendees will gain actionable insights and best practices around packet-parameter-tuned traffic shaping using simple Kubernetes Custom Resources to optimize network performance.
Speakers
avatar for Girish Moodalbail

Girish Moodalbail

Distinguished Engineer, NVIDIA Inc, NVIDIA Inc
Girish Moodalbail, a Distinguished Engineer at Nvidia Inc., builds Kubernetes-based GPU compute for gaming, AI training, and inferencing with low-latency, high-throughput, reliable, scalable, and secure networking using OSS (OVS, OVN, OVN-K8s CNI) and NVIDIA hardware. With over 22... Read More →
avatar for Surya Seetharaman

Surya Seetharaman

Principal Software Engineer, Red Hat Inc.
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Principal Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

2:55pm MST

Object, Block, or File Storage? Choosing the Right Cloud Storage to Integrate Into Kubernetes - Mitch Becker & Tom McDonald, Amazon Web Services (AWS)
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
This presentation helps simplify the container storage landscape to assist K8s users make educated cloud storage choices based on their workload requirements and data strategy. You already know K8s is a an open-source platform that orchestrates containerized applications. But what type of cloud storage should one deploy for stateless and stateful applications to ensure persistent data across various operational scenarios? Different storage types cater to specific use cases within K8s environments. Organizations often require persistent storage to run K8s for stateful use cases such as Large-Scale Application Deployment, High-Performance Computing (HPC), AI/ML, Microservices Management, CI/CD Pipelines, and Big Data Processing. Because Block, File, and Object Storage are used in varying ways for containerized workloads, this talk will explain use cases for each storage type and educate the attendees so their selection of storage supports their applications and overall data strategy.
Speakers
avatar for Tom McDonald

Tom McDonald

Sr. Storage Specialist SA, AWS
Tom McDonald is a Senior Workload Storage Specialist at AWS. Starting with an Atari 400 and re-programming tapes, Tom began a long interest in increasing performance on any storage service. With 20 years of experience in the Upstream Energy domain, file systems and High-Performance... Read More →
avatar for Mitch Becker

Mitch Becker

Sr. Storage Specialist, Amazon Web Services (AWS)
Accomplished cloud professional transforming and modernizing IT environments: Cloud Computing, Cloud Storage, HPC, AI, Containers, DevOps, & Cloud Adoption/Migration/Transformation. • CNCF Storage Technical Advisory Group Member • AWS --- Certified Cloud Practitioner, Industry... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage

2:55pm MST

OpenSearch: Navigating Innovation and Community Collaboration for 2025 and Beyond - Anandhi Bumstead & Anirudha Jadhav, Amazon Web Services
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 255 BC
The open source OpenSearch Project guides its development with a community-driven product roadmap that must anticipate the near- and long-term future of search, observability, and generative AI. As more OpenSearch users deploy the software suite for observability applications across a range of cloud infrastructures, the project roadmap must account for robust integrations with open telemetry frameworks and standards while maintaining stable, flexible operational capabilities. This session will present development priorities and strategic goals for the project’s technology stack and share insights into how the project continues to streamline its roadmap to foster community contributions.
Speakers
avatar for Anandhi Bumstead

Anandhi Bumstead

Amazon
Anandhi Bumstead, director of engineering at OpenSearch within Amazon Web Services, brings nearly three decades of experience in distributed systems and open-source software. With a background in cloud computing, Anandhi made significant contributions during her tenure at Microsoft... Read More →
avatar for Anirudha Jadhav

Anirudha Jadhav

Amazon
Anirudha Jadhav, an expert in distributed database systems, data analytics, and search technologies, currently leads development of insight engines and visualization platforms at Amazon Web Services (AWS) OpenSearch as Engineering Manager. His significant contributions to big data... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 255 BC
  Data Processing + Storage

2:55pm MST

Building a More Resilient Future with Advanced Cloud Provider Testing - Michael McCune, Red Hat & Bridget Kromhout, Microsoft
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 3| 355 BC
When you put your trust in a new Kubernetes version, you know that the community behind the release ensures high levels of quality. The Kubernetes community achieves release-gating confidence with continuous testing and integration. With the recent migration of built-in cloud providers to external components , the community has made changes to the testing of infrastructure-specific behaviors and patterns. We have removed some tests and changed others, and now we plan to build a more robust testing framework that all cloud providers can utilize. Join us for a discussion of the future of cloud provider testing, with a look at the changes that have occurred during the external migration and the challenges that are ahead for building a cohesive infrastructure testing framework. You can expect to leave this session with a clear understanding of how cloud provider testing works, why it is important to test on as many cloud providers as possible, and where you can help shape the path forward.
Speakers
avatar for Michael McCune

Michael McCune

Senior Principal Software Engineer, Red Hat
Michael McCune is a software developer creating open source infrastructure and applications for cloud platforms. He has a passion for problem solving and team building, and a lifelong love of music, food, and culture.
avatar for Bridget Kromhout

Bridget Kromhout

Principal Product Manager, Microsoft
Bridget Kromhout is a Principal Product Manager at Microsoft Azure, focusing on the open source cloud native ecosystem.
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Cloud Provider

2:55pm MST

CoreDNS Plugins: A Deep Dive - John Belamaric, Google & Yong Tang, Ivanti
Friday November 15, 2024 2:55pm - 3:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
As a flexible and extensible DNS server with a focus on service discovery, CoreDNS has been widely used in different cloud-native systems. The extensibility of CoreDNS mostly comes from its plugin-based architecture that allows easy addition of new features. In this session, we will take a deep dive and discuss the rich plugin ecosystems of CoreDNS. We will learn the integrations of CoreDNS with cloud-vendors and how this fits hybrid-cloud strategy of different companies. We will also walk through a simple yet complete golang implementation of a CoreDNS plugin for demo purposes. At the end are the project update and road map for CoreDNS community.
Speakers
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, co-chair of K8s SIG Architecture and of K8s WG Device Management, helping lead efforts to improve how GPUs, TPUs, NICs and other devices are selected, shared, and configured in Kubernetes. He is also co-founder of Nephio, an LF project for K8s-based automation... Read More →
avatar for Yong Tang

Yong Tang

Senior Director of Engineering, Ivanti
Yong Tang is Senior Director of Engineering at Ivanti. He is a core maintainer of CoreDNS and contributes to many container, cloud-native, and machine learning projects for the open source community. In addition to CoreDNS, he is a maintainer of Docker/Moby. He is also a maintainer... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, CoreDNS

2:55pm MST

Nothing but NATS - Going Beyond Cloud Native - Byron Ruth & Kevin Hoffman, Synadia
Friday November 15, 2024 2:55pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
These days building so-called cloud-native apps involves assembling a custom stack of tools 10x bigger than the app we're building. Additionally, applications increasingly need to expand out to the edge and cloud-native stacks simply don't work in those environments. Fortunately with NATS, we don't need a stack. In this session you'll see how we can leverage compute, storage, and connectivity to build cloud-to-edge native apps more powerful than ever, with less code, effort, and frustration.
Speakers
avatar for Byron

Byron

Byron Ruth, Synadia
Byron is the VP of Product and Engineering at Synadia, the company behind the NATS.io project. Prior to joining Synadia, he spent 14 years building software and systems in support of pediatric biomedical research. Outside of work, Byron enjoys running, cooking, yard work, and spending... Read More →
avatar for Kevin Hoffman

Kevin Hoffman

Engineering Director, Cloud Platform, Synadia
Kevin is addicted to building and designing distributed systems. He has been using NATS for years and is now building out platforms that run on it.
Friday November 15, 2024 2:55pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, NATS

2:55pm MST

Strimzi: Data Streaming on Kubernetes with Apache Kafka - Jakub Scholz, Red Hat & Lixin Yao, Apple
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 3 | 355 EF
Strimzi is a CNCF incubating project focusing on running Apache Kafka on Kubernetes. Apache Kafka is a leading date-streaming platform used for building real-time data pipelines. It provides support for high-throughput/low-latency messaging, as well as sophisticated data ingress, egress, and processing capabilities. However, running it on Kubernetes can be complex and tedious. Strimzi makes it simple by providing a set of operators and other tools to make data streaming as simple and Kubernetes-native as possible. This talk will briefly introduce Strimzi, explaining how it works and what it offers. And then it will focus on the current and planned features and their release plans. It will cover the exciting features being worked on - such as ZooKeeper removal, tiered storage, auto-rebalancing, or new certificate management - and deep dive into the most important ones.
Speakers
avatar for Jakub Scholz

Jakub Scholz

Senior Principal Software Engineer, Red Hat
Jakub works at Red Hat as Senior Principal Software Engineer. He has long-term experience with messaging and currently focuses mainly on Apache Kafka and its integration with Kubernetes. He is one of the maintainers of the Strimzi project which provides tooling for running Apache... Read More →
avatar for Lixin Yao

Lixin Yao

Staff Software Engineer, Apple
Lixin is a staff software engineer currently working at Apple. His main focus is around data ingestion pipeline and large scale Kafka cluster management. Prior to Apple he worked at Google Cloud on large scale API gateway infrastructure. In his free time, he plays recreational tennis... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Strimzi

2:55pm MST

What’s Going on in the Containerd Neighborhood? - Phil Estes, AWS; Samuel Karp, Google; Akihiro Suda, NTT; Michael Brown, IBM; Kirtana Ashok, Microsoft
Friday November 15, 2024 2:55pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
Our recent maintainer sessions have covered the soon-to-launch containerd v2.0. During this session led by maintainers we will give a brief update on 2.0, but will spend more time looking at the ecosystem around us. Why does containerd exist? What value does it bring to the overall cloud native world? How are other projects using it to build and extend containerd in useful ways? We’ll spend some time on containerd’s largest subproject, nerdctl, which also has an upcoming 2.0 release, and additionally catch the community up on activity in our Rust subproject ecosystem, the runwasi containerd shim, and lazy loading snapshotters. Since this is KubeCon, we’ll also provide an update on CRI changes and KEP-driven additions around NRI, DRA, and checkpoint/restore. Attendees will leave with a broad view of the larger containerd ecosystem of projects as well as key information on how to get involved if you are interested to help and contribute in any way to the “containerd neighborhood!”
Speakers
avatar for Michael Brown

Michael Brown

Software Engineer/Architect, IBM
OSS Engineer; @containerd maintainer; working @oci, @cncf, @pytorch, and @kubernetes projects
KA

Kirtana Ashok

Microsoft
avatar for Samuel Karp

Samuel Karp

Staff Software Engineer, Google
Samuel Karp is a containerd maintainer and a Staff Software Engineer at Google, focused on the container runtime for Google Kubernetes Engine. Sam has been involved in the container ecosystem since 2014 and serves as the Chair of the Open Container Initiative's Technical Oversight... Read More →
avatar for Akihiro Suda

Akihiro Suda

Software Engineer, NTT
Akihiro Suda is a software engineer at NTT Corporation. He has been a maintainer of Moby (dockerd), BuildKit, containerd, runc, etc. He is also a founder of nerdctl and Lima (CNCF project).
avatar for Phil Estes

Phil Estes

Principal Engineer, Containers, AWS
Phil is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS. Phil is an active contributor and maintainer for the CNCF containerd runtime project, and participates in the Open Container... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Containerd

2:55pm MST

The Key Value of Etcd Over Custom Resources: Scalability - Jef Spaleta, Isovalent at Cisco
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | 155 BC
Cilium defaults to using Kubernetes Custom Resources to hold Cilium specific internal state, however when the cluster is large enough, the Kubernetes API becomes a bottleneck on performance. To scale a cluster to hundreds of nodes, Cilium can be configured to use a dedicated external etcd instance. This talk will discuss the details of what the external etcd looks like from an operator perspective, and explore why Cilium uses an external etcd for enhanced scalability. It will cover how to manage a cluster by bypassing the Kubernetes API and interacting only with the cluster's etcd key-value store - and also why it might be a bad idea. Get a taste of what's possible by bypassing the Kubernetes API and interacting with the etcd API directly, and learn why Cilium has an option to use a dedicated etcd deployment, not shared by the Kubernetes API, for holding Cilium state and the scalability benefits it can bring to your cluster.
Speakers
avatar for Jef Spaleta

Jef Spaleta

Technical Community Advocate, Isovalent at Cisco
Jef Spaleta has more than a decade of experience in the technology industry; as software engineer, open source contributor, IoT hardware developer, operations, and most recently as a community advocate at Isovalent.
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance
  • Content Experience Level Any

2:55pm MST

Modernization of Intuit Payroll Enterprise Using Event Driven Architecture - Hema Maarimuthu & Vigith Maurice, Intuit
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Intuit's Quickbooks Online Payroll Enterprise, a critical application serving over 2 million customers, processes over a million transactions and $34 billion in payroll taxes. We're modernizing with a heavy investment in event-driven architecture for effective handling of financial data. This major transition extends beyond just the payroll platform; it involves decomposing complex systems across Intuit products using event-driven architecture and a focus on availability, scalability, and security is crucial. To address challenges like autoscaling for high throughput, low latency, better operational excellence, and development productivity, we have built our modernized platform on Numaflow, an open-source, Kubernetes native, language-agnostic platform. In our presentation, we will share our journey of modernizing our stack using event-driven serverless architecture on Numaflow and highlight the advantages it has brought to our developers and technology infrastructure.
Speakers
avatar for Vigith Maurice

Vigith Maurice

Principal Engineer, Intuit
Vigith is a co-creator of Numaproj and Principal Software Engineer for the Intuit Core Platform team in Mountain View, California. One of Vigith's current day-to-day focus areas is the various challenges in building scalable data and AIOps solutions for both batch and high-throughput... Read More →
avatar for Hema Maarimuthu

Hema Maarimuthu

Principal Engineer, Intuit
Hema is a Principal Software Engineer for Intuit's Online Payroll Infrastructure team in Mountain View, California. Hema’s current work involves leading cross-functional teams, strategizing, and driving operational excellence initiatives. Her major accomplishments include successfully... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering
  • Content Experience Level Any

2:55pm MST

This Platform Goes to 11: Boost Developer Productivity with Lessons from Salesforce - Joe Kutner, Salesforce
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 251
Internal platforms play an essential role in boosting the productivity of developers who use cloud native technologies. That’s why Salesforce, a global leader in the cloud for more than two decades, evolved its existing collection of managed services and capabilities into a cohesive platform that delights developers. In this talk, you’ll learn how Salesforce's platform removes friction, unifies interfaces, and meets developers where they are with industry standard tooling. As you design and build your own platforms, you’ll be able to use the same principles that guided Salesforce to accelerate day-1 onboarding of new apps, increase the speed of the developer inner-loop and testing cycles, and reduce the time it takes to deliver new code to production. Our lessons learned will help you avoid missteps. Finally, you’ll learn how to measure developer satisfaction, performance, activity, collaboration, and efficiency to ensure that your platform delivers the most value for your developers.
Speakers
avatar for Joe Kutner

Joe Kutner

Software Architect, Salesforce
Joe is co-founder of the Cloud Native Buildpacks project, which aims to make containerization more secure and more developer friendly. He started the project in 2018 while working as DX Architect at Salesforce Heroku, and today is the DX Architect for Salesforce’s Hyperforce platform... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 2 | 251
  Platform Engineering

2:55pm MST

Securing the Supply Chain: A Practical Guide to SLSA Compliance from Build to Runtime - Enguerrand Allamel, Ledger
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | 151
Navigating the complexities of supply chain security might seem intimidating, especially with evolving frameworks like SLSA (Supply-chain Levels for Software Artifacts). This talk introduces beginners to the foundational practices required to secure software from build to runtime using CNCF tools. We'll explore how GitHub Actions can automate build processes, integrate with Cosign for keyless artifact signing, and use Kyverno for runtime policy enforcement. Additionally, we'll discuss how tools like in-toto and Kubescape help manage and verify artifact integrity, providing a holistic view of SLSA compliance in the Kubernetes ecosystem. To enhance security further, we will also briefly discuss the potential integration of Hardware Security Modules (HSMs) into the supply chain. HSMs can offer an added layer of security for key management operations critical to signing processes, ensuring that cryptographic keys are managed securely and are resilient against attack.
Speakers
avatar for Enguerrand Allamel

Enguerrand Allamel

Staff Cloud Security Engineer, Ledger
I am a Staff Cloud Security Engineer with a focus on securing scalable and reliable cloud systems. My expertise encompasses hybrid computing technologies and automation tools such as Terraform and Ansible, along with container orchestration via Kubernetes. I am committed to optimizing... Read More →
Friday November 15, 2024 2:55pm - 3:30pm MST
Salt Palace | Level 1 | 151
  Security

4:00pm MST

Best Practices for Deploying LLM Inference, RAG and Fine Tuning Pipelines on K8s - Meenakshi Kaushik & Shiva Krishna Merla, NVIDIA
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 250
In this session, we'll cover best practices for deploying, scaling, and managing LLM inference pipelines on Kubernetes (K8s). We'll explore common patterns like inference, retrieval-augmented generation (RAG), and fine-tuning. Key challenges addressed include: [1]. Minimizing initial inference latency with model caching [2] Optimizing GPU usage with efficient scheduling, multi-GPU/node handling, and auto-quantization [3] Enhancing security and management with RBAC, monitoring, auto-scaling, and support for air-gapped clusters We'll also demonstrate building customizable pipelines for inference, RAG, and fine-tuning, and managing them post-deployment. Solutions include [1] a lightweight standalone tool built using operator pattern and [2] KServe, a robust open-source AI inference platform. This session will equip you to effectively manage LLM inference pipelines on K8s, improving performance, efficiency, and security
Speakers
avatar for Meenakshi Kaushik

Meenakshi Kaushik

Product Management, Nvidia
Meenakshi Kaushik leads product management for NIM Operator and KServe.. Meenakshi is interested in the AI and ML space and is excited to see how the technology can enhance human well-being and productivity.
avatar for Shiva Krishna Merla

Shiva Krishna Merla

Senior Software Engineer, NVIDIA
Shiva Krishna Merla is a senior software engineer on the NVIDIA Cloud Native team where he works on GPU cloud infrastructure, orchestration and monitoring. He is focused on enabling GPU-accelerated DL and AI workloads in container orchestration systems such as Kubernetes and OpenShift... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 250
  AI + ML

4:00pm MST

Divide and Conquer: Master GPU Partitioning and Visualize Savings with OpenCost - Kaysie Yu & Ally Ford, Microsoft
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Hall DE
Kubernetes is the ideal platform for running AI and ML workloads, such as LLMs. GPU nodes are often used for their parallel processing capabilities and higher performance benefits; however, they are known to be costly. Many factors impact the cost of running AI/ML workloads such as GPU utilization, GPU VM size, idle time, etc. These costs are often ignored and considered inherent in running GPU workloads. But if running workloads at scale and left unoptimized, costs will quickly spin out of control. In this talk, we leverage NVIDIA DCGM exporter with Prometheus for GPU metrics monitoring alongside OpenCost to measure the Kubernetes spend of our GPU workloads. We will provide an overview of OpenCost, highlighting its role in bridging the gap between the developer and platform teams through visibility and accountability of spend. We will demonstrate how to use the NVIDIA GPU Operator and how techniques such as partitioning can lead to significant cost savings.
Speakers
avatar for Ally Ford

Ally Ford

Product Manager, Microsoft
Ally is a Product Manager on the Azure Kubernetes Service (AKS) team at Microsoft Azure. She spends her days collaborating with customers to design features that improve the end to end operator experience for both Linux and Windows users. Formerly she was a UX designer and project... Read More →
avatar for Kaysie

Kaysie

Product Manager, Microsoft
Kaysie Yu is a Product Manager on the Azure Kubernetes Service team at Microsoft. She works on cost management and optimization and is passionate about the convergence of FinOps and GreenOps, advocating for best practices that help organizations achieve cost efficiency while contributing... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

4:00pm MST

Gamifying Cloud Native: How to Design and Build an Educational Game for Your Project - Calum Murray, University of Toronto, Faculty of Applied Science and Engineering & Zainab Husain, OCAD University
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
Have you ever struggled to explain what a Cloud Native project does? One of the challenges many cloud native projects face is that the abstractions they provide are not intuitive for new users. Since cloud technologies are often built on top of each other and use domain specific language, this problem compounds. Luckily, educational games can be made to help communicate these abstract concepts in a fun and engaging format! In this talk, we will explore how you can build an educational game for your project through the example of a game that the Knative community has built to teach Knative Eventing. We will walk through the steps other open source projects can follow to design their own educational game, including brainstorming strategies for deciding on key concepts and which metaphors/symbols to use to represent these concepts. These information design strategies can also be applied to create more understandable educational cloud native content in general!
Speakers
avatar for Zainab Husain

Zainab Husain

Knative UX Design Lead, OCAD University
Zainab Husain is a UX Design Researcher working at OCAD University. She completed her Masters in Engineering at the University of Toronto, focusing on Human Computer Interactions. Zainab is passionate about tools that improve collaboration between Engineers and Designers and is also... Read More →
avatar for Calum Murray

Calum Murray

Engineering Science Student, University of Toronto, Faculty of Applied Science and Engineering
I'm a software engineer, and I love building cool things in open source. I like to seek out the most interesting and challenging problems which I think will have a large impact, and build creative solutions to them. I also like to share my passion for open source with others, and... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Grand Ballroom HJ
  Cloud Native Experience
  • Content Experience Level Any

4:00pm MST

Platform Engineering for Software Developers and Architects - Daniel Bryant, Syntasso
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 251
Building on my KubeCon EU 2022 talk, "From Kubernetes to PaaS to... err, what's next", I'll introduce the topic of platform engineering through the lens of a software developer and architect. My primary goal is for developers to understand "what good looks like" with a successful platform build and help them understand how a platform can influence the SDLC (for better or worse!) Key takeaways from the session: - Explore how platform architecture influences software architecture and vice versa - Learn why the principles of coupling and cohesion apply to platform components (and configuration) in the same way as they do with software components - Understand what to expect from an effective platform, including how applications are built, shipped, and run - Learn about key platform metrics grounded in developer experience frameworks such as DORA, SPACE, and DevEx
Speakers
avatar for Daniel Bryant

Daniel Bryant

Platform Engineer & Head of Product Marketing, Syntasso
Daniel Bryant is the head of product marketing at Syntasso. His technical expertise focuses on ‘DevOps’ tooling, cloud/container platforms, and microservice implementations. Daniel is a long-time coder, platform engineer, and Java Champion. He also writes for InfoQ, O’Reilly... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

4:00pm MST

Topology Aware Routing: Understanding the Tradeoffs - Rob Scott, Google
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | 155 EF
In Kubernetes 1.31, a new TrafficDistribution field on Services graduated to beta. This is effectively our third attempt at solving Topology Aware Routing in Kubernetes. This talk will tell the story of how we got here and what we learned along the way, outlining what exactly has made this problem so surprisingly complex. With that context, we’ll dive into exactly how Traffic Distribution works today, and when you should configure it. You’ll learn about how it’s implemented today, and how better implementations may be written in the future. We'll walk through some examples to show how it can work well, and when it may not. Finally, we’ll cover how this concept will interact with autoscaling, load balancers, Ingresses, Gateways, and Multi-Cluster Services. You should leave this talk with a clear understanding of how Topology Aware Routing works in Kubernetes, when to use it, and a broad awareness of the work that’s still in progress in this space.
Speakers
avatar for Rob Scott

Rob Scott

Software Engineer, Google
Rob is an open source enthusiast currently working on Kubernetes Networking at Google. He's been a maintainer of Gateway API since the very early days of the project and led the development of other Kubernetes networking APIs like EndpointSlices.
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

4:00pm MST

Privacy in the Age of Big Compute - Sal Kimmich, Confidential Computing Consortium, Linux Foundation
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Grand Ballroom GI
In the age of big compute, the definition of privacy has transformed as re-identification from anonymized datasets has become easier. This session explores the challenges and solutions in navigating privacy concerns in high-dimensional data environments. Attendees will learn about the risks of re-identification, the importance of unicity in data sets, and how Privacy Enhancing Technologies (PETs) and Confidential Computing can mitigate these risks. Discover how these advancements can help protect sensitive data, ensure compliance, and foster a more secure data ecosystem in cloud-native environments.
Speakers
avatar for Sal Kimmich

Sal Kimmich

Technical Community Architect, Confidential Computing Consortium, Linux Foundation
Sal is an advocate for open source, passionate about helping engineers, ethical hackers, and digital enthusiasts navigate modern software development. With over a decade of experience building cloud-native machine learning pipelines in healthcare and tech for good sectors, Sal now... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage
  • Content Experience Level Any

4:00pm MST

Meet the CNCF Code of Conduct Committee - Bill Mulligan & Carla Gaggini, Isovalent at Cisco; Josh Berkus, Red Hat; Jeremy Rickard, Microsoft; Tim Pepper, CISA
Friday November 15, 2024 4:00pm - 4:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
You've seen those Code of Conduct signs all over the conference. What happens when you report an incident? How is it handled? Who evaluates it? Can I remain anonymous? And why does it take so long? Come meet the CNCF's first elected Code of Conduct Committee, who will have answers to these questions and more. They'll go over the values and goals of the CoCC, the process for investigating and evaluating incident reports, as well as what the CoCC has jurisdiction over (and what it doesn't). They'll share how they work with CNCF projects and project-level committees to support and educate them, as well as with the Events Team to achieve resolutions. Bring your own questions about CoC enforcement and how the committee works to the session, and the CoCC will answer as many of them as they can.
Speakers
avatar for Tim Pepper

Tim Pepper

Senior Technical Advisor, Open Source Software Security, CISA
Tim Pepper is a Senior Technical Advisor on Open Source Software Security in the US Government's Cybersecurity and Infrastructure Security Agency (CISA). Tim has over 25 years in open source, working as an open source developer advocate and contributor to Kubernetes (emeritus Steering... Read More →
avatar for Josh Berkus

Josh Berkus

Kubernetes CM, Red Hat
Josh Berkus is the Kubernetes Community Manager, working in Red Hat's Open Source Program Office. He's currently involved with Kubernetes, Etcd, Elekto, Podman, and uBlue, but has spent more than 20 years contributing to many projects, including Linux, OpenOffice, PostgreSQL, and... Read More →
avatar for Bill Mulligan

Bill Mulligan

Community Pollinator, Isovalent at Cisco
Bill Mulligan is a cloud native pollinator and community builder. He has given talks, written articles, and appeared on podcasts on a wide range of topics around cloud native. While at CNCF he restarted the Kubernetes Community Day program. He is currently at Isovalent growing the... Read More →
avatar for Jeremy Rickard

Jeremy Rickard

Principal Software Engineer, Microsoft
Jeremy Rickard is a principal software engineer at Microsoft where he works on the Azure Container Upstream team. He is currently a co-chair for SIG Release and serves on both the CNCF and the Kubernetes Code of Conduct Committees. He was also the Kubernetes 1.20 Release Lead.
avatar for Carla Gaggini

Carla Gaggini

Head of Global Community Events, Isovalent at Cisco
Carla has been managing events and communities since 2011. She started with experimental music festivals and eventually ended up in Tech, where she fell in love with its ecosystem. During her career she has produced and run many conferences (yes, also the virtual ones!), meetups... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Code of Conduct

4:00pm MST

Pushing Authorization Further: CEL, Selectors and Maybe RBAC++ - Mo Khan & Rita Zhang, Microsoft; Jordan Liggitt, Google
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 3| 355 BC
Significant changes have been made to authorization in recent versions of Kubernetes. For example, common expression language (CEL) in validating admission policy (VAP) can access the authorizer to perform runtime checks during admission. Authorization has also been made aware of label and field selectors, which are available as extra info to be used by webhooks and CEL expressions in VAP. Looking forward, Kubernetes RBAC could be enhanced to take advantage of this new info. RBAC++ is a proof of concept design to combine CEL with RBAC to allow for conditional bindings at runtime. Thinking about even more experimental changes: what if authorization (and RBAC++) could directly assert conditions at admission time?
Speakers
avatar for Rita Zhang

Rita Zhang

Principal software engineer, Kubernetes SIG Auth co-chair, Security Response Committee, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco bay area. She leads the Azure Container Upstream team of maintainers and contributors building features for Kubernetes upstream, CNCF projects, and for Azure Kubernetes Service. She is a Kubernetes sig-auth... Read More →
avatar for Mo Khan

Mo Khan

Software Engineer, Microsoft
Mo Khan is a software engineer who is passionate about open source and security. He started working on Kubernetes in 2016, and currently serves as a chair, technical lead and subproject owner for Kubernetes SIG Auth, a member of the Kubernetes Security Response Committee and a contributor... Read More →
avatar for Jordan Liggitt

Jordan Liggitt

Software Engineer, Google
Jordan Liggitt is a software engineer at Google, and helps lead Kubernetes authentication, authorization, and API server efforts.
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, Auth

4:00pm MST

The Node Tetris Rabbit Hole: Why Your Binpacking Might Be Underperforming - Hannah Taub, Adobe Inc.
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | 155 BC
Have you ever looked at your Kubernetes cluster and thought “I have a perfectly good autoscaler! Why are all my nodes at less than 50% capacity?” When a team moves to the scale of hundreds of clusters with thousands of nodes, efficient binpacking changes from a side task to a financial necessity. From inefficient client apps to long-buried cluster configs, follow the Adobe Ethos team as they track down leads on what’s causing cluster underutilization and how to fix it. You will also learn some tips for designing your clusters to avoid these issues in the first place.
Speakers
avatar for Hannah Taub

Hannah Taub

Ms., Adobe Inc.
As a senior software engineer, Hannah has been working with Adobe’s Cloud Cost Efficiency team for the past several years. After graduating from the University of Edinburgh, she went from writing content APIs at Viacom (now Paramount) to building out Adobe’s Ethos Kubernetes CI/CD... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

4:00pm MST

Medical Research Computing Infrastructure on Hybrid Kubernetes - Jennings Zhang & Rudolph Pienaar, Boston Children's Hospital
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
Research computing is essential across biomedical research, especially in medical imaging and radiology where ML+AI are rapidly disrupting the field. But while the research frontier continues moving forward, the computing infrastructure of research and healthcare institutions tend to lag behind. At the Boston Children’s Hospital, we are closing the gap by developing the ChRIS Research Integration Service (ChRIS for short). ChRIS is an MIT-licensed platform for medical computation, enabling the use of research software in clinical practice, while maximizing the utility of our hybrid-cloud resources. This talk will be a discussion of the cloud-native software ecosystem from the perspective of a medical researcher of a teaching hospital. We will consider the advantages of adopting cloud-native software and Kubernetes for research and healthcare institutions, as well as the challenges in doing so.
Speakers
avatar for Rudolph Pienaar

Rudolph Pienaar

Dr, Boston Children's Hospital
Dr Pienaar is the architect of ChRIS -- a general purpose and MLops platform that is uniquely suited to the needs of both biomedical researcher and clinical users. He leads the Advanced Computing Group at the Fetal Neonatal Neuroimaging Development Science Center at Boston Children's... Read More →
avatar for Jennings Zhang

Jennings Zhang

Research Developer, Boston Children's Hospital
Jennings is a neuroscience researcher and software developer at the Boston Children's Hospital. His work and interests are split between biological questions, e.g. human brain development, and all-things software development, especially containers and Rust.
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

4:00pm MST

Migratory Patterns: Making Architectural Transitions with Confidence and Grace - Pete Hodgson, PartnerSlate
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 255 EF
Big technical migrations - like switching databases - can feel like you're swapping out the engine of a bus while continuing to drive down the freeway (with all your users screaming in the back). However, there are ways to make these transitions safe, incremental, low-stress. In this talk we'll walk through a real-world case study of switching a production system from one database to another with no downtime, and no tears, using techniques like Expand/Contract, Dark Launch and Parallel Run. We'll also see hands-on examples of using CNCF open standards like Open Feature and Open Telemetry to manage this migration.
Speakers
avatar for Pete Hodgson

Pete Hodgson

CTO, PartnerSlate
Pete Hodgson is an independent software delivery consultant. He helps engineering teams to level up and tackle their thorniest challenges, with a focus on agile engineering practices, architectural evolution, and lean process management. Prior to going independent he spent several... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 255 EF
  SDLC

4:00pm MST

SPIFFE Deployments in Non-Kubernetes Environments - Nadin El-Yabroudi & Eli Nesterov, SPIRL
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | 151
The SPIFFE ideology is that workloads running in all types of environments can be issued an identity. However, in practice most deployments have focused on workloads in Kubernetes and there are few examples of SPIFFE being used in non-cloud native environments. In this talk we’ll explore SPIFFE deployments on a Linux environment. What does attestation for these types of workloads look like? How can you provide an identity to a bash script that cannot open a socket connection to the Workload API? We’ll focus on describing some of the existing challenges to non-Kubernetes SPIFFE deployments and provide some ideas for how to solve them.
Speakers
avatar for Nadin El-Yabroudi

Nadin El-Yabroudi

Software Engineer, SPIRL
Nadin is a founding engineer at SPIRL where she’s currently focused on building a new implementation of the SPIFFE specification. Before working on machine identity Nadin worked as a Security and Systems Engineer at Cloudflare where she worked on securing Cloudflare’s 200+ datacenters... Read More →
avatar for Eli Nesterov

Eli Nesterov

CTO, SPIRL
Eli Nesterov is a co-founder at SPIRL. He spent years in security research and engineering, building and scaling security products at TikTok, Facebook, ShapeSecurity, and F5 Networks. He built the world's largest SPIFFE/SPIRE deployment with over 1M nodes. Eli shares his knowledge... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 1 | 151
  Security

4:00pm MST

Why Perfect Compliance Is the Enemy of Good Kubernetes Security - Michele Chubirka, Google
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 255 BC
Technology organizations often struggle over who should manage the security of their Kubernetes environment. This task usually falls to platform or cloud engineering teams, but they often feel abandoned by their security counterparts, uncertain of which requirements will deliver real security value. While published benchmarks and security guides for Kubernetes are helpful, not all recommendations work for every use-case. They may require Kubernetes alpha or beta features which could cause issues with platform stability. Our desire to prioritize “perfect” security over having a functional platform that addresses relevant risks can leave us with nothing, frustrating everyone. Kubernetes is meant to increase application delivery velocity, but when overly strict compliance prevents a team from moving forward, they will subvert security requirements. Let’s stop obsessing over the red in our security and compliance dashboards and focus on what adds real value by reducing risk.
Speakers
avatar for Michele Chubirka

Michele Chubirka

Cloud Security Advocate, Google
Michele Chubirka is a recovering Unix and network engineer currently working as a cloud security advocate for Google. She has been an architect, podcaster and freelance writer for various B2B publications such as Network Computing, Dark Reading and TechTarget. She likes long walks... Read More →
Friday November 15, 2024 4:00pm - 4:35pm MST
Salt Palace | Level 2 | 255 BC
  Security

4:00pm MST

Tutorial: Stop Kubernetes' Revolving Door: A Hands-on Tutorial to Secure a Kubernetes Cluster - Savitha Raghunathan & Rey Lejano, Red Hat; Mahé Tardy, Isovalent at Cisco
Friday November 15, 2024 4:00pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
Out-of-the-box, upstream Kubernetes is not secure by default. This tutorial will walk through the official/upstream Kubernetes Security Checklist to set up a cluster securely. The tutorial starts with an introduction to the critical security considerations for Kubernetes environments. Participants will then embark on a guided journey through practical exercises designed to implement security best practices within Kubernetes clusters. Attendees will gain firsthand experience in aspects such as authentication, authorization, network policies, pod security, and more, providing participants with a comprehensive understanding of Kubernetes security principles and how to implement them. This will equip them with the knowledge and skills to effectively secure their clusters. Whether you're new to Kubernetes security or seeking to enhance your expertise, this tutorial offers valuable insights and hands-on experience to strengthen your Kubernetes clusters against potential threats.
Speakers
avatar for Savitha Raghunathan

Savitha Raghunathan

Senior Software Engineer, Red Hat
Savitha Raghunathan is a Senior Software Engineer at Red Hat, working on Container Migration and Application Modernization. She leads K8s sig-security-docs sub-project aiming to create security awareness through docs. As a maintainer of the Konveyor project, she leads the community... Read More →
avatar for Mahé Tardy

Mahé Tardy

Software Engineer, Isovalent at Cisco
Mahé is a security engineer at Isovalent and an active contributor to Kubernetes SIG Security. He was previously working as a security researcher and loves working with Linux, security, and Kubernetes!
avatar for Rey Lejano

Rey Lejano

Solutions Architect @ Red Hat, CNCF Ambassador, K8s SIG Docs co-chair, SIG Security subproject lead, K8s v1.23 release lead, DevOps Institute Ambassador, Red Hat
Rey Lejano is a Solutions Architect at Red Hat and is the co-chair of Kubernetes SIG Docs. He contributes to Kubernetes SIG Security, Release, & Contributor Experience. He is a member of seven Kubernetes Release Teams including serving as the 1.23 Release Lead and 1.25 Emeritus Adviser... Read More →
Friday November 15, 2024 4:00pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom ACE
  Tutorials, Security

4:00pm MST

🚨 Contribfest: K8gb Contribfest: Enhancing K8gb Project with Arbitrary Network Resource Integration
Friday November 15, 2024 4:00pm - 5:30pm MST
Salt Palace | Level 3 | 355 D
The k8gb project is entering a new era of extensibility with the ability to integrate with arbitrary network resources. Recently, we decoupled our strong dependency on standard Ingress, opening new pathways for various integrations such as Gateways and non-HTTP Services. In this iteration of Contribfest, participants will execute the flow of integrating a new resource type to be globally load-balanced.
Speakers
avatar for Yury Tsarev

Yury Tsarev

Principal Solutions Architect, Upbound
Yury is an experienced software engineer who strongly focuses on open-source, software quality and distributed systems. As the creator of k8gb (https://www.k8gb.io) and active contributor to the Crossplane ecosystem, he frequently speaks at conferences covering topics such as Control... Read More →
avatar for Andre Aguas

Andre Aguas

Senior Systems Engineer, Open Systems AG
Andre is a Systems Engineer at Open Systems' Cloud Platform team. For the past 3 years he was an integral part of the Observability team where he established Thanos and Loki as the two fundamental components of the company's observability stack. Throughout this journey, he has also... Read More →
Friday November 15, 2024 4:00pm - 5:30pm MST
Salt Palace | Level 3 | 355 D
  🚨 Contribfest

4:00pm MST

🚨 Contribfest: OpenTelemetry Contribfest
Friday November 15, 2024 4:00pm - 5:30pm MST
Salt Palace | Level 3 | 355 A
Join the OpenTelemetry maintainers to make the project better for everyone. You can choose between several opportunities to contribute, and you can count on maintainers from different project areas to help you on your first steps: documentation, Collector, Java, JS, Ruby, Python, .NET, and more.
Speakers
avatar for Jamie Danielson

Jamie Danielson

Senior Software Engineer, Honeycomb
Jamie is a Senior Software Engineer at Honeycomb where she works on instrumentation libraries. She is an active contributor to multiple OpenTelemetry projects, and is an approver for OpenTelemetry JavaScript. When she’s not working she’s playing dek hockey.
avatar for Juraci Paixão Kröhling

Juraci Paixão Kröhling

Software Engineer, Grafana Labs
Juraci Paixão Kröhling is a software engineer at Grafana Labs, a maintainer of the OpenTelemetry project, a member of the project's governing board and CNCF Ambassador. He has presented about distributed tracing, OpenTelemetry, and other related topics at conferences like KubeCon... Read More →
avatar for Trask Stalnaker

Trask Stalnaker

Software Engineer, Microsoft
OpenTelemetry Governance Committee, OpenTelemetry Java Instrumentation Maintainer, Glowroot Author, Java @ Microsoft
avatar for Pablo Baeyens

Pablo Baeyens

Senior Software Engineer, Datadog
Pablo Baeyens is a Senior Software Engineer working at Datadog. He lives in Granada, Spain and since late 2020 he has been involved in the OpenTelemetry project, where he maintains the OpenTelemetry Collector and works in OpenTelemetry Semantic Conventions.
avatar for Piotr Kiełkowicz

Piotr Kiełkowicz

OpenTelemetry .NET Maintainer, Spluk
Piotr Kiełkowicz is a software developer currently employed at Splunk. He actively contributes to the development of OpenTelemetry and maintains OpenTemetetry .NET. You can explore his work on GitHub: https://github.com/Kielek
Friday November 15, 2024 4:00pm - 5:30pm MST
Salt Palace | Level 3 | 355 A
  🚨 Contribfest

4:55pm MST

Best of Both Worlds: Integrating Slurm with Kubernetes in a Kubernetes Native Way - Eduardo Arango Gutierrez, NVIDIA & Angel Beltre, Sandia National Laboratories
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 2 | 250
It's not always clear which container orchestration system is best suited for a given use case. Slurm, for example, is often preferred over Kubernetes when running large-scale distributed workloads. As a result, organizations areoften faced a hard choice: do they deploy Slurm or Kubernetes to service the rising demands of their AI/ML workloads. In this talk, we introduce K-Foundry, an open-source custom controller for KCP that translates Kubernetes jobs to Slurm jobs and exposes Slurm nodes and cluster info as Kubernetes Custom Resource Definitions (CRDs). This integration combines Slurm’s robust job scheduling with Kubernetes' dynamic orchestration and API-driven ecosystem, easing the administration of both clusters through a common API. This session will end with a live demo, where attendees will see how this integration bridges the gap between cloud and HPC, facilitating resource management and optimizing performance for large-scale AI and LLM tasks.
Speakers
avatar for Eduardo Arango Gutierez DE

Eduardo Arango Gutierez DE

Senior systems software engineer, NVIDIA
Eduardo is a Senior Systems Software Engineer at NVIDIA, working on the Cloud Native Technologies team. Eduardo has focused on enabling users to build and deploy containers on distributed environments.
avatar for Angel Beltre

Angel Beltre

Senior Member of Technical Staff, Sandia National Laboratories
Angel Beltre serves as a senior member of the technical staff within the Scalable System Software department at Sandia National Laboratories. He is a contributor to the CSSE Computing-as-a-Service (CaaS) initiative, aimed at streamlining the deployment of modeling and simulation tools... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 2 | 250
  AI + ML

4:55pm MST

Distributed Multi-Node Model Inference Using the LeaderWorkerSet API - Abdullah Gharaibeh & Rupeng Liu, Google
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | Hall DE
Large Language Models have shown remarkable capabilities in various tasks, from text generation to code writing. However, the inference process for these models presents significant challenges. LLMs are computationally intensive, often requiring specialized hardware like TPUs or GPUs to achieve reasonable response times. In some cases their substantial size can strain the resources of a single machine. Specifically, models such as Gemini, Claude, and GPT4 are too large to fit on any single GPU or TPU device, let alone on any single multi-accelerator machine, necessitating what we refer to as multi-node server deployment where a single model server “backend” runs as a distributed process on multiple nodes to harness enough accelerator memory to fit and run the model. This talk presents LeaderWorkerSet, a new k8s API that enables multi-node model inference. We demonstrate its capabilities by orchestrating state of the art model servers such as vLLM and JetStream on both GPUs and TPUs.
Speakers
avatar for Abdullah Gharaibeh

Abdullah Gharaibeh

Staff Software Engineer, Google
Abdullah is a staff software engineer at Google and sig-scheduling and working group batch co-chair. He works on Kubernetes and Google Kubernetes Engine, focusing on scheduling and batch workloads.
avatar for Rupeng Liu

Rupeng Liu

Software engineer, Google
Rupeng Liu, a software engineer from the Google's Kubernetes inference team
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | Hall DE
  AI + ML

4:55pm MST

With Great Flexibility Comes Great Complexity: Inspect Your Gateway API Configuration - Mattia Lavacca, Kong & Gaurav Ghildiyal, Google
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | 155 EF
With its graduation, Gateway API has emerged as the new standard for managing L4 and L7 routing within Kubernetes, as it brings in a wider set of functionalities and flexibility never seen with the ingress API, and is implemented widely for both ingress and service mesh use cases. The trade-off of having such a powerful API is additional complexity, and navigating the intricacies of Gateway API involves listing multiple resources, cross-referencing and understanding the relationships between them, and ensuring explicit authorization for all cross-namespace references - a formidable challenge, nonetheless. In this talk, Gaurav and Mattia will walk you through how to use gwctl, a command-line tool designed specifically for Gateway API (which is part of the Gateway API project itself), that works seamlessly alongside Kubectl. Together, we will easily navigate resources, wrangle policies, and track down trouble in your Gateway API configuration.
Speakers
avatar for Mattia Lavacca

Mattia Lavacca

Software Enginner, Kong
Mattia is a Software Engineer at Kong, working on Kubernetes networking. He is a key contributor to SIG-Network projects, such as Gateway API, Ingress2Gateway, and Blixt, and the co-lead of Kong's Gateway API implementation. He is working on many Kong projects related to networking... Read More →
avatar for Gaurav Ghildiyal

Gaurav Ghildiyal

Software Engineer, Google
Gaurav is a Software Engineer at Google specializing in Kubernetes Networking. He is actively involved in the open-source Gateway API project, recently focusing on shepherding the development of gwctl, a command-line tool for Gateway API. Gaurav also actively contributes to other... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

4:55pm MST

Goodbye Etcd! Running Kubernetes on Distributed PostgreSQL - Denis Magda, Yugabyte
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
Kubernetes once favored Etcd as a database for all cluster data. Back then, relational databases lacked the availability and scalability characteristics required by Kubernetes. However, as Etcd encountered challenges with various Kubernetes workloads, relational databases continued to evolve. This session is a practical guide for deploying fault-tolerant and scalable Kubernetes clusters on distributed PostgreSQL. We’ll begin with Kine, which integrates into the Kubernetes architecture, enabling relational databases for cluster metadata management. Then, we’ll use Kine to deploy Kubernetes on a single-server PostgreSQL instance. After that, we’ll migrate to a multi-node PostgreSQL instance, allowing Kubernetes to tolerate zone and region outages and scale to thousands of nodes on demand.
Speakers
avatar for Denis Magda

Denis Magda

Head of DevRel, Yugabyte
Denis started his software engineering career at Sun Microsystems and Oracle, where he built JVM/JDK and led one of the Java development groups. After learning Java from the inside, he joined the world of distributed systems and databases, where he has remained ever since. His experience... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom GI
  Data Processing + Storage
  • Content Experience Level Any

4:55pm MST

Navigating the Future: Exploring the Latest in Kubernetes Dashboard Development - Marcin Maciaszczyk & Sebastian Florek, Plural
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 3| 355 BC
Join us for an insightful presentation on the latest updates from the Kubernetes SIG-UI, focusing on the evolution of the Kubernetes Dashboard project. Dive into a comprehensive overview of key changes, enhancements, and advancements, including a detailed exploration of the project's new architecture. Gain valuable insights into how these developments shape the future of Kubernetes management and user experience. Whether you're a seasoned Kubernetes user or new to the ecosystem, this presentation promises to provide valuable perspectives on the cutting-edge developments in Kubernetes Dashboard.
Speakers
avatar for Sebastian Florek

Sebastian Florek

Fullstack engineer, Plural
Fullstack Engineer at Plural. Working on the Kubernetes Dashboard project since the beginning. One of the key contributors and a SIG-UI co-leader.
avatar for Marcin Maciaszczyk

Marcin Maciaszczyk

Fullstack Engineer, Plural
Marcin is a Fullstack Engineer at Plural. He is working on the Kubernetes Dashboard project since the beginning where he became one of the key contributors and a SIG-UI co-leader.
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 3| 355 BC
  Maintainer Track, UI

4:55pm MST

Rook: Intro and Deep Dive with Ceph Storage - Travis Nielsen, Annette Clewett, Blaine Gardner & Subham Rai, IBM
Friday November 15, 2024 4:55pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
The Rook project will be introduced to attendees of all levels and experience. Rook is an open source cloud-native storage operator for Kubernetes, providing the platform, framework, and support for Ceph to natively integrate with Kubernetes. The panel will discuss various scenarios to show how Rook configures Ceph to provide stable block, shared file system, and object storage for your production data. Rook was accepted as a graduated project by the Cloud Native Computing Foundation in October 2020.
Speakers
avatar for Travis Nielsen

Travis Nielsen

Rook Lead Maintainer, IBM
Travis Nielsen is a Senior Technical Staff Member for IBM where he is a maintainer on Rook and member of the ODF and Ceph engineering team. Prior to IBM and Red Hat, Travis worked in storage at Quantum and Symform, a P2P storage startup, and was an engineering lead for the Windows... Read More →
avatar for Annette Clewett

Annette Clewett

Software Architect, IBM
Storage Architect with broad knowledge across a spectrum of technologies – network, storage, virtual, and platform. Have successfully delivered countless studies that improved end-user experience and created a more efficient and available infrastructure. Current projects include... Read More →
avatar for Blaine Gardner

Blaine Gardner

Rook Maintainer, IBM
Blaine is a Senior Advisory Software Engineer at IBM Storage on the Ceph OpenShift/Fusion Data Foundation (ODF) team. He is a maintainer of the CNCF-graduated Rook project making sure Ceph and Kubernetes live together in harmony. Their current focus topics are the Container Object... Read More →
avatar for Subham Rai

Subham Rai

Software Engineer, IBM
I'm Subham Rai from India. I have more than 3 years of experience in software or more specifically in the storage industry working mainly in rook-ceph. I hold a B.tech degree and I'm also RHCSA certified. I have spoken at FOSDEM 2022, Cephalocon 2023(Amsterdam).  I'm in the top 4... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
  Maintainer Track, Rook

4:55pm MST

Running a Highly Available Identity and Access Management with Keycloak - Ryan Emerson & Kameswararao Akella, Red Hat
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 3 | 355 EF
A single sign on solution for your customers and employees should be designed for high availability without a single point of failure. Keycloak is no exception to this. A clustered Keycloak deployment in a single site provides sufficient availability for many. An increasing number of organizations need to utilize multiple sites for improved resiliency or to meet legal requirements. Keycloak overhauled its capabilities and now provides deployment blueprints to the community. This talk presents how we approached the problem, and the challenges we faced. Expect to dive into concepts like load shedding, cache stampedes, and automated failover. See tools like Gatling, Helm, OpenTelemetry, Kubernetes Operators and cloud infrastructure in action. We will also provide an outlook for the next steps in our journey. These insights will help you to improve your Keycloak deployments as well as design and test your own applications so they can withstand high load and site failures.
Speakers
avatar for Kamesh Akella

Kamesh Akella

Principal Software Quality Engineer, Red Hat
Hailing from the coastal state of India, Andhra Pradesh, I share a profound interest in everything open-source and computers from my childhood, which led me to my current position at Red Hat and contributing back to the wonderful open-source community.
avatar for Ryan Emerson

Ryan Emerson

Principal Software Engineer, Red Hat
Ryan Emerson is a Principal Software Engineer at Red Hat. He is a member of the Infinispan and Keycloak open-source product teams, where he leads the development of the Infinispan Kubernetes Operator, in addition to contributing to the development of the Infinispan core/server. During... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 3 | 355 EF
  Maintainer Track, Keycloak

4:55pm MST

Ten Years of gRPC: Looking Back and Looking Forward - Kevin Nilson, Google & Israel Shapiro, Broadcom
Friday November 15, 2024 4:55pm - 5:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
Over the past ten years, gRPC has become indispensable to a breathtaking array of engineering organizations. Join the maintainers look back at how gRPC got to where it is today, the way the software has grown, and the community along with it. Then, see what's in store for the future of gRPC in the decades to come.
Speakers
IS

Israel Shapiro

Cloud Native solutions architect, Broadcom
Israel works at Broadcom’s Enterprise Security Group as a Software Architect for the next generation Cloud Native Datapath of the Web Security Service.
avatar for Kevin Nilson

Kevin Nilson

Engineering Manager, Google
Kevin works at Google as a Software Engineer Manager on the gRPC team. At Google Kevin has worked on projects such as Chromecast, Google Home, Stadia and now gRPC. Kevin is a Java Champion and four time JavaOne Rock Star. Kevin has spoken at conferences such as Google I/O, JavaOne... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  Maintainer Track, gRPC

4:55pm MST

WG Batch Updates: What’s New and What Is Next - Marcin Wielgus, Google & Kevin Hannon, Red Hat
Friday November 15, 2024 4:55pm - 5:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
I will present improvements that the WG Batch has promoted in Kubernetes, and the opportunities under discussion to better support batch workloads such as HPC, AI/ML, data-analytics, etc. I will discuss enhancements and improvements to the Job and JobSet APIs as well as new release and roadmap for Kueue, a Kubernetes subproject that offers job queueing and scheduling, to build a multitenant, multicluster batch system. The WG Batch was created in 2022 to serve the demand from the ecosystem to better support batch applications in Kubernetes. The WG is composed of SIGs’ experts and developers from various communities, with the objective to set roadmaps and collaborate in designs and implementations.
Speakers
KH

Kevin Hannon

Kubernetes Developer, Red Hat
avatar for Marcin Wielgus

Marcin Wielgus

Staff Software Engineer, Google
Marcin Wielgus is a Staff Software Engineer at Google. Marcin joined the company in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kubernetes before the 1.0 release and currently... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A
  Maintainer Track, Batch

4:55pm MST

Service Profiling Based Management and Scheduling in K8s - Jia Deng, Cong Xu & Mingmeng Luo, Bytedance
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | 155 BC
We present an open-source solution for the efficient management of resources and scheduling strategies in K8s. Our solution constructs workload-specific resource profiles based on their historical utilization patterns. This approach ensures that workloads receive adequate resources while optimizing overall resource utilization. To accomplish this objective, we employ a custom resource Service Profiling Description (SPD), facilitating a direct correlation between workloads and their resource usages, such as deployments and stateful sets etc. Resource utilization metrics, including CPU, disk I/O, and network I/O, are meticulously collected and aggregated. These usage indicators play a pivotal role in informing the scheduler's decisions regarding workloads allocation. This solution has been deployed within large-scale K8s clusters, addressing diverse workload demands, ranging from those requiring dedicated NUMA nodes to those capable of resource sharing among themselves.
Speakers
avatar for Mingmeng Luo

Mingmeng Luo

Software Engineer, Bytedance
Mingmeng Luo is a software engineer in the Infrastructure Department at ByteDance, where he specializes in the design and development of precision resource management technologies for large-scale Kubernetes clusters. His work focuses on optimizing resource allocation and efficiency... Read More →
avatar for Cong Xu

Cong Xu

Senior Software Engineer, Bytedance
Cong Xu is a Tech Lead and Senior Software Engineer at ByteDance, where he focuses on building and optimizing the container-based cloud platform that hosts internal products such as Douyin and TikTok. From 2016 to 2022, he served as a Staff Research Member at IBM Research, contributing... Read More →
avatar for Jia Deng

Jia Deng

Software Engineer, Bytedance
The speaker currently works for bytedance K8s orchestration team. Before that, the speaker worked for amazon EKSA and VMware Tanzu Mission Control.
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

4:55pm MST

Reducing Cloud Cost for Multi-Tenancy Kubernetes Platform - Simon Ting & Sravan Akinapally, American Airlines
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
A self-service multi-tenancy Kubernetes platform offers many benefits to application teams. In less than 2 years, American Airlines Shared K8 Platform has grown to over 1000+ deployments. Now that we built a resilient and secure platform, we must make it cost-effective to ensure long-term viability. This has the added benefit of reducing the carbon footprint of our platform. In the 2nd year, our platform grew by over 300% but costs increased by 500% as we added security, observability, and other features. How do we start to control costs without violating our self-service model? What is the reasonable amount to spend on Observability? What is a reasonable utilization goal and how do we get there? What level of cost optimization can we achieve without compromising our self-service model and maintaining the resiliency of our platform? We set out to address all these questions and this is our journey. In 4 months, we decreased the total Cost Per Utilized Core (CPUC) by 40%.
Speakers
avatar for Simon Ting

Simon Ting

Principal Product Manager, American Airlines
Simon Ting is the Principal Product Manager for Kubernetes as a Platform and Observability at American Airlines. Simon started his IT career as a developer and moved into configuration management and development platforms manager for over 2 decades. During that time he supported on-site... Read More →
avatar for Sravan Akinapally

Sravan Akinapally

Product Tech Lead, American Airlines
Product Tech Lead
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom BDF
  Platform Engineering

4:55pm MST

Zero Downtime Upgrades at Scale: How Okta Manages Hundreds of Clusters Daily - Jérémy Albuixech & Kahou Lei, Okta
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 2 | 251
How do you upgrade your K8s clusters? Perhaps a rolling update of nodes, with services moving around? Can you guarantee a zero-downtime upgrade? Will this method scale and support the velocity of production environments? Likely not. But fear not - you are not alone! At Okta, we maintain hundreds of clusters, each hosting >130 services, with node counts ranging from 20-400 and we are updating them daily. How do we do it? Without an out-of-the-box solutions we had to build our own and we want to share what we learned with all of you! In this talk Kahou and Jeremy will go over the challenges and successes, highlighting how their deployment method provides the foundational blocks to build extra features while reducing the blast radius when something goes wrong - thanks to quick rollbacks and a canary rollouts. In this session attendees will learn how we leverage open source technologies to tackle three main problems: how to scale, how to secure and how to upgrade clusters with no downtime.
Speakers
avatar for Jérémy Albuixech

Jérémy Albuixech

Staff Software Engineer, Okta
Jeremy is a Staff Software Engineer at Okta. Starting as a full stack programmer with a good foundation in Javascript, he then gravitated towards a DevOps role and later became a member of the SRE team at Cisco, picking up an IaC, observability and Kubernetes skillset. With the Okta... Read More →
avatar for Kahou Lei

Kahou Lei

Principal Software Engineer, Okta
Kahou Lei is a Principal Software Engineer with a strong background in Cloud infrastructure and Kubernetes. With 20 years of industry experience, he has held significant positions at renowned companies such as Okta and Cisco. Kahou leads critical software engineering initiatives... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 2 | 251
  Platform Engineering

4:55pm MST

SPIFFE the Easy Way: Universal X509 and JWT Identities Using Cert-Manager - Tim Ramlot & Ashley Davis, Venafi
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | 151
SPIFFE is incredible. Each workload is assigned its own universal identity, simplifying the security and management of communications in distributed systems. While SPIRE (the reference SPIFFE implementation) is exceptionally powerful, it is also quite complex. Deploying SPIRE on Kubernetes requires StatefulSets, which can be challenging and frustrating. Many cloud vendors are starting to offer turnkey SPIFFE solutions, but that comes with risk of vendor lock-in. In this talk, we will demonstrate how to use the Cloud Native cert-manager solution to implement SPIFFE (x509 and JWT) with low operational overhead for all Kubernetes workloads. The session includes all you need to know to issue X.509 SVIDs, use them and validate them. Additionally, we will introduce an experimental solution to convert x509 SVIDs into JWT SVIDs. The demo will highlight how to authenticate to third-party APIs (such as AWS, GCP, Azure, and others) using these JWT SVIDs.
Speakers
avatar for Ashley Davis

Ashley Davis

Staff Software Engineer, Venafi
As a teenager, Ash taught himself to program after wondering how exactly video games were made. That led to adventures trawling through open source codebases, sparking an interest in computers spanning from bare-metal machine code right up to scalable distributed platforms like Kubernetes... Read More →
avatar for Tim Ramlot

Tim Ramlot

Senior Software Engineer - cert-manager maintainer, Venafi
Tim started working at Venafi as a software engineer after his graduation as computer science engineer at Ghent University. He learned about cert-manager and Venafi through a Google Summer of Code internship. His mission at Venafi is to advance his problem solving skills, whilst contributing... Read More →
Friday November 15, 2024 4:55pm - 5:30pm MST
Salt Palace | Level 1 | 151
  Security
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Monday, November 11
Tuesday, November 12
Wednesday, November 13
Thursday, November 14
Friday, November 15
200 South Entrance (South)
Carson Kitchen
Hilton Salt Lake City Center
Hilton Salt Lake City Center - Canyon Conference Room
Hyatt Regency | Level 2 | Salt Lake Ballroom A
Hyatt Regency | Level 2 | Salt Lake Ballroom B
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE
Hyatt Regency | Level 4 | Regency Ballroom A
Hyatt Regency | Level 4 | Regency Ballroom BCD
Le Meridien Salt Lake City Downtown
Salt Palace | Level 1 | 151
Salt Palace | Level 1 | 155 BC
Salt Palace | Level 1 | 155 EF
Salt Palace | Level 1 | Grand Ballroom ACE
Salt Palace | Level 1 | Grand Ballroom BDF
Salt Palace | Level 1 | Grand Ballroom GI
Salt Palace | Level 1 | Grand Ballroom HJ
Salt Palace | Level 1 | Hall DE
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
Salt Palace | Level 2 | 250
Salt Palace | Level 2 | 250 A-C
Salt Palace | Level 2 | 250 D-F
Salt Palace | Level 2 | 251
Salt Palace | Level 2 | 251 A-F and 254 A-C
Salt Palace | Level 2 | 255 A
Salt Palace | Level 2 | 255 BC
Salt Palace | Level 2 | 255 EF
Salt Palace | Level 3 | 355 A
Salt Palace | Level 3 | 355 D
Salt Palace | Level 3 | 355 EF
Salt Palace | Level 3| 355 BC
Squatters Pub Brewery
TBA
The Little America Hotel
West Temple Entrance (East)
  • 🚨 Contribfest
  • 🪧 Poster Sessions
  • AI + ML
  • Breaks
  • ⚡ Lightning Talks
  • Cloud Native Experience
  • Cloud Native Novice
  • CNCF-hosted Co-located Events
  • Connectivity
  • Data Processing + Storage
  • Emerging + Advanced
  • Experiences
  • Keynote Sessions
  • Maintainer Track
  • Observability
  • Operations + Performance
  • Platform Engineering
  • Project Opportunties
  • Registration
  • SDLC
  • Security
  • Solutions Showcase
  • Sponsor-hosted Co-located Event
  • Tutorials
  • Content Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate