Loading…
Attending this event?
In-person
November 12-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Mountain Standard Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Monday, November 11
 

8:00am MST

Badge Pick-Up
Monday November 11, 2024 8:00am - 5:00pm MST
Monday November 11, 2024 8:00am - 5:00pm MST
West Temple Entrance (East)

8:00am MST

Badge Pick-Up
Monday November 11, 2024 8:00am - 5:00pm MST
Monday November 11, 2024 8:00am - 5:00pm MST
200 South Entrance (South)

9:00am MST

WasmCon | ALL ACCESS PASS REQUIRED
Monday November 11, 2024 9:00am - Tuesday November 12, 2024 5:30pm MST
WasmCon schedule is LIVE!

WasmCon is the premier conference for technical developers and users interested in exploring the potential of WebAssembly. This two-day event will bring together leading experts, developers, and users from across the Wasm community.  To learn more please visit the event's website.

For questions regarding this event, please contact events@linuxfoundation.org.
Monday November 11, 2024 9:00am - Tuesday November 12, 2024 5:30pm MST
 
Tuesday, November 12
 

7:30am MST

Badge Pick-Up
Tuesday November 12, 2024 7:30am - 5:00pm MST
Tuesday November 12, 2024 7:30am - 5:00pm MST
West Temple Entrance (East)

7:30am MST

Badge Pick-Up
Tuesday November 12, 2024 7:30am - 5:00pm MST
Tuesday November 12, 2024 7:30am - 5:00pm MST
200 South Entrance (South)

8:00am MST

OpenShift Commons Gathering Hosted by Red Hat
Tuesday November 12, 2024 8:00am - 6:00pm MST
Red Hat’s OpenShift Commons Gathering brings together users, partners, customers, and contributors to collaborate and work together on OpenShift and the cloud-native ecosystem. It is a community of OpenShift users, experts and open source enthusiasts, eager to share their experiences and ideas for the betterment of the technologies involved. Join us in Salt Lake City on November 12 for a day packed with interesting sessions, workshops, discussions, enabling lots of  learning, networking, and collaboration.  

Please note this is an off-site Sponsor-hosted Co-located Event.
For more information, and to register please visit: https://commons.openshift.org/gatherings/kubecon-24-nov-12/
For questions, please contact: amuhlach@redhat.com
Tuesday November 12, 2024 8:00am - 6:00pm MST
Le Meridien Salt Lake City Downtown 131 South 300 West, Salt Lake City, UT

9:00am MST

Cloud Native University Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
Cloud Native University schedule is now LIVE!

Cloud Native knowledge is one of the most demanded skills for today’s professionals. That is why Cloud Native education is an important topic for both Academic higher education and professional training facilities. The Cloud Native University is where academics will be able to share their approach for teaching Cloud Native, where training professionals will have a chance to explain their techniques and approaches and anybody have an opportunity to discover tomorrow’s learning opportunities and up-skilling best practices. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom B

9:00am MST

Data on Kubernetes Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
Data on Kubernetes Day schedule is now LIVE!

Data on Kubernetes is positioned to become the operational default in a world where data and AI/ML applications are expected to grow. Scalability, flexibility, resilience, openness, and costs are among the reasons — and DoK has a transformative impact on organizations who benefit from increased productivity, revenue growth, market share and margin, according to the 2022 Data on Kubernetes Report. Data on Kubernetes Day is where the industry convenes to share best practices and use cases, forge critical relationships, and learn about advancements in using Kubernetes for data and groundbreaking exploration into the cutting edge of Database as a Service. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Salt Palace | Level 2 | 250 A-C

9:00am MST

EnvoyCon Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
EnvoyCon schedule is now LIVE!

The Envoy maintainers are excited to announce the 8th annual EnvoyCon. This is a practitioner-driven, community conference emphasizing end-user case studies, and technical talks from contributors to Envoy. We do not have product pitches, but will hear about solutions which build on top of Envoy. So join us for an exciting day of technical content, knowledge sharing, and engagement with project maintainers. Envoy is a cloud-native proxy boasting high-performance, extensibility including a WASM run-time, API-driven configuration, and more. It has been a CNCF graduated project since 2017. Thanks to the open source community, Envoy has been widely adopted across industries in a variety of different deployment scenarios including edge proxy, service mesh sidecar, and middle-proxy load balancer, to name a few. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A

9:00am MST

OpenFeature Summit Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 12:25pm MST
OpenFeature Summit schedule is now LIVE!

Feature flagging is completely changing the game in modern software development! Organizations that have started using feature flags are seeing boosts in how fast they can deploy and how efficiently they can operate, no matter the industry. We’re excited to kick off the very first OpenFeature Summit, the ultimate meetup for tech enthusiasts to swap insights, best practices, and awesome success stories. This event is a fantastic chance for you to make new friends in the tech world, dive into lively discussions, and check out the latest in using feature flags to spark innovation and ramp up business agility. Come join us! To learn more, please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 12:25pm MST
Salt Palace | Level 2 | 250 D-F

9:00am MST

Mastering Data Management for Kubernetes Hosted by Portworx by Pure Storage
Tuesday November 12, 2024 9:00am - 4:00pm MST
Welcome to our workshop on mastering data management for Kubernetes with Portworx. If you think you're ready to handle the smoke, we're here to show you how Portworx brings the heat to your data management strategy, ensuring your Kubernetes deployment is as flawless as championship BBQ.

Just like a perfectly grilled BBQ requires the right tools and techniques, managing data in Kubernetes demands robust solutions and expertise. Portworx provides the essential ingredients for success, from high availability and data security to seamless scalability.

Join us as we explore the recipe for a great Kubernetes environment, with Portworx as the key to achieving the perfect balance of performance and reliability.

The workshop will cover Data Management for Kubernetes topics such as:
- Application and data availability across fault domains
- Data Protection through Snapshots and Backups
- Managed databases and data services in Kubernetes
- Automated capacity management
- I/O prioritization and limits for Kubernetes data services
- Migration and disaster recovery for Kubernetes applications


Please note that this is an off-site Sponsor-hosted Co-located event and must be added-on to your KubeCon + CloudNativeCon registration ($20 fee applies with proceeds being donated to the Dan Kohn Scholarship Fund)

For questions regarding this event, please contact: ttung@purestorage.com


Tuesday November 12, 2024 9:00am - 4:00pm MST
Squatters Pub Brewery 147 W. Broadway, Salt Lake City, UT 84101

9:00am MST

Azure Day with Kubernetes Hosted by Microsoft Azure
Tuesday November 12, 2024 9:00am - 5:00pm MST
Join our team of Microsoft experts in-person to learn best practices for building cloud-native and intelligent apps with Kubernetes on Azure.

Azure Day with Kubernetes is tailored for developers, IT professionals, and decision-makers eager to harness the power of AKS for their cloud-native applications. Whether you’re starting with Kubernetes or seeking to refine your AKS deployments, this session will provide valuable insights and actionable knowledge for your cloud journey.


Please note this is an off-site Sponsor-hosted event.
For more information, and to register for this event, please visit: https://azureday.eventbuilder.com/AKSDay2024 
For questions, please contact: aksday@microsoft.com
Tuesday November 12, 2024 9:00am - 5:00pm MST
Salt Lake Marriott City Center 220 South State Street, Salt Lake City, Utah 84111

9:00am MST

AppDeveloperCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
AppDeveloperCon schedule is now LIVE!

AppDeveloperCon is designed for developers at all levels who are involved in the architecture, design, and development (using any programming language) of cloud-native applications. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | 151

9:00am MST

ArgoCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
ArgoCon schedule is now LIVE!

ArgoCon is designed to foster collaboration, discussion, and knowledge sharing on the Argo Project, which consists of four projects: Argo CD, Argo Workflows, Argo Rollouts and Argo Events.

The Argo Project is a suite of open source tools for deploying and running applications and workloads on Kubernetes. It extends the Kubernetes APIs and unlocks new and powerful capabilities in application deployment, container orchestration, event automation, progressive delivery, and more.

Connect with others that are passionate about Argo and interact with project maintainers. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Argo in your cloud-native environment. Get inspired by and provide input to Argo leads on project roadmaps.

The event is vendor-neutral and is being organized by the CNCF Argo Community. Topics in the past have included getting started with Argo, scaling and managing Argo, lessons learned from production deployments, technical sessions, and thought leadership. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org

Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 2 | 251 A-F and 254 A-C

9:00am MST

BackstageCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
BackstageCon schedule is now LIVE!

BackstageCon is a one-day conference focused on all things Backstage: an open framework for building developer portals. At BackstageCon, we’ll provide a vendor-neutral space for collaboration and learning centered on improving developer experience and effectiveness through open source technologies. The event is vendor-neutral and organized by members of the Backstage community. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom H

9:00am MST

Cilium + eBPF Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Cilium + eBPF Day schedule is now LIVE!

Cilium is an open source, widely-used, and highly scalable cloud native networking, observability, and security solution based on the kernel technology eBPF, that connects workloads in Kubernetes and beyond, with powerful built-in observability and security capabilities. Cilium + eBPF Day focuses on how Cilium and eBPF are being developed, deployed, and used across the cloud native landscape to revolutionize cloud native platforms.
At Cilium + eBPF Day you’ll hear from end users sharing how Cilium and other eBPF projects unlocked levels of scalability, performance, and security that weren’t possible before and from contributors who will teach you about how cloud native projects are leveraging eBPF to gain these benefits. From eBPF internals in cloud native projects to how Cilium and eBPF are helping businesses achieve their goals, you’ll hear it all at Cilium + eBPF Day. Dive deep into the world of high-performance networking, transparent security, and scalable observability at Cilium + eBPF Day! To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom B

9:00am MST

Cloud Native + Kubernetes AI Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Cloud Native & Kubernetes AI Day schedule is LIVE!

Join us for an event dedicated to advancing batch and serving workloads for High Performance Computing (HPC) and seamlessly integrating AI/ML into Kubernetes. Whether you are new to the MLOps world or a seasoned practitioner, come hear from maintainers and end users about how Kubeflow and other ML platform tools are making cloud native the best option to manage your machine learning workloads. This gathering is tailored for a diverse range of technical enthusiasts, including open source contributors, practitioners, researchers, and end-users, all united by a common goal: enhancing Kubernetes as the ultimate infrastructure management tool for research, training, and production. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom A

9:00am MST

Observability Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Observability Day schedule is now LIVE!

Observability Day fosters collaboration, discussion, and knowledge sharing of cloud-native observability projects (including but not necessarily limited to Prometheus, Fluentd, Fluent Bit, OpenTelemetry, and OpenMetrics), as well as vendor-neutral best practices for addressing observability challenges. To learn more, please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 2 | 254

9:00am MST

Platform Engineering Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 9:00am - 5:30pm MST
Platform Engineering Day schedule is now LIVE!

Internal Developer Platforms (IDPs) provide curated capabilities, frameworks and experiences to facilitate and accelerate the productivity of internal customers such as application developers. The process and techniques described in the CNCF Platforms White Paper and Platform Engineering Maturity Model highlight how organizations aspiring to build effective Developer Experience via an IDP require socio-technical investment. While many focus on the technical tools, this day will focus on how to grow an effective ecosystem around technical solutions. Platform Engineering Day brings together Platform Engineers, Product Managers, Solutions Architects and key stakeholders across the Cloud Native Community to share lessons learned in building and managing internal platforms, measuring platform maturity and improving golden paths and developer experience. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 9:00am - 5:30pm MST
Salt Palace | Level 1 | Grand Ballroom G

9:00am MST

SigstoreCon Supply Chain Day Hosted by Sigstore
Tuesday November 12, 2024 9:00am - 5:30pm MST
A day dedicated to Sigstore and software supply chain security. Attendees will learn about Sigstore, simplifying signing and verification for digital artifacts, as well as related software supply chain efforts such as SLSA, TheUpdateFramework, binary transparency and more!


Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://events.linuxfoundation.org/sigstorecon-supply-chain-day/
For questions regarding this event, please contact: sigstoreevents@linuxfoundation.org


Tuesday November 12, 2024 9:00am - 5:30pm MST
Hilton Salt Lake City Center 255 S W Temple St, Salt Lake City, UT 84101

9:01am MST

Welcome and Introduction: A Hitchhiker's Guide to the CNCF Landscape - Katherine Druckman and Lori Lorusso, CNCF Ambassador
Tuesday November 12, 2024 9:01am - 9:22am MST
“Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. Why you ask? We currently have over 190 projects, and finding information about them can be a challenge. “Just go to the website” isn’t enough, sometimes you need a guide to show you the ropes. In these introductory sessions we will go over some of the diverse set of projects inside the CNCF so that you’re well equipped to find what you’re looking for at KubeCon.
Tuesday November 12, 2024 9:01am - 9:22am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

9:31am MST

Buildpacks: Container Builds at Scale with Buildpacks | Project Lightning Talk
Tuesday November 12, 2024 9:31am - 9:36am MST
Cloud Native Buildpacks transform your application source code into images that can run on any cloud. They enable advanced caching mechanisms that improve performance at scale. They also allow for modularity and reuse, which ensure developers across your organization aren’t wasting cycles repeating what other teams have already done.

After this short talk, you’ll be able to run buildpacks with the Pack CLI and find off-the-shelf buildpacks in the Buildpack Registry, including those from Google, Heroku, and Paketo. Finally, you’ll learn how operators of large platforms use buildpacks to make their container builds as scalable as possible.
Tuesday November 12, 2024 9:31am - 9:36am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

9:45am MST

Vitess: Arewefastyet: Benchmarking Vitess and Mentorship Stories | Project Lightning Talk
Tuesday November 12, 2024 9:45am - 9:50am MST
Join us for a lightning talk on ""arewefastyet"", the benchmarking tool used by Vitess. We will present the highlights of our benchmarking methods and share insights from the LFX Mentorship program. Our LFX mentee will present their work and share their experience with open-source contributions and the LFX Mentorship program.
Learn about the latest in Vitess performance and the role of mentorship in driving innovation.
Tuesday November 12, 2024 9:45am - 9:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

9:52am MST

Strimzi: Strimzi and the Future of Apache Kafka on Kubernetes | Project Lightning Talk
Tuesday November 12, 2024 9:52am - 9:57am MST
Strimzi is a CNCF incubating project focusing on running Apache Kafka on Kubernetes. It provides a set of operators and other tools to make data streaming on Kubernetes as simple as possible. This lightning talk will give a quick introduction to Strimzi and its capabilities. It will also provide an update on the current and planned work - go through the main changes and new features and cover the future plans.
Tuesday November 12, 2024 9:52am - 9:57am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

9:59am MST

Jaeger: Distributed Tracing with Jaeger and OpenTelemetry | Project Lightning Talk
Tuesday November 12, 2024 9:59am - 10:04am MST
In this session, we will provide project updates. Mostly focused on the future of Jaeger as we move towards our next major version V2, and further integration with the OpenTelemetry project. We will also include project updates since the last Kubecon in North America.
Tuesday November 12, 2024 9:59am - 10:04am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:00am MST

Distributed SQL Summit Hosted by YugabyteDB
Tuesday November 12, 2024 10:00am - 3:00pm MST
Distributed SQL Summit is a conference dedicated to modern transactional databases. For the sixth year, DSS is bringing together developers, architects, and database practitioners across the world to connect, learn, and share best practices. We are planning a hybrid event this year, so you can join us in Salt Lake City, or virtually from anywhere. We invite you to dive in and soak up the latest on distributed databases and modern app development through demos, workshops, tech deep dives, and live discussions.

Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://events.ringcentral.com/events/distributed-sql-summit-2024
For questions regarding this event, please contact: events@yugabyte.com
Tuesday November 12, 2024 10:00am - 3:00pm MST
Hilton Salt Lake City Center 255 S W Temple St, Salt Lake City, UT 84101

10:00am MST

Rancher Day 2024 Hosted by SUSE
Tuesday November 12, 2024 10:00am - 6:00pm MST
Get inspired by SUSE leaders and industry experts as they discuss cutting-edge advancements in Rancher Prime, SUSE Edge and SUSE AI. From insightful keynotes and breakout sessions to hands-on demos and fun networking opportunities, we have an action-packed day dedicated to those passionate about all things cloud native.In the evening, transportation will be provided to an amazing evening reception at the Natural History Museum of Utah. You will enjoy a night of food, drinks, entertainment and spectacular views across the valley with other members of the cloud native community. We can’t wait to see you!

Please note that this is an off-site Sponsor-hosted Co-located event. 
Registration for Rancher Day is required by adding on to your KubeCon + CloudNativeCon registration.
For questions regarding this event, please contact: alexander.hampshire@suse.com

Tuesday November 12, 2024 10:00am - 6:00pm MST
The Little America Hotel 500 Main St, Salt Lake City, UT 84101

10:06am MST

Kepler: How's Things Going in Kepler? | Project Lightning Talk
Tuesday November 12, 2024 10:06am - 10:11am MST
Kepler is envisioned for utmost transparency in estimating container power usage and offering insights into container energy efficiency and carbon footprint. Since Kepler's acceptance into the CNCF Sandbox one year ago, the project has significantly expanded its community and visibility. In this session, we will showcase our latest community engagements and updates, focusing on advancements in metric collection and power modeling. These include the adoption of cilium-go and the introduction of a new validation framework, promising to further enhance robustness.
Tuesday November 12, 2024 10:06am - 10:11am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:13am MST

OpenTelemetry: OpenTelemetry in Five Minutes | Project Lightning Talk
Tuesday November 12, 2024 10:13am - 10:18am MST
Why is OpenTelemetry so complicated? is a question that we hear -- a lot! There's a lot of reasons for it, and in this lightning talk, we'll briefly touch on the fundamentals behind the OpenTelemetry design and architecture, and why those design decisions help enable the projects goal of making observability a built-in feature of cloud-native software.
Tuesday November 12, 2024 10:13am - 10:18am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:20am MST

Prometheus: Celebrating Prometheus 3.0: All You Need To Know! | Project Lightning Talk
Tuesday November 12, 2024 10:20am - 10:25am MST
Prometheus is an open-source systems monitoring system, and a CNCF Graduated project.

This year Prometheus releases the 3.0 version, which comes with the new features, refreshed UI, UX cleanup, while building on top of what worked well for years!

Join this lightning talk to celebrate the Prometheus 3.0 version and learn what it enables for new and existing users, how to upgrade and how to get the most out of the new version!
Tuesday November 12, 2024 10:20am - 10:25am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:27am MST

OpenTelemetry: The OpenTelemetry Hero’s Journey: Working with Open Source Observability | Project Lightning Talk
Tuesday November 12, 2024 10:27am - 10:32am MST
Having correlated metrics, traces, and logs from our services and infrastructure is a vital component of observability. We will discuss what’s possible with OpenTelemetry and where the gaps are with today’s open source tools.
Tuesday November 12, 2024 10:27am - 10:32am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:34am MST

Inspektor Gadget: eBPF for Observability, Made Easy and Approachable | Project Lightning Talk
Tuesday November 12, 2024 10:34am - 10:39am MST
eBPF is a powerful tool for observability. But better tooling can make it even more powerful and, importantly, more approachable.
In this short talk, we’ll use the mechanisms Inspektor Gadget has for distributing and deploying eBPF programs to quickly build a data collection pipeline with eBPF that can be integrated with popular observability tools or one's own applications.
By the end of the talk, the audience should feel empowered to work with eBPF using the high-level tooling and integrate it into their systems and tooling.
Tuesday November 12, 2024 10:34am - 10:39am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:41am MST

OpenTelemetry: The Future of Network Monitoring, eBPF for Low-Level Insights | Project Lightning Talk
Tuesday November 12, 2024 10:41am - 10:46am MST
The recent advancements in eBPF tooling, including the enhanced eBPF runtime embedded in the Linux kernel, the BPF Compiler Collection (BCC) for efficient kernel tracing, and the LLVM Compiler for converting C code to eBPF programs, have made it easier to provide always-on network visibility. OpenTelemetry Network leverages these foundational tools to provide out-of-the-box network observability for modern infrastructures.


In this talk, we'll explore the architecture of the OTel Network, focusing on its key components: the kernel collector, kubernetes collector, cloud collector, and reducer which together enable collecting, ingesting, aggregating, enriching, and exporting telemetry data collected from various sources. We'll show an end-to-end setup to demonstrate the use of these agents and reducer component to send data to the OTel collector. This session aims to equip end-users and contributors with the necessary information to get started with the OpenTelemetry Network project.
Tuesday November 12, 2024 10:41am - 10:46am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:48am MST

Fluentd: Fluent Bit - What's New? | Project Lightning Talk
Tuesday November 12, 2024 10:48am - 10:53am MST
In this short session we will do a highlight on what's new in Fluent Bit v3: new processors, integrations with OpenTelemetry, performance improvements and much more!
Tuesday November 12, 2024 10:48am - 10:53am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

10:55am MST

11:10am MST

Crossplane: The Many Layers of Crossplane - A Lightning Tour | Project Lightning Talk
Tuesday November 12, 2024 11:10am - 11:15am MST
Crossplane (https://www.crossplane.io/) and its user experience has matured greatly over the years and there are now numerous layers you can interact with while designing and building your internal developer platform powered by Crossplane.

Should you directly declare the cloud resources you want Crossplane to create, should you create developer friendly simplified abstractions on top, should you stick with YAML or use a more full featured high level programming language?

We will explore each of these layers in further detail and provide practical examples in this lightning tour of the broad possibilities offered by Crossplane, all of which lead to a reliable and robust control plane to manage everything in the cloud that your organization could need!
Tuesday November 12, 2024 11:10am - 11:15am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:17am MST

k8gb: Global Load Balancing, the Kubernetes Way | Project Lightning Talk
Tuesday November 12, 2024 11:17am - 11:22am MST
Discover how the k8gb project brings global load balancing to Kubernetes clusters. This talk will introduce the k8gb project, highlighting its core features such as global load balancing, high availability, seamless failover, and its new extensibility feature that allows integration with various resources like Gateways and non-HTTP Services. Learn about its architecture, real-world use cases, future plans, and how you can get involved.
Tuesday November 12, 2024 11:17am - 11:22am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:24am MST

gRPC: The gRPC "Standard Library" | Project Lightning Talk
Tuesday November 12, 2024 11:24am - 11:29am MST
gRPC has found widespread adoption in organizations around the world. You've probably written a protobuf yourself to define your own API. But did you know that the gRPC project actually defines several standard gRPC services that are generally applicable. In this talk, you will learn about gRPC's reflection, health, channelz, and status protos and how you can use them to get more out of your gRPC-based system.
Tuesday November 12, 2024 11:24am - 11:29am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:31am MST

KubeStellar: Multi-Cluster Configuration Management with KubeStellar | Project Lightning Talk
Tuesday November 12, 2024 11:31am - 11:36am MST
KubeStellar is a flexible solution for challenges associated with multi-cluster configuration management for edge, multi-cloud, and hybrid cloud
Tuesday November 12, 2024 11:31am - 11:36am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:38am MST

wasmCloud: Declarative WebAssembly Orchestration for Cloud Native Applications | Project Lightning Talk
Tuesday November 12, 2024 11:38am - 11:43am MST
wasmCloud released its 1.0 version in April of this year. Since then, the project has done everything but slow down. Maintainer Brooks Townsend demonstrates how wasmCloud enables users to build and orchestrate WebAssembly (Wasm) applications across distributed infrastructure. Learn how wasmCloud integrates the latest developments in WebAssembly standards to help users create and deploy applications “building block” style—connecting portable, interoperable Wasm components so they can focus on business logic. In this lightning project update, Brooks discusses wasmCloud’s component support, distributed networking, declarative orchestration, OpenTelemetry observability, the project roadmap, and more.
Tuesday November 12, 2024 11:38am - 11:43am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:45am MST

SIG Auth & SIG Storage: Secret Guardians - (Secrets Store) CSI Driver and Sync Controller | Project Lightning Talk
Tuesday November 12, 2024 11:45am - 11:50am MST
Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the (Secrets Store) CSI Driver and Sync Controller, sig-auth subprojects providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault.

In this lightning talk, Anish will introduce you to the (Secrets Store) CSI driver and Sync controller and discuss trade-offs of the CSI driver versus Sync controller.
Tuesday November 12, 2024 11:45am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:52am MST

Open Cluster Management: Scheduling AI Workload Among Multiple Clusters | Project Lightning Talk
Tuesday November 12, 2024 11:52am - 11:57am MST
Open Cluster Management (OCM) addresses the challenges of managing multiple Kubernetes distributions, providing open APIs for cluster registration, workload distribution, dynamic placement of policies, and more. The placement concept allows dynamic selection of clusters, enabling users to replicate Kubernetes resources or run advanced workloads across member clusters. For instance, as an application developer, I can deploy workloads to clusters with the most available memory and CPU. With the rise of AI technology, there's an increasing need to schedule AI workloads based on GPU/TPU resources. In this talk, we will demonstrate how to utilize the extensible placement scheduling mechanism and a GPU/TPU resource collector addon. Using an addon template, this setup can provide an AddonPlacementScore, facilitating placement decisions based on GPU/TPU resources. This approach enables OCM API consumers to intelligently schedule AI workloads to the most optimal clusters.
Tuesday November 12, 2024 11:52am - 11:57am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:59am MST

KubeSlice: Migrate Kubernetes Services With Confidence! | Project Lightning Talk
Tuesday November 12, 2024 11:59am - 12:04pm MST
SREs have been constantly asked to look for solutions to help them migrate K8S services from one Cloud cluster to another Cloud cluster while continuing to provide secure access to managed Cloud services left behind in the original Cloud.

The K8S services securely access these managed services using private endpoint FQDN. When SREs are asked to move the K8S services to a different Cloud cluster they hit a roadblock - there is no easy solution to provide private endpoint FQDN access to a managed service from a remote Cloud cluster.

CNCF sandbox project KubeSlice solves this use case in an elegant way.

KubeSlice enables SREs to create a Slice across clusters and slice overlay network connects services in the clusters. An external services gateway on the Slice in the original Cloud cluster will provide access to managed services via alias service FQDN import. Services in other clusters can reach the cloud service via the same private endpoint FQDN resolved by the Slice DNS .
Tuesday November 12, 2024 11:59am - 12:04pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:00pm MST

Google Container Day 2024 Hosted by Google
Tuesday November 12, 2024 12:00pm - 7:00pm MST
This event will be packed with the latest information on running containers with Google Cloud. We'll end with a reception where you can meet other customers on their container journeys as well as the Googlers behind GKE and Cloud Run!

Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://rsvp.withgoogle.com/events/container-day-kcna-2024
For questions regarding this event, please contact: container-day@google.com
Tuesday November 12, 2024 12:00pm - 7:00pm MST
Carson Kitchen 241 W 200 S, Salt Lake City, UT 84101

12:06pm MST

Knative: Eventing Advances | Project Lightning Talk
Tuesday November 12, 2024 12:06pm - 12:11pm MST
Knative Eventing has learned a bunch of new tricks in the last year. In this talk, we’ll talk about advances in describing and controlling asynchronous messages between components, including authentication, authorization, and filtering.
Tuesday November 12, 2024 12:06pm - 12:11pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:13pm MST

Eraser: Cleaning Up Vulnerable Images from Kubernetes Nodes | Project Lightning Talk
Tuesday November 12, 2024 12:13pm - 12:18pm MST
Supply chain security is an increasingly important issue in cloud-native computing. It is common for pipelines to build and push images to the cluster, but uncommon for those images to be removed from a node’s local store once a CVE has been disclosed. Kubernetes has no built-in solution to this problem: its garbage collection only responds to disk pressure. As images become outdated, they present a risk as users may run a vulnerable container. Eraser, a CNCF sandbox project, is an open source solution that automates the scanning and removal of non-running images.
What distinguishes Eraser is that it gives more control over removal: the developer decides what gets removed and when. By default, Eraser uses Trivy to scan images based on a given threshold of vulnerability. Images can also be removed based on custom logic, including support for using different scanners.
The talk will begin with an overview of Eraser and discuss new features added to the project.
Tuesday November 12, 2024 12:13pm - 12:18pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:20pm MST

Linkerd: Adding Cluster-Agnostic Services to Linkerd - Design Considerations and Debates | Project Lightning Talk
Tuesday November 12, 2024 12:20pm - 12:25pm MST
Cluster-Agnostic Services (CAS) is a new feature in Linkerd which allows a single Service to transparently span multiple Kubernetes clusters while remaining resilient to failures in one or more clusters -- without needing to change the application. In this lightning talk, we'll discuss the design considerations and constraints navigated in the process of adding CAS to Linkerd. We discuss how this design process took into account prior art (such as work in SIG-Multicluster), explored a variety of designs, and focused on delivering a solution that was tractable, clear, explicit, simple, and valuable to Linkerd users.
Tuesday November 12, 2024 12:20pm - 12:25pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:27pm MST

Istio: Why Choose Istio in 2025 | Project Lightning Talk
Tuesday November 12, 2024 12:27pm - 12:32pm MST
With all of the cloud native and AI technology out there, it can be hard to figure out what technologies are best for your organization to adopt. Come to this quick lightning talk to figure out if Istio is right for you!
Tuesday November 12, 2024 12:27pm - 12:32pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:34pm MST

Kuma: What’s New in Kuma? | Project Lightning Talk
Tuesday November 12, 2024 12:34pm - 12:39pm MST
Kuma is an open source service mesh that delivers advanced security mechanisms, traffic management and observability for microservices. In this session, we’ll talk about the latest releases and most exciting features from each.

Highlights include:
- MeshPassthrough - a new policy that allows exposing external endpoints for “thick” clients through the mesh and support for wildcard DNS records.
- MeshExternalService - a new resource that overcomes existing limitations with the ExternalService resource.
- HostnameGenerator - a new resource that provides a way to generate custom domains inside your mesh.
- MeshService - a replacement for “kuma.io/service” tag that allows better scalability and allows adding metadata to a service.
- Namespaced policies - allow Kubernetes-native UX where all app-related resources are applied in the application’s namespace.
Tuesday November 12, 2024 12:34pm - 12:39pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:39pm MST

1:25pm MST

Cloud Native StartupFest Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Cloud Native StartupFest schedule is now live!

Join us for the third Cloud Native StartupFest. Cloud Native StartupFest will address topics only relevant to open source and cloud native startups. Get inspired by hearing from successful cloud native entrepreneurs, learn about some of the most exciting cloud native startups in the space, get a glimpse into the current state of fundraising and receive guidance on how to take your idea from community adoption to success. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom B

1:25pm MST

Istio Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Istio Day schedule is now LIVE!

Istio Day community event for the industry’s most popular service mesh, where you will find lessons learned from running Istio in production, hands-on experiences, and featuring maintainers from across the Istio ecosystem. To learn more visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A

1:25pm MST

Kubernetes on Edge Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Kubernetes on Edge Day schedule is now LIVE!

According to a forecast from the International Data Corporation (IDC) Worldwide Edge Spending Guide, combined enterprise and service provider spending across hardware, software, professional services, and provisioned services for edge solutions will sustain strong growth through 2027 when spending will reach nearly $350 billion. With hardware and software dispersed across hundreds or even thousands of locations, the simple paradigms around observability, loosely coupled systems, declarative APIs, and strong automation that have propelled the success of cloud native technologies in the cloud are the only feasible way to manage these distributed systems. Kubernetes is already a significant component of the edge ecosystem, driving integrations and operations.

Join us at Kubernetes on the Edge Day at KubeCon + CloudNativeCon and take part in defining the future intersection of cloud native and edge computing! To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Salt Palace | Level 2 | 250 A-C

1:25pm MST

OpenTofu Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Tuesday November 12, 2024 1:25pm - 5:30pm MST
OpenTofu Day schedule is now LIVE!

Join us for OpenTofu Day 2024, a dedicated day for the infrastructure-as-a-code community. We will bring practitioners, experts, and enthusiasts to in-person sessions on the essential topics of IaC, the plans for the OpenTofu releases, novel ideas, and projects built on top of OpenTofu. Don’t miss this opportunity to learn, contribute, and join the OpenTofu community. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.
Tuesday November 12, 2024 1:25pm - 5:30pm MST
Salt Palace | Level 2 | 250 D-F

1:30pm MST

Project Overview: A Hitchhiker's Guide to the CNCF Landscape - Katherine Druckman and Lori Lorusso, CNCF Ambassador
Tuesday November 12, 2024 1:30pm - 1:45pm MST
“Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. Why you ask? We currently have over 190 projects, and finding information about them can be a challenge. “Just go to the website” isn’t enough, sometimes you need a guide to show you the ropes. In these introductory sessions we will go over some of the diverse set of projects inside the CNCF so that you’re well equipped to find what you’re looking for at KubeCon.
Tuesday November 12, 2024 1:30pm - 1:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

1:47pm MST

Envoy: Highlights of Envoy Gateway v1.1.0 - What’s New and Improved | Project Lightning Talk
Tuesday November 12, 2024 1:47pm - 1:52pm MST
Envoy Gateway (EG) released its latest version, 1.1.0, on July 22. This update marks the first feature release since the 1.0.0 GA (General Availability) version and includes multiple new features and improvements. In this lighting talk, I will highlight some of the most important new features, including Wasm extension, non-k8s support, IP allow/deny list, stateful service support, etc.
Tuesday November 12, 2024 1:47pm - 1:52pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

1:54pm MST

Kubean: Unlocking Operational Efficiency - Simplify Cluster Lifecycle Management with Kubean | Project Lightning Talk
Tuesday November 12, 2024 1:54pm - 1:59pm MST
Kubean is a product-ready cluster lifecycle management tool built on the default kubespray engine.
It provides a declarative API, allowing us to deploy and manage clusters using a set of resource manifests.
The entire process is clear and concise.
We will introduce the core features of Kubean, along with some practical implementations in production environments.
Additionally, we will discuss the future development of the Kubean project, with the hope that Kubean can assist and alleviate the challenges people face in cluster management.
Tuesday November 12, 2024 1:54pm - 1:59pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:00pm MST

Hands-On Cloud Native Security Workshop Hosted by Sysdig
Tuesday November 12, 2024 2:00pm - 6:00pm MST
Dive into cloud native security with practical, hands-on exercises led by experienced engineers. You’ll learn essential security concepts for containers, Kubernetes, and cloud workloads through interactive demos and exercises—no prior security experience is required, but basic Linux and Kubernetes knowledge is recommended. Afterward, join Falco Project Creator, Loris Degioanni, and Falco Core Maintainer, Leonardo Grasso, for an engaging "Ask Anything" panel.

And don't miss our Graduation Party for Falco that evening!

Please note this is an off-site Sponsor-hosted Co-located Event
For more information and to RSVP, please visit: https://go.sysdig.com/handsonsecurity2024.html
For questions, please contact: events@sysdig.com
Tuesday November 12, 2024 2:00pm - 6:00pm MST
Radisson Hotel Salt Lake City Downtown | Cottonwood Room 215 W S Temple St, Salt Lake City, UT 84101

2:00pm MST

CalicoCon Hosted by Tigera, the creators of Project Calico
Tuesday November 12, 2024 2:00pm - 7:00pm MST
Join us for an immersive event led by the Calico team, where you'll gain education, training, and best practices of Kubernetes networking, security, and observability.

We will cover the state of Project Calico. Calico users and engineers will deep-dive into various areas, including eBPF, Windows HNS, multi-cluster mesh, best practices for network policies, egress gateway, scale, performance, encryption, and compliance. Attendees will get to ask their questions and network with the Calico engineering and leadership team.


We'll end with a reception where you can meet other Calico users on their Kubernetes journeys and the team behind Calico.


Please note that this is an off-site Sponsor-hosted Co-located event, and must be added to your KubeCon + CloudNativeCon registration ($5 fee applies with proceeds being donated to the Dan Kohn Scholarship Fund).


For more information, please visit: https://www.tigera.io/lp/calicocon-2024/


For questions regarding this event, please contact: marketing@tigera.io


Tuesday November 12, 2024 2:00pm - 7:00pm MST
Hilton Salt Lake City Center - Canyon Conference Room 255 S W Temple St, Salt Lake City, UT 84101

2:01pm MST

Kubernetes (SIG-CLI): How Do We Improve kubectl Without Breaking Users? | Project Lightning Talk
Tuesday November 12, 2024 2:01pm - 2:06pm MST
Quick session on how we are getting creative on the ways we implement new functionality and correct design decisions on your favorite 10 year old CLI tool!
Tuesday November 12, 2024 2:01pm - 2:06pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:08pm MST

Metal3: Metal3 Magics! What's New and Exciting? | Project Lightning Talk
Tuesday November 12, 2024 2:08pm - 2:13pm MST
This talk is a short format summary of the progress achieved by the Metal3 project and its community, particularly in last couple of years, aspiring for incubation. We will do a quick walkthrough of the latest and greatest features of the project and an overview of the road-map of the project.
Tuesday November 12, 2024 2:08pm - 2:13pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:15pm MST

Harbor: Harbor and the World of SBOMs | Project Lightning Talk
Tuesday November 12, 2024 2:15pm - 2:20pm MST
Discover how integrating SBOM (Software Bill of Materials) with Harbor enhances your software supply chain security. In this lightning talk, we'll cover:

- What is SBOM?: Quick overview of its role in software transparency.
- Integration with Harbor: Highlights of the SBOM integration in Harbor v2.11.
- Security Best Practices: Using SBOM to identify and address vulnerabilities.

Perfect for software engineers, DevOps professionals, and security enthusiasts looking to strengthen their software supply chain.
Tuesday November 12, 2024 2:15pm - 2:20pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:22pm MST

SlimToolkit: Improving DX with Containers - Making it Easy to Understand, Optimize, and Debug Your Containers | Project Lightning Talk
Tuesday November 12, 2024 2:22pm - 2:27pm MST
This talk will introduce the key capabilities in SlimToolkit: inspecting, minifying, and debugging containers that will enhance your developer experience with containerized applications.

We'll walk through a number of short examples showing how common container related problems can be addressed using various commands provided by the tool.

* Are the popular recommendations to create production-ready containers not possible in your environment, or is it just too much work?
* Do you find it difficult to understand what's in containers when you are fixing bugs or when you are selecting new containers to use?
* Is one of the reasons why you avoid using minimal container images the challenges of debugging them?
* Are you not sure what minimal container images are?

If you answered yes to any of these questions, or if you are curious about how this CNCF project can improve your overall container developer experience, this talk is for you.
Tuesday November 12, 2024 2:22pm - 2:27pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:29pm MST

Kyverno: Level Up Your Cluster - 5 Kyverno Policies You Need Now! | Project Lightning Talk
Tuesday November 12, 2024 2:29pm - 2:34pm MST
Struggling to secure your Kubernetes clusters and automate workloads? Kyverno offers a unique solution to combat configuration complexity! This fast-paced talk presents five real-world examples to show you how Kyverno can automate security and simplify workload management.
Tuesday November 12, 2024 2:29pm - 2:34pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:36pm MST

Open Policy Agent (OPA): That's One Small Bump for OPA, but One Giant Leap for Policy as Code | Project Lightning Talk
Tuesday November 12, 2024 2:36pm - 2:41pm MST
At last, OPA's made it to v1! Let's take a whistle-stop tour of what's involved in cutting a v1 release for a project over 3.5 billion downloads; its own language and large community. Get the latest updates, and glimpse into the future in this light speed overview!
Tuesday November 12, 2024 2:36pm - 2:41pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:43pm MST

Falco: Evolution of Real Time Cloud Security with Falco | Project Lightning Talk
Tuesday November 12, 2024 2:43pm - 2:48pm MST
Falco, the CNCF runtime security project, can continuously monitor your entire environment looking for suspicious activity. From bare metal servers to massive Kubernetes clusters made of hundreds of thousands of nodes to your cloud provider activity, Falco and its powerful detection rule system have you covered. In this Lightning Talk, Luca and Melissa will focus on how the Falco project is constantly evolving to meet defenders' needs by providing rich libraries of detection rules, making it easier to customize them, catch bypass attempts and bring light to every dark corner of modern cloud infrastructures.
Tuesday November 12, 2024 2:43pm - 2:48pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:50pm MST

Copa: Project Copacetic - Directly Patch Container Image Vulnerabilities | Project Lightning Talk
Tuesday November 12, 2024 2:50pm - 2:55pm MST
Maintaining secure container images and addressing new vulnerabilities quickly is a major challenge. To patch images, users face two options: wait for third-party authors to release updates, which can take weeks, or perform a full image rebuild, a time and resource-intensive process.
Project Copacetic (Copa) enhances the image patching process, reducing turnaround time and complexity. It integrates easily into existing build infrastructure, giving users greater control over their patching timeline and reducing costs.
Copa scans container images using tools like Trivy to generate a vulnerability report and parses the report for necessary OS-level package updates. It applies these updates to the target image using Buildkit (Docker’s default builder) to create a new patch layer on the original image. Copa can even patch distroless images by leveraging external tooling.
The talk will overview Copa, highlighting new features like scanner plugins and omitting reports to update all packages.
Tuesday November 12, 2024 2:50pm - 2:55pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:57pm MST

OpenFGA: The Cloud Native Way to Implement Fine Grained Authorization | Project Lightning Talk
Tuesday November 12, 2024 2:57pm - 3:02pm MST
This talk will be a short introduction to OpenFGA, a report on the state of the project and an exploration of different adoption use cases from companies all sizes.
Tuesday November 12, 2024 2:57pm - 3:02pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:04pm MST

Meshery: Visualizing Kubernetes Resource Relationships with Meshery | Project Lightning Talk
Tuesday November 12, 2024 3:04pm - 3:09pm MST
Meshery and its extensions empower you to navigate cloud native infrastructure in complex environments. This lighting talk delves into the human-computer interaction (HCI) principles that underpin MeshMap's intuitive visualization of Kubernetes resources and the various forms of inter/relationships with other CNCF projects' resources.

Human-Computer Interaction Principles in Meshery:

- Cognitive Load: How Meshery reduces cognitive load by presenting complex information in a structured and visually digestible manner.
- Mental Models: How Meshery aligns with users' mental models of Kubernetes environments, facilitating comprehension and navigation.
- Visual Perception: How Meshery leverages visual cues, colors, and layout to guide users' attention and highlight critical information.
Tuesday November 12, 2024 3:04pm - 3:09pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:09pm MST

3:18pm MST

Flux: What's Flux and What's New? | Project Lightning Talk
Tuesday November 12, 2024 3:18pm - 3:23pm MST
Get a quick intro of GitOps and Progressive delivery using Flux, how to get started, and new capabilities with the last release of 2024.

We'll walk you through key features of Flux (a graduated project and GA) such as being multi-everything (multi-tenant, multi-cluster, etc.). And Flux works with your existing tools (like CI and Kubernetes tools).

We'll cover reliability and security reasons that Flux is the GitOps tool of choice for cloud vendors, global enterprises, and other companies.
Tuesday November 12, 2024 3:18pm - 3:23pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:25pm MST

CNCF Runtime TAG: CNCF Runtime TAG and the Cloud Native Runtime Landspace: AI, WASM, OS, Edge, Workloads, and More | Project Lightning Talk
Tuesday November 12, 2024 3:25pm - 3:30pm MST
In this lightning talk, we will introduce the CNCF Runtime TAG, discuss how we work with TOC and CNCF Runtime related projects, and highlight the work the TAG and the working groups have done to build guidance and write whitepapers for the ecosystem. Join us to find out how to contribute and participate in the CNCF Runtime community.
Tuesday November 12, 2024 3:25pm - 3:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:32pm MST

CRI-O: First Class AI Model Teleportation - OCI Volume Mounts in CRI-O and Kubernetes | Project Lightning Talk
Tuesday November 12, 2024 3:32pm - 3:37pm MST
Along with the Kubernetes community's corraling behind the usescases of generative AI comes a slew of implementation hurdles to overcome. One such hurdle is the problem of moving around bulky models. While many methods exist today, the SIG-Node and WG-Serving community sought to find a Kubernetes native approach. What better way than utilizing a foundational part of Kubernetes: the OCI distribution spec.

In this talk, we will discuss the process of designing KEP-4639, the status of the feature, and go through some real world use-cases for using OCI distribution methods we know, love and rely-upon to move AI models to your production servers.
Tuesday November 12, 2024 3:32pm - 3:37pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:39pm MST

WasmEdge: Cross-Platform, High-Performance, Lightweight, Embeddable Multi-Modal LLM Runtime | Project Lightning Talk
Tuesday November 12, 2024 3:39pm - 3:44pm MST
With the popularity of LLM apps, there is an increasing demand for running and scaling AI workloads in the cloud and on edge devices. Rust and Wasm offer a solution by providing a portable bytecode that abstracts hardware complexities. WasmEdge is a lightweight, high-performance and cross-platform LLM inference runtime. WasmEdge provides a standard WASI-NN API to developers. Developers only need to write against the API and compile to Wasm. The Wasm file can run on any device, where WasmEdge translates and routes Wasm calls to the underlying native libraries such as llama.cpp.
Tuesday November 12, 2024 3:39pm - 3:44pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:46pm MST

TAG Contributor Strategy: Beyond the Checkbox: Humanizing Accessibility | TAG Lightning Talk
Tuesday November 12, 2024 3:46pm - 3:51pm MST
Accessibility is often an afterthought, a checklist item rather than a fundamental right. That is especially true for people who have never met a person with a disability. While recognized as important, accessibility is still an abstract concept. This talk challenges that perception by sharing personal stories and practical insights, putting a human face to accessibility. This CNCF Deaf and Hard of Hearing WG talk aims to bridge the gap and foster empathy. Discover how to shift from mere compliance to empathy, building a truly inclusive environment where everyone feels valued and belonged. Attendees will leave inspired to become accessibility advocates in their own communities.
Tuesday November 12, 2024 3:46pm - 3:51pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:53pm MST

5:30pm MST

⚡ Lightning Talk: `Kubectl Debug` Lacks an `IDE` Option. Let’s Fix That! - Mario Loriedo, Red Hat
Tuesday November 12, 2024 5:30pm - 5:35pm MST
Don't get me wrong. `kubectl debug` is one of my favorite `kubectl` commands. But probably because I like it so much, I am convinced it deserves more love! This talk will present a `kubectl debug` extension that starts an IDE in an ephemeral container for debugging purposes. This extension uses the DevWorkspace operator, which is capable of running lightweight cloud development environments, including the IDE, in containers. If you like debugging by adding breakpoints in an IDE rather than inspecting your application's logs, you should attend this talk.
Speakers
avatar for Mario Loriedo

Mario Loriedo

Senior Principal Software Engineer, Red Hat
Mario is a Senior Principal Software Engineer at Red Hat. He works on Podman and on container-based developer tools. He has been a CNCF Ambassador and the tech lead of the Eclipse Che project. He has co-created the Devfile (a CNCF Sandbox Project). He has been a speaker at conferences... Read More →
Tuesday November 12, 2024 5:30pm - 5:35pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

5:35pm MST

⚡ Lightning Talk: CloudEvents as APIs - Evan Anderson, Stacklok
Tuesday November 12, 2024 5:35pm - 5:40pm MST
Most of us are familiar with tools like gRPC and OpenAPI for modelling synchronous calls between different applications or microservices. Sometimes, the right way to extend an application is through an asynchronous notification, or an event. CloudEvents is a CNCF project to standardize the format of asynchronous notifications, to make it easier for different projects and applications to communicate. CloudEvents is an envelope to make it easy to exchange asynchronous messages; in this talk, I'll highlight three useful patterns to leverage CloudEvents to connect applications, using examples from Stacklok's own experience.
Speakers
avatar for Evan Anderson

Evan Anderson

Software Engineer, Stacklok
Co-founder and maintainer on Knative project. Member of sigstore-oncall. Previously worked on Google Compute Engine and Serverless (App Engine, Functions) and in SRE. Principal engineer at Stacklok. Ex-Google, ex-VMware. Author of Building Serverless Applications on Knative by O'Reilly... Read More →
Tuesday November 12, 2024 5:35pm - 5:40pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

5:40pm MST

⚡ Lightning Talk: Effortless, Sidecar-Less Mutual TLS and Rich Authorization Policies up and Running in 5 Minutes - Lin Sun, solo.io
Tuesday November 12, 2024 5:40pm - 5:45pm MST
Do you need zero trust or mutual TLS (mTLS) among your application pods? You may be able to manage certificates within your applications, but how would you handle automatic periodic certificate rotation? The evolution of sidecar-less service mesh technology enables mTLS among application pods with just a simple namespace label. No sidecars or application pod restarts are required. This approach provides immediate benefits, including cryptographic identity for application pods, and ensures session-based data confidentiality and integrity in pod communications. In just 5 minutes, Lin will demonstrate live how developers and operators can effortlessly enforce mTLS and rich Layer 7 (L7) authorization policies without any sidecars!
Speakers
avatar for Lin Sun

Lin Sun

CNCF TOC member and Head of Open-Source at solo.io, solo.io
Lin is the Head of Open Source at Solo.io, and a CNCF TOC member and ambassador. She has worked on the Istio service mesh since the beginning of the project in 2017 and serves on the Istio Steering Committee and Technical Oversight Committee. Previously, she was a Senior Technical... Read More →
Tuesday November 12, 2024 5:40pm - 5:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Security

5:45pm MST

⚡ Lightning Talk: Evaluating Scheduler Efficiency for AI/ML Jobs Using Custom Resource Metrics - Dmitry Shmulevich, NVIDIA
Tuesday November 12, 2024 5:45pm - 5:50pm MST
Kubernetes deployments frequently utilize custom resources beyond just CPU and memory, such as GPUs, which are essential for AI/ML workloads. While the Metrics API offers insights into CPU and memory usage at both the pod and node levels, it does not provide similar information for custom resources. Although resource requests for custom resources are specified in the pod spec, there is no visibility into how efficiently these resources are utilized at the node and cluster levels. To address this gap, we developed a Prometheus Node Resource Exporter tailored to monitor custom resources. Our case study focuses on evaluating the efficiency of Kubernetes schedulers when handling a high volume of AI/ML jobs, using GPU occupancy on the nodes as the primary indicator. In this lightning talk, we will present a comparative analysis of several scheduling frameworks based on the metrics collected by our custom exporter.
Speakers
avatar for Dmitry Shmulevich

Dmitry Shmulevich

Software Engineer, NVIDIA
Dmitry is a software engineer at NVIDIA with over 25 years of experience in software development, specializing in cloud computing for the past eight years. Throughout his career, he has made significant contributions to various systems and projects across the cloud stack. He is also... Read More →
Tuesday November 12, 2024 5:45pm - 5:50pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Observability
  • Content Experience Level Any

5:50pm MST

⚡ Lightning Talk: Future-Proofing Kubernetes: Impact of Storage Version Migration and Meaning of Resource Version (RV) - Nilekh Chaudhari, Microsoft
Tuesday November 12, 2024 5:50pm - 5:55pm MST
Kubernetes relies on API data being actively rewritten to support some maintenance activities related to at-rest storage. Two prominent examples are the versioned schema of stored resources (i.e., the preferred storage schema changing from v1 to v2 for a given resource) and encryption at rest (i.e., rewriting stale data based on a change in how the data should be encrypted). The simplest way to rewrite data is to issue no-op update requests via kubectl. This approach is problematic for any resource that can contain a large amount of data, such as Kubernetes secrets, and it is also impractical to perform without automation, as the number of resources that need migration is always growing. Storage Version Migration (SVM), which is now available as a built-in alpha API since Kubernetes v1.30, helps achieve this. However, the implementation of SVM has significant implications for the entire Kubernetes project and its ecosystem.
Speakers
avatar for Nilekh Chaudhari

Nilekh Chaudhari

Software Engineer, Microsoft
Nilekh is a Software Engineer at Microsoft, specializing in Kubernetes. He actively contributes to SIG Auth and SIG API Machinery and is a core maintainer of the Secrets Store CSI Driver, the Azure Provider for the Secrets Store CSI Driver, and the Gatekeeper Library project.
Tuesday November 12, 2024 5:50pm - 5:55pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, Platform Engineering
  • Content Experience Level Any

5:55pm MST

⚡ Lightning Talk: Is Everyone O-KEDA? “Exciting” Lessons Learned in Our Journey to Use KEDA Pod Autoscaling - Brian Davis, Red Canary
Tuesday November 12, 2024 5:55pm - 6:00pm MST
We thought that changing our Kubernetes pod autoscaler seemed like a really straightforward thing to do. With relative ease, we yanked out our old custom pod autoscaler and replaced it with KEDA. We were impressed with the flexibility and control we now had in our cluster, but then discovered a set of really hard lessons that no one had anticipated. In this lightning talk, I’ll hit the highlights of secondary issues we encountered due to such a seemingly simple change, such as Docker Hub rate limits, Kubernetes metrics server failures and their exciting impact on our cluster, AWS rate limits, and late night fights with Argo CD for control of pod maximums. Lastly, I’ll share my personal favorite topic: the “Night Club Theory” of autoscaling tuning. If you or someone you love is thinking of changing your autoscaler, I recommend spending 5 minutes with me to learn the things you should be aware of before you make the switch!
Speakers
avatar for Brian Davis

Brian Davis

Principal Software Engineer, Red Canary
Brian Davis is a Principal Engineer at Red Canary and has built complex systems for the past two decades. His career started in signal processing algorithm research but has morphed through the years into software engineering, QA, system integration, system design, and architectur... Read More →
Tuesday November 12, 2024 5:55pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

6:00pm MST

⚡ Lightning Talk: Kubernetes for Simulated Hardware in Radio Astronomy - Barbara Ojur, SARAO & Abednigo Matiba Lethole, South African Radio Astronomy Observatory(SARAO)
Tuesday November 12, 2024 6:00pm - 6:05pm MST
We use Kubernetes to deploy simulated hardware devices for the Square Kilometer Array (SKA), the world's largest radio telescope. The SKA has an Integrated Testing Facility (ITF) that tests subsystems before field deployment. One of those systems is our main focus for this lightning talk called the Dish Local and Monitoring and Control (LMC) system, which manages mid-frequency operations. Key Lightning Talk Points: - Dish LMC Components: Control, Monitoring, Communication Interface. - Kubernetes Utilization: - k9s: Manages and monitors deployments. - Networking: Simulates communication pathways. - Logging: Captures and analyzes system logs. Goals: - Presentation Aim: Share experiences and inspire adoption of our strategies. - Audience Takeaway: Understand Kubernetes' role in managing complex simulations. - Ecosystem Impact: Improve best practices and drive innovation.
Speakers
avatar for Abednigo Matiba Lethole

Abednigo Matiba Lethole

MR, South African Radio Astronomy Observatory(SARAO)
Abednigo Matiba Lethole is a Junior Software Engineer with over 2 years of experience at the South African Radio Astronomy Observatory (SARAO). Specializing in software development and radio astronomy applications, Abednigo is dedicated to advancing technological solutions in the... Read More →
avatar for Barbara Ojur

Barbara Ojur

Miss Barbara Ojur, SARAO
Barbara Apili Ojur is a software engineer from South Africa, Cape Town. She works for the South African Radio Astronomy Observatory and is seconded to the Square Kilometer Array Observatory which is an intergovernmental project, including countries such as Spain and Italy to mention... Read More →
Tuesday November 12, 2024 6:00pm - 6:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

6:05pm MST

⚡ Lightning Talk: Minimizing Data Loss Within the OpenTelemetry (OTel) Collector - Alex Kats, Capital One
Tuesday November 12, 2024 6:05pm - 6:10pm MST
The OTel collector is meant to serve as a reliable and highly performant data pipeline. However, as a single component in a wider observability architecture, it is only as reliable as the downstream platforms/services it exports data to. The OTel collector has several built in mechanisms that aim to minimize the impact of unhealthy downstream exporters, including an out of the box sending queue with an additional configuration parameter for persistent queueing. There is a new component in the OTel contrib distribution, the Failover Connector. The Failover Connector allows for dynamic routing or “failover” of telemetry data based on downstream exporter health. This provides significant improvement to the data resiliency of the collector, as telemetry data can be continuously exported to a set of stable secondary locations, while the issues with the primary are resolved.
Speakers
avatar for Alex Kats

Alex Kats

Software Engineer, Capital One
Alex is a software engineer at Capital One. Alex has significant experience within the Observability space, with an emphasis on OpenTelemetry (OTel). Alex is a member of the OpenTelemetry community and has been contributing to various components within the OTel toolset.
Tuesday November 12, 2024 6:05pm - 6:10pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

6:10pm MST

⚡ Lightning Talk: Running Kind Clusters with GPU Support Using Nvkind - Evan Lezar, NVIDIA
Tuesday November 12, 2024 6:10pm - 6:15pm MST
Kind is a powerful tool for running local Kubernetes clusters using Docker. It is particularly useful for testing, development, and CI/CD workflows, offering features like multi-node cluster support, easy configuration, and cross-platform compatibility. However, providing access to GPUs in Kind is not a very straightforward process. There is no standard way to inject GPUs into a Kind worker node, and even with a series of "hacks" to make it possible, post-processing is still needed to isolate different sets of GPUs to different nodes. In this lightning talk, we introduce nvkind – a wrapper around Kind that encapsulates the steps necessary to make GPUs available to Kind worker nodes. Ideally, GPU support would have been added to Kind directly, but many challenges exist to make this possible. This talk discusses those challenges, how we've overcome them with nvkind, and the steps needed to eventually support GPUs directly within Kind itself.
Speakers
avatar for Evan Lezar

Evan Lezar

Senior Systems Software Engineer, NVIDIA
Evan Lezar is a Senior Systems Software Engineer on the Cloud Native team at NVIDIA. His focus is making GPUs and other NVIDIA devices easily accessible from containerized environments. This includes driving development and adoption of the Container Device Interface (CDI).
Tuesday November 12, 2024 6:10pm - 6:15pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD
  ⚡ Lightning Talks, AI + ML
  • Content Experience Level Any

6:15pm MST

⚡ Lightning Talk: Safer Cluster Upgrades with Mixed Version Proxy - Richa Banker, Google
Tuesday November 12, 2024 6:15pm - 6:20pm MST
Upgrading Kubernetes clusters often presents numerous challenges, including potential downtime, compatibility issues, and the complexity of managing multiple versions. The Mixed Version Proxy feature introduced in Kubernetes 1.28 aims to mitigate these challenges. This talk will delve into the technical intricacies of the Mixed Version Proxy, exploring its design and implementation. We will then highlight the substantial benefits it offers for cluster upgrades, such as minimizing downtime and enhancing overall reliability. Attendees will gain practical knowledge through (possibly a demonstration) on enabling and utilizing the Mixed Version Proxy. Finally, we will provide insights into the future roadmap for this feature, including upcoming beta releases and enhancements.
Speakers
avatar for Richa Banker

Richa Banker

Software Engineer, Google
Currently a software engineer at Google. Exploring and contributing to OSS Kubernetes on the side.
Tuesday November 12, 2024 6:15pm - 6:20pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

7:00pm MST

House of Kube Hosted by Humanitec, Dash0 and Cloudsmith
Tuesday November 12, 2024 7:00pm - Wednesday November 13, 2024 2:00am MST
TBA
Build real connections and hang out with pioneers from the cloud native world, enjoy the best food trucks SLC has to offer (and cocktails too), and dance to the funkiest house and techno beats.


Please note that this is an off-site Sponsor-hosted Co-located event.
For more information, please visit: https://www.houseofkube.com/
For questions regarding this event, please contact: mariya.skalka@humanitec.com
Tuesday November 12, 2024 7:00pm - Wednesday November 13, 2024 2:00am MST
TBA
 
Wednesday, November 13
 

7:30am MST

Badge Pick-Up
Wednesday November 13, 2024 7:30am - 6:00pm MST
Wednesday November 13, 2024 7:30am - 6:00pm MST
West Temple Entrance (East)

7:30am MST

Badge Pick-Up
Wednesday November 13, 2024 7:30am - 6:00pm MST
Wednesday November 13, 2024 7:30am - 6:00pm MST
200 South Entrance (South)

8:00am MST

EmpowerUs
Wednesday November 13, 2024 8:00am - 9:00am MST
Attendees who identify as women, non-binary individuals and allies are invited to meet for a continental breakfast in the DEI Community Hub for an open discussion about challenges, leadership, innovation, and empowerment in our fast-growing ecosystem.

Wednesday November 13, 2024 8:00am - 9:00am MST
Salt Palace | Level 2 | 255 D | DEI Community Hub

9:00am MST

Keynotes To Be Announced
Wednesday November 13, 2024 9:00am - 10:45am MST
Wednesday November 13, 2024 9:00am - 10:45am MST
Salt Palace | Level 1 | Hall DE

10:45am MST

Coffee Break ☕
Wednesday November 13, 2024 10:45am - 11:15am MST
Wednesday November 13, 2024 10:45am - 11:15am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

10:45am MST

Solutions Showcase
Wednesday November 13, 2024 10:45am - 8:00pm MST
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Wednesday November 13, 2024 10:45am - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

10:55am MST

Project Pavilion Tour with Jorge Castro
Wednesday November 13, 2024 10:55am - 11:15am MST
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!
Wednesday November 13, 2024 10:55am - 11:15am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

11:15am MST

Advanced Model Serving Techniques with Ray on Kubernetes - Andrew Sy Kim, Google & Kai-Hsun Chen, Anyscale
Wednesday November 13, 2024 11:15am - 11:50am MST
With the proliferation of Large Language Models, Ray, a distributed open-source framework for scaling AI/ML, has developed many advanced techniques for serving LLMs in a distributed environment. In this session, Andrew Sy Kim and Kai-Hsun Chen will provide an in-depth exploration of advanced model serving techniques using Ray, covering model composition, model multiplexing and fractional GPU scheduling. Additionally, they will discuss ongoing initiatives in Ray focused on GPU-native communication, which, when combined with Kubernetes DRA, offers a scalable approach to tensor parallelism, a technique used to fit large models across multiple GPUs. Finally, they will present a live demo, demonstrating how KubeRay enables the practical application of these techniques to real-world LLM deployments on Kubernetes. The demo will showcase Ray’s powerful capabilities to scale, compose and orchestrate popular open-source models across a diverse set of hardware accelerators and failure domains.
Speakers
avatar for Andrew Sy Kim

Andrew Sy Kim

Software Engineer, Google
Andrew Sy Kim is a software engineer at Google working on Kubernetes and GKE.
avatar for Kai-Hsun Chen

Kai-Hsun Chen

Software Engineer, Anyscale
Kai-Hsun Chen is a software engineer on the Ray Core team at Anyscale and the primary maintainer of KubeRay. He is also an open-source enthusiast, as well as a committer and PMC member of Apache Submarine.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 255 BC
  AI + ML

11:15am MST

Behind Schedule: Pod Resource Configuration from Beginning to... Huh? - Joe Thompson, Platform9
Wednesday November 13, 2024 11:15am - 11:50am MST
Pod resource requests, limits and priority are some of the most fundamental concepts of Kubernetes clusters, and they're easy to understand: if nodes have the resources you need, you get scheduled, and if not, you don't... right? Joe will walk you through some of the surprising behaviors you may encounter with the seemingly basic rules that Kubernetes follows when scheduling and running pods -- and how those rules themselves may not be what you think! We'll dig into eviction and preemption (and why the difference matters) and why priority sometimes doesn't solve the problems you think it will. We'll finish with recent changes to pod resource management that are upending long-standing basics of pod scheduling, particularly the in-place pod resizing feature alpha-released in the last few versions of Kubernetes. You'll leave with a deeper understanding of the (not-so-) simple mechanics, as well as how to debug them when things get messy.
Speakers
avatar for Joe Thompson

Joe Thompson

Technical Product Marketing Manager, Platform9
Joe Thompson's IT career is near the end of its third decade. He's been part of the cloud-native community since 2014, starting with OpenStack and adding Kubernetes a few months after it debuted. He's spoken at KubeCon, Cloud Native Rejekts and many local meetups and enjoys showing... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

11:15am MST

All Your Routes Are Ready, More or Less - Dave Protasowski, Broadcom
Wednesday November 13, 2024 11:15am - 11:50am MST
Gateway API is the official next gen Kubernetes API for Ingress, Load Balancing and Service Meshes. Many proxies implement the API and pass conformance with glowing colours! But what is it really like to use the API? What isn't covered by the conformance tests that end-users should know. In the talk we'll highlight our experience adopting the Gateway API in the Knative Serving project. We'll talk about the problems we encountered and how we addressed them. Come to the talk and we'll pit some implementations against each other and show some numbers!
Speakers
avatar for Dave Protasowski

Dave Protasowski

Staff Engineer, VMware/Broadcom
Dave Protasowski is part of Knative Technical Committee and a Serving Working Group Lead. During the night he works at VMware/Broadcom. Prior he worked on Cloud Foundry things at Pivotal.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:15am MST

The Future of DBaaS on Kubernetes - Melissa Logan, Constantia; Sergey Pronin, Percona; Deepthi Sigireddi, PlanetScale; Gabriele Bartolini, EDB
Wednesday November 13, 2024 11:15am - 11:50am MST
Running Database-as-a-Service (DBaaS) in the cloud is a common practice for organizations, and more are seeking to offer DBaaS on Kubernetes. Benefits include cost efficiencies, as well as providing a faster, more scalable development environment. While it has many benefits, managing a DBaaS on Kubernetes can be challenging. In this panel, database experts from the Data on Kubernetes Community will discuss how to get started with Kubernetes and operators to run DBaaS, storage and security requirements, common patterns for deployment and Day 2 operations, how to leverage AI for DBaaS, and pitfalls to avoid. They will also share real world experiences from users running DBaaS on Kubernetes.
Speakers
avatar for Melissa Logan

Melissa Logan

CEO, Constantia
Melissa Logan has worked in tech for 24 years and is currently director of the Data on Kubernetes and Data Mesh Learning communities, and founder of Constantia.io - a tech community and communications company. Constantia works with data and open source companies to provide marketing... Read More →
avatar for Gabriele Bartolini

Gabriele Bartolini

VP of Cloud Native, EDB
Gabriele, a co-founder of 2ndQuadrant and open-source advocate, has been instrumental in PostgreSQL's global growth. Focused on enhancing business continuity for large-scale databases, he has championed stateful workloads in cloud-native environments since 2019. As a co-founder and... Read More →
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Software Engineer, PlanetScale
Deepthi is the Technical lead for Vitess, a CNCF graduated open source project. She also leads the Vitess engineering team at PlanetScale which offers a database service built on Vitess. She brings over 20 years of experience building scalable systems to this role. She enjoys speaking... Read More →
avatar for sergey pronin

sergey pronin

Product guy, Percona
Sergey is a passionate technology “driver”. After graduation worked in various fields: internet service provider, financial sector and M&A business. Main focal points were infrastructure and products around it. At Percona as a Group Product Manager drives forward Kubernetes and... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage
  • Content Experience Level Any

11:15am MST

Architecting Tomorrow: The Heterogeneous Compute Resources for New Types of Workloads - Alexander Kanevskiy, Intel Finland
Wednesday November 13, 2024 11:15am - 11:50am MST
Imagine managing a set of diverse workloads on a Kubernetes node, operating across dozens of CPU cores and several memory zones. But do you truly comprehend the difference between one CPU core versus another? Are you aware of the impact that different memory zone might have on your workload's efficiency? Will optimisations for one type of workloads be helpful for another? Do you think that your ML workload will behave same way as e.g. Redis? This presentation delves deep into CPU internals, memory types (DRAM, HBM, CXL), and diverse cache/core types and layouts. Explore recent hardware advancements and their impact on workloads. We'll examine native compute resource allocation strategies from a hardware point of view, crucial for enhancing workload performance and optimising energy usage and cost efficiency. Join and learn details of the modern hardware architecture that gives you a framework to make more informed choices on hardware resource optimisation for your infrastructure.
Speakers
avatar for Alexander Kanevskiy

Alexander Kanevskiy

Principal Engineer, Cloud Orchestration Software, Intel Finland
Alexander is currently employed by Intel as Principal Engineer, Cloud Software, focusing on various aspects in Kubernetes: Resource Management, Device plugins for hardware accelerators, Cluster Lifecycle and Cluster APIs. Alexander has over 25+ years of experience in areas of Linux... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 254
  Emerging + Advanced

11:15am MST

SIG Network Intro and Updates - Daman Arora, VMware by Broadcom; Shaun Crampton, Tigera; Nadia Pinaeva & Dan Winship, Red Hat; Antonio Ojea, Google;
Wednesday November 13, 2024 11:15am - 11:50am MST
SIG Network is responsible for networking for Kubernetes clusters, and there's never a shortage of interesting problems to solve in this space. In this session we'll provide some updates about SIG Network as a whole, including: * status and progress of core networking components * status and progress of sub-projects * considerations for the future If you're interested in hearing about what's going on in the networking space, or maybe even interested in joining the SIG and finding a place to contribute, please join us!
Speakers
avatar for Dan Winship

Dan Winship

Senior Principal Software Engineer, Red Hat
Dan is a Tech Lead for Kubernetes SIG Network and has been working on Kubernetes and OpenShift networking at Red Hat since 2016.
avatar for Antonio Ojea

Antonio Ojea

Software Engineer, Google
Antonio Ojea is a Software Engineer at Google, where he works on Kubernetes. He is one of the top contributors of the Kubernetes project, with a stronger presence on the areas of networking and reliability. He has a vast experience in Open Source, networking and distributed systems... Read More →
avatar for Nadia Pinaeva

Nadia Pinaeva

Senior Software Engineer, Red Hat
Nadia Pinaeva is a Senior Software Engineer at Red Hat working on Openshift Networking. She collaborates with the SIG-network-policy to improve network security for Kubernetes clusters, and works on ovn-kubernetes network plugin.
avatar for Shaun Crampton

Shaun Crampton

Distinguished Engineer, Tigera
Shaun is a Distinguished Software Engineer at Tigera, looking after Project Calico's iptables and eBPF dataplanes. Before joining the Tigera team, Shaun worked on a number of Software Defined Networking products and cloud scale applications. He holds an MA in Computer Science from... Read More →
avatar for Daman Arora

Daman Arora

Software Engineer, VMware by Broadcom
Trying to maintain kube-proxy.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 3| 355 BC

11:15am MST

The Spice Must Flow Green: CNCF's Environmental Sustainability TAG - Marlow Warnicke (Weston), SchedMD & Saiyam Pathak, Loft Labs
Wednesday November 13, 2024 11:15am - 11:50am MST
The carbon must be counted. In the Environmental Sustainability TAG, we focus on current and emerging technologies regarding carbon measurement and minimization. As our digital landscape grows, so does its impact on the environment—a factor often overlooked in the pursuit of technological advancement, such as AI. Traditionally, companies focused primarily on financial metrics. However, with increasing awareness of climate issues, stricter regulations, and rising energy costs, environmental impact is now a crucial consideration. We highlight the Green Reviews Working Group and our project to measure impact. We're developing a pipeline that works with current tooling, such as Kepler, to measure the power consumption of CNCF Projects. We explore how to measure energy consumption and emissions of software projects. We also give the status of other projects, such as the sustainability landscape, initiatives such as our sustainability week, and collaborative organisations.
Speakers
avatar for Saiyam Pathak

Saiyam Pathak

Principal Developer Advocate, Loft Labs
Saiyam is working as Principal Developer Advocate at Loft Labs. He is the founder of Kubesimplify, focusing on simplifying cloud-native and Kubernetes technologies. Previously at Civo, Walmart Labs, Oracle, and HP, Saiyam has worked on many facets of Kubernetes, including machine... Read More →
avatar for Marlow Weston

Marlow Weston

Principal Cloud Engineer, SchedMD
Marlow is a Principal Cloud Engineer working on scheduling at SchedMD. She also is a chair for the CNCF Environmental Sustainability TAG. Marlow has expertise in resource management, the AI/ML Kubernetes cloud compute ecosystem, embedded systems, high performance compute system tools... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom A

11:15am MST

The State of Cloud Native Business Value in 2024 - Danielle Cook, appCD; Simon Forster, Stackegy; Catherine Paganini, Buoyant; Colin Griffin, Krumware; Robbie Glenn, Accenture
Wednesday November 13, 2024 11:15am - 11:50am MST
In 2024, what is the state of cloud native business value? We hear that it is marked by unprecedented growth and innovation, but is that what we are seeing? In this panel discussion hosted by the Cartografos Working Group, we provide an update on how organizations of all sizes are leveraging cloud native technologies to enhance agility, scalability, and cost efficiency. Key advancements go beyond technology alone. Panelists will discuss how cloud native is streamlining operations, accelerating time-to-market, realizing ROI through more efficient resource utilization and reduced operational overhead. Attendees will hear how cloud native can drive business goals including how cloud native platforms drive intelligent automation and data-driven decision-making. Attendees will hear how security and compliance frameworks have matured and how cloud native strategies are proving essential for competitive advantage and digital transformation across industries.
Speakers
RG

Robbie Glenn

Tech Architecture Manager, Accenture
avatar for Colin Griffin

Colin Griffin

CEO, Krumware
Colin Griffin is CEO at Krumware, and a Co-Chair of the CNCF Platforms Working Group. Colin Griffin is a software engineer by trade, specializing in cloud-native application and infrastructure development; with an emphasis on developer enablement and platform engineering. He founded... Read More →
avatar for Catherine Paganini

Catherine Paganini

Head of Marketing, Buoyant
Catherine Paganini is TAG Contributor Strategy Co-chair, CNCF Deaf & Hard of Hearing WG facilitator, CNCF Cloud Native Glossary founder, and Head of Marketing at Buoyant, the creator of Linkerd. A marketing leader passionate about open source, Catherine started her contributor journey... Read More →
avatar for Simon Forster

Simon Forster

Technical Architect and CNCF Ambassador, Independent
Simon Forster is a CNCF Ambassador and cloud native technology architect and engineer based in London. Simon has extensive experience working in heavily regulated financial institutions on the design, delivery and security of critical cloud native applications. He has a specific focus... Read More →
avatar for Danielle Cook

Danielle Cook

VP, appCD
Danielle Cook has worked in the cloud native industry since 2016 helping organizations adopt the technologies that make cloud native enterprise ready. She co-authored and launched the CNCF Cloud Native Maturity Model in 2021, is a co-chair of the CNCF Cartografos Working Group and... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

11:15am MST

TUF: Secure Distribution Beyond Software - Marina Moore, Independent
Wednesday November 13, 2024 11:15am - 11:50am MST
As organizations improve their software supply chain, they may encounter an influx of metadata: attestations, SBOMs, VEX statements, and more. Have you ever wondered how to securely distribute all of this information to end users? Enter TUF! The Update Framework (TUF), has paved the way for secure software updates throughout the cloud native ecosystem and beyond, and is being expanded to securely distribute signing keys, attestations, and more. TUF allows organizations to ensure that all of this data is up-to-date and resilient to tampering. The TUF project is constantly improving and this talk will highlight some of these improvements, from recent integrations by groups such as Docker and Github to an effort to provide conformance testing across various TUF implementations. The TUF project has an active team of maintainers and contributors that make all of these improvements possible, and we will discuss how you can get involved to keep making the project better.
Speakers
avatar for Marina Moore

Marina Moore

Independent
Marina Moore has a PhD from at NYU where she performed research into software supply chain security. This research focused on real-world application through open source contribution. She is an open source maintainer and active in open source communities through the CNCF and OpenSSF... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 3 | 355 EF

11:15am MST

Using Notary Project to Ensure Authenticity and Integrity of Artifacts Within the Enterprise - Toddy Mladenov, Microsoft & Tjark Rasche, Mercedes-Benz Tech Innovation GmbH
Wednesday November 13, 2024 11:15am - 11:50am MST
In this session, we will go over the steps and considerations the enterprise goes through to select a reliable and future-proof signing technology and improve the integrity and authenticity of their software artifacts. We will share the questions and constraints in the enterprise and how those were addressed by Notary Project. We will also provide an update on the latest features and the roadmap for Notary Project.
Speakers
avatar for Toddy  Mladenov

Toddy Mladenov

Principal Product Manager, Microsoft
Toddy has over 25 years of experience in software engineering and design, consulting, and product management for companies like Microsoft, T-Mobile, and SAP. He started his cloud journey 14 years ago as part of the Azure team. Since then, Toddy worked on large-scale cloud implementations... Read More →
avatar for Tjark Rasche

Tjark Rasche

Senior Software Engineer, Mercedes-Benz Tech Innovation GmbH
Tjark works as a Cloud Software Engineer at Mercedes-Benz Tech Innovation GmbH. He focuses on automating the cluster lifecycle, cluster security and integrating custom cluster addons with Kubernetes. He is also highly involved with the local Kubernetes community, founder of the Kubernetes... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:15am MST

Unlocking Cost Savings & New Possibilities: Your Guide to Prometheus Remote Write 2.0 - Callum Styan, Grafana Labs & Bartłomiej Płotka, Google
Wednesday November 13, 2024 11:15am - 11:50am MST
Prometheus Remote Write is the protocol used to send Prometheus metrics from Prometheus or any other metric source to compatible remote storage endpoints such as Thanos and Cortex. Remote Write is generally used for metric long term storage, centralization, and cloud services. It also enables users to run Prometheus in an agent mode, reducing local storage requirements. Welcome to Remote Write 2.0! In this talk, Bartek and Callum, Prometheus maintainers and RW2.0 spec. co-authors, will introduce you to the next iteration of the popular protocol which adds more functionality while cutting your egress costs up to 60%, and keeps the previous versions easy-to-implement stateless design! The audience will learn what's changed in the second version of Remote Write, what it unlocks, and how easy it is to update or adopt. Finally, the speakers will share the latest benchmarks and differences with the common alternatives.
Speakers
avatar for Bartłomiej Płotka

Bartłomiej Płotka

Senior Software Engineer, Google
Bartek Płotka is a Senior Software Engineer at Google. SWE by heart, with an SRE background, currently working on Cloud Observability. Previously Principal Software Engineer at Red Hat. Author of "Efficient Go" book with O'Reilly. As the co-founder of the CNCF Thanos project and... Read More →
avatar for Callum Styan

Callum Styan

Senior Software Engineer, Grafana Labs
Callum is a software engineer from Vancouver, Prometheus Team Member/Maintainer, and currently works on Loki at Grafana Labs.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability

11:15am MST

ARM-Wrestling: Overcoming CPU Migration Challenges to Reduce Costs - Laurent Bernaille & Eric Mountain, Datadog
Wednesday November 13, 2024 11:15am - 11:50am MST
When you have a significant cloud footprint, you always look for performance improvements and cost reductions. So when ARM instances became commonly available on one of our providers, seemingly providing great performance at a lower cost, we had to take a closer look! In this talk, we will first describe the steps we took to make our clusters ARM-ready and a few interesting issues we encountered during our initial tests: from performance regressions due to compiler behaviors to subtle memory corruption bugs. We will then discuss new challenges, in particular how to achieve load-balancing and auto-scaling when running workloads on a mix of CPUs with different performances, and share our results. If migrating real workloads to ARM proved challenging, it was worth the effort and we now run more than 50% of our workloads on ARM.
Speakers
avatar for Laurent Bernaille

Laurent Bernaille

Principal Engineer, Datadog
Laurent Bernaille worked several years as a consultant specializing in cloud, containers, and automation and helped organizations migrate to the public cloud and adopt containers. He is now Principal Engineer at Datadog and works closely with infrastructure teams, which are responsible... Read More →
avatar for Eric Mountain

Eric Mountain

Staff Engineer, Datadog
Eric Mountain began working with Kubernetes in 2014 helping Amadeus migrate to container and cloud technology. Eric is now a Staff Engineer in Datadog’s Compute team providing large scale Kubernetes to our internal users.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance
  • Content Experience Level Any

11:15am MST

All-Your-GPUs-Are-Belong-to-Us: An Inside Look at NVIDIA's Self-Healing GeForce NOW Infrastructure - Ryan Hallisey & Piotr Prokop PL, NVIDIA
Wednesday November 13, 2024 11:15am - 11:50am MST
GeForce Now is a game streaming platform used by 20+ million gamers worldwide. Kubernetes is at the core of its infrastructure powering game workloads and other containerized services and tools. The infrastructure includes many regional clusters with 10s of thousands of GPUs capable of supporting 100s of thousands concurrent gamers. To operate a large Kubernetes infrastructure efficiently, NVIDIA built a GPU maintenance API to enable automated lifecycle management of critical infrastructure components. When combined with a few operators, this API facilitates planning and coordination of crucial driver, GPU, and Kubernetes upgrades at an unprecedented scale, as well as empowering self-healing operators to detect and remediate failures to avoid outages. In this talk, we will share: - How K8s and KubeVirt powers Nvidia GeForce Now - Nvidia’s GPU Maintenance API solution - NVIDIA’s vision for doing automated GPU maintenance at scale in K8s
Speakers
avatar for Ryan Hallisey

Ryan Hallisey

Software Engineer, NVIDIA
Ryan is a software engineer at NVIDIA. He works on building data centers powered by Kubernetes and KubeVirt for NVIDIA products.
avatar for Piotr Prokop

Piotr Prokop

Senior Software Engineer, NVIDIA
Piotr is a Senior Software Engineer at NVIDIA. He works on running high performance workloads powered by Kubernetes for NVIDIA products.
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering

11:15am MST

AuthZEN: The “OpenID Connect” for Authorization - Omri Gazitt, Aserto
Wednesday November 13, 2024 11:15am - 11:50am MST
Today, the authorization world is fractured - each vendor supports its own APIs & protocols. But this is about to change. AuthZEN, a new OpenID Foundation working group, was created in late 2023 to establish authorization standards. OIDF is the home of OpenID Connect, the ubiquitous standard for federated login, and that’s where we’re setting our sights. In this talk, I'll describe the current state of cloud-native authorization, including the policy-as-code and policy-as-data approaches, and the various open source projects in each camp. I'll also share the progress we’ve made creating a single authorization API that works across both policy-as-code (OPA, Topaz) and policy-as-data (Zanzibar-style projects), present the API specs we've created so far, and show off the various interoperable implementations. With this foundation in place, engineering teams can be more confident in externalizing their authorization and picking a provider without being locked in to a proprietary API.
Speakers
avatar for Omri Gazitt

Omri Gazitt

Co-founder & CEO, Aserto
Omri is the co-founder/CEO of Aserto, an authorization startup, and his third entrepreneurial venture. He's spent the majority of his 30-year career working on developer and infrastructure technology, most recently as the CPO of Puppet. Previously he was the VP and GM of HP's Cloud... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 1 | 151
  Security
  • Content Experience Level Any

11:15am MST

GitOops... I Did It Again! Protecting Your GitOps System from Being Used for Privilege Escalation - Oreen Livni & Elad Pticha, Cycode
Wednesday November 13, 2024 11:15am - 11:50am MST
From data theft to privilege escalation in the Kubernetes cluster, you don't want to be the one telling your boss that your GitOps system has been compromised. This talk covers the security of GitOps tools, highlighting common misconfiguration pitfalls and how to avoid them. We will share the story of CVE-2024-31989, a critical vulnerability we discovered in the popular tool Argo. When installed with the default configuration, this vulnerability allowed privilege escalation from any access point to the cluster (such as a webshell) to complete cluster takeover. We will discuss common insecure configurations like this and provide examples from popular open-source projects to explain how your organization can protect itself from these risks. Attendees will receive a guide and practical tools to protect their GitOps systems against such threats.
Speakers
avatar for Elad Pticha

Elad Pticha

Security Researcher, Cycode
Elad is a passionate security researcher with a focus on software supply chain and web application security. He dedicates his time to writing security research tools and finding vulnerabilities across a broad spectrum, from open-source projects and web applications to IoT devices... Read More →
avatar for Oreen Livni

Oreen Livni

Security Researcher, Cycode
Oreen Livni is a passionate security researcher specializing in application and supply chain security, Domain, and networking. With a focus on software supply chain vulnerabilities. Alongside his professional commitments, he immerses himself in art, gardening, and the world of surfing... Read More →
Wednesday November 13, 2024 11:15am - 11:50am MST
Salt Palace | Level 2 | 250
  Security
  • Content Experience Level Any

11:15am MST

Tutorial: A Mad Scientist's Guide to Automating CNI with Generative AI - Doug Smith, Red Hat, Inc
Wednesday November 13, 2024 11:15am - 12:45pm MST
Ready to make Kubernetes networking a little easier and a lot more fun? Join Doug for an experiment in configuring CNI (Container Networking Interface) using generative AI. Despite being advised by data scientists to avoid automating machine configurations with generative AI, Doug went into the mad scientist's lab (err, basement) and tested how often a workflow could generate CNI configurations that would establish network connectivity between pods – and the success rate might surprise you. In this session, you'll automate CNI configurations using a large language model (LLM) and gain experience with a nifty tech stack: Ollama for running a containerized LLM, Kubernetes, CNI, and some script wizardry to create your own auto-configurator. Best yet? No prior CNI or AI/ML knowledge needed, and you'll learn along the way! Just in case, have contingency plans ready should any Skynet or Space Odyssey 2001 scenarios arise during the tutorial.
Speakers
avatar for Doug Smith

Doug Smith

Principal Engineer, Red Hat, Inc
Doug Smith is a Principal Software Engineer for OpenShift Engineering at Red Hat. Focusing on Network Function Virtualization and container technologies, Doug integrates new networking technologies with container systems like Kubernetes and OpenShift. He is a member of the Network... Read More →
Wednesday November 13, 2024 11:15am - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom G
  Tutorials, Cloud Native Novice

12:10pm MST

AI and ML: Let’s Talk About the Boring (yet Critical!) Operational Side - Rob Koch, Slalom Build & Milad Vafaeifard, Epam
Wednesday November 13, 2024 12:10pm - 12:45pm MST
As AI and ML become increasingly prevalent, it’s worth looking harder at the operational side of running these applications. We need a lot of compute and access to GPU workloads. We also need to be reliable, while providing rock-solid separation between datasets and training processes. And we need great observability in case things go wrong, and must be simple to operate. Let's build our ML applications on top of a service mesh instead of spending resources reimplementing the wheel – or, worse, the flat tire. Join us for a lively, informative, and entertaining look at how a service mesh can solve real-world issues with ML applications while making it simpler and faster to actually get things done in the world of ML. Rob Koch, Principal at Slalom Build, will demonstrate how you can use Linkerd together with multiple clusters to develop, debug, and deploy an ML application in Kubernetes (including IPv6 and GPUs), with special attention to multitenancy and scaling.
Speakers
avatar for Rob Koch

Rob Koch

Principal, Slalom Build
A tech enthusiast who thrives on steering projects from their initial spark to successful fruition, Rob Koch is Principal at Slalom Build, AWS Hero, and Co-chair of the CNCF Deaf and Hard of Hearing Working Group. His expertise in architecting event-driven systems is firmly rooted... Read More →
avatar for Milad Vafaeifard

Milad Vafaeifard

Lead Software Engineer, Epam
Milad Vafaeifard, a Lead Software Engineer at EPAM Systems, has 9+ years of web design and development expertise. Deaf but undeterred, he is the creative force behind Sign Language Tech and an active contributor to a YouTube channel focused on tech content for the signing tech community... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 BC
  AI + ML
  • Content Experience Level Any

12:10pm MST

Operationalizing High-Performance GPU Clusters in Kubernetes: A Case Study of Databricks' DBRX - Will Gleich & Wai Wu, Databricks
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Training large language models (LLMs) on GPUs within Kubernetes environments involves significant configuration and complexity, often leading to unique failure scenarios. This presentation will cover the lessons learned from training DBRX, a state-of-the-art LLM, that we developed on a 400-node cluster with a primary workload utilizing 3072 GPUs and the tooling needed to measure and maintain a healthy fleet of nodes and underlying interconnect fabric. This will include: * How we implemented GPU health detection leveraging Prometheus and DCGM Exporter * How we monitor GPU Direct Remote Direct Memory Access (GDRDMA) and the challenges of monitoring components that bypass CPU * Discussion of failure scenarios during training, and how they were addressed Databricks Mosaic AI Training leverages GPU clusters across many cloud providers to maximize availability; we will also discuss the variations we see and how we had to engineer around them.
Speakers
WW

Wai Wu

Databricks
avatar for Will Gleich

Will Gleich

Sr. DevOps Engineer, Databricks
Will Gleich is a Sr. DevOps engineer at Databricks specializing in MLOps and Site Reliability Engineering.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

12:10pm MST

Beyond 'Can You Mentor Me?' - Crafting the Contribution Ladder - Nitish Kumar, Akuity; Wenjia Zhang, Google; Lucas Käldström, Upbound; Carol Valencia, Elastic; Nabarun Pal, Broadcom
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Mentorship, a cornerstone of the community's success, offers a transformative path to growth and development. However, finding the right mentor and building a successful mentorship relationship can be challenging. This panel discussion brings together experienced mentors from diverse roles within the Kubernetes community including maintainers, tech leads, and committee members. The panel members will share their insights on how to get the most out of mentorship at different stages of your Kubernetes journey, as you climb the Contributor ladder. By the end of this panel, the audience will understand essential takeaways for effective mentorship at different contributor ladder marks. The project maintainers can take inspiration from how the Kubernetes project maintainers make use of various mentorship techniques such as Role Based Shadowing, Peer-to-Peer Learning, and Mentorship Cohorts that can help any project especially CNCF incubating projects stick new contributors to the project.
Speakers
avatar for Lucas Käldström

Lucas Käldström

Senior Software Engineer, Upbound
Lucas is a Kubernetes and cloud native expert who has been serving the CNCF community in lead positions for 6 years. He’s awarded Top CNCF Ambassador 2017 with Sarah Novotny. Lucas was a co-lead for SIG Cluster Lifecycle, co-created kubeadm, Weave Ignite, and ported Kubernetes to... Read More →
avatar for Wenjia Zhang

Wenjia Zhang

Engineering Manager, Google
Wenjia Zhang is an Engineer Manager at Google, working on Google Kubernetes Engine and Google Distributed Cloud. She is an active contributor for Kubernetes and etcd open source projects.
avatar for Nabarun Pal

Nabarun Pal

Kubernetes Maintainer, Independent
Nabarun is a Staff Software Engineer at VMware by Broadcom, a maintainer of the Kubernetes project, elected Kubernetes Steering Committee member and a chair of Kubernetes SIG Contributor Experience. He is a Release Manager for Kubernetes and has been the Kubernetes 1.21 Release Team... Read More →
avatar for Nitish Kumar

Nitish Kumar

Software Engineering Intern, Akuity
Nitish is a Software Engineer at Akuity and a CNCF Ambassador. In the past, Nitish has served as a Linux Foundation Mentee under the Kubernetes Release Engineering Team, where he built the OBS library that is used by the Kubernetes project to automate the process of managing release... Read More →
avatar for Carolina Valencia

Carolina Valencia

Customer Architect, Elastic
Carol is a passionate software developer dedicated to implementing secure cloud-native practices. She actively contributes to CNCF projects and the Kubernetes community as an open-source contributor. She enjoys learning new technologies and creating material, some of which she shares... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

12:10pm MST

Can Your Kubernetes Network Handle the Heat? Building Resilience with AI Chaos - Lior Lieberman, Google & Surya Seetharaman, Red Hat
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Kubernetes networking is complex with many APIs, numerous configurations and potential failure points. In the rapidly evolving world of cloud-native applications, ensuring your Kubernetes network can withstand unexpected failures is not just an advantage—it is a necessity. In this talk Surya and Lior, holding distinct leadership roles in Gateway API and NetworkPolicy API, will demonstrate how you can leverage AI-powered Chaos Engineering to stress test Gateways, NetworkPolicies, and Services on a live cluster! They will share their experiences and lessons learned from using Litmus and enhancing K8sGPT to design and execute AI Chaos experiments, as well as focusing on how you can proactively find gaps and bottlenecks in the network infrastructure. This is a great opportunity to learn from real-world disruption scenarios and participate in a collaborative discussion on how we can leverage AI to build robust Kubernetes Networks.
Speakers
avatar for Surya Seetharaman

Surya Seetharaman

Principal Software Engineer, Red Hat Inc.
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Principal Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems... Read More →
avatar for Lior Lieberman

Lior Lieberman

Site Reliability Engineer, Google
Lior is site reliability engineer at Google working on Google Compute Engine. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

12:10pm MST

When Life Gives You Containers, Make an Open Source RDS: A Kubernetes Love Story - Sergey Pronin, Percona
Wednesday November 13, 2024 12:10pm - 12:45pm MST
This isn't your typical technical talk. We'll take you on a step-by-step adventure, starting from a humble single database in a container and adding components one by one, just like we did. You'll witness firsthand how we tackled real-world challenges, from storage and scaling to monitoring and UI design, to create an Open Source Cloud Native database platform. You'll walk away with a deep understanding of how Kubernetes can be used to orchestrate complex and stateful applications (like databases clusters). Join us and discover how you can break free from vendor lock-in, save costs, and build a database that's truly yours. This is your chance to learn from our triumphs and tribulations, and be inspired to create your own open source success story.
Speakers
avatar for sergey pronin

sergey pronin

Product guy, Percona
Sergey is a passionate technology “driver”. After graduation worked in various fields: internet service provider, financial sector and M&A business. Main focal points were infrastructure and products around it. At Percona as a Group Product Manager drives forward Kubernetes and... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

12:10pm MST

Building Reliable Cross-Cloud Kubernetes Clusters on Spot Instances with Drafter and PVM - Felicitas Pojtinger, Loophole Labs
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Building Kubernetes clusters that span across multiple cloud providers prevents vendor lock-in and offers flexibility. Using spot instances can further cut costs by up to 90%, but they can terminate with only 30 seconds' notice. Traditionally, migrating VMs across cloud providers and CPUs to mitigate this has been challenging due to hardware constraints. PVM (Pagetable Virtual Machine) is an experimental kernel technology that changes this by enabling KVM without hardware assistance or emulation. Using the research paper, this session will explain how PVM works and how the open-source Drafter and Firecracker projects can use it to migrate VMs between cloud providers. The session includes a live demo of running Kubernetes components like the Kubelet, CRI, CSI and CNI inside VMs and migrating them in a heterogeneous EC2, GCP, and Azure environment. This allows evacuating a Kubernetes node and network without downtime if a spot instance is terminated or if another provider is cheaper.
Speakers
avatar for Felicitas Pojtinger

Felicitas Pojtinger

Software Developer, Loophole Labs
Felicitas Pojtinger is a software engineer working on all things cloud native. She has developed multiple popular OSS projects such as the WebRTC-based overlay networking tool weron, the Go network boot server bofied, the go-nbd library and more. Currently, she does research and development... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 254
  Emerging + Advanced

12:10pm MST

AI for Policy and Policy for AI! - Poonam Lamba, Google; Boris Kurktchiev, Nirmata; Andy Suderman, Fairwinds; Ronald Petty, RX-M; Jimmy Ray, Boeing Digital
Wednesday November 13, 2024 12:10pm - 12:45pm MST
As Kubernetes becomes the go-to for deploying AI, the need for strong governance and policies is critical. This panel will dive into how policies and AI intersect within Kubernetes. We'll explore challenges, best practices, and new standards for managing AI workloads to guarantee security, fairness, and transparency. We'll examine existing and new policy frameworks for governing AI workloads on Kubernetes, including industry standards and best practices. We'll also address security risks like data privacy and model integrity, and establish clear lines of accountability for AI workloads. This panel is ideal for engineers, operators, compliance officers, and anyone involved in deploying and managing AI workloads on Kubernetes.
Speakers
avatar for Ronald Petty

Ronald Petty

Consultant, RX-M
Ronald Petty is a consultant at RX-M, a global Cloud Native an AI advisory and training firm. Ronald works as a consultant/advisor/board-member for both for-profit and non-profit organizations focusing on technology and related policy issues. Additionally, he authors and edits technical... Read More →
avatar for Poonam Lamba

Poonam Lamba

Product Manager, Google
Poonam is a Product Manager at Google, where she leads Policy, Governance, and Compliance for GKE. An active contributor to the Kubernetes Policy Working Group and Gatekeeper project, she is passionate about open-source solutions. Outside of work, Poonam enjoys hiking, paddle boarding... Read More →
avatar for Andy Suderman

Andy Suderman

CTO, Fairwinds
Andy Suderman is CTO at Fairwinds, a managed Kubernetes-as-a-Service provider. Andy has worked with cloud native technologies for the last eight years helping organizations adopt and manage Kubernetes. Andy is the creator and primary developer of Goldilocks—an open source tool that... Read More →
avatar for Boris Kurktchiev

Boris Kurktchiev

Chief Plumber, Nirmata
In the world of tools, it's not 'one size fits all.' I'm the expert who always knows when to grab the hammer and when to reach for the screwdriver.
avatar for Jimmy Ray

Jimmy Ray

ISO, Boeing Digital
Underpinned by 30 years of technology, writing, and speaking experience, Jimmy Ray is recognized as a subject matter expert in Policy as Code, cloud-native computing, and software supply chain security.Jimmy is the author of Policy as Code - Improving Cloud Native Security, July 2024... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 3 | 355 EF

12:10pm MST

Best Friends Keep No Secrets: Going Secretless with Cert-Manager - Ashley Davis & Tim Ramlot, Venafi
Wednesday November 13, 2024 12:10pm - 12:45pm MST
In today's complex Kubernetes environments, managing secrets securely is a challenge. Traditional methods often involve complex configurations with secret vaults, secret syncing and secret backups. Regardless of which fancy technology is used, secrets always come with a risk of being leaked. Most of the secrets used in traditional applications can be replaced by short-lived certificates. Applications can prove to be the owner of a certificate without sharing any secrets. In Kubernetes, cert-manager can be used to provision these certificates to all applications without sharing any secret information. Table of contents: - Do we actually need secrets? Comparing authentication methods: static secrets vs short-lived secrets and proof of ownership - How to issue certificates using cert-manager without using [S|s]ecrets - Compatibility and other challenges
Speakers
avatar for Ashley Davis

Ashley Davis

Staff Software Engineer, Venafi
As a teenager, Ash taught himself to program after wondering how exactly video games were made. That led to adventures trawling through open source codebases, sparking an interest in computers spanning from bare-metal machine code right up to scalable distributed platforms like Kubernetes... Read More →
avatar for Tim Ramlot

Tim Ramlot

Senior Software Engineer - cert-manager maintainer, Venafi
Tim started working at Venafi as a software engineer after his graduation as computer science engineer at Ghent University. He learned about cert-manager and Venafi through a Google Summer of Code internship. His mission at Venafi is to advance his problem solving skills, whilst contributing... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

12:10pm MST

Dapr's Road Ahead: GenAI APIs, Distributed Scheduling at Scale and What It Means for Your Platform - Yaron Schneider, Diagrid
Wednesday November 13, 2024 12:10pm - 12:45pm MST
In this maintainer track we will cover the latest developments and updates of the Dapr project looking into 2025, focusing on how Dapr is adding APIs to abstract the complexities of interacting with LLM models at scale, a new distributed scheduling API and workflow engine that can serve millions of activities per second and how Dapr can be used by platform teams to provide golden paths for interacting with the underlying infrastructure
Speakers
avatar for Yaron Schneider

Yaron Schneider

CTO / Co-Founder at Diagrid, Dapr Co-Creator, Diagrid
Yaron co-created the CNCF projects Dapr and KEDA while at Microsoft and led the engineering architecture for serverless container platforms that run at scale using open source technologies. Yaron is an avid lover of open source tech and distributed systems, and is a co-founder and... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

12:10pm MST

Emissary-Ingress: Version 4 and the Road Ahead - Flynn, Buoyant
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Emissary-ingress 4.0 is shipping! This marks the first new major version in some years for Emissary, one of the first Kubernetes-native, self-service API gateways and ingress controllers, and it comes on the heels of some big changes in the project. In this session, we'll start with a quick overview of the need for ingress controllers in general, the benefits of self-service developer workflows, and how Emissary-ingress can help with these issues. We'll also talk about recent changes in the project, what Emissary 4 brings to the table, and how to get involved as a contributor, how to best offer feedback, and what's in store for the project in the future. Emissary's maintainer sessions are always great opportunities to talk directly with Emissary-ingress maintainers and make sure your voice is heard when it comes to the project's future -- looking forward to seeing you there!
Speakers
avatar for Flynn -

Flynn -

Tech Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering (from the kernel up through distributed applications, with a common thread of communications and security throughout... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

12:10pm MST

SIG Scheduling Intro & Updates - Aldo Culquicondor, Google & Kensei Nakada, Tetrate.io
Wednesday November 13, 2024 12:10pm - 12:45pm MST
SIG Scheduling is responsible for the components that make Pod scheduling decisions in a Kubernetes cluster, such as kube-scheduler for pod to node assignment, kueue for job queueing, Kwok for scheduling load testing, among other projects. In this session, you will learn the basics of these projects and how they can be extended. You will also learn about our recent advancements and ongoing work, such as higher scheduling throughput in kube-scheduler, fair sharing and hierarchical cohorts in Kueue and evaluating performance and scalability efficiently using Kwok.
Speakers
avatar for Aldo Culquicondor

Aldo Culquicondor

Sr. Software Engineer, Google
Aldo is a Senior Software Engineer at Google. He works on Kubernetes and Google Kubernetes Engine, where he contributes to kube-scheduler, the Job API and other features to support batch, AI/ML and HPC workloads. He is currently a TL at SIG Scheduling and an active member of WG Batch... Read More →
avatar for Kensei Nakada

Kensei Nakada

Software Engineer, Tetrate.io
Kensei Nakada is a platform engineer at Tetrate. In the community, he is a sig-scheduling approver, and a core maintainer of the project kube-scheduler-simulator and kube-scheduler-wasm-extension.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 3| 355 BC

12:10pm MST

Towards Zero Change Incidents: Intuit's Strategy for Implementing AI-Driven Progressive Delivery - Avik Basu & Saravanan Balasubramanian, Intuit
Wednesday November 13, 2024 12:10pm - 12:45pm MST
At Intuit, rapid development is essential for swift feature updates and fixes. Yet, 33% of last year's incidents were due to new deployments, highlighting the need for a progressive delivery system with automated rollback capabilities. However, traditional static thresholds fall short for Intuit's ~2500 services, each with unique patterns across multiple key performance metrics. To tackle this, Intuit has implemented an ML-based progressive delivery system that utilizes Prometheus to monitor multivariate metrics, offering a comprehensive view of application health and performance during deployments. The talk will present a case study application, identify its critical metrics, and showcase how Intuit leverages Numaproj and its out-of-the-box ML models to generate anomaly scores during deployments using Argo Rollouts. This strategy enables Intuit to quickly identify and address issues using AIOps techniques, ensuring a smooth and dependable customer experience.
Speakers
avatar for Saravanan Balasubramanian

Saravanan Balasubramanian

Staff Software Engineer, Intuit
Bala is the lead engineer and maintainer in Argo workflow project , Intuit- leading Argo workflow project for open source community and Intuit.
avatar for Avik Basu

Avik Basu

Staff Machine Learning Engineer, Intuit
Avik is a data scientist and machine learning engineer with expertise across multiple ML domains such as computer vision, natural language understanding, reinforcement learning, and time series. Currently, he leads the machine learning initiatives for open-source AIOps at Intuit... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability

12:10pm MST

Automated Multi-Cloud, Multi-Flavor Kubernetes Cluster Upgrades Using Operators - Ziyuan Chen, Databricks
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Databricks manages over a thousand k8s clusters across three major cloud providers which run critical workloads in cloud regions around the world. This talk describes the system we built to upgrade nodes’ operating system, k8s version, and other configs monthly, supporting EKS, AKS, GKE, and self-managed k8s. Our system is built on k8s operators and performs zero-downtime blue-green rolling updates, respects contracts with services with features like PDBs, maintenance windows, deferred node draining, and custom workload handling plugins. It enables easy rollbacks, has good observability, and incurs minimal human operational cost. This has allowed us to patch vulnerabilities and release infrastructure changes quickly and reliably across the fleet. We will also share our lessons learned on building several operators that work together using the controller-runtime framework, designing the declarative interfaces between them, and achieving consistent behavior across three clouds.
Speakers
avatar for Ziyuan Chen

Ziyuan Chen

Software Engineer, Databricks
Ziyuan Chen is a software engineer at Databricks. He has worked on Databricks' cloud platform and OS infrastructure.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

12:10pm MST

Automated Multi-Cloud Blue-Green Cluster Rotations: Zero Downtime Upgrades at Scale - Sourav Khandelwal, Databricks
Wednesday November 13, 2024 12:10pm - 12:45pm MST
I will present the system developed for cluster rotations across Databricks’ fleet of over a thousand cloud-managed k8s clusters on AWS, Azure, and GCP. Blue-green cluster rotations, or cluster swaps (upgrading by creating a new k8s cluster with a new version/configuration & shifting workloads from the old cluster), allow us to implement major infrastructure changes and upgrade k8s versions with low risk through staged rollouts, seamless rollbacks, zero downtime, and minimal operator intervention. Our system includes a k8s-style continuous reconciliation mechanism to manage cluster swap lifecycles, a fast and reliable cluster state change discovery system, and a k8s workload migration system. We will share methodologies and experiences in constructing this loosely coupled system that orchestrates product workloads and cloud provider APIs for automated cluster swaps. This session will explore the challenges faced, and the benefits of automating large-scale, multi-cloud k8s upgrades.
Speakers
avatar for Sourav Khandelwal

Sourav Khandelwal

Sr. Software Engineer, Databricks
I am a seasoned software engineer with over 10 years of experience in designing and managing large-scale platforms in cloud-native environments. At Databricks, my significant contributions have been pivotal in launching our next-generation cloud infrastructure that helped to transition... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering

12:10pm MST

The Hard Truth About GitOps and Database Rollbacks - Rotem Tamir, Ariga
Wednesday November 13, 2024 12:10pm - 12:45pm MST
For two decades now, the common practice for handling rollbacks of database schema migrations has been pre-planned "down migration scripts". A closer examination of this widely accepted truth reveals critical gaps that result in teams relying on risky, manual operations to roll back schema migrations in times of crisis. In this talk, we show why our existing tools and practices cannot deliver on the GitOps promise of "declarative" and "continuously reconciled" workflows and how we can use the Operator Pattern to build a new solution for robust and safe schema rollbacks.
Speakers
avatar for Rotem Tamir

Rotem Tamir

CTO, Ariga
Rotem Tamir (38), father of two. Co-founder and CTO of Ariga, co-maintainer of Atlas and Ent. Ex-data platform architect at Nexar, infrastructure team lead at ironSource.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 250
  SDLC

12:10pm MST

Breaking Free from Vulnerability Scanning Noise: Automated VEX Aggregation for Accuracy - Teppei Fukuda, Aqua Security Software Ltd.
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Vulnerability scanners detect known vulnerabilities in software dependencies, but often produce inaccurate results (false-positives) due to their inability to automatically determine if a vulnerability is actually exploitable. Vulnerability Exploitability eXchange (VEX) is an industry-wide initiative that aims to address this issue, but the lack of standardized distribution hinders its effective utilization. This talk introduces VEX Hub, a central repository that automatically aggregates VEX documents published by open-source projects. VEX Hub’s unique architecture makes it easy and practical for software maintainers to start adopting VEX, while at the same time making it seamless for scanners and users to incorporate VEX in their workflow. The presentation showcases a practical use case of VEX Hub with Trivy, an open-source security scanner that popularizes VEX thanks to VEX Hub and delivers more accurate and actionable scanning results to its users.
Speakers
avatar for Teppei Fukuda

Teppei Fukuda

Open Source Engineer, Aqua Security Software Ltd.
Teppei Fukuda is the creator of Trivy and works at Aqua Security as an Open Source Software Engineer. He has a wealth of software engineering experience working on network and security. Away from the work, he is an avid manga enthusiast, dreaming of reading every comic book in the... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 1 | 151
  Security
  • Content Experience Level Any

12:10pm MST

🚩 An Introduction to Capture The Flag - Andy Martin & Kevin Ward, ControlPlane
Wednesday November 13, 2024 12:10pm - 12:45pm MST
The Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon North America attendees. In preparation for getting started with the activity, you are invited to attend an introductory session.

This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together. Want to know more about the CTF? Learn more.
Speakers
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →
avatar for Kevin Ward

Kevin Ward

Principal Consultant, ControlPlane
Kevin is an Principal Consultant with over 10 years of experience designing, building and testing secure solutions for Government, Defence and Finance sectors. In his own time, Kevin enjoys hacking and hardening systems to discover the balance between security and usability. He co-authored... Read More →
Wednesday November 13, 2024 12:10pm - 12:45pm MST
Salt Palace | Level 2 | 255 A

12:45pm MST

Lunch 🍲
Wednesday November 13, 2024 12:45pm - 2:30pm MST
Wednesday November 13, 2024 12:45pm - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

1:15pm MST

Project Pavilion Tour with Orlin Vasilev, CNCF Ambassador
Wednesday November 13, 2024 1:15pm - 1:35pm MST
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise
Wednesday November 13, 2024 1:15pm - 1:35pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

2:30pm MST

Architecting the Future of AI: From Cloud-Native Orchestration to Advanced LLMOps - Ion Stoica, Anyscale
Wednesday November 13, 2024 2:30pm - 3:05pm MST
With the groundbreaking release of ChatGPT, large language models (LLMs) have taken the world by storm: they have enabled new applications, have exacerbated GPU shortage, and raised new questions about their answers’ veracity. This talk delves into an AI stack, encompassing cloud-native orchestration, distributed computing, and advanced LLMOps. Key topics include: - Kubernetes: The foundational technology that seamlessly manages AI workloads across diverse cloud environments. - Ray: The versatile, open-source framework that streamlines the development and scaling of distributed applications. - vLLM: The cutting-edge, high-performance, and memory-efficient inference and serving engine designed specifically for large language models. Attendees will gain insights into the architecture and integration of these powerful tools, driving innovation and efficiency in the deployment of AI solutions.
Speakers
avatar for Ion Stoica

Ion Stoica

Co-founder, executive chairman & president, Anyscale
Ion Stoica is a Professor in the EECS Department at the University of California at Berkeley, and the Director of SkyLab. He is currently doing research on cloud computing and AI systems. Past work includes Ray, Apache Spark, Apache Mesos, Tachyon, Chord DHT, and Dynamic Packet State... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 BC
  AI + ML
  • Content Experience Level Any

2:30pm MST

Optimizing LLM Performance in Kubernetes with OpenTelemetry - Ashok Chandrasekar, Google & Liudmila Molkova, Microsoft
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Large Language Models are increasing in popularity and their deployments on Kubernetes have steadily increased. LLM applications bring new usage patterns that the industry does not have the expertise in. At the same time, there is a lack of observability in these deployments which makes it difficult to debug performance issues. We will present an end to end walkthrough of how you can leverage client and server LLM observability using Open Telemetry based on the recent efforts in the Kubernetes and Open Telemetry communities to standardize these across LLM clients and model servers. We will also demonstrate how to troubleshoot a real-world performance issue in your LLM deployment and how to optimize your LLM server setup for better performance on Kubernetes. We'll show how to use Kubernetes autoscaling based on custom model server metrics and demonstrate how they offer a superior alternative to using GPU utilization metrics for such deployments.
Speakers
avatar for Liudmila Molkova

Liudmila Molkova

Principal Software Engineer, Microsoft
Liudmila Molkova is a Principal Software Engineer at Microsoft working on observability and Azure client libraries. She is a co-author of distributed tracing implementations across the .NET ecosystem including HTTP client instrumentation and Azure Functions. Liudmila is an active... Read More →
avatar for Ashok Chandrasekar

Ashok Chandrasekar

Senior Software Engineer, Google
Ashok Chandrasekar is a Senior Software Engineer at Google working on AI/ML experience for Google Kubernetes Engine. Previously he was a Staff Engineer at VMware where he led the cluster lifecycle management area for Tanzu Mission Control. He has 7 years of Kubernetes experience working... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

2:30pm MST

Choose Your Own Adventure: The Observability Odyssey - Whitney Lee, CNCF Ambassador & Viktor Farcic, Upbound
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Our hero, a running app in a secure K8s prod environment, knows they are destined for greater things! They’re serving end users, but currently, they have no idea what is going on. Are apps scaling correctly? Are automated deployments successful? What just went wrong, and how can it be fixed? Hero is desperate to escape this fog by adding CNCF tools for logs, metrics, traces, and dashboards. It is up to you, the audience, to guide our hero and help them grow from a lost and confused app to their final form⎯an app that knows their faults before their users do. In their fourth KubeCon ‘Choose Your Own Adventure’-style talk, Whitney and Viktor will present choices that an anthropomorphized app must make as they add observability to their cluster, enabling the ability to answer meaningful questions about their system. Throughout the presentation, the audience (YOU!) will vote to decide our hero's path! Can we navigate CNCF projects and add observability before the session time elapses?
Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a lead rapscallion at Upbound, a member of the CNCF Ambassadors, Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Whitney Lee

Whitney Lee

CNCF Ambassador
Whitney is a lovable goofball and a CNCF Ambassador who enjoys understanding and using tools in the cloud native landscape. Creative and driven, Whitney recently pivoted from an art-related career to one in tech. You can catch her lightboard streaming show ⚡️ Enlightning on her... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

2:30pm MST

Cilium, EBPF, WireGuard: Can We Tame the Network Encryption Performance Gap? - Daniel Borkmann & Anton Protopopov, Isovalent
Wednesday November 13, 2024 2:30pm - 3:05pm MST
To increase data security for cloud and hybrid cloud deployments, many companies, governments, standards, and tenders require data in transit to be protected. However, network encryption comes at a cost - what is the performance impact and how can we reduce it? In this session, we explore how network encryption can be efficiently enforced with Cilium, eBPF, and WireGuard. We dive deep into Cilium’s integration of WireGuard and elaborate on both the management plane and Cilium’s eBPF datapath. We analyze and benchmark what performance cost one can expect and explore opportunities in the Linux kernel to reduce that price. This talk is for operators and security teams that need to encrypt network traffic, but also want to minimize its overhead. The audience will walk away understanding whether network encryption needs to come at a high toll and whether there are opportunities for optimizations.
Speakers
avatar for Daniel Borkmann

Daniel Borkmann

Software Engineer, Isovalent at Cisco
Daniel Borkmann co-created eBPF and is a kernel developer at Isovalent working on eBPF, the Linux kernel and Cilium. He is a long-term Linux kernel core contributor in the eBPF and networking subsystem for over a decade and co-maintains eBPF and XDP. In his spare time, he loves to... Read More →
avatar for Anton Protopopov

Anton Protopopov

Software Engineer, Isovalent at Cisco
Anton is a software engineer at Isovalent, which is now part of Cisco.Anton is leading a team building new generation of Isovalent products and also participates in developing eBPF-based parts of Cilium stack and on eBPF support in the Linux Kernel.During his career, Anton played... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

2:30pm MST

AIStore as a Fast Tier Storage Solution: Enhancing Petascale Deep Learning Across Cloud Backends - Abhishek Gaikwad & Aaron Wilson, NVIDIA
Wednesday November 13, 2024 2:30pm - 3:05pm MST
As deep learning continues to evolve, the demand for handling petascale datasets efficiently becomes paramount. Current cloud storage solutions often struggle with the speed (throughput) and cost-effectiveness required for these massive datasets, particularly due to the random access needs of machine learning workloads. This talk introduces AIStore (AIS) as a fast-tier storage solution designed to overcome these challenges by offering a fast, scalable, cost-effective tier for deep learning data. AIS features linear scalability with each added storage node - in fact, with each added drive. In this presentation, we will explore the architecture and benefits of AIStore, focusing on its linear scalability and high performance. This session will feature detailed benchmarks and use cases comparing the performance of accessing cloud datasets with and without AIStore, highlighting AIS's ability to deliver high per-GPU throughput and stable latencies.
Speakers
avatar for Abhishek Gaikwad

Abhishek Gaikwad

Software Engineer, NVIDIA
Abhishek Gaikwad is a Software Engineer at NVIDIA with a Master of Science degree in Computer Science from San Jose State University. As a key developer and maintainer of AIStore, Abhishek has played a crucial role in its design, development, and management. His contributions include... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

2:30pm MST

Cloud Native Sustainability Speedrun: Tools from Infrastructure to Application Level - Saiyam Pathak, Loft Labs & Saloni Narang, Kubesimplify
Wednesday November 13, 2024 2:30pm - 3:05pm MST
The cloud native sustainability landscape is rising rapidly with new tools that are solving new challenges. This session will provide a quick overview of the latest tools & initiatives within the landscape. The speaker will dive into different sections, from infrastructure to application, and cover tools within the landscape. They will explore key tools like Kepler for energy consumption monitoring, KubeGreen for scaling down deployments, Scaphandre for detailed power usage metrics, & Cloud Carbon Footprint for tracking and reducing carbon emissions. This talk will showcase the practical application of these tools, demonstrating how they can be integrated to create a comprehensive sustainability strategy. Attendees will learn landscape segmentation & how they can use it for their cloud native applications today in order to track & reduce their carbon emissions effectively. This talk will offer how these tools can be used together to make cloud native deployments more sustainable.
Speakers
avatar for Saiyam Pathak

Saiyam Pathak

Principal Developer Advocate, Loft Labs
Saiyam is working as Principal Developer Advocate at Loft Labs. He is the founder of Kubesimplify, focusing on simplifying cloud-native and Kubernetes technologies. Previously at Civo, Walmart Labs, Oracle, and HP, Saiyam has worked on many facets of Kubernetes, including machine... Read More →
avatar for Saloni Narang

Saloni Narang

Independent DevRel, Kubesimplify
Saloni is working as an independent DevRel, helping companies to form their DevRel strategies. Previously she worked at SAP Labs and has worked on different cloud tools including GCP,Oracle, & AWS. She loves to learn about new open-source tools in the CNCF landscape. She has been... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 254
  Emerging + Advanced

2:30pm MST

Guiding Kubernetes: The Steering Committee's Role in Project Evolution - Maciej Szulik, Red Hat
Wednesday November 13, 2024 2:30pm - 3:05pm MST
The Kubernetes Steering Committee plays a crucial role in overseeing the non-technical aspects of the Kubernetes project and making important project-wide decisions. The committee has a wide scope of working and responsibilities. The committee has evolved over the years. In this session, let’s take a look at how the committee came to be created, the bootstrap era, how it works now and what’s in store for the future. We will have excerpts from our emeritus members who served to shape the goals and vision of the steering committee. We will explore how you can leverage our learnings to enhance the governance of your own cloud native projects. If you are eager to gain insights or have queries about the governance journey of the Kubernetes project, we encourage you to drop by and engage in an insightful discussion.
Speakers
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

2:30pm MST

Harbor Project - The Maintainers Session What We Have Accomplished! - Orlin Vasilev, SUSE; Vadim Bauer, 8gears Container Registry; Miner Yang, Daniel Jiang & Yan Wang, Broadcom
Wednesday November 13, 2024 2:30pm - 3:05pm MST
In Harbor v2.11, we've successfully integrated SBOM (Software Bill of Materials) within the platform, enhancing our security and compliance capabilities. We're also exploring innovative trends in AI, such as an AI-assisted registry (not to be confused with an AI-integrated bot). Join Vadim and Orlin as they guide you through the latest developments in the Harbor project, along with some exciting side projects within our community that you may find intriguing. This session is a perfect opportunity for software engineers and DevOps professionals to dive into Harbor's advancements and explore new possibilities together. We invite you to join us for firsthand information about what's coming next in Harbor and learn how you can actively contribute to the project. Together, let's make Harbor even better!
Speakers
avatar for Miner Yang

Miner Yang

CNCF Project Harbor Contributor, Member of VMware Kubernetes techinal staff, Broadcom
Join Cloud Native and Harbor team 2 years ago, Developer of Harbor, Harbor-helm and Harbor Carvel Package.
YW

Yan Wang

Broadcom
avatar for Orlin Vasilev

Orlin Vasilev

Principal Open Source Technology Advocate, SUSE
Orlin Vasilev is Principal Open Source Technology Advocate and Community Manager for Project Harbor as part of the Cloud Native team at SUSE. Second term CNCF Ambassador and driving the CNCF Meetup Group(~1.7 K members) in Bulgaria. KubeCon CfP review board member. Previously SysAdmin/Dev/SRE/System... Read More →
avatar for Vadim Bauer

Vadim Bauer

Harbor Maintainer, 8gears Container Registry
Vadim Bauer is a Container Silverback with over a decade of experience in running containers in production. As a maintainer of the CNCF project Harbor, he focuses on extending the boundaries of OCI artifact management, adoption, and developer experience. At 8gears, Vadim helps cloud... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF

2:30pm MST

Kubernetes Data Protection WG Deep Dive - Dave Smith-Uchida, Veeam
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Data Protection WG is dedicated to promoting data protection support in Kubernetes. The Working Group is working on identifying missing functionalities and collaborating across multiple SIGs to design features to enable data protection in Kubernetes. In this session, we will discuss what is the current state of data protection in Kubernetes and where it is heading in the future. We will also talk about how interested parties (including storage and backup vendors, cloud providers, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.
Speakers
avatar for Dave Smith-Uchida

Dave Smith-Uchida

Technical Leader, Veeam
Dave has been a leader in data protection for Kubernetes for the last several years. In addition to his work at Veeam on K10, he is a founding member of the Kubernetes Data Protection Working Group and was formerly the architect for the Velero Open Source Kubernetes backup project... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

2:30pm MST

Kubernetes WG Device Management - Advancing K8s Support for GPUs - John Belamaric, Google; Patrick Ohly, Intel; Kevin Klues, NVIDIA
Wednesday November 13, 2024 2:30pm - 3:05pm MST
The goal of the recently formed WG Device Management is to enable simple and efficient configuration, sharing, and allocation of accelerators (such as GPUs and TPUs) and other specialized devices. This working group focuses on the APIs, abstractions, and feature designs needed to configure, target, and share the necessary hardware for both batch and serving (inference) workloads. The current focus of the working group is the Dynamic Resource Allocation (DRA) feature. Come to this talk to learn what we have delivered in Kubernetes 1.31, what is coming in 1.32 and beyond, and how you can influence the roadmap for Kubernetes support of accelerated workloads.
Speakers
avatar for Patrick Ohly

Patrick Ohly

Principal Engineer, Intel
Patrick Ohly is a software engineer at Intel GmbH, Germany. In the past he has worked on performance analysis software for HPC clusters ("Intel Trace Analyzer and Collector") and cluster technology in general (PTP and hardware time stamping). Since January 2009 he has worked for Intel... Read More →
avatar for Kevin Klues

Kevin Klues

Distinguished Engineer, NVIDIA
Kevin Klues is a distinguished engineer on the NVIDIA Cloud Native team. Kevin has been involved in the design and implementation of a number of Kubernetes technologies, including the Topology Manager, the Kubernetes stack for Multi-Instance GPUs, and Dynamic Resource Allocation (DRA... Read More →
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John is a Sr Staff SWE, co-chair of K8s SIG Architecture and of K8s WG Device Management, helping lead efforts to improve how GPUs, TPUs, NICs and other devices are selected, shared, and configured in Kubernetes. He is also co-founder of Nephio, an LF project for K8s-based automation... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:30pm MST

SIG-Multicluster Intro and Deep Dive - Jeremy Olmsted-Thompson & Laura Lorenz, Google; Ryan Zhang, Microsoft; Stephen Kitt, Red Hat
Wednesday November 13, 2024 2:30pm - 3:05pm MST
SIG-Multicluster is focused on solving common challenges related to the management of many Kubernetes clusters, and applications deployed across many clusters, or even across cloud providers. In this session, we'll give attendees an overview of the current status of the multi-cluster problem space in Kubernetes and of the SIG. We’ll discuss current thinking around best practices for multi-cluster deployments and what it means to be part of a ClusterSet. Then we’ll highlight current SIG projects, focused use cases, and ideas for what’s next. Most importantly, we’ll provide information on how you can get involved either as a contributor or as a user who wants to provide feedback about the SIG's current efforts and future direction. Bring your questions, problems, and ideas - help us expand the multi-cluster Kubernetes landscape!
Speakers
avatar for Stephen Kitt

Stephen Kitt

Senior Principal Software Engineer, Red Hat
Stephen is one of the maintainers of the Submariner project, providing connectivity and service discovery across multiple Kubernetes clusters. He is a long-time open source contributor, and has been at Red Hat since 2015, working on OpenDaylight and Submariner.
avatar for Jeremy Olmsted-Thompson

Jeremy Olmsted-Thompson

Principal Engineer, Google
Jeremy is a software engineer who works on Google Kubernetes Engine. His main focus is on simplifying the Kubernetes experience, and making it as easy as possible to deploy applications both within a cluster with things like GKE Autopilot, and across clusters with multi-cluster solutions... Read More →
avatar for Laura Lorenz

Laura Lorenz

SWE, Google
Laura Lorenz is a software engineer at Google. She is an active member of Kubernetes’ upstream focused on SIG-Multicluster, SIG-Node, and releases.
avatar for Ryan Zhang

Ryan Zhang

Principal Software Engineering Manager, Microsoft
Dr. Ryan Zhang is a Principal Software Engineering Manager at Microsoft, working on Azure Kubernetes Service Team. Ryan has been working on Cloud Native open source projects for the past few years including CloudEvents, Open Application Model (OAM) and multi-cluster related initi... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC

2:30pm MST

Unifying Observability: Correlating Metrics, Traces, and Logs with Exemplars and OpenTelemetry - Kruthika Prasanna Simha & Charlie Le, Apple
Wednesday November 13, 2024 2:30pm - 3:05pm MST
In modern distributed systems, observability is key to understanding application performance and behavior. While metrics, traces, and logs each provide valuable insights, their true power is realized when they are correlated. This talk will dive into the practical benefits and implementation of correlating these signals with exemplars using the OpenTelemetry SDK and Collector, and showcase the results in Grafana. Attendees will learn how to leverage OpenTelemetry to create exemplars which will allow them to navigate from either logs or metrics to their traces.
Speakers
avatar for Kruthika Prasanna Simha

Kruthika Prasanna Simha

Senior Software Engineer, Apple
Kruthika is a software engineer at Apple specializing in building ML enabled observability solutions. She holds a Masters in Computer Engineering and has specialized in Machine Learning. In her free time, she likes to dabble with Jupyter Notebooks for running experiments with data... Read More →
avatar for Charlie Le

Charlie Le

Senior Software Engineer, Apple
Charlie is a software engineer at Apple, specializing in building and scaling cloud native observability solutions and infrastructure. Deeply inspired by the collaborative spirit of open source, he actively contributes to projects like Cortex and OpenTelemetry, shaping the future... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability

2:30pm MST

Does My K8s Application Need CPR? Performance Evaluation of a Multi-Cluster Workload Management App - Braulio Dumba & Ezra Silvera, IBM
Wednesday November 13, 2024 2:30pm - 3:05pm MST
KubeStellar (KS) is an open-source Kubernetes multi-cluster workload configuration management system that can be used to manage AI workloads in multi-cluster environments. Hence, understanding KS performance is crucial especially when managing resource intensive AI workloads. In this talk, we will present our experience in analyzing the performance metrics of KS across several dimensions of scalability (e.g., number of bindingPolicies, workload description spaces and number of managed remote clusters) and challenges that arise when conducting performance experiments in a multi-cluster environment. Our insights will demonstrate the utility of benchmarking the performance of a multi-cluster Kubernetes workload management application. Additionally, in this talk, we will demonstrate the usefulness of using several opensource tools such as clusterloader2, kube-burner & kwok to evaluate the performance of multi-cluster Kubernetes management applications.
Speakers
avatar for Ezra Silvera

Ezra Silvera

Senior Technical Staff Member, IBM
Ezra Silvera is a Senior Technical Staff Member at IBM Research. His interests include distributed systems, cloud management, and cloud infrastructure. Ezra is passionate about open-source technologies and has been involved in several notable open source projects such as Docker, KubeVirt... Read More →
avatar for Braulio Dumba

Braulio Dumba

Staff Research Scientist, IBM
Dr. Braulio Dumba is a Staff Research Scientist at IBM Research. In 2018, he joined IBM under the Hybrid Cloud organization. His current research is focus on edge computing and hybrid cloud computing. Dr. Dumba earned a Ph.D. in Computer Science from University of Minnesota, Twin... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

2:30pm MST

Better Pod Availability: A Survey of the Many Ways to Manage Workload Disruptions - Zach Loafman, Google
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Kubernetes Pods are ephemeral, but some are more ephemeral than others. Kubernetes provides a dizzying array of options to manage and handle Pod disruption. From PodDisruptionBudgets, to "safe-to-evict" annotations, GracefulTermination timeouts and more, it can be incredibly hard to determine the optimal solution for handling Pod disruption and how to manage gracefully terminating your application. Thankfully, due to the extensible nature of Kubernetes we can build CRDs and controllers that can simplify these complex topics for end users. In this talk, we'll present an in-depth analysis of the built-in options and how they work (or don't). While this problem is not unique to game-serving, we'll deep-dive and explain how Agones (an open-source session orchestration system layered on Kubernetes) solves this problem with a simple abstraction to hide the complexity!
Speakers
avatar for Zach Loafman

Zach Loafman

Staff Software Engineer, Google
Zach leads Google’s GKE Games team. He was previously lead of the Kubernetes Control Plane team for GKE, lead of the GKE Cluster Lifecycle team, worked on Kubernetes prior to GA, and was one of the founding members of the Google Kubernetes Engine team.
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering

2:30pm MST

Secure by Design CI/CD: Practical Insights from Adobe and Autodesk - Vikram Sethi, Adobe Inc. & Jesse Sanford, Autodesk
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Worried that your CI/CD pipelines and developer workflows are insecure? Lost in security buzzwords like SBOMs, provenance, attestation, SLSA, OpenSSF, and more? Seeking a clear, actionable reference architecture to secure your pipeline? Whether you are just getting started on your Software Supply Chain Security journey, or are ready to take it to the next level navigating this diverse ecosystem is challenging. Join Vikram and Jesse as they present a reference architecture for secure-by-default CI/CD pipelines and show you effective security controls at every step. See firsthand how these industry giants safeguarded their pipelines while maintaining agility and innovation. This talk will showcase their work, and the work of the CNOE (Cloud Native Operational Excellence) group, which aims to build a paved path through this problem space by producing opinionated software collections or “CNOE stacks” that can be adapted to meet you where your technology is.
Speakers
avatar for Jesse Sanford

Jesse Sanford

Software Architect, Autodesk
Jesse is a lifelong software engineer focused on site reliability and Infosec. Currently architecting the juncture of platform engineering and security/compliance for Autodesk's Developer Enablement team. He regularly contributes to open source and frequently speaks about his work... Read More →
avatar for Vikram Sethi

Vikram Sethi

Principal Scientist, Adobe Inc.
Vikram is a Principal Scientist in the Developer Platforms organization at Adobe. Vikram has been architecting and building the Developer Experience for Adobe's Internal Developer Platform for the last few years. In the last year or so, Vikram has been working on rearchitecting Adobe's... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 250
  SDLC
  • Content Experience Level Any

2:30pm MST

Bridging Clouds: TikTok’s Blueprint for Unified OIDC Access on Multi-Cloud Kubernetes - Naveen Mogulla, TikTok
Wednesday November 13, 2024 2:30pm - 3:05pm MST
As businesses embrace increasingly complex multi-cloud environments, managing access across diverse Kubernetes setups becomes paramount. At TikTok, we faced the challenge of unifying OpenID Connect (OIDC) access for Kubernetes clusters across GKE, EKS, OKE and on-prem clusters each providing different levels of support and integration. This talk will detail our journey to develop a scalable, centralized OIDC framework using a reverse proxy approach, ensuring seamless authentication and authorization across different cloud providers. We will discuss our architectural strategy, highlighting how we leveraged Envoy for request handling and dynamic configuration with external authorization filters to accommodate diverse OIDC implementations. Discover how TikTok overcame identifying OIDC discrepancies among providers to implementing a unified solution that not only simplifies k8s access management but also reinforces security and compliance across our global, multi-cloud infrastructure.
Speakers
avatar for Naveen Mogulla

Naveen Mogulla

Tech Lead, TikTok
Naveen Mogulla is a Tech Lead at TikTok kubernetes edge platform team. He has worked in Infrastructure engineering for almost 13+ years. He is also the main contributor to the AWS IAM operator in the keiko project. He was part of the Intuit core team which created multiple open source... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 151
  Security

2:30pm MST

🚩 An Introduction to Capture The Flag - Andy Martin & Kevin Ward, ControlPlane
Wednesday November 13, 2024 2:30pm - 3:05pm MST
The Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon North America attendees. In preparation for getting started with the activity, you are invited to attend an introductory session.

This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together. Want to know more about the CTF? Learn more.
Speakers
avatar for Kevin Ward

Kevin Ward

Principal Consultant, ControlPlane
Kevin is an Principal Consultant with over 10 years of experience designing, building and testing secure solutions for Government, Defence and Finance sectors. In his own time, Kevin enjoys hacking and hardening systems to discover the balance between security and usability. He co-authored... Read More →
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →
Wednesday November 13, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 A

2:30pm MST

Tutorial: Confidential Containers 101: A Hands-on Workshop - Archana Choudhary & Suraj Deshmukh, Microsoft
Wednesday November 13, 2024 2:30pm - 4:00pm MST
As traditional enterprises with stringent data protection requirements become cloud-native and migrate to Kubernetes on public clouds, they are wondering: “Is my data secure on this shared hardware? Can someone with a host access snoop on my data?” And especially, with the upcoming Digital Operational Resilience Act (DORA) in Europe mandating data protection in use, it’s crucial for users to familiarize themselves with solutions like Confidential Containers (CoCo), a CNCF sandbox project. In this, first of its kind, hands-on workshop we’ll dive deep into using CoCo with k8s. We’ll explore real-world challenges, such as ensuring data confidentiality from platform owners (cloud providers), and show you how to overcome them. Through practical exercises, you’ll learn to set up CoCo and secure your containerized workloads, turning theory into practice. Attendees will discover streamlined practices, find robust protection mechanisms, and gain strategic insights into adopting CoCo.
Speakers
avatar for Suraj Deshmukh

Suraj Deshmukh

Senior Software Engineer, Microsoft
Suraj is working on Confidential Containers open-source project for Microsoft. He has been working with Kubernetes since version 1.2. He is currently focused on integrating Kubernetes and Confidential Containers on Azure.
avatar for Archana Choudhary

Archana Choudhary

Ms, Microsoft
A software engineer who has been exploring cloud-native technologies, particularly focusing on confidential containers over the past several months.
Wednesday November 13, 2024 2:30pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom G
  Tutorials, Security

3:25pm MST

A Tale of 2 Drivers: GPU Configuration on the Fly Using DRA - Alay Patel & Varun Ramachandra Sekar US, Nvidia
Wednesday November 13, 2024 3:25pm - 4:00pm MST
NVIDIA’s GeForceNow is a cloud gaming service that allows users to stream video games from NVIDIA's servers to a wide range of devices, including PCs, Macs, Android devices, iOS devices, and smart TVs. Under the hood, it is powered by Kubernetes running Kubevirt VMs. For a seamless user experience, GeForceNow dynamically switches GPU drivers to accommodate either passing through an entire GPU or slicing it into multiple virtual GPUs, all while keeping utilization close to 100% across the datacenter. This poses significant challenges when using the traditional device plugin API provided by Kubernetes. In this talk, we explore GeForce Now’s journey to transition away from the traditional device plugin API in favor of Dynamic Resource Allocation (DRA). We'll share valuable insights for anyone looking to perform a similar migration of their own. Join us to learn about the challenges, solutions, and best practices to help optimize your GPU-accelerated workloads in the cloud.
Speakers
avatar for Alay Patel

Alay Patel

Senior Software Engineer, Nvidia
Alay is a Senior Software Engineer at Nvidia where he works on cloud gaming service, exposing infrastructure for GPU workloads. He is passionate about open source with a focus on Kubernetes and platform engineering.
avatar for Varun Ramachandra Sekar US

Varun Ramachandra Sekar US

Senior Software Engineer, Nvidia
Developer by day, Dog whisperer by night.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 BC
  AI + ML

3:25pm MST

Optimizing Load Balancing and Autoscaling for Large Language Model (LLM) Inference on Kubernetes - David Gray, Red Hat
Wednesday November 13, 2024 3:25pm - 4:00pm MST
As generative AI language models improve, they are increasingly being integrated into business-critical applications. However, large language model (LLM) inference is a compute-intensive workload that often requires expensive GPU hardware. Making efficient use of these hardware resources in the public or private cloud is critical for managing costs and power usage. This talk introduces the KServe platform for deploying LLMs on Kubernetes and provides an overview of LLM inference performance concepts. Attendees will learn techniques to improve load balancing and autoscaling for LLM inference, such as leveraging KServe, Knative, and GPU operator features. Sharing test results, we will analyze the impact of these optimizations on key performance metrics, such as latency per token and tokens per second. This talk equips participants with strategies to maximize the efficiency of LLM inference deployments on Kubernetes, ultimately reducing costs and improving resource utilization.
Speakers
avatar for David Gray

David Gray

Senior Software Engineer, Red Hat
David Gray is a Senior Software Engineer on the Performance and Scale team at Red Hat. His role involves analyzing and improving AI inference workloads on Kubernetes platforms. David is actively engaged in performance experimentation and analysis of running large language models in... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML
  • Content Experience Level Any

3:25pm MST

Create & Distribute a Plugin for Kubernetes (Kubectl) in Few Minutes? Easy! 🙂 - Aurélie Vache, OVHcloud & Gaëlle Acas, Doctolib
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Kubectl is the most powerful tool that allow you to interact with the API Server of a Kubernetes cluster. We use it everyday to list the pods, deploy a service, scale a deployment to 5 replicas... but do you know that you can add custom features to the kubectl CLI? Indeed, Kubernetes is an extensibe world that allows you to extends most of its components (Network, Storage, Container runtime, webhooks … ) and even the kubectl CLI. In this talk, Gaëlle and Aurélie will show you how it can be easy to create a plugin in a few minutes. For that, they will create, in live, a plugin in Bash, to make our pods more user-friendly. But that's not all! The goal of this talk is also to share our awesome plugin with others and for that, Krew is “The place to be”. At the end of this talk you will have all the marbles in hand in order to be able to create & share your own plugin to the world or only to your internal teams. Ready? Create your own plugins!
Speakers
avatar for Gaëlle Acas

Gaëlle Acas

Site Reliability Engineer, Doctolib
Site Reliability Engineer at Doctolib & co-organiser of the CNCF Nantes meetup. As a cloud addict, I love playing with containers, surfing Dev&Ops skills and juggling the world of serverless. I also love to share and pass on my passion for code to our kids.
avatar for Aurélie Vache

Aurélie Vache

Developer Advocate, OVHcloud
Aurélie is a CNCF Ambassador, a Docker Captain & Google Developer Expert. She created a new visual way to learn & understand Cloud technologies: "Understanding Kubernetes/Istio/Docker in a visual way" in sketchnotes, books and videos. She has been working as a Developer & Ops for... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

3:25pm MST

Extending the Gateway API: The Power and Challenges of Policies - Kate Osborn, NGINX
Wednesday November 13, 2024 3:25pm - 4:00pm MST
From the beginning, the Gateway API has been designed to be extensible. With over 25 implementations to date, it’s crucial that these implementations have a way to support implementation-specific features without resorting to annotations. Among the various ways to extend the Gateway API, the Policy Attachment mechanism stands out as the most potent and challenging. In this session, we will explain what Policy Attachment is and share the lessons we learned at NGINX when implementing our own Policies. You will learn about: - The difference between direct and inherited policies. - How policy inheritance and merging works. - Corner cases, such as conflicting policies and invalid target refs. - Techniques to verify if a policy has been successfully applied. - Strategies for troubleshooting policies. We will show you examples of Gateway API policies as well as policies from multiple Gateway API implementations.
Speakers
avatar for Kate Osborn

Kate Osborn

Software Engineer, NGINX
Maintainer of NGINX Gateway Fabric. Kubernetes enthusiast since 2018.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

3:25pm MST

Architecting a Data Platform with Open Source Tools - Priyanka J. Naik, Palo Alto Networks Inc
Wednesday November 13, 2024 3:25pm - 4:00pm MST
The presentation will focus on - * The architecture of the data streaming platform which we built in Palo Alto Networks using open source tools like Strimzi, Kafka, Kafka Connect, Confluent Community licensed tools like Schema Registry and KSqlDB on K8s for supporting corp risk intelligence, health and compliance. * Application of core software engineering principles in architecting open source data platforms and its benefits * Some drawbacks which were identified in the data platform solutions and how we overcame those.
Speakers
avatar for Priyanka J. Naik

Priyanka J. Naik

Principal Software Engineer, Palo Alto Networks Inc
Priyanka J. Naik is at Palo Alto Networks Inc. where she works on secure networking software. In her career of 17 years, she has worked in Citrix Systems, Appfolio, with projects and work ranging on products like GoToMeeting, GoToTraining, GoToWebinar, and on data platforms. Interests... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

3:25pm MST

Deep Dive Into Generic Control Planes and Kcp - Stefan Schimanski, Upbound & Mangirdas Judeikis, Cast AI
Wednesday November 13, 2024 3:25pm - 4:00pm MST
The Kubernetes code now allows native construction of generic control planes, without container types and in new form-factors other than your beloved clusters, be it customized apiserver binaries or embedded into other applications. This talk gives an in-depth explanation of what a generic controlplane is, how to construct it, how to extend it with custom types and how to control which native Kube APIs like secrets, configmaps, etc. or mechanisms like resource quota or RBAC are available. Specifically, we will cover 3 variants: 1. single-tenant generic control planes using upstream Kubernetes. 2. multi-tenant generic control planes using kcp to scale horizontally in one process. 3. multi-shard and multi-region generic control planes with focus of backing SaaS services.
Speakers
avatar for Stefan Schimanski

Stefan Schimanski

Senior Principal Software Engineer, Upbound
Stefan is a Senior Principal Engineer at Upbound working on control planes, Kubernetes, kcp, and as a tech-lead in Sig API Machinery. He contributed a major part of the CRD feature set. Stefan is a 2nd time GoogleSummer of Code mentor with CNCF, loves to teach and help people to learn... Read More →
avatar for MJ / Mangirdas Judeikis

MJ / Mangirdas Judeikis

Staff Engineer, Cast AI
With 10+ years in engineering, tech has been my passion from the start. Graduating in computer networks, I thrive on Go, Kubernetes, and an OpenSource approach. As an SRE practitioner, it's all about owning what you touch. No cloud preference, just adaptability. My motto? "Learn daily... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 254
  Emerging + Advanced

3:25pm MST

How to Get Started Contributing in the CNCF - Destiny O'Connor, Women Blessing Women & Riaan Kleinhans, Linux Foundation
Wednesday November 13, 2024 3:25pm - 4:00pm MST
The CNCF fosters a dynamic and inclusive ecosystem where individuals of all skill sets and regardless of experience can contribute to cloud-native technologies. Let us delve beyond the traditional "how-to contribute" approach and empower you to unlock your potential as a contributor. We’ll get into the core principles of open source, drawing from real-world examples from my experience. Highlighting its collaboration and the inclusive environment it offers. We'll share valuable resources and practical steps to teach you how to get started in the open-source community. Learn how to: - Find projects that align with your skills & interests. - Navigate the open-source collaborative environment. - Contribute with guidelines for beginners. - Leverage your unique perspective. - Use resources to find your contribution niche. This presentation equips you to confidently enter the rewarding world of open-source cloud-native development.
Speakers
avatar for Destiny O'Connor

Destiny O'Connor

Co-Chair CNCF Deaf and Hard of Hearing WG, Web Developer, Women Blessing Women
As Co-Chair of the CNCF Deaf and Hard of Hearing Working Group, where I channel my passion for creating a more inclusive tech world for deaf and hard-of-hearing individuals. My mission is to educate the tech community about the unique challenges and experiences of being deaf in this... Read More →
avatar for Riaan Kleinhans

Riaan Kleinhans

Mr., Linux Foundation
Riaan Kleinhans is a seasoned project manager with extensive experience in customer-facing roles, open-source projects, and community management. Currently, he serves as a Program Manager at the Linux Foundation, collaborating with the Cloud Native Computing Foundation and the Confidential... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

3:25pm MST

Life of a Packet: Ambient Edition - John Howard, Solo.io & Keith Mattix, Microsoft
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Istio's new "ambient mode" promises to (and delivers!) dramatically simplify and reduce the cost of running a service mesh. This doesn't come easily, however; Istio employs some advanced and innovative techniques to deliver on this promise. In this talk, Keith and John - two leads on the ambient project - will give an in-depth look under the hood to show how ambient mode operates, walking through how a packet gets from point A to point B securely and efficiently.
Speakers
avatar for Keith Mattix

Keith Mattix

Senior Software Engineering Lead, Microsoft
Keith Mattix is an Engineering Lead at Microsoft focused on Istio, Gateway API, and other networking projects.
avatar for John Howard

John Howard

John Howard, Solo.io
John Howard is a Senior Architect at Solo.io and Istio Technical Oversight Committee member.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

3:25pm MST

Mastering ApplicationSet: Advanced Argo CD Automation - Alexander Matyushentsev, Akuity
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Argo CD has become an essential deployment tool that engineers use to automate various infrastructure management use cases across hundreds of clusters. This presents a new challenge of managing Argo CD applications at scale. The Argo CD team has explored multiple approaches to solving this, resulting in the creation of ApplicationSet. Over time, ApplicationSet has gained many features, becoming sophisticated and quite complex to use. In this session, we will dive into advanced ApplicationSet features: orchestrating complex rollouts of ingress controllers across multiple clusters and accommodating snowflake clusters. We will enable the audience to answer these and many other questions about using ApplicationSet. Finally, we will demonstrate an effective way to debug ApplicationSet specifications without digging through logs and altering production Argo CD settings.
Speakers
avatar for Alexander Matyushentsev

Alexander Matyushentsev

Co-founder and Chief Architect, Akuity
Argo Co-Creator, Argo CD Lead, and maintainer. Energetic and passionate software engineer with over a decade of software development experience. I'm an enthusiast of continuous integration, agile environments, and a huge open-source believer. Core contributor and maintainer of http://argoproj.io... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3 | 355 EF

3:25pm MST

OpenTelemetry Project Update - Alolita Sharma, Apple; Juraci Paixão Kröhling, Grafana Labs; Ted Young, ServiceNow; Morgan Mclean, Splunk; Daniel Dyla, Dynatrace
Wednesday November 13, 2024 3:25pm - 4:00pm MST
This is the official OpenTelemetry session at Kubecon. OpenTelemetry started with distributed traces and metrics, but the project's vision has always been to provide whatever signals are needed from infrastructure, services, and more. This session will focus on what's coming next, including new signals and sources. Join to learn about OpenTelemetry's new logging functionality, including its two logging paths, the benefits of each, and real-world production examples. We'll show the power of the next wave of OpenTelemetry enhancements, including profiling and the insights that this unlocks in combination with distributed traces, and how we're extending your observability to client applications. We'll wrap up with a Q&A of 10+ project maintainers, who can speak to these topics and more.
Speakers
avatar for Morgan Mclean

Morgan Mclean

Director of Product Management, Splunk
Morgan is one of the co-founders of OpenTelemetry, and he sits on the project's governance committee and runs multiple initiatives within the project. He is a Senior Director of Product Management at Splunk, where he is responsible for the core platform behind Splunk Observability... Read More →
avatar for Juraci Paixão Kröhling

Juraci Paixão Kröhling

Software Engineer, Grafana Labs
Juraci Paixão Kröhling is a software engineer at Grafana Labs, a maintainer of the OpenTelemetry project, a member of the project's governing board and CNCF Ambassador. He has presented about distributed tracing, OpenTelemetry, and other related topics at conferences like KubeCon... Read More →
avatar for Daniel Dyla

Daniel Dyla

Senior Open Source Architect / OpenTelemetry GC, JS, Maintainer, Dynatrace
Daniel joined Dynatrace in 2015 working on the Davis Assistant natural language interface to the Dynatrace AI. He is an Open Source Architect, member of the W3C Distributed Tracing Working Group, OpenTelemetry specification contributor, maintainer of the OpenTelemetry JS client, and... Read More →
avatar for Ted Young

Ted Young

Director of Developer Education, ServiceNow
OpenTelemetry co-founder
avatar for Alolita Sharma

Alolita Sharma

Observability Engineering, Apple
Alolita Sharma is a member of OpenTelemetry GC, Observability TAG co-chair, CNCF End-User TAB Chair and Governing Board member. She leads Apple’s AIML observability teams. She contributes to open source, open standards at OpenTelemetry, Unicode, W3C. She has served on the boards... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

3:25pm MST

SIG-Node: Intro and Deep Dive - Sergey Kanzhelev & Dawn Chen, Google; Mrunal Patel, Red Hat
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Kubernetes SIG Node maintainers track session will cover the latest updates in the Kubernetes Node subsystem. The emergence of Generative AI has introduced new challenges and workload behaviors. And SIG Node is up for the challenge. SIG Node owns components and interactions between pods and host resources, including the Kubelet, Container Runtime Interface, and Node API. SIG Node is responsible for the Pod’s lifecycle from allocation to teardown, to liveness checks and shared resource management. We work with various container runtimes, kernels, networking, storage, and more; anything a pod touches is SIG Node’s responsibility! The session will be led by Kubernetes SIG Node leads and will be interesting for seasoned contributors as well as people seeking to get involved in the project. Attendees will leave the session with a better understanding of the latest developments in the Kubernetes Node subsystem. The session is open to all Kubernetes users, regardless of experience level.
Speakers
avatar for Dawn Chen

Dawn Chen

Principal Software Engineer, Google
Dawn Chen is a principal software engineer at Google. Dawn has worked on Kubernetes and Google Container Engine (GKE) before the project was founded. She has been one of tech leads in both Kubernetes and GKE. Prior to Kubernetes, she was the one of the tech leads for Google internal... Read More →
avatar for Mrunal Patel

Mrunal Patel

Distinguished Engineer, Red Hat
Mrunal Patel is a Senior Principal Software Engineer at Red Hat working on containers for Openshift. He is a maintainer of runc/libcontainer and the OCI runtime specification. He started the CRI-O runtime. He is a SIG-Node chair and tech lead.
avatar for Sergey Kanzhelev

Sergey Kanzhelev

Staff Software Engineer, Google
Sergey Kanzhelev is a seasoned open source and cloud native maintainer working actively on Kubernetes. Sergey is serving as co-chair of SIG node. He is also one of the founders of OpenTelemetry. He is working on engineering aspect of software and its practical application. He is contributing... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 3| 355 BC

3:25pm MST

Using OpenTelemetry for Deep Observability Within Messaging Queues - Shivanshu Raj Shrivastava & Ekansh Gupta, SigNoz
Wednesday November 13, 2024 3:25pm - 4:00pm MST
The recent changes in OpenTelemetry have made new semantic conventions and changes in agents to better monitor messaging queues such as Kafka, RabbitMQ, and Amazon SQS, etc. In this session, we'll discuss how those semantic conventions are standardizing the telemetry collected from producers, consumers, and the messaging queues, and how in-depth observability can be achieved by correlating producer-to-consumer spans with the metrics collected from Kafka. Additionally, We will demonstrate how the Kafka Java client side instrumentation enabled and JMX metrics collected from Kafka how OpenTelemetry instrumentation can help for metrics to trace and trace to metrics correlation and spot reasons for anomalies like increased consumer lag, partition failures, time taken by messaging queues. This will also help in giving the corresponding traces in time that can help end users to better delve into their infrastructures and optimize their asynchronous applications.
Speakers
avatar for Ekansh Gupta

Ekansh Gupta

SDE, SigNoz
Ekansh is a Software Development Engineer with SigNoz, with active involvement in various open-source and cloud native communities for upwards two years now. He was previously an SDE Intern at SteamLabs. He is also a speaker for a couple of talks at PyCon, KubeCon and MozFests. Ekansh... Read More →
avatar for Shivanshu Raj Shrivastava

Shivanshu Raj Shrivastava

Founding Engineer, SigNoz
Shivanshu is a Founding Engineer at SigNoz, working on building an OTeL native observability product. He has a keen interest in deep tech and OSS. He is a CNCF ambassador and a member of CNCF projects like OTeL, k8s, and Istio. He has got the opportunity to mentor contributors in... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability

3:25pm MST

Global Payments: Setting New Standards for Reliability in Cloud Native Multi-Region Applications - Trey Caliva, Global Payments
Wednesday November 13, 2024 3:25pm - 4:00pm MST
As a multinational FinTech provider, processing over 32 billion card transactions for 816 million accounts, Global Payments requires globally available architectures with quick disaster recovery while maintaining subsecond latencies. In addition, these workloads require strict adherence to compliance standards. This session will explore the high-level architectural decisions implemented in a cloud-native redesign and cloud migration of a mission critical legacy .NET application. Key cloud native tools leveraged include Kubernetes on GCP, and the use of CockroachDB as a cloud native database solution. We will explore how leveraging these cloud native technologies achieved extreme fault tolerance in a multi-region deployment, setting new standards for performance and reliability.
Speakers
avatar for Trey Caliva

Trey Caliva

Principal Cloud Architect, Global Payments
Trey Caliva is an Architect and engineer with 10+ years of hands-on experience planning, developing, managing, and securing deployments in Google Cloud and AWS. He is currently Principal Cloud Architect at Global Payments, a Fortune 500 company and a member of the S&P 500 focused... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

3:25pm MST

Cash App's Journey Into a Multi-Cluster Ecosystem - Rachel Sheikh, Cash App
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Cash App's Compute team is responsible for the health and maintenance of the company's Kubernetes clusters, and the enablement of service owners to deploy their services into these clusters with confidence. Over the past year, we've made strides in improving our reliability and uptime, part of which involved introducing a paradigm around creating new Kubernetes clusters in our service ecosystem that allow us to seamlessly transition services in/out of to simplify cluster upgrades and provide us with guardrails against common outages. This talk intends to walk you through our experience introducing new Kubernetes clusters for our services at Cash App, migrating and splitting service traffic across clusters with zero downtime, and thinking through tooling adoption / creation to simplify cluster maintenance as our overhead scales.
Speakers
avatar for Rachel Sheikh

Rachel Sheikh

Ms., Cash App
I'm a software engineer with a decade of experience building and scaling backend services across various industries. When I'm not working on clusters or writing Go, I'm probably watching pro League of Legends or taking pictures of my dog.
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering
  • Content Experience Level Any

3:25pm MST

Scale Job Triggering with a Distributed Scheduler - Cassie Coyle & Artur Souza, Diagrid
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Imagine scheduling thousands or millions of jobs that are persisted and triggered timely and resilient to downtime. Some jobs might be triggered every second while others need to reliably be triggered on the first day of the month. Achieving high throughput and reliability is critical for the performance and operational efficiency of modern distributed systems. How can traditional cron job scheduling be extended? How can distributed systems handle job scheduling with minimal downtime? What challenges arise when scaling job scheduling to thousands or millions of jobs? In this session, Artur and Cassie will delve into the design of Dapr’s distributed Scheduler and how users can start using it today. You will gain a comprehensive understanding of how Dapr’s Scheduler unblocks scalability of actors and workflows while also enabling new capabilities, like delayed pubsub and schedule job API.
Speakers
avatar for Artur Souza

Artur Souza

Head of Engineering, Diagrid
I am a maintainer of Dapr since 2019, helped the project reach the 1.0 stable version and keeping frequent releases since then. Currently Head of Engineering at Diagrid, leading the engineering teams building Conductor and the next generation of managed cloud native APIs via Dapr... Read More →
avatar for Cassie Coyle

Cassie Coyle

Software Engineer, Diagrid
Cassie, a devoted software engineer at Diagrid actively contributes to Dapr, focusing on Go backend development to simplify the creation of resilient, event-driven, and microservices-based apps. She is a member of the Dapr Day and AppDeveloperCon 2024 program committees. Her work... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 2 | 250
  SDLC

3:25pm MST

CEL-Ebrating Simplicity: Mastering Kubernetes Policy Enforcement - Kevin Conner, Getup Cloud & Anish Ramasekar, Microsoft
Wednesday November 13, 2024 3:25pm - 4:00pm MST
As Kubernetes deployments grow increasingly complex, robust policy enforcement is crucial. The Common Expression Language (CEL) provides a powerful solution, enabling the creation of sophisticated, human-readable expressions for Kubernetes policies. This session explores CEL's integration with Kubernetes, simplifying policy definition and enforcement. Key takeaways: - Fundamentals of CEL and its Kubernetes integration. - Practical use cases for CEL in admission control, resource management, and security. - Enhancing policy expressiveness and flexibility with CEL. - Introduction to CEL Playground for testing and validating CEL expressions. Through live demos, learn to leverage CEL and CEL Playground for streamlined policy management in Kubernetes. Ideal for administrators, developers, and DevOps professionals, this session equips you to enhance your Kubernetes policies using CEL. Join us to discover how CEL and CEL Playground can transform your Kubernetes policy management.
Speakers
avatar for Anish Ramasekar

Anish Ramasekar

Principal Software Engineer, Microsoft
Anish Ramasekar is a software engineer at Microsoft. He is on the Azure Container Upstream team building features for Kubernetes upstream and various CNCF projects that are part of the Azure Kubernetes Service. Anish is a maintainer of the Secrets Store CSI Driver project.
avatar for Kevin Conner

Kevin Conner

Chief Engineer, Getup Cloud
Kevin Conner is the Chief Engineer at GetUp Cloud, a startup focused on Kubernetes and DevSecOps. He has worked at startups like Integrated Micro Products, Arjuna Technologies, JBoss, and Aviatrix, as well as Sun Microsystems and Red Hat where he led teams for Cloud Enablement, Service... Read More →
Wednesday November 13, 2024 3:25pm - 4:00pm MST
Salt Palace | Level 1 | 151
  Security

4:00pm MST

Coffee Break ☕
Wednesday November 13, 2024 4:00pm - 4:30pm MST
Wednesday November 13, 2024 4:00pm - 4:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

4:30pm MST

Making Kubernetes Simpler for Accelerated Workloads - Susan Wu, Google; Lucy Sweet, Uber; Mitch McKenzie, Weave; Aditya Shanker, Crusoe
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Kubernetes and the open-source ecosystem for AI frameworks have been great for LLM innovation, empowering developers to build applications that use natural language as the interface to data. Yet, many developers and cluster operators struggle to put these frameworks into production use. In this session, hear from several platform engineers responsible for designing core infrastructure supporting accelerated workloads, services, large language model training and inference pipelines. You can expect to come away with guidance, hear of pitfalls to watch out for and learn how they successfully abstracted the infrastructure complexity to improve their research users' experience and velocity. Panelists include: Lucy Sweet, Senior Software Engineer (Infrastructure), Uber, Mitch McKenzie, Site Reliability Engineer - Machine Learning Operations, Weave, Susan Wu, Outbound Product Manager, Google
Speakers
avatar for Susan Wu

Susan Wu

Outbound Product Manager, Google
Susan is an Outbound Product Manager for Google Cloud, focusing on GKE Networking and Network Security. She previously led product and technical marketing roles at VMware, Sun/Oracle, Canonical, Docker, Citrix and Midokura (part of Sony Group). She is a frequent speaker at conferences... Read More →
avatar for Lucy Sweet

Lucy Sweet

Senior Software Engineer at Uber, Uber
Lucy is a Senior Software Engineer at Uber Denmark who works on software infrastructure
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 BC
  AI + ML

4:30pm MST

Platform Performance Optimization for AI - a Resource Management Perspective - Antti Kervinen, Intel & Dixita Narang, Google
Wednesday November 13, 2024 4:30pm - 5:05pm MST
How much node resource management can affect AI workload performance? What options are there? What is the trade-off between total throughput and low latencies? In this talk we take a systematic approach to Platform Performance Optimization. We walk through the whole path from goal setting, gathering data, analysis, visualizations and conclusions. At each stop along the path we share our practical experiences in a case of LLM inference optimization. You will find many considerations, findings and practical tricks to take away. For instance, how to instrument PyTorch without touching the source or a container image, how to enable changing what we are measuring without new expensive benchmark reruns, and how much more we can learn from visualizations compared to numeric averages and percentiles. Finally we share real results from our case: how resource management increased total token throughput per worker node by more than 3.5x from the baseline.
Speakers
avatar for Antti Kervinen

Antti Kervinen

Cloud Orchestration Software Engineer, Intel
Antti Kervinen is a Cloud Orchestration Software Engineer working at Intel, whose interest in Linux and distributed systems has led him from academic research of concurrency to the world of Kubernetes. When unplugged, Antti spends his time outdoors discovering wonders of nature.
avatar for Dixita Narang

Dixita Narang

Software Engineer, Google
Dixita Narang is a Software Engineer at Google on the Kubernetes Node team. With a primary focus on resource management within Kubernetes, Dixita is deeply involved in the development and advancement of the Memory QoS feature, which is currently in the alpha stage. She is a new contributor... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

4:30pm MST

Museum of Weird Bugs: Our Favorites from 8 Years of Service Mesh Debugging - Tom Dean & Phil Henderson, Buoyant
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Over the past 8 years, we've fixed a lot of bugs in Linkerd. Many of these were straightforward, but some manifested in strange ways, or only showed up in unique situations, or otherwise surprised us. Some of them were just plain funny. In this talk, we will run through a couple of Linkerd's favorites: the most interesting, weird, and memorable bugs we've found and fixed Linkerd. We describe how they originally manifested (usually in someone else's production system),  how we went about tackling them (often by educating the reporter on how to construct a useful bug report), and the sometimes long and windy path to finally fixing them.
Speakers
avatar for Phil Henderson

Phil Henderson

Customer Success Engineer, Buoyant
avatar for Tom Dean

Tom Dean

Field Engineer, Buoyant
Tom Dean started programming BASIC on Apple IIs over 40 years ago, and has been hooked on tech since then. A long-time user of Linux and Open Source, he has been expanding his Cloud, Cloud Native and adjacent subject matter knowledge to become a more well-rounded technologist, and... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Cloud Native Experience
  • Content Experience Level Any

4:30pm MST

DNS Deep Dive in Kubernetes with CoreDNS - Jingming Guo, Airbnb
Wednesday November 13, 2024 4:30pm - 5:05pm MST
In the dynamic world of Kubernetes, efficient DNS resolution is critical for seamless application performance and scalability. CoreDNS, as the default DNS server for Kubernetes, offers flexible and high-performance DNS capabilities. This talk will delve into the lifecycle of a DNS request within a Kubernetes cluster using CoreDNS, offering insights into the flow of DNS traffic and enhancing your understanding of DNS requests and service discovery in Kubernetes—-key knowledge for effective debugging and issue resolution. Additionally, we will present a case study of Airbnb's successful integration of CoreDNS, highlighting the CoreDNS performance evaluation, our seamless migration approach, and scaling strategy. Finally, we will talk about the multi-cluster DNS resolution with CoreDNS. This section will demonstrate how multi-cluster DNS capabilities address the common challenges, discuss performance considerations and multi-cluster DNS limitations.
Speakers
avatar for Jingming Guo

Jingming Guo

Software Engineer, Airbnb
Jingming Guo, graduated from Northwestern University in 2017 and subsequently joined AWS EBS team. At AWS, Jingming led the development of Elastic Volume feature on the Block Express volume and led the EBS Server capacity increase release. In 2022, Jingming joined Airbnb and led the... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice
  • Content Experience Level Any

4:30pm MST

From Observability to Performance - Nadia Pinaeva, Red Hat & Antonio Ojea, Google
Wednesday November 13, 2024 4:30pm - 5:05pm MST
No matter how fast the Services on your Kubernetes cluster are, users would love them to be faster. But how do you get from a huge pile of metrics across a distributed system to real user experience improvements? There is a way, and with the right tools and the right approach, you can better understand and evaluate Service performance. In this talk, you'll learn how to identify the performance parameters that directly translate to user experience. We will explore how to collect performance metrics from running Kubernetes clusters without disrupting normal operations using tools like Prometheus, Grafana, kube-burner, and custom instrumentation. We will discuss how to translate the collected metrics and analysis into concrete actions and how to identify bottlenecks and implement optimizations to enhance Service performance. This talk is ideal for k8s networking developers, administrators, SREs, DevOps engineers, and anyone responsible for managing or optimizing Kubernetes networking.
Speakers
avatar for Antonio Ojea

Antonio Ojea

Software Engineer, Google
Antonio Ojea is a Software Engineer at Google, where he works on Kubernetes. He is one of the top contributors of the Kubernetes project, with a stronger presence on the areas of networking and reliability. He has a vast experience in Open Source, networking and distributed systems... Read More →
avatar for Nadia Pinaeva

Nadia Pinaeva

Senior Software Engineer, Red Hat
Nadia Pinaeva is a Senior Software Engineer at Red Hat working on Openshift Networking. She collaborates with the SIG-network-policy to improve network security for Kubernetes clusters, and works on ovn-kubernetes network plugin.
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

4:30pm MST

Building Resilience: Effective Backup and Disaster Recovery for Vector Databases on Kubernetes - Pavan Navarathna & Shwetha Subramanian, Veeam
Wednesday November 13, 2024 4:30pm - 5:05pm MST
As generative AI revolutionizes industries, reliance on vector databases - crucial for managing and querying high-dimensional data - has skyrocketed. These databases are often deployed on Kubernetes for its scalability and orchestration capabilities. However, ensuring robust backup and disaster recovery for these stateful applications presents unique challenges. Join Pavan and Shwetha as they discuss the critical need for an effective data protection strategy for vector databases in Kubernetes environments, emphasizing its importance in maintaining data integrity and availability. Attendees will learn about the growing significance of vector databases driven by AI applications and the specific considerations for their reliable deployment and management in cloud-native settings. Through a practical demonstration, this session will introduce Kanister, a CNCF Sandbox project, showcasing how it simplifies the complex process of backing up and recovering vector databases on Kubernetes.
Speakers
avatar for Pavan Navarathna

Pavan Navarathna

Engineering Manager, Veeam
Pavan joined Kasten by Veeam in March 2018, where he leads the open-source efforts and manages a team of cloud-native engineers developing innovative solutions for data protection in Kubernetes. He has previously worked in data protection and networking at NetApp and Aryaka. Pavan... Read More →
avatar for Shwetha Subramanian

Shwetha Subramanian

Software Engineer, Kasten by Veeam, Veeam
Shwetha Subramanian is a 2+ year experienced software professional, armed with a Master’s in Computer Science (Machine Learning track) from Columbia University, currently working as an SWE in the Kasten team at Veeam. An inherently curious individual, she is on a journey of learning... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage
  • Content Experience Level Any

4:30pm MST

Experience in Designing & Implementing a Cloud Native Framework for Farm Data Analytics - Braulio Dumba, IBM & Gloire Rubambiza, Cornell University
Wednesday November 13, 2024 4:30pm - 5:05pm MST
This work is based on 17 months experience managing a digital agriculture platform that has aggregated and processed tens of gigabytes of data on 1500 cows on a commercial dairy farm. Significant challenges surfaced tied to multi-cluster management, fault-tolerance, and privacy as the number of applications and farm management models grew. To bridge this gap, we designed and implemented a cloud native networked system for multi-cluster configuration and management of farm data analytics that leverages KubeStellar and Software-Defined Farm paradigm. Our experience from designing, implementing and deploying this framework showcase how Kubernetes can enable farmers and agribusinesses to leverage the power of containerization and cloud-native computing to optimize workflows and streamline agricultural operations. This work presents progress towards cloud-native, scalable, and fault-tolerant data analytics in digital farming with potential environmental, financial, and societal impacts.
Speakers
avatar for Braulio Dumba

Braulio Dumba

Staff Research Scientist, IBM
Dr. Braulio Dumba is a Staff Research Scientist at IBM Research. In 2018, he joined IBM under the Hybrid Cloud organization. His current research is focus on edge computing and hybrid cloud computing. Dr. Dumba earned a Ph.D. in Computer Science from University of Minnesota, Twin... Read More →
avatar for Gloire Rubambiza

Gloire Rubambiza

Ph.D. Candidate, Cornell University
Gloire Rubambiza is a Ph.D. candidate in CS at Cornell University, where he conducts research in hybrid cloud computing for digital agriculture with an emphasis on societal impact. At Cornell, he was a University Fellow, a fellow of NSF National Research Traineeship in Digital Plant... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 254
  Emerging + Advanced

4:30pm MST

CNI Updates and Direction! - Michael Zappa, Microsoft
Wednesday November 13, 2024 4:30pm - 5:05pm MST
The CNI or Container Networking Interface is one of the most important projects of Kubernetes and the surrounding ecosystem. Without it, nodes aren’t ready, and pods aren’t scheduled. This session will provide a brief overview of what the CNI is, where it intersects with Kubernetes, the latest updates, how you can get involved and the future of the CNI. We have talked a lot about CNI 2.0 and now it is becoming a reality. This will be the biggest change to the CNI however let's not get carried away, we will make this seamless for you! Attendees will leave with an understanding of what the CNI is and how it fits into the larger picture of Kubernetes networking so that you can contribute to the CNI community!
Speakers
avatar for Michael Zappa

Michael Zappa

Software Engineer, Microsoft
Hello, I am Zappa. I have been a technologist for over 20 years with a background in networking, systems, software and Devops engineering. I am a self-caught coder and started in the 6th grade. I am passionate about the ecosystem and container networking. My areas in the open-source... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

4:30pm MST

Distributed Tracing with Jaeger and OpenTelemetry - Jonah Kowall, Independent & Pavol Loffay, Red Hat
Wednesday November 13, 2024 4:30pm - 5:05pm MST
In this session, we will introduce the Jaeger project, explain distributed tracing concepts, and the value it brings compared to other telemetry signals like metrics and logs. The session will continue with a live Jaeger demo, after which the audience will understand the platform features. We will switch gears to focus on the exciting release of Jaeger v2, which is due to be released very soon. This new version will further incorporate OpenTelemetry into Jaeger natively. Then we’ll delve into service performance monitoring and the changes which have happened to this critical feature. We will finish by talking about the roadmap and how to get involved with the project, including our expanding LFX and Google Summer of Code mentorship programs.
Speakers
avatar for Pavol Loffay

Pavol Loffay

Principal Software Engineer, Red Hat
Pavol Loffay is a principal software engineer at Red Hat working on open-source observability technology for modern cloud-native applications. Pavol contributes and maintains Cloud Native Computing Foundation (CNCF) projects OpenTelemetry and Jaeger. In his free time, Pavol likes... Read More →
avatar for Jonah Kowall

Jonah Kowall

CTO, TBD (between roles)
Jonah Kowall, computer scientist and open-source contributor to OpenSearch, Jaeger, OpenTelemetry. A technical leader across startups to large enterprises specialized in operations, security, and performance. Led Gartner research on monitoring. Product leadership at AppDynamics, Cisco... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

4:30pm MST

How to Expand Your IDP: The New Building Blocks of Backstage - Ben Lambert & Patrik Oldsberg, Spotify
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Learn new ways to get the most out of your internal developer portal (IDP) and improve developer experience and productivity together with the Backstage community. The project maintainers will walk through brand new framework features and resources designed to help you build plugins and integrations. By expanding what a Backstage portal can do, you add value to your own IDP while strengthening the Backstage open source ecosystem. You’ll also hear the latest updates from the different Project Areas and a roadmap for what’s coming next. There will be plenty of time for Q&A, so here’s your chance to ask any burning questions!
Speakers
avatar for Patrik Oldsberg

Patrik Oldsberg

Senior Engineer, Spotify
Patrik is a Senior Software Engineer at Spotify and a core maintainer of Backstage. In 2019 he joined the team in Spotify’s platform organization that owned the Backstage platform, and worked together with the rest of the team to bring it out in the open. Before joining Spotify... Read More →
avatar for Ben Lambert

Ben Lambert

Core Maintainer of Backstage, Senior Engineer at Spotify, Spotify
Ben is an Engineer at Spotify and a Maintainer of Backstage.io
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

4:30pm MST

Linkerd Update: Ingress, Egress, IPv6, Enhanced Multicluster, Rust, and More - William Morgan, Buoyant
Wednesday November 13, 2024 4:30pm - 5:05pm MST
The pace of feature delivery in Linkerd has never been higher. In this whirlwind project update by Linkerd maintainers and directors, you'll learn about the latest developments and upcoming features. We'll discuss new support for egress traffic control and visibility, ingress traffic handling, UX improvements to multicluster, new support for IPv6, and more. Come prepared to learn about the world's fastest, lightest service mesh!
Speakers
avatar for William Morgan

William Morgan

Linkerd Director, Buoyant CEO, Buoyant
William is a director on the Linkerd project and the co-founder and CEO of Buoyant, the creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, a software engineer at Powerset, Microsoft, and Adap.tv, a research scientist at MITRE. He holds an MS in computer... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3 | 355 EF

4:30pm MST

SIG Instrumentation Introduction and Deep Dive - Han Kang, David Ashpole & Richa Banker, Google; Damien Grisonnet, Red Hat
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. We will begin with an introductory overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. This deep dive session will go into detail about currently ongoing efforts happening within SIG Instrumentation to share with the audience concrete pieces of work to encourage future collaboration. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make instrumentation even better!
Speakers
avatar for Richa Banker

Richa Banker

Software Engineer, Google
Currently a software engineer at Google. Exploring and contributing to OSS Kubernetes on the side.
avatar for Han Kang

Han Kang

Senior Staff Software Engineer, Google
Han Kang is a Senior Staff Software Engineer at Google. Han co-chairs SIG instrumentation (leading stuff like the metrics stability effort - https://bit.ly/stability-kep) and participates in SIG API-Machinery (spearheading things like the safer upgrades initiative - https://bit.ly/safer-k8s-upgrades... Read More →
avatar for David Ashpole

David Ashpole

David Ashpole, Google
TODO
avatar for Damien Grisonnet

Damien Grisonnet

Senior Software Engineer, Red Hat
Damien Grisonnet is a Software Engineer at Red Hat, he is very active in the monitoring ecosystem of Kubernetes for which he serves as a technical lead for Kubernetes SIG Instrumentation as well as a maintainer for projects such as kube-state-metrics, metrics-server, and prometheus-adapter... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 3| 355 BC

4:30pm MST

Watching the Watchers: How We Do Continuous Reliability at Grafana Labs - Nicole van der Hoeven, Grafana Labs
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Nothing is foolproof. Everything fails eventually. Observability tools help predict and lessen the impact of those failures, as the watchers of your software systems. But who watches the watchers? At Grafana Labs, we're not immune to production incidents. Just like any company, we still sometimes move too quickly. We run complex, microservices-based systems ourselves, so we have to eat our own dogfood on a daily basis. In this talk, I reveal: - how we solved a years-long mystery that cost us $100,000+ - how we got our internal Mimir clusters to reliably hold 1.3 billion time series for metrics - what we've had to do to scale our Loki clusters to handle 324 TB of logs a day - what our Grafana dashboards to monitor Grafana Cloud look like Sometimes, it's easier to learn from failures in observability than from successes. This talk is a confession of some of our worst sins as well as a realistic look under the hood at how we're improving the continuous reliability of our stack.
Speakers
avatar for Nicole van der Hoeven

Nicole van der Hoeven

Senior Developer Advocate, Grafana Labs
Nicole is a Senior Developer Advocate at Grafana Labs and a performance engineer with over a decade of experience in breaking software and learning to build it back up again. She has lived in the Philippines, the US, Australia, the Netherlands, and Portugal, helping teams all over... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability
  • Content Experience Level Any

4:30pm MST

Kubernetes at Scale: Practical Solutions for Enhanced CNI and Kubelet Performance - Henrique Santana, Amazon Web Services & Bruno Gabriel da Silva, Sysdig
Wednesday November 13, 2024 4:30pm - 5:05pm MST
In this session, we'll explore challenges faced in maintaining optimal performance for Container Network Interface (CNI) and Kubelet components in Kubernetes clusters. Based on recurring real-world scenarios, we will dive into troubleshooting and mitigations of issues such as IP address allocation delays, registry pull queries per second (QPS), disk throttling. These pose significant impacts on the performance, scalability and stability of Kubernetes clusters. Our discussion will revolve around practical strategies aimed at mitigating such challenges, leveraging multiple block storage volumes, adjusting instance types, tuning registryPullQPS settings, and exploring the benefits of prefix mode for faster IP address allocation. Additionally, we'll examine the role of warm IP pools, and the implications of WARM_ENI_TARGET settings on CNI performance, providing attendees with a comprehensive understanding on how to optimize CNI and Kubelet performance effectively.
Speakers
avatar for Bruno Gabriel da Silva

Bruno Gabriel da Silva

Sr. Solutions Engineer, Sysdig
I have been working as a Solutions Engineer for several years, with my passion for cloud-native technologies igniting around 2018. That year, I transitioned from a traditional IT Windows Sysadmin role to fully embracing DevOps, focusing entirely on Open Source and Cloud. My first... Read More →
avatar for Henrique Santana

Henrique Santana

Sr. Cloud Support Engineer, Amazon Web Service
I'm Containers Specialist with over 15 years of experience in infrastructure operations. Skilled at automating workflows and solving problems through user-centered design and emerging technologies. Currently focusing on containers and container orchestration. Adept at optimizing resource... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

4:30pm MST

Perform Laser Focused Deployments by Deciding in Advance the Blast Radius - Kostis Kapelonis, Octopus deploy
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Progressive Delivery is an advanced deployment method that allows for zero-downtime application releases. Argo Rollouts is a Kubernetes controller that allows you to adopt progressive delivery in the form of blue/green and canary deployments. We see a lot of teams that choose an arbitrary number of clients that access the new version of a canary. Yes, it is very easy to send only 10% of the traffic to the new version of a Kubernetes deployment. But sometimes you want to choose WHICH 10% sees the new traffic. In this talk we will see several approaches on pinning down specific clients to the old or new version and advanced scenarios for sending canary traffic only to a specific subset of users such as internal employees or customers who have expressed their interest on seeing brand new releases as soon as possible.
Speakers
avatar for Kostis Kapelonis

Kostis Kapelonis

Developer Advocate, Codefresh by Octopus Deploy
Kostis is a software engineer/technical-writer dual class character. He lives and breathes automation, good testing practices and stress-free deployments with GitOps.
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 2 | 250
  SDLC

4:30pm MST

Expanding the Capabilities of Kubernetes Access Control - Jimmy Zelinskie, authzed & Lucas Käldström, Upbound
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Kubernetes RBAC is an effective way of managing ACLs in one cluster. However, there are many other effective paradigms out there, such as Attribute- & Relation-based Access Control. In this talk, we’ll demystify how these differ, and when to use respective paradigms, giving context and guidance. We’ll highlight how Kubernetes access control has recently evolved towards supporting lots of different use-cases. We take this opportunity to cover multiple perspectives: security within a single cluster (zooming in) and security within real-life production environments with external services and multiple clusters (zooming out). As containers became ubiquitous first with excellent tools like Docker, we believe the same can and will happen for access control, yielding uniform, interoperable and understandable authorization. Finally, we'll propose future work that could be done to supercharge Kubernetes and ensure it keeps up with the ever increasing security requirements in our industry.
Speakers
avatar for Lucas Käldström

Lucas Käldström

Senior Software Engineer, Upbound
Lucas is a Kubernetes and cloud native expert who has been serving the CNCF community in lead positions for 6 years. He’s awarded Top CNCF Ambassador 2017 with Sarah Novotny. Lucas was a co-lead for SIG Cluster Lifecycle, co-created kubeadm, Weave Ignite, and ported Kubernetes to... Read More →
avatar for Jimmy Zelinskie

Jimmy Zelinskie

Co-founder, authzed
Jimmy Zelinskie is a software engineer and product leader with a goal of democratizing software via open source development. He's currently CPO of authzed where he's focused on bringing hyperscaler best-practices in authorization to the industry at large. At CoreOS, he helped pioneer... Read More →
Wednesday November 13, 2024 4:30pm - 5:05pm MST
Salt Palace | Level 1 | 151
  Security

4:30pm MST

Tutorial: Get the Most Out of Your GPUs on Kubernetes with the GPU Operator - Eduardo Arango Gutierrez, Tariq Ibrahim, Amanda Moran & Christopher Desiniotis, NVIDIA; David Porter, Google
Wednesday November 13, 2024 4:30pm - 6:00pm MST
NVIDIA’s GPU operator has become the de-facto standard for managing GPUs in Kubernetes at scale. This tutorial provides in-depth, hands-on training on the various GPU sharing techniques that are possible with the GPU operator. Participants will learn to deploy jobs utilizing these sharing techniques, as well as get hands-on experience on the installation and configuration of the NVIDIA GPU Operator itself. This includes an in-depth exploration of its two primary CRDs: ClusterPolicy and NVIDIADriver. These CRDs are essential for configuring GPU-accelerated nodes, enabling GPU sharing mechanisms, and performing GPU driver upgrades. The session will culminate with practical use cases, such as training an AI/ML model and giving participants firsthand experience in managing a GPU-accelerated Kubernetes cluster.
Speakers
avatar for Christopher Desiniotis

Christopher Desiniotis

Senior Systems Software Engineer, NVIDIA
Christopher Desiniotis is a Senior Systems Software Engineer on the Cloud Native team at NVIDIA where he works on enabling GPUs in containers and Kubernetes. He is a maintainer of the NVIDIA GPU Operator, a widely used tool for managing GPUs in Kubernetes, and is focused on increasing... Read More →
avatar for David Porter

David Porter

Senior Software Engineer Google, Google
David Porter is a Senior Software Engineer at Google on the Kubernetes node team. David’s focus is on the kubelet node agent and the resource management area. He is primary maintainer of cAdvisor, a resource monitoring library widely used in kubernetes, reviewer of a SIG Node, and... Read More →
avatar for Eduardo Arango Gutierez DE

Eduardo Arango Gutierez DE

Senior systems software engineer, NVIDIA
Eduardo is a Senior Systems Software Engineer at NVIDIA, working on the Cloud Native Technologies team. Eduardo has focused on enabling users to build and deploy containers on distributed environments.
avatar for Tariq Ibrahim

Tariq Ibrahim

Senior Software Engineer, NVIDIA
Tariq Ibrahim is a Senior Cloud Platform Engineer on the Cloud Native team at NVIDIA where he works on enabling GPUs in containers and Kubernetes. He is a maintainer of the NVIDIA GPU Operator. He has also contributed to several cloud native OSS projects like kube-state-metrics, Istio... Read More →
avatar for Amanda Moran

Amanda Moran

https://www.nvidia.com/en-us/, NVIDIA
Amanda has been working in technology since graduating from SCU in 2012 with a Master’s in Science in CS. Prior to this she had graduated with an BS in Biology from UW. Amanda has worked the last 12 years as a Software Engineer, a Solutions Architect, and an Engineering Manager... Read More →
Wednesday November 13, 2024 4:30pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom G
  Tutorials, AI + ML

5:20pm MST

Project Pavilion Tour with Jorge Castro + Bob Killen
Wednesday November 13, 2024 5:20pm - 6:00pm MST
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise. 

This tour session will focus specifically on End Users and TABs.
Wednesday November 13, 2024 5:20pm - 6:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

5:25pm MST

Detecting and Overcoming GPU Failures During ML Training - Sarah Belghiti, Wayve & Ganeshkumar Ashokavardhanan, Microsoft
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Scaling ML training demands powerful GPU infrastructure, and as model sizes and training scale increases, GPU failures become an expensive risk. From outright hardware faults to subtle performance degradation, undetected GPU problems can sabotage training jobs, inflating costs and slowing development. This talk dives into GPU failure challenges in the context of ML training, particularly distributed training. We will explore the spectrum of GPU issues, and why even minor performance drops can cripple large jobs. Learn how observability (leveraging tools like NVIDIA DCGM) enables proactive problem detection through GPU health checks. Understand principles of fault-tolerant distributed training to mitigate GPU failure fallout. Drawing on cloud provider and autonomous vehicle company experience, we will share best practices for efficient identification, remediation, and prevention of GPU failures. We will also explore cutting-edge ideas like CRIU and task pre-emption for GPU workloads.
Speakers
avatar for Ganeshkumar Ashokavardhanan

Ganeshkumar Ashokavardhanan

Software Engineer, Microsoft
Ganesh is a Software Engineer on the Azure Kubernetes Service team at Microsoft, working on node lifecycle, and is the lead for the GPU workload experience on this kubernetes platform. He collaborates with partners in the ecosystem like NVIDIA to support operator models for machine... Read More →
avatar for Sarah Belghiti

Sarah Belghiti

ML Platform Engineer, Wayve
Sarah Belghiti is an ML Platform Engineer at Wayve, a leading developer of embodied intelligence for autonomous vehicles. She works on the infrastructure, scheduling and monitoring of ML workloads. With GPUs becoming an increasingly scarce resource, her focus has been on building... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 EF
  AI + ML

5:25pm MST

Production AI at Scale: Cloudera’s Journey in Building a Robust Inference Platform - Zoram Thanga & Peter Ableda, Cloudera
Wednesday November 13, 2024 5:25pm - 6:00pm MST
In this session, we talk about Cloudera AI Inference Service, a secure, large scale platform for generative AI and predictive inference workloads, built using state of the art Kubernetes, CNCF and Apache open source projects. We take the audience through our journey in building this platform and share the experiences we gained along the way. The platform is built using openness, security, scalability, performance and standards compliance as guiding principles. We demonstrate that it is possible to be open and secure at the same time, and that organizations can incorporate production grade AI inferencing into their Big Data environments. This session will cover the architecture of the platform, and explain how we handle performance, scaling, authentication, fine grained authorization and audit logging, all of which are critical considerations for production inferencing.
Speakers
avatar for Peter Ableda

Peter Ableda

Director, Product Management, Cloudera
Peter Ableda is the Director of Product Management for Cloudera’s AI product suite, bringing over a decade of experience in data management and advanced analytics. Holding a Master of Science degree in Computer Science from the Budapest University of Technology, Peter has dedicated... Read More →
avatar for Zoram Thanga

Zoram Thanga

Principal Engineer, Cloudera
Zoram is a Principal Engineer, Enterprise AI Platform in Cloudera. He has been working in the software industry for over 23 years, and has been involved in building clustering software, containers, file systems, analytical query engines, and ML/AI platforms. He is a committer in the... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

5:25pm MST

Conquering Configuration Constraints: Real-World Patterns for Distributing Data at Scale in Kubernet - Daniel Hrabovcak, Google
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Did you know that major Cloud providers cap the amount of volumes you could attach to a node? You may be tempted to use a ConfigMap or a Secret instead; however, did you know that Kubernetes caps the size of all resources to 1 MiB? What if you need arbitrarily large data? After all, reaching these limits may effectively render your application completely useless and for commonly used operators, constraints are exacerbated. In this talk, we cover all built-in storage mechanisms and their pitfalls. Not only can your data be large, but what about auto-scaled workloads which access the same data? We explore patterns that we at Google explored while working on our open source Prometheus operator, including: variable expansion, compression, sharding, projected volumes and dynamically mounting resources. We discuss how to shape the user configuration surface and how to make your data available at scale. Especially a must-see for anyone distributing configurations in their operator!
Speakers
avatar for Daniel Hrabovcak

Daniel Hrabovcak

SWE, Google
Daniel Hrabovcak is a software engineer at Google working within Cloud Monitoring to build Google Cloud’s Managed Service for Prometheus. Daniel’s love of coding has lasted a decade, touching on open-source game development and a previous career in full stack development, giving... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

5:25pm MST

Container Image Workflows at Scale with Buildpacks - Jesse Brown, Heroku & Aidan Delaney, Bloomberg
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Buildpacks transform source applications into images that run on any cloud. Each output image contains a full Software Bill of Materials which allows platform developers to know precisely what software is deployed. This makes them an excellent solution where a container runtime is provided to untrusted or semi-trusted development teams. There are wider use-cases where many application development teams share a common runtime, like Kuberenetes. In this talk we look at using Buildpacks to deploy web applications at scale, we consider batch processing in large workflows - particularly AI/machine learning workflows - and we look at an example Functions as a Service platform that uses Buildpacks.
Speakers
avatar for Jesse Brown

Jesse Brown

Software Engineer, Heroku
Jesse is a software engineer at Heroku, currently based in Memphis, TN. With a focus on the Heroku Builds suite of services, Jesse has been contributing to buildpacks.io since 2019 and earned maintainer status in 2021. Passionate about Kubernetes and large-scale systems, Jesse dedicates... Read More →
avatar for Aidan Delaney

Aidan Delaney

Bloomberg
Aidan is a Buildpacks.io maintainer and currently works in Bloomberg's Data Management Services team.  He has worked on Buildpacks (and other infrastructure) for AI and large scale data processing.  He likes to build well-tested platforms that have clean interfaces.
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3 | 355 EF

5:25pm MST

Observability TAG Round-up and What’s New for AI Observability - Alolita Sharma, Apple & Chris Larsen, Netflix
Wednesday November 13, 2024 5:25pm - 6:00pm MST
The Observability TAG has been busy in 2024. We've been hard at work on exciting initiatives designed to address the challenges of large-scale observability. This session will provide an update on our activities, workgroups, and achievements. The cloud is undergoing a supernova event! Massive deployments of GPUs and NPUs running AI workloads are fueling a revolution, but implementing observability for this new ecosystem can easily devour your budget. As CNCF’s Observability TAG, we'll dive into the latest trends in observability that address the cost challenges of the AI Cloud. See what’s new to help manage observability data more effectively, optimize operational efficiency, and keep costs under control.
Speakers
avatar for Chris Larsen

Chris Larsen

Senior Software Engineer, Netflix, Netflix
Observability engineer focusing on cross telemetry correlation and maintainer of OpenTSDB.
avatar for Alolita Sharma

Alolita Sharma

Observability Engineering, Apple
Alolita Sharma is a member of OpenTelemetry GC, Observability TAG co-chair, CNCF End-User TAB Chair and Governing Board member. She leads Apple’s AIML observability teams. She contributes to open source, open standards at OpenTelemetry, Unicode, W3C. She has served on the boards... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

5:25pm MST

Squashing Trampoline Pods: The Future of Securely Enabling Hardware Extensions - Joe Betz, Google & David Eads, Red Hat
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Prevent a single node compromise from leaping to other nodes.  If you deploy or develop per-node agents, learn how to combine recent and developing features (validating admission policy, service account token node claims, CRD field selectors, and field selector authorization) to build secure hardware extensions.
Speakers
avatar for Joe Betz

Joe Betz

Staff Software Engineer, Google
Joe Betz is a tech lead of the Kubernetes api-machinery SIG. Joe has contributed to extensibility features including custom resources, admission webhooks, and CEL. Joe has also contributed to etcd as a project maintainer.
avatar for David Eads

David Eads

Senior Principal Software Engineer, Red Hat
David Eads is a senior principal software engineer at Red Hat and co-lead for Kubernetes sig-apimachinery and TL for sig-auth.
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 3| 355 BC

5:25pm MST

Understanding How OpenTelemetry Network Uses eBPF for Network Observability - Shivanshu Raj Shrivastava, SigNoz & Jonathan Perry, PerfPod
Wednesday November 13, 2024 5:25pm - 6:00pm MST
The recent advancements in eBPF tooling, including the enhanced eBPF runtime embedded in the Linux kernel, the BPF Compiler Collection (BCC) for efficient kernel tracing, and the LLVM Compiler for converting C code to eBPF programs, have made it easier to provide always-on network visibility. OpenTelemetry Network leverages these foundational tools to provide out-of-the-box network observability for modern infrastructures. In this talk, we'll explore the architecture of the OTel Network, focusing on its key components: the kernel collector, kubernetes collector, cloud collector, and reducer which together enable collecting, ingesting, aggregating, enriching, and exporting telemetry data collected from various sources. We'll show an end-to-end setup to demonstrate the use of these agents and reducer component to send data to the OTel collector. This session aims to equip end-users and contributors with the necessary infomation to get started with the OpenTelemetry Network project.
Speakers
avatar for Jonathan Perry

Jonathan Perry

Founder & CEO, PerfPod
Jonathan Perry is a maintainer of the OpenTelemetry eBPF network collector. His PhD research at MIT CSAIL focused on performance isolation in datacenter and cloud networks, aiming to enhance network efficiency and reduce latency. Jonathan founded Flowmill, where he developed eBPF-based... Read More →
avatar for Shivanshu Raj Shrivastava

Shivanshu Raj Shrivastava

Founding Engineer, SigNoz
Shivanshu is a Founding Engineer at SigNoz, working on building an OTeL native observability product. He has a keen interest in deep tech and OSS. He is a CNCF ambassador and a member of CNCF projects like OTeL, k8s, and Istio. He has got the opportunity to mentor contributors in... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

5:25pm MST

XRegistry - Looking Beyond CloudEvents - Calum Murray, University of Toronto
Wednesday November 13, 2024 5:25pm - 6:00pm MST
CloudEvents helps in the delivery of events by standardizing where common event metadata can be found in the messages carrying those events without the need to understand the schema of each event. But discovering which endpoints support those events, how to communicate with them, and finding the schema of the messages carrying those events can be challenging. This is where xRegistry can be used. xRegisty defines a core set of interoperable APIs for a generic "registry" that can be used to persist and query its contents to help discover resources and their metadata. On top of this extensible base registry model we are developing 3 domain specific registries: Endpoint, Message and Schema registries - specifically aimed at enabling the automation, tooling and code generation often needed in distributed systems development. In this session you will learn about CloudEvents, xRegistry and how we're trying to help users be more productive in an event-driven world.
Speakers
avatar for Calum Murray

Calum Murray

Engineering Science Student, University of Toronto, Faculty of Applied Science and Engineering
I'm a software engineer, and I love building cool things in open source. I like to seek out the most interesting and challenging problems which I think will have a large impact, and build creative solutions to them. I also like to share my passion for open source with others, and... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

5:25pm MST

The OTTL Cookbook: A Collection of Solutions to Common Problems - Tyler Helmuth, Honeycomb & Evan Bradley, Dynatrace
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Is your telemetry missing key attributes? Maybe there are details in your log bodies you’d rather have as attributes. It is common to find yourself in situations where your data doesn't look how you expect: it's too large, the wrong shape, or doesn't have everything you want. The OpenTelemetry Collector uses the OpenTelemetry Transformation Language (OTTL) to solve these problems. OTTL enables telemetry transformations based on any field of the payload, utilizing functions to execute the changes. In this session, Tyler and Evan will go over a brief intro to OTTL and then cover example after example of situations where you can use OTTL to solve processing problems in the Collector, like setting attributes, or defining an entire OTLP log record from a kubernetes event. Get ready with situations of your own, as we’ll save time at the end to try writing OTTL statements live on stage for your transformation or filtering issues so we can demonstrate how flexible OTTL truly is.
Speakers
avatar for Tyler Helmuth

Tyler Helmuth

Sr. Software Engineer, Honeycomb
Tyler is a Sr. Software Engineer at Honeycomb with a passion for observability and helping users start their observability journey. He is a maintainer for the OpenTelemetry Collector and OTel Helm Charts, and an active contributor to other OTel repositories. While not its originator... Read More →
avatar for Evan Bradley

Evan Bradley

Senior Software Engineer, Dynatrace
Evan helps maintain the OpenTelemetry Collector, where he is also a primary contributor to the OpenTelemetry Transformation Language (OTTL) and the OpenTelemetry Agent Management Protocol (OpAMP) Collector components. Evan has a background in developing DevOps tooling and observability... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability
  • Content Experience Level Any

5:25pm MST

Misadventures in Large Scale Cluster Performance - Shane Corbett, AWS & Dima Ilchenko, Lacework
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Join us for our follow up to one of the highest rated talks of kubecon 2022 (73,000 pods a day, lessons from misadventures in multi-tenant). We are on a new misadventure, asking the question what if some of the most popular advice about Kubernetes was just...wrong? We spent over two years pouring through 800 page linux kernel performance books, tweaking obscure control plane settings, and developing detailed custom monitoring dashboards so you don’t have to! Join us as we take you through real world findings that took months of research to fully understand, and provide evidence that some of the things we were convinced were best practices, were the very things holding us back the most.
Speakers
avatar for Dima Ilchenko

Dima Ilchenko

SRE, Lacework
Dima is a staff SRE on a Compute Platform Team focused on troubleshooting, observability and scalability of large-scale Kubernetes platform at Lacework. Lacework's unique features create unique challenges that push Kubenetes to its limits, offering Dima unique perspective into often... Read More →
avatar for Shane Corbett

Shane Corbett

Senior Kubernetes Specialist, AWS
Shane Corbett is a Senior Containers Specialist at AWS focused on helping customers with the finer points of Kubernetes large scale design and performance. When not pushing Kubernetes to extremes you will find Shane pursuing his lifelong obsession of exploring the edge of the extreme... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

5:25pm MST

Creating Paved Paths for Platform Engineers - Ritesh Patel, Nirmata; Abby Bangser, Syntasso; Viktor Farcic, Upbound; Nicholas Morey, Akuity; Praseeda Sathaye, Amazon
Wednesday November 13, 2024 5:25pm - 6:00pm MST
The platform engineering team's role has evolved into a pivotal one as the custodian of the internal developer platform. However, these teams often find themselves in a quagmire of identifying the right components to include in their platforms, particularly in the ever-expanding CNCF landscape. This panel session discusses these challenges by exploring the concept of 'Paved Paths' as a strategic approach to guide platform teams in their journey of building an internal developer platform (IDP). 'Paved Paths' offers a solution by providing platform engineering teams with proven reference architectures (e.g. CNOE and the BACK Stack). This approach prevents them from starting from scratch and getting lost in the vast CNCF landscape. By offering proven and opinionated reference architectures, platform teams can focus on enhancing developer experiences and optimizing higher-level workflows rather than grappling with the complexities of identifying foundational components for their IDP.
Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a lead rapscallion at Upbound, a member of the CNCF Ambassadors, Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Ritesh Patel

Ritesh Patel

Co-Founder & VP Product, Nirmata
Ritesh Patel is Co-founder and leads Products at Nirmata, the creators of Kyverno. At Nirmata, he is responsible for commercial products for Kubernetes security, governance, and automation. He also leads key technology partnerships. Ritesh has 20+ years of experience delivering enterprise... Read More →
avatar for Praseeda Sathaye

Praseeda Sathaye

Principal Specialist Solution Architect, Amazon (AWS)
Praseeda Sathaye is a Principal Specialist SA for App Modernization and Containers at Amazon Web Services based in Bay Area California. She has been focused on helping customers speed their cloud-native adoption journey by modernizing their platform infrastructure, internal architecture... Read More →
avatar for Nicholas Morey

Nicholas Morey

Senior Developer Advocate, Akuity
Nicholas Morey is a Platform Engineer with a passion for DevOps practices. He is on the team at Akuity as a Developer Advocate, working with the community on anything Argo and Kargo-related. He is an experienced Argo CD operator and a Certified Kubernetes Administrator.
avatar for Abby Bangser

Abby Bangser

Principal Engineer, Syntasso
Abby is a Principal Engineer at Syntasso delivering Kratix, an open-source cloud-native framework for building internal platforms on Kubernetes. Her keen interest in supporting internal development comes from over a decade of experience in consulting and product delivery roles across... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering

5:25pm MST

Taming Your Application’s Environments - Marcos Lilljedahl, Dagger & Mauricio "Salaboy" Salatino, Diagrid
Wednesday November 13, 2024 5:25pm - 6:00pm MST
How coupled are your applications code and pipelines to its target cloud or on-prem environment? Kubernetes helps us to abstract how we run our workloads. However, there are other aspects, like infrastructure dependencies, service configuration, build process, deployment descriptors, etc., which need to be considered to make an application portable across multiple environments. Focusing on these aspects make a big difference when migrating apps to reduce costs, meeting compliance requirements or leveraging a specific tech only available somewhere else. Join us to cover three techniques you can implement to level up your SDLC: - Modularizing and enhancing our delivery pipelines to simplify complex environments (Crossplane and Dagger) - Building consistent experiences around well-known interfaces (CloudEvents, Dapr, and OpenFeature) to minimize runtime drift. - Design with separation of concerns to enable fast feedback loops between development and operation teams (Argo CD, Knative)
Speakers
avatar for Marcos Lilljedahl

Marcos Lilljedahl

Software Engineer, Dagger
Dad, Docker Captain, OSS lover, helmsman and wine drinker. Father of a joyful kid and wannabe surfer. I like listening to jazz music and tinker with some fun projects when possible. Avid open source contributor.
avatar for Mauricio Salatino

Mauricio Salatino

OSS Software Engineer, Diagrid
Mauricio works as an Open Source Software Engineer at @Diagrid, contributing to and driving initiatives for the Dapr OSS project. Mauricio also serves as a Steering Committee member for the Knative Project and Co-Leading the Knative Functions initiative. He published a book titled... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 250
  SDLC

5:25pm MST

From Observability to Enforcement: Lessons Learned Implementing eBPF Runtime Security - Anna Kapuścińska & Kornilios Kourtis, Isovalent
Wednesday November 13, 2024 5:25pm - 6:00pm MST
eBPF is getting widely adopted in cloud native runtime security tools like Falco, KubeArmor, and Tetragon. Using eBPF we can collect relevant security events right in the kernel and pass them to Security Engineers for retroactive attack detection and response. Having reliable and complete visibility is great, but wouldn't it be even better to proactively prevent attacks in progress? This talk covers the Tetragon team’s experience moving from security observability to enforcement and lessons learned along the way: from defining security models to hardening interactions between the local kernel and distributed Kubernetes systems. It will deep dive into how eBPF-based enforcement works, why it differs from observability, and the challenges of implementing it. The audience will walk away understanding the inner workings and common pitfalls of eBPF-based runtime security.
Speakers
avatar for Kornilios Kourtis

Kornilios Kourtis

Dr, Isovalent
I am a software engineer at Isovalent, working on cloud-native networking, security, and observability using eBPF. Before that, I worked in industrial (IBM) and academic research (ETH Zurich, NTU Athens) in systems, including operating systems, storage and network stacks, and high-performance... Read More →
avatar for Anna Kapuscinska

Anna Kapuscinska

Software Engineer, Isovalent, now part of Cisco
Anna is a software engineer at Isovalent, focusing on eBPF-based observability and security. Her previous roles span the industry: she wore both developer and SRE hats, and worked in AdTech, FinTech, public healthcare, end-user SaaS company and a hosting provider. On good weather... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 1 | 151
  Security

5:25pm MST

Workload Identity Federation – Stop Using Long-Lived Credentials - Benjamin Dronen, Ford Motor Company & Anjali Telang, Red Hat
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Workload identity federation is a somewhat daunting but extremely beneficial topic in Kubernetes security. In this session, we will share the lessons Ford Motor Company has learned through using workload identity federation with Google Cloud Platform, Microsoft Entra ID, and other platforms at scale from a wide variety of different workload types, how it has enhanced our security posture, improved developers’ lives, and reduced outages.
Speakers
avatar for Anjali Telang

Anjali Telang

Principal Product Manager, OpenShift Security and Identity, Red Hat
Anjali Telang is a Principal Product Manager for Security and Identity in OpenShift at RedHat. She is a security and cloud enthusiast with over 16 years of experience in cloud, security and networking. Prior to joining RedHat, she worked in various product and engineering roles at... Read More →
avatar for Benjamin Dronen

Benjamin Dronen

Kubernetes Platform Engineer, Ford Motor Company
Ben Dronen started at Ford Motor Company in 2022 as part of their Ford College Graduate rotational program. He currently holds a Kubernetes Platform Engineering position and focuses on bare metal Kubernetes deployments. Ben attended Andrews University in Southwest Michigan and holds... Read More →
Wednesday November 13, 2024 5:25pm - 6:00pm MST
Salt Palace | Level 2 | 254
  Security
  • Content Experience Level Any

6:00pm MST

CNCF End User Reception
Wednesday November 13, 2024 6:00pm - 8:00pm MST
The CNCF End User Reception brings together cloud native users for food, beverages, networking, and a casual setting to discuss best practices and lessons learned. Join us to meet peers and learn helpful tactics to help navigate the cloud native community!

Note: This event is reserved exclusively for active or applying CNCF end user members.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Hyatt Regency | Level 4 | Broadcast Lounge

6:00pm MST

🎉 #KubeCrawl + #CloudNativeFest Sponsored by CDW
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Thank you to our sponsor, CDW!

Join us for a captivating evening at #KubeCrawl + #CloudNativeFest, the highlight of our conference in Salt Lake City!

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: 0.0.0.0 Day: Exploiting Localhost APIs from the Browser - Avi Lumelsky, Oligo
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Browser-based attacks are not new in the malicious landscape of attack patterns. Browsers remain a popular infiltration method for attackers.  While seemingly local, services running on localhost are accessible to the browser using a flaw we found, exposing the ports on the localhost network interface, and leaving the floodgates ajar to remote network attacks. In this live demo and attack simulation we’ll unveil a zero-day vulnerability (still under responsible disclosure) in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. In our talk, we will present novel attack techniques, targeting developers and employees within an organization, that are behind firewalls. This will be a first-ever deep dive into this newly discovered zero-day vulnerability.
Speakers
avatar for Avi Lumelsky

Avi Lumelsky

AI Security Researcher, Oligo
Avi has a relentless curiosity about business, AI, security—and the places where all three connect. An experienced software engineer and architect, Avi’s cybersecurity skills were first honed in elite Israeli intelligence units. His work focuses on privacy in the age of AI and... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Security

6:00pm MST

🪧 Poster Session: Accepting Mortality: Strategies for Ultra-Long Running Stateful Workloads in K8s - Sebastian Beyvers & Maria Hansen, Giessen University
Wednesday November 13, 2024 6:00pm - 8:00pm MST
"Pods are mortal" is a well-known quote in the official Kubernetes documentation. For ultra-long running stateful workloads that take months to complete, this mortality comes with its own challenges. How do you react to hardware failures? What resource quotas are appropriate? What if the workload has no built-in persistence and does all its work in memory? For such workloads, failures can be fatal, potentially wiping out months of work. This session will show that despite all the obstacles, Kubernetes can still be a reasonable choice for running stateful workloads that take months to complete. Using real-world examples based on production workflows, we will show how we design, configure, run, and operate such workloads using K8s and Argo workflows. We will also show how intelligent checkpointing using CRIU can help us deal with failures and enables us to avoid some problems even before they occur.
Speakers
avatar for Sebastian Beyvers

Sebastian Beyvers

Distributed Systems Researcher, Giessen University
Sebastian Beyvers is a distributed systems researcher in bioinformatics and a cloud-native Rust developer at Giessen University. Sebastian's current work focuses on cloud-native data storage and processing solutions that try to harmonize existing national and international data ecosystems... Read More →
avatar for Maria Hansen

Maria Hansen

Research Associate, Giessen University
Maria Hansen is a research assistant in the field of (bio)informatics at Justus Liebig University Giessen. She is currently working on a cloud-native data orchestration system that aims to unite existing national and international data ecosystems.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: Climatik: Cloud Native Sustainable LLM via Power Capping - Chen Wang, IBM & Vincent Hou, Bloomberg L.P.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
As GenAI workloads grow, the need for advanced accelerators with higher power consumption is surging. NVIDIA GPU peak power has risen from 300W for V100 to 1000W for B100. However, current power infrastructure and cooling systems are not designed to handle rapid power increases, leading to challenges like limited accelerator deployment in some regions or overheating risks that could cause fire hazards. We propose Climatik, a dynamic power capping system that enables data center and cluster admins and developers to set power caps dynamically at the cluster, service namespace, and rack levels. Climatik leverages Kepler for observability and offers APIs for integration with Kubernetes control knobs, including autoscalers, schedulers, and queuing systems, to ensure power caps are maintained across all levels. We will demo how to use Climatik to configure power capping for a large language model (LLM) inference service on KServe and show how power capping influences KEDA on autoscaling.
Speakers
avatar for Chen Wang

Chen Wang

Senior Research Scientist, IBM
Chen Wang is a Staff Research Scientist at the IBM T.J. Watson Research Center. Her interests lie in Kubernetes, Container Cloud Resource Management, Cloud Native AI systems, and applying AI in Cloud system management. She is an open-source advocate, a Kubernetes contributor, and... Read More →
avatar for Vincent Hou

Vincent Hou

Senior Software Engineer, Bloomberg L.P.
Vincent Hou is a Chinese software engineer, who used to study in Belgium and is currently working in US. He has been an active open source contributor, since 2010. He used to be an active contributor to Cinder project, OpenStack block storage service, and a core committer of OpenWhisk... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, AI + ML

6:00pm MST

🪧 Poster Session: Kubernetes as a Geographically Distributed System - Ildiko Vancsa, Open Infrastructure Foundation
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Kubernetes was designed to be the best container orchestration platform on top of a cloud infrastructure in one data center. What do you do when you want to take your deployment and grow it in various geographical locations, but sill keep it as part of one system? You will have to face with complexity and figure out infrastructure management on a massive scale, and neither of these is easy to tackle. However, you don't have to go back to the drawing board, because the platform that delivers on requirements and expectations, already exists and it is called StarlingX. The StarlingX project is a fully integrated, open source cloud platform that is running in production at large telecom operators, who rely on its distributed cloud architecture along with next-level container orchestration support, which is provided by Kubernetes. This talk will introduce the StarlingX platform, share highlights from its latest release and show how it takes Kubernetes to the next level!
Speakers
avatar for Ildiko Vancsa

Ildiko Vancsa

Director of Community, Open Infrastructure Foundation
Ildikó is working for the Open Infrastructure Foundation as Director of Community. As part of her role, she is the Community Manager for StarlingX and Kata Containers, and a co-leader of the OpenInfra Edge Computing Group. Ildikó has been contributing to projects like OpenStack... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: Optimizing Pod Affinity in Kubernetes: A Mathematical Approach to Workload Placement - Jack Xue, Microsoft
Wednesday November 13, 2024 6:00pm - 8:00pm MST
A standout feature of Kubernetes is its sophisticated mechanism for pulling container images from repositories, aligning containers with the appropriate pods, and strategically deploying pods to nodes that meet their resource requirements—such as CPU, GPU, RAM, network, and storage. This process adheres to the defined affinity and anti-affinity specifications between pods and nodes. Despite these capabilities, the challenge of optimally arranging a multitude of workloads, each comprising several pods within a cluster, remains an ongoing endeavor. In our research, we illustrate that a set of YAML files, which detail a workload deployment request, can be systematically transformed into a Binary Integer Linear Programming (BILP) model. Depending on the specific optimization goals, the objective functions of the model can be tailored accordingly. With the imposition of broad conditions, it is feasible to derive an optimal solution that adheres to polynomial time complexity constraints.
Speakers
avatar for Jack Xue

Jack Xue

Principal Cloud Solution Architect, Microsoft
PhD & MBA. Principal Cloud Solution Architect, Microsoft
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: Revolutionizing Windows Container Startup Performance - Tina Wu & Shaheed Chagani, Microsoft
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Are you frustrated by Windows container delays and struggling to meet demand spikes? We are excited to introduce a suite of innovations that will revolutionize your Windows container startup and scaling experience. Conventional Windows container image download, import, and launch processes have long suffered from sluggishness and inefficiencies. By leveraging a new storage stack, CimFS & UnionFS, we anticipate a 30%+ improvement in container image import and launch times. Building on top of that, we are excited to announce Artifact Streaming for Windows Containers to drastically reduce image download time from minutes to seconds. This session will showcase an in-depth exploration of the architecture, implementation intricacies, and tangible benefits of the new storage stack. We will also guide you through compelling use cases and performance benchmarks that highlight the impact. Don't miss the opportunity to stay at the forefront of Windows container technology innovations.
Speakers
avatar for Shaheed Chagani

Shaheed Chagani

Principal Software Engineering Lead - Microsoft, Microsoft
Principal Software Engineering Lead for the File System Virtualization team.
avatar for Tina Wu

Tina Wu

Senior Product Manager, Microsoft
Tina is a Senior Product Manager on the Windows Storage & File Systems team and works on technologies such as Artifact Streaming for faster image downloads for Windows Containers, CimFS & UnionFS for a modern container launch stack, and Storage Spaces for storage virtualization.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: Unleashing the Power of Init and Sidecar Containers in Kubernetes - Carlos Sanchez & Natalia Angulo, Adobe
Wednesday November 13, 2024 6:00pm - 8:00pm MST
This session dives deep into the power of init and sidecar containers, the issues they solve and why they are very useful when managing Kubernetes workloads. We will explore real-world use cases that show how these tools can: * Simplify complex deployments: Break down intricate deployments into manageable steps. * Enhance security: Isolate security critical tasks within your pods and ongoing security measures. * Facilitate rapid and isolated changes: when everyone is interested in updating the same service, separation of concerns is critical for rapid development. * Boost application functionality: Utilize sidecar containers to inject essential functionalities like logging, monitoring, and networking capabilities without modifying your main application code. Our goal is to share our experience and challenges managing thousands of environments in Kubernetes, how we manage init and sidecar containers and what problems they solve for us.
Speakers
avatar for Natalia Angulo

Natalia Angulo

Software Developer Engineer, Adobe
Natalia Angulo is a Software Development Engineer at Adobe Experience Manager, contributing to Site Reliability tasks and the development of new features inside AEM, and specially helping with their infrastructure management. She is passionate about maths, coding puzzles and teaching... Read More →
avatar for Carlos Sanchez

Carlos Sanchez

Principal Scientist, Adobe
Carlos Sanchez is a Principal Scientist at Adobe Experience Manager, specializing in software automation, from build tools to Continuous Delivery and Progressive Delivery. Involved in Open Source for over 20 years, he is the author of the Jenkins Kubernetes plugin and a member of... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: Unleashing the Power of Prediction to Proactively Scale Control Plane Components - Anubhav Aeron & Ryan Tay, Intuit
Wednesday November 13, 2024 6:00pm - 8:00pm MST
At Intuit, our control plane components such as IstioD are responsible for hundreds of applications per cluster. It is responsible for configuring data plane, as well as injecting the istio-proxy container. With an increase in application traffic, there is an increase in application pods, which results in the control plane to scale up. For critical control planes such as IstioD, it is wise to scale proactively, rather than as a reaction to increase in load. With traditional approaches, like tuning HPA thresholds, to scale in advance, we might pre scale even when not required due to outliers, which could be wasteful. At Intuit a novel deep learning forecasting model called N-HiTS was employed to solve this issue. This session will discuss and demo how we train N-HiTS, our most important model features, and how we deploy our service on a per-cluster basis to provide contextualized predictions for cost effective and on time auto-scaling.
Speakers
avatar for Anubhav Aeron

Anubhav Aeron

Staff SE, Intuit
Anubhav is a seasoned software engineer in the field of Cloud Native Technologies, and has been doing Kubernetes and Service Mesh since 2016. He developed Redis Cluster as a Service, and a Templating Engine while working at Yahoo! He is the lead maintainer of Admiral, which is an... Read More →
RT

Ryan Tay

Software Engineer, Intuit Inc.
As a software engineer on the Service Mesh team at Intuit, Ryan works to support Intuit's extensive Istio deployment through contributions to projects like Admiral. He has previously worked to reduce costs of cloud development environments for the Intuit API Gateway team. His main... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

6:00pm MST

🪧 Poster Session: Unveiling Anomalies: eBPF-Based Detection in High-Volume Encrypted Network Traffic - Ben Smith-Foley, Rensselaer Center for Open Source
Wednesday November 13, 2024 6:00pm - 8:00pm MST
The increased use of encryption in network traffic presents a significant challenge for traditional network monitoring and security tools. As encrypting traffic becomes the norm, so does the need for advanced methods to detect malicious activities hidden within encrypted traffic. This poster will focus on how eBPF can be utilized to gain early observability into incoming packets by capturing and analyzing metadata before packets are fully processed, and how eBPF offers a unique vantage point for identifying anomalies in real-time. It will discuss methods to detect abnormal patterns, the design of the eBPF programs used, and the integration of these programs into a broader monitoring framework. The insights from this research have the potential to significantly enhance network security by providing a scalable and efficient solution for monitoring network traffic without compromising privacy. Attendees will gain an understanding of the practical applications of eBPF in network security.
Speakers
avatar for Ben Smith-Foley

Ben Smith-Foley

University Student, Rensselaer Center for Open Source
Ben is a senior at Rensselaer Polytechnic Institute studying Computer Science with a concentration in Systems and Software. He is currently conducting undergraduate research in "Anomaly Detection in High-Volume Encrypted Network Traffic", helps lead the Rensselaer Center for Open... Read More →
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Security
  • Content Experience Level Any

6:00pm MST

🪧 Poster Session: What's Happening with SPIFFE and WIMSE? - Daniel Feldman, Qusaic
Wednesday November 13, 2024 6:00pm - 8:00pm MST
This session will be a very brief overview of what's going on with the SPIFFE and WIMSE identity standards projects. SPIFFE is a CNCF effort to standardize workload identity implementations. That is, a SPIFFE implementation can grant services unique identities and credentials. WIMSE is an IETF effort to build on the SPIFFE foundation. In particular, it adds a new, unique token format that allows securely recording multi-hop identity information. Implementors will be able to use this token format to build complete, end-to-end, cryptographically auditable identity records.
Speakers
avatar for Daniel Feldman

Daniel Feldman

Founder, Qusaic
Daniel Feldman has worked with many companies, large and small, to deploy SPIFFE and SPIRE zero-trust identity.
Wednesday November 13, 2024 6:00pm - 8:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
  🪧 Poster Sessions, Security

6:10pm MST

Project Pavilion Tour with Aditya Soni, CNCF Ambassador
Wednesday November 13, 2024 6:10pm - 6:30pm MST
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Wednesday November 13, 2024 6:10pm - 6:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase
 
Thursday, November 14
 

8:00am MST

Badge Pick-Up
Thursday November 14, 2024 8:00am - 6:00pm MST
Thursday November 14, 2024 8:00am - 6:00pm MST
West Temple Entrance (East)

8:00am MST

Badge Pick-Up
Thursday November 14, 2024 8:00am - 6:00pm MST
Thursday November 14, 2024 8:00am - 6:00pm MST
200 South Entrance (South)

9:00am MST

Keynotes To Be Announced
Thursday November 14, 2024 9:00am - 10:30am MST
Thursday November 14, 2024 9:00am - 10:30am MST
Salt Palace | Level 1 | Hall DE

10:30am MST

Coffee Break ☕
Thursday November 14, 2024 10:30am - 11:00am MST
Thursday November 14, 2024 10:30am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

10:30am MST

Solutions Showcase
Thursday November 14, 2024 10:30am - 5:00pm MST
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Thursday November 14, 2024 10:30am - 5:00pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

10:40am MST

Project Pavilion Tour with Julia Furst Morgado, CNCF Ambassador
Thursday November 14, 2024 10:40am - 11:00am MST
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Thursday November 14, 2024 10:40am - 11:00am MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

11:00am MST

Shifting Gears: Leveraging CNCF Tools to Streamline Operations at Toyota Connected - Benson Phillips & Rob Heckel, Toyota Connected
Thursday November 14, 2024 11:00am - 11:35am MST
In the evolving landscape of cloud-native ecosystems, aligning teams and standardizing practices is crucial for operational excellence. At Toyota Connected, we faced significant challenges due to inconsistent practices and fragmented collaboration across departments. To address this, we adopted a suite of CNCF tools including ArgoCD, Backstage, Harbor, External Secrets Operator, and OpenCost. This session will delve into our journey of implementing these tools to unify our approach, streamline workflows, and enhance cross-team collaboration. Attendees will gain insights into the practical application of these tools, our successes and failures, and the substantial reduction in time to market achieved. By focusing on the integration of technical solutions and effective team practices, we aim to foster a cohesive and efficient cloud-native environment. This presentation provides actionable strategies for leveraging CNCF tools to drive innovation and excellence in your organization.
Speakers
avatar for Benson Phillips

Benson Phillips

Platform Architect, Toyota Connected
Software oriented, primarily working with cloud native computing. But my interests do not stop there as my love for technology is boundless.
avatar for Rob Heckel

Rob Heckel

Platform Architect, Toyota Connected North America
Rob has over 15 years in technology, specializing in open source and developer enablement. As a Platform Architect for Toyota Connected, he enhances DevOps, SDLC, and SRE practices. He has led the creation of an internal developer platform, streamlined tool integrations, and promoted... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 254
  Cloud Native Experience
  • Content Experience Level Any

11:00am MST

Harnessing the Power of Envoy Proxy for Building an LLM Gateway - Idit Levine, Solo.io
Thursday November 14, 2024 11:00am - 11:35am MST
As the demand for LLMs continues to soar, the need for secure, cost-conscious, and content-aware control over its usage is paramount. In this talk, we explore why Envoy Proxy is the optimal choice for building an LLM gateway, leveraging its unique architecture and capabilities. Unlike traditional proxies (e.g. NGINX), which rely on scripting languages for customization, Envoy Proxy stands out due to its extensibility features: filter architecture, callout architecture (ext-proc, ext-auth), and ability to dynamically load libraries. Combined with its high-performant, async core ( C++), Envoy can run as an ingress, egress and mesh gateway. We'll look at using Envoy proxy for LLM credential management, prompt guarding/decorting, analyzing content safety, usage controls, context-aware failover, and observability. Ideal for developers, architects, and tech enthusiasts looking to solve challenges around LLM usage and picking the right technologies for their platform infrastructure.
Speakers
avatar for Idit Levine

Idit Levine

Founder & CEO, Solo.io
Idit Levine is the founder and CEO of Solo.io, a company that creates open-source tools to assist enterprises in adopting and extending innovative cloud-native technologies while modernizing their existing IT investments. Solo.io is a top contributor to CNCF projects such as Envoy... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:00am MST

Cooperative Scheduling for Stateful Systems - Michael Youssef & Laxman Prabhu, LinkedIn
Thursday November 14, 2024 11:00am - 11:35am MST
At LinkedIn, we develop many stateful systems and run them on tens of thousands of machines in our datacenters. As we move LinkedIn’s infrastructure to Kubernetes, we quickly realized that StatefulSet was not going to be enough to support running critical stateful systems and satisfy the safety and durability goals of the teams developing stateful systems. We've built first-class support for running stateful workloads on bare metal where the stateful systems can coordinate with Kubernetes to stay available and ensure durability. With our design, we support planned/unplanned maintenance, swapping out hardware, and allow stateful systems to customize their rollout policies natively on Kubernetes. This talk covers: - Our LiStatefulSet API. - How we allow apps to customize safety checks and deployment policies via an ApplicationClusterManager, our pluggable policy engine. - The ApplicationClusterManager protocol that allows coordination of the lifecycle of workloads with Kubernetes.
Speakers
LP

Laxman Prabhu

Staff Software Engineer, Systems Infrastructure, LinkedIn
avatar for Michael Youssef

Michael Youssef

Staff Software Engineer, LinkedIn
Michael is a Staff Software Engineer at LinkedIn, currently making management and deployment of sharded systems a touch less painful on Kubernetes. In his free time he enjoys spending time with his cat, inhaling chocolate, and playing tennis.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

11:00am MST

Kubernetes Workspaces: Enhancing Multi-Tenancy with Intelligent Apiserver Proxying - James Munnelly & Andrea Tosatto, Apple
Thursday November 14, 2024 11:00am - 11:35am MST
Multi-tenancy in Kubernetes means sacrificing essential features like cluster-scoped list/watches and multi-namespace/cluster-scoped RBAC. This often leads to additional complexity when configuring operators and forces discrepancies and friction with cluster-as-a-service type offerings. In this talk we will go through a demonstration of an intelligent Kubernetes apiserver proxy that introduces the concept of a ‘workspace’. Borrowing the name from the KCP project, a Workspace is a virtual apiserver endpoint that provides a ‘cluster-scoped’ view over a group of namespaces in a remote cluster. We’ll then go on to discuss optimisations and changes that we’d like to make within Kubernetes to better support apiserver proxying for multi-tiered caching, routing and scoping purposes.
Speakers
avatar for James Munnelly

James Munnelly

Staff Field Engineer, Apple
James Munnelly is a Field Engineer at Apple, helping customers adopt and adapt Kubernetes, and driving adoption of OSS cloud native technologies. James is also the founder of the cert-manager project, a Kubernetes extension for managing x509 certificates. He's an active member of... Read More →
avatar for Andrea Tosatto

Andrea Tosatto

Site Reliability Engineer, Apple
Andrea works at Apple as a Site Reliability Engineer. His day to day job consists in managing the lifecycle and ensuring the reliability of a multi-tenant compute platform built on top of Kubernetes. He is deeply passionate about multi-tenancy and any related topic, ranging from runtime... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

11:00am MST

Artifact Hub: Discover, Analyze, and Share Cloud Native Artifacts - Matt Farina, SUSE
Thursday November 14, 2024 11:00am - 11:35am MST
Finding cloud native artifacts, from Helm charts to security policies, can be difficult with general search engines. Analyzing what you find can be a very manual process and you're going to miss out on some useful projects. Artifact Hub was created to ease the pain of cloud native artifact discovery and now provides for discovery and analysis of over 20 different types of cloud native artifacts. In this session you'll learn: • How Artifact Hub came into existence • How you can discover and analyze artifacts, right on Artifact Hub • Making your artifacts discoverable • Running your own instance of Artifact Hub • How you can contribute to the project
Speakers
avatar for Matt Farina

Matt Farina

Distinguished Engineer, SUSE
Matt works as a Distinguished Engineer at SUSE, where he works as the Chief Architect of the SUSE Rancher Team. He is a maintainer of multiple open source projects including Helm and Artifact Hub. Matt is an author, speaker, and regular contributor to open source.
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:00am MST

GitOps at Production Scale with Flux - Leigh Capili, Flox & Priyanka Ravi, G-Research
Thursday November 14, 2024 11:00am - 11:35am MST
In this session, Leigh and Pinky will cover best practices when running Flux at scale in production. We'll start with an overview of the scaling capabilities of Flux controllers: - Vertical Scaling - Horizontal Scaling - Sharding We'll dive deeply into each method and explain when and how to use them considering multi-tenancy, cluster fleet size, and workload complexity. We'll also introduce the Mean Time To Production benchmarking tool the Flux team has developed using CUE lang and Timoni. The benchmark measures the time it takes for Flux to deploy thousands of Helm charts and Kustomize overlays on Kubernetes clusters. We'll explain the benchmark results and share lessons from running it on different Kubernetes distributions and providers. The session will conclude with the Flux roadmap and our API promises now that Flux is GA.
Speakers
avatar for Leigh Capili

Leigh Capili

Senior DevRel Engineer, Flox
Leigh is an empathetic speaker and dev with niches in cloud-native systems and security. He has a background in building software to manage infra. Leigh is working in k8s SIG-Auth. He authored kubeadm’s etcd mTLS implementation and Flux 2’s multi-tenant security model. Leigh works... Read More →
avatar for Priyanka Ravi

Priyanka Ravi

Platform Tech Advocate, G-Research
Priyanka “Pinky” Ravi is a Platform Technical Advocate at G-Research. She is a Flux project member and an advocate for GitOps. She has worked on a multitude of topics including front end development, UI automation for testing and API development. Previously she was a developer... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

11:00am MST

SIG-Apps: Powering Applications with High-Volume Data and APIs - Maciej Szulik, Red Hat & Janet Kuo, Google
Thursday November 14, 2024 11:00am - 11:35am MST
Over the last decade, Kubernetes expanded support for various workloads from stateless to stateful, from simple jobs to complicated batch workloads. All the APIs have become mature, consistent, and full-featured. We've been busy in SIG Apps, and there's more to come. In this session the SIG Apps leads will provide an overview of what has been accomplished since its inception. They will highlight major milestones, sub-projects and share various stories surrounding major events. They will also discuss how the work has been shared between SIG Apps, Work Groups and sub-projects. The session will conclude with an open discussion and Q&A. Attendees will learn about contributing to SIG Apps themselves.
Speakers
avatar for Janet Kuo

Janet Kuo

Staff Software Engineer, Google
Janet Kuo is a Staff Software Engineer at Google. She's joined the Kubernetes project since before the 1.0 launch in 2015. She is Kubernetes project maintainer, SIG Apps chair, and KubeCon co-chair emeritus. In her free time, she enjoys traveling and taking photos.
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3| 355 BC

11:00am MST

SPIRE: Intro & In-Depth Exploration of the Upcoming Forced Rotation and Revocation Feature - Agustín Martínez Fayó & Marcos Yacob, Hewlett Packard Enterprise
Thursday November 14, 2024 11:00am - 11:35am MST
Join us for an insightful session on the SPIRE project, where we’ll provide a comprehensive introduction covering the foundational aspects of SPIRE, detailing its architecture, capabilities, and the problems it solves. Additionally, we’ll delve into the exciting upcoming updates for the project, with a special focus on the highly anticipated forced rotation and revocation feature that will provide a rapid, reliable, and automated mechanism for recovering from key compromise. Whether you’re new to SPIRE or an experienced user, this talk will equip you with the knowledge of current developments and prepare you for the future enhancements that will further strengthen your infrastructure to provide secure identities for workloads.
Speakers
avatar for Marcos Yacob

Marcos Yacob

Principal Software Engineer, Hewlett Packard Enterprise
I'm principal Software Engineer at Hewlett Packard Enterprise (HPE) and Maintainer of different SPIFFE projects.
avatar for Agustín Martínez Fayó

Agustín Martínez Fayó

Principal Software Engineer, Hewlett Packard Enterprise
Agustín is a Principal Software Engineer at Hewlett Packard Enterprise (HPE) and Maintainer of the SPIRE project. Agustín has always been dedicated to building software that helps to improve the security of systems that operate at scale.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 3 | 355 EF

11:00am MST

What's New with Kubectl and Kustomize … and How You Can Help! - Eddie Zaneski, Defense Unicorns & Arda Guclu, Red Hat
Thursday November 14, 2024 11:00am - 11:35am MST
Have you ever wondered how kubectl and kustomize enhancements are designed and built? Curious why your favorite feature request wasn't accepted? Join the folks from Kubernetes SIG CLI to find out! In this session, the SIG CLI maintainers will provide an introduction to the tooling they are working on and an overview of how to get started contributing. They will share the work done over the past year and the roadmap for what is next. Join us to help shape your favorite tools!
Speakers
avatar for Eddie Zaneski

Eddie Zaneski

Tech Lead - Open Source, Defense Unicorns
Eddie lives in Denver, CO with his wife and dog. He loves open source and works on the Kubernetes project. When not hacking on random things you'll most likely find him climbing rocks somewhere.
avatar for Arda Guclu

Arda Guclu

Senior Software Engineer, Red Hat
Senior software engineer at Red Hat, regular contributor to Kubernetes and one of the maintainers of kubectl.
Thursday November 14, 2024 11:00am - 11:35am MST
Hyatt Regency | Level 4 | Regency Ballroom A

11:00am MST

Lesson’s Learned Adopting OpenTelemetry at Scale - Alex Arnell, Heroku / Salesforce
Thursday November 14, 2024 11:00am - 11:35am MST
OpenTelemetry makes bold promises to unlock and unleash your observability, providing you with open standards, no vendor lock-in and interoperability with just about everything. You believe that your organization could really benefit from an uplift to modern observability. It would be easy to adopt if you were was starting out fresh, but let’s face it, most organizations have sprawling codebases and architectures. Decisions, infrastructure and often engineers that have been in place for decades. How do you even get started? This Heroku case study dives into our OpenTelemetry journey where you'll discover strategies on adoption, how to deal with internal resistance, and technical guidance on rolling out the change. Learn from our missteps and what we wished we had done differently. You’ll even see how a bit of luck can help drive adoption over the finish line. This session will equip you to navigate OpenTelemetry adoption in the most entrenched environments.
Speakers
avatar for Alex Arnell

Alex Arnell

Principal Engineer, Heroku / Salesforce
Alex Arnell is a Principal Engineer at Heroku / Salesforce with over two decades of software development experience. Alex has spent the last decade specializing in telemetry and observability systems. Alex is the lead engineer of the Telemetry team at Heroku, responsible for the collection... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability
  • Content Experience Level Any

11:00am MST

Navigating the Cgroup Transition: Bridging the Gap Between Kubernetes and User Expectations - Sohan Kunkerkar, Red Hat Inc
Thursday November 14, 2024 11:00am - 11:35am MST
As Kubernetes and container technologies evolve, shifting from cgroup v1 to cgroup v2 has become a pivotal development. With cgroup v2 available in Kubernetes since v1.25, we're at a crossroads where many users and organizations must decide when and how to transition fully to this new system. Despite the benefits of cgroup v2, including better resource management and enhanced capabilities, users frequently encounter unexpected challenges signaling a gap in readiness and understanding. This talk will address the practical implications of moving to cgroup v2, discuss the coordinated efforts to deprecate cgroup v1, and propose actionable strategies to bridge the gap between the Kubernetes community, system administrators, and developers. By focusing on real-world experiences and providing clear guidance, this session aims to equip you with the knowledge and tools to navigate this significant change confidently.
Speakers
avatar for Sohan Kunkerkar

Sohan Kunkerkar

Senior Software Engineer, Red Hat Inc
Sohan Kunkerkar is a Senior Software Engineer at Red Hat, bringing expertise in distributed systems, backend engineering, and containers. His active contributions extend to CRI-O, a container runtime engine, and various sub-projects within the Kubernetes Sig-Node community. Sohan... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

11:00am MST

Engineering a Kubernetes Operator: Lessons Learned from Versions 1 to 5 - Andrew L'Ecuyer, Crunchy Data
Thursday November 14, 2024 11:00am - 11:35am MST
Join me to uncover insights and hard-learned lessons from our journey through the first five versions of a Kubernetes Operator for Postgres. I will trace the development lifecycle from version 1 started in 2017 to version 5 now. Each version represents a milestone in addressing specific challenges, functionality, stability, and performance. We will discuss the architectural decisions, design patterns, and implementation strategies that shaped the evolution of the Operator. Key topics will include handling stateful applications, ensuring high availability, building for flexible deployment models, scalability, and managing rolling upgrades for both the Operator and underlying software. By the end of this session, participants will be equipped with practical knowledge and actionable strategies for engineering their own Kubernetes Operators, ready to accelerate their development process and avoid common pitfalls.
Speakers
avatar for Andrew L'Ecuyer

Andrew L'Ecuyer

Sr. Director of Kubernetes Engineering, Crunchy Data
Andrew head’s up the Kubernetes Engineering Team at Crunchy Data. With a diverse background spanning both the public and private sectors, Andrew has played a key role in designing, building and integrating complex systems of all shapes and sizes. He holds degrees in both Computer... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering
  • Content Experience Level Any

11:00am MST

Yahoo’s Kubernetes Journey from on-Prem to Multi-Cloud at Scale - Nandhakumar Venkatachalam & Payal Patel, Yahoo
Thursday November 14, 2024 11:00am - 11:35am MST
Yahoo is an early adopter of Kubernetes, operating 37 on-prem and 42 multi-cloud production clusters hosting 2700 applications. Our team offers a simple yet powerful interface for users to deploy applications onto our managed clusters. Since 2015, we have handled multiple complex upgrades, including Operating Systems and Kubernetes, upgrading from version 1.0.3 to 1.30.0. In 2023, Yahoo announced plans to migrate to both GCP and AWS cloud platforms. Leveraging extensive knowledge, our team successfully provisioned Kubernetes clusters in a multi-cloud environment within a short period. Our team faced numerous challenges during the cloud adoption process, including networking, security, cluster autoscaling, and cost. In this talk, we will share managing K8S in a multi-cloud and discuss the challenges faced and solutions found. Key topics include Shared VPC, IP Space for K8s, securely accessing private clusters, multi-tenant workload identity, and maintaining a user interface to K8S.
Speakers
avatar for Nandhakumar Venkatachalam

Nandhakumar Venkatachalam

Sr Princ Production Engineer, Yahoo Inc
Nandhakumar Venkatachalam is a Senior Principal Production Engineer at Yahoo Inc. As a lead engineer responsible for operating the large-scale Kubernetes cluster, he has played a key architect role in building scalable cloud infrastructure. Nandha has been with Yahoo for over 17 years... Read More →
avatar for Payal Patel

Payal Patel

Principal Software Development Engineer, Yahoo
Payal Patel is a Principal Software Development Engineer in the Cloud Infrastructure team at Yahoo. She is currently developing a hybrid cloud solution for Kubernetes clusters in AWS and GCP to set up the Kubernetes clusters at scale. Before that, she worked on managing the Kubernetes... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 251
  Platform Engineering
  • Content Experience Level Any

11:00am MST

How We Made OpenTelemetry Be Our Fitness Tracker for Your CI/CD Pipelines! - Nicolas Woerner, Clario & Andreas Grabner, Dynatrace
Thursday November 14, 2024 11:00am - 11:35am MST
CI/CD pipelines are the heartbeat of modern cloud-native software delivery. Healthy pipelines ensure rapid and continuous deployments every time code gets committed to the Git repositories! Every new repository and commit puts more load on the CI/CD tool making it more challenging to keep this crucial heartbeat healthy! In this session, engineers from Clario will demonstrate how they leverage OpenTelemetry to observe, validate, report and optimize their CI/CD pipelines, keeping their deployments healthy despite increased scale and unlocking the full potential of modern software delivery on Kubernetes with GitLab.
Speakers
avatar for Andi Grabner

Andi Grabner

CNCF Ambassador and DevRel, Dynatrace
Andreas Grabner (@grabnerandi) has 20+ years of experience as a software developer, tester and architect and is an advocate for high-performing cloud scale applications. He is a CNCF ambassador, contributor to the CNCF project keptn and a DevRel for Dynatrace. Andreas is also a regular... Read More →
avatar for Nicolas Woerner

Nicolas Woerner

Associate DevOps Engineer, Clario
Nicolas Wörner works in the Platform Engineering Team at Clario. With a background in software and DevOps engineering he focuses on continuously enhancing the software delivery workflow at Clario. Nicolas is passionate about leveraging CNCF software to drive efficiency and reliability... Read More →
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 2 | 250
  SDLC

11:00am MST

From Silicon to Service: Ensuring Confidentiality in Serverless GPU Cloud Functions - Zvonko Kaiser, NVIDIA
Thursday November 14, 2024 11:00am - 11:35am MST
With the widespread adoption of cloud computing, concerns about data privacy and infrastructure security are increasing. This session will focus on confidential cloud functions, including serverless environments and GPU-accelerated workloads, to ensure the security of your code and data within the cloud infrastructure. We will explore technologies such as hardware-based Trusted Execution Environments (TEEs) and confidential computing. In addition, we will cover hardware and software attestation to guarantee integrity from the silicon level upwards, complete stack attestation for end-to-end trust, and supply chain security to trace and verify all application components. Participants will learn practical steps to implement confidential serverless functions, utilizing GPUs for high-performance computing while ensuring data integrity and privacy. Join us to discover how to innovate securely, build your own secure cloud functions infrastructure, and enhance your cloud security posture.
Speakers
avatar for Zvonko Kaiser

Zvonko Kaiser

Principal Systems Software Engineer, NVIDIA
Zvonko is a Principal Systems Engineer at NVIDIA, working on the Cloud Native Technologies team. Focusing right now on all things related to confidential computing, especially in the context of accelerators.
Thursday November 14, 2024 11:00am - 11:35am MST
Salt Palace | Level 1 | 151
  Security

11:00am MST

Tutorial: Kubernetes Smart Scaling: Getting Started with Karpenter - Changsu Lee & Raj Saha, AWS; Wilson Darko & Charlie McBride, Microsoft; Praseeda Sathaye, Amazon
Thursday November 14, 2024 11:00am - 12:30pm MST
Karpenter is an open-source node provisioner that simplifies infrastructure management for Kubernetes clusters. It automatically launches the right compute resources to handle application demands, allowing you to leverage the cloud's elastic capabilities with fast and simple provisioning. This hands-on workshop will guide you through setting up Karpenter in your Kubernetes clusters, how Karpenter automatically responds to changes in application load, scheduling and resource requirements, and placing new workloads onto available compute capacity. Additionally, you'll explore how Karpenter reduces cluster costs by removing under-utilized nodes, replacing expensive nodes with cheaper alternatives, and consolidating workloads onto efficient resources. Throughout the workshop, you'll gain hands-on experience with Karpenter's advanced capabilities, such as evaluating scheduling constraints, enabling continuous optimization through consolidation, and managing drift for day-2 operations.
Speakers
avatar for Wilson Darko

Wilson Darko

Product Manager, Microsoft
avatar for Praseeda Sathaye

Praseeda Sathaye

Principal Specialist Solution Architect, Amazon (AWS)
Praseeda Sathaye is a Principal Specialist SA for App Modernization and Containers at Amazon Web Services based in Bay Area California. She has been focused on helping customers speed their cloud-native adoption journey by modernizing their platform infrastructure, internal architecture... Read More →
avatar for Chance Lee

Chance Lee

Sr Container specialist Solutions Architect, AWS
Chance Lee is a Sr. Container Specialist Solutions Architect at AWS based in the Bay Area. He helps customers architect highly scalable and secure container workloads with AWS container services and various ecosystem solutions. Prior to joining AWS, Chance was an IBM Lab Services... Read More →
avatar for Raj Saha

Raj Saha

Principal Solutions Architect, AWS
Raj is the Principal Specialist SA for Containers, and Serverless at AWS. Rajdeep has architected high profile Kubernetes applications serving millions of customers. He is a published instructor on Kubernetes, Serverless, DevOps, and System Design, has published blogs, and presented... Read More →
avatar for Charlie McBride

Charlie McBride

SDE 2, Microsoft
Summa Cum Laude graduates from the University of Washington. I've been emersed within cloud containerization first interning at AWS within Elastic Container Registry, before going to a full-time position at Azure Kubernetes Services. The cloud feels like a natural home, where I'm... Read More →
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom G
  Tutorials, Operations + Performance

11:00am MST

🚨 Contribfest: Backstage Onboarding: Your Journey to Community Contribution!
Thursday November 14, 2024 11:00am - 12:30pm MST
Join us for an in-depth session on Backstage, an incubating project within the CNCF ecosystem. Backstage is a framework for building Internal Developer Portals, enhanced with a variety of plugins. In this session we will guide you through your local environment, ensuring you have all the prerequisite tools like NodeJS and TypeScript. We will then walk through the Contributing Guide to help you familiarize yourself with the project and the contribution process. From there, we will dive into a curated list of GitHub Issues perfect for first-time contributors. You will have the opportunity to receive help from Backstage experts while we tackle these issues. Embark on your journey of contributing to Backstage and its vibrant community of plugins!
Speakers
avatar for Patrik Oldsberg

Patrik Oldsberg

Senior Engineer, Spotify
Patrik is a Senior Software Engineer at Spotify and a core maintainer of Backstage. In 2019 he joined the team in Spotify’s platform organization that owned the Backstage platform, and worked together with the rest of the team to bring it out in the open. Before joining Spotify... Read More →
avatar for Ben Lambert

Ben Lambert

Core Maintainer of Backstage, Senior Engineer at Spotify, Spotify
Ben is an Engineer at Spotify and a Maintainer of Backstage.io
avatar for André Wanlin

André Wanlin

Customer Success Engineer, Spotify
André, a full Stack Developer from Winnipeg, Manitoba, Canada, is an active member of the Backstage open source project having contributed 3 plugins - Azure DevOps, DevTools, and Linguist - as well as various features, bug fixes and documentation updates. He's often found on the... Read More →
avatar for Paul Schultz

Paul Schultz

Software Engineer, Red Hat
Hi! I'm Paul Schultz, a Software Engineer at Red Hat. I started as an intern in 2021 and now work on open-source projects like Devfile and Backstage. As engineer for Red Hat Developer Hub (based on Backstage), I tackle maintenance challenges – dependencies, version control, automated... Read More →
avatar for Yi Cai

Yi Cai

Software Engineer, Red Hat
Yi Cai is an enthusiastic developer and recent contributor to the Backstage ecosystem. Working with Red Hat, Yi helps deliver the Janus and Red Hat Developer Hub projects, adding valuable features and improving functionality. She migrated plugins from static to dynamic using a team-developed... Read More →
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 A

11:00am MST

🚨 Contribfest: Collaborative WebAssembly Creation with WasmCloud
Thursday November 14, 2024 11:00am - 12:30pm MST
wasmCloud aims to provide a seamless developer experience for building, testing, and deploying WebAssembly components. Join maintainers and community contributors at this Contribfest to build WebAssembly components and enhance wasmCloud's core developer experience. We'll test our newest feature, wash dev, by rapidly building applications in Wasm. With support for Rust, Go, Python, and JavaScript/TypeScript, developers of all backgrounds can get hands-on with Wasm. Since applications built with wasmCloud use the latest Wasm standards, components created during the workshop will benefit the broader Wasm ecosystem. Contributors who find bugs, improvements, or new features can pair program with maintainers to contribute directly to wasmCloud.
Speakers
avatar for Bailey Hayes

Bailey Hayes

CTO, Cosmonic
Bailey Hayes is the CTO at Cosmonic. She believes the future is in distributed systems and WebAssembly (Wasm). She wears many hats in the open source ecosystem from standards to implementations as the W3C WebAssembly WASI Subgroup co-chair, Bytecode Alliance TSC Director, and maintainer... Read More →
avatar for Colin Murphy

Colin Murphy

Senior Software Engineer, Adobe
Colin Murphy is a senior software engineer on the Adobe Express team. Prior to his current role, he was responsible for infrastructure of Adobe Document Cloud microservices, including Adobe Sign and Acrobat Web. He has been responsible for the implementation of major portions of Adobe’s... Read More →
avatar for Taylor Thomas

Taylor Thomas

Engineering Director, Cosmonic
Taylor Thomas is an Engineering Director working on WebAssembly platforms at Cosmonic. He actively participates in the open source community and is one of the creators of Krustlet and Bindle. He is a CNCF Ambassador and a regular speaker at various open source conferences and meetups... Read More →
Thursday November 14, 2024 11:00am - 12:30pm MST
Salt Palace | Level 3 | 355 D

11:00am MST

🚩 Capture The Flag Experience
Thursday November 14, 2024 11:00am - 5:05pm MST
The Capture The Flag (CTF) experience runs concurrently to KubeCon + CloudNativeCon North America 2024!

Delve deeper into the dark and mysterious world of cloud native security! Exploit a supply chain attack and start your journey deep inside the target infrastructure, utilize your position to hunt and collect the flags, and hopefully learn something new and wryly amusing along the way!

Attendees can play three increasingly treacherous and demanding scenarios to bushwhack their way through the dense jungle of cloud native security. Everybody is welcome, from beginner to seasoned veterans, as we venture amongst the low-hanging fruits of insecure configuration and scale the lofty peaks of cluster compromise! Learn more.
Thursday November 14, 2024 11:00am - 5:05pm MST
Salt Palace | Level 2 | 255 A

11:55am MST

Democratizing AI Model Training on Kubernetes with Kubeflow TrainJob and JobSet - Andrey Velichkevich, Apple & Yuki Iwai, CyberAgent, Inc.
Thursday November 14, 2024 11:55am - 12:30pm MST
Running model training on Kubernetes is challenging due to the complexity of AI/ML models, large training datasets, and various distributed strategies like data and model parallelism. It is crucial to configure failure handling, success criteria, and gang-scheduling for large-scale distributed training to ensure fault tolerance and elasticity. This talk will introduce the new Kubeflow TrainJob API, which democratizes distributed training and LLM fine-tuning on Kubernetes. The speakers will demonstrate how TrainJob integrates with Kubernetes JobSet to ensure scalable and efficient AI model training with simplified Python experience for Data Scientists. Additionally, they will explain the innovative concept of reusable and extendable training runtimes within TrainJob. The speakers will highlight how these capabilities empower data scientists to rapidly iterate on their ML development, making Kubernetes more accessible and beneficial for the entire ML ecosystem.
Speakers
avatar for Andrey Velichkevich

Andrey Velichkevich

Senior Software Engineer, Apple
Andrey Velichkevich is a Senior Software Engineer at Apple and is a key contributor to the Kubeflow open-source project. He is a member of Kubeflow Steering Committee and a co-chair of Kubeflow AutoML and Training WG. Additionally, Andrey is an active member of the CNCF WG AI. He... Read More →
avatar for Yuki Iwai

Yuki Iwai

Software Engineer, CyberAgent, Inc.
Yuki is a Software Engineer at CyberAgent, Inc. He works on the internal platform for machine-learning applications and high-performance computing. He is currently a Technical Lead for Kubeflow WG AutoML / Training. He is also a Kubernetes WG Batch active member and a Kubernetes... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML
  • Content Experience Level Any

11:55am MST

Tick, TAG, TOC - Keeping Cloud Native Running - Karena Angell & Emily Fox, Red Hat; Rajas Kakodkar, Broadcom; Alex Chircop, Akamai; Ricardo Aravena, Truera
Thursday November 14, 2024 11:55am - 12:30pm MST
With only so many hours in the day, how does the cloud native community keep things running? Over 190 projects, thousands of contributors, and an array of groups all contribute to what we know as “cloud native” but there is more going on behind the scenes that keep the machine of cloud native running smoothly and driving the technical direction of the landscape. In this panel discussion, you’ll hear from Chairs and Technical Leads of Technical Advisory Group (TAG) Runtime, Storage, App Delivery and the chair of the CNCF Technical Oversight Committee (TOC) on - How they are defining the roadmap for the future - The glue and oil of collaboration between advisory, oversight, and projects’ health - How you can time your engagement with these groups to have an outsized impact! This is not a maintainer track session. While they are separate tracks for specific CNCF TAG and TOC activities, this is meant to be your backstage pass to see how the CNCF landscape gets shaped!
Speakers
avatar for Alex Chircop

Alex Chircop

Chief Product Architect at Akamai, Akamai
Chief Product Architect at Akamai. Previously a founder and CTO of Ondat (formerly StoraeOS), building software defined solutions for cloud native environments. Alex is also a co-chair of the CNCF Storage TAG (previously SIG). Before embarking on the startup adventure he spent over... Read More →
avatar for Ricardo Aravena

Ricardo Aravena

Cloud Native Lead, Truera
Ricardo currently works at TruEra as a Cloud Infrastructure Lead helping automate everything with cloud native technologies. He's an open source enthusiast and co-chair of the CNCF TAG-Runtime. He has been working in tech for more than 20 years and comes from a diverse professional... Read More →
avatar for Karena Angell

Karena Angell

Senior Principal Chief Architect, Red Hat
Karena Angell is a Senior Principal Chief Architect at Red Hat focusing on cloud native application workloads for Kubernetes, open source software projects, as well as solutions for the 'open' hybrid cloud.
avatar for Rajas Kakodkar

Rajas Kakodkar

Staff Software Engineer at Broadcom | Tech Lead CNCF TAG Runtime, Broadcom
Rajas is a staff software engineer at Broadcom and a tech lead of the CNCF Technical Advisory Group, Runtime. He is actively involved in the AI working group in the CNCF. He is a Kubernetes contributor and has been a maintainer of the Kube Proxy Next Gen Project. He has also served... Read More →
avatar for Emily Fox

Emily Fox

Emerging Technologies Security Lead, Red Hat
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She promotes the cross-pollination of development and security practices. She has worked in security for over 14 years to drive a cultural change where security is unobstructive, natural, and... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 254
  Cloud Native Experience
  • Content Experience Level Any

11:55am MST

Scratching the Surface: Simulating K8s in MIT Scratch - Mitch Connors, Microsoft & Jude Connors, Independent
Thursday November 14, 2024 11:55am - 12:30pm MST
Why would anyone re-implement Kubernetes from scratch? And why use Scratch, the graphical programming language from MIT? The best way to understand a machine is to take it apart and put it back together again, but how can we apply this to Kubernetes, which isn’t so easy to take apart? In the code, one is quickly overwhelmed with the nuances of protobufs, channels, and goroutines. Examples can be equally perplexing: why, exactly, would I cuddle a kube? Come see K8s through the eyes of a 14-year-old, re-creating core k8s components in their simplest form with Scratch. Topics include Explain It Like I’m 14 (because one of us is), some surprising things we learned (even after years of working with k8s), and how to pass the torch to the next generation. New users will learn Kubernetes by breaking it down into simple controllers, and veteran contributors will be empowered to tackle the most difficult task of all: explaining your job to your children.
Speakers
avatar for Mitch Connors

Mitch Connors

Principal Software Engineer, Microsoft
Mitch Connors is a Sr. Principal Software Engineer at Aviatrix, and serves on the Istio Technical Oversight Committee. Over the past 17 years, Mitch has worked at Google, F5 Networks, Amazon, an Industrial IoT startup, and State Farm Insurance, giving him a broad perspective on the... Read More →
avatar for Jude Connors

Jude Connors

Professional 14 Year Old, Unemployed
Jude is a freshman in high school with a passion for puzzles, music, and games of every sort.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

11:55am MST

How to Move from Ingress to Gateway API with Minimal Hassle - Keith Mattix, Microsoft
Thursday November 14, 2024 11:55am - 12:30pm MST
For many, the Ingress resource was one of the first Kubernetes APIs they used, adding HTTP routing rules and SSL certs for cluster-external traffic. These APIs are used for production in clusters across the world today, configuring ingress gateways serving hundreds of thousands of connections per second. As of October 2023, the Ingress API has been superseded by the Gateway API, a new set of Kubernetes resources with over 20 implementations that enforces security best practices by design. However, migrating networking APIs is an intimidating task, and doing so safely is every company’s primary concern. Join this session to learn how to make this migration safe by identifying the best migration path, implementing Gateway API best practices, and utilizing community-supported migration tools such as ingress2gateway.
Speakers
avatar for Keith Mattix

Keith Mattix

Senior Software Engineering Lead, Microsoft
Keith Mattix is an Engineering Lead at Microsoft focused on Istio, Gateway API, and other networking projects.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

11:55am MST

Database DevOps: CD for Stateful Applications - Stephen Atwell, Harness.io & Christopher Crow, Pure Storage
Thursday November 14, 2024 11:55am - 12:30pm MST
Running stateful applications on Kubernetes can provide many of the same advantages as stateless applications. In this talk, Stephen and Chris will share some thoughts on managing stateful applications as part of a CD Pipeline so that applications - and the application's data - can be versioned and deployed safely and repeatedly. This talk will discuss managing persistent data within kubernetes, as well as managing structural changes to a database as part of a CD process. With Kubernetes and liquibase, we can provide something better than before: A more testable, repeatable, and open way to deploy stateful applications. This talk features a practical demo of how CD tooling can empower users to automate data migrations within Kubernetes.
Speakers
avatar for Christopher Crow

Christopher Crow

Technical Marketing Engineer, Pure Storage
Chris Crow works as a cloud architect at Portworx. He has worked previously as an education, systems administrator. He is a lifelong open-source enthusiast.
avatar for Stephen Atwell

Stephen Atwell

Principal Product Manager, Harness.io
With over 26 years of technology experience, Stephen focuses on solving problems encountered in his previous roles. Currently he is focused on database devops at harness. He has worn hats ranging from network administrator, to database administrator, to software engineer, to product... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

11:55am MST

Running Quantum-Safe Applications on Kubernetes - Paul Schweigert & Michael Maximilien, IBM Quantum
Thursday November 14, 2024 11:55am - 12:30pm MST
Quantum computers pose a unique threat to computer security, as the encryption standards we rely upon are vulnerable to powerful quantum computers. While those computers are still several years away, "harvest now, decrypt later" attacks put all data not protected using quantum-safe security at risk. So what can we do now to protect our applications? In this talk, Paul will demo how to deploy a quantum-safe application on Kubernetes. He'll provide a brief overview of quantum-safe cryptography and why it's needed, highlight key work being done in the open source community to migrate to quantum-safe cryptography, and conclude with a demo of how to build a quantum-safe cloud-native application. In particular, he'll show where and how to make changes to a Kubernetes environment to ensure users are protected by quantum-safe connections. At the conclusion of this session, listeners will have a set of practical steps they can take to help secure their applications in a post-quantum world.
Speakers
avatar for Michael Maximilien

Michael Maximilien

Distinguished Engineer, IBM
Max is an IBM Distinguished Engineer and leader for the teams contributing to Open Quantum and Serverless. Max has held elected and leadership positions in Cloud Foundry and Knative OSS communities. Max's main expertise are in software engineering and distributed systems. Max published... Read More →
avatar for Paul Schweigert

Paul Schweigert

Senior Software Engineer, IBM
Paul Schweigert works on quantum and serverless technologies at IBM. He has extensive experience in open source (Knative and Kubernetes in particular) and has spoken at numerous conferences. He has also led various platform engineering and data science teams. In a previous life, he... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced
  • Content Experience Level Any

11:55am MST

0.1 to 1.16: How Has Knative Fulfilled Its Vision? - Dave Protasowski, Broadcom & Evan Anderson, Stacklok
Thursday November 14, 2024 11:55am - 12:30pm MST
Knative 0.1 launched approximately 6 years ago. 0.1 promised a number of features, including supporting a developer workflow equivalent to AWS Lambda and other FaaS platforms, but with an “a la carte” design where each component could operate independently. How does that vision look 6 years and 40 releases later? Through the lens of a demo, where does Knative exceed the original vision, and where have things been dropped?
Speakers
avatar for Dave Protasowski

Dave Protasowski

Staff Engineer, VMware/Broadcom
Dave Protasowski is part of Knative Technical Committee and a Serving Working Group Lead. During the night he works at VMware/Broadcom. Prior he worked on Cloud Foundry things at Pivotal.
avatar for Evan Anderson

Evan Anderson

Software Engineer, Stacklok
Co-founder and maintainer on Knative project. Member of sigstore-oncall. Previously worked on Google Compute Engine and Serverless (App Engine, Functions) and in SRE. Principal engineer at Stacklok. Ex-Google, ex-VMware. Author of Building Serverless Applications on Knative by O'Reilly... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

11:55am MST

Cilium: Connecting, Observing, and Securing Kubernetes and Beyond with eBPF - Ahmed Bebars, The New York Times; Liz Rice, Isovalent @ Cisco; Joe Stevens, Ascend.io
Thursday November 14, 2024 11:55am - 12:30pm MST
Welcome to Cilium's maintainer track session where you'll get an update on how Cilium is expanding the frontiers of cloud native networking, observability, and security. Cilium is CNCF's most widely adopted CNI, being the default choice for all major cloud providers. This talk dives into the bytecode behind all of the buzz around the project. We'll start with a brief overview of each part of the project before diving into how Cilium is expanding beyond Kubernetes with load balancing and multi-cloud networking and into runtime enforcement with Tetragon. In this session, you'll hear from Cilium contributors and users Isovalent and The New York Times.
Speakers
avatar for Joe Stevens

Joe Stevens

Tech Lead, Infra - Doer of things, Ascend.io
Kubernetes, multi-cloud, CI/CD, dogs, video games
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent, now part of Cisco
Liz Rice is Chief Open Source Officer at Isovalent, the creators of the Cilium project, and now part of Cisco. Currently on the boards of the CNCF and OpenUK, she was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She... Read More →
avatar for Ahmed Bebars

Ahmed Bebars

Principal Engineer, The New York Times
As a seasoned Principal Engineer on the Delivery Engineering team at The New York Times, I specialize in developing robust and scalable Kubernetes-based solutions. My primary focus is on crafting a secure and flexible runtime environment that is pivotal in empowering service teams... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

11:55am MST

Cluster API Deep Dive - Roadmap to API Graduation - Fabrizio Pandini, Broadcom & Vince Prignano, Apple, Inc.
Thursday November 14, 2024 11:55am - 12:30pm MST
The Cluster API is the de-facto project to manage the lifecycle of Kubernetes clusters at scale using simple declarative APIs. In 2021 the project reached production readiness, and today the community is working towards the next major milestone: graduating the APIs to v1 General Availability. Join us to get an overview how Cluster API is today used in production and discover what's planned for our APIs exciting new features like Karpenter, in-place upgrades, and more.
Speakers
avatar for Fabrizio Pandini

Fabrizio Pandini

Staff Engineer 1, Broadcom
A Kubernetes contributor obsessed with making Kubernetes lifecycle simple and consistent across all types of infrastructures, so everyone can build amazing applications on top of it. When I’m not busy as a SIG Cluster Lifecycle tech lead or as a project maintainer in Cluster API... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

11:55am MST

CNCF TAG Network: Intro & Deep Dive - Lee Calcote, Layer5
Thursday November 14, 2024 11:55am - 12:30pm MST
“It’s the network!” is the cry of every engineer. With the increased prevalence of microservices and distributed systems, it’s true - networking as a discipline has never been more critical in the well-architected design and efficient operation of modern infrastructure. Join this talk for an intro to the TAG, its charter and a deeper discussion of current cloud native networking topics being advanced in this TAG.
Speakers
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus through... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3 | 355 EF

11:55am MST

SIG Autoscaling Projects Update - Jack Francis, Microsoft
Thursday November 14, 2024 11:55am - 12:30pm MST
The last year’s been an exciting time for SIG Autoscaling, with Karpenter being accepted as a subproject just before Kubecon NA 2023, work to support more advanced workload types for operators, and more. Come along to hear about: Karpenter’s first year as a SIG Subproject - what’s happened over the last year, and what we’ve got planned for the next year. Dynamic Resource Allocation - how the SIG is involved in k8s’ efforts to make it easier for users to run cost effective and efficient workloads requiring GPUs and other custom resources. Provisioning Requests and Pod & Node Headroom - new APIs planned for the Cluster Autoscaler and Karpenter to support long standing requests for improved support for batch workloads and from cluster operators. Improvements in the SIG’s processes - the SIG’s been hard at work improving and extending our use of k8s’ test infra, expanding our test coverage, as well as improving our release processes over the last year.
Speakers
avatar for Jack Francis

Jack Francis

Principal Software Engineer, Microsoft
Jack works on open source Kubernetes from his basement in Portland, Oregon, USA. When he’s not working, he’s usually upstairs hanging out with his family. On occasion he straps on a guitar and turns the amp to 11.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 BC

11:55am MST

Cognitive and Self-Adaptive System for Effective Distributed-Tracing in Applications - Mitul Tandon & Akash Gusain, VMware; Susobhit Panigrahi, Broadcom
Thursday November 14, 2024 11:55am - 12:30pm MST
In response to challenges of limited trace capture in dynamic API tracing systems, the solution leverages Machine Learning and Cognitive approach for unbiased trace collection. Unlike existing implementations with a skewed distribution(~5%) towards normal traces, our self-adaptive system dynamically learns to prioritise and capture diverse traces, crucial for effective diagnosis of API failures and performance issues. This innovative approach significantly enhances the SREs ability to triage complex issues, leading to a game-changing reduction in Mean Time to Resolve (MTTR). The Adaptive Sampling approach analyses existing system traces and autonomously adjusts the sampling rate, eliminating manual configs. This ML-based solution outcome includes streamlined trace metric analysis, enhanced reliability work efficiency, and considerable infrastructure cost reduction through targeted trace collection, ultimately making a significant impact on operational effectiveness & reliability
Speakers
avatar for Susobhit Panigrahi

Susobhit Panigrahi

Senior Software Engineer
As a Developer and DevOps Engineer at VMware, I specialize in developing scalable cloud software. My focus includes deploying and managing services with Kubernetes, Helm, and Istio. I'm keen to contribute to the open-source community, especially in Kubernetes and other CNCF projects... Read More →
avatar for Akash Gusain

Akash Gusain

Software Engineer, VMware
Akash Gusain is a Software Engineer at VMware with over two years of experience in building and deploying cloud-native applications. At VMware, Akash has contributed to the development of scalable and robust cloud solutions, demonstrating expertise in various technologies and fra... Read More →
avatar for Mitul Tandon

Mitul Tandon

DevOps Engineer, VMware
A DevOps/SRE Engineer at VMware with 2+ years of experience with working on distributed systems and containerised applications.
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability
  • Content Experience Level Any

11:55am MST

Multi-Zone Clusters Inside and Out - Tom Dean, Buoyant
Thursday November 14, 2024 11:55am - 12:30pm MST
Multi-zone clusters are a great tool for improving application reliability — and also a great way to spend a ton of cash. Why? What really happens when you set these things up? How do you use them effectively without bankrupting your whole organization? In this session, we'll dig into the nuts and bolts of what goes on under the hood of a multi-zone cluster, including what a zone is, what Kubernetes understands about zones, how zones affect routing, and why multi-zone clusters can drive costs up. We'll spend some time on Kubernetes' Topology Aware Routing, covering its advantages as well as its very real limitations. Finally, we'll dive into how you can influence Kubernetes' choices to take advantage of multi-zone clusters' reliability while containing costs. Join us for learning and live demos!
Speakers
avatar for Tom Dean

Tom Dean

Field Engineer, Buoyant
Tom Dean started programming BASIC on Apple IIs over 40 years ago, and has been hooked on tech since then. A long-time user of Linux and Open Source, he has been expanding his Cloud, Cloud Native and adjacent subject matter knowledge to become a more well-rounded technologist, and... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

11:55am MST

Evolving Reddit’s Infrastructure via Principled Platform Abstractions - Karan Thukral & Harvey Xia, Reddit
Thursday November 14, 2024 11:55am - 12:30pm MST
Reddit’s approach to infrastructure management has grown organically over time, adapted to solve tactical, near term problems. We have now reached a point where the only way to scale infrastructure capabilities to a growing engineering organization is through platform abstractions offering self-service management of standardized infrastructure patterns. Beginning in 2021, a concerted effort was made to reimagine infrastructure as an internal platform that empowers both application and infrastructure engineers to build impactful and maintainable systems. We present a case study of Reddit’s ongoing journey in evolving its infrastructure management practices from inefficient, human-in-the-loop processes to efficient, self-service interfaces. By treating Kubernetes as a universal control plane and extending it with custom control processes fronted by well-designed interfaces, we are moving the organization towards this vision. This will cover the the many trade-offs and lessons learnt.
Speakers
avatar for Harvey Xia

Harvey Xia

Staff Engineer, Compute Infrastructure @ Reddit, Reddit
I'm a software engineer with experience across a variety of disciplines including backend engineering, data engineering, and most recently, infrastructure engineering. I specialize in building cloud native infrastructure platform features.
avatar for Karan Thukral

Karan Thukral

Senior Engineer, Compute Infrastructure @ Reddit, Reddit
Karan is a Senior Software Engineer at Reddit working on the Compute team to build an easy to use internal developer platform which is scalable and reliable. He has been working in this problem space since 2017 building both internal and external developer platforms including App... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering
  • Content Experience Level Any

11:55am MST

From Chaos to Calm: Building a Unified and Scalable CI/CD Pipeline at Akamai - Tomer Patel, Akamai Technologies Inc.
Thursday November 14, 2024 11:55am - 12:30pm MST
Are you struggling with a chaotic development process? Join Akamai's talk and discover how we built a unified and scalable CI/CD pipeline, saving 40% of our QA, Performance, Dev, and Ops daily work, and how you can do that in your organization! This session dives into the architecture, key features, and its impact on development efficiency. You will learn how to: - Conquer cloud-native deployments by adding the right tools - such as Argo Rollouts, and Backstage - Integrate CI/CD tools (ArgoCD, Jenkins, DevSpace, Grafana, Prometheus, Thanos) for a smoother workflow. - Leverage best-in-breed, cost-efficient open-source solutions
Speakers
avatar for Tomer Patel

Tomer Patel

Senior Engineering Manager, Akamai Technologies Inc.
Tomer currently works as Senior Engineering Manager at Akamai Technologies, where he leads a group of Data engineers, Software developers and DevOps at scale. Previously Tomer worked as Team Lead at Clarizen (Now Planview).
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 2 | 250
  SDLC

11:55am MST

What Agent to Trust with Your K8s: Falco, Tetragon or KubeArmor? - Henrik Rexed, Dynatrace
Thursday November 14, 2024 11:55am - 12:30pm MST
In the CNCF landscape we have plenty of ebpf based security solutions that help us protect our k8s cluster from runtime vulnerabilities. On paper though Falco, Tetragon and KubeArmor look very similar. Eventually you have to make a choice on which one best fits your needs. To give you additional insights to make your decision join this session. We have run extensive benchmarks against those three solutions and will answer the following questions that came out of our testing: - What are the different featuresets? - What about the performance impact of each agent? - Which privileges does each solution need? - What are the pros and cons across the three options?
Speakers
avatar for Henrik Rexed

Henrik Rexed

Cloud Native Advocate, Dynatrace
Henrik is a Cloud Native Advocate at Dynatrace, the leading Observability platform. Prior to Dynatrace, Henrik has worked more than 15 years, as Performance Engineer. Henrik Rexed Is Also one of the Organizer of the conferences named WOPR, KCD Austria and the owner of the Youtube... Read More →
Thursday November 14, 2024 11:55am - 12:30pm MST
Salt Palace | Level 1 | 151
  Security

12:30pm MST

Lunch 🍲
Thursday November 14, 2024 12:30pm - 2:30pm MST
Thursday November 14, 2024 12:30pm - 2:30pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

12:30pm MST

An Equitable Approach to Higher Team Performance | DEI Lunch + Workshop Sponsored by Intel
Thursday November 14, 2024 12:30pm - 2:30pm MST
Join this special lunch program featuring a workshop on The Lift Up leadership style. This style actively leads with diversity, equity and inclusion - and ultimately gets better results for a team and organization. Anyone can lead from any role and use these concepts. Participants will be guided through discussion and tools to reflect on their own leadership style and how to move into a Lift Up style of equitable leadership.

Seating is limited and will be available on a first come, first served basis.

Thank you to our sponsor, Intel!
Thursday November 14, 2024 12:30pm - 2:30pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A

1:00pm MST

Project Pavilion Tour with Orlin Vasilev, CNCF Ambassador
Thursday November 14, 2024 1:00pm - 1:20pm MST
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Thursday November 14, 2024 1:00pm - 1:20pm MST
Salt Palace | Level 1 | Halls A-C + 1-5 | Solutions Showcase

2:30pm MST

Unlocking Potential of Large Models in Production - Yuan Tang, Red Hat & Adam Tetelman, NVIDIA
Thursday November 14, 2024 2:30pm - 3:05pm MST
The recent paradigm shift from traditional ML to GenAI and LLMs has brought with it a new set of non-trivial LLMOps challenges around deployment, scaling, and operations that make building an inference platform to meet all business requirements an unsolved problem. This talk highlights these new challenges along with best-practices and solutions for building out large, scalable, and reliable inference platforms on top of cloud native technologies such as Kubernetes, Kubeflow, Kserve, and Knative. Which tools help effectively benchmark and assess the quality of an LLM? What type of storage and caching solutions enable quick auto-scaling and model downloads? How can you ensure your model is optimized for the specialized accelerators running in your cluster? How can A/B testing or rolling upgrades be accomplished with limited compute? What exactly do you monitor in an LLM? In this session we will use KServe as a case study to answer these questions and more.
Speakers
avatar for Yuan Tang

Yuan Tang

Principal Software Engineer, Red Hat
Yuan is a principal software engineer at Red Hat, working on OpenShift AI. Previously, he has led AI infrastructure and platform teams at various companies. He holds leadership positions in open source projects, including Argo, Kubeflow, and Kubernetes. He's also a maintainer and... Read More →
avatar for Adam Tetelman

Adam Tetelman

Principal Product Architect, NVIDIA
Adam Tetelman is a principal architect at NVIDIA leading cloud native initiatives and CNCF engagements across the company; building inference platforms for NVIDIA AI Enterprise and DGX Cloud. He has degrees in computational robotics, computer & systems engineering, and cognitive science... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 EF
  AI + ML

2:30pm MST

What Istio Got Wrong: Learnings from the Last Seven Years of Service Mesh - Christian Posta & Louis Ryan, Solo.io
Thursday November 14, 2024 2:30pm - 3:05pm MST
Building complex systems often requires simplicity in components—a lesson the Istio project has learned throughout its seven(plus)-year journey. Although Istio offers a lot of powerful features for application networking, crucial for many organizations, the path to maturity and broader adoption was fraught with challenges. In this talk, we explore the key mistakes made during Istio's development, including its initially complex architecture, an overload of features, premature release of version 1.0, difficulties faced by contributors, and delays in joining the CNCF. We will discuss the impact of these mistakes, how these missteps were addressed, and how they have positioned Istio as a leader in the service mesh market. This presentation will detail how Istio's evolution reflects a shift towards simpler, more modular components that together offer effective solutions for managing APIs and service-to-service communication regardless of platform.
Speakers
avatar for Louis Ryan

Louis Ryan

CTO, Solo.io
Co-creator of Istio and gRPC
avatar for Christian Posta

Christian Posta

Global Field CTO, Solo.io
Christian Posta (@christianposta) is Global Field CTO at Solo.io. He is the author of Istio in Action and many other books on cloud-native architecture. He's well known in the cloud-native community for being a speaker, blogger (https://blog.christianposta.com) and contributor to... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 254
  Cloud Native Experience
  • Content Experience Level Any

2:30pm MST

Solving the Kubernetes Networking API Rubik's Cube - Doug Smith & Surya Seetharaman, Red Hat; Shane Utt, Kong; Lior Lieberman, Google
Thursday November 14, 2024 2:30pm - 3:05pm MST
AI/ML use cases are steering the Kubernetes wheel in exciting directions. If you’re interested in networking, it might be having a bigger impact on changes to core Kubernetes than you think. Are you hearing the acronyms DRA (Dynamic Resource Allocation) and KNI (Kubernetes Networking Interface) a LOT in the ecosystem lately and wondering how they are connected to AI/ML-Networking, Multi-Networking and CNI? We love the GPU allocation aspects of DRA - but did you know there are considerations for allocating hardware devices for networking too? You might be familiar with CNI - but have you come across the KNI effort to build a standardized set of Kubernetes Networking APIs? For those who are new to Kubernetes networking, trying to solve this networking Rubik’s cube can feel overwhelming. Join us for a fun and informative session where we'll simplify the landscape and help you fit the puzzle pieces together. Leave with confidence to navigate and contribute in this rapidly evolving space.
Speakers
avatar for Doug Smith

Doug Smith

Principal Engineer, Red Hat, Inc
Doug Smith is a Principal Software Engineer for OpenShift Engineering at Red Hat. Focusing on Network Function Virtualization and container technologies, Doug integrates new networking technologies with container systems like Kubernetes and OpenShift. He is a member of the Network... Read More →
avatar for Surya Seetharaman

Surya Seetharaman

Principal Software Engineer, Red Hat Inc.
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Principal Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems... Read More →
avatar for Shane Utt

Shane Utt

Senior Principal Software Engineer, Red Hat
TODO
avatar for Lior Lieberman

Lior Lieberman

Site Reliability Engineer, Google
Lior is site reliability engineer at Google working on Google Compute Engine. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 251
  Cloud Native Novice

2:30pm MST

How the Tables Have Turned: Kubernetes Says Goodbye to Iptables - Casey Davenport, Tigera & Dan Winship, Red Hat
Thursday November 14, 2024 2:30pm - 3:05pm MST
For decades, iptables has been the preferred packet filtering system in the Linux kernel. Used extensively across the Kubernetes networking ecosystem, iptables is now on the way out and is expected to be removed from the next generation of Linux distributions. With iptables past its prime, where does that leave Kubernetes? The successor to iptables -- nftables -- is ready to carry the torch instead, with a newly released beta kube-proxy implementation in v1.31 and network policy using Calico’s nftables backend. In this talk, Dan and Casey will share what they have learned building Kubernetes Service and NetworkPolicy implementations using nftables. They will cover the history and current status of iptables usage in Kubernetes, the capabilities and performance characteristics of Kubernetes networks running on nftables, and why eBPF may not be the right tool for the job.
Speakers
avatar for Casey Davenport

Casey Davenport

Casey Davenport, Tigera
Casey is a core developer on Calico and has been building Kubernetes networking systems since 2016.
avatar for Dan Winship

Dan Winship

Senior Principal Software Engineer, Red Hat
Dan is a Tech Lead for Kubernetes SIG Network and has been working on Kubernetes and OpenShift networking at Red Hat since 2016.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 EF
  Connectivity

2:30pm MST

Distributed Cache Empowers AI/ML Workloads on Kubernetes Cluster - Yuichiro Ueno & Toru Komatsu, Preferred Networks, Inc.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Today, storage technologies play a fundamental role in the realm of AI/ML. Read performance is essential for swiftly moving datasets from storage to AI accelerators. However, the rapid enhancement of AI accelerators' performance often outpaces I/O, bottlenecks the training. Due to the scheduling of pods in Kubernetes across multiple nodes, utilizing node-local storage effectively presents a challenge. To address this, we introduce a distributed cache system built atop node-local storages, designed for AI/ML workloads. This cache system has been successfully deployed on our on-premise 1024+ GPUs Kubernetes cluster within a multi-tenancy environment. Throughout our two-year experience operating this cache system, we have overcome numerous hurdles across several components, including the I/O library, load balancers, and the storage backend. We will share the challenges and the solutions we implemented, leading to a system delivering 50+ GB/s throughput and less than 2ms latency.
Speakers
avatar for Toru Komatsu

Toru Komatsu

Engineer, Preferred Networks, Inc.
Toru is a machine learning platform engineer at Preferred Networks in Japan. He is the creator and lead developer of youki, an OCI Runtime in Rust, and a maintainer of the OCI Runtime Specification. Additionally, he serves as a reviewer for runwasi and is involved in developing a world that utilizes containers and Wasm. Additionally, he is a member of the Kubernetes org and is especially interested in... Read More →
avatar for Yuichiro Ueno

Yuichiro Ueno

Engineer, Preferred Networks, Inc.
He is currently a machine learning platform engineer at Preferred Networks in Japan. His research and engineering interests include a range of high-performance computing (distributed deep learning, networking/RDMA, and storage technologies), performance engineering, and Kubernete... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom A
  Data Processing + Storage

2:30pm MST

Running WebAssembly (Wasm) Workloads Side-by-Side with Container Workloads - Jiaxiao Zhou, Microsoft
Thursday November 14, 2024 2:30pm - 3:05pm MST
Sidecar containers are a powerful Kubernetes design pattern, running alongside the main application within the same pod to provide supporting features like observability, configuration and communication. However, sidecars can be resource-intensive, adding up to high CPU, memory and network bandwidth usage. WebAssembly (Wasm) offers a solution with its low resource usage and minimal memory footprint compared to Linux containers. Its quick start-up time enables scale-to-zero capability, making it a perfect fit for sidecar containers. The Containerd Runwasi project extends the sidecar pattern by enabling Kubernetes-native deployment and management of Wasm workloads.This talk will show how you can get started deploying Wasm sidecars to support your primary services with additional functionality. It will conclude with a demo of integrating these Wasm sidecars with your existing sidecar framework, whether that be Service Mesh or Dapr. Tune in to see Wasm sidecars on Kubernetes!
Speakers
avatar for Jiaxiao Zhou

Jiaxiao Zhou

Software Engineer, Microsoft
Jiaxiao (Joe) Zhou is a Software Engineer at Microsoft. He is on the Azure Container Upstream team and works on bringing WebAssembly to the cloud through projects like "runwasi", "SpiderLightning", and "containerd-wasm-shims". He is a Recognized Contributor to the Bytecode Alliance... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 2 | 255 BC
  Emerging + Advanced

2:30pm MST

Applications, Platforms, and Infrastructure Oh My! What Is the TAG App Delivery Doing to Support You - Daniel Oh, Red Hat; Roberth Strand, Sopra Steria; Ryan Nowak, Microsoft; Abby Bangser, Syntasso
Thursday November 14, 2024 2:30pm - 3:05pm MST
TAG App Delivery focuses on how organizations can deliver cloud-native applications. To succeed, there are a number of hard questions that need to be answered: How can platform teams do a better job of enabling developers? How can developers help platform teams to understand better their development needs and their technology stack specific requirements? Which artifacts will be created and by whom? What does it take to provision a development environment? Which tools are involved? This panel will highlight how the TAG Working Groups including App Development, Platform, Infrastructure, and Artifacts are helping build a unified view of how to successfully deliver cloud native applications at scale.
Speakers
avatar for Daniel Oh

Daniel Oh

Senior Principal Developer Advocate, Red Hat
Daniel Oh is a Java Champion and Senior Principal Developer Advocate at Red Hat to evangelize developers for building cloud-native apps and serverless ob Kubernetes ecosystems. He's also contributing to various cloud open-source projects and ecosystems as a CNCF ambassador for accelerating... Read More →
avatar for Abby Bangser

Abby Bangser

Principal Engineer, Syntasso
Abby is a Principal Engineer at Syntasso delivering Kratix, an open-source cloud-native framework for building internal platforms on Kubernetes. Her keen interest in supporting internal development comes from over a decade of experience in consulting and product delivery roles across... Read More →
avatar for Roberth Strand

Roberth Strand

Principal Cloud Native Architect, Sopra Steria
Roberth is a self-proclaimed "cloud automator", and works primarily with Microsoft Azure infrastructure, Platform Engineering, DevOps and Cloud Native technology. He has been awarded the title Microsoft Azure MVP (2021, 2022, 2023), CNCF Ambassador (2023), as well as HashiCorp Ambassador... Read More →
avatar for Ryan Nowak

Ryan Nowak

Incubations Architect, Microsoft
Ryan is an architect working on open-source projects from the Azure CTO's office. He's passionate about designing software for humans, incubating risky ideas, releasing them in open-source so everyone can benefit. At Microsoft, he's had a 15+ year career building developer-centric... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3 | 355 EF

2:30pm MST

Bare Metal Kubernetes with KOps: Gathering Community Wisdom - Justin Santa Barbara, Google & Ciprian Hacman, Microsoft
Thursday November 14, 2024 2:30pm - 3:05pm MST
Kubernetes on bare metal presents unique challenges compared to cloud deployments. While kOps is optimized for cloud environments, we have begun to explore bare metal support and identify key architectural trade-offs. We'll examine common architectures for bare metal Kubernetes, such as node discovery and availability without cloud services. Introducing a VM layer creates a familiar Kubernetes environment but adds complexity and can limit hardware performance. We'll discuss managing devices like GPUs and the need for tooling when hardware health isn't verified by a cloud provider. This talk will delve into the kOps project and its potential in supporting bare metal Kubernetes. However, our primary goal is to learn from the community. We invite you to share your successes, struggles, and insights to shape the future of our tooling for bare metal. Your feedback is crucial in guiding our development and ensuring kOps meets the needs of those deploying Kubernetes on bare metal.
Speakers
avatar for Justin Santa Barbara

Justin Santa Barbara

Software Engineer, Google
Justin has been contributing to kubernetes since 2014, initially as the primary maintainer of the kubernetes AWS support, he also started the kOps project. He loves helping users adopt and grow their use of kubernetes, and believes that we have only scratched the surface of the kubernetes... Read More →
avatar for Ciprian Hacman

Ciprian Hacman

Software Engineer, Microsoft
Ciprian Hacman is a Software Engineer, working with cloud-native technologies. He is also an open source project maintainer for kOps (Kubernetes Operations), etcd-manager, cloud-provider-aws and frequent contributor to other projects in the Kubernetes ecosystem.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom A

2:30pm MST

Celebrating Prometheus 3.0: A Deep Dive with the Maintainers - Kemal Akkoyun, fal.ai & Josh Abreu, Grafana Labs
Thursday November 14, 2024 2:30pm - 3:05pm MST
Prometheus is an open-source systems monitoring system and a CNCF Graduate project. It benefits from a rich ecosystem, including Alertmanager, efficient client libraries for many languages, the Prometheus Operator to install on Kubernetes, and numerous Exporters to provide the raw data. This year, Prometheus releases the 3.0 version, which includes new features, a refreshed UI/UX, and plenty of new things that build on what has worked well for years. Join two Prometheus maintainers, Josh and Kemal, to celebrate the 3.0 version and learn what it enables for new and existing users, how to upgrade, and how to get the most out of the latest version! Prepare tons of questions; we will have a lot of interactive time for questions; we want to hear community feedback!
Speakers
avatar for Kemal Akkoyun

Kemal Akkoyun

Staff Software Engineer, Independent
Software Infrastructure Engineer. Programmer. Open Source Enthusiast. I help to build large-scale, distributed, real-time microservice systems and observability infrastructure.
avatar for Josue Abreu

Josue Abreu

Principal Software Engineer, Grafana Labs
Josue (Josh) Abreu has been involved in observability for the past 4 years. As a relative newcomer to this world, he was often puzzled at how alerting would function on a small and big scale. Josue works as the Alerting Lead at Grafana Labs and is a Prometheus Maintainer. Over a 10-year... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom CDE

2:30pm MST

Cortex Intro: Multi-Tenant Scalable Prometheus - Charlie Le, Apple & Daniel Blando, Amazon
Thursday November 14, 2024 2:30pm - 3:05pm MST
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus. In this talk, we will do an introduction of Cortex architecture and project status. We will also walk through those new features added to Cortex and how to utilize them efficiently in production.
Speakers
avatar for Charlie Le

Charlie Le

Senior Software Engineer, Apple
Charlie is a software engineer at Apple, specializing in building and scaling cloud native observability solutions and infrastructure. Deeply inspired by the collaborative spirit of open source, he actively contributes to projects like Cortex and OpenTelemetry, shaping the future... Read More →
avatar for Daniel Blando

Daniel Blando

AWS, Senior SDE, Cortex, Amazon
Daniel Blando is a Senior Software Engineer at AWS in the Amazon Managed Prometheus (AMP) team. He currently works with Cortex, Thanos, Prometheus among others open source projects. He is working to make Cortex more scalable and highly available recently focusing on the write path... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Hyatt Regency | Level 4 | Regency Ballroom BCD

2:30pm MST

Kubernetes SIG Storage: Intro & Deep Dive - Saad Ali & Michelle Au, Google; Xing Yang, VMware by Broadcom; Hemant Kumar, Red Hat
Thursday November 14, 2024 2:30pm - 3:05pm MST
Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled, storage capacity management (container ephemeral storage usage, volume resizing, etc.), influencing scheduling of containers based on storage (data gravity, availability, etc.), and generic operations on storage (snapshotting, etc.). SIG Storage also has a project that provides APIs for object storage support in Kubernetes. In this session, we will deep dive into some projects that SIG Storage is currently working on, provide an update on the current status, and discuss what might be coming in the future.
Speakers
HK

Hemant Kumar

Principal Software Engineer, Red Hat
Hemant is a Principal Software Engineer at Red Hat working on storage subsystem of Kubernetes. He is a member of SIG-Storage and author of persistent volume expansion, volume limits, mount options and various instrumentation bits in storage subsystems of Kubernetes. He is also a maintainer... Read More →
avatar for Saad Ali

Saad Ali

Senior Engineering Manager, Google
Saad Ali is a Senior Engineering Manager at Google. He works on Google Distributed Cloud and the open-source Kubernetes project. He led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, has served as member of the CNCF... Read More →
avatar for Michelle Au

Michelle Au

Software Engineer, Google
Michelle Au is a software engineer at Google and is a Kubernetes SIG Storage tech lead. She has been a Kubernetes maintainer since 2018, working on projects including the Container Storage Interface, volume security, volume topology, and local persistent storage.
avatar for Xing Yang

Xing Yang

Tech Lead, VMware by Broadcom
Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware by Broadcom. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 3| 355 BC

2:30pm MST

Low-Overhead, Zero-Instrumentation, Continuous Profiling for OpenTelemetry - Christos Kalkanis, Elastic
Thursday November 14, 2024 2:30pm - 3:05pm MST
Elastic has recently donated its whole-system continuous profiling agent to OpenTelemetry. After a thorough community review process, the donation was enthusiastically accepted. Leveraging eBPF, the profiling agent provides unprecedented visibility into the runtime behavior of all applications: it builds stacktraces that go from the kernel to userspace native code, all the way into code running into higher level runtimes, enabling users to identify performance regressions, reduce wasteful computations, and debug complex issues faster. This session will explore: - Benefits of eBPF-based continuous profiling compared to conventional approaches that rely on application instrumentation - How the agent builds profiles that seamlessly span kernel, native code and most widely used application runtimes - Integration with the rest of OpenTelemetry: OTLP and Collector
Speakers
avatar for Christos Kalkanis

Christos Kalkanis

Principal Software Engineer, Elastic
Christos is the technical lead for the edge collection group at Elastic, a maintainer for the OpenTelemetry Profiling SIG and a co-author of the donated OpenTelemetry profiling agent previously known as the Elastic Universal Profiling agent. After more than a decade of focusing on... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Observability

2:30pm MST

One Inventory to Rule Them All: Standardizing Multicluster Management - Corentin Debains, Google & Ryan Zhang, Microsoft
Thursday November 14, 2024 2:30pm - 3:05pm MST
Most Kubernetes users run more than one cluster, and some run hundreds or more. Crossing cluster boundaries has always been a challenge, because most Kubernetes APIs, tools, and operators are cluster-centric. In fact, there’s a remarkable lack of standard tools and patterns for multi-cluster. Over time users have found ways to stitch clusters together but the community has been asking for standardization.To share multi-cluster tools, Kubernetes sig-multicluster has introduced the “ClusterProfile” API, a critical building block for multi-cluster capabilities. This API provides a canonical way for multicluster controllers and users to iterate over clusters, and to install or manage multi-cluster features. In this talk, we will look at some of the problems inherent to multi-clustering, explain the concepts introduced by this new API and look at implementations and consumers of it.We dive into real life examples of patterns and usage, with products such as Kueue, ArgoCD, and Argo workflow.
Speakers
avatar for Ryan Zhang

Ryan Zhang

Principal Software Engineering Manager, Microsoft
Dr. Ryan Zhang is a Principal Software Engineering Manager at Microsoft, working on Azure Kubernetes Service Team. Ryan has been working on Cloud Native open source projects for the past few years including CloudEvents, Open Application Model (OAM) and multi-cluster related initi... Read More →
avatar for Corentin Debains

Corentin Debains

Software Engineer, Google
Corentin Debains is a software engineer at Google working on the GKE Fleet (multicluster platform). He is an active member of Kubernetes’ special interest group sig-multicluster.
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | 155 BC
  Operations + Performance

2:30pm MST

Exceeded Your Validation Cost Budget? Now What? - Joel Speed, Red Hat
Thursday November 14, 2024 2:30pm - 3:05pm MST
With the introduction of the common expression language (CEL) for writing complex validations, this is also brought in validation cost budgeting. It can be easy to violate this budget and difficult to work out how to reduce your validation cost. This talk with dive into the runtime cost budgeting and help to prevent those pesky errors! In this talk, we will cover the basics of CEL to set some groundwork before taking a look at some relatively simple CEL validations that cause the API server to reject your CRD definition. We will look at why the API server suggests that the runtime cost is over 100x the allowable cost budget, exploring how it came to that conclusion, and what you need to know when building your own APIs to be able to prevent that from happening. When you walk away from this talk, you should understand the various factors that contribute to your CEL runtime cost and be able to prevent errors in the future, improving CRD validation one field at a time!
Speakers
avatar for Joel Speed

Joel Speed

Principal Software Engineer, Red Hat
Joel has been working with Kubernetes and building controllers since 2017. Joel cut his teeth with Kubernetes as an SRE, before eventually moving into full software development at Red Hat where he leads the Cluster Infrastructure team, responsible for both Cloud Controller Managers... Read More →
Thursday November 14, 2024 2:30pm - 3:05pm MST
Salt Palace | Level 1 | Grand Ballroom H
  Platform Engineering

2:30pm MST

Mastering Cell-Based Architecture: Practical Solutions and Best Practices - Shweta Vohra, Booking.com & Asanka Abeysinghe, WSO2
Thursday November 14, 2024 2:30pm - 3:05pm MST
Are you struggling to validate your cell boundaries or facing challenges with greenfield versus brownfield cell-based architectures (CBA)? Do you find it difficult to define enterprise-wide cell boundaries or wish there were best practices to guide you? If these pain points sound familiar, this session is tailored for you. In this talk, we will first guide you through the process of defining an enterprise-wide cell-based architecture for your organization or context. Then we will explore best practices for greenfield, brownfield, and hybrid cell implementations using CBA. By translating common user challenges into actionable implementation references, we aim to elevate your understanding of CBA with real-world use cases and best practices. This session will also cover best practices for the data, security, application, and infrastructure layers, ensuring a comprehensive approach to CBA implementation. Join us to take your knowledge of CBA to the next level!
Speakers
avatar for Asanka Abeysinghe

Asanka Abeysinghe

CTO, WSO2
Asanka, WSO2's CTO, is a technology visionary with over 20 years of experience designing and implementing scalable distributed systems, microservices, and business integration solutions. He advances WSO2's corporate reference architecture, collaborates with customers and industry.