The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Mountain Standard Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis.
Sign up or log in to bookmark your favorites and sync them to your phone or calendar.
Join us for a rapid-fire journey through the CNCF ecosystem, where experts, including project maintainers and community members, share insights, innovations, and real-world applications of Cloud Native Computing Foundation projects. Each project has just five minutes to present, promising to enlighten and inspire with cutting-edge tools and practices that shape the future of cloud-native development. Whether you're a seasoned pro or just getting started, there's something for everyone in the world of Cloud Native Computing!
FAQ: Do I need an all-access pass to attend the project lightning talks? No, you will only need your KubeCon + CloudNativeCon only pass for access.
“Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. Why you ask? We currently have over 190 projects, and finding information about them can be a challenge. “Just go to the website” isn’t enough, sometimes you need a guide to show you the ropes. In these introductory sessions we will go over some of the diverse set of projects inside the CNCF so that you’re well equipped to find what you’re looking for at KubeCon.
In this talk, we will introduce the CNCF Storage TAG, discuss how we work with TOC and CNCF Storage projects, and highlight the work we have done to build guidance and write whitepapers for the ecosystem. Join us to find out how to contribute and participate in the CNCF storage community.
Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled. There is the Container Storage Interface (CSI) for block and file storage that allows storage providers to write CSI drivers. There is also Container Object Storage Interface (COSI) that is adding object storage support in Kubernetes. In this lightning talk, we will highlight some projects that SIG Storage has been working on.
Cloud Native Buildpacks transform your application source code into images that can run on any cloud. They enable advanced caching mechanisms that improve performance at scale. They also allow for modularity and reuse, which ensure developers across your organization aren’t wasting cycles repeating what other teams have already done.
After this short talk, you’ll be able to run buildpacks with the Pack CLI and find off-the-shelf buildpacks in the Buildpack Registry, including those from Google, Heroku, and Paketo. Finally, you’ll learn how operators of large platforms use buildpacks to make their container builds as scalable as possible.
Join us for a lightning talk on ""arewefastyet"", the benchmarking tool used by Vitess. We will present the highlights of our benchmarking methods and share insights from the LFX Mentorship program. Our LFX mentee will present their work and share their experience with open-source contributions and the LFX Mentorship program. Learn about the latest in Vitess performance and the role of mentorship in driving innovation.
Strimzi is a CNCF incubating project focusing on running Apache Kafka on Kubernetes. It provides a set of operators and other tools to make data streaming on Kubernetes as simple as possible. This lightning talk will give a quick introduction to Strimzi and its capabilities. It will also provide an update on the current and planned work - go through the main changes and new features and cover the future plans.
In this session, we will provide project updates. Mostly focused on the future of Jaeger as we move towards our next major version V2, and further integration with the OpenTelemetry project. We will also include project updates since the last Kubecon in North America.
Kepler is envisioned for utmost transparency in estimating container power usage and offering insights into container energy efficiency and carbon footprint. Since Kepler's acceptance into the CNCF Sandbox one year ago, the project has significantly expanded its community and visibility. In this session, we will showcase our latest community engagements and updates, focusing on advancements in metric collection and power modeling. These include the adoption of cilium-go and the introduction of a new validation framework, promising to further enhance robustness.
Why is OpenTelemetry so complicated? is a question that we hear -- a lot! There's a lot of reasons for it, and in this lightning talk, we'll briefly touch on the fundamentals behind the OpenTelemetry design and architecture, and why those design decisions help enable the projects goal of making observability a built-in feature of cloud-native software.
Prometheus is an open-source systems monitoring system, and a CNCF Graduated project.
This year Prometheus releases the 3.0 version, which comes with the new features, refreshed UI, UX cleanup, while building on top of what worked well for years!
Join this lightning talk to celebrate the Prometheus 3.0 version and learn what it enables for new and existing users, how to upgrade and how to get the most out of the new version!
Having correlated metrics, traces, and logs from our services and infrastructure is a vital component of observability. We will discuss what’s possible with OpenTelemetry and where the gaps are with today’s open source tools.
eBPF is a powerful tool for observability. But better tooling can make it even more powerful and, importantly, more approachable. In this short talk, we’ll use the mechanisms Inspektor Gadget has for distributing and deploying eBPF programs to quickly build a data collection pipeline with eBPF that can be integrated with popular observability tools or one's own applications. By the end of the talk, the audience should feel empowered to work with eBPF using the high-level tooling and integrate it into their systems and tooling.
The recent advancements in eBPF tooling, including the enhanced eBPF runtime embedded in the Linux kernel, the BPF Compiler Collection (BCC) for efficient kernel tracing, and the LLVM Compiler for converting C code to eBPF programs, have made it easier to provide always-on network visibility. OpenTelemetry Network leverages these foundational tools to provide out-of-the-box network observability for modern infrastructures.
In this talk, we'll explore the architecture of the OTel Network, focusing on its key components: the kernel collector, kubernetes collector, cloud collector, and reducer which together enable collecting, ingesting, aggregating, enriching, and exporting telemetry data collected from various sources. We'll show an end-to-end setup to demonstrate the use of these agents and reducer component to send data to the OTel collector. This session aims to equip end-users and contributors with the necessary information to get started with the OpenTelemetry Network project.
In this short session we will do a highlight on what's new in Fluent Bit v3: new processors, integrations with OpenTelemetry, performance improvements and much more!
Crossplane (https://www.crossplane.io/) and its user experience has matured greatly over the years and there are now numerous layers you can interact with while designing and building your internal developer platform powered by Crossplane.
Should you directly declare the cloud resources you want Crossplane to create, should you create developer friendly simplified abstractions on top, should you stick with YAML or use a more full featured high level programming language?
We will explore each of these layers in further detail and provide practical examples in this lightning tour of the broad possibilities offered by Crossplane, all of which lead to a reliable and robust control plane to manage everything in the cloud that your organization could need!
Discover how the k8gb project brings global load balancing to Kubernetes clusters. This talk will introduce the k8gb project, highlighting its core features such as global load balancing, high availability, seamless failover, and its new extensibility feature that allows integration with various resources like Gateways and non-HTTP Services. Learn about its architecture, real-world use cases, future plans, and how you can get involved.
gRPC has found widespread adoption in organizations around the world. You've probably written a protobuf yourself to define your own API. But did you know that the gRPC project actually defines several standard gRPC services that are generally applicable. In this talk, you will learn about gRPC's reflection, health, channelz, and status protos and how you can use them to get more out of your gRPC-based system.
wasmCloud released its 1.0 version in April of this year. Since then, the project has done everything but slow down. Maintainer Brooks Townsend demonstrates how wasmCloud enables users to build and orchestrate WebAssembly (Wasm) applications across distributed infrastructure. Learn how wasmCloud integrates the latest developments in WebAssembly standards to help users create and deploy applications “building block” style—connecting portable, interoperable Wasm components so they can focus on business logic. In this lightning project update, Brooks discusses wasmCloud’s component support, distributed networking, declarative orchestration, OpenTelemetry observability, the project roadmap, and more.
Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the (Secrets Store) CSI Driver and Sync Controller, sig-auth subprojects providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault.
In this lightning talk, Anish will introduce you to the (Secrets Store) CSI driver and Sync controller and discuss trade-offs of the CSI driver versus Sync controller.
Open Cluster Management (OCM) addresses the challenges of managing multiple Kubernetes distributions, providing open APIs for cluster registration, workload distribution, dynamic placement of policies, and more. The placement concept allows dynamic selection of clusters, enabling users to replicate Kubernetes resources or run advanced workloads across member clusters. For instance, as an application developer, I can deploy workloads to clusters with the most available memory and CPU. With the rise of AI technology, there's an increasing need to schedule AI workloads based on GPU/TPU resources. In this talk, we will demonstrate how to utilize the extensible placement scheduling mechanism and a GPU/TPU resource collector addon. Using an addon template, this setup can provide an AddonPlacementScore, facilitating placement decisions based on GPU/TPU resources. This approach enables OCM API consumers to intelligently schedule AI workloads to the most optimal clusters.
SREs have been constantly asked to look for solutions to help them migrate K8S services from one Cloud cluster to another Cloud cluster while continuing to provide secure access to managed Cloud services left behind in the original Cloud.
The K8S services securely access these managed services using private endpoint FQDN. When SREs are asked to move the K8S services to a different Cloud cluster they hit a roadblock - there is no easy solution to provide private endpoint FQDN access to a managed service from a remote Cloud cluster.
CNCF sandbox project KubeSlice solves this use case in an elegant way.
KubeSlice enables SREs to create a Slice across clusters and slice overlay network connects services in the clusters. An external services gateway on the Slice in the original Cloud cluster will provide access to managed services via alias service FQDN import. Services in other clusters can reach the cloud service via the same private endpoint FQDN resolved by the Slice DNS .
Supply chain security is an increasingly important issue in cloud-native computing. It is common for pipelines to build and push images to the cluster, but uncommon for those images to be removed from a node’s local store once a CVE has been disclosed. Kubernetes has no built-in solution to this problem: its garbage collection only responds to disk pressure. As images become outdated, they present a risk as users may run a vulnerable container. Eraser, a CNCF sandbox project, is an open source solution that automates the scanning and removal of non-running images. What distinguishes Eraser is that it gives more control over removal: the developer decides what gets removed and when. By default, Eraser uses Trivy to scan images based on a given threshold of vulnerability. Images can also be removed based on custom logic, including support for using different scanners. The talk will begin with an overview of Eraser and discuss new features added to the project.
Federated Services is a new feature in Linkerd which allows a single Service to transparently span multiple Kubernetes clusters while remaining resilient to failures in one or more clusters -- without needing to change the application. In this lightning talk, we'll discuss the design considerations and constraints navigated in the process of adding Federated Services to Linkerd. We discuss how this design process took into account prior art (such as work in SIG-Multicluster), explored a variety of designs, and focused on delivering a solution that was tractable, clear, explicit, simple, and valuable to Linkerd users.
With all of the cloud native and AI technology out there, it can be hard to figure out what technologies are best for your organization to adopt. Come to this quick lightning talk to figure out if Istio is right for you!
Kuma is an open source service mesh that delivers advanced security mechanisms, traffic management and observability for microservices. In this session, we’ll talk about the latest releases and most exciting features from each.
Highlights include: - MeshPassthrough - a new policy that allows exposing external endpoints for “thick” clients through the mesh and support for wildcard DNS records. - MeshExternalService - a new resource that overcomes existing limitations with the ExternalService resource. - HostnameGenerator - a new resource that provides a way to generate custom domains inside your mesh. - MeshService - a replacement for “kuma.io/service” tag that allows better scalability and allows adding metadata to a service. - Namespaced policies - allow Kubernetes-native UX where all app-related resources are applied in the application’s namespace.
“Get your hiking boots ready because we are about to traverse the wild, wonderful world of the CNCF Landscape. Why you ask? We currently have over 190 projects, and finding information about them can be a challenge. “Just go to the website” isn’t enough, sometimes you need a guide to show you the ropes. In these introductory sessions we will go over some of the diverse set of projects inside the CNCF so that you’re well equipped to find what you’re looking for at KubeCon.
It’s been an exciting eight months since Envoy Gateway went GA at KubeCon EU in Paris! Join us for this lightning talk to dive into the project’s adoption, explore standout features from the v1.1 (July 2024) and v1.2 (November 2024) releases, and discover how Envoy Gateway is now turbo charging traffic management for Generative AI applications.
Knative Eventing has learned a bunch of new tricks in the last year. In this talk, we’ll talk about advances in describing and controlling asynchronous messages between components, including authentication, authorization, and filtering.
Quick session on how we are getting creative on the ways we implement new functionality and correct design decisions on your favorite 10 year old CLI tool!
This talk is a short format summary of the progress achieved by the Metal3 project and its community, particularly in last couple of years, aspiring for incubation. We will do a quick walkthrough of the latest and greatest features of the project and an overview of the road-map of the project.
Discover how integrating SBOM (Software Bill of Materials) with Harbor enhances your software supply chain security. In this lightning talk, we'll cover:
- What is SBOM?: Quick overview of its role in software transparency. - Integration with Harbor: Highlights of the SBOM integration in Harbor v2.11. - Security Best Practices: Using SBOM to identify and address vulnerabilities.
Perfect for software engineers, DevOps professionals, and security enthusiasts looking to strengthen their software supply chain.
This talk will introduce the key capabilities in SlimToolkit: inspecting, minifying, and debugging containers that will enhance your developer experience with containerized applications.
We'll walk through a number of short examples showing how common container related problems can be addressed using various commands provided by the tool.
* Are the popular recommendations to create production-ready containers not possible in your environment, or is it just too much work? * Do you find it difficult to understand what's in containers when you are fixing bugs or when you are selecting new containers to use? * Is one of the reasons why you avoid using minimal container images the challenges of debugging them? * Are you not sure what minimal container images are?
If you answered yes to any of these questions, or if you are curious about how this CNCF project can improve your overall container developer experience, this talk is for you.
Struggling to secure your Kubernetes clusters and automate workloads? Kyverno offers a unique solution to combat configuration complexity! This fast-paced talk presents five real-world examples to show you how Kyverno can automate security and simplify workload management.
At last, OPA's made it to v1! Let's take a whistle-stop tour of what's involved in cutting a v1 release for a project over 3.5 billion downloads; its own language and large community. Get the latest updates, and glimpse into the future in this light speed overview!
Falco, the CNCF runtime security project, can continuously monitor your entire environment looking for suspicious activity. From bare metal servers to massive Kubernetes clusters made of hundreds of thousands of nodes to your cloud provider activity, Falco and its powerful detection rule system have you covered. In this Lightning Talk, Luca and Melissa will focus on how the Falco project is constantly evolving to meet defenders' needs by providing rich libraries of detection rules, making it easier to customize them, catch bypass attempts and bring light to every dark corner of modern cloud infrastructures.
Maintaining secure container images and addressing new vulnerabilities quickly is a major challenge. To patch images, users face two options: wait for third-party authors to release updates, which can take weeks, or perform a full image rebuild, a time and resource-intensive process. Project Copacetic (Copa) enhances the image patching process, reducing turnaround time and complexity. It integrates easily into existing build infrastructure, giving users greater control over their patching timeline and reducing costs. Copa scans container images using tools like Trivy to generate a vulnerability report and parses the report for necessary OS-level package updates. It applies these updates to the target image using Buildkit (Docker’s default builder) to create a new patch layer on the original image. Copa can even patch distroless images by leveraging external tooling. The talk will overview Copa, highlighting new features like scanner plugins and omitting reports to update all packages.
This talk will be a short introduction to OpenFGA, a report on the state of the project and an exploration of different adoption use cases from companies all sizes.
Meshery and its extensions empower you to navigate cloud native infrastructure in complex environments. This lighting talk delves into the human-computer interaction (HCI) principles that underpin MeshMap's intuitive visualization of Kubernetes resources and the various forms of inter/relationships with other CNCF projects' resources.
Human-Computer Interaction Principles in Meshery:
- Cognitive Load: How Meshery reduces cognitive load by presenting complex information in a structured and visually digestible manner. - Mental Models: How Meshery aligns with users' mental models of Kubernetes environments, facilitating comprehension and navigation. - Visual Perception: How Meshery leverages visual cues, colors, and layout to guide users' attention and highlight critical information.
Get a quick intro of GitOps and Progressive delivery using Flux, how to get started, and new capabilities with the last release of 2024.
We'll walk you through key features of Flux (a graduated project and GA) such as being multi-everything (multi-tenant, multi-cluster, etc.). And Flux works with your existing tools (like CI and Kubernetes tools).
We'll cover reliability and security reasons that Flux is the GitOps tool of choice for cloud vendors, global enterprises, and other companies.
In this lightning talk, we will introduce the CNCF Runtime TAG, discuss how we work with TOC and CNCF Runtime related projects, and highlight the work the TAG and the working groups have done to build guidance and write whitepapers for the ecosystem. Join us to find out how to contribute and participate in the CNCF Runtime community.
Along with the Kubernetes community's corraling behind the usescases of generative AI comes a slew of implementation hurdles to overcome. One such hurdle is the problem of moving around bulky models. While many methods exist today, the SIG-Node and WG-Serving community sought to find a Kubernetes native approach. What better way than utilizing a foundational part of Kubernetes: the OCI distribution spec.
In this talk, we will discuss the process of designing KEP-4639, the status of the feature, and go through some real world use-cases for using OCI distribution methods we know, love and rely-upon to move AI models to your production servers.
With the popularity of LLM apps, there is an increasing demand for running and scaling AI workloads in the cloud and on edge devices. Rust and Wasm offer a solution by providing a portable bytecode that abstracts hardware complexities. WasmEdge is a lightweight, high-performance and cross-platform LLM inference runtime. WasmEdge provides a standard WASI-NN API to developers. Developers only need to write against the API and compile to Wasm. The Wasm file can run on any device, where WasmEdge translates and routes Wasm calls to the underlying native libraries such as llama.cpp.
Accessibility is often an afterthought, a checklist item rather than a fundamental right. That is especially true for people who have never met a person with a disability. While recognized as important, accessibility is still an abstract concept. This talk challenges that perception by sharing personal stories and practical insights, putting a human face to accessibility. This CNCF Deaf and Hard of Hearing WG talk aims to bridge the gap and foster empathy. Discover how to shift from mere compliance to empathy, building a truly inclusive environment where everyone feels valued and belonged. Attendees will leave inspired to become accessibility advocates in their own communities.
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise
The end-user Pavilion tour: The 200+ CNCF Projects are as diverse as the community that builds them. It can be overwhelming to sample from the buffet. In this tour for end users, Bob Killen and Jorge Castro will introduce you to the projects in the pavilion, with a focus on how end users can learn to not just consume CNCF Projects, but get involved in the direction and stewardship of cloud native
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.