Loading…
Attending this event?
Seattle, WA
December 10–13, 2018
Click Here for More Information & Registration
View Venue Map
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Sunday, December 9
 

2:00pm

Badge Pickup at WSCC
Sunday December 9, 2018 2:00pm - 6:00pm
Atrium Lobby, 4th Floor
  • Skill Level Any

2:00pm

Badge Pickup at Grand Hyatt
Sunday December 9, 2018 2:00pm - 8:00pm
Grand Hyatt Seattle 721 Pine Street Seattle, Washington, United States, 98101

2:00pm

Badge Pickup at Hyatt Olive 8
Sunday December 9, 2018 2:00pm - 8:00pm
Olive 8 737 Olive Way, Seattle, WA 98101

2:00pm

Badge Pickup at Renaissance
Sunday December 9, 2018 2:00pm - 8:00pm
Renaissance Seattle 515 Madison St, Seattle, WA 98104

2:00pm

Badge Pickup at Sheraton
Sunday December 9, 2018 2:00pm - 8:00pm
Sheraton Seattle 1400 6th Ave, Seattle, WA 98101

2:00pm

Badge Pickup at Westin
Sunday December 9, 2018 2:00pm - 8:00pm
The Westin Seattle 1900 5th Ave, Seattle, WA 98101

5:00pm

Kubernetes Contributor Summit (Additional registration required)
For registered attendees of the Kubernetes Contributor Summit only. 

The new contributor workshop is a 3-hour session that cannot be dropped into. If you cannot attend for the full duration, please consider starting with our new contributor guide or reviewing some of the new contributor information on youtube. If you have any problems with this process, please email community@kubernetes.io.

The Contributor Summit brings together new and current Kubernetes contributors alike to connect and share face-to-face. It is an opportunity for existing contributors to help shape the future of community development and governance and offers a welcoming space for new community members to learn, explore and put the contributor workflow to practice.

Seattle 2018 is expecting to draw the largest attendance yet. Expect a 1.5 day conference with more details in the upcoming months. We will share those via CNCF/KubeCon channels, our k-dev mailing list, and our weekly Thursday Community Meeting.



Sunday December 9, 2018 5:00pm - 8:00pm
Garage 1130 Broadway Seattle, WA 98122
 
Monday, December 10
 

8:00am

Kubernetes Contributor Summit (Additional registration required)
How to register: SOLD OUT

The new contributor workshop is a 3-hour session that cannot be dropped into. If you cannot attend for the full duration, please consider starting with our new contributor guide or reviewing some of the new contributor information on youtube. If you have any problems with this process, please email community@kubernetes.io.

The Contributor Summit brings together new and current Kubernetes contributors alike to connect and share face-to-face. It is an opportunity for existing contributors to help shape the future of community development and governance and offers a welcoming space for new community members to learn, explore and put the contributor workflow to practice.

Seattle 2018 is expecting to draw the largest attendance yet. Expect a 1.5 day conference with more details in the upcoming months. We will share those via CNCF/KubeCon channels, our k-dev mailing list, and our weekly Thursday Community Meeting.


Monday December 10, 2018 8:00am - 5:00pm
606-609

8:00am

8:00am

OpenShift Commons Gathering by Red Hat (Additional registration + fee required)
Registration Fees: $99

Join key stakeholders, customers, upstream project leads, and contributors that make up the Red Hat OpenShift ecosystem for a full day of talks, demos and case studies from stakeholders, customers, and contributors from across the OpenShift ecosystem.

The OpenShift Commons Gathering brings together experts from all over the world to discuss real-world implementations of container technologies, best practices for cloud native application developers and the upstream open source software projects that make up the OpenShift ecosystem.

Speakers come from the over 400 member organizations that now make up the OpenShift Commons ecosystem. The Seattle event will includes Case Studies by members with production deployments of OpenShift, talks by Kubernetes and other upstream project leads, deep dives into the current and future releases of OpenShift, Operator Framework and Kubernetes by members of Red Hat’s OpenShift engineering and product management teams.

There will be ample time for peer-to-peer networking, Q/A as well as an evening reception for attendees.

Confirmed Keynotes and Speakers already include:
  • Chris Wright on Emerging technology and innovation
  • Clayton Coleman on Kubernetes 1.11 and Beyond
  • Mike Barrett on OpenShift 3.x: Features/Functions/Future
  • Sebastian Pahl on Operator Framework
  • Diane Mueller on Cross-Community Collaboration with Upstream
More speakers and panelists are being added, bookmark the full Agenda here.

How to register: Pre-registration is required. To register for the OpenShift Common Gathering, add it on during your KubeCon + CloudNativeCon registration.

Monday December 10, 2018 8:00am - 8:00pm
Ballroom 6E

8:00am

Badge Pickup at Hyatt
Monday December 10, 2018 8:00am - 8:00pm
Grand Hyatt Seattle 721 Pine Street Seattle, Washington, United States, 98101

8:00am

Badge Pickup at Hyatt Olive 8
Monday December 10, 2018 8:00am - 8:00pm
Olive 8 737 Olive Way, Seattle, WA 98101

8:00am

Badge Pickup at Renaissance
Monday December 10, 2018 8:00am - 8:00pm
Renaissance Seattle 515 Madison St, Seattle, WA 98104

8:00am

Badge Pickup at Sheraton
Monday December 10, 2018 8:00am - 8:00pm
Sheraton Seattle 1400 6th Ave, Seattle, WA 98101

8:00am

Badge Pickup at Westin
Monday December 10, 2018 8:00am - 8:00pm
The Westin Seattle 1900 5th Ave, Seattle, WA 98101

8:00am

Badge Pickup at WSCC
Monday December 10, 2018 8:00am - 8:00pm
Atrium Lobby, 4th Floor

8:30am

Get Hands on with HPE Hybrid Cloud and Container Solutions (Additional registration required)
From beginner to experts.... Join this free workshop covering the basics and how to implement HPE hybrid cloud and container solutions.  The workshop led by HPE technical experts will provide a technical information on:

1. End to End Hybrid Cloud Management using HPE OneSphere - Digital disruption is having a profound effect on every company. IT departments are being asked to support an increasing number of providers and manage a faster application cadence. HPE OneSphere helps by providing a managed cloud layer on existing virtualized infrastructure and being a single portal to manage a hybrid cloud and container environment. You’ll learn how HPE OneSphere, with its powerful REST API, can compose hybrid clouds capable of supporting both traditional and cloud-native applications.

Speaker(s) – Steve Showalter, Said Syed, Paul Holland, Travis Tripp

2. Storage for Containers  – Introduction to the HPE Storage portfolio in relation to containers and Kubernetes in particular. HPE 3PAR, HPE Nimble Storage and HPE Cloud Volumes all provide advanced data services to drive popular use cases for container deployments. In this session you’ll learn the basics of persistent storage in Kubernetes and the components needed to allow dynamic provisioning. Also, don’t miss this opportunity to learn what HPE Storage has in store for CSI (Container Storage Interface) the next generation storage interface for container orchestrators.
  • Workshop pre-requisites: Please bring a laptop with root access to a Ubuntu 18.04 instance if you’re interested in following along as we deploy Kubernetes, persistent storage drivers and setup dynamic provisioning. We’ll then walk through a few examples how to deploy a stateful workload on Kubernetes.

    Speakers: Michael Mattsson, Eric Forgette

3. Containers with End to End Life Cycle using HPE Composable Infrastructure - Provides the flexible infrastructure you need to incorporate container services into DevOps, host existing applications, add new micro services, and modernize legacy applications. It enables you to dynamically provision and scale applications, whether they run in VMs or containers. The software defined architecture allows you to compose compute, storage, and networking resources to target specific workloads. HPE Image Streamer enables stateless deployment of the operating system and other supporting software required to make the resources ready to run.

Speaker(s) – Bob Fraser

4. HPE Proliant for Azure Stack - This hybrid cloud solution enables you to deliver Azure services from your data center. Azure stack allows you to bring modern cloud services to your sensitive data and edge applications that may not yet be suitable for the public cloud.

Speaker(s) – Vivek Kulkarni

In these workshops during the day, we will walk through the challenges of deploying and managing applications in hybrid cloud environments. The workshops will include hands on demonstrations in a class room setting with subject matter experts to help you out.

Schedule:
8:30 AM – 9.00 AM Check-in and breakfast
9.00 AM – 9.15 AM Introduction (Said)
9:15 AM to 10:45 AM OneSphere (Steve Showalter, OneSphere Evangelist)
10:45 AM to 11:00 AM Break
11:00 AM to 12:30 PM Cloud and Container Storage
12:30 PM to 1:15 PM Lunch
1:15 PM to 2:45 PM Container BMaaS on HPE Composable Infrastructure
2:45 PM to 3:00 PM Break
3:00 PM to 4:30 PM Private Cloud HPE Azure Stack
4:30 PM to 5:00 PM Wrap up, Raffle and Networking!

SOLD OUT

Monday December 10, 2018 8:30am - 5:00pm
618-620

8:30am

Cloud Native Storage Day (Additional registration required)
Join us for a very special Cloud Native Storage Day co-located at KubeCon Seattle 2018! We have brought together users of cloud native storage technologies as well as experts from the top cloud native storage companies to bring you a fantastic day rich with thought-provoking sessions including technical demos, panel discussions, presentations, and a terrific networking opportunity for you to get to know the experts in Container Storage. Come learn all about the virtues of multi-cloud operations of stateful services with Kubernetes, running stateful applications in containers, cloud native data management, in short, all things cloud native storage. Be sure to come early for a continental breakfast, and stay to the end for a commemorative t-shirt and networking happy hour! For the full agenda visit CloudNativeStorageDay.com

SOLD OUT

Monday December 10, 2018 8:30am - 6:30pm
307/308

9:00am

Deploying Serverless Apps to Kubernetes with Knative by Google Cloud (Additional registration + fee required)
Cost: $20 (donation to CNCF diversity scholarship)

This workshop is an introduction to Knative (www.knative.dev), a set of serverless building blocks for Kubernetes. You can use Knative to build your own serverless/FaaS platform, or use it directly to have a serverless-like developer experience on Kubernetes.
In this workshop taught by Google engineers, we will deploy a containerized application to Kubernetes via Knative, have it run only when a request comes, and scale back to more instances or zero. Then, we will show how to use Knative Build to go from source code to a deployed serverless application by building it inside the Kubernetes cluster.
Note: Attendees must bring their computers to participate. Attendees will be provided with prepaid Google Cloud Platform accounts valid during the workshop to deploy a Kubernetes cluster.
Speakers
  • Ahmet Alp Balkan, Developer Relations, Google
  • Megan O'Keefe, Developer Relations, Google


Monday December 10, 2018 9:00am - 1:00pm
Skagit 4/5 @ TCC The Conference Center (TCC) - Separate from WSCC building

9:00am

Using Istio and GKE On Prem to Manage On-Prem Data Center Downtime and Maintenance (Additional registration + fee required)
In this workshop, we will show how to combine Istio, GKE, and GKE On Prem to handle common data center operations. First, we will go through the steps of deploying Istio across environments and setting up Istio routing rules. Next we will show how you can use Kubernetes cron jobs to push traffic to the cloud for scheduled on-prem downtime and configure a “watchdog” to prioritize traffic to the cloud in the event of a traffic spike that your on-prem cannot handle.

SOLD OUT


Monday December 10, 2018 9:00am - 1:00pm
Google Seattle Office 601 N 34th St, Seattle, WA 98103

9:00am

Getting to Continuous Delivery For Your Cloud-Native Applications (Additional registration + fee required)
Cost: $25 per person, with 100% of proceeds donated to the CNCF diversity scholarship fund.

Join this two-part workshop to dig into new approaches for creating continuous delivery pipelines for your containerized applications. Through hands-on exercises and demonstrations, you will learn how to continuously build and deploy containers and cloud-native applications to Kubernetes clusters, as well as how to provision and manage Kubernetes resources and cloud infrastructure as part of a container delivery pipeline.
9am - 12pm
Learn how Puppet’s newest CI/CD tools simplify continuous deployment of your cloud-native applications to Kubernetes. You’ll get hands-on experience with:
  • Provisioning and managing Kubernetes clusters in GKE and EKS.
  • Creating continuous delivery pipelines for your cloud-native applications and automating the build-test-deploy workflow for containers running in Kubernetes.
  • Using Helm charts to deploy Kubernetes resources and applications.
  • Sharing and reusing Helm charts via a Helm Chart repository
12 - 12:30 pm
Lunch will be provided by Puppet.
12:30 pm - 2pm
Learn about a new open source project to continuously develop, test, and orchestrate cloud infrastructure as code, including how to rapidly provision infrastructure as part of a container delivery pipeline. You’ll get hands-on experience with:
  • Creating, provisioning and orchestrating cloud resources and services as well as containers and serverless functions as code.
  • Ensuring stateful management of cloud resources.
  • Orchestrating multi-cloud resources across providers in a consistent way.

Interested in learning more about Puppet's newest CI/CD tool? Learn more here. 

SOLD OUT

Monday December 10, 2018 9:00am - 2:00pm
204

9:00am

Kubernetes and Service Mesh Workshop with VMware (Additional registration + fee required)
This workshop led by VMware will provide a technical in-depth on Kubernetes, Microservices and Service Mesh. Kubernetes and Microservices almost go hand in hand. Operating and managing Microservices based architecture introduce its own set of complexity to deal with.
In this Workshop, we will walk through some of the challenges, of operating and architecting around microservices, introduce the concepts of a service mesh, how it helps. The workshop will be a mix of demonstrations, lecture and Hands on experience.
Join us for a live interactive workshop where our experts will cover the following topics:
  • Deep-Dive on Kubernetes Technical Architecture
  • Microservices and the complexities it brings
  • Requirements of a typical Service Mesh
  • Deep dive in Istio using sample use cases
The workshop includes a reception focused on service mesh right afterward.

Timeline:
8:30 AM Breakfast and Check-in
9:00 AM to 10:15 AM Deep dive into Kubernetes Concepts
10:15 AM to 10:30 AM Break
10:30 AM to 11:45 AM Introduction to Microservices and its challenges
11:45 AM to 1:00 PM Lunch
1:00 PM to 2:00 PM Introduction to Service mesh and its components
2:00 PM to 3:00 PM Service Mesh use cases and demo with Istio
3:00 PM to 3:15 PM Break
3:15 PM to 4:30 PM VMware Cloud PKS (formerly VKE)

SOLD OUT

Monday December 10, 2018 9:00am - 4:30pm
2 A/B

9:00am

Ballerinacon - Writing Microservices with a Cloud Native Programming Language (Additional registration required)
Ballerina makes it easy to write cloud native applications while maintaining reliability, scalability, observability, and security. It is a compiled, transactional, statically and strongly typed programming language with textual and graphical syntaxes.
Ballerina takes center stage at Ballerinacon to showcase how we make integration simple and agile. Featuring sessions on leveraging the cloud native programming language for building microservices in highly disaggregated architectures, join key stakeholders, contributors, and customers for a day of talks, demos, and case studies.

Agenda:
9:00 AM – 10:00 AM - Ballerina is not Java (or Go or ..) - Speaker: Sanjiva Weerawarana
10:00 AM – 11:00 AM - Role of Integration and Service Mesh in Cloud Native Architecture
Speaker: Christian Posta
11:00 AM – 11:15 AM - Break
11:15 PM – 12:00 PM - Ballerina in the Real World - WSO2 API Micro Gateway - Speaker: Nuwan Dias
12:00 PM –12:30 PM - BOF: Core Language Design - Speakers: Sanjiva Weerawarana, Sameera Jayasoma, and Hasitha Aravinda
12:30 PM – 1:30 PM - Lunch
1:30 PM – 2:15 PM - Ballerina Integration with Codefresh CI/CD - Speaker: Kasun Indrasiri
2:15 PM – 3:00 PM - Source to Service Mesh with Ballerina and Istio - Speaker: Lakmal Warusawithana
3:00 PM – 3:15 PM - Break
3:15 PM – 4:00 PM - Ballerina in the Real World (TBA)
4:00 PM – 4:45 PM - Ballerina Integration with Azure Cloud Services - Speaker: Anjana Fernando

To learn more about Ballerina, please visit the website.

SOLD OUT

Monday December 10, 2018 9:00am - 5:00pm
Yakima 1 @ TCC The Conference Center (TCC) - Separate from WSCC building

9:00am

Fast Data (FD.io) Project Mini Summit (Additional registration required)
Schedule announced!

FD.io (Fast Data) is the first truly open data plane project focusing on data IO performance, scalability, efficiency, and programmable flexibility for networking and storage. FD.io provides a modular, extensible user space IO services framework that supports rapid development of high-throughput low-latency resource-efficient IO services. The design of FD.io is hardware, kernel, and deployment (bare metal, VM, container) agnostic. FD.io has been integrated with Kubernetes, OpenStack Neutron, and OpenDaylight to provide a drop in upgrade for all of your dataplane needs.

A key component of FD.io is the Vector Packet Processing (VPP) library contributed at the foundation of the project. The commercial-ready code targetable to run on standard x86, Arm, and Power servers is already running in products on the market today. VPP when connected to DPDK for network I/O has shown to perform two orders of magnitude faster than currently available open source options implementing switching or routing workloads, reaffirming one of the core principles of FD.io: a focus on performance.

Join us for the Fast Data (FD.io) Project Mini Summit at KubeCon+CloudNativeCon North America in Seattle, Monday, December 10, to learn from FD.io community experts who will be sharing information about the projects, use cases, capabilities, how FD.io enables cloud native network functions, cross-community integration with Kubernetes/ODL/OPNFV/other communities, tools and many more exciting topics. This is a great opportunity for KubeCon+CloudNativeCon attendees to share thought leadership and innovations at one of the industry’s premier events.

SOLD OUT

Monday December 10, 2018 9:00am - 5:00pm
4C-4

9:00am

Kubernetes II -- Advanced Hands-on Training (Additional registration + fee required)
This advanced Kubernetes training course builds upon the Kubernetes I course and assumes the attendee is already comfortable with the following topics:

  • Containers and authoring Docker files
  • Kubernetes API and concepts (Pods, Services, Deployments, ReplicaSets, etc.)
  • Kubernetes architecture (how watches work, control plan components, etc.)
  • Kubernetes networking (how networking is designed and difference between different Service types
  • kubectl and using it for Deployments/Services
Using a combination of instructor led lectures, use case examples, and hands-on exercises, the training will enable the attendee to go into detail on the following topics:

  • kubectl configuration file manipulation and understanding
  • logging in Kubernetes and different architectures to enable centralized logging
  • Persistent Volumes, StatefulSets, and Local Storage
  • resource requests/limits and quotas
  • node and pod affinities
  • resource organization
  • jobs and cronjobs
A complete cloud lab environment will be provided, so the only requirement will be a laptop with a modern version of Chrome or Firefox.

SOLD OUT

Monday December 10, 2018 9:00am - 5:00pm
Skagit 3 @ TCC The Conference Center (TCC) - Separate from WSCC building

9:00am

The Cloud Native Culture & Industry Summit by Oracle (Additional registration required)
Support Women Who Code by Adding The Cloud Native Culture & Industry Summit (Dec 10th) to your registration!

For a limited time, sign up for free and Oracle will donate $100 per registration to Women Who Code, and all attendees will receive a t-shirt!

Check out the agenda, with heavy hitters Kris Nova, Ashley McNamara, John Harris, Chad Arimura, Kire Filipovski, Christopher Woods, TJ Fontaine, Micha Hernandez van Leuffen and more, who will delve into cloud native ethos, serverless, extending Kubernetes for app dev, and how to deploy secure, agile microservices.

Watch the Oracle Cloud Native Labs Teaser. Get Amped. Join In!

About the Summit
Join some of the industry's top cloud native minds for a concentrated dose of technical talks paired with hands-on learning.
We’ll host an innovator’s panel, cover all things serverless, including the Fn Project, how to extend Kubernetes to ease application development, how to deploy secure, agile microservices on top of Kubernetes, and much more.
You won’t want to miss the Cloud Native Past, Present, and Future panel as it's chock full of your favorite practitioners, innovators, and maintainers including Kris Nova, Ashley McNamara, John Harris, and more. They will delve into milestones of our evolution, what’s driving key technology choices today, and how innovation is being defined for the future. These influencers will hash out what’s at stake and distill what really matters.
Hear from the creator of the Fn Project, the container-native serverless platform, and former Co-Founder and CEO of Iron.IO, Chad Arimura, and from an HPC Fn user, Christopher Woods of the University of Bristol, who is pushing the boundaries of compute with open source.

The former Co-Founder of OneOps, now Cloud Architect at Oracle leading design and implementation of a distributed application management system, Kire Filipovski, will share his team’s latest open sourced tooling for creating a fully autonomous modern application development framework.

About Oracle Cloud Native Labs
Oracle Cloud Native Labs is here to empower the next generation of cloud native users with a curated set of solutions, tutorials, best practices, and more, all designed to spark inspiration, drive hands-on experiences, and unleash our industry’s potential.
Confirmed Speakers

Chad Arimura - former Co-Founder and CEO of Iron.io, current VP Serverless Advocacy, Oracle

Kaslin Fields - Solutions Architect, Oracle, focused on containers (particularly Kubernetes) and active community member in the Seattle meetup scene

Kire Filipovski – Former Co-founder of OneOps, current Cloud Architect, Oracle, leading design and implementation of a distributed application management system

TJ Fontaine - Former Node.js Project Lead, current Container Native Architect and Kubernetes Contribution Lead, Oracle

John Harris – Technical Account Manager, Docker, where he works with customers to help implement and adopt container platforms with a focus on Kubernetes

Ashley McNamara - Developer Advocate, Microsoft specializing in Linux, Containers, Go, and Web Technologies
Kris Nova – Senior Developer Advocate, Heptio focusing on containers, infrastructure, and Kubernetes. Kris is an ambassador for CNCF, Kubernetes maintainer, and creator of kubicorn
 
Christopher Woods - Research Software Engineer, University of Bristol, managing the research on the BioSimSpace project with Microsoft and Oracle to adapt biomolecular simulation software so that it can be used commercially in the cloud

Bob Quillin - Former Co-Founder and CEO of StackEngine, current Vice President of Developer Relations, Oracle

Click here to view speaker, session, and agenda updates.

How to Register:
Pre-registration is required, simply sign up or add to your KubeCon + CloudNativeCon registration. Event fee will be donated to Women Who Code.


Monday December 10, 2018 9:00am - 5:00pm
Chelan 2 @ TCC The Conference Center (TCC) - Separate from WSCC building

9:00am

The GAME CHANGER-- Navigating Container and Kubernetes (Additional registration + fee required)
Who is Verizon?
Verizon delivers the promise of the digital world by enhancing the ability of humans, businesses and society to do more new and do more good. We call it humanability. We constantly strive to improve the way we work.
————————————————
About the Day
We at Verizon have leveraged Docker and Kubernetes to help support our public cloud migration goals and set the stage for digital transformation acceleration.
We will be sharing the Verizon journey on adopting Kubernetes, and the challenges we had to solve for that are unique to large organizations. We will also be sharing the challenges we ran into adopting and enabling the platform at scale. Our discussion will revolve around:
  • Capabilities – Solving for the Kubernetes platform services like single sign-on, RBAC for the enterprise
  • Migration – Retrofitting existing apps to run in Kubernetes
  • Compliance – Meeting compliance requirements around software and hardware inventory, separation of duty concerns
  • Security – Implementing an enterprise grade security solution through all facets of software development life cycle
  • Value Proposition – Rallying everyone (Developers, Security Engineers, Operations Engineers & Management) in the organization to support this initiative and getting past resistance
Our aspiration is to build a community for enterprises by enterprises that focuses on solving for requirements / challenges that are unique to the enterprise organization. We want to share our best practices and lessons learned through our own experience.
Join our passionate engineers for a deep dive on the technical and cultural foundations needed to deploy and leverage the benefits of this game changing technology.The session will be broken down into four segments:
1. Foundational Challenges We Solved For
  • Preparing for Adoption at Scale – From aspiration to executable strategy
    • Value proposition for the organization and why we chose a multi- tenant model & how to sell the organization on this model
  • Platform Architecture
    • MVP1 architecture, CI/CD approach, secrets management, private Docker registry, leveraging Docker Hub images & addressing vulnerabilities
  • Supporting Multi Tenancy – 7 portfolios and 10k developers
    • Corporate LDAP integration – (KubeCtl plugin, Auth-API), Namespace Management & Automated provisioning controller, Helm/Tiller architecture
2. Advanced Challenges We Solved For
  • Automation – Cluster Deployment Automation
    • Installer(KOPS / KubeAdm) tradeoff, and our experience with building our own
  • Logging – Solving for inconsistent log aggregation
    • Finding an extensible solution to balance between disparate existing legacy logging solutions and a scalable architecture without operational overhead
  • Security – Achieving CIS benchmark compliance
    • Solving for cloud native security posture for legacy monolithic applications
  • Operator Framework / Persistent Volumes / Session Affinity
    • Where we leveraged and how we solved for it
  • Embracing Google SRE
    • What worked for us and what is difficult to achieve
3. Metrics, Workload Migration, Training & Developer Environment
  • Measuring Benefits
    • Defining what to measure is comparatively easy, but how do you consistently measure across hundreds of workloads and how can a platform like Kubernetes contribute to achieving the measurement?
  • Workload Migration – planning and approach for large scale migration
    • What type of legacy workloads (including stateful) were we able to migrate
  • Training
    • Technology training is helpful, but enterprise environment and training labs are not the same. How do you bridge the gap, we will share our approach / playbook
  • Developer Environment
    • Leveraging Docker for Developer environment setup and eliminating frictions in cross team developer migration and application setup
4. Building a Community for Enterprise, by Enterprise
  • Collaboration Topics & Open Source Projects
Refreshments and Lunch will be Served
How to register: Pre-registration is required. To register for The GAME CHANGER — Navigating Container and Kubernetes, add it on during your KubeCon + CloudNativeCon registration.

Monday December 10, 2018 9:00am - 5:00pm
201 705 Pike St, Seattle, WA 98101

9:00am

Your Path to Production Ready Kubernetes by Weaveworks (Additional registration + fee required)
Join this workshop and accelerate your journey to production-ready Kubernetes by learning the practical techniques for reliably operating your software lifecycle using the GitOps pattern. The Weaveworks team will be running a full-day workshop, sharing their expertise as users and contributors of Kubernetes and Prometheus, as well as followers of GitOps (operations by pull request) practices.

Using a combination of instructor led demonstrations and hands-on exercises, the workshop will enable the attendee to go into detail on the following topics:
• Developing and operating your Kubernetes microservices at scale
• DevOps best practices and the movement towards a “GitOps” approach
• Building with Kubernetes in production: caring for your apps, implementing CI/CD best practices, and utilizing the right metrics, monitoring tools, and automated alerts
• Operating Kubernetes in production: Upgrading and managing Kubernetes, managing incident response, and adhering to security best practices for Kubernetes

Prerequisites:
• Basic knowledge of Kubernetes is required. At a minimum practical experience experimenting with Kubernetes is required
• You have deployed a few applications to a test cluster, and now want a path forward of how to use Kubernetes in production
• Familiarity with the Unix command line
• A complete cloud lab environment will be provided, so bring laptop with a modern browser

This workshop doesn’t cover:
• Deep knowledge of the Prometheus Query Language. We’ll be working through practical examples, but won’t cover the rest of PromQL
• Kubernetes Introduction and concepts. We won’t be going through an overview of Kubernetes, instead we focus on application in the real world.

Agenda:
• Welcome & introduction
• Getting started with your environment
• What is “Production Ready” (cluster & app checklist)
• Monitoring a production cluster (Prometheus & Observability)
• Building for observability (HPA, Istio Canary, FluentD & Prometheus)
• Declarative infrastructure in practice (GitOps model, Infra as code)
• Devops and GitOps in practice (CI/CD pipelines, compliance tracking)
• Advanced Deployment Patterns (Canary, Blue/Green, A/B testing)
• Security best practices (RBAC, Kubernetes security groups, network policies)
• Node management and Kubernetes upgrade

Lunch, refreshments and snacks will be provided.

SOLD OUT

Monday December 10, 2018 9:00am - 5:30pm
303

9:00am

Cloud Foundry Day (Additional registration + fee required)
Registration Fees: $30

See the schedule here!

KubeCon + CloudNativeCon is the place for the cloud-native community, and Cloud Foundry is synonymous with cloud-native. From startups to the Fortune 500, Cloud Foundry is used by enterprises around the globe to automate, scale and manage cloud apps throughout their lifecycle. Cloud Foundry Day at KubeCon + CloudNativeCon Europe is an educational event designed for the best minds of the cloud-native world attending KubeCon + CloudNativeCon.

How to register: Pre-registration is required. To register for Cloud Foundry Day, add it on during your KubeCon + CloudNativeCon registration.

Learn more

Monday December 10, 2018 9:00am - 6:00pm
4C3

9:00am

EnvoyCon (Additional registration + fee required)
See the Schedule here.

As on the ground microservice practitioners quickly realize, the majority of operational problems that arise when moving to a distributed architecture are ultimately grounded in two areas: networking and observability. It is simply an orders of magnitude larger problem to network and debug a set of intertwined distributed services versus a single monolithic application.

Originally built at Lyft and now a CNCF incubating project, Envoy is a high performance C++ distributed proxy designed for single services and applications, as well as a communication bus and “universal data plane” designed for large microservice “service mesh” architectures. Envoy runs alongside every application and abstracts the network by providing common features in a platform-agnostic manner. When all service traffic in an infrastructure flows via an Envoy data plane, it becomes easy to monitor problem areas via consistent observability, tune overall performance, and add substrate features in a single place.

SOLD OUT

Learn more

Monday December 10, 2018 9:00am - 6:00pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building

9:00am

FoundationDB Summit (Additional registration + fee required)
Registration Fees: $150

FoundationDB Summit is a technical conference organized by the FoundationDB community for companies and developers using FoundationDB, the recently open-sourced distributed database. At this inaugural event, we’ll be organized on a single track with plenty of time to meet and learn from early adopters, core developers, and other community members.

How to register: Pre-registration is required.  To register for FoundationDB Summit, add it on during your KubeCon + CloudNativeCon registration

Learn More

Monday December 10, 2018 9:00am - 6:00pm
3 A/B

9:00am

Observability Practitioners Summit (Additional registration + fee required)
Registration Fee: $200

The Observability Practitioners Summit is a new conference, focused on pushing the field of monitoring and observability forwards by providing a mix of high quality talks and opportunities for discussion between the maintainers and users of tracing, metrics, logging, and alerting systems.

Representatives of OpenTracing, Prometheus and Jaeger will be in attendance.

How to register: Pre-registration is required. To register for Observability Practitioners Summit, add it on during your KubeCon + CloudNativeCon registration.

Questions about the event or becoming a sponsor? Please email observabilitysummit@linuxfoundation.org

Monday December 10, 2018 9:00am - 6:30pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building

9:30am

The Cloud Native Enterprise Summit by Google Cloud (Additional registration + fee required)
Tickets: $79 (Donation to CNCF Diversity Scholarship Fund)
Join us for an enlightening day as we explore the choices and challenges that face a modern enterprise company. We’ll highlight the elements of a cloud native stack and decipher the hype from practicality.
This day will feature insights from customer case studies and topic expert deep dives. The leaders behind projects like Kubernetes, Istio, Knative and more will share strategies on how these projects together can help move your business forward. 
We’ll cover Security, Innovation, Openness and leave time for questions so you walk-away with real world examples you can implement in your organization. 
Looking forward to seeing you in Seattle!
Full agenda coming. On deck includes Kelsey Hightower, Sarah Novotny, and more.
 

Monday December 10, 2018 9:30am - 4:30pm
615-617

9:30am

KubeSec Enterprise Summit by Aqua Security (Additional registration + fee required)
Registration Fee: $149 if registered by October 1st then the standard rate is $179

Please join us for this very first KubeSec Enterprise Summit, focused on the challenges faced by larger organizations with demanding security and compliance requirements when deploying Kubernetes in production.Whether you are just now beginning to roll out your first production implementation of Kubernetes, or are an early adopter looking to learn from the experience of your peers, you are sure to get valuable insights from this educational event. Co-hosted by Aqua Security, Amazon Web Services (AWS) and Red Hat, the day will provide a unique opportunity to hear from others who have already deployed Kubernetes to support highly secure solutions, as well as a range industry & technology experts in securing cloud-native applications.

The agenda will include:
· End-user presentations from JMPC, Starbucks and Tinder sharing their experiences / best practices
· Emerging trends in Kubernetes security technologies with experts such as Liz Rice and Michael Hausenblas
· Keynote presentations covering industry and market views, including industry analyst Forrester
· Time for peer-to-peer networking at breaks, and during lunch (box lunch is included with registration fee)

For more information on speakers, sponsors, and the full agenda, please visit our website.

How to register: Pre-registration is required. To register for KubeSec Enterprise Summit, add it on during your KubeCon + CloudNativeCon registration.

Monday December 10, 2018 9:30am - 5:30pm
4C 1/2

10:00am

Tungsten Fabric Developers Summit (additional registration required)
Location: Sheraton Seattle Hotel, Willow Room (1400 6th Avenue, Seattle, WA 98101)
Registration Fee: Free

Open source software is shaping how organizations compete, and SDN networking technology is evolving to support that revolution. However, building an SDN/NFVi platform that supports different open source infrastructure and app development technologies is not easy. Tungsten Fabric, a Linux Foundation Networking project,  is an open source SDN with a proven track record at scale in the demanding world of production carrier deployments.

Join us to learn about the project and how the community is preparing for some exciting edge computing use cases.

This event is brought to you by Juniper Networks (Headline Sponsor) and Redapt (Contributing Sponsor).

Agenda

Opening Session
  • 10:00 - 10:35 Tungsten Fabric project status update: a year @ LFN (Randy Bias, Juniper) (35 min)
  • 10:40 - 11:15 Tungsten Fabric community release process (Edward Ting, Lenovo) (35 min)
  • 11:20 - 11:55 Eliot: An Enterprise edge Lightweight IoT Blueprint (Wenjing Chu, Huawei) (35 min)
Lunch 12:00 - 12:45 (45 min)
  • 12:45 - 13:20 A progress in SmartNIC support in TF (Joseph Gasparakis, Intel) (35 min)
  • 13:25 - 14:00 Multi-Cloud Network Segmentation with Kubernetes and TF (Will Stevens, Syed Ahmed, CloudOps) (35 min)
  • 14:05 - 14:40 Bring Your Own Orchestrator: Yandex.Cloud Experience (Valentin Sinitsyn, Yandex) (35 min)
Break 14:45 - 15:00
How to register: Pre-registration is required. To register for Tungsten Fabric Developers Workshop, add it on during your KubeCon + CloudNativeCon registration.

Monday December 10, 2018 10:00am - 4:30pm
Sheraton Grand Seattle 1400 6th Ave, Seattle, WA

12:00pm

Get the Cert: Build Your Next App With Kubernetes + Istio (Pre-Registration is Required; Details in Description)
Registration Fees: Free; Register HERE

Do you need to select the right technologies to build the next productivity app in your application backlog? Get your hands dirty with those technologies before you start your build. Learn how Kubernetes and Istio make it easy to bind your app to advanced services like Watson, Blockchain, and IoT. Our developers will walk you through the step-by-step in this Hands-on-Lab, and you’ll walk away with a certification badge.

Kubernetes minimize outages and disruptions through self-healing, intelligent scheduling, horizontal scaling, and load balancing. Developers can easily roll out and roll back application versions, whether they’re collaborating in development and test environments or deploying to production. Even new application functionality is streamlined when developers extend apps with cloud services.
The Result: Spend more time coding and less time with the infrastructure.

Lab Instructors:
  • Daniel Berg, Distinguished Engineer, IBM Cloud Kubernetes Service Architect, IBM
  • Ram Vennam, Lead Technical Manager, IBM Cloud Kubernetes Service, IBM
  • Lin Sun, STSM & Master Inventor, Istio, IBM
Agenda:
  • 12:00PM-1:00PM: Lunch
  • 1:00PM-4:00PM: Hands-on-Lab
  • 4:00PM-6:00PM: Reception (Optional)
 
Register now!

Monday December 10, 2018 12:00pm - 4:00pm
Location known only to registrants

12:00pm

Kubernetes I – Intro to Kubernetes (Additional registration + fee required)
Location: 901 5th Avenue, Seattle, WA (0.5 miles from the Convention Center)

If you're relatively new to Kubernetes and keen to get hands-on, this is an ideal entry point. In this workshop we will start with Kubernetes fundamentals, and by day's end you will have deployed your first cluster in our lab environment.

Agenda:
12:00PM - 1:00PM. Lunch provided by Heptio
1:00PM - 2:45PM. Kubernetes first principles
2:45PM - 3:00PM. Break
3:00PM - 4:30PM. Hands on cluster deployment
4:30PM - 5:00PM. Questions and wrap-up
Contact: academy@heptio.com with questions

Sold Out
 

Monday December 10, 2018 12:00pm - 5:00pm
901 5th Avenue, Seattle, WA

1:00pm

DigitalOcean TIDE: Kubernetes Unconference (Additional registration required)
Join fellow Kubernetes practitioners for an afternoon of Birds-of-a-Feather sessions around simple ways to deploy, scale, and manage container workloads in the cloud.

DigitalOcean TIDE: Kubernetes Unconference brings together industry experts for discussions that will leave you excited and inspired. Bring your burning questions for our special guest speaker, and pick up ideas and best practices from one another.

SOLD OUT

Monday December 10, 2018 1:00pm - 5:00pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building

1:00pm

Linkerd in Production 101 by Buoyant (Additional registration + fee required)
Registration Fees: $250

This is a hands-on workshop that teaches how to use Linkerd in production, covering both Kubernetes and non-Kubernetes environments. This workshop is presented by Buoyant, the primary sponsors of the Linkerd project, and includes training by Linkerd maintainers.

How to register: Pre-registration is required. To register for the Linkerd in Production 101, add it on during your KubeCon + CloudNativeCon registration.

Monday December 10, 2018 1:00pm - 5:00pm
Skagit 1 @ TCC The Conference Center (TCC) - Separate from WSCC building

4:00pm

Kick-off KubeCon with IBM Cloud Garage’s ArcadeCon (Pre-Registration is Required; Details in Description)
Registration Fees: Free; Register HERE

The IBM Cloud Garage arrives in Seattle for KubeCon! Need to tune up your cloud strategy? Drop by to learn how while playing some of your favorite arcade games.
Leave your quarters at home because this one is on us.

What is the IBM Cloud Garage?
IBM Cloud Garages are a network of physical hubs around the world, designed to help enterprises spark new cloud innovation and build new solutions for customers. Using the prescriptive IBM Garage Method, we bring together client stakeholders in an immersive, agile environment to work side-by-side with cloud experts and rapidly innovate on IBM Cloud.

About the Evening
Socialize with KubeCon Attendees & IBM developers in a fun arcade atmosphere while learning how the IBM Cloud Garage can accelerate your adoption of:
• Cloud Native Development
• DevOps
• AI
• IoT
• Blockchain

How to register: Pre-registration is required. Sign up now!

Monday December 10, 2018 4:00pm - 6:00pm
Location known only to registrants

5:00pm

Lightning Talk: Introduction to GitOps Deployment to Kubernetes - Jun Sakata, Ubie, Inc.
There exist many practices for continuous deployment to Kubernetes. Among them GitOps goes well with declarative configuration of Kubernetes, and leads to more reliable configuration management. GitOps was introduced by Weaveworks, but it is a whole new concept. All you need is the git controlled deployment manifest. In this lightning talk, I will show how to start it, example pipelines an workflows.

Speakers
avatar for Jun Sakata

Jun Sakata

Software Engineer, Infrastructure, Ubie, Inc.
I am a software engineer at Ubie, Inc, medical startup in Japan, and am responsible for architecting, implementing, and operating services on public cloud. This includes creating container orchestration environment, deployment pipelines, and team workflows. Currently I focus on running... Read More →



Monday December 10, 2018 5:00pm - 5:05pm
Ballroom 6A

5:05pm

Lightning Talk: Overengineering your Chatbot for Fun and Science - Andrew Gao, Capital One
Chatbots are fun! They are also universally useful no matter what kind of developer you are. Whether you are building out a customer service bot or automating daily tasks through your preferred Chat program, the barrier to entry for making a chatbot can be trivially low and allow everyone on your team to contribute. So what better way to learn about your technology ecosystem than by throwing it all on your Chatbot? Please join us as we take what could have been a 10 line microservice and turn it into a containerized distributed highly available passion project with a dash of open-source Machine Learning frameworks running on Kubernetes.
 
 Topics:
 - Chatbot Overview
 - Making your Chatbot run on Kubernetes
 - Distributing your Chatbot
 - Giving your Chatbot Persistent state
 - Blue/Green Push button deployments for your Chatbot
 - Empowering your Chatbot with ML

Speakers
AG

Andrew Gao

Software Engineer, Capital One
Andrew is a Software Engineer with a focus in the real-time fraud decisioning space. Most recently Andrew has been working with his team to create a multi-tenant Kubernetes-based platform to handle all the fraud models for Capital One Bank. Outside of work Andrew is passionate about... Read More →


Monday December 10, 2018 5:05pm - 5:10pm
Ballroom 6A

5:10pm

Lightning Talk: CRDs Aren't Just for Add-Ons Anymore - Painting a Picture of the Future - Tim Hockin, Google
Kubernetes has a huge contributor community. There is a steady flow of new ideas for things Kubernetes could or should do, and those almost always change the API in some way. We already have a broad API - we can't grow the scope forever.

This talk will lay out a vision for how our thinking is evolving around API definitions and growth. The API machinery is evolving and becoming more general-purpose. We can use that to our advantage, enabling more modular and consistently defined APIs.

Put another way: "I heard a rumor that all new APIs have to be CRDs, is that true?" Let's chat.

Speakers
avatar for Tim Hockin

Tim Hockin

Principal Software Engineer, Google
Tim is a principal software engineer at Google, where he works on the Kubernetes and Google Container Engine (GKE). He is a co-founder of the Kubernetes project, and he is responsible for topics like networking, storage, node, multi-cluster, resource isolation, and cluster sharing... Read More →



Monday December 10, 2018 5:10pm - 5:15pm
Ballroom 6A

5:15pm

Lightning Talk: Labels in Prometheus Alerts: Think Twice Before Using Them - Elena Morozova, Weaveworks
As developers, we hear a lot about the importance of monitoring and alerts. But without proper notification, we might spend too much time trying to understand what really is going on.
In this talk, Elena will give you an overview of common caveats of using labels in alerts and demonstrate some technics how to get concise and easy to understand notifications.

Speakers
avatar for Elena Morozova

Elena Morozova

Software engineer, Weaveworks
Elena Morozova is a software engineer at Weaveworks, a company dedicated to simplifying deployment, observability, and monitoring for containers and microservices. She is a co-organizer of the Women Who Go San Francisco meetup. She is excited about Go, containers, kubernetes, and... Read More →



Monday December 10, 2018 5:15pm - 5:20pm
Ballroom 6A
  • Skill Level Any

5:20pm

Lightning Talk: Behind The Scenes: Kubernetes Release Notes Tips & Tricks - Mike Arpaia, Kolide
This session aims to shed more light on the release note process from the Kubernetes contributor's point of view. We will briefly discuss the entire release note process from PR to release day. We will pay special attention to the labels and prow commands that contributors can (and should!) use to add context to PRs so that the release note automation can most effectively sort and prepare the document. Finally, we will discuss some common copy-editing tips and tricks that you can use to make sure the final document is consistent and helpful for end-users (spoiler: write your note in the past tense!).

Speakers
avatar for Mike Arpaia

Mike Arpaia

Co-Founder & CTO, Kolide
Mike is the CTO and Co-Founder of Kolide, a security-first infrastructure analytics company. Kolide's technology is based on an open-source operating system analytics tool called osquery which Mike created, open-sourced, and widely deployed while working at Facebook. | | A fan... Read More →



Monday December 10, 2018 5:20pm - 5:25pm
Ballroom 6A

5:25pm

Lightning Talk: Monitoring Kubernetes with BPF and Prometheus - Jonathan Perry, Flowtune
Kubernetes has made it incredibly easy to build distributed applications out of large numbers of microservices. But monitoring, or even accurately tracking, the interaction between each of these services can be a challenge.

In this talk, we will explain how BPF (Berkeley Packet Filter) can be used to monitor your Kubernetes cluster and its services without any per-service code changes or instrumentation. Specifically, we’ll show you how network flows between pods gathered with BPF and captured with Prometheus can be used to visualize service dependencies and identify issues in your distributed applications.

Speakers
avatar for Jonathan Perry

Jonathan Perry

CEO / Co-Founder, Flowmill
Jonathan is CEO at Flowmill. Jonathan was a Facebook fellow and previously worked for 7 years in communication systems R&D and HPC algorithm development in the Israeli Defense Force (IDF). Jonathan received his Ph.D. from MIT CSAIL‘s Networks and Mobile Systems group, where his... Read More →



Monday December 10, 2018 5:25pm - 5:30pm
Ballroom 6A

5:45pm

Lightning Talk: Spawning Kubernetes In CI For Integration Tests - Marko Mudrinić, Loodse
Making sure a Kubernetes operator works correctly is a very important step before deploying it to production. Without good integration and E2E test coverage, it’s easy for a bug to get in.

Therefore everybody who is seriously developing operators will face the problem of spawning Kubernetes in CI: integration tests assume a complete Kubernetes cluster. There are many solutions for bootstrapping clusters, but many of them don’t work in CI or require additional configuration.

In this talk we’ll take a quick look at the most popular solutions for running Kubernetes in CI, such as Minikube and DIND. We’ll compare those solutions and see what the requirements for each of them are.

Speakers
avatar for Marko Mudrinić

Marko Mudrinić

Software Developer, Loodse
Marko is a Student at the University of Belgrade and a Software Developer at Loodse. Previously, he was a Google Summer of Code student under the Cloud Native Computing Foundation and Kubernetes. While working as a GSoC student, he implemented the etcdproxy-controller, which offers... Read More →



Monday December 10, 2018 5:45pm - 5:50pm
Ballroom 6A

5:50pm

Lightning Talk: Running Kubernetes in the Federal Government - John Osborne, Red Hat
Tackling security compliance is a long and challenging process for agencies, systems integrators, and vendors trying to launch new information systems in the federal government. Each new information system must go through the Risk Management Framework (RMF) created by the National Institute of Standards and Technology (NIST) in order to obtain authority to operate (ATO). This process is often long and tedious and can last for over a year.
 
 Open Control is a new standard by 18F, an agency bringing lean start-up methods to the U.S. Government, in order to address ATO repeatability. Red Hat has worked with 18F to help create a Kuberenetes implementation based on Open Control to automate much of the ATO process for Kubernetes systems.

Speakers
JO

John Osborne

Principal OpenShift Architect, Red Hat
John Osborne is a Principal OpenShift Architect dedicated to Red Hat Public Sector customers. He has been largely focused on the role of Kubernetes in government IT modernization for over 3 years. Before his arrival at Red Hat, he worked at a start-up and then spent 7 years with the... Read More →


Monday December 10, 2018 5:50pm - 5:55pm
Ballroom 6A
  • Skill Level Any

5:55pm

Lightning Talk: Optimizing Kubernetes Networking at Datadog - Laurent Bernaille, Datadog
As your applications become composed of more and more microservices, network traffic becomes challenging both in terms of latency and throughput. Datadog applications are network-intensive, so we invested a lot of time in optimizing the network when we started to migrate to Kubernetes to minimize the induced overhead. This talk will start by giving a quick overview of our challenges. It will then explain how we manage the different types of traffic: pod-to-pod, pod-to-service and ingress. For all of those, I will show how our setup evolved and why and what we are looking into for the future. The talk will detail the CNI and ingress plugins we explored and the issues we faced along the way, as well as some contributions we made to these projects.

Speakers
LB

Laurent Bernaille

Staff Engineer, Datadog
Laurent Bernaille worked several years as a consultant specialized in cloud, containers, and automation and helped organizations migrate to the public cloud, adopt containers and improve their deployment pipelines. He is now Staff Engineer at Datadog and works in the Compute team... Read More →


Monday December 10, 2018 5:55pm - 6:00pm
Ballroom 6A

6:00pm

Lightning Talk: Connect from Browsers Using gRPC-Web - Stanley Cheung, Google
We are delighted to introduce gRPC-Web, a cross-browser javascript library which allows developers to write web applications that connect to gRPC servers. In this lightning talk, we will briefly talk about the gRPC-Web protocol and deployment model. We will also show a quick demo on how easy it is to start writing a browser application with gRPC-Web and Protobuf. With gRPC-Web, you get a very familiar gRPC-style API compared to other languages supported by gRPC. We will also talk about how future holds and what we have planned in the roadmap.

Speakers
avatar for Stanley Cheung

Stanley Cheung

Senior Software Engineer, Google
Stanley is a software engineer from Google, who has worked on gRPC for the past 3 years. Stanley has mostly contributed to gRPC PHP and Browser JS libraries and is a big fan of open source software.



Monday December 10, 2018 6:00pm - 6:05pm
Ballroom 6A

6:00pm

LF Networking Reception
LF Networking, an initiative at the Linux Foundation made up of several prominent projects in the open networking stack — FD.io, ONAP, OpenDaylight, ONFV, PNDA, SNAS, and Tungsten Fabric, will be hosting a reception onsite at KubeCon + CloudNativeCon North America.

You’re invited to come meet with our community, get a sense for the LF Networking project portfolio, and talk through some of the opportunities and challenges on the path to cloud native.

There will be a series of 5-minute lightning talks from several LFN projects and plenty of time for socializing with appetizers, beer, and wine.

The reception is free and open to all KubeCon + CloudNativeCon registrants. Join us!

Monday December 10, 2018 6:00pm - 8:00pm
4C-4

6:05pm

Lightning Talk: How You Too Can Find a Needle in the Haystack - Shreya Sharma, Expedia Inc.
"How Expedia implemented tracing resolving their needs for diagnostics which ended up being it's very first open source product and how to benefit from it".

Expedia runs hundreds of microservices, but what happens when one or more services fail at the same time? To improve the observability and quality of service, we realize a need to connect these failure points across the distributed topology to reduce mean time to know and resolve.

I will present a quick journey of distributed tracing that started with Zipkin and ended in building our own solution in open source. We designed the system using Kafka (KStreams), Cassandra, ElasticSearch and MetricTank with the key focus on extensibility and OpenTracing principles. I will brush upon distributed tracing, trending, and statistical alerting components and how containerizing them on Kubernetes helps us ingest terabytes of data per day!

Speakers
avatar for Shreya Sharma

Shreya Sharma

Technical Product Manager, Expedia Inc.
Shreya Sharma is working as a technical product manager for the past year on the first open source product by Expedia. She is happiest when talking about the problems they solved, the various approaches they tried and the challenges they overcame. | | She’s previously worked... Read More →


Monday December 10, 2018 6:05pm - 6:10pm
Ballroom 6A
  • Skill Level Any

6:10pm

Lightning Talk: The Future of Humans in a World of Automation - Kendall Miller, ReactiveOps
The cloud providers have built service after service in an attempt to automate away the need for ops professionals. So where is the future for people in ops? Is there a future or should the engineers who are building tools for engineers get out now?

This will be a fast paced discussion about the places where people are still needed, and an argument for why people will always be needed, even if in less numbers than before.

Yes, the world is bleak and terrifying. Yes, AWS is literally out to remove the need for you on this planet. But there is still hope.... (And I'm not talking about a future where ops people are paid $500/hr like COBOL devs are because they've become so rare...)

Speakers
avatar for Kendall Miller

Kendall Miller

COO, ReactiveOps
Kendall is COO of ReactiveOps, a Kubernetes-focused DevOps-as-a-Service company. Every day he talks to companies that have found the latest greatest technology and still want someone to help with it. | | He co-hosts and runs the Denver Leadership Meetup and a leadership podcast... Read More →



Monday December 10, 2018 6:10pm - 6:15pm
Ballroom 6A

6:30pm

Lightning Talk: Cloud TPU? Don’t Mind If I Do - Nathan Murthy, Tesla
Application-Specific Integrated Circuits (ASICs) have unleashed a wave technological of breakthroughs that have accelerated the pace of development and performance of products up and down the stack. Machine learning libraries like Tensorflow can benefit from these new tightly-integrated hardware architectures. Once exclusive to Google’s data centers, Tensor Processing Units are now available as cloud compute resources to everyone. At Tesla these breakthroughs offer potentially new avenues for our AI/ML projects to grow.

Speakers
avatar for Nathan Murthy

Nathan Murthy

Staff Software Engineer, Tesla
Nathan currently works at Tesla developing services for managing distributed energy resources at scale. He is passionate about sustainable energy and has written software for startups, big companies, commercial R&D teams, and academia.


Monday December 10, 2018 6:30pm - 6:35pm
Ballroom 6A
  • Skill Level Any

6:35pm

Lightning Talk: How Fast Was My Database? - Josh Berkus, Red Hat
"I know my database will be slower on Kubernetes and cloud native storage, but HOW MUCH slower?"

This is a question everyone thinking of moving traditionally hosted stateful services like database to Kubernetes ask all the time. And until now, we haven't had good answers. This presentation will detail a series of microbenchmarks on PostgreSQL running on and off Kubernetes in a variety of configurations, including bare metal, local storage, gluster, and rook. You'll get a solid idea of what the cost in latency and throughput is for abstracting away your storage problems, and be able to make platform decisions for yourself.

Speakers
avatar for Josh Berkus

Josh Berkus

Kubernetes Community Manager, Red Hat
Josh Berkus is the Kubernetes Community Manager for Red Hat and a member of SIG-Release and SIG-Contribex. Before joining the Kubernetes project, he spent 18 years working on PostgreSQL, and many other open source projects including OpenOffice. Josh lives in Portland, OR with a librarian... Read More →


Monday December 10, 2018 6:35pm - 6:40pm
Ballroom 6A
  • Skill Level Any

6:40pm

Lightning Talk: Kubernetes Community, A Story Told by Emojis and Slack Data - Paris Pittman, Google
As of August 2018, the Kubernetes slack community has almost 45,000 members. With well over 170 channels to choose from, contributors and users alike, can converse with each other on a wide range of topics. By analyzing these channel topics alone could get us a 'whats trending in Kubernetes without the noise from other platforms -- so what other data do we have and what pictures can we paint?

During this talk, Paris will use past and current Slack data to tell interesting stories -- including emoji usage! Emojis can measure reactions in ways that words on a screen can't. She will even slip in a few slack admin antidotes on running an instance this large.

Speakers
avatar for Paris Pittman

Paris Pittman

DevRel Program Manager, Kubernetes Community, Google
Paris is a Developer Relations Program Manager on Google Cloud's Open Source Strategy team focusing on the Kubernetes Community. She is a co-chair of the special interest group for Contributor Experience and an organizer of Bay Area Kubernetes Meetup with 4,000 members. She has 14... Read More →


Monday December 10, 2018 6:40pm - 6:45pm
Ballroom 6A

6:45pm

Lightning Talk: CoreDNS Over gRPC: Reliable Service Discovery for Kubernetes - Yong Tang, MobileIron, Inc.
While service discovery in Kubernetes may be provided via multiple mechanisms, DNS is the most commonly used and highly recommended for its ease of use. One challenge with DNS-based service discovery though is the unreliable nature of the UDP protocol used by DNS. There is no guarantee of the delivery for the query and response of service records.

In this discussion, we provide a mechanism of CoreDNS over gRPC to address the reliability issue of DNS-based service discovery. As a flexible DNS server, CoreDNS is capable of transport over multiple protocols besides traditional UDP. With DNS over gRPC for inter-node communication and normal UDP for local-node DNS serving, we are able to achieve the much-needed reliability while maintaining the easy-to-use DNS front end for service discovery in Kubernetes clusters.

Speakers
YT

Yong Tang

Director of Engineering, MobileIron, Inc.
Yong Tang is the Director of Engineering for cloud platform at MobileIron, Inc. He contributes to different cloud-native and machine learning projects for the open source community. He is currently a committer of CoreDNS with a focus on Kubernetes integration and cloud service discovery... Read More →



Monday December 10, 2018 6:45pm - 6:50pm
Ballroom 6A

6:50pm

Lightning Talk: PID Autoscaling Strava's Linkerd Service Mesh Using Prometheus Data - J Evans, Strava
Strava’s traffic fluctuates alongside our athletes’ weekly exercise habits. Our service infrastructure must dynamically scale to meet constantly changing demands efficiently and cost effectively. This is becoming increasingly important as we augment our ensemble of microservices to provide our community with a richer feature set. In this presentation, J Evans will describe how Strava leverages Linkerd, and its seamless integrations into open source monitoring tools, to maintain observability and enforce consistency throughout their service mesh. Specifically, he will demonstrate how Strava uses Prometheus to aggregate metrics at the control plane (Linkerd) and application layer to fine tune a proportional-integral-derivative (PID) auto scaling system capable of maintaining high resource utilization across the Strava platform.

Speakers
avatar for J Evans

J Evans

Infrastructure Engineer, Strava
At work, our team develops scalable infrastructure using best-in-class CNCF projects. We're a Ruby + Scala shop, powering a social sharing platform for athletes around the world to motivate and challenge one another. | | At home, I like reinventing wheels and doing things the hard... Read More →



Monday December 10, 2018 6:50pm - 6:55pm
Ballroom 6A

6:55pm

Lightning Talk: Kubegres: Accessing K8s From Postgres - Liz Frost, Heptio
Postgres is a very versatile database. In addition to regular SQL queries, you can use a Foreign Data Wrapper to make anything - other databases, JSON files, Twitter - appear to be just another set of tables in the database. This includes Kubernetes! In this lighting talk I will show off querying cluster information, starting and stopping pods, and more… all from inside a postgres SQL prompt. Along the way, I’ll explain a bin about the Postgres foreign data wrapper model, how to use the Go client for Kubernetes, and show off some fun statistics you can gather when your whole cluster is a database.

Speakers
avatar for Liz Frost

Liz Frost

Software Engineer, Heptio
Liz is a software engineer, diversity advocate, and fan of colourful ponies. She works at Heptio, previously of Heroku and Activision, and has previously spoken at DevOpsDays Boston and AlterConf Portland. She lives in New York City with her chosen family and extremely fluffy dog... Read More →



Monday December 10, 2018 6:55pm - 7:00pm
Ballroom 6A

7:00pm

EmpowHER Reception sponsored by Comcast
Join other women attending KubeCon + CloudNativeCon North America for sparkling conversation and community at a truly unique Seattle restaurant. Through their restaurants, cafes, catering and programs, Fare Start has been helping people in poverty for over 25 years to overcome barriers by teaching them work and life skills needed to succeed in the food service industry. Learn more!

Attendees will have an opportunity to get to know one another and network with other women in the tech industry from around the globe. Conversation during the event will include adoption, usability and life-hacks of distributed systems and containers, app development and current events in Kubernetes and other cloud native technologies, ways to increase inclusivity in our fast-growing ecosystem, and how to get involved with different Cloud Native projects.

Fare Start is only 0.4 miles from WSCC - a short walk (if it's dry!) or quick drive away.

Register Now

Monday December 10, 2018 7:00pm - 9:00pm
Fare Start Restaurant 700 Virginia Street, Seattle, WA 98101
 
Tuesday, December 11
 

7:00am

Badge Pickup at Hyatt
Tuesday December 11, 2018 7:00am - 10:00am
Grand Hyatt Seattle 721 Pine Street Seattle, Washington, United States, 98101

7:00am

Badge Pickup at Hyatt Olive 8
Tuesday December 11, 2018 7:00am - 10:00am
Olive 8 737 Olive Way, Seattle, WA 98101

7:00am

Badge Pickup at Renaissance
Tuesday December 11, 2018 7:00am - 10:00am
Renaissance Seattle 515 Madison St, Seattle, WA 98104

7:00am

Badge Pickup at Sheraton
Tuesday December 11, 2018 7:00am - 10:00am
Sheraton Seattle 1400 6th Ave, Seattle, WA 98101

7:00am

Badge Pickup at Westin
Tuesday December 11, 2018 7:00am - 10:00am
The Westin Seattle 1900 5th Ave, Seattle, WA 98101

7:00am

Badge Pickup at WSCC
Tuesday December 11, 2018 7:00am - 8:30pm
Atrium Lobby, 4th Floor

7:30am

The New Stack Pancake Breakfast & Podcast: Mono to Micro to FaaS: A Macro Challenge, Sponsored by Oracle
The move to a more agile, cloud native architecture means first breaking down the monolith into loosely coupled microservices. And for those organizations ready to take the next step, breaking those down further still into nano-services, or even smaller functions. All of these tiny services make it tempting for developers to focus only on their own piece of the application. But application design must be considered at a macro level in order to form a holistic strategy. Join Oracle for this discussion of how they moved from mono to micro to Functions as a Service (Faas), how to think through the transition and the complications you may encounter along the way.

Please join hosts Alex Williams, Founder & Editor-in-Chief and Joab Jackson, Managing Editor, of The New Stack for pancakes and a panel discussion.
  • 7:30am - 8:00am:  Pancakes Served
  • 8:00am - 8:45am:  Panel Discussion



Moderators
avatar for Joab Jackson

Joab Jackson

Managing Editor, The New Stack
avatar for Alex Williams

Alex Williams

Founder & Editor-in-Chief, The New Stack

Speakers
avatar for Chad Arimura

Chad Arimura

VP Serverless Advocacy, Former CEO and Cofounder of Iron.IO, Oracle
Chad Arimura is Vice President of Serverless at Oracle, currently leading The Fn Project, open source serverless FaaS platform and orchestration. Prior to this he was a three-time entrepreneur, most recently as co-founder and CEO of Iron.io that had a multi-million dollar ARR business helping pioneer serverless computing. Iron.Io was acquired by Oracle in 2017. | Chad’s speaking engagements include: serverless computing, entrepreneurship, building teams, culture, and other topics... Read More →
TP

Tom Petrocelli

Research Fellow, Amalgam Insights
avatar for Ara Pulido

Ara Pulido

Engineering Manager, Bitnami
Ara Pulido is an Engineering Manager at Bitnami, where she leads the Kubernetes and the SRE teams. The Kubernetes team at Bitnami is responsible of maintaining open source projects like Kubeapps, Kubeless, Sealed Secrets and others. She has more than 10 years of experience working... Read More →
avatar for Christopher Woods

Christopher Woods

Research Software Engineer, University of Bristol
Christopher Woods manages the Research Software Engineering (RSE) Group at the University of Bristol. He is an EPSRC RSE Fellow and Joint-Chair of the UK RSE Association. He obtained his undergraduate and postgraduate degrees in Chemistry from the University of Southampton, working... Read More →


Tuesday December 11, 2018 7:30am - 8:45am
Chelan 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

7:30am

Breakfast
Tuesday December 11, 2018 7:30am - 9:00am
Hall 4AB

7:30am

Sponsor Showcase
Visit with sponsors, network with fellow attendees and enjoy food & drinks in the Sponsor Showcase.

Tuesday December 11, 2018 7:30am - 8:45pm
Hall 4AB

9:00am

Keynote: Opening Remarks + CNCF Community Updates – Liz Rice, Technology Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →



Tuesday December 11, 2018 9:00am - 9:30am
Hall 4EF
  • Skill Level Any

9:18am

Keynote: Helm Update - Michelle Noorali, Senior Software Engineer, Microsoft
Speakers
avatar for Michelle Noorali

Michelle Noorali

Senior Software Engineer 高级软件工程师, Microsoft
Michelle Noorali is a Sr. Software Engineer at Microsoft. She is a core maintainer on open source projects in the Kubernetes ecosystem including Helm and Draft. She has been involved in the Kubernetes community since 2015 and serves on the Kubernetes Steering Committee. She is passionate... Read More →



Tuesday December 11, 2018 9:18am - 9:24am
Hall 4EF
  • Skill Level Any

9:25am

Keynote: Envoy Update – Matt Klein, Senior Software Engineer, Constance Caramanolis, Software Engineer, & Jose Nino, Software Engineer, Lyft
Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Lyft
Constance Caramanolis is a Software Engineer at Lyft working on the Server Networking team. For the past two years, she has built and deployed Envoy and its ecosystem. Constance focuses on configuration management, network security and engineering education. In addition, she is an... Read More →
avatar for Matt Klein

Matt Klein

Software Engineer, Lyft
JN

Jose Nino

Software Engineer, Lyft
Jose Nino is the lead for Core Server Networking group at Lyft. During his time at Lyft, Jose has been instrumental in creating systems to scale Lyft's Envoy production environment for increasingly large deployments and engineering orgs. He has worked as an open source Envoy maintainer... Read More →



Tuesday December 11, 2018 9:25am - 9:29am
Hall 4EF
  • Skill Level Any

9:32am

Keynote: 5 Years of etcd: Past, Present, and Future - Brandon Philips, CTO CoreOS, Red Hat & Xiang Li, Senior Staff Software Engineer, Alibaba
In July 2013 the etcd project was announced to solve a critical problem for CoreOS: how to safely coordinate unattended automatic software updates across a cluster of Linux nodes. Today hundreds of companies use etcd as part of their production systems to hold critical data for their Kubernetes clusters, network systems, monitoring systems, and much more.
 
 But, how did etcd evolve into a critical system in the Cloud Native ecosystem?
 
This talk will cover the 5-year history of etcd from the stumbles, use cases, and technical evolution. We will also dive into the trade-offs that were made as the system went from theoretical prototype to a production ready workhorse. And touch on where the project is going as it moves into the CNCF.
 
There is no expectation of prior knowledge of etcd or how it works. The ideal audience member has a love for distributed systems, and operations.

Speakers
XL

Xiang Li

Senior Staff Engineer, Alibaba
Xiang is a Senior Staff Engineer of Alibaba. He works on Alibaba’s cluster management system and helps with Kubernetes adoption for the entire Alibaba group. Prior to Alibaba, Xiang led the Kubernetes upstream team at CoreOS. He is also the creator of etcd and Kubernetes operator... Read More →
avatar for Brandon Philips

Brandon Philips

CTO CoreOS, Red Hat
Brandon Philips, as co-founder and CTO at CoreOS, is building modern server infrastructure. He leads teams building enterprise products, like CoreOS Tectonic, the enterprise-ready Kubernetes platform, and pioneering cloud native open source projects like Container Linux. Prior to... Read More →



Tuesday December 11, 2018 9:32am - 9:42am
Hall 4EF
  • Skill Level Any

9:44am

Keynote: Kubernetes, Istio, Knative: The New Open Cloud Stack - Aparna Sinha, Group Product Manager for Kubernetes, Google
Kubernetes has succeeded in its initial mission. Launched by Google as an open source platform built on the foundations of Borg, Kubernetes has grown into an enterprise platform, with a strong community and adoption across all major industries. But Kubernetes is not meant to merely run on multiple clouds, it is meant to be a complete cloud that shields users from the underlying infrastructure, while providing developers a secure, efficient, productive experience for developing and operating any app. During this presentation, we describe the full-stack vision of a Kubernetes-native cloud. One that spans on-prem and cloud providers, serves all types of applications and provides a serverless developer experience. We demonstrate the vision with a stack that mirrors closely what Google has built internally and now open sourced to the Kubernetes ecosystem.

Speakers
avatar for Aparna Sinha

Aparna Sinha

Group Product Manager for Kubernetes, Google
Aparna Sinha leads the product team for Kubernetes at Google. Her work is focused on transforming the way we work through technology innovation. Before Kubernetes, Aparna worked on the Android platform at Google. Prior to that she was Director of Product at NetApp where she led storage... Read More →



Tuesday December 11, 2018 9:44am - 9:49am
Hall 4EF
  • Skill Level Any

9:51am

Keynote: Charting a Path to Take Kubernetes to 100,000 Enterprises - Wendy Cartee, Senior Director of Cloud Native Advocacy, VMware
What will it take for Kubernetes to be adopted by 100,000 enterprises? While Kubernetes has gained early adoption with significant contributions from the community, the majority of enterprises has yet to learn and use Kubernetes. In this talk, we share our experience working with large and small organizations, and how we are working with customers and the Kubernetes community to drive adoption.


Speakers
avatar for Wendy Cartee

Wendy Cartee

Senior Director of Cloud Native Advocacy, VMware
Wendy Cartee is head of Cloud Native Advocacy at VMware where she works across engineering, field, partners, and customers to drive awareness and adoption of cloud native technologies. Wendy has been in open source for nearly a decade and helped form the Linux Foundation’s IO Visor... Read More →



Tuesday December 11, 2018 9:51am - 9:56am
Hall 4EF
  • Skill Level Any

9:58am

Keynote: Phippy Goes to the Zoo: A Kubernetes Story - Matt Butcher, Principal Software Engineer & Karen Chu, Community Manager, Microsoft
Settle in for story time and listen to the official sequel to the Children's Illustrated Guide to Kubernetes. Follow the tale of Phippy and her niece as they take an educational trip to the Kubernetes Zoo.

Speakers
avatar for Matt Butcher

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Engineer at Microsoft, where he leads the team that created Helm, Draft, and Brigade. He is the author of the Children's Illustrated Guide to Kubernetes, as well as eight "serious" books. Matt holds a Ph.D. in philosophy and teaches in the computer... Read More →
avatar for Karen Chu

Karen Chu

Community Manager, Microsoft
Karen Chu is a Community Manager at Azure, with a focus on Azure Container Services (AKS) and open source container-native developer tools such as Helm, Virtual Kubelet, and more. When she's not helping connect dots in the community, you can find her traveling and pursuing photog... Read More →



Tuesday December 11, 2018 9:58am - 10:18am
Hall 4EF
  • Skill Level Any

10:18am

Keynote: Closing Remarks – Janet Kuo, Software Engineer, Google
Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer 软件工程师, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →


Tuesday December 11, 2018 10:18am - 10:20am
Hall 4EF
  • Skill Level Any

10:20am

Coffee Break
Tuesday December 11, 2018 10:20am - 10:50am
Hall 4AB

10:30am

Meet the Maintainer: Cortex, CNI - Bryan Boreham, Weaveworks
Speakers
avatar for Bryan Boreham

Bryan Boreham

Director of Engineering, Weaveworks
Bryan is Director of Engineering at Weaveworks, delivering deployment, observability and monitoring for containers and microservices. | | Previously, Bryan has worked on many kinds of systems including financial trading, factory control and cake-shop. Outside of work he is a father... Read More →


Tuesday December 11, 2018 10:30am - 11:00am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

10:30am

Meet the Maintainer: Fluentd/Fluent Bit - Eduardo Silva, Treasure Data
Speakers
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, ARM Treasure Data
Eduardo is a Principal Engineer at "ARM / Treasure Data". He currently leads the efforts to make logging more scalable in Containerized and Orchestrated systems such as Kubernetes. Maintainer of Fluent Bit.


Tuesday December 11, 2018 10:30am - 11:00am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

10:50am

Getting The Most Out Of Kubernetes with Resource Limits and Load Testing - Harrison Harnisch, Buffer
You've carefully crafted your first K8s service, and you're ready to deploy it to production. Well, not quite: there are still some important unknowns to understand before your service will be ready for production. It's still unclear how the new service behaves when it's being pushed, and it's possible that K8s will kill the service before serving a single request. At Buffer, we've developed a technique to optimize K8s deployment limits using load testing to identify optimal resource limits. When the service is under heavy load there are a few key metrics to watch to identify bottlenecks. These key metrics can be used to adjust resource limits. This approach allowed us to safely and efficiently switch over more than half our production traffic to our K8s cluster and can be applied to any application.

This talk will include a live demo of how to tune Etcd using methods we do at Buffer.

Speakers
avatar for Harrison Harnisch

Harrison Harnisch

Staff Software Engineer, ZEIT
Harrison is a Staff Software Engineer at Buffer, implementing the transition to microservices with Kubernetes and Docker. He's given talks at KubeconEU and KubeconUS about setting resource limits.



Tuesday December 11, 2018 10:50am - 11:25am
Ballroom 6E
  • Skill Level Any

10:50am

Intro: KubeVirt BoF - Daniel Gonzalez Nothnagel, SAP & Ryan Hallisey, Red Hat
KubeVirt extends Kubernetes with the ability to run virtual machine
workloads, as Kubernetes itself is not able to launch those. To do so
KubeVirt introduces dedicated custom resources around virtualization
to have enough flexibility to build and tune VMs towards existing and
new use-cases. While Kubernetes is a great platform for cloud-native
workloads there are also many workloads that require more isolation
than containers can provide, or are just in general better served with
VMs than with containers.

KubeVirt aims at a seamless integration with Kubernetes in order to
create one consistent cloud-native API for container and virtual
workloads, sharing the same storage, network, and compute resources.
In this BoF we will be discussing the basics and different use-cases
of KubeVirt and adjacent projects. As an example we will explore how
KubeVirt VMs can be used as nodes for a Kubernetes cluster,
effectively allowing to run Kubernetes on Kubernetes.

Speakers
avatar for Ryan Hallisey

Ryan Hallisey

Software Engineer, Red Hat
Ryan is a software engineer at Red Hat. He has been working with containers and kubernetes for 4 years. Worked on OpenStack and Kubernetes integration before transitioning over to Kubernetes full time. He's worked on the service-catalog, automation broker, and is now working on... Read More →
avatar for Daniel Gonzalez Nothnagel

Daniel Gonzalez Nothnagel

Cloud Infrastructure Developer, SAP
Daniel is a Software Developer at SAP, focusing on Cloud Infrastructure. He worked on OpenStack since 2015 on different upstream OpenStack projects and helped to operate private OpenStack installations at SAP. | He started to work on Kubernetes when more and more workloads required... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
618-620
  • Skill Level Any

10:50am

Cloud Jumping with Kubernetes - James Bowes, Manifold
Kubernetes promises a degree of freedom from cloud vendor lock-in, providing an API and runtime for containers that most cloud providers support. Beyond the core of container orchestration, there are abstractions for load balancers, persistent storage and autoscaling, to name a few. With this in mind, when Manifold set out to switch cloud providers, we decided to do so by first using as many abstractions in the Kubernetes ecosystem as possible.

In this talk, we will explore how Manifold used Kubernetes to migrate between cloud providers. We will look at how to identify cloud specific services and APIs in use in your application, and how Manifold evaluated whether to uplift to a Kubernetes abstraction, translate to the other cloud provider’s service, or keep as is. Finally, we will discuss the challenges and successes of the actual migration between cloud providers.

Speakers
avatar for James Bowes

James Bowes

Technical Lead, Manifold
James Bowes is the Technical Lead at Manifold. Over his 13 year career he has worked for companies like Red Hat and Salesforce as a senior member of the technical staff. James has scaled early stage startups and also managed and sustained large organizations. James is mainly a backend... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
4C 1/2
  • Skill Level Any

10:50am

Birds of a Feather: What Should a Container Build Manifest Look Like? - Nisha Kumar, VMware
We create containers by reusing several pieces of software from disparate locations, internal and external to our organization. We then rely on the providers (trusted or not) of the pieces to publish the software component list, or we run vulnerability and compliance scan tools against the fully built containers before pushing it to an internal registry. These methods are more fail safes than applying software delivery best practices, i.e., start from a well defined Bill of Materials (BoM).

Can we build a container from a well defined software component manifest? What would that manifest look like? This BoF is to discuss what we need in order to build a better container delivery pipeline that adheres to software delivery best practices. To kick us off, I will present a survey on currently used tools and practices.

Speakers
avatar for Nisha Kumar

Nisha Kumar

Open Source Engineer, VMware
Nisha is the maintainer of the Tern project (https://github.com/vmware/tern). She is an Open Source Engineer advising on container compliance at VMware. She is also a hardware hacker and a mom.



Tuesday December 11, 2018 10:50am - 11:25am
606-609

10:50am

Panel Discussion: Growing Diversity in Open Source Projects – Moderated by Orna Berryman, Google
Diversity in open source projects is worse than in tech overall. When GitHub surveyed 5,500 open source users and developers from around the world on a range of topics, it also asked for demographic information. Of that randomly selected cohort, a full 95 percent of respondents were male. Only three percent identified as female.

This panel discussion will be focused on what we can and should do to increase the number of people with different backgrounds, skill sets and experience working on open source projects. The panel comprises of 3 women who work on various key aspects of the Istio project and participate in the Cloud Native community.

Moderators
Speakers
avatar for Jasmine Jaksic

Jasmine Jaksic

Lead Technical Program Manager, Google
Jasmine Jaksic works at Google as the lead technical program manager on Istio. She has 15 years of experience building and supporting various software products and services. She is a cofounder of Posture Monitor, an application for posture correction using 3D camera. She is also a... Read More →
avatar for Lin Sun

Lin Sun

Senior Technical Staff Member, IBM
Lin is an Istio contributor and maintainer, a member of the Istio steering committee and technical oversight committee. She is passionate about new technologies and love to play with them. She is a master inventor, currently, holds 100+ patents filed or pending with USPTO along with... Read More →
LW

Limin Wang

Software Engineer, Google
Limin Wang is a security technical lead for Istio project at Google. Before joining Google, she was a senior software engineer at VMware. Limin holds a PhD degree in Computer Science from Michigan State University.


Tuesday December 11, 2018 10:50am - 11:25am
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

10:50am

Towards a Vendor Neutral Kubernetes - Andrew Kim, DigitalOcean
With over 50 Kubernetes Certified Platforms and Distributions, building Kubernetes with an open cloud philosophy has never been more important. This comes with a large set of technical and organizational challenges, from supporting the diverse range of features on the cloud (e.g. persistent volumes, load balancers, etc) to sustainably adding new providers into the ecosystem.

In this session, Andrew, co-chair of SIG Cloud Provider, dives deep into what the community has been doing to move towards a vendor-neutral model with sustainability and portability as a top priority. He will discuss the migration of vendor-specific code out of Kubernetes core, architectural considerations of pluggable cloud provider features, the organizational challenges along the way, and the roadmap ahead.

Speakers
avatar for Andrew Sy Kim

Andrew Sy Kim

Software Engineer, DigitalOcean
Andrew is a Software Engineer at DigitalOcean and an active member of the Kubernetes community. He is one of the co-chairs of SIG Cloud Provider where he is currently working to extend and customize Kubernetes with a focus on multi-cloud portability and vendor neutrality. At DigitalOcean... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
Ballroom 6A
  • Skill Level Any

10:50am

Real-time Vision Processing on Kubernetes: Working with Data Locality - Yisui Hu, Google
Kubernetes as a general purpose cloud native application platform simplifies the operation of applications. Data processing is one of the common of applications that benefit from the power of Kubernetes. However attempting real-time computer vision processing on Kubernetes isn't that straightforward, as the maximum processing time for a single frame is expected to be less than 30ms to reach 30fps or no more than 60ms (15fps, start being laggy). This presentation demonstrates the actual issues, feature gaps encountered and workarounds applied running a real-time vision pipeline on Kubernetes from the presenter's hobby robotics project. The pipeline involves a few image pre-processing tasks, a ML model (SSD mobilenet) for object detection and depth estimation with a single camera. The biggest challenge is how to distribute the tasks across nodes with data locality in consideration.

Speakers
avatar for Yisui Hu

Yisui Hu

Software Engineer, Google
Yisui Hu is a Software Engineer currently working on Kubernetes Engine at Google. He has over 14 years industry experience focused on software engineering across multiple areas, including operating systems, networking, embedded systems, cloud infrastructure, etc.



Tuesday December 11, 2018 10:50am - 11:25am
611-614

10:50am

Intro: Apps SIG - Adnan Abdulhussein, Bitnami
Join Kubernetes SIG Apps to learn about the areas of our focus, what we are working on currently, and how you can get involved. Veteran SIG Apps members will be on hand to help answer questions.

Speakers
avatar for Adnan Abdulhussein

Adnan Abdulhussein

Software Engineer, Bitnami
Adnan Abdulhussein is a Software Engineer at Bitnami, where he works on building tools to make apps easier to run on Kubernetes. He contributes to the Kubernetes community as a co-chair of SIG-Apps and a core maintainer of the Helm project. Adnan is passionate about cloud-native infrastructure... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
3 A/B
  • Skill Level Any

10:50am

Intro: Auth SIG - Jordan Liggitt & Tim Allclair, Google
SIG Auth is responsible for the design, implementation, and maintenance of features in Kubernetes that control and protect access to the API and other core components. In this session, we'll give an overview of the work the SIG is doing, improvements and features added over the past year, and some of the plans for upcoming releases.

Speakers
avatar for Tim Allclair

Tim Allclair

Software Engineer 软件工程师, Google
Tim Allclair joined the Kubernetes project with Google just after the 1.0 launch in 2015. He co-chairs sig-auth, is an active sig-node contributor, and a member of the Kubernetes Product Security Team (responsible for responding to vulnerabilities in Kubernetes). His most recent charter... Read More →
avatar for Jordan Liggitt

Jordan Liggitt

Staff Software Engineer, Google
Jordan Liggitt is a staff software engineer at Google, and helps lead Kubernetes authentication, authorization, and API server efforts.



Tuesday December 11, 2018 10:50am - 11:25am
602-604
  • Skill Level Any

10:50am

Intro: CNCF Trail Map - Dee Kumar, Cloud Native Computing Foundation
The interactive landscape -- l.cncf.io -- allows you to filter and sort hundreds of cloud-native projects and products, and review details including GitHub stars, funding or market cap, first and last commits, contributor counts, headquarters location, and recent tweets. Engage in a small group to discuss how the landscape was built and what should change about it going forward

Speakers
avatar for Dee Kumar

Dee Kumar

VP, Marketing, Cloud Native Computing Foundation
Dee is the VP of Marketing at CNCF and would love to contribute to the cause where LF/CNCF ensures innovation is born, bred, and flourishing in open markets and ecosystems.Dee is an experienced marketing leader and a resourceful executive. Most recently, Dee was Director of Marketing... Read More →


Tuesday December 11, 2018 10:50am - 11:25am
2 A/B
  • Skill Level Any

10:50am

Intro: IBMCloud SIG - Sahdev Zala & Richard Theis, IBM
The presentation will cover an overview of the SIG-IBMCloud and highlights of the SIG activities. It will also provide an overview of how the SIG and IBMCloud contribute to the upstream work in various areas like scalability, networking, cloud registry, Helm and SIG App. We will also brief on near-term roadmap for the SIG. 

Speakers
avatar for Richard Theis

Richard Theis

Senior Software Engineer, IBM
Richard Theis is a Senior Software Engineer in the IBM Cloud division. In his current role, Richard leads Kubernetes update development and support for IBM Cloud Kubernetes Service. He is a co-chair of the Kubernetes IBM Cloud SIG.
avatar for Sahdev Zala

Sahdev Zala

Senior open source dev, IBM Digital Business Group, IBM
Sahdev P. Zala is a Senior Software Engineer in the IBM Digital Business Group Open Technology division. In his current role, Sahdev is focused on contributing to the Kubernetes, etcd and OpenStack upstream development. He is a member of Kubernetes and etcd-io github organization... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

10:50am

Intro: VMware SIG - Fabio Rapposelli & Steve Wong, VMware
Join the SIG VMware introduction session to learn our mission, recent accomplishments and discuss future work. We will also focus on how new contributors can get involved in the SIG. Kubernetes has the concept of a Cloud Provider, which is a standardized module which allows Kubernetes to run on various platforms which might have different implementations of networking, storage, and node management. Kubernetes is in the process of moving to a new “out of tree” cloud manager architecture to allow cloud providers to have independent feature and patch release cycles. Learn how the vSphere cloud provider is evolving to meet this new model. This session will outline how to get started when you deploy Kubernetes on vSphere infrastructure, on-prem or in a public cloud. Material covered is applicable to kubeadm deployments, and when using Kubernetes distributions on vSphere infrastructure.

Speakers
avatar for Fabio Rapposelli

Fabio Rapposelli

Staff Software Engineer 主任软件工程师, VMware
Purveyor of all things open source, loves distributed systems and solving complex problems.Renaissance man and human Rube Goldberg machine, Fabio is responsible for many of the Open Source integrations between Vagrant, Docker and VMware. Frequent speaker at conferences such as dotGo... Read More →
avatar for Steve Wong

Steve Wong

Software Engineer, Cloud Native Business Unit 软件工程师,云原生业务部门, VMware
Developer interested in containers, storage, virtualization, IoT, machine learning, streaming data analytics, and cloud native application technology. Active in Kubernetes storage community since 2015. Chair of Kubernetes VMware SIG. Frequent speaker at open source conferences and... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
615-617
  • Skill Level Any

10:50am

Experience Report: Running a Distributed System Across Kubernetes Clusters - Alex Robinson, Cockroach Labs
Kubernetes makes it easy to run distributed applications, even those that manage persistent state, within the confines of a single cluster. Running the same applications in a multi-region or multi-cloud fashion across multiple Kubernetes clusters, however, is considerably more difficult due to the networking and service discovery problems involved.

In this talk, Alex will walk through his team’s experience over the last six months of running a distributed database across Kubernetes clusters in different regions and their attempts to make the process repeatable on different cloud providers and on-prem environments. He’ll cover common problems they encountered, solutions they’ve tried, how they’re running things today, and the future improvements he’s most excited about from community projects like Istio.

Speakers
avatar for Alex Robinson

Alex Robinson

Senior Software Engineer, Cockroach Labs
Alex Robinson is a member of the technical staff at Cockroach Labs, the startup leading the development of the open source CockroachDB project, where he works on CockroachDB's core transactional storage layer and manages all integrations with orchestration systems such as Kubernetes... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
Ballroom 6B

10:50am

On the OSS Path to Full Observability with Grafana - David Kaltschmidt, Grafana Labs
Grafana is coming “off the wall”. To make it more useful for interactive debugging, David and his team have already integrated two pillars of observability - metrics and logs. They are currently adding tracing to complete the incident response experience. All to minimise the cost of context switching during those crucial minutes after getting paged.

This talk will demonstrate the various methods we’ve used to link the data together. Prometheus is providing the metrics. Via its histograms, request latencies can be extracted to inform each tracing span from Jaeger. Grafana also ensures that lines from your log aggregation system are annotated with span and trace IDs, as well as the other way around: associating logged values with spans.

David will show how these OSS parts should be deployed to achieve full observability in an engaging user experience that saves valuable minutes.

Speakers
avatar for David Kaltschmidt

David Kaltschmidt

Director of UX, Grafana Labs
David is the Director of UX at Grafana Labs and focuses mainly on workflows around monitoring with Prometheus. Previously he worked at companies such as Kausal, Weaveworks, Oracle, and Siemens Research. David has been building UIs for the networking industry for over a decade. He’s... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
4C 3/4

10:50am

Day Two Kubernetes: Tools for Operability - Bridget Kromhout & Zachary Deptawa, Microsoft
Artisanally hand-crafting our own container hosting solutions can be a fun learning experience, but for repeatable production use, we want to deploy and manage Kubernetes clusters in a reproducible fashion. Using open source tools like Helm, Draft, Brigade, and Terraform, we can deploy and update our Kubernetes clusters via a trusted, versioned, repeatable process. We’ll discuss what containers and Kubernetes clusters are at a high level, look into the practical application of open source tools to simplify cluster management, and show you how to deploy Kubernetes clusters in a repeatable and portable fashion.

Speakers
avatar for Zachary Deptawa

Zachary Deptawa

Cloud Advocate, Microsoft
Zachary is a Cloud Advocate at Microsoft with a focus on Linux (yes, really.) Before that, he's played roles from monitoring technician to system administrator and professional services consultant to solutions architect at startups (Sprout Social, ClearDATA) and larger orgs (Rackspace... Read More →
avatar for Bridget Kromhout

Bridget Kromhout

Principal Cloud Advocate, Microsoft
Bridget Kromhout is a Principal Cloud Advocate at Microsoft. Her CS degree emphasis was in theory, but she now deals with the concrete (if 'cloud' can be considered tangible). After 15 years as an operations engineer, she traded being on call for being on a plane. A frequent speaker... Read More →


Tuesday December 11, 2018 10:50am - 11:25am
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building

10:50am

How Symlinks Pwned Kubernetes (And How We Fixed It) - Michelle Au, Google & Jan Šafránek, Red Hat
Ever wonder how Kubernetes deals with security vulnerabilities? This talk illustrates the process by walking through the discovery, patching, and disclosure of CVE-2017-1002101.

In Nov 2017, we received a report about how misusing the volume subpath feature could result in access to host files. A team was assembled to investigate the vulnerability, develop a patch, and release it to all supported versions of Kubernetes -- ALL in secret.

As we walk through the story from discovery to disclosure, we will also deep dive into the technical details of how this feature allowed a container to escape to the host filesystem, and how it was fixed.

You will walk away with techniques for secure file handling in multi-tenant environments, best practices for restricting volume access in your Kubernetes clusters, and an understanding of how a large open source project manages security issues.

Speakers
avatar for Michelle Au

Michelle Au

Software Engineer, Google
Michelle Au is a software engineer at Google and is a Kubernetes SIG Storage maintainer, leading the volume topology, local persistent storage, and storage conformance projects as well as developing CSI drivers. She has spoken about Kubernetes storage at previous KubeCon and OpenStack... Read More →
avatar for Jan Šafránek

Jan Šafránek

Principal Software Engineer, Red Hat
Jan is a Principal Software Engineer working at Red Hat working on storage aspects of Kubernetes. He started developing Kubernetes more than 3 years ago and is one of the founding members of SIG-Storage. He’s the author of the PersistentVolume controller, dynamic provisioning and... Read More →



Tuesday December 11, 2018 10:50am - 11:25am
Ballroom 6C

10:50am

Tutorial: Building & Running Kubernetes from Source and Submitting Your First PR - Ian Chakeres, Silvia Xu, Michael Taufen, & Federico Bongiovanni, Google (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

In this hands-on 90m session, we will build and run Kubernetes on a Cloud VM, and then submit a pull request (PR) to kubernetes/kubernetes (k/k). Experts will be on-hand to help you get through any issues that you encounter.

We’ll first walk through the following steps: create and login to a VM; install and configure the dependencies; download the source code; build the executables; and finally, run Kubernetes. Afterward, we'll talk through the k/k PR process; fork the repo and set up git; make and commit a change to the source; and then create a PR.

Prerequisites:
- Bring a computer with a connection to the Internet and a web browser.
- A Google Cloud account, credits, or tokens will be distributed at the session.
- A GitHub account, created prior to the session.
- Agree to CNCF code of conduct and sign CLA (https://github.com/kubernetes/community/blob/master/CLA.md) prior to the session.

Speakers
avatar for Federico Bongiovanni

Federico Bongiovanni

Engineering Manager, Google
Results-oriented engineering leader, experienced working with distributed systems, microservices, and APIs. Passionate about solving scalability problems, improving development cycles, automating processes and people development. | His love for computers and programming started on... Read More →
avatar for Ian Chakeres

Ian Chakeres

Cloud Builder, Google
Dr. Ian Chakeres enjoys building cloud software teams, products, and technology. At Google he's making it possible monitor, manage, and enforce policies across all your Kubernetes clusters, whether in the cloud or on-prem. Ian holds an MBA from the University of North Carolina KFBS... Read More →
avatar for Michael Taufen

Michael Taufen

Software Engineer, Google
Michael Taufen is a software engineer at Google on the GKE Node team. He works on GKE, GKE On-prem, and open-source Kubernetes. He's an active SIG-Node maintainer, and he's also contributed to a number of projects related to the Kubelet, configuration APIs, release management, OS... Read More →
SX

Silvia Xu

Software Engineer, Google
Silvia is a software engineer in Google's Kubernetes team. She's working on making it easy to manage lots of Kubernetes clusters consistently, including hybrid and multi-cloud environments.



Tuesday December 11, 2018 10:50am - 12:15pm
Yakima 1 @ TCC The Conference Center (TCC) - Separate from WSCC building

10:50am

Tutorial: Developing Production Ready Cloud Native NATS Applications - Waldemar Quevedo & Colin Sullivan, Synadia (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

Learn how to develop secure and reliable cloud native applications using NATS simple but powerful pub/sub messaging features. In this tutorial, members of the core NATS team will show how to implement from scratch a service that uses NATS with all the recommended best practices for production operation.

We will cover how to setup a secure NATS cluster with TLS, how to monitor it, walk through common troubleshooting scenarios as well as how to deploy it on Kubernetes.

Requirements previous to the hands-on tutorial:

- Go
- NATS Server (gnatsd)
- Docker
- minikube
- cfssl (https://github.com/cloudflare/cfssl)

Speakers
avatar for Waldemar Quevedo

Waldemar Quevedo

Software Engineer, Synadia
Waldemar Quevedo is a Software Engineer at Synadia, where he works on the NATS project and the ecosystem around it. He is author of the "Practical NATS" book, which is one of the first books about the project. | Before he was at Apcera where he worked on a container orchestration... Read More →
avatar for Colin Sullivan

Colin Sullivan

Product Manager, Synadia
Colin is the product manager of NATS (https://nats.io). He has extensive experience developing messaging products and designing distributed systems. Prior to Synadia, Colin worked at Apcera and TIBCO software.


Tuesday December 11, 2018 10:50am - 12:15pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building

10:50am

Tutorial: Using Istio - Lee Calcote & Girish Ranganathan, SolarWinds (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

In the adoption of cloud native technologies engineers find one of the greatest challenges is the management of services in distributed systems. Service management challenges include service discovery, load balancing, fault tolerance, end-to-end monitoring, dynamic routing for canary deployments and securing communication. Istio solves these problems by providing a layer of infrastructure between the services and network that allows service communication to be controlled outside the application code.

During this workshop you will gain hands-on experience as we walk through deploying Istio alongside microservices running in Kubernetes. In a series of hands-on labs, we see:

• Traffic Management, Resilient Communication and Load Balancing
• Policy Enforcement and Rate Limiting
• Telemetry, Monitoring and Reporting
• Securing Communication
• Canary Deployments

Speakers
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative leader, passionate about developer platforms and management software for clouds, containers, functions and applications. Advanced and emerging technologies have been a consistent focus through Calcote’s tenure at SolarWinds, Seagate, Cisco and Pelco... Read More →
GR

Girish Ranganathan

Principal Architect, SolarWinds
Girish is a software technologist who has played a pivotal role in architecting and developing a variety of large scale distributed systems on a range of platforms including microservices and serverless. He strongly believes that simple ideas can go a long way into building efficient... Read More →


Tuesday December 11, 2018 10:50am - 12:15pm
Skagit 4/5 @ TCC The Conference Center (TCC) - Separate from WSCC building

11:00am

Meet the Ambassador: Bob Killen, University of Michigan
Speakers
avatar for Bob Killen

Bob Killen

Research Cloud Admnistrator, University of Michigan
Bob has been with the University for 15 years, and in his time there has spurred adoption of Cloud Native tools and practices. He is passionate about bringing Cloud Native Computing methodologies to Research and Academia.


Tuesday December 11, 2018 11:00am - 11:30am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:00am

Meet the Maintainer: Fluentd/Fluent Bit - Eduardo Silva, Treasure Data
Speakers
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, ARM Treasure Data
Eduardo is a Principal Engineer at "ARM / Treasure Data". He currently leads the efforts to make logging more scalable in Containerized and Orchestrated systems such as Kubernetes. Maintainer of Fluent Bit.


Tuesday December 11, 2018 11:00am - 11:30am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:30am

Meet the Ambassador: Bob Killen, University of Michigan
Speakers
avatar for Bob Killen

Bob Killen

Research Cloud Admnistrator, University of Michigan
Bob has been with the University for 15 years, and in his time there has spurred adoption of Cloud Native tools and practices. He is passionate about bringing Cloud Native Computing methodologies to Research and Academia.


Tuesday December 11, 2018 11:30am - 12:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:30am

Meet the Maintainer: Envoy - Constance Caramanolis, Lyft
Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Lyft
Constance Caramanolis is a Software Engineer at Lyft working on the Server Networking team. For the past two years, she has built and deployed Envoy and its ecosystem. Constance focuses on configuration management, network security and engineering education. In addition, she is an... Read More →


Tuesday December 11, 2018 11:30am - 12:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:40am

Front-end Application Deployment Patterns - Ross Kukulinski, Heptio
Kubernetes is a powerful deployment platform that allows complex workflows like rolling, blue-green, and canary deployments of software. Safely managing these complex deployment patterns for frontend browser applications where HTML references multiple CSS, JavaScript, or image assets is fraught with challenges. Doing this poorly results in broken page loads or inconsistent UI behavior.

In this session, Ross Kukulinski, will cover:
- Common deployment patterns for applications on Kubernetes
- How web-applications make these patterns more complex
- Solutions and associated live-demos showing how to resolve these problems

Attendees will leave this presentation with a variety of strategies to manage blue-green, canary, and A/B deployments of front-end applications using of Kubernetes.

Speakers
avatar for Ross Kukulinski

Ross Kukulinski

Senior Product Manager, Heptio
Ross Kukulinski is a Senior Product Manager at Heptio, Inc., where he focuses on growing the Kubernetes community, tackling global-scale engineering problems, and guiding businesses on their Cloud Native journey. His technical background is in architecting and deploying scalable... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
Ballroom 6E

11:40am

Intro: SAFE BoF - Jeyappragash Jeyakeerthi, padme.io & Dan Shaw, danshaw, LLC
“Cloud Native” is open source cloud computing for applications — a complete trusted toolkit for modern architectures (CNCF presentation). There are multiple proposed projects which address key parts of the problem of providing access controls and addressing safety concerns. Each of these adds value, yet for these technical solutions to be capable of working well together and manageable to operate they will need a minimal shared context of what defines a secure system architecture.

Speakers
avatar for Jeyappragash Jeyakeerthi

Jeyappragash Jeyakeerthi

tetrate.io
Jeyappragash previously built the team and lead the technical roadmap for Twitter's Cloud Infrastructure Management Platform. This platform helps developers manage their services and provides detailed visibility to the infrastructure and the services that use the infrastructures... Read More →
avatar for Dan Shaw

Dan Shaw

Global Head of Developer Relations, PayPal
Dan Shaw, aka “dshaw”, has dedicated his career to growing the Node.js Ecosystem. Dan was instrumental in the formation of the Node.js Foundation where he served on the Board as Director. Dan is known as "The Godfather of Node.js” for his tireless efforts to build community... Read More →


Tuesday December 11, 2018 11:40am - 12:15pm
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

11:40am

Container Platforms as Equalizers: Running Health Services Across the World - Jamie Hewland, Praekelt.org
Praekelt.org creates and operates a number of health and youth-related services which are hosted on containerised clusters around the world, often in countries without an established cloud provider presence. This means that the infrastructure reliability and tooling that may typically be available are not. In addition, as a small team managing clusters in several isolated datacenters around the world, achieving commonality is challenging.

While we started using container orchestration because we wanted to increase resource utilisation and deployment agility, we have found the real value has been in our ability to abstract many of the differences between clusters.

Now, as we move towards Kubernetes, we will share lessons for shifting developers between different container orchestrators as seamlessly as possible by using Spinnaker as a common continuous deployment tool.

Speakers
avatar for Jamie Hewland

Jamie Hewland

Site Reliability Engineer, Praekelt.org
Jamie is a Site Reliability Engineer (SRE) at Praekelt.org, a non-profit organisation that builds health and youth-related services that aim to improve the wellbeing of millions of people around the world. | | Jamie has contributed to several popular open-source projects, but is... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
4C 1/2
  • Skill Level Any

11:40am

Behind Your PR: How Kubernetes Uses Kubernetes to Run Kubernetes CI - Sen Lu & Benjamin Elder, Google
As a contributor of CNCF/Kubernetes project, you open issues/PRs in one or more of the Kubernetes repos, and the k8s-ci-robot will add proper labels, assign reviewers, trigger presubmits, and automatically merge your PR.

This talk will walk you through how Kubernetes CI is automated in Kubernetes clusters, how we use CRDs to manage the presubmit/CI jobs’ lifecycle, and how we automate contributor workflows on Github.

By the end of this talk, contributors to Kubernetes project should have a better understanding what happens behind the scenes for Kubernetes CI. Other github projects can also utilize our test-infra for their CI.

Speakers
BE

Benjamin Elder

Software Engineer, Google
Ben first worked on Kubernetes around the 1.0 launch, implementing the initial version of the iptables kube-proxy for Google Summer of Code 2015.He later started working full time on Kubernetes in the summer of 2017, focusing on the test-infra, local clusters, build, and test with... Read More →
avatar for Sen Lu

Sen Lu

Software Engineer 软件工程师, Google
Sen started to contribute to Kubernetes Project since 2016. Sen is mainly focus on Kubernetes Testing Infrastructure, i.e. Prow, Kubetest, Gubernator, Boskos, and Testgrid...Sen自2016年开始为Kubernetes项目做出贡献。Sen主要专注于Kubernetes测试基础设施,即Prow,Kubetest,Gubernator,Boskos和Testgrid... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
606-609
  • Skill Level Any

11:40am

The Art of Documentation for Open Source Projects - Ben Hall, Katacoda
While many Open Source projects have amazing code-bases, the documentation is letting them down and as a result they are losing influence and opportunities for adoption and feedback.

In this talk, Ben uses his expertise of building an Interactive Learning Platform to highlight The Art of Documentation. The aim of the talk is to help open source contributors understand how small changes to their documentation approach can have an enormous impact on how users get started.

Ben will discuss:
- How to create engaging documentation
- Defining technical details in an accessible way
- Building documentation that encourages users to get started
- How to manage documentation and keeping it up-to-date and relevant

In the end, attendees will have an understanding of how to build beautiful, useful documentation. This will be backed by examples from some of the best open source projects.

Speakers
avatar for Ben Hall

Ben Hall

Founder, Katacoda
Ben is the founder of Katacoda (Katacoda.com), an interactive learning and training platform for software engineers. Katacoda specialises in enabling developers to understand Cloud-Native technologies including Docker, Kubernetes and OpenShift.Ben 是 Katacoda (Katacoda.com)的创始人,这是一家为软件工程师设计的交互式学习和培训平台。Katacoda... Read More →


Tuesday December 11, 2018 11:40am - 12:15pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

11:40am

The Future of Your CRDs – Evolving an API - Stefan Schimanski, Red Hat & Mehdy Bohlool, Google
CustomResourceDefinitions (CRDs) are a cornerstone of many extensions built on-top of Kubernetes. They allow to define custom API objects and the API server will handle their life-cycle.

Most APIs start with one version, but sooner or later need to evolve while keeping compatibility with current clients/users. Kubernetes standard types do that through versioning and conversion between versions. This talk covers the corresponding evolution path for CRD based APIs.

The talk will cover:
- Why Kubernetes has multiple versions
- New feature: CRD Versioning with Conversion
- Round-Tripability Concept
- How to update schemaless API objects to schemaful
- Pruning and how to enable it
- Defaulting
- How to plan for Master Rollbacks when writing a CRD
- Storage version and storage migration
- Failure modes
- Monitoring and managing a cluster with multi-versions
- Kube builder support and Demo

Speakers
avatar for Mehdy Bohlool

Mehdy Bohlool

Software Engineer, Google
Mehdy is a Software Engineer at Google and a member of kubernetes API Machinery team. His earliest contribution is OpenAPI 2.0 support, upgraded from swagger 1.2. He is one of the contributors to CustomResourceDefinition focusing on versioning and conversion of custom resources... Read More →
avatar for Stefan Schimanski

Stefan Schimanski

Senior Software Engineer, Red Hat
Stefan is a Senior Software Developer at Red Hat working on Kubernetes and OpenShift, with a focus on API machinery, extension points and developer tools as part of Sig API Machinery. He is one of the top-3 reviewers in the project (number of reviews). Stefan is a 2nd time GoogleSummer... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
Ballroom 6A

11:40am

Using Kubernetes to Offer Scalable Deep Learning on Alibaba Cloud - Kai Zhang & Yang Che, Alibaba
Running deep learning (DL) jobs requires end to end workflow to accelerate model training iteratively. It must be scalable on massive data and computational resources, and be framework agnostic to relieve the pain of managing diverse dependencies.
In Alibaba cloud, we use Kubernetes to build elastic DL platform for continuous model training and optimization. It manages heterogeneous cluster including CPU/GPU/FPGA. Jobs are automatically scheduled to the best-fit resources. Kubeflow, which is a great machine learning scaffold on Kubernetes, is used to setup training pipeline. Project Arena is created to manage and instrument jobs with friendly user experience.
In this talk, we will discuss how the platform is designed, and how it facilitates users to focus on DL tasks instead of managing underlying complexity. A demo shows how to run distributed neural network training in a minute.

Speakers
avatar for Yang Che

Yang Che

Senior Engineer, Alibaba
Yang Che, is a senior engineer of Alibaba Cloud. He works in Alibaba cloud container service team, and focuses on Kubernetes and container related product development. Yang also works on building elastic machine learning platform on those technologies. He is an active contributor... Read More →
avatar for Kai Zhang

Kai Zhang

Staff Engineer, Alibaba Cloud
Kai Zhang, is now a staff engineer of Alibaba Cloud. He's worked on container service product and enterprise solution development for 3 years. Before that, he worked in deep learning platform, cloud computing, distributed system and SOA area over 10 years. Recently, he is exploring... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
611-614

11:40am

Intro: Cluster Lifecycle SIG – Robert Bailey, Google & Timothy St. Clair, Heptio
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and building a Cluster API to provide an abstraction of machines across different deployment environments and a common control plane configuration. In this introduction session, we will present the SIG's mission statement, review recent accomplishments, and discuss our future plans, where you are very welcome to contribute to the discussion. We will also focus on how new contributors can get involved in helping shape the future of Kubernetes' cluster lifecycle management.

Speakers
avatar for Robert Bailey

Robert Bailey

Software Engineer, Google
Robert is a lead for the cluster lifecycle SIG and has been working on Kubernetes for more than 3 years. He was one of the founding members of the Google Container Engine team. Prior to Kubernetes, he was a Site Reliability Engineer helping teams at Google launch new products and... Read More →
avatar for Timothy St. Clair

Timothy St. Clair

Staff Software Engineer, Heptio
Timothy St. Clair is a Staff Software Engineer at Heptio and is a core contributor to the Kubernetes project, a Steering Committee member, and a lead on SIG-Cluster-Lifecycle. Timothy has worked on the development and integration of various open source distributed systems projects... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
3 A/B
  • Skill Level Any

11:40am

Intro: Harbor - Steven Zou & Henry Zhang, VMware
As container technology become widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage container images. Project Harbor is an open source trusted cloud native registry project that stores, signs, and scans content, thus resolving common image management challenges. In this presentation, we will focus on the management of container images through Harbor. We will review and provide solutions to challenges faced by organizations, including RBAC (Role Based Access Control), vulnerability scanning, large scale image distribution, image replication and image provenance (notary). Real world use cases will be discussed in the session.

Speakers
avatar for (Haining Henry) Zhang

(Haining Henry) Zhang

Technical Director, VMware
Haining Zhang is the Chief Architect of China R&D, VMware. His primary role is to lead the development and incubation of projects on emerging technologies, including container, blockchain and IoT. He was the first evangelist in China for open source PaaS project Cloud Foundry. Henry... Read More →
avatar for Steven Zou

Steven Zou

Staff Software Engineer 主任软件工程师, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open source Project Harbor which is an enterprise class container image registry as core engineer. He is also involved in the development of the container projects like vSphere Integrated Container(VIC... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
602-604
  • Skill Level Any

11:40am

Intro: Service Catalog SIG - Jonathan Berkhahn, IBM & Carolyn Van Slyck, Microsoft Azure
This is an introduction to the Kubernetes Service Catalog project. Service Catalog lets you provision cloud services, regardless of where they are hosted, directly from the comfort of native Kubernetes tooling. This works across platforms because we follow the Open Service Broker API, an open standard to provision and manage cloud services. Learn how you can use Service Catalog to access third-party services from your Kubernetes applications. We will walk through provisioning a database directly through Kubernetes and and then connect to it from an application running on the cluster.

Speakers
JB

Jonathan Berkhahn

Staff Software Engineer 主任软件工程师, IBM
Jonathan is a distributed systems developer from San Jose in the heart of Silicon Valley. Currently he works as a contributor to the Kubernetes Service Catalogue and CLI projects in support of IBM Cloud. He has also contributed to Cloud Foundry, the open source Platform-as-a-Service... Read More →
avatar for Carolyn Van Slyck

Carolyn Van Slyck

Software Engineer, Microsoft
Carolyn is a software developer based in the wilds of suburban Chicago, working remote on the Microsoft Azure team. Her passion is developer tools, and building vibrant inclusive open-source communities around them. | | Carolyn is a maintainer for Kubernetes Service Catalog and the... Read More →


Tuesday December 11, 2018 11:40am - 12:15pm
615-617
  • Skill Level Any

11:40am

Intro: Storage SIG - Saad Ali, Google
Join Kubernetes SIG Storage to learn about the areas of our focus, what we are working on currently, and how you can get involved. Veteran SIG Storage members will be on hand to help answer questions.

Speakers
avatar for Saad Ali

Saad Ali

Senior Software Engineer, Google
Saad Ali is a senior software engineer at Google where he works on the open-source Kubernetes project. He joined the project in December 2014, and has led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, and is co-author... Read More →


Tuesday December 11, 2018 11:40am - 12:15pm
618-620
  • Skill Level Any

11:40am

Intro: Virtual Kubelet - Ria Bhatia, Microsoft & Ben Corrie, VMware
The intro to virtual kubelet session will go through the architectural design and the history of the virtual kubelet project. The session will feature use cases, demos and current ways of using virtual kubelet in your own kubernetes clusters to scale into burst capacity, or manage other kinds of resources like IoT Edge deployments. 

Speakers
avatar for Ria Bhatia

Ria Bhatia

Program Manager, Microsoft
Ria Bhatia is a Program Manager with the Cloud Native Compute team in Microsoft. She's a maintainer of the open source project, Virtual Kubelet and has spoken at multiple conferences and meet-ups. She believes deeply in changing the tech landscape to include members from all backgrounds... Read More →
BC

Ben Corrie

Senior Staff Engineer, VMware


Tuesday December 11, 2018 11:40am - 12:15pm
2 A/B
  • Skill Level Any

11:40am

Clusters as Cattle - Wrangling Clusters Not Just Nodes - Illya Chekrygin, Upbound
Kubernetes has fulfilled its promise at wrangling nodes and providing a self-healing, self-scaling, self-everything experience. Nodes can come and go and be automatically scaled using node scalers. But what if node scaling is not enough, and you need to scale clusters too? What if you want to separate types of workloads across different clusters for performance, isolation, geographic distribution, compliance or management reasons?

Behold, the future is here! In this talk we’ll explore how Kubernetes can automatically deploy and manage other clusters dynamically and on as needed basis. We’ll show a demo of an application that is able to dynamically provision clusters across regions and schedule workloads across them. We’ll explore the benefits and challenges of this approach.

Speakers
avatar for Illya Chekrygin

Illya Chekrygin

Founding Engineer, Upbound
Illya is a Founding Engineer at Upbound where he is working on advancing cloud-native computing by "freeing the cloud". Prior to Upbound Illya has been leading Kubernetes adoption at HBO and Zulily.



Tuesday December 11, 2018 11:40am - 12:15pm
Ballroom 6B

11:40am

Linkerd 2.0, Now with Extra Prometheus - Andrew Seigner, Buoyant & Frederic Branczyk, CoreOS
In order to provide zero-config observability for service owners running their application on Kubernetes, Linkerd 2.0 needs to scale to any size Kubernetes cluster. In this talk, Andrew Seigner from the Linkerd team and Frederic Branczyk from the Prometheus team will demonstrate Linkerd 2.0 features made possible by Prometheus, including a user-friendly dashboard, a simple yet powerful CLI, and Grafana integration. They’ll outline how Linkerd evolved its Prometheus integration to leverage Prometheus’s ability to handle massive sets of metrics, and demonstrate the scale this integration enables.

Speakers
FB

Frederic Branczyk

Software Developer, Red Hat
Frederic is an engineer at Red Hat (previously CoreOS) contributing to Prometheus and Kubernetes to build state of the art modern infrastructure and monitoring tools. He discovered his interest in monitoring tools and distributed systems in his previous jobs, where he used machine... Read More →
avatar for Andrew Seigner

Andrew Seigner

Software Engineer, Buoyant
Andrew Seigner is a Software Engineer at Buoyant, the makers of Linkerd. Andrew's current focus has been on observability and telemetry in Buoyant's next-generation service mesh. Andrew previously gave an Intro to Linkerd talk at Kubecon EU 2018.



Tuesday December 11, 2018 11:40am - 12:15pm
4C 3/4
  • Skill Level Any

11:40am

Don’t Forget the Data When Embarking on Your Journey to Service Meshes - Shriram Rajagopalan, VMware
It’s no secret that sophisticated enterprises are using data to deliver new value and gain competitive advantage. In the modern application architecture, decentralization of data management results in the data being distributed over a vast surface area across different data stores and locations. At the same time, sensitive data needs to be controlled and protected for compliance with data security and privacy regulations such as PCI-DSS, HIPAA, and GDPR.

The service mesh (Istio/Envoy) provides universal observability across the infrastructure. However, there is more work to be done to track how sensitive data flows, provide data-centric policies and telemetry. This talk highlights some of the challenges, describes customer use cases and how adopting a data-centric approach from the beginning is essential in the modern enterprise.

Speakers
avatar for Shriram Rajagopalan

Shriram Rajagopalan

Staff Engineer, VMware
Shriram Rajagopalan is a staff engineer at VMware's NSX division working on advanced networking solutions. He is one of the founding engineers behind the Istio service mesh project and currently maintains the networking subsystem within Istio. Prior to working on Istio/Envoy, he worked... Read More →


Tuesday December 11, 2018 11:40am - 12:15pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

11:40am

Securing Kubernetes With Admission Controllers - Dave Strebel, Microsoft
An admission controller allows you to intercept or mutate request to the Kubernetes API before it's persisted as an object in Kubernetes . By utilizing admission controllers to intercept objects we have to the flexibility to enforce enterprise security policies for developers and operators of Kubernetes.

In this demo heavy session, we will review admission controller capabilities and use cases for extending Kubernetes security. We will also demonstrate how to use an admission controller to restrict access to specific service types in a Kubernetes cluster.

Attendees will leave understanding how to utilize admission controllers to extend security in their Kubernetes environment. They will also learn about use cases of using admission controllers to provide enterprise grade security policies.

Speakers
avatar for Dave Strebel

Dave Strebel

Open Source Architect, Microsoft
Dave Strebel is a Global Open Source Architect on the Microsoft Global Black Belt team. Dave focuses on containers, microservices, DevOps, and cloud-native applications in the Azure cloud platform. Dave has been working in technology for over 15 years and has a mixed background across... Read More →



Tuesday December 11, 2018 11:40am - 12:15pm
Ballroom 6C

12:15pm

Lunch
Tuesday December 11, 2018 12:15pm - 1:45pm
Hall 4AB

12:30pm

Meet the Maintainer: Kubernetes - Lucas Käldström, Independent
Speakers
avatar for Lucas Käldström

Lucas Käldström

CNCF 代表, Independent
Lucas is a passionate Kubernetes subproject owner and approver that is excited about all things cloud native. Lucas has been engaged in Kubernetes work for over three years now and been involved in work like porting Kubernetes to multiple platforms, getting minikube off the ground... Read More →


Tuesday December 11, 2018 12:30pm - 1:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

1:00pm

Meet the Ambassador: Baruch Sadogursky, JFrog
Speakers
avatar for Baruch Sadogursky

Baruch Sadogursky

Developer Advocate, JFrog
Baruch Sadogursky (a.k.a JBaruch) is the Developer Advocate at JFrog. For a living he hangs out with JFrog’s tech leaders, writes code around the JFrog Platform and its ecosystem, and then speaks and blogs about it all. He has been doing this for the last dozen years or so, and... Read More →


Tuesday December 11, 2018 1:00pm - 1:30pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

1:30pm

Meet the Ambassador: Baruch Sadogursky, JFrog
Speakers
avatar for Baruch Sadogursky

Baruch Sadogursky

Developer Advocate, JFrog
Baruch Sadogursky (a.k.a JBaruch) is the Developer Advocate at JFrog. For a living he hangs out with JFrog’s tech leaders, writes code around the JFrog Platform and its ecosystem, and then speaks and blogs about it all. He has been doing this for the last dozen years or so, and... Read More →


Tuesday December 11, 2018 1:30pm - 2:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

1:45pm

Scale Your Service on What Matters: Autoscaling on Latency - Thomas Rampelberg, Buoyant
Scaling HTTP based workloads is about more than cpu and memory. This talk will show why it is critical to scale based on latency, as well as how to do it for your own service by combining Linkerd, Prometheus, and Kubernetes. We demonstrate how to use Linkerd to instrument your service to collect aggregated service latency, store these metrics in Prometheus, and use them as custom metrics for consumption by Kubernetes’s Horizontal Pod Autoscaler. We demonstrate how latency-based autoscaling outperforms CPU- and memory-based autoscaling under a variety of conditions including live traffic from the attendees of this talk, and suggest ways to safely apply this technique to existing systems.

Speakers
avatar for Thomas Rampelberg

Thomas Rampelberg

Software Engineer, Buoyant
Thomas Rampelberg is a Software Engineer at Buoyant Inc. He has made a career of building infrastructure software that allows developers and operators to focus on what is important to them. While working for Mesosphere, he helped create DC/OS, one of the first container orchestration... Read More →


slides pdf

Tuesday December 11, 2018 1:45pm - 2:20pm
Ballroom 6B

1:45pm

Deep Dive: KubeVirt BoF - Scott Collier, Red Hat & Ben Warren, Cisco
KubeVirt extends Kubernetes with the ability to orchestrate and run virtual machine workloads, as Kubernetes itself is not able to launch those. Building a cloud-native virtualization API which supports
existing and new virtualized workloads, but at the same time also fits seamlessly into Kubernetes, turns out to work out quite fine most of the time. However, there are also areas where virtualization
requirements are crossing the boundaries of Kubernetes existing features or cloud-native concepts. On the other hand crossing the boundaries, is an opportunity to work with the Kubernetes community to enable additional use-cases for both containers and virtual machines.

In this BoF we’ll be taking a look at existing features but also at features which are currently driven by the community, and also features which are currently blocked.

Speakers
avatar for Scott Collier

Scott Collier

Consulting Engineer, Red Hat
Scott Collier is a Consulting Engineer and lead in the Atomic OpenShift program at Red Hat. He focuses on OpenShift and infrastructure integration as well as other container and container orchestration based activities.
avatar for Ben Warren

Ben Warren

Software Engineer, Cisco
Ben has spent the last 20 years toiling in the world of embedded systems. He's currently in Cisco's computing group, looking at interesting ways to deploy virtualized appliances.


Tuesday December 11, 2018 1:45pm - 2:20pm
2 A/B

1:45pm

Cloud Native Transformation - Pavel Nikolov & Matt Hope, Fairfax Media
This is a story about a 185-year-old publishing company which goes through cloud native transformation. In less than a year the team manages to switch from releasing their monolith monthly to releasing their microservices many times a day. Pavel will describe the process of adopting more than half of the CNCF incubating projects, creating hundreds of Kubernetes namespaces in multiple clusters, while ensuring excellent automation and observability practices. And with all this, the vast majority of developers in the team do not need to use kubectl, helm or anything other than git and chat bots. Damian will talk about what this transformation means for the business and how it affects the company culture.

Speakers
avatar for Matt Hope

Matt Hope

Principal Systems Engineer, Fairfax Media
Matt is a Principal Systems Engineer at Fairfax Media, the company behind some of Australia’s oldest and most widely read news publications, such as the Australian Financial Review, Sydney Morning Herald and The Age. | | Matt has been working with IT Infrastructure for the past... Read More →
avatar for Pavel Nikolov

Pavel Nikolov

Principal Software Engineer, Fairfax Media
Pavel is a Principal Software Engineer at Fairfax Media. During his 13 years of professional experience he has worked on front end projects, backend services, data streaming solutions, as well as distributed systems with many thousands of requests per second. |   | Pavel is interested... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
4C 1/2
  • Skill Level Any

1:45pm

Kubernetes and The GitOps Face-Off - Ricardo Aravena & Javeria Khan, Branch Metrics
During the last year, we have seen how Kubernetes GitOps has made organizations rethink CI/CD from storing all declarative aspects in git, reducing the use of manual kubectl commands and managing deployments using PRs.

In this talk, we will review some of the more popular GitOps open source tools such as Flux, Gitkube, Draft, and Skaffold, and how they work in real-world production environments. We'll give the side by side comparisons. Which one is better for the GCP, Azure or AWS? How do you integrate them with container building tools such as Kaniko, img, etc? Which ones are easier for developers to use in local environments?

By the end of the session, the audience will have a good understanding of the pros and cons of each these tools and how leverage templates such as the Kubernetes operator pattern to quickly deploy them in production ready environments.

Speakers
avatar for Ricardo Aravena

Ricardo Aravena

Sr Data Ops Engineer, Branch Metrics
Ricardo currently works at Branch as a Sr Data Ops Engineer, automating everything in containers using open source and lately involved in the Kata Containers community. He has been working in tech for more than 18 years and comes from a diverse professional background, having been... Read More →
avatar for Javeria Khan

Javeria Khan

Senior System Engineer, Branch Metrics
Javeria Khan is a Senior Systems Engineer at Branch Metrics. While an electrical engineer by degree, she has been working in the software & systems domain for the past 5 years. In her current position, she is responsible for architecting and supporting a multi-region cloud infrastructure... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
606-609

1:45pm

Exploring Our User-Base Challenges: Getting Insight From StackOverflow‍ - Javier Salmeron, Bitnami
Kubernetes has become the de-facto container orchestration system that developers and system administrator use to go Cloud-Native. As more users adopt Kubernetes, supporting those users has become a critical need. Stackoverflow has been since the inception the place where to get support, even though other channels like Slack are also heavily used. It should not be surprising that the amount of questions in StackOverflow has increased by more than 800% in only two years. Getting to know our users, understand their pain points and and use cases is the best way to improve the ecosystem. In this talk we will show some deep analysis of Stackoverflow questions. We will show the major trends and describe the major pain points felt by our users. We will also discuss the most common use cases discovered and the most familiar tools that people use in combination with k8s.

Speakers
avatar for Javier Salmeron

Javier Salmeron

Engineer, Bitnami
Javier has a PhD in Computer Engineering. Has worked for several years in both researching and teaching the application of cloud-native technologies to High Performance Computing.As an officially certified Kubernetes administrator, he also provides Kubernetes trainings, from very... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

1:45pm

Using a Managed Kubernetes Service in the Enterprise - Sujit D'Mello & Daniel Selman, Microsoft
All the major cloud providers have managed Kubernetes services such as GKE (Google Cloud Platform), EKS (Amazon Web Services) and AKS (Microsoft Azure). These managed services aim to provide you a Kubernetes environment which is mostly managed by the cloud vendor.

Unfortunately, these services do not give you much access to the underlying Kubernetes cluster resources. You are limited to using the kubectl command. While convenient, Enterprises often have demanding functional and operational requirements to meet compliance or corporate standard needs. Some of these are:

- Custom logging and monitoring
- Anti-malware
- Specific networking and zoning
- Custom CA certificates and cipher suites
- Custom host files
- Externalizing configuration
- Etc.

We will show you how you can meet these Enterprise requirements with creative use of Kubernetes constructs and container initialization!

Speakers
avatar for Sujit D'Mello

Sujit D'Mello

Principal Consultant, Microsoft
Sujit D'Mello is a Principal Consultant with Microsoft where he helps large Enterprises take advantage of the cloud. With over 25 years of experience, he focusses on Cloud Architecture, application development and security and compliance. He has spoken in many internal conferences... Read More →
avatar for Daniel Selman

Daniel Selman

Kubernetes Consultant, Microsoft
Daniel Selman is a Kubernetes consultant with Microsoft where he helps Enterprises adopt Kubernetes services in the cloud. He focuses on Security and Infrastructure needs and has a passion for developing unique enterprise solutions using native Kubernetes Constructs. Daniel has spoken... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
Ballroom 6A

1:45pm

Scaling AI Inference Workloads with GPUs and Kubernetes - Renaud Gaubert & Ryan Olson, NVIDIA
Deep Learning (DL) is a computational intense form of machine learning that has revolutionize many fields including computer vision, automated speech recognition, natural language processing and artificial intelligence (AI).

DL impacts every vertical market from automotive to healthcare to cloud, as a result, the training and deployment of Deep Neural Networks (DNNs) has shifted datacenter workloads from traditional CPUs to AI-specific accelerators like NVIDIA GPUs.

Leveraging several popular CNCF projects such as Prometheus, Envoy, and gRPC, we will demonstrate an implementation of NVIDIA’s reference scale-out inference architecture, capable of delivering petaops per second of performance.

This is a new and challenging problem in the datacenter and we will discuss these challenges and ways to optimize for service delivery metrics (latency/throughput), cost, and redundancy.

Speakers
avatar for Renaud Gaubert

Renaud Gaubert

Lead Kubernetes Engineer, NVIDIA
Renaud Gaubert has been working since 2017 at NVIDIA on making GPU applications easier to deploy and manage in data centers. He focuses on supporting GPU-accelerated machine learning frameworks in container orchestration systems such as Kubernetes and Docker swarm. | | He is an... Read More →
avatar for Ryan Olson

Ryan Olson

Solutions Architect, NVIDIA
Ryan Olson is a Solutions Architect in the Worldwide Field Organization at NVIDIA. His primary responsibilities involve supporting deep learning and high performance computing applications. Ryan is particularly interested in scalable software design that leverages the unique capabilities... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
611-614

1:45pm

Intro: Envoy - Matt Klein & Constance Caramanolis, Lyft
In this intro to Envoy, Constance will conduct a live demo in which she: - Builds a simple Envoy configuration and explains what each component does. - Runs the configuration using the Envoy docker container. - Sends traffic through Envoy. - Provides an overview of Envoy's observability and administration output. - Covers additional resources for further learning.

Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Lyft
Constance Caramanolis is a Software Engineer at Lyft working on the Server Networking team. For the past two years, she has built and deployed Envoy and its ecosystem. Constance focuses on configuration management, network security and engineering education. In addition, she is an... Read More →
avatar for Matt Klein

Matt Klein

Software Engineer, Lyft


Tuesday December 11, 2018 1:45pm - 2:20pm
602-604
  • Skill Level Any

1:45pm

Intro: Kubernetes SIG Multicluster - Daneyon Hansen, Cisco, Quinton Hoole & Irfan Ur Rehman, Huawei
SIG-Multicluster is focused on solving common challenges related to the management of multiple Kubernetes clusters, and applications that exist therein. We are responsible for designing, discussing, implementing and maintaining API’s, tools and documentation related to multi-cluster administration and application management. This includes not only active automated approaches such as Cluster Federation, but also those that employ batch workflow-style continuous deployment systems like Spinnaker and others. Standalone building blocks for these and other similar systems (for example a cluster registry), and proposed changes to kubernetes core where appropriate are in scope. In this intro we will give you an overview of the projects we're currently actively working on, how best to get involved, and what our future plans look like.

Speakers
avatar for Daneyon Hansen

Daneyon Hansen

Principal Software Engineer, Cisco
Daneyon is a software engineer at Cisco responsible for developing distributed applications. As part of the Cloud CTO Office, Daneyon focuses on contributing to emerging cloud computing technologies such as Kubernetes, Istio and others.
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President 技术副总裁, Huawei
Quinton is currently Technical Vice President of Cloud Computing at Huawei. Previously he spend five years at Google, where he was an Engineering Lead on the Kubernetes team, and Technical Lead and Manager of Ads Serving SRE. He was also the founding engineer of the Amazon EC2 cloud... Read More →
IU

Irfan Ur Rehman

Senior Engineer 高级工程师, Huawei
Irfan is a senior engineer with Huawei Technologies and is currently associated with the cloud platforms team. In his current role he is part of the engineering group that works as a bridge between the kubernetes open source project and Huawei's adaptation of the same in its cloud... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
615-617
  • Skill Level Any

1:45pm

Intro: Release SIG - Tim Pepper, VMware & Aishwarya Sundar, Google
You could be a member of the Release Team. Yes, you! This interactive session will feature discussion with members of SIG Release's subproject release teams for 1.13 and 1.12. We will describe how Kubernetes project volunteers manage the quarterly release cadence of the project. We will give an overview of the release process and release team and how these combine across all of the kubernetes SIGs with the goal of producing high quality Kubernetes releases on a reliable schedule. And we will highlight the opportunities for both new and experienced community members (like you!) to get involved.

Speakers
avatar for Tim Pepper

Tim Pepper

Open Source Technology Center 开源技术中心, VMware
Tim is a software engineer with over 20 years open source development experience. He is currently a member of VMware’s Open Source Technology Center acting as an open source developer advocate and contributing to upstream projects such as Kubernetes, where most recently he’s served... Read More →
avatar for Aishwarya Sundar

Aishwarya Sundar

GKE /OSS Test Engineer, Google
I am Test Engineer with Google in the GKE/OSS EngProd team. I work on improving and maintaining test coverage, tooling and infra. A newbie in the k8s world and quickly ramping up.



Tuesday December 11, 2018 1:45pm - 2:20pm
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

1:45pm

Intro: Telepresence - Rafael Schloming, Datawire & Adnan Abdulhussein, Bitnami
How do you set up a productive development environment on Kubernetes? With microservices and cloud databases, creating a local development environment is very complex. In this talk, we’ll cover the different approaches to developing services on Kubernetes. We’ll then introduce Telepresence and show how it can be used to enable local development of Kubernetes services. We’ll cover how Telepresence is used for real-world development of the Kubeapps project. We’ll take a peek under the hood to show how Telepresence works. We’ll finally wrap with a discussion of the Telepresence roadmap.

Speakers
avatar for Adnan Abdulhussein

Adnan Abdulhussein

Software Engineer, Bitnami
Adnan Abdulhussein is a Software Engineer at Bitnami, where he works on building tools to make apps easier to run on Kubernetes. He contributes to the Kubernetes community as a co-chair of SIG-Apps and a core maintainer of the Helm project. Adnan is passionate about cloud-native infrastructure... Read More →
avatar for Rafael Schloming

Rafael Schloming

Co-founder and Chief Architect, Datawire
Rafael Schloming is Co-founder and Chief Architect of Datawire. He is a globally recognized expert on messaging and distributed systems and a spec author of the AMQP specification. He has spoken on microservices at numerous technical conferences including ApacheCon, the O’Reilly... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
618-620
  • Skill Level Any

1:45pm

Intro: TUF/Notary - Justin Cappos, NYU & Justin Cormack, Docker
Software distribution and packaging systems are rapidly becoming the weak link in the software lifecycle. This talk provides an accessible overview of two CNCF projects (Notary and TUF), that provide what has been roundly described as the most secure mechanism for distributing software. Notary, which implements the TUF specification, signs and transparently validates metadata to enable the system to recover from the compromise of servers, theft of keys, insider attacks, etc. Notary / TUF are surprisingly easy to use and used to provide cutting edge security not only across major cloud companies, but a diverse set of adopters, including automobiles. WARNING: Attending this talk may cause (justifiable) fear in the software update mechanism on your devices!

Speakers
avatar for Justin Cappos

Justin Cappos

Professor, NYU
Justin Cappos is a professor in the Computer Science and Engineering department at New York University. His research includes the TUF project (which is hosted by the Linux Foundation / CNCF), which provides a compromise-resilient mechanism for the secure distribution of software... Read More →
avatar for Justin Cormack

Justin Cormack

Security Engineer, Docker
Justin Cormack is a security engineer at Docker. He has worked on runc, container isolation policies, virtualisation and container security, and knows his way around the Linux kernel and the container stack.


Tuesday December 11, 2018 1:45pm - 2:20pm
3 A/B
  • Skill Level Any

1:45pm

Highly Available Kubernetes Clusters - Best Practices - Meaghan Kjelland & Karan Goel, Google
Everyone running a Kubernetes cluster in production wants reliability and high availability. Many clusters may implement a multi-master setup, but often this is not enough to consider a cluster highly available.

So how can you truly achieve a highly available, highly reliable, and multi-master kubernetes cluster? In this talk, we will cover exactly that. The audience will walk away with a solid understanding of what HA is, what failure domains should be considered based on their level of risk tolerance, and actionable knowledge that they can implement in their own organizations. This talk will include examples and lessons learned implementing HA in GKE and for the open source cluster-api, but we will focus on using this knowledge in a vendor and environment neutral way.

Speakers
avatar for Karan Goel

Karan Goel

Software Engineer, Google
Karan Goel is a software engineer on the Cluster Lifecycle team at Google in Seattle, working on GKE On-Prem. Before that he worked on App Engine Flexible Environment to help developers build scalable apps without thinking about infrastructure. Prior to that, he was an undergrad at... Read More →
avatar for Meaghan Kjelland

Meaghan Kjelland

Software Engineer, Google
Meaghan is a software engineer on the GKE cluster lifecycle team at Google. She is currently working on building tools that make it easy to manage the lifecycle of a Kubernetes cluster in on-premise environments. Before joining the GKE team, she worked on another team at Google building... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
Ballroom 6E

1:45pm

Water, Water, Everywhere: Making Kubernetes Audit Logs Potable - Kate Kuchin, Heptio
Audit logging in Kubernetes is a powerful tool that grants Kubernetes operators more insight into their clusters. Audit logs can tell us what happened in our clusters, when it happened, who did it, what resources were affected, and more. The problem is, even a fairly stagnant Kubernetes cluster generates millions of audit logs per week. And it's up to us to distill value out of what is largely just noise.

So, how can we isolate important audit events to better understand what's going on in our clusters?

In this session, we'll first go over what Kubernetes audit logs are and what information they provide. We'll then do a live a demo of getting audit set up on a cluster, and inspect the raw logs that are generated. And finally, we'll talk about strategies for pulling useful information out of the deluge, so we can make sense of these millions of audit logs glean actionable insights.

Speakers
avatar for Kate Kuchin

Kate Kuchin

Senior Systems Software Engineer, Heptio
Kate is a Senior Software Engineer at Heptio, where she works on the UX team to build tools to make Kubernetes easier to adopt and use. She started her career at Google, where she worked on the Consumer Operations team of (the now sadly defunct) orkut. She has since worked at startups... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
4C 3/4
  • Skill Level Any

1:45pm

What's Next for etcd Cluster Management? - Gyuho Lee, Amazon Web Services & Sam Batschelet, Red Hat
etcd allows for distributed systems to be built using its provided primitives, but etcd itself is a distributed system. Let’s dig in and see what it takes to make that happen: whether it’s bootstrapping a three-node cluster or expanding from a single node to five. Finally, we’ll look at what improvements could be made to make cluster management easier in future versions.

Speakers
avatar for Sam Batschelet

Sam Batschelet

Software Engineer, Red Hat
Sam is a Software Engineer with a focus on distributed systems, automation, and container orchestration. He is an active open source contributor and an etcd maintainer.
avatar for Gyuho Lee

Gyuho Lee

Software Developer Engineer, Amazon Web Services
Gyuho is working on AWS EKS and a lead etcd maintainer. He loves to talk about distributed systems, and is passionate about making complex systems easier to understand.



Tuesday December 11, 2018 1:45pm - 2:20pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

1:45pm

Recent Advancements in Container Isolation - Tim Allclair & Adin Scannell, Google
Container orchestration enables higher bin-packing and utilization of machines, but native linux containers do not offer the same degree of isolation between workloads as separate VM instances can. Attackers could abuse this lack of isolation to move through a Kubernetes cluster after gaining a foothold in a container. Fortunately, there are many tools in the defenders’ toolbox that can be applied across multiple levels of the stack.

In this survey talk, we will look at several recent or upcoming advancements in container isolation. You will learn about new kernel features, several "sandboxing" approaches, and features being developed in Kubernetes to harden the Pod and Node boundaries. After the talk you will have a better understanding of how to secure your Kubernetes applications and clusters with the latest features.

Speakers
avatar for Tim Allclair

Tim Allclair

Software Engineer 软件工程师, Google
Tim Allclair joined the Kubernetes project with Google just after the 1.0 launch in 2015. He co-chairs sig-auth, is an active sig-node contributor, and a member of the Kubernetes Product Security Team (responsible for responding to vulnerabilities in Kubernetes). His most recent charter... Read More →
AS

Adin Scannell

Software Engineer, Google
Adin Scannell is a Software Engineer at Google, where he leads the gVisor team and focuses on container security and isolation. Adin has been virtualizing things for a while: he was previously co-founder and CTO at Gridcentric, which pioneered rapid virtual machine cloning technology... Read More →



Tuesday December 11, 2018 1:45pm - 2:20pm
Ballroom 6C
  • Skill Level Any

1:45pm

Tutorial: Hands-on Gitops - Brice Fernandes, Weaveworks (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

In this hands-on tutorial, Brice Fernandes from Weaveworks will go through setting up and using a Gitops pipeline to manage a Kubernetes cluster. This will include setting up monitoring and metric visualisation as well as managing the monitoring configuration using Gitops.

After taking this tutorial, attendees will be able to:
* Set up their own Gitops pipeline to manage their kubernetes cluster
* Compare the desired state of a Kubernetes cluster against the actual state
* Deploy Prometheus and Grafana to a Kubernetes cluster
* Set up a continuous deployment pipeline for Kubernetes workloads

Attendees should:
* Know of kubernetes and the kubectl command line.
* Be comfortable with Git
* Be comfortable with the Unix command line

No preparation needed. Attendees will be provided with an online environment to use during the tutorial. Bring a laptop with a modern browser.

Speakers
avatar for Brice Fernandes

Brice Fernandes

Software Engineer, Weaveworks
Brice fell in love with programming while studying physics and never really looked back since. He has a broad technology background that covers everything from embedded C to backendless browser apps using the trendiest javascript frameworks. He taught Game Development and Functional... Read More →



Tuesday December 11, 2018 1:45pm - 3:10pm
Skagit 4/5 @ TCC The Conference Center (TCC) - Separate from WSCC building

1:45pm

Tutorial: KataContainers the Hard Way: Kubernetes + containerd + KataContainers - Lei Zhang, Alibaba & Xu Wang, HyperHQ (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

Are you ready for KataContainers in Kubernetes? This tutorial includes sub-topics: 1. Install Kubernetes with kubeadm + custom container runtime. 2. Install containerd with CRI support. 3. Plug-in KataContainers as containerd runtime with shimv2 4. Use RuntimeClass to handle multiple runtimes 5. Setup Node e2e tests for cluster validation 6. Install CNI networking for KataContainers 7. Persistent storage plugins for KataContainers. 8. Deep dive into KataContainers features and highlights. 9. Pros & Cons of this deployment.

Audiences will learn about benefits of KataContainers, and, the best practices of using KataContainers to secure and enabling hard multi-tenancy in Kubernetes cluster, how to manage multiple container runtimes on same node, and learn about the latest updates of KataContainers from its maintainers.

A pre-prepared small cluster (either VMs or baremetal) is expected.

Speakers
avatar for Xu Wang

Xu Wang

CTO, HyperHQ
Xu Wang is the CTO and Cofounder of Hyper HQ, and an initial member of Kata Containers Architecture Committee. HyperHQ created hypervisor-based open source container runtime runV (secure as VM, fast as container). runV merged with clear containers from Intel, and become Kata Containers... Read More →
avatar for Lei Zhang

Lei Zhang

Staff Engineer, Alibaba
Lei (Harry) Zhang is a member and co-maintainer of Kubernetes project, mainly focus on CRI, scheduling, resource management and hypervisor based container runtime. Lei was once a member of KataContainers/Hyper team, and a visiting Researcher at Microsoft Research (MSR). Lei now working... Read More →



Tuesday December 11, 2018 1:45pm - 3:10pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building

1:45pm

Tutorial: Kubeflow End-to-End: GitHub Issue Summarization - Michelle Casbon & Amy Unruh, Google (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

Kubeflow is an OSS machine learning stack that runs on Kubernetes.
In this session, you will learn how to install and use Kubeflow to support a full ML workflow.

You'll build an automatic summary generator using a public dataset of GitHub Issues. In the process, you'll install Kubeflow from scratch, preprocess your dataset, then perform training of a TensorFlow NLP model. You'll then evaluate your trained model, serve it, and interact with the prediction endpoint from a web front-end.

You will become familiar with Google Cloud Platform and OSS tools and services such as Apache Beam, TFX, Cloud Shell, Kubernetes Engine, Cloud Storage, and Container Registry. All components are built from source in the Kubeflow Examples repository and are directly transferable to other environments (local, on-prem, and other cloud providers).

Prerequisite: familiarity with Kubernetes.

Moderators
SG

Steve Greenberg

Tutorial Assistant, Google
GG

Gonzalo Gasca Meza

Tutorial Assistant, Google

Speakers
avatar for Michelle Casbon

Michelle Casbon

Senior Engineer, Google
Michelle Casbon is a Senior Engineer on the Google Cloud Platform Developer Relations team, where she focuses on open source contributions and community engagement for machine learning and big data tools. Prior to joining Google, she was at several San Francisco-based startups as... Read More →
AU

Amy Unruh

Developer Relations Engineer, Google
Amy Unruh is a Developer Relations Engineer for the Google Cloud Platform, where she focuses on machine learning and data analytics as well as other Cloud Platform technologies. Amy has an academic background in CS/AI, has worked at various startups and R&D labs, and published a book... Read More →



Tuesday December 11, 2018 1:45pm - 3:10pm
Yakima 1 @ TCC The Conference Center (TCC) - Separate from WSCC building

2:30pm

2:35pm

Connecting and Testing Virtual Network Topologies on Kubernetes - Rich Renner & Gage Orsburn, One Source Integrations
Today's complex, agile networking setups demand the same CI/CD and automated testing support as user-facing applications have. But you can't simulate an entire networking topology with Kubernetes. Or can you?

The declarative approach of Kubernetes makes it simple to recreate and orchestrate distributed applications for continuous integration. In this session we are going to talk about how we used L2 device plugins to wire up the different parts of our applications. And how KubeVirt allowed us to even test pre-existing virtual network appliances in the very same setup.

This setup enables entire enterprise topologies to be modeled and validated before released into production.

Speakers
avatar for Gage Orsburn

Gage Orsburn

Software Architect, One Source Integrations
One Source Integrations | Contribute to kubevirt | speaking for shares at Cisco Systems.
avatar for Rich Renner

Rich Renner

Solutions Architect, One Source Integrations
One Source Integrations | Working to contribute / test kubevirt where needed for our use case | As a consultant and trainer to various companies, previously as an internal resource at Cisco Systems.



Tuesday December 11, 2018 2:35pm - 3:10pm
Ballroom 6E
  • Skill Level Any

2:35pm

Intro: Knative Productivity BoF - Srinivas V. Hegde & Adriano Cunha, Google
Knative is Kubernetes based platform to build, deploy and manage modern serverless workloads, it extends Kubernetes to provide a set of middleware components that are essential to build modern, source-centric, and container-based applications that can run anywhere. The project has 8 repositories on GIT and has hundreds of contributors actively working on its repos on daily basis, which makes productivity super critical so that every contributor’s time is well spent and quality of code is ensured. This talk gives an overview of how contributor productivity is achieved for Knative from 4 dimensions: test health, release health, metrics, and performance. We will go over test infrastructures in place to show how it makes writing and running tests is an easy and pleasant experience for contributors. We will explain how release is done in automated and predictable fashion, and what thoughts have gone into release design so that it also benefits other Knative personas. We will go over a set of metrics defined for Knative project health, show how we measure and track metrics at ongoing basis to drive up project health overall. We will also look at performance and explain what type of infrastructure has been built to support perf/scale/load testing.

Speakers
avatar for Adriano Cunha

Adriano Cunha

Software Engineer, Tools and Infrastructure, Google
Adriano Cunha is a software engineer at Google, focusing on tools, infrastructure and engineering productivity. He's currently working on Knative and Google Serverless product, but his previous work at Google include Identity & Authentication and Google Play in the past 8 years... Read More →
avatar for Srinivas V. Hegde

Srinivas V. Hegde

Software Engineer - Tools & Infrastructure, Google
Srinivas has been working on Knative tools and infrastructure to improve contributor productivity since early days. Prior to Knative, Srinivas worked on Google App Engine team focusing on  productivity challenges and solutions. Before Google, Srinivas worked at Microsoft on Office... Read More →



Tuesday December 11, 2018 2:35pm - 3:10pm
618-620
  • Skill Level Any

2:35pm

The Evolution of the AppDirect Kubernetes Network Infrastructure - Pierre Lacerte & Alex Gervais, AppDirect
In this talk, we’ll discuss the joys and pain the drove the evolution of the AppDirect ingress architecture, from NodePorts, to HAProxy/Consul, and ultimately to the open source Ambassador API Gateway. At AppDirect, we run 12 Kubernetes clusters, handling thousands of requests/minute, and we rely on our gateway to provide key cross-cutting concerns like authentication, rate limiting and observability. Join us to learn about how both development and ops teams use Ambassador, and how this acts as a control plane to the underlying Envoy data plane, which, for example, allows us to specify routing and rate limiting via Kubernetes annotations. We’ll also talk about our ingress roadmap and the planned future for the API Gateway as AppDirect scales.

Speakers
avatar for Alex Gervais

Alex Gervais

Staff Software Developer, AppDirect
Outdoorsy, data-driven, eternal student, not so geeky creative entrepreneur and traveler. Alexandre is a curious, introverted and humble character. Working by day as a Staff Software Developer at AppDirect he has many years of savoir-faire building full-stack systems from cloud infrastructures... Read More →
avatar for Pierre Lacerte

Pierre Lacerte

Director Engineering, AppDirect
Pierre is a Director of Software Development at AppDirect and currently leads the Platform and Data & Analytics teams. After receiving a B.Ing Computer Engineering from Université de Sherbrooke, he worked as a full stack engineer at Morgan Stanley for 5 years. In 2014, he joined... Read More →



Tuesday December 11, 2018 2:35pm - 3:10pm
4C 1/2

2:35pm

Migrating Jenkins to Kubernetes Broke Our Brains - Jonathan Hess & Loren Trout, SAP
Trying to migrate Jenkins to Kubernetes broke our brains. We migrated our Jenkins-based build system from plain VMs + Chef to Kubernetes running on VMs in our SAP corporate datacenter. Here is how we did it so that you can too.

We will walk through some of the nitty-gritty details to build a Kubernetes cluster from scratch on virtual machines, walking through our open-source example repo:

Provisioning the Cluster:
* building a solid cluster with kubeadm
* preparation of the underlying OS
* how to keep the base machines clean
* system and application monitoring

Running Jenkins on Kubernetes safely:
* our helm charts + shell scripts
* sizing the pods for builds
* persistent volumes and backups

Additionally, we will discuss some of the lessons we discovered along the way:
* What problems got solved migrating Jenkins to K8s?
* Lessons for other legacy apps

Speakers
avatar for Jonathan Hess

Jonathan Hess

Software Engineer, SAP
Jonathan Hess is a versatile software engineer with 20 years of experience designing and building software for the cloud, enterprise, mobile and IoT. He is currently building the cloud infrastructure for the SAP Commerce Cloud. Prior to SAP, he was an engineer at Pinterest, building... Read More →
avatar for Loren Trout

Loren Trout

Devops Engineer, SAP
Loren Trout is a resourceful DevOps systems engineer with 20 years of experience designing and implementing systems for the enterprise around the globe. He is currently working on API integrations that run with-in the Kubernetes environment cloud infrastructure for the SAP Commerce... Read More →



Tuesday December 11, 2018 2:35pm - 3:10pm
606-609

2:35pm

Panel Discussion: Community Building from Scratch: Sharing Experience of CNCF and K8s Meetups – Moderated by Mars Toktonaliev, Nokia
CNCF helps volunteers with organizing meetups all around the world. This session will share our experiences of building communities around Kubernetes, containers and cloud-native projects. Covered topics include where to get speakers, what talks got the most attention, how to promote events and get more people to participate etc.

Moderators
avatar for Mars Toktonaliev

Mars Toktonaliev

CloudRAN system engineer, Nokia
Mars is 5G CloudRAN engineer at Nokia. He also runs Dallas Kubernetes meetup group.

Speakers
avatar for Cheryl J Hung

Cheryl J Hung

Director of Ecosystem, CNCF
Cheryl is the Director of Ecosystem at the CNCF. Her mission is to make end users successful and productive with cloud native technologies such as Kubernetes and Prometheus. In addition to being a prolific public speaker, she founded and runs the Cloud Native London meetup. | | Previously... Read More →
avatar for Lucas Käldström

Lucas Käldström

CNCF 代表, Independent
Lucas is a passionate Kubernetes subproject owner and approver that is excited about all things cloud native. Lucas has been engaged in Kubernetes work for over three years now and been involved in work like porting Kubernetes to multiple platforms, getting minikube off the ground... Read More →
avatar for Diane Mueller

Diane Mueller

Director, Community Development, Red Hat
Director, Community Development at Red Hat | co-chair, Operator Framework SIG | co-chair, OpenShift on Machine Learning SIG | organizer, OpenShift Commons Gathering
avatar for Takuya Noguchi

Takuya Noguchi

Tech Lead, Japan Digital Design
Takuya is a tech lead/software engineer to make digital transformation in retails and financial services with new DevOps practices. He is also a GitLab Core team memeber, leads/supports many communities including Docker/Kubernetes/Prometheus/Cloud Native-related meetups and has a... Read More →


Tuesday December 11, 2018 2:35pm - 3:10pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

2:35pm

Public Technical Oversight Committee (TOC) Meeting – Moderated by Liz Rice, Aqua Security
The Technical Oversight Committee (TOC) provides technical leadership to the cloud-native community. The CNCF will host a public TOC meeting, inviting the community to discuss the project roadmap for 2018, the upcoming TOC Election Schedule for 2018, along with holding an open Q&A for the community with TOC members.

Moderators
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →

Speakers
JB

Jonathan Boulle

nStack
Jonathan works at nStack and is an advisor to CoreOS. He previously worked at Twitter building out datacenters and developing their application container and orchestration systems based around Mesos. He’s been heavily involved in container standardisation efforts like the App Container... Read More →
avatar for Bryan Cantrill

Bryan Cantrill

CTO, Joyent
Bryan Cantrill is the CTO at Joyent, where he oversees worldwide development of the SmartOS and SmartDataCenter platforms, and the Node.js platform.Prior to joining Joyent, Bryan served as a Distinguished Engineer at Sun Microsystems, where he spent over a decade working on system... Read More →
avatar for Brian Grant

Brian Grant

Principal Engineer, Google
Brian is the co-Technical Lead of Google Kubernetes Engine, co-Chair of Kubernetes SIG Architecture, Kubernetes API approver, Kubernetes Steering Committee member, and CNCF Technical Oversight Committee member, where he's sponsored 11 CNCF projects (not including Kubernetes). His... Read More →
avatar for Ben Hindman

Ben Hindman

Mesosphere Founder - Apache Mesos Co-Creator, Mesosphere
Ben is one of the creators of Apache Mesos, a platform for building and running resource-efficient distributed systems at scale. Ben started working on Mesos as a PhD student at Berkeley before he brought it to Twitter where it runs on thousands of machines. An academic at heart... Read More →
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President 技术副总裁, Huawei
Quinton is currently Technical Vice President of Cloud Computing at Huawei. Previously he spend five years at Google, where he was an Engineering Lead on the Kubernetes team, and Technical Lead and Manager of Ads Serving SRE. He was also the founding engineer of the Amazon EC2 cloud... Read More →
avatar for Ken Owens

Ken Owens

Vice President, Digital Native Architecture, Mastercard
Ken Owens is the Vice President for Digital Native Architecture at Mastercard. He was previously the CTO of Cloud Native Platforms at Cisco, where he was responsible for creating and communicating technical/scientific vision and strategy for Cisco’s cloud native technologies. He... Read More →
avatar for Alexis Richardson

Alexis Richardson

Founder & CEO, Weaveworks
Alexis is the co-founder and CEO of Weaveworks. He is also the chairman of the TOC for CNCF, and the co-founder of the Coed:Code meet ups. | | Previously he was at Pivotal, as head of products for Spring, RabbitMQ, Redis, Apache Tomcat and vFabric. Alexis was responsible for resetting... Read More →


Tuesday December 11, 2018 2:35pm - 3:10pm
4C 3/4
  • Skill Level Any

2:35pm

Peloton - A Unified Scheduler for Web-scale Workloads on Mesos & Kubernetes - Min Cai & Nitin Bahadur, Uber
Efficient use of cluster resources is important for web-scale companies like Uber. Those companies require large-scale clusters for stateless, stateful and batch jobs. Today, web-scale companies have built custom schedulers on top of Mesos due to lack of viable open-source solutions. Kubernetes has gained lots of momentum in recent years but lacks the scale and efficiency needed by web-scale companies.

This talk introduces Peloton - A unified scheduler for mixed workloads that is horizontally scalable to 10K+ nodes and millions of containers. It has an extensible architecture and supports both Mesos and Kubernetes. Peloton manages compute resources more efficiently and guarantees hierarchical max-min fairness for different teams. It provides a seamless path for companies on Mesos to adopt Kubernetes. Peloton is also cloud agnostic and can be run on-prem or in any public Cloud.

Speakers
avatar for Nitin Bahadur

Nitin Bahadur

Head Compute Cluster Infrastructure, Uber
Nitin Bahadur heads the Compute Cluster team at Uber where he is responsible for managing & scaling Uber’s compute infrastructure across various geographies. Uber’s goal is to have all kinds of workloads run on a common high-performing compute platform and Nitin’s team is working... Read More →
avatar for Min Cai

Min Cai

Sr. Staff Engineer, Uber
Min Cai is a Staff Engineer in Compute Platform team at Uber working on all-active datacenters, cluster management and micro-service deployment systems. He received his Ph.D. degree in Computer Science from Univ. of Southern California. Before joining Uber, he was a Sr. Staff Engineer... Read More →



Tuesday December 11, 2018 2:35pm - 3:10pm
Ballroom 6A

2:35pm

Machine Learning Model Serving and Pipeline Using KNative - Animesh Singh & Tommy Li, IBM
Lifecycle support— including continuous development, training, testing, and deployment of machine learning models—and continuous integration (CI) for AI applications is still in its infancy. We need a solution that enables end-to-end automation of data preparation and model deployment pipelines.

In this talk we are going to show how to leverage KNative components to create an event driven AI pipeline. We will leverage OpenWhisk and Kubernetes to provide an event driven platform, and Istio for traffic management and observability to construct a pipeline which will provide interfaces to various open source tools: model training, validation. serving platforms on Kubernetes

We will show how we can leverage this AI pipeline to train using advanced batch scheduling in Kubernetes, automate A/B tests and canary testing of models, monitoring concept drifts and accuracy losses etc.

Speakers
avatar for Tommy Li

Tommy Li

Software Developer, IBM
Tommy Li is a software developer in IBM focusing on Cloud, Kubernetes, and Machine Learning. He is one of the Fabric for Deep Learning’s main contributors and worked on various developer code patterns on Kubernetes, Microservice, and deep learning application to provide use cases... Read More →
avatar for Animesh Singh

Animesh Singh

STSM, AI Platform, IBM
Animesh Singh is an STSM and lead for CODAIT and works with IBM Watson and Cloud Platform, where he leads machine learning and deep learning initiatives and works with communities and customers to design and implement deep learning, machine learning, and cloud computing frameworks... Read More →


Tuesday December 11, 2018 2:35pm - 3:10pm
611-614

2:35pm

Deep Dive: Envoy - Matt Klein & Constance Caramanolis, Lyft
This is an Envoy Q&A session where several maintainers will be available to discuss anything and everything. Come with your questions, concerns, feature requests, etc. and we will chat!

Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Lyft
Constance Caramanolis is a Software Engineer at Lyft working on the Server Networking team. For the past two years, she has built and deployed Envoy and its ecosystem. Constance focuses on configuration management, network security and engineering education. In addition, she is an... Read More →
avatar for Matt Klein

Matt Klein

Software Engineer, Lyft


Tuesday December 11, 2018 2:35pm - 3:10pm
602-604

2:35pm

Intro: Cloud Native Buildpacks – Terence Lee & Joe Kutner, Salesforce Heroku
You're great at running containers but you shouldn't have to be great at building them. In this talk, you'll learn about Cloud Native Buildpacks, a higher-level abstraction for building apps compared to Dockerfiles. 

Buildpacks are a standardized tool for creating images in a secure, reproducible, and efficient manner. As an app developer, you don't need to know best practices around ordering commands for layer reuse. As an operator, you don't need to worry about exposing developers to the responsibilities that come with Dockerfile.

Come learn how buildpacks meet developers at their source code, automate the delivery of both OS-level and application-level dependency upgrades, and help you efficiently handle day-2 app operations.

Speakers
avatar for Joe Kutner

Joe Kutner

Architect, Salesforce Heroku
Joe owns the Java Experience on the Salesforce Heroku cloud. He's the author of several titles from the Pragmatic Bookshelf, including The Healthy Programmer.
TL

Terence Lee

Principal Languages Engineer, Salesforce Heroku
Terence co-created buildpacks in 2011 at Heroku. Since then, he's owned the Ruby experience which has lead to work as the maintainer of Bundler, joining the Ruby core team, and the Ruby security team. Now, he works across all 6 supported languages on the platform.


Tuesday December 11, 2018 2:35pm - 3:10pm
615-617
  • Skill Level Any

2:35pm

Intro: CNCF Cross-Cloud CI - Denver Williams, Debian & Taylor Carpenter, Vulk Coop
The CNCF CI Working Group was asked to demonstrate best practices for integrating, testing, and deploying projects within the CNCF ecosystem across multiple cloud and bare metal providers. The Cross-Cloud CI project continually validates the interoperability of each CNCF project, for any commit on stable and head, running on Kubernetes clusters which are provisioned to all supported cloud providers. The results of each testing stage are published to the cncf.ci status dashboard. An Intro session will give an overview of the project, technologies used, a demo of the current status of the CI System and dashboard, and allow time for Q&A.

Speakers
avatar for Taylor Carpenter

Taylor Carpenter

Partner, Vulk Coop
Partner at Vulk Co-operative - http://vulk.coop Co-Lead Cross-Cloud CI project - http://crosscloud.ci OpsDev geek. Elixir and Ruby programmer. Father, book devourer, dark beer lover. I think the concept of a delightful user experience should be applied to all parts of life including... Read More →
DW

Denver Williams

Cross-Cloud Project Founder 跨云项目创始人, Debian



Tuesday December 11, 2018 2:35pm - 3:10pm
2 A/B
  • Skill Level Any

2:35pm

Intro: Contributor Experience SIG - Paris Pittman, Google & Elsie Phillips, Red Hat
We will be covering what contributor experience is, how we help the project, the projects we are current working on (if the talk were today: mentoring, automated workflows, new contributor onboarding, communication pipelines, etc.), and how folks can get involved

Speakers
avatar for Paris Pittman

Paris Pittman

DevRel Program Manager, Kubernetes Community, Google
Paris is a Developer Relations Program Manager on Google Cloud's Open Source Strategy team focusing on the Kubernetes Community. She is a co-chair of the special interest group for Contributor Experience and an organizer of Bay Area Kubernetes Meetup with 4,000 members. She has 14... Read More →


Tuesday December 11, 2018 2:35pm - 3:10pm
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

2:35pm

Intro: OpenStack SIG - Chris Hoge, OpenStack Foundation & David Lyle, Intel
SIG OpenStack coordinates the cross-community efforts of the OpenStack and Kubernetes communities. This includes coordinating improvements to and documentation of the OpenStack cloud provider implementation in Kubernetes as well as supporting efforts to deploy OpenStack itself using Kubernetes. Attend this session to learn more about the SIG's mission, recent accomplishments, and future plans.

Speakers
avatar for Chris Hoge

Chris Hoge

Strategic Program Manager, OpenStack Foundation
Chris Hoge is a Strategic Program Manager for the OpenStack Foundation. He works on collaborations between OpenStack and container development communities, including Airship, Kata Containers, and Kubernetes. He also administers the trademark program for the OpenStack Foundation, and... Read More →
avatar for David  Lyle

David Lyle

Senior Software Engineer, Intel
David Lyle works on cloud technologies as a Cloud Software Architect in Intel's Open Source Technology Center. David is primarily focused on Kubernetes and OpenStack.



Tuesday December 11, 2018 2:35pm - 3:10pm
3 A/B
  • Skill Level Any

2:35pm

Exploring Application Portability Across Public Cloud Providers Using K8s - Erin Boyd & Ivan Font, Red Hat
Application portability across hybrid clouds is a cornerstone of application deployment strategies. Kubernetes offers a vital abstraction across cloud providers’ infrastructure for using multiple clusters, but up until now there has not been a native Kubernetes experience for managing your clusters. With the advent of Kubernetes multi-cluster features such as Cluster Registry and Federation-v2, we now have a registry to store all your cluster endpoints with a control plane to support managing and migrating your applications across your hybrid cloud infrastructure. But what about your data? There’s a solution for that too in the shape of federated and stretch volumes. Come learn how Kubernetes multi-cluster features combined with federated & stretch volumes are used to migrate a simple reference application across public cloud providers.

Speakers
avatar for Erin A Boyd

Erin A Boyd

Senior Principal Software Engineer, Red Hat
Erin Boyd joined Red Hat to work on Big Data & Emerging Technologies in 2013 and now happily lives in the Office of the CTO working on emerging technologies. Since at Red Hat, she has worked on various Open Source projects with most recently contributing to the Kubernetes Storage... Read More →
avatar for Ivan Font

Ivan Font

Senior Software Engineer, Red Hat
Ivan Font is a Senior Software Engineer working on Emerging Technologies in Red Hat’s CTO Office. Ivan is a contributor to Kubernetes and a member of the Kubernetes Multi-Cluster Special Interest Group (SIG) where he is a core contributor of various Multi-Cluster projects. Besides... Read More →



Tuesday December 11, 2018 2:35pm - 3:10pm
Ballroom 6B
  • Skill Level Any

2:35pm

Debugging etcd - Joe Betz & Jingyi Hu, Google
Oh no, something’s wrong with my Kubernetes cluster! Was it something I did? Or maybe one of those controllers we installed? The answers might be hidden in the etcd’s logs or data files. We’ll walk through real-world examples of how to make sense of etcd logs and correlate issues back to the commands or controllers that initiated them. We’ll cover tools we use to get answers from etcd’s data files, what to look for, and how to quickly get a cluster healthy again.

Speakers
avatar for Joe Betz

Joe Betz

Software Engineer, Google
Joe Betz the lead engineer for etcd at Google, and an etcd project maintainer, Joe is directly responsible for the health and stability of the GKE etcd fleet and leads improvements to etcd via open source contributions. He actively contributes to Kubernetes, with a focus on the etcd... Read More →
avatar for Jingyi Hu

Jingyi Hu

Software Engineer, Google
Jingyi Hu is a Software Engineer for Google Cloud. He is an active contributor to etcd and Kubernetes.



Tuesday December 11, 2018 2:35pm - 3:10pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building

2:35pm

Hardening Kubernetes Setups: War Stories from the Trenches of Production - Puja Abbassi, Giant Swarm
When you run Kubernetes in production and at scale, you encounter many issues both on the infrastructure side as well as in user-space. Some of these issues come with time and increased usage and size of clusters as well as amount of workloads, some might only come once you go global and into regions that have vastly different technology landscapes like China.
This talk goes into detail on learnings from concurrently operating 100+ clusters for big enterprises in production on different clouds and data centers around the globe. Over the years we have fixed 100s of post mortems and want to share both operations and development best-practices that can help avoid the issues we ran into. A big focus of this talk is getting towards a hardened and reliable cluster setup and the handling of multi-tenancy in clusters that are used by a multitude of teams.

Speakers
avatar for Puja Abbassi

Puja Abbassi

Developer Advocate, Giant Swarm
Puja Abbassi is a Developer Advocate at Giant Swarm. He's passionate about bringing Cloud Native technologies to more developers and their companies around the globe. In Kubernetes he focuses on security and authentication and is a contributor to the CIS Kubernetes Benchmarks. Next... Read More →



Tuesday December 11, 2018 2:35pm - 3:10pm
Ballroom 6C

3:10pm

Coffee Break sponsored by Capgemini
Tuesday December 11, 2018 3:10pm - 3:40pm
Hall 4AB

3:40pm

Kubernetes Is Not For Developers and Other Things the Hype Never Told You - Taylor Thomas & Jordan Olshevski, Microsoft
As a new or experienced user of Kubernetes, you’ve likely heard someone say something similar to “Kubernetes will make things so much better for your developers!” In this talk, we will examine why Kubernetes is not a developer tool and cut through other common misconceptions. Along the way, we’ll learn how Kubernetes provides powerful abstractions for running and operating applications.

Luckily for us, there are many options for leveraging the abstractions Kubernetes provides to create a better developer experience. Drawing on real-life experience with Kubernetes at three large corporations, we will work through practical examples of using Helm, Draft, custom controllers, and other Kubernetes tools to build example platforms for empowering developers.

Speakers
avatar for Jordan Olshevski

Jordan Olshevski

Senior Software Engineer, Microsoft
Jordan Olshevski has spent most of his career working on distributed systems, and is currently working on Azure Kubernetes Service at Microsoft. Before joining Microsoft, he helped develop Nike's next generation runtime platform based on Kubernetes.
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Portland area and alternately curses... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
Ballroom 6E

3:40pm

Intro: Network Service Mesh BoF - Ed Warnicke, Cisco & Frederick F. Kautz IV, Red Hat
Network Service Mesh (NSM) is a novel approach solving L2/L3 network use cases in Kubernetes that are tricky to address with the existing Kubernetes Network Model. Inspired by Istio, Network Service Mesh maps the concept of a service mesh to L2/L3 payloads. Network Service Mesh enables a variety of types of Use Cases such as: * Connecting Pods to: -VPN Gateways -Non-Kubernetes virtual bridge domains -The *right* physical NIC or SR-IOV VF for their needs -Multiple-interfaces * Cloud-native NFV use cases Network Service Mesh controls the L2/L3 data planes to deliver these types of use cases. Network Service Mesh enables users to express the context of their network needs in a Cloud Native manner, rather than manually stringing together disjoint interfaces, IPAM, and subnets. Finally, we discuss how audience members can get involved and help drive the direction and development of NSM.

Speakers
FF

Frederick F. Kautz IV

Principal Software Engineer, Red Hat
Frederick Kautz is a Principal Software Engineer in the Office of Technology at Red Hat where he focuses on improving the overall state of container networking and container+SDN integration. Frederick is an active contributor to the Network Service Mesh project which is helping bring... Read More →
avatar for Ed Warnicke

Ed Warnicke

Ed Warnicke, Cisco
Ask Ed about Network Service Mesh and Cloud-native NFV. | | Ed has been working for over a decade in many areas of networking and Open Source. He has been a member of the OpenDaylight TSC since its inception, is a prolific contributor of code to multiple ODL projects and is the TSC... Read More →


Tuesday December 11, 2018 3:40pm - 4:15pm
602-604
  • Skill Level Any

3:40pm

Kubernetes at Reddit: An Origin Story - Greg Taylor, Reddit, Inc
Despite being ranked in the top 20 busiest sites in the world, Reddit has been a small engineering organization for most of its 13 years. However: the last few years have seen us multiply in size by 7x, causing our tooling, process, and culture to creak and groan. Discussion, evaluation, and experimentation led to our decision to incorporate Kubernetes.

This session takes the audience through the motivations, the story, and the results of rebasing our infrastructure on Kubernetes. Today, Kubernetes forms the core of our internal Infrastructure "product", which is a paint-by-numbers experience that engineers of all backgrounds make use of.

The audience will see how and why a small (but rapidly growing) organization operating at a unique scale shifted to Kubernetes, get practical tips and advice, and _maybe_ some dank memes.

Speakers
avatar for Greg Taylor

Greg Taylor

Engineering Manager, Reddit, Inc
Greg Taylor leads the Release Engineering Group within the Reddit's Infrastructure department. He and his team steward the internal Infrastructure "Product" and assist other teams in getting their services from concept to production. | | Greg has recently presented at OSCON 2018... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
4C 1/2
  • Skill Level Any

3:40pm

Kustomize: Deploy Your App with Template Free YAML - Ryan Cox, Lyft
This talk will introduce Kustomize, a declarative application management system, that allows deployments to be described as template free YAML. It's approach will be contrasted with DSLs and template based schemes. Examples will be explored modeling sophisticated deployment scenarios for a variety of application types. It will end with a deep dive into continuous development workflows that leverage the integration between Kustomize and Skaffold.

Speakers
avatar for Ryan Cox

Ryan Cox

Software Engineer, Lyft
Ryan Cox is a software engineer in Lyft's infrastructure organization. His career includes the creation of large-scale ecommerce platforms and extensive time working on systems and infrastructure. He holds patents related to distributed filesystems and is an active member of the Seattle... Read More →


Tuesday December 11, 2018 3:40pm - 4:15pm
606-609
  • Skill Level Any

3:40pm

Enhancing Kubernetes: A Journey Through the KEP Process - Stephen Augustus, Red Hat & Jaice Singer DuMars, Google
Developing software is hard! It can be even more challenging in a large-scale open source project with multiple companies, potentially competing concerns, timezones to scale; the list goes on.

This talk will be a case study in Program, Product, and Project Management for one of the largest, most contributed to, most popular open source projects in the world, Kubernetes.

We’re going to provide you with a glimpse into the history of Kubernetes feature development, followed by a deep dive on the evolution of the KEP (Kubernetes Enhancement Proposal), our current process for tracking and delivering project enhancements.

Speakers
avatar for Stephen Augustus

Stephen Augustus

Specialist Solution Architect, OpenShift Tiger Team, Red Hat
Stephen Augustus is a Product Management Chair for the Kubernetes project. Additionally, he leads the Special Interest Group for Azure and has served as a Features Lead for the Kubernetes Release Team. Leveraging over a decade of systems, infrastructure, and network acumen, as well... Read More →
avatar for Jaice Singer DuMars

Jaice Singer DuMars

Cloud Native Open Source Strategy, Google
Jaice Singer DuMars is an active servant leader within the cloud native ecosystem. As the Cloud Native OSS Program Manager at Google, he is focused on building and sustaining healthy, inclusive, diverse, and scalable open source communities. As a former Kubernetes release leader (1.8... Read More →


Tuesday December 11, 2018 3:40pm - 4:15pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

3:40pm

Building your own PostgreSQL-as-a-Service on Kubernetes. - Alexander Kukushkin, Zalando SE
How many DBAs does it take to manage 500+ PostgreSQL HA clusters? Very close to zero, if you run them on Kubernetes with the help of postgres-operator.

This talk is a story, how the team of Database Engineers at Zalando developed open-source components like Patroni and postgres-operator to run company-wide PostgreSQL-as-a-Service on Kubernetes. I will share how we automate all routine operations, providing developers with easy-to-use tools to create, manage and monitor their database, avoiding commercial solutions lock-in and saving costs. I will describe the benefits and pitfalls of running production databases on Kubernetes and, finally, show open-source tools we have built for application developers to deploy and manage PostgreSQL clusters by writing short manifests describing a few essential properties of the result.

Speakers
avatar for Alexander Kukushkin

Alexander Kukushkin

Database Engineer, Zalando SE
His everyday duty at Zalando is creation and maintenance of hundreds PostgreSQL clusters in sizes from several megabytes up to several terabytes of data. Occasionally he is contributing to different open source projects. He is the major contributors to the Patroni project.



Tuesday December 11, 2018 3:40pm - 4:15pm
Ballroom 6A

3:40pm

Machine Learning as Code: and Kubernetes with Kubeflow - Jason " Jay" Smith, Google & David Aronchick
Machine Learning is become an increasingly popular topic in the world of data. At the same time, the concept of microservices through containerization has increased in popularity as it allows for developers to create and package applications for easy export and distribution through various clouds.

Kubeflow is an open source project lead by Google to merge both concepts, allowing users to leverage the power of Kubernetes to run the training and serving of their ML models.

This convergence of technologies does result in a new way to think of Machine Learning. We now think of can think of machine learning as code bundles. My session will show how with Kubeflow and GitOps tools, you can go beyond simply deploying and training TensorFlow models but bundling the entire infrastructure into a code package and treat the entire machine learning process as a pipeline.

Speakers
avatar for David Aronchick

David Aronchick

Head of OSS Machine Learning Strategy, Microsoft
David Aronchick leads open source machine learning strategy at Azure. He previously was the Senior Product Manager for the Google Container Engine and led product management on behalf of Google for Kubernetes. David has been helping to ship software for nearly 20 years, founding and... Read More →
avatar for Jay Smith

Jay Smith

Cloud Customer Engineer 云客户工程师, Google
Jason ‘Jay’ Smith is a Cloud Customer Engineer at Google. He is passionate containerization and machine learning so Kubeflow was a natural fit as it allows users to run machine learning models on Kubernetes. He has spent much time learning about Kubernetes and has become interesting... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
611-614

3:40pm

Intro: containerd - Mike Brown, IBM & Derek McGowan, Docker
Join containerd maintainers to learn about the design, project goals and history of containerd. We will cover the tools used for interacting with containerd, such as ctr and crictl. We’ll also show you how to monitor pods and containers using Prometheus and go over containerd’s plugin model to show how containerd was built to support new custom extensions. You’ll learn about Kubernetes’ Container Runtime Interface (CRI) and how to configure containerd’s CRI plugin to enable using containerd as the container runtime for Kubernetes. By the end you will understand how to get started using containerd as a developer, contributor, or system administrator for a wide variety of use cases.

Speakers
avatar for Mike Brown

Mike Brown

Software Engineer 软件工程师, IBM
Open Source Software Engineer, Containerd, OCI, Kubernetes, container runtimes, IBMer, github.com/IBM/cap, Inventor, Coach, PC Gamer, and Proud Father.
avatar for Derek McGowan

Derek McGowan

Software Engineer 软件工程师, Docker


Tuesday December 11, 2018 3:40pm - 4:15pm
3 A/B
  • Skill Level Any

3:40pm

Intro: CoreDNS - Yong Tang, MobileIron, Inc & Cricket Liu, Infoblox
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. Often used as a part of the Kubernetes deployment, CoreDNS can serve as the cluster DNS for Kubernetes. With the unique plugin-based architecture, CoreDNS can also be used in many other places, either by functionalities provided out of the box, or by customized plugins. In this session, we will update CoreDNS' current state and the road map for the near future. The expected release of CoreDNS as the default DNS server for Kubernetes will be discussed heavily. We will also look into the integration with cloud vendors, for the extended and advanced usage of service discovery with CoreDNS.

Speakers
avatar for Cricket Liu

Cricket Liu

Chief DNS Architect, Infoblox
Cricket Liu is an authority on the Domain Name System and the co-author of all of O'Reilly Media’s books on DNS, including the classic DNS and BIND.  As Infoblox’s Chief DNS Architect, Cricketguides the development of Infoblox’s product and business strategy, and serves as... Read More →
YT

Yong Tang

Director of Engineering, MobileIron, Inc.
Yong Tang is the Director of Engineering for cloud platform at MobileIron, Inc. He contributes to different cloud-native and machine learning projects for the open source community. He is currently a committer of CoreDNS with a focus on Kubernetes integration and cloud service discovery... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
2 A/B
  • Skill Level Any

3:40pm

Intro: Falco - Loris Degioanni, Sysdig
Host intrusion detection (HID) has been around for some time. What if we rethought the problems HID solves in the context of Cloud Native platforms? What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, we’ll present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security & incident response.

Speakers
LD

Loris Degioanni

Founder & CTO, Sysdig
Loris Degioanni is the CTO and founder of Sysdig, the container intelligence platform. He is also the creator of the popular open source troubleshooting tool, sysdig, and the open source container security tool Falco. Prior to founding Sysdig, Loris co-created Wireshark, the open... Read More →


Tuesday December 11, 2018 3:40pm - 4:15pm
615-617
  • Skill Level Any

3:40pm

Intro: Fluentd - Eduardo Silva & Masahiro Nakagawa, Treasure Data
Fluentd and it ecosystem logging projects are a fundamental and critical piece for observability in Cloud Native environments. On this introduction session you will learn the basics of Logging, the pipeline applied to Kubernetes and overall features associated with filtering, buffering and log centralization/aggregation in general.

Speakers
MN

Masahiro Nakagawa

Senior Software Engineer 高级软件工程师, Treasure Data
Fluentd maintainer
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, ARM Treasure Data
Eduardo is a Principal Engineer at "ARM / Treasure Data". He currently leads the efforts to make logging more scalable in Containerized and Orchestrated systems such as Kubernetes. Maintainer of Fluent Bit.



Tuesday December 11, 2018 3:40pm - 4:15pm
618-620
  • Skill Level Any

3:40pm

Intro: Vitess - Dan Kozlowski & Sugu Sougoumarane, PlanetScale
Vitess has been a member of CNCF since early 2018, and is continuing to gain adoption as the Cloud-Native database solution. This talk will focus on the basic features of vitess that make it cloud friendly. We'll also cover how it addresses indefinite scalability.

Speakers
DK

Dan Kozlowski

Minister of Engineering, PlanetScale
avatar for Sugu Sougoumarane

Sugu Sougoumarane

CTO, PlanetScale
Sugu is CTO at PlanetScale. He is also the lead developer and community leader of the Vitess open source project which he co-created at Youtube in 2010. Vitess has helped multiple companies scale MySQL massively. Prior to Vitess, he worked on various scaling and infrastructure projects... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

3:40pm

Use the Cluster API to Deploy Clusters On-Prem and in Public Clouds - Loc Nguyen, VMware & Kris Nova, Heptio
Deploying and managing kubernetes clusters has a reputation filled with stress and headaches. On top of this, there are dozens of tools, APIs and services available to use but they don’t all interoperate. Some tools work best with on prem while others works best with a specific public cloud.

The Cluster API is a new project bringing in members from many of these well-known tools and members from both public clouds and on-prem infrastructure software providers. The goal is to create a common declarative, kubernetes-style API, tools, and best practices that can be used to create day-zero solutions for deploying kubernetes to multiple platforms. Come learn about the goals of this project and see a demo of it in use in both on-prem and in a public cloud.

Speakers
LN

Loc Nguyen

Staff II Engineer, Vmware
Loc Nguyen has been working in the container space for the last 5 years. He helped build a custom orchestrator at his previously company, and in the last 3 years, helped build Vmware’s vSphere Integrated Containers product. VIC, as it is known, is a docker API compatible container... Read More →
avatar for Kris Nova

Kris Nova

Senior Developer Advocate, Heptio
Kris Nova is a senior developer advocate at Heptio focusing on containers, infrastructure, and Kubernetes. Kris is also an ambassador for the Cloud Native Computing Foundation. Previously, she was a developer advocate and an engineer on Kubernetes in Azure at Microsoft. Kris has a... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
Ballroom 6B
  • Skill Level Any

3:40pm

Observability is the Key Tenet of Running a Multi-Tenant K8s Environment - Thom McCann & Amreth Chandrasehar, T-Mobile
How do you achieve 200 Million requests per day and no down time for 2 years? T-Mobile has been driving containerized workloads for many internal application teams. Running an internal multi-tenant environment can be challenging but has significant benefits

In this session we'll dive deep into observability components such as a large scale telemetry system built on Prometheus serving 4000+ requests per second and millions of metrics over 6 clusters. This open source system is built across 3 AZs in each region (US West and US East) and is federated across multiple Prometheus clusters enabling distributed queries and limitless scale.

We'll dive deep into how our operational teams can view integrated monitoring for infrastructure, hosts, VMs, containers and application level and integrate alerts with slack, pager duty and other real-time systems.

Speakers
avatar for Amreth Chandrasehar

Amreth Chandrasehar

Principal Architect, Cloud, T-Mobile
Amreth Chandrasehar is a Principal Architect at T-Mobile responsible for on-boarding company-wide workloads on to the cloud. He is a co-creator of T-Mobile's internal system known as Conducktor which accelerates application team development for container based applications... Read More →
avatar for Thom McCann

Thom McCann

Sr. Manager Software Engineering, T-Mobile
For decades, Thom McCann has been an innovator in the technology industry across several different software projects. As the creator of Outlook Web Access and key member of the teams that delivered the first versions of Windows NT and Exchange Server, he has built products reaching... Read More →



Tuesday December 11, 2018 3:40pm - 4:15pm
4C 3/4

3:40pm

Rightsize Your Pods with Vertical Pod Autoscaling - Beata Skiba, Google
Specifying CPU and memory needs for your application is often a fortune-telling exercise where time will almost certainly prove you wrong. Assigning too few resources endangers you with CPU starvation and Out Of Memory events; assigning too much hinders cluster utilization. Predicting the right values is challenging since workloads change and evolve. In this talk, we'll teach you how Vertical Pod Autoscaler can set resource assignments for you and how using it with Cluster Autoscaling and Scheduling can give you peace of mind.

Speakers
avatar for Beata Skiba

Beata Skiba

Software Engineer, Google
Beata has been a Software Engineer at Google for 3 years. She has been working on Kubernetes autoscaling for the last year, contributing to Cluster Autoscaling, Horizontal Pod Autoscaling and Vertical Pod Autoscaling.



Tuesday December 11, 2018 3:40pm - 4:15pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building

3:40pm

Athenz with Istio: Single Access Control Model in Cloud Infrastructures - Tatsuya Yano, Yahoo Japan Corporation
Most Cloud computing environments are based on self-service thus authorization configurations are frequent and dynamic.
Furthermore, in Microservices architecture, each service communicates via Web APIs thus it is important to have precise and frequently configurable access controls with low cost.
Athenz is an open source platform for X.509 certificate based service authentication
and fine-grained access control in dynamic infrastructures that provides options to run multi environments with a single access control model.
We also plan to provide integration with SPIFFE and Istio.
In this session, the speaker is going to explain the benefits of using Athenz and demonstrate how to use Athenz in a Cloud computing environment by showing use case of the integration with Istio.

Website
http://www.athenz.io

Speakers
avatar for Tatsuya Yano

Tatsuya Yano

Platform Developer, Yahoo Japan Corporation
Platform developer in Yahoo Japan Corporation. | Principal engineer for development and operations for identities and access management. | Contributor for development of open-source product "Athenz". (https://github.com/yahoo/athenz)



Tuesday December 11, 2018 3:40pm - 4:15pm
Ballroom 6C

3:40pm

Tutorial: Deploying Windows Apps with Draft, Helm and Kubernetes - Patrick Lang & Jessica Deen, Microsoft (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

In this session, we'll go through two key workflows:

1) How to deploy and manage a Windows-based application on Kubernetes

We'll start with an already-built Windows application in a container, and walk through a simple deployment on Kubernetes. Along the way, we'll go over some of the key considerations such as handling secrets, required node selectors, and other common differences you may encounter in clusters with Windows & Linux nodes. This section does not require access to a Windows machine, only a browser, ssh & kubectl will be required.

2) Building an end-to-end workflow with Draft & Helm

Once you understand how to deploy a Windows application with Kubernetes, we can move on to setting up the full developer workflow. We'll create a new app using .Net Core on Windows, scaffold and deploy with Draft. This requires Windows 10 (laptop or VM running on Azure or VMWare Fusion)

Speakers
JD

Jessica Deen

Cloud Developer Advocate, Microsoft
Jessica is a Cloud Developer Advocate for Microsoft focusing on Azure, Containers, cloud, OSS, and, of course, DevOps. Prior to joining Microsoft, she spent over a decade as an IT Consultant / Systems Administrator for various corporate and enterprise environments, catering to end... Read More →
avatar for Patrick Lang

Patrick Lang

Senior Software Engineer, Microsoft
Patrick Lang is a Senior Software Engineer at Microsoft building and teaching how to use Kubernetes and Windows container technologies. He is a regular speaker on Windows Server Container development and management that helped launch the tech at MS Ignite and Build conferences along... Read More →


Tuesday December 11, 2018 3:40pm - 5:05pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

3:40pm

Tutorial: Getting Your Hands Dirty with Knative - Bas Tichelaar & Adé Mochtar, Instruqt (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

Knative is extending Kubernetes with primitives to build, deploy and manage serverless workloads. In this tutorial, which will be guided by experienced consultants, you will learn how to install and use Knative in a real life scenario.

You will learn to work with the following components of Knative:

- Build: build your source code into a container
- Serving: scale on demand and back to zero
- Events: subscribe, publish and manage events

You will learn:

- What the benefits are
- How to install the components
- How to interact with Knative
- How Knative will fit into your current environment

The tutorial uses the Instruqt platform, which will spin up all the required infrastructure. You just have to bring your own laptop with your favorite browser.

Pre-requisites:
- You know how to work with Kubernetes
- You are familiar with kubectl and Kubernetes YAML files 

If you would like to participate, please create an account on https://instruqt.com/login. If you need some more experience with Kubernetes, you can start with the Kubernetes tracks athttps://instruqt.com/public/topics/getting-started-with-kubernetes. The Knative tracks will be published once the workshop begins.

Because we have limited space, you might not be able to attend the workshop. But don't worry: you can play the tutorials on Instruqt afterwards.

Speakers
avatar for Adé Mochtar

Adé Mochtar

Co-Founder, Instruqt
Adé is co-founder of instruqt, an e-learning platform for Cloud and DevOps. He has over 15 years of experience in IT. He has had many roles, including being a developer, consultant, IT architect and trainer. His latest mission is to make learning DevOps and Cloud more effective and... Read More →
avatar for Bas Tichelaar

Bas Tichelaar

Co-founder, Instruqt
Bas has over 18 years of experience in IT, with a focus on DevOps and Cloud. He worked as a consultant and architect for Xebia the last 5 years. His mission is to make learning DevOps and Cloud more effective and fun. Within Instruqt, his role is mainly pre-sales and marketing, but... Read More →


Tuesday December 11, 2018 3:40pm - 5:05pm
Yakima 1 @ TCC The Conference Center (TCC) - Separate from WSCC building

3:40pm

Tututorial: Building Security into Kubernetes Deployment Pipelines – Andrew Martin & Pi Unnerup, ControlPlane; Michael Hough & Liam White, IBM (Limited Seating Available - See Description for Details)
IMPORTANT NOTE: Due to the nature of tutorials, this session has been placed in a smaller capacity room to help facilitate a conducive learning environment. Space is very limited and seating will be given on a first come-first serve basis. The tutorial will be recorded and viewed on the CNCF YouTube channel after the event concludes. Thank you for your understanding.

How secure is your deployment pipeline? Is image integrity verified or can any user deploy any image to production? Are those images scanned for known CVEs? And are security policies enforced to harden the cluster at runtime?

This tutorial covers current best practices for enhanced Kubernetes cluster security. It is led by core contributors and subject matter experts, and provides hands-on experience with Notary, admission controllers, and vulnerability scanning.

It teaches integrating image signing and vulnerability scanning into a pipeline through live examples, and demonstrates how to configure Kubernetes to enforce security policies and image integrity.

Attendees should expect to learn how to utilise state-of-the-art CNCF and OS tooling, and frustrate potential attackers throughout the deployment lifecycle.

Requirements: internet-capable laptop, a local Minikube installation.

Speakers
avatar for Michael Hough

Michael Hough

Software Engineer, IBM
Michael is a Software Engineer on the IBM Cloud Container Registry team, delivering and operating code using Kubernetes in production, and a contributor to Notary and Portieris. He has presented and led labs about Kubernetes and IBM Cloud Container Service at IBM Technical Universities... Read More →
avatar for Andrew Martin

Andrew Martin

Co-founder, ControlPlane
Andrew has a strong test-first engineering ethos gained architecting and deploying high-traffic web applications. Proficient in systems development, testing, and maintenance, he is comfortable profiling and securing every tier of a bare metal or cloud native application, and has battle-hardened... Read More →
avatar for Pi Unnerup

Pi Unnerup

Infrastructure Engineer, ControlPlane
Pi is an Infrastructure Engineer for ControlPlane, configuring secure end-to-end pipelines in containerised environments. She has contributed to projects securing high impact products, and worked on critical national infrastructure for the UK Home Office. | | https://www.linke... Read More →
avatar for Liam White

Liam White

Software Engineer, Tetrate
Liam is a Software Engineer at Tetrate and a maintainer on multiple open source projects including Istio, Portieris and Chart Museum. He has presented and delivered tutorials at KubeCon, OSCON and various meetups.


Tuesday December 11, 2018 3:40pm - 5:05pm
Skagit 4/5 @ TCC The Conference Center (TCC) - Separate from WSCC building

4:30pm

Becoming Cloud Native Without Starting From Scratch - Marin Jankovski, GitLab
Full rewrite of a working application is a luxury most companies can't afford.
In this session, we will talk about how running GitLab architecture was adapted to be closer to a regular cloud native application without having to rewrite the whole application and disrupt ongoing product development. As an additional requirement, architecture had to be modeled on what is required for installation of GitLab.com scale (SaaS) while also keeping in mind on-premises installation customers which will use the same set of tools. We will discuss what parts of the application we left out of Kubernetes, how we loosely decoupled previously integrated components and how and why are we enforcing some old behaviours. We will share our experiences with using de-facto standard for distributing applications (Helm), but some mis-steps and some good choices we think we made.

Speakers
avatar for Marin Jankovski

Marin Jankovski

Engineering Manager, Distribution and Release Management, GitLab
Marin Jankovski is a software developer with over 8 years of experience working on complex systems. In 2012 he joined GitLab as the first employee where his focus shifted more into the DevOps territory. In 2015 he started the team, which he is currently leading, responsible for building... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
Ballroom 6E
  • Skill Level Any

4:30pm

Intro: Operator Framework BoF - Diane Mueller & Sebastian Pahl, Red Hat
An Operator is a method of packaging, deploying and managing a Kubernetes application. A Kubernetes application is an application that is both deployed on Kubernetes and managed using the Kubernetes APIs and kubectl tooling. To be able to make the most of Kubernetes, you need a set of cohesive APIs to extend in order to service and manage your applications that run on Kubernetes. You can think of Operators as the runtime that manages this type of application on Kubernetes. http://coreos.com/operators The Operator Framework is an open source toolkit to manage Kubernetes native applications, called Operators, in an effective, automated, and scalable way. https://github.com/operator-framework

Speakers
avatar for Diane Mueller

Diane Mueller

Director, Community Development, Red Hat
Director, Community Development at Red Hat | co-chair, Operator Framework SIG | co-chair, OpenShift on Machine Learning SIG | organizer, OpenShift Commons Gathering
avatar for Sebastien Pahl

Sebastien Pahl

Red Hat
I'm a director of engineering at Red Hat, currently leading the Operator Framework teams. I previously managed teams at Mesosphere around Mesos and Kubernetes, and the SRE team at Cloudflare. Before that, I co-founded Dotcloud, the company that later pivoted into becoming Docker... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
618-620
  • Skill Level Any

4:30pm

CI/CD in Light Speed with K8s and Argo cd - Billy Yuen & Parin Shah, Intuit
Enterprises have benefited greatly from the elastic scalability and multi-region availability by moving to AWS, but the fundamental deployment model remains the same.

At Intuit, we have adopted k8s as our new saas platform and re-invented our CI/CD pipeline to take full advantage of k8s. In this presentation, we will discuss our journey from Spinnaker to Argo CD.

1. Reduce CI/CD time from 60 minutes to 10 minutes.
2. Reduce production release (or rollback) from 10 minutes to 2 minutes.
3. Enable concurrent deployment using spinnaker and argo cd as HA/DR to safely adopt the new platform with no downtime.
4. Be compatible with the existing application monitoring toolset.

Speakers
avatar for Parin Shah

Parin Shah

Software Engineer, Intuit, Inc.
Parin is a software engineer on Intuit's Payments platform team. He was one of the early adopters of Kubernetes at Intuit and helps accelerating other teams to move to AWS/Kubernetes. He focuses on using modern CI/CD principles and other cloud services to increase developer velocity... Read More →
avatar for Billy Yuen

Billy Yuen

Principal Engineer, Intuit
Billy Yuen is a principal engineer on the Intuit’s Platform team focusing on the modern Saas adoption (AWS and kubernetes), system resiliency, and monitoring. Previously, Billy worked on Netflix’s Edge Services team to build the next generation of edge-service infrastructure to... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
4C 1/2

4:30pm

CI/CD, Kubernetes, and Databases: Better Together - Niraj Tolia & Tom Manville, Kasten
Adding data to both your CI and CD pipeline is one of the last steps of the DevOps journey and probably the scariest given the impact of getting it wrong. This talk covers how one can safely combine Kubernetes, Databases, and the CI/CD pipeline to actually make the process safer and more stable that the status quo today and, in today’s rapid deployment culture, make databases “shift left” and reduces DBA burnout. This includes leveraging techniques and building an open-source toolkit to deliver automated schema changes, cloning, sandboxing, masking for production-like data in staging, and rapid data movement for fast database creation. More importantly, this talk will show how these benefits can help with internal culture shift by breaking down silos and bringing in a traditionally conservative database group more fully into the automation fold.

Speakers
avatar for Tom Manville

Tom Manville

Software Engineer, Kasten
Tom graduated from the University of Michigan in 2011 and 2013 with a B.S.E. and M.S.E. in Computer Engineering where he researched low power computing and micro. After graduating, he joined Maginatics, a cloud based file system company which was acquired by EMC (now Dell EMC) late... Read More →
avatar for Niraj Tolia

Niraj Tolia

CEO and Co-Founder, Kasten
Niraj Tolia is the CEO and Co-Founder at Kasten, an early-stage startup working on cloud-native storage infrastructure. Previously, he was the Senior Director of Software Engineering at EMC/Maginatics and was responsible for the CloudBoost family of products that focused on in-cloud... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
606-609

4:30pm

The Cloud Native Meetup Community A-Z - Moderated by Kaslin Fields, Oracle
The Cloud Native open source community is famous not only for the great technical capability it provides but also for the incredible community that creates and supports it. The Cloud Native community spans the globe but getting to know the community near YOU can be especially helpful. Meetups are a common tool throughout the tech world for people with similar interests to meet and learn from one another, and it’s particularly popular with open source communities. Whether you’re in Austin, Texas, Seattle, WA, or lots of other places around the world, there’s probably a meetup (or several!) near you. And if there isn’t, you can start one yourself! In this talk, container and cloud-native related meetup founders, organizers, speakers, and hosts from companies ranging from small startups to large fortune 500 companies will discuss their experiences with the meetup community.

Moderators
avatar for Kaslin Fields

Kaslin Fields

Solutions Architect, Oracle
I am a Solutions Architect at Oracle Cloud Infrastructure. My focus is on containers and, in particular, Kubernetes. I have been passionate about containers for 3-4 years now, with much of my earlier projects revolving around Docker technologies. This will be my second KubeCon... Read More →

Speakers
avatar for Matt Baldwin

Matt Baldwin

Director, Cloud Native Engineering, NetApp
Matt Baldwin is the Founder and CEO of StackPointCloud, Inc., a Kubernetes company. He is one of the creators of Stackpoint.io, the leading management and automation platform for public cloud Kubernetes. Along with his work on Stackpoint.io he also helps run the global Kubernetes... Read More →
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative leader, passionate about developer platforms and management software for clouds, containers, functions and applications. Advanced and emerging technologies have been a consistent focus through Calcote’s tenure at SolarWinds, Seagate, Cisco and Pelco... Read More →
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate 开发人员倡导者, Cloud Native Computing Foundation
Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation, focused on Kubernetes-related efforts in the open source community. | | Ihor is a co-founder and co-lead of the Kubernetes Product Management Special Interest Group (SIG-PM), focused on enhancing Kubernetes... Read More →
avatar for Lisa-Marie Namphy

Lisa-Marie Namphy

Dev Advocate & Community Architect, Portworx
Lisa-Marie currently organizes and runs the SF Bay Cloud Native Open Infra User Group (formerly SF Bay OpenStack), personally hosting the bi-weekly meetup for the past 5 years. Lisa now runs the world’s largest CNCF user group and has been a long time contributor, advocate (and... Read More →


Tuesday December 11, 2018 4:30pm - 5:05pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

4:30pm

Using a Kubernetes Operator to Manage Application Tenancy in a B2B SaaS App - Mike Arpaia, Kolide
Companies that create products for other companies or teams often have to reason about how to deal with the application-level tenancy of each team. The two ends of the spectrum are to either deploy one monolithic application that handles multi-tenant data isolation via application logic or to deploy and proxy to many instances of isolated single-tenant applications.

This presentation will discuss how Kolide has approached the problem of application tenancy by building a Kubernetes Operator to manage the complete lifecycle of each tenant as an isolated instance of a single-tenant application. We will analyze strategies for account management, observability, deployments, networking, and security.

Finally, we will consider the efficacy of this strategy in general by analyzing the observed pros and cons after using this approach in production to serve thousands of customer instances.

Speakers
avatar for Mike Arpaia

Mike Arpaia

Co-Founder & CTO, Kolide
Mike is the CTO and Co-Founder of Kolide, a security-first infrastructure analytics company. Kolide's technology is based on an open-source operating system analytics tool called osquery which Mike created, open-sourced, and widely deployed while working at Facebook. | | A fan... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
Ballroom 6A
  • Skill Level Any

4:30pm

Why Data Scientists Love Kubernetes - Sophie Watson & William Benton, Red Hat
This talk will introduce the workflows and concerns of data scientists and machine learning engineers and demonstrate how to make Kubernetes a powerhouse for intelligent applications.

We’ll show how community projects like Kubeflow and radanalytics.io support the entire intelligent application development lifecycle. We’ll cover several key benefits of Kubernetes for a data scientist’s workflow, from experiment design to publishing results. You’ll see how well scale-out data processing frameworks like Apache Spark work in Kubernetes.

System operators will learn how Kubernetes can support data science and machine learning workflows. Application developers will learn how Kubernetes can enable intelligent applications and cross-functional collaboration. Data scientists will leave with concrete suggestions for how to use Kubernetes and open-source tools to make their work more productive.

Speakers
avatar for William Benton

William Benton

Senior Principal Software Engineer, Red Hat
William Benton leads a team of data scientists and engineers at Red Hat, where he has applied machine learning to problems ranging from forecasting cloud infrastructure costs to designing better cycling workouts. His current focus is investigating the best ways to build and deploy... Read More →
avatar for Sophie Watson

Sophie Watson

Software Engineer, Red Hat
Sophie is a software engineer at Red Hat, where she works in an emerging technology group. She has a background in Mathematics and has recently completed a PhD in Bayesian statistics, in which she developed algorithms to estimate intractable quantities quickly and accurately. Since... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
611-614

4:30pm

Intro: CNCF Serverless WG / CloudEvents - Doug Davis, IBM & Clemens Vasters, Microsoft
Provide an introduction to the CNCF Serverless Working Group, the CloudEvents specification and the new Workflow sub-group. More details later...

Speakers
avatar for Doug Davis

Doug Davis

STSM, IBM
Doug works in IBM's Digital Business Group. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently co-leading the CNCF's Serverless WG, the Cloud... Read More →
avatar for Clemens Vasters

Clemens Vasters

Principal Architect, Azure Messaging, Microsoft
Clemens Vasters is Lead Architect in Microsoft’s Azure Messaging team that builds and operates a fleet of hyper-scale messaging services, including Event Grid, Service Bus, and Event Hubs. Clemens represents Microsoft in messaging standardization in OASIS (AMQP) and CNCF (CloudEvents... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
615-617
  • Skill Level Any

4:30pm

Intro: Helm - Matt Farina, Samsung SDS
Helm is a package manager that provides the tools to find, share, and use software built for Kubernetes. The package management features allow you to define, install, and upgrade applications while also handling dependencies on other applications. In this session you will learn about: - Why Helm and package management are useful to applications in Kubernetes - A brief history of Helm - The different parts of Helm and how they work together - Publicly sharing applications through charts - Where Helm is headed

Speakers
avatar for Matt Farina

Matt Farina

Sr. Staff Engineer, Samsung SDS



Tuesday December 11, 2018 4:30pm - 5:05pm
602-604
  • Skill Level Any

4:30pm

Intro: NATS - Colin Sullivan & Wally Quevedo, Synadia
Join members of the NATS team to learn about NATS Messaging! Distributed systems architecture has been disrupted via decomposition as cloud technology has matured - we’ve seen a migration from monolithic applications to microservices. This has created a need for multiple communication patterns, location transparency, and the decoupling of data producers and consumers. NATS is a cloud-native messaging project that addresses these needs and others. In this discussion, we'll introduce you to NATS: how NATS came to be, its DNA and cover some of the problems that it solves. We’ll describe common messaging patterns, when to use them, and design principles to create NATS enabled cloud-native applications. For more information be sure to follow this up with the NATS deep dive!

Speakers
avatar for Waldemar Quevedo

Waldemar Quevedo

Software Engineer, Synadia
Waldemar Quevedo is a Software Engineer at Synadia, where he works on the NATS project and the ecosystem around it. He is author of the "Practical NATS" book, which is one of the first books about the project. | Before he was at Apcera where he worked on a container orchestration... Read More →
avatar for Colin Sullivan

Colin Sullivan

Product Manager, Synadia
Colin is the product manager of NATS (https://nats.io). He has extensive experience developing messaging products and designing distributed systems. Prior to Synadia, Colin worked at Apcera and TIBCO software.



Tuesday December 11, 2018 4:30pm - 5:05pm
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

4:30pm

Intro: OpenMetrics - Richard (RichiH) Hartmann, SpaceNet AG
OpenMetrics is taking the Prometheus format and transforms it into a truly open standard while remaining compatible with the hundreds to integrations and dozens of data collectors that grew within our ecosystem. We will go through the current state of OM, the challenges we faced getting there, and an outlook for next steps and allies would found along the way.

We will have an extended open Q&A at the end to enable you to ask questions.

Speakers
avatar for Richard (RichiH) Hartmann

Richard (RichiH) Hartmann

Monitoring Lead 关于监管的提示, SpaceNet AG
Richard "RichiH" Hartmann is a technical architect at SpaceNet, leading both a new datacenter build and monitoring. By night, he is involved in several FLOSS projects, including Debian and Prometheus, and organizing related conferences, including FOSDEM, DENOG, and Chaos Communication... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
3 A/B
  • Skill Level Any

4:30pm

Intro: Rook - Jared Watts, Upbound
In this talk, we will be introducing the Rook project to attendees of all levels and experience. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook turns storage software into self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. We will explore the benefits and use cases of Rook, and we will also walk through the architecture that the project is built on. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation (CNCF) in January 2018.

Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by "freeing the cloud" and is also a senior maintainer for the open source Rook project (https://rook.io/). Before Upbound, he worked on innovative storage projects at Quantum Corp... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
2 A/B
  • Skill Level Any

4:30pm

Clusters All the Way Down: Crazy Multi-cluster Topologies - Matt Caulfield, Oort
What happens when your application outgrows a single cluster? How do you scale from one cluster to dozens without sacrificing high availability or performance? How do you structure your application to actually take advantage of multi-cluster environments?

In this session, you'll learn about multi-cluster topologies: different options for structuring your application architecture to naturally benefit from multiple Kubernetes environments.

Whether you're building a new application from scratch or scaling up an existing deployment, this session will equip you with best practices, rules of thumb, and the right mental model for successfully using Multi-Cluster Kubernetes.

Speakers
avatar for Matt Caulfield

Matt Caulfield

Co-founder & CEO, Oort
Matt is Co-founder & CEO of Oort - the Cloud Native Edge Computing company. Oort equips architects and developers to harness the power of Edge Computing to improve the performance, reliability, and scalability of their cloud applications. Previously, Matt led the Edge Computing team... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
Ballroom 6B

4:30pm

Three Pillars, Zero Answers: We Need to Rethink Observability - Ben Sigelman, LightStep
Observability has never been more important: the complexity of microservices makes it harder and harder to answer basic questions about system behavior. The conventional wisdom claims that Metrics, Logging and Tracing are “the three pillars” of observability… yet software organizations check these three boxes and are still grasping at straws during emergencies.

In this session we’ll illustrate the problem with the three pillars: metrics, logs, and traces are just data – they are the fuel, not the car. We then reframe observability around two fundamental activities: (1) measurement and (2) explanation.

“Measurement” must be both robust and precise; “explanation” must present the larger context of distributed transactions and the role that contention plays under peak load. We present both via demos and examples to ground the session in real-world storytelling.

Speakers
avatar for Ben Sigelman

Ben Sigelman

CEO and Co-founder, LightStep
Ben Sigelman is the co-creator of the OpenTracing project (incubated by CNCF). An expert in distributed monitoring, he previously built Dapper, Google’s production distributed systems tracing infrastructure, and Monarch, Google’s fleet-wide time series collection, storage, analysis... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
4C 3/4
  • Skill Level Any

4:30pm

A Basic Kubernetes Debugging Kit: curl, jq, openssl, and Other Best Friends - Joe Thompson, Mesosphere
Joe Thompson walks you through a set of essential command-line Linux tools – curl, jq, openssl, netcat, dig and others – and how to use them to debug network and other issues in your Kubernetes clusters. The basic function and use of each tool is covered, with examples for some common Kubernetes-related tasks like verifying if a certificate is correctly generated or checking if DNS resolution in your cluster is working properly. We’ll also look at some container-based debugging procedures, including how to use one container to debug another that’s not running properly or to debug the host OS when the tools you need aren’t installed there.

Speakers
avatar for Joe Thompson

Joe Thompson

Solutions Architect, Mesosphere
I'm a solutions architect for Mesosphere and a regular participant in the Helm and SIG-Apps communities. Prior to Mesosphere, I worked at Capital One, CoreOS and Red Hat (among others), providing practical solutions and training in and for Kubernetes and other cloud environments... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building

4:30pm

This Year, It’s About Security - Maya Kaczorowski & Brandon Baker, Google
The message was resoundingly clear at KubeCon EU, “this year, it’s about security”. Kubernetes has made giant strides in 2018 to improve security for end users.

We’ll start with an overview of what’s happened in 2018, including the first container security attacks. Then, we’ll cover focus on three hot topic areas to dive deeper and demo: (1) Isolation, using projects like gVisor, Kata containers, and Nabla; (2) Software supply chain security, and (3) Security by default and hardening. You’ll leave with an understanding of new security features in Kubernetes, and how you can contribute to making Kubernetes secure.

Speakers
avatar for Brandon Baker

Brandon Baker

Cloud Security Horizontal Lead, Google
Brandon is Tech Lead for Cloud Security at Google. He started the Cloud Security organization at Google Seattle 8 years ago, building core encryption, sandboxing, mitigation, detection, and security features to protect our Cloud users and Google’s infrastructure. Prior to Google... Read More →
avatar for Maya Kaczorowski

Maya Kaczorowski

Product Manager 产品经理, Google
Maya is a Product Manager in Security & Privacy at Google, focused on container security. She previously worked on encryption at rest and encryption key management. Prior to Google, she was an Engagement Manager at McKinsey & Company, working in IT security for large enterprises... Read More →



Tuesday December 11, 2018 4:30pm - 5:05pm
Ballroom 6C
  • Skill Level Any

5:20pm

Keynote: Welcome Remarks - Liz Rice, Technology Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Tuesday December 11, 2018 5:20pm - 5:27pm
Hall 4EF
  • Skill Level Any

5:29pm

Keynote: Tales from the Kube: Contributions by the Community - Brian Grant, Principal Engineer & Tim Hockin, Principal Software Engineer, Google & Clayton Coleman, Architect, Kubernetes and OpenShift, Red Hat
While most people are familiar with how Kubernetes became an open-source project, there are other stories about its early days that you haven’t heard. This presentation will shine a long-overdue light on the invaluable contributions of a number of contributors who helped shape what the project has become.

Speakers
avatar for Clayton Coleman

Clayton Coleman

Architect, Kubernetes and OpenShift, Red Hat
Clayton is architect and engineer on cloud orchestration and containers at Red Hat, in charge of both technical direction for Kubernetes and OpenShift (Red Hat's platform as a service built on top of Kubernetes) as well as the broader container and container content efforts at Red... Read More →
avatar for Brian Grant

Brian Grant

Principal Engineer, Google
Brian is the co-Technical Lead of Google Kubernetes Engine, co-Chair of Kubernetes SIG Architecture, Kubernetes API approver, Kubernetes Steering Committee member, and CNCF Technical Oversight Committee member, where he's sponsored 11 CNCF projects (not including Kubernetes). His... Read More →
avatar for Tim Hockin

Tim Hockin

Principal Software Engineer, Google
Tim is a principal software engineer at Google, where he works on the Kubernetes and Google Container Engine (GKE). He is a co-founder of the Kubernetes project, and he is responsible for topics like networking, storage, node, multi-cluster, resource isolation, and cluster sharing... Read More →



Tuesday December 11, 2018 5:29pm - 5:49pm
Hall 4EF
  • Skill Level Any

5:51pm

Keynote: CNCF Maintainer + Ambassador Awards – Chris Aniszczyk, CTO/COO, Cloud Native Computing Foundation
Sponsored by VMware

Speakers
avatar for Chris Aniszczyk

Chris Aniszczyk

VP of Developer Relations, COO of CNCF, The Linux Foundation
Chris brings more than 15 years experience as The Linux Foundation’s vice president of Developer Programs. His work is focused on working with developer community to advance open source projects at scale. Previously Chris served as Twitter’s head of open source, where he led a... Read More →



Tuesday December 11, 2018 5:51pm - 6:01pm
Hall 4EF
  • Skill Level Any

6:03pm

Keynote: The Emerging Multicloud World – Lew Tucker, VP/CTO Cloud Computing, Cisco
Still running in a single cloud? We didn’t think so. On-prem. Public. Hybrid. It’s rapidly becoming a multicloud world – and open source technologies are at the forefront of this transformation. We’ll look at how simplifying container orchestration with Kubernetes and streamlining communication between microservices with Istio are accelerating development processes and forging entirely new levels of business agility.

Speakers
LT

Lew Tucker

VP/CTO Cloud Computing, Cisco
As VP/CTO of Cloud Computing at Cisco, Lew is responsible for shaping Cisco’s strategy and products in cloud computing. He leads several of the company’s open source initiatives and serves as a member of the OpenStack Foundation board of directors and CNCF governing board.Lew... Read More →



Tuesday December 11, 2018 6:03pm - 6:08pm
Hall 4EF
  • Skill Level Any

6:10pm

Keynote: High Reliability Infrastructure Migrations - Julia Evans, Software Engineer, Stripe
For companies with high availability requirements (99.99% uptime or higher), running new software in production comes with a lot of risks. But it's possible to make significant infrastructure changes while maintaining the availability your customers expect!

I'll give you a toolbox for derisking migrations and making infrastructure changes with confidence, with examples from our Kubernetes & Envoy experience at Stripe.


Speakers
avatar for Julia Evans

Julia Evans

Software Engineer, Stripe
Julia Evans is a software engineer at Stripe. She writes at https://jvns.cahttps://jvns.ca/zines... Read More →



Tuesday December 11, 2018 6:10pm - 6:30pm
Hall 4EF
  • Skill Level Any

6:32pm

Keynote: Open Source & Containers on AWS - Arun Gupta, Principal Open Source Technologist, Amazon Web Services
More users are running containers using open source technologies on AWS than anywhere else. We'll cover the state of open source for containers and applications on AWS, new product announcements for the container ecosystem, and our vision for the future.

Speakers
avatar for Arun Gupta

Arun Gupta

Principal Technologist, Amazon Web Services
Arun Gupta is a Principal Technologist at Amazon Web Services. He is responsible for the Cloud Native Computing Foundation (CNCF) strategy within AWS, and participates at CNCF Board and technical meetings actively. He particularly enjoys AMA on Containers and Serverless. He has built... Read More →



Tuesday December 11, 2018 6:32pm - 6:37pm
Hall 4EF
  • Skill Level Any

6:37pm

Keynote: Closing Remarks – Liz Rice, Technology Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Tuesday December 11, 2018 6:37pm - 6:45pm
Hall 4EF
  • Skill Level Any

6:45pm

Welcome Reception + Sponsor Booth Crawl, Sponsored by F5 Networks
Don’t miss the opportunity to continue conversations, check out sponsor technologies, games and live art installations while enjoying food and drinks.

Tuesday December 11, 2018 6:45pm - 8:45pm
Hall 4AB

7:00pm

Meet the Ambassador: Michael Goodness, Ticketmaster
Speakers
avatar for Michael Goodness

Michael Goodness

Systems Architect, Ticketmaster
Mike is Tech Lead on the Kubernauts team at Ticketmaster and a CNCF Ambassador. He began working with Kubernetes in late 2015, and quickly became an avid member of the community. While primarily involved with day-to-day cluster operations, he is also keenly interested in helping developers... Read More →


Tuesday December 11, 2018 7:00pm - 7:30pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

7:30pm

Meet the Ambassador: Michael Goodness, Ticketmaster
Speakers
avatar for Michael Goodness

Michael Goodness

Systems Architect, Ticketmaster
Mike is Tech Lead on the Kubernauts team at Ticketmaster and a CNCF Ambassador. He began working with Kubernetes in late 2015, and quickly became an avid member of the community. While primarily involved with day-to-day cluster operations, he is also keenly interested in helping developers... Read More →


Tuesday December 11, 2018 7:30pm - 8:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any
 
Wednesday, December 12
 

6:15am

5K Fun Run/Walk + All Paces Welcome (Additional Registration Required)
Sign up form is now closed.

Join us for a Fun Run/Walk hosted by Visit Seattle who will provide a scenic run around the downtown Seattle area. This will be the perfect way to wake up and get your energy going for the day.

Space is limited, so please sign up as soon as possible.

Wednesday December 12, 2018 6:15am - 7:30am
Pike Street Lobby, 1st Floor @ WSCC

7:30am

The New Stack Pancake Breakfast & Podcast: Scaling with Service Mesh and Istio, Sponsored by VMware
Please join hosts Alex Williams, Founder & Editor-in-Chief and Joab Jackson, Managing Editor, of The New Stack for a short stack of pancakes and a panel discussion on Scaling with Service Mesh and Istio.

Service meshes, Istio, and the underlying architectures — fine topics to discuss over a short stack with The New Stack. We’ll explore the scaling of application architectures and how business objectives fit with approaches, team development, and workflows that come with service mesh technologies. A big thanks to VMware for sponsoring this Pancake Breakfast and bringing carbs & caffeine to the cloud native community!

07:30 - 08:00 Pancakes served
08:00 - 08:45 Panel Discussion



Moderators
avatar for Joab Jackson

Joab Jackson

Managing Editor, The New Stack
avatar for Alex Williams

Alex Williams

Founder & Editor-in-Chief, The New Stack

Speakers
avatar for Jennifer Lin

Jennifer Lin

Director, Product Management, Google
Jennifer is currently Director, Product Management, where she leads a team focused on Google’s Cloud Services Platform, Cloud Commerce and Cloud Security.  Prior to joining Google, Jennifer was on the founding team and VP, Product at Contrail, a software startup acquired by Juniper... Read More →
avatar for Jason McGee

Jason McGee

IBM Fellow, VP and CTO, IBM Cloud Platform, IBM
Jason McGee, IBM Fellow, is VP and CTO, IBM Cloud Platform. Jason is currently responsible for the IBM Cloud’s foundation services, including Kubernetes Containers, Functions, MessageHub, Logging, Monitoring, Container Registry, Terraform and Activity Tracker. Jason is also responsible... Read More →
avatar for Pere Monclus

Pere Monclus

CTO, Network & Security, VMware
avatar for Ken Owens

Ken Owens

Vice President, Digital Native Architecture, Mastercard
Ken Owens is the Vice President for Digital Native Architecture at Mastercard. He was previously the CTO of Cloud Native Platforms at Cisco, where he was responsible for creating and communicating technical/scientific vision and strategy for Cisco’s cloud native technologies. He... Read More →
SR

Simon Richard

Analyst, Gartner


Wednesday December 12, 2018 7:30am - 8:45am
Skagit 4/5 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

7:30am

Speed Networking & Mentoring Session (registration required)
Open to all attendees.  Pre-registration required
Are you looking to grow your technical skills, join a cloud native project or tackle a career-change? Whether you’re new, or not so new, to open source and cloud computing, we invite you to register to attend the KubeCon Speed Networking & Mentoring Sessions.  You’ll have the chance to meet with several experienced mentors and open source veterans across many CNCF projects to explore technical and community questions in two sessions – one morning and one afternoon – to accommodate all schedules!  Sign up here to be a mentee

Are you a project maintainer? Part of a SIG? Involved in Kubernetes mentoring? Just started contributing to a project and want to help those eager to begin their journey? We’re looking for mentors across the entire ecosystem with technical and community building expertise to sign up for one or both sessions. Sign up here to be a mentor

Wednesday December 12, 2018 7:30am - 8:45am
Skagit 2 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

8:00am

Breakfast
Wednesday December 12, 2018 8:00am - 9:00am
Hall 4AB

8:00am

Sponsor Showcase
Visit with sponsors, network with fellow attendees and enjoy food & drinks in the Sponsor Showcase.

Wednesday December 12, 2018 8:00am - 5:00pm
Hall 4AB

8:00am

Badge Pickup at WSCC
Wednesday December 12, 2018 8:00am - 6:00pm
Atrium Lobby, 4th Floor

9:00am

Keynote: Welcome Remarks - Liz Rice, Technology Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Wednesday December 12, 2018 9:00am - 9:05am
Hall 4EF
  • Skill Level Any

9:07am

Keynote: Kubernetes Project Update - Janet Kuo, Software Engineer, Google
Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer 软件工程师, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →



Wednesday December 12, 2018 9:07am - 9:27am
Hall 4EF
  • Skill Level Any

9:29am

Keynote: The Unification of Containers, Apps and Functions - Jason McGee, IBM Fellow, VP and CTO, IBM Cloud Platform, IBM
Cloud-native developers today have to decide between 3 separate container platforms.  Some choose the flexibility of containers with Kubernetes, others the velocity of an opinionated platform like CloudFoundry, and still others believe the future is all about serverless functions.  How do you know which ones to use? And should you have to choose?  In this keynote, Jason McGee will share his vision for the marriage of containers, apps, and functions -- driven by Kubernetes, Istio and the emergence of Knative into a single combined container platform.  It’s time to break down the silos and see how these projects’ paths are converging to solve real microservice dilemmas: security, scale, and operations.

Speakers
avatar for Jason McGee

Jason McGee

IBM Fellow, VP and CTO, IBM Cloud Platform, IBM
Jason McGee, IBM Fellow, is VP and CTO, IBM Cloud Platform. Jason is currently responsible for the IBM Cloud’s foundation services, including Kubernetes Containers, Functions, MessageHub, Logging, Monitoring, Container Registry, Terraform and Activity Tracker. Jason is also responsible... Read More →



Wednesday December 12, 2018 9:29am - 9:34am
Hall 4EF
  • Skill Level Any

9:36am

Keynote: Save Yourselves! - Liz Rice, Technology Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →



Wednesday December 12, 2018 9:36am - 9:56am
Hall 4EF
  • Skill Level Any

9:58am

Keynote: Developing Kubernetes Services at Airbnb Scale - Melanie Cebula, Software Engineer, Airbnb
You've already made the plunge to move to Kubernetes, and you feel pretty good about that. But why does it feel like it requires expert-level Kubernetes knowledge for engineers to get anything done? This talk will identify key problems that make out-of-the-box Kubernetes less friendly to developers, and strategies for addressing them, based on Airbnb’s experience empowering one thousand engineers to develop hundreds of Kubernetes services at scale.
 
 This talk will focus primarily on four problem areas:
 
 1. Configuration: Generated and templated configuration, extracting shareable components and containers
 
 2. CI/CD: Containerizing CI/CD, multi-stage builds, deploy strategies
 
 3. Service lifecycle: Primary and sidecar containers, Advanced pod readiness, warmup, graceful termination, etc
 
 4. Tooling: Creating and Distributing a kubectl wrapper

Speakers
avatar for Melanie Cebula

Melanie Cebula

Software Engineer, Airbnb
Melanie Cebula is a software engineer at Airbnb, where she works on service orchestration. She is passionate about making it easy for any developer to create and operate their service. Previously, she's spoken publicly about Airbnb's move from a monolithic to a microservices architecture... Read More →



Wednesday December 12, 2018 9:58am - 10:18am
Hall 4EF
  • Skill Level Any

10:18am

Keynote: Closing Remarks – Liz Rice, Technology Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. This year she is Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Wednesday December 12, 2018 10:18am - 10:20am
Hall 4EF
  • Skill Level Any

10:20am

Coffee Break
Wednesday December 12, 2018 10:20am - 10:50am
Hall 4AB

10:30am

Meet the Maintainer: Helm - Matt Farina, Samsung
Speakers
avatar for Matt Farina

Matt Farina

Sr. Staff Engineer, Samsung SDS


Wednesday December 12, 2018 10:30am - 11:00am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

10:30am

Meet the Maintainer: Linkerd - William Morgan, Buoyant
Speakers
avatar for William Morgan

William Morgan

CEO, Buoyant
William Morgan is the cofounder and CEO of Buoyant, creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, where he helped move Twitter from monolith to microservices. He was a software engineer at Powerset, Microsoft, and Adap.tv, and a research scientist... Read More →


Wednesday December 12, 2018 10:30am - 11:00am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

10:50am

Trace Driven Development: Unifying Testing and Observability - Ted Young, LightStep
This talk proposes a fundamentally new approach to tracing and monitoring: Trace Testing. We discuss testing against trace data rather than code, and how this technique opens the door to an entire suite of verification practices which are difficult to achieve with the current unit/integration test dichotomy.

We show that Trace Tests can span across multiple network calls, languages, and services, while still retaining unit-test-like ability to observe fine grained internal behavior. This combination is particularly useful in mircoservice and serverless environments.

In addition, Trace Testing ensure that behavior which is important enough to test in development is also observable in production.

We also propose that formal proof logic – which can catch new classes of bugs and help with live debugging – is not nearly as complicated once you have distributed tracing.

Speakers
avatar for Ted Young

Ted Young

Director of Open Source Development, LightStep
Ted Young is the Director of Open Source Development at LightStep, and one of the core maintainers of the OpenTracing project. | | Ted has spent the last 15 years building distributed systems in a variety of environments: computer animation, national elections, and elastic compute... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
Ballroom 6E
  • Skill Level Any

10:50am

Abstracting Heavy Lifting: How K8s Speeds Up Multi-Cloud Solution Delivery - Rob Zuber, CircleCI
At CircleCI, we build a complex, distributed system for CI/CD used by thousands of sophisticated teams. While we started as a single-cloud, SaaS product, we’ve grown to serve huge customers, across clouds and behind customers’ firewalls. With scale came issues in our ability to build, distribute, and manage our product.

CircleCI CTO Rob Zuber will discuss how we hit the limits of distribution via an unsophisticated orchestration engine, and how consolidating on K8s helps us control networking, security, and availability while minimizing one-off work. K8s also allows us to live a value: only building what is a core differentiator to our business.

Even if your team isn’t selling a distributed system, you can apply what we’ve learned. Abstracting your heavy lifting makes it possible to escape the whims of AWS, GCP, or Azure, reduce maintenance, and ultimately, helps drive velocity.

Speakers
avatar for Rob Zuber

Rob Zuber

CTO, CircleCI
Rob Zuber is a 20-year veteran of software startups; a four-time founder, three-time CTO with past investments from Google Ventures, Relay Ventures and Foundation Capital as well as exits to Appconomy and CircleCI. Since joining CircleCI, Rob has seen the company through its Series... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
611-614

10:50am

Building Container Images on Your Kubernetes Cluster with Knative Build - Gareth Rushgrove, Docker
One of the components of the recently released Knative project is Knative Build. This introduces the Build and BuiltTemplate objects to the cluster, meaning you can build images and then push them to a registry, all from within your Kubernetes cluster. In this talk we will:

* Introduce the new API objects and show how they can be used
* Convert an existing project from an existing CI system over to Knative Build, including building source code, running tests and pushing to a container registry
* Look at some of the existing build templates using Kaniko, Docker, Buildpacks and more
* Show how to write your own build templates and build images
* Compare the current workflow with that of different CI systems to better understand what might be built next

Speakers
avatar for Gareth Rushgrove

Gareth Rushgrove

Product Manager, Docker
Gareth Rushgrove is a product manager at Docker. He works remotely from Cambridge, UK, helping to build interesting tools for people to better manage infrastructure and applications. Previously he worked for the UK Government Digital Service focused on infrastructure, operations and... Read More →


Wednesday December 12, 2018 10:50am - 11:25am
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building

10:50am

Kubernetes is Still Hard for App Developers, Let’s Fix That! - Aaron Schlesinger, Microsoft
In this session, I’ll present two case studies that reveal the general needs of most small to medium size application developers. I’ll show that that these developers are severely underserved in the community and that we can drastically improve their experience and grow the Kubernetes community significantly.

I’ll use these case studies to detail the technologies a new developer needs to learn before they can get their app running, and I’ll demonstrate the workflow most new developers follow to launch and maintain their app in production.

I’ll then describe a hypothetical toolchain based on real world tools that would significantly simplify app creation and deployment for these users. The audience will leave with a deep understanding of a large class of underserved Kubernetes users and ideas for how to meet their needs.

Speakers
avatar for Aaron Schlesinger

Aaron Schlesinger

Cloud Developer Advocate, Microsoft
Aaron is a developer advocate at Microsoft Azure and a core maintainer of the Athens Project. He is an emeritus core maintainer and chair of the Kubernetes SIG-Service-Catalog and a contributor to various other projects in the Kubernetes community. He enjoys distilling his wide ranging... Read More →


Slides pdf

Wednesday December 12, 2018 10:50am - 11:25am
4C 1/2
  • Skill Level Any

10:50am

Intro to Agones: Scaling Multiplayer Game Servers with Kubernetes - Mark Mandel, Google
Kubernetes provides an amazing toolset for running processes over potentially thousands of machines. However, Dedicated Game Servers for real time multiplayer games, such as Fortnight, Overwatch, etc, have their own challenges that don’t directly line up with the solutions that Kubernetes natively provide. Game Servers are neither stateless (no Deployments), or ordered stateful (no StatefulSets) - but sit somewhere in between the two. They require direct connections (no load balancers), and can’t be turned off once players are connected to them (no traditional autoscalers).

In this talk we’ll discuss and demo the open source project Agones, developed by Google Cloud Platform in conjunction with Ubisoft. Utilising Kubernetes native extension mechanisms, it attempts to solve this problem by providing a batteries-included solution for running Dedicated Game Servers at scale on Kubernetes.

Speakers
avatar for Mark Mandel

Mark Mandel

Devleoper Advocate, Google
Mark Mandel is a Developer Advocate for Games for Google Cloud Platform, founder of the open source, multiplayer dedicated game server scaling project Agones, and one half of the Google Cloud Platform Podcast. Hailing from Australia, Mark built his career developing backend systems... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building

10:50am

Natural Language Code Search for GitHub Using Kubeflow - Jeremy Lewi, Google & Hamel Husain, GitHub
Turning ML into magical products often requires complex, distributed systems that bring with them a unique, ML specific set of infrastructure problems. A year ago, we started building Kubeflow to leverage Kubernetes to solve these problems. In this talk, we will use the example of a search engine for code using natural language (http://bit.ly/gh-kf-search) to illustrate how Kubeflow and Kubernetes can be used to deploy and manage ML products.

Speakers
avatar for Hamel Husain

Hamel Husain

Senior Data Scientist, GitHub
Hamel Husain is a Senior Data Scientist at Github who is focused on creating the next generation of developer tools powered by machine learning. His work involves extensive use of natural language and deep learning techniques to extract features from code and text. Prior to Github... Read More →
avatar for Jeremy Lewi

Jeremy Lewi

Software Engineer, Google
Jeremy Lewi is a co-founder and lead engineer at Google for the Kubeflow project, an effort to help developers and enterprises deploy and use ML cloud-natively everywhere. He's been building on Kubernetes since its inception starting with Dataflow and then moving onto Cloud ML Engine... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
Ballroom 6A
  • Skill Level Any

10:50am

Deep Dive: CNCF Cross-Cloud CI – Denver Williams, Debian & Taylor Carpenter, Vulk Voop
The CNCF CI Working Group was asked to demonstrate best practices for integrating, testing, and deploying projects within the CNCF ecosystem across multiple cloud and bare metal providers. The Cross-Cloud CI project continually validates the interoperability of each CNCF project, for any commit on stable and head, running on Kubernetes clusters which are provisioned to all supported cloud providers. The results of each testing stage are published to the cncf.ci status dashboard. This Deep Dive session will discuss how to implement CNCF projects (for build and e2e testing) and cloud providers (for Kubernetes provisioning). It may include an interactive walk-through of adding a new project or cloud provider to the Cross-Cloud CI system.

Speakers
avatar for Taylor Carpenter

Taylor Carpenter

Partner, Vulk Coop
Partner at Vulk Co-operative - http://vulk.coop Co-Lead Cross-Cloud CI project - http://crosscloud.ci OpsDev geek. Elixir and Ruby programmer. Father, book devourer, dark beer lover. I think the concept of a delightful user experience should be applied to all parts of life including... Read More →
DW

Denver Williams

Cross-Cloud Project Founder 跨云项目创始人, Debian



Wednesday December 12, 2018 10:50am - 11:25am
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building

10:50am

Deep Dive: gRPC Node - Michael Lumish, Google
A look at the Node gRPC implementations, their interoperability, and future development plans.

Speakers
ML

Michael Lumish

Software Engineer, Google
Michael is a Software Engineer at Google. Michael is the original author and primary maintainer of the Node gRPC library.



Wednesday December 12, 2018 10:50am - 11:25am
602-604

10:50am

Intro: CLI SIG – Mengqi Yu & Sean Sullivan, Google
This "intro" session will provide basic information to facilitate new SIG CLI contributors. This session will present an overview of the "kubectl" code base, as well as the basics of the development process. We will give a short history of this project. We will leave a significant amount of time for Q&A.

Speakers
avatar for Sean Sullivan

Sean Sullivan

Software Enginner, Google
Sean Sullivan joined the Kubernetes project with Google about a year and a half ago in 2017. He co-chairs SIG CLI, and he is an active SIG CLI contributor. His most recent work is moving kubectl out of the Kubernetes core repository, and into its own repository.
MY

Mengqi Yu

Software Engineer 软件工程师, Google
Mengqi has been working on the open source Kubernetes project and Google Kubernetes Engine (GKE) for more than 2 years. He is one of the maintainers of kubectl, kubebuilder and he is also one of the core contributor to the kustomize project. | | 于梦琦已经在Google为开源Kubernetes... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
2 A/B
  • Skill Level Any

10:50am

Intro: Minikube - Thomas Strömberg & Bálint Pató, Google
If you want to develop applications for kubernetes and try them out locally first, minikube is going to be your best bet. Come and explore the functionality of minikube via an introductory session from minikube maintainers from Google. We will cover the basics of getting started with minikube, how the local environment compares to a full kubernetes cluster and what customizations you can do to bring the maximum out of your local experience.

Speakers
avatar for Bálint Pató

Bálint Pató

Software Engineer, Google
Bálint works for Google as a Software Engineer since July 2017 and as of recently, he is leading efforts to improve developer experience for Kubernetes in the Google Container Tools team with tools like minikube and skaffold. In his 13 years as a software engineer, he worked in companies... Read More →
avatar for Thomas Strömberg

Thomas Strömberg

Senior Software Annihilator, Google
Thomas is one of the minikube maintainers, and works on the Cloud Container Tools team at Google. While a relative newcomer to the Kubernetes ecosystem, Thomas has over 20 years of  experience administering and automating complex computing environments. Thomas previously worked... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
615-617
  • Skill Level Any

10:50am

Intro: PM (Kubernetes) SIG – Stephen Augustus, Red Hat & Ihor Dvoretskyi, Cloud Native Computing Foundation
Kubernetes is one of the most high-velocity open source projects in the world, and one of the most unique features of this community project - that it has it's own PM team and PM process. SIG-PM, originally established as a Product Management Group, today covers multiple aspects of Product, Program and Project Management of Kubernetes. In this session, the SIG-PM co-chairs will provide a brief overview of SIG-PM history and basic principles, the areas of interaction with the Kubernetes community, together with the information on how to start contributing to Kubernetes as a PM.

Speakers
avatar for Stephen Augustus

Stephen Augustus

Specialist Solution Architect, OpenShift Tiger Team, Red Hat
Stephen Augustus is a Product Management Chair for the Kubernetes project. Additionally, he leads the Special Interest Group for Azure and has served as a Features Lead for the Kubernetes Release Team. Leveraging over a decade of systems, infrastructure, and network acumen, as well... Read More →
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate 开发人员倡导者, Cloud Native Computing Foundation
Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation, focused on Kubernetes-related efforts in the open source community. | | Ihor is a co-founder and co-lead of the Kubernetes Product Management Special Interest Group (SIG-PM), focused on enhancing Kubernetes... Read More →


Wednesday December 12, 2018 10:50am - 11:25am
3 A/B
  • Skill Level Any

10:50am

Intro: SPIFFE - Andrew Jessup & Daniel Feldman, Scytale
Modern software development relies on many microservices working together, that in production may be distributed over different middleware systems, container schedulers, PaaS platforms, and varying cloud providers. As production environments become more complex, and dynamic - establishing trust between microservices is becomes more difficult, creating challenges for developers, operations teams, and security teams alike.

Enter SPIFFE (Secure Production Infrastructure for Everyone) and which builds on designs first championed at Google, Twitter and elsewhere to provide robust authentication and trust between disparate micro-services. SPIFFE and SPIRE make it trivial to establish trust between workloads that may be elastically scaled and dynamically scheduled and deployed in deeply heterogeneous environments.

We'll walk through the design goals for SPIFFE (a specification) and SPIRE (a multi-cloud implementation of SPIFFE), an overview of SPIRE's modular architecture, and an overview of how it can be used in conjunction with other tools such as secret stores and service meshes to build secure and scalable microservice architectures.


Speakers
avatar for Daniel Feldman

Daniel Feldman

Software Engineer, Scytale
Daniel Feldman is an engineer who is trying to make the world's networks more secure. Before joining Scytale, he worked at Veritas, making the world's most popular enterprise backup product into a zero-trust system. Before that, he worked at Symantec on massively parallel distributed... Read More →
avatar for Andrew Jessup

Andrew Jessup

VP, Product, Scytale
Andrew is an engineer, and entrepreneur with a passion for building tools that help bring simplicity to software development. Before co-founding Scytale, Andrew was a product manager on Google’s Cloud Platform, launching many of the automation primitives on Google Compute Engine... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
618-620
  • Skill Level Any

10:50am

Connecting Kubernetes Clusters Across Cloud Providers - Thomas Graf, Covalent
It is well understood how to run individual Kubernetes clusters in all major clouds, managed and self-managed, but how do we connect individual clusters together? This talk will guide you how to interconnect multiple Kubernetes clusters running in different cloud providers. We will discuss how to establish basic pod to pod connectivity across clusters, add load balancing using standard Kubernetes services and finally add label based network policy to secure the communication both inside the cluster and across clusters. As a bonus, we will add Istio on top to establish mutual TLS across clusters for added security.

Speakers
avatar for Thomas Graf

Thomas Graf

Co-Founder & CTO, Isovalent
Thomas Graf is Co-Founder & CTO at Isovalent and creator of the Cilium project. Before this, Thomas has been a Linux kernel developer at Red Hat for many years.



Wednesday December 12, 2018 10:50am - 11:25am
Ballroom 6C
  • Skill Level Any

10:50am

Cortex - Infinitely Scalable Prometheus - Bryan Boreham, Weaveworks
Prometheus is an excellent monitoring solution, however it is designed to store all metrics on one host in one set of files, which limits scalability and availability.

This talk provides an overview of Cortex, an Open Source project proposed for donation to the CNCF, which takes metrics from multiple Prometheus instances and stores them in a NoSQL database.

Outline:
- Microservices architecture of Cortex
- NoSQL back-end (DynamoDB, Bigtable or Cassandra)
- Fault-tolerance via DHT-based ingestion tier and stateless query tier
- Deployment via Kubernetes
- Architectural comparison to projects in the same area, such as Thanos and M3
- Lessons learned from operating “Prometheus as a service” for two years

Speakers
avatar for Bryan Boreham

Bryan Boreham

Director of Engineering, Weaveworks
Bryan is Director of Engineering at Weaveworks, delivering deployment, observability and monitoring for containers and microservices. | | Previously, Bryan has worked on many kinds of systems including financial trading, factory control and cake-shop. Outside of work he is a father... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
606-609
  • Skill Level Any

10:50am

From Zero to Production with Kubernetes - Daniel Lopez Ridruejo & Gus Lees, Bitnami
This session provides a practical intro to deploying Kubernetes applications into production.

Kubernetes is becoming the standard platform for deploying applications in the enterprise. The Helm project provides tooling for packaging and an extensive catalog of ready to run applications. However, deploying applications in production requires much more: monitoring, logging, certificate management and so on. The community has adopted a de-facto ‘production stack’ that includes popular projects such as Prometheus, Vault, ElasticSearch, Fluentd and others. Unfortunately, putting together this basic plumbing is not standardized, and results in a lot of wasted, duplicated efforts.

This session will introduce the Kubernetes production runtime, an open source stack that can simplify and automate production deployments, and explain how it relates to Knative and Gitlab's Autodevops.

Speakers
avatar for Angus Lees

Angus Lees

Principal Engineer, Bitnami
Angus Lees is a principal software engineer with Bitnami, working on and with Kubernetes. He has decades of experience with Linux and the Free Software community, including 9 years working with Google’s internal cluster and networking infrastructure, several years as an OpenStack... Read More →
avatar for Daniel Lopez Ridruejo

Daniel Lopez Ridruejo

Founder, Bitnami
Daniel is co-founder and CEO of Bitnami, a company focused on multi-platform application packaging and deployment. Bitnami is an important contributor to several K8s-related open source projects, including Helm, Monocular, Kubeapps, Kubeless and smaller ones. | | Daniel is an emeritus... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
4C 3/4
  • Skill Level Any

10:50am

Friends Don’t Let Friends Leave Their Kubernetes Data Unprotected - Rita Zhang, Microsoft
In recent headlines, there are increasing news about cloud resources getting hacked caused by attacks on Kubernetes clusters. Failing to properly secure your Kubernetes data can result in cloud resources getting hacked and your application secrets getting stolen. The etcd database contains information that may grant an attacker significant visibility into the state of your cluster.

This presentation focuses on how to use the encryption at rest feature to encrypt secret resources in etcd, preventing parties from gaining access to view the content in etcd and etcd backups. Starting from Kubernetes v1.10, we have added --experimental-encryption-provider-config that controls how API data is encrypted in etcd by KMS providers. We will also look at how you can securely leverage KMS providers as stores for your application secrets, keys, and certs.

Speakers
avatar for Rita Zhang

Rita Zhang

Principal Software Engineer, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco. She spends most of her days contributing to various open source projects as part of the Azure Cloud Native Compute engineering team. Rita is passionate about open source, running distributed workloads... Read More →



Wednesday December 12, 2018 10:50am - 11:25am
Ballroom 6B

11:00am

Meet the Maintainer: Envoy - Matt Klein, Lyft
Speakers
avatar for Matt Klein

Matt Klein

Software Engineer, Lyft


Wednesday December 12, 2018 11:00am - 11:30am
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:30am

Meet the Maintainer: Jaeger - Yuri Shkuro, Uber Technologies
Speakers
avatar for Yuri Shkuro

Yuri Shkuro

Software Engineer, Uber
Yuri is a software engineer at [Uber Technologies](http://eng.uber.com/), working on distributed tracing, reliability, monitoring, and efficiency. Founder of [CNCF Jaeger](http://jaegertracing.io), a distributed tracing system, and co-author and Specification Council member of [CNCF... Read More →


Wednesday December 12, 2018 11:30am - 12:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:30am

Meet the Maintainer: Prometheus & OpenMetrics - Richard Hartmann, SpaceNet AG
Speakers
avatar for Richard (RichiH) Hartmann

Richard (RichiH) Hartmann

Monitoring Lead 关于监管的提示, SpaceNet AG
Richard "RichiH" Hartmann is a technical architect at SpaceNet, leading both a new datacenter build and monitoring. By night, he is involved in several FLOSS projects, including Debian and Prometheus, and organizing related conferences, including FOSDEM, DENOG, and Chaos Communication... Read More →


Wednesday December 12, 2018 11:30am - 12:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

11:40am

Deploying Rock Solid Applications with Kubernetes - Jelmer Snoeck, Manifold
Kubernetes has made it easy to deploy applications to the cloud. It’s even made it easy to deploy the same application across several instances. This, however, does not mean that your application will be highly available by default. To achieve high availability for your applications, there's a lot more involved.

In this talk we'll look at:
- creating secure Docker images and enforcing this at the cluster level with Pod Security Policies;
- configuring Health Checks and possible caveats like Circular Dependencies;
- limiting traffic between services with Network Policies;
- tolerating node failure by implementing correct Anti-Affinity rules;
- rescheduling pods onto new available nodes after node failure with Disruption Budgets;
- setting up correct deployment strategies;
- how to automate this with Custom Resource Definitions;

Speakers
avatar for Jelmer Snoeck

Jelmer Snoeck

Tech Lead, Manifold
Jelmer Snoeck is a software engineer at Manifold. He has a background as Site Reliability Engineer at companies like Wonderbly and Mint Digital. Here he focused on reliability and availability. He's currently using these skills to build integrations on top of Kubernetes. Jelmer also... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
Ballroom 6E

11:40am

Our Journey to Service 5 Million Messaging Connections on Kubernetes - Dylan O'Mahony, Bose & Dave Doyle, Connected
We propose to present a case study on how we built a high-scale messaging service and state store on Kubernetes. The solution supports millions of persistent, concurrent connections; enables tens of thousands of messages per second; is globally addressable; stores millions of states; and responds with minimal latency (<250ms).
 
To evaluate build approaches, the team split into Makers & Breakers. Makers developed the solution stack while Breakers focused on repurposing Locust, a high-scale load testing framework, to simulate behavior. Leveraging the flexibility of Kubernetes, we were able to scale the stack and solve blockers on the path to a viable solution. Blockers included ingress, file descriptors, service discovery and resource limits. The experience was deeply educational, generating key learnings for developers tasked with building a scaled solution on top of Kubernetes.

Speakers
avatar for Dave Doyle

Dave Doyle

Software Engineer Manager, Connected
Dave Doyle leads a diverse team of engineers, exploring the viability of high-scale, low-latency messaging solutions for next-gen IoT applications using VerneMQ and Cassandra. He spent the last 18 years building high-performance systems across a range of technical domains. He has... Read More →
avatar for Dylan O'Mahony

Dylan O'Mahony

Cloud Architecture Manager, Bose
Dylan has spent his entire career at Bose, focused on bringing new technology and software solutions to bear on the business. His journey has taken him from managing the bose.com web technology team, to running an IT innovation lab to, most recently, leading the architecture of a... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
611-614
  • Skill Level Any

11:40am

Automating Enterprise Governance Using the CI/CD Pipeline - Satyam Agarwala, ThoughtWorks & Mark Angrish, ANZ
ANZ bank has been on a transformation journey to achieve greater business agility.

A key initiative in that journey has been the creation of ANZ flavoured "paved roads" (inspired by Netflix), realised as self-service CI and CD pipelines, that allow delivery teams to deploy software to production (Google Kubernetes Engine) faster without compromising on quality, security or compliance.

A vital characteristic of the "paved roads" is the automation of the governance process the bank has in place for change management. These are driven by some of the strictest financial regulations in the world. This was achieved by integrating open source tooling such as Grafeas and Kritis into the pipelines to track build metadata and enforce policy.

In this talk we will discuss the benefits the approach provided in meeting the strict regulatory requirements while accelerating the journey to GKE.

Speakers
avatar for Satyam Agarwala

Satyam Agarwala

Lead Consultant, ThoughtWorks Australia
Satyam is a Lead Consultant with ThoughtWorks Australia. He has worked with a variety of organisations, from startups to enterprises, across multiple geographies. His primary focus is helping clients increase speed of delivery of value to their customers through use of modern CI... Read More →
avatar for Mark Angrish

Mark Angrish

Tech Area Lead - Engineering Acceleration, ANZ
After leading the Engineering on the new ANZ app (which was recently number one in the app store!), Mark is now the manager of the Engineering Acceleration Tribe at ANZ, responsible for transforming the speed at which the bank delivers secure and quality software, at scale. From algorithmic... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

11:40am

Birds of a Feather: LGBTQIAP+ - The Final Minority Challange - Rob de Canha-Knight, SUSE
The technology and open source community has made great efforts over the past few years to try and improve the ease of access to the field to minority communities. There has been some success in enabling Female and BAME groups into Tech related employment fields.

However, there remains one subsection of the technology community that is still significantly underrepresented. The LGBTIQIA community is still significantly underrepresented in tech with some estimates placing this community at 3-4% of employees.

This birds of a feather session will discuss the issues that lead to this underrepresentation as well as strategies companies and OSS communities can use to ensure they get the best employees and contributors regardless of any minority group that these employees or contributors belong to as after all; companies communities with a more diverse workforce are better enabled for success

Speakers
avatar for Rob De Canha-Knight

Rob De Canha-Knight

Technical Strategist, SUSE
I'm a strategist for SUSE and I help customers and communities architect and achieve all their Container, Kubernetes, Cloud and DevOps dreams!


Wednesday December 12, 2018 11:40am - 12:15pm
4C 1/2
  • Skill Level Any

11:40am

Custom Controllers to the Rescue: Tailoring API Objects to Your Needs - Stephen Chan & Davi Arnaut, Airbnb
External controllers and admission controllers are a great way to extend Kubernetes and enforce cluster policies that are particular to your needs. In this talk, we’ll showcase how to use controllers backed by real examples used in production at Airbnb. We’ll show how controllers can help the scheduler spread a deployment’s pods across zones more evenly, enforce maximum pod age, and taint nodes based on conditions set by node-problem-detector. We’ll also show how we use admission controllers to enforce naming conventions and security constraints such as container image source on API objects submitted to a cluster.

Speakers
avatar for Davi Arnaut

Davi Arnaut

Site Reliability Engineer, Airbnb
Davi Arnaut is a member of the SRE team and works on supporting the Kubernetes initiatives at Airbnb.
SC

Stephen Chan

Software Engineer, Airbnb
Stephen Chan is a software engineer at Airbnb working on all things Kubernetes.


Wednesday December 12, 2018 11:40am - 12:15pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building

11:40am

Nezha: A Kubernetes Native Big Data Accelerator For Machine Learning - Huamin Chen, Red Hat & Yuan Zhou, Intel
Large training datasets used by machine learning frameworks, such as Kubeflow, are usually stored in low cost and high capacity S3 or Google Cloud Storage. However, S3’s rating limiting and slow data downloading significantly challenges training performance and limits compute scalability.

We introduce NeZha and explain how it improves Kubeflow’s training. Nezha is an open source, community driven, and highly collaborative project, contributed by storage and big data engineers. Nezha is based on Kubernetes Initializer: it rewrites Pod spec, adds a sidecar S3 cache, and redirects Pod to use local cache to accelerate.

Nezha is self contained and easy to use. It does not require modification to existing applications or user visible Pod changes.

Nezha improves big data application performance. Our initial Kubeflow benchmark results using MNIST dataset shows NeZha achieves ~2x speedup.

Speakers
avatar for Huamin Chen

Huamin Chen

Principal Software Engineer, Red Hat
Dr. Huamin Chen works at Red Hat's CTO office and is passionate inventor and developer about storage and cloud technologies. He is one of the founding members of Kubernetes SIG-Storage, and created the storage volume plugins for Kubernetes and OpenShift. He is also a member of Rook... Read More →
avatar for Yuan Zhou

Yuan Zhou

Senior Software Development Engineer, Intel
Yuan Zhou is a Senior Software Development Engineer in the Software and Service Group for Intel Corporation, working in the OpenSource Technology Center primarily focused on BigData Analytics Storage. He has been working on Databases, Virtualization and Cloud computing for most of... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
Ballroom 6A

11:40am

Deep Dive: etcd - Xiang Li, Alibaba & Wenjia Zhang, Google
This is a Q&A style session where etcd maintainers will discuss frequently asked questions and interesting ideas around the project. We will leave some time for the audience to ask questions, bring concerns, or propose new features! Come and join us to learn more about etcd!

Speakers
XL

Xiang Li

Senior Staff Engineer, Alibaba
Xiang is a Senior Staff Engineer of Alibaba. He works on Alibaba’s cluster management system and helps with Kubernetes adoption for the entire Alibaba group. Prior to Alibaba, Xiang led the Kubernetes upstream team at CoreOS. He is also the creator of etcd and Kubernetes operator... Read More →
avatar for Wenjia Zhang

Wenjia Zhang

Software Engineer 软件工程师, Google
Wenjia Zhang is a Software Engineer on Kubernetes team at Google. She is an active contributor for both Kubernetes and etcd open source projects. | | Wenjia Zhang 在谷歌 Kubernetes 团队担任软件工程师。她也积极参与 Kubernetes 和 etcd 开源项目。



Wednesday December 12, 2018 11:40am - 12:15pm
3 A/B

11:40am

Deep Dive: kubespray - Antoine Legrand, Red Hat & Chad Swenson, AT&T
Kubespray is one of the most versatile kubernetes-cluster manager and benefits of an extremely active community. The first half of the session we will demo and discuss the most recent features such as deploying on hybrid linux-windows cluster, enabling GPU compute nodes, share useful tips and focus in general to get more from Kubespray. On the second half of the deep-dive we would like to give voice to the community and open a discussion about how to keep moving the project forward, next priorities and allow a large amount of time for questions.

Speakers
AL

Antoine Legrand

Software Engineering Manager, CoreOs / Red Hat
Antoine Legrand is a software engineer at CoreOS co-leading the working-group 'app-definition' and works closely with major actors in the ecosystem to improve the user experience in managing application in Kubernetes. Antoine is involved with open source and cloud native software... Read More →
avatar for Chad Swenson

Chad Swenson

Lead Software Engineer, AT&T
In open-source, Chad is a maintainer of the SIG Cluster Lifecycle project - kubespray. | At AT&T, Chad is the Lead Software Engineer for a Kubernetes based microservices platform that has been used in production since summer 2016.



Wednesday December 12, 2018 11:40am - 12:15pm
602-604

11:40am

Intro: Autoscaling SIG - Solly Ross, Google & Michael Hausenblas, Red Hat
SIG Autoscaling develops and maintains the components related to automated scaling in Kubernetes: the Horizontal Pod Autoscaler, Vertical Pod Autoscaler, and Cluster Autoscaler. In this introduction, we'll explain common use cases for each of the three different components, and how they can be used together to build more complex autoscaling stories. Finally, we'll cover recent ongoing development work on each of the components, and discuss plans for the autoscaling components in the upcoming Kubernetes releases.

Speakers
avatar for Michael Hausenblas

Michael Hausenblas

Developer Advocate, Red Hat
Michael is a Developer Advocate for Go, Kubernetes, and OpenShift at Red Hat where he helps appops to build and operate distributed services. His background is in large-scale data processing and container orchestration and he's experienced in advocacy and standardization at W3C and... Read More →
avatar for Solly Ross

Solly Ross

Software Engineer, Google
Solly Ross is the SIG lead for SIG Autoscaling, and works on Kubernetes with a focus on custom controller tooling, autoscaling, and metrics. When not dabbling in other parts of the Kubernetes code base, Solly enjoys a wide range of programming topics, and can be found most places... Read More →


Wednesday December 12, 2018 11:40am - 12:15pm
618-620
  • Skill Level Any

11:40am

Intro: AWS SIG - Nishi Davidson, Amazon Web Services & Justin Santa Barbara, Google
SIG AWS has been a user forum thus far. With K8s 1.13 we are doubling down on AWS’s contribution roadmap to maintain and release code, binaries, features, documentation and tests. We have 6 subprojects actively being developed with the community. We would like to discuss these projects, their release status, give an update on our 1.13 release features and our investment wrt testing and scale testing.

Speakers
JS

Justin Santa Barbara

Software Engineer, Google
Justin is one of the kubernetes sig-aws leads and started the kops project, so loves to talk about how to install and operate kubernetes, or on all things kubernetes-on-AWS or on other clouds (particularly GCP, having recently joined Google!)
avatar for Nishi Davidson

Nishi Davidson

Product & Engineering, K8s
Nishi Davidson has been in the cloud infrastructure and software application space for 16 years working across engineering, product and strategy in S.E Asia, MEA and the US markets. Currently she is responsible for AWS’s open source engineering efforts in the Kubernetes community... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
615-617
  • Skill Level Any

11:40am

Intro: Azure SIG - Khaled (Kal) Henidak , Microsoft & Stephen Augustus, Red Hat
In the SIG Azure Intro, we’re going to tell you all about why SIG Azure exists and the team behind managing it. From there, we’ll talk about what’s happened over the last few releases, Kubernetes 1.11 and Kubernetes 1.12, as well as some of what’s planned for Kubernetes 1.13. Additionally, we’ll cover some of the effort to shift cloud provider-specific code, like the Azure cloud-controller-manager, out of the core Kubernetes codebase. Finally, and most importantly, we’ll talk all about some of the best ways to get involved with SIG Azure and all of the forums that we’re communicating on!

Speakers
avatar for Stephen Augustus

Stephen Augustus

Specialist Solution Architect, OpenShift Tiger Team, Red Hat
Stephen Augustus is a Product Management Chair for the Kubernetes project. Additionally, he leads the Special Interest Group for Azure and has served as a Features Lead for the Kubernetes Release Team. Leveraging over a decade of systems, infrastructure, and network acumen, as well... Read More →


Wednesday December 12, 2018 11:40am - 12:15pm
2 A/B
  • Skill Level Any

11:40am

Intro: Windows SIG - Michael Michael, VMware & Patrick Lang, Microsoft
The chairs for SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes and talk about our future roadmap. At the end we will have a Q&A session centered on requests by the community.

Speakers
avatar for Patrick Lang

Patrick Lang

Senior Software Engineer, Microsoft
Patrick Lang is a Senior Software Engineer at Microsoft building and teaching how to use Kubernetes and Windows container technologies. He is a regular speaker on Windows Server Container development and management that helped launch the tech at MS Ignite and Build conferences along... Read More →
MM

Michael Michael

Director of Product Management, VMware
Michael Michael (or M2 as he's known) is VMware's Director of Product Management. Michael also co-chairs the Kubernetes SIG-Windows which is tasked to bring Windows Server support natively to Kubernetes. Prior to VMware, Michael spend 5 years as the Senior Director of Product Management... Read More →


Wednesday December 12, 2018 11:40am - 12:15pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any
  • Link to Session Recording Michael Michael (or M2 as he's known) is VMware's Director of Product Management. Michael also co-chairs the Kubernetes SIG-Windows which is tasked to bring Windows Server support natively to Kubernetes. Prior to VMware, Michael spend 5 years as the Senior Director of Product Management and Integrations at Apprenda and 12 years at Microsoft as a Principal Program Manager working on Virtualization, Azure, and Windows Server technologies. Michael holds a Master in Computer Science from Stanford University, a Technology M.B.A., and a Bachelor of Science in Computer Science from the University of Texas at Austin

11:40am

Understanding CoreDNS in Kubernetes - John Belamaric, Google; Cricket Liu & Francois Tur, Infoblox
In Kubernetes 1.11, CoreDNS is Generally Available (GA) as a DNS-based service discover option. In this presentation, we will go over the default CoreDNS configuration - "Corefile" - used when deploying CoreDNS via kubeadm. This will include a line-by-line discussion of the Corefile and what each option means, and how you can modify or customize the configuration using other features of CoreDNS. You will learn about some of the unique, Kubernetes-specific features in CoreDNS, as well as broader DNS-related features, and how to utilize those in your clusters.

Speakers
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John Belamaric is an experienced software engineer and architect with over 20 years of software design and development experience. He works on the Google Cloud team, focused on Kubernetes and GKE. He is also a core maintainer of CoreDNS, a CNCF project that provides dynamic, DNS-based... Read More →
avatar for Cricket Liu

Cricket Liu

Chief DNS Architect, Infoblox
Cricket Liu is an authority on the Domain Name System and the co-author of all of O'Reilly Media’s books on DNS, including the classic DNS and BIND.  As Infoblox’s Chief DNS Architect, Cricketguides the development of Infoblox’s product and business strategy, and serves as... Read More →
avatar for Francois Tur

Francois Tur

Engineering Manager, Infoblox
Francois Tur is a Software Engineer who has worked for Infoblox since 2011. | He has spent 15 years developing network management software, dealing with SEM, SIEM, NCCM, and DNS/DHCP protocols. Tur was one of the Infoblox’s team leaders who enhanced the NIOS Infoblox product from... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
Ballroom 6C

11:40am

Audit in Kubernetes, the Future is Here - Stefan Schimanski & Maciej Szulik, Red Hat
Advanced Auditing is now available, and you should learn how to use it. Last year, we proposed a list of improvements to Kubernetes auditing, and this year we are happy to report that we have delivered them! Join us for this session to learn what Advanced Auditing does, how to adapt it to your own requirements, and how to integrate it into your infrastructure.

Topics to be covered include:
1. From basic audit to advanced audit
2. Defining a policy (examples)
* Deep object logging
* Excluding secrets
* Logging different objects at different levels
3. Integrating with your infrastructure
4. Performance impact vs. consistency
5. Writing an audit webhook server
6. Which future improvements are planned


We are hoping to demystify the complexity of the policy configuration by showing
a handful of example rules that will allow attendees to better understand the mechanism.

Speakers
avatar for Stefan Schimanski

Stefan Schimanski

Senior Software Engineer, Red Hat
Stefan is a Senior Software Developer at Red Hat working on Kubernetes and OpenShift, with a focus on API machinery, extension points and developer tools as part of Sig API Machinery. He is one of the top-3 reviewers in the project (number of reviews). Stefan is a 2nd time GoogleSummer... Read More →
avatar for Maciej Szulik

Maciej Szulik

Software Engineer, Red Hat, Inc.
Maciej is a passionate developer with over 10 years of experience in many languages. He's working on OpenShift and Kubernetes for Red Hat. In his free time he enjoys hacking on bugs.python.org and CPython's IMAP library. He's a frequent speaker at various events and meet ups, including... Read More →



Wednesday December 12, 2018 11:40am - 12:15pm
606-609

11:40am

Weave & Chick-fil-A: Managing Fleets of Kubernetes Clusters w/ GitOPs - Sean Drucker, Chick-fil-A, Inc. & Alexis Richardson, Weaveworks
GitOps provides an operating model for managing multiple Kubernetes clusters at scale. In this session, Chick-fil-A and Weave will share examples from our production experience running many K8s clusters.

Weave operates a global SaaS product in the cloud using Kubernetes. Chick-fil-A is running Kubernetes clusters at the Edge in restaurants. Both companies have solved the challenges of managing many clusters by combining Kubernetes' natural affinity for declarative infrastructure and its well-defined objects with Git to develop a management technique called “GitOps".

In this session, you will learn what GitOps is and how it can help you
effectively manage and monitor your Kubernetes clusters. We will share about the projects we have built to solve common management problems like CI/CD, K8s object generation, configuration management/drift, and observability of the stack.

Speakers
avatar for Sean Drucker

Sean Drucker

Principal Engineer, Chick-fil-A
avatar for Alexis Richardson

Alexis Richardson

Founder & CEO, Weaveworks
Alexis is the co-founder and CEO of Weaveworks. He is also the chairman of the TOC for CNCF, and the co-founder of the Coed:Code meet ups. | | Previously he was at Pivotal, as head of products for Spring, RabbitMQ, Redis, Apache Tomcat and vFabric. Alexis was responsible for resetting... Read More →


GitOps pdf

Wednesday December 12, 2018 11:40am - 12:15pm
4C 3/4

11:40am

So You Want to Run Vault in Kubernetes? - Seth Vargo, Google
Kubernetes is great for running applications, but can it run secure workloads like HashiCorp Vault, a popular open source secrets management tool? This two-part, demo-driven talk explores the answers to that question.

The first part showcases how to run Vault securely on Kubernetes. We walk through different deployment architectures and strategies for making sure Vault is run in the most secure manner on Kubernetes.

The second part focuses on how services deployed in Kubernetes interact with Vault. We discuss the implementation details and tradeoffs for authenticating pods and services to Vault to retrieve dynamic credentials like database passwords and Google Cloud IAM credentials.

Attendees we leave with an understanding of how to operationalize better run secure workloads like Vault inside Kubernetes and how to expose secure workloads to other services in the cluster.

Speakers
avatar for Seth Vargo

Seth Vargo

Developer Advocate, Google
Seth Vargo is a Developer Advocate at Google. Previously he worked at HashiCorp, Chef Software, CustomInk, and a few Pittsburgh-based startups. He is the author of Learning Chef and is passionate about reducing inequality in technology. When he is not writing, working on open source... Read More →


Wednesday December 12, 2018 11:40am - 12:15pm
Ballroom 6B

12:00pm

12:15pm

Diversity Lunch: Building Tech Skills & An Inclusive Community - Sponsored by Google Cloud and Heptio (Registration Required)
Join us for a special luncheon & program featuring an agenda that everyone can appreciate! The luncheon will feature round table discussions around diversity and inclusion and opportunities to get hands on with Kubernetes or pair program on your problem of choice in a safe space with allies.

You’ll have the chance to get to connect with others in the community and build relationships with both novice and open source veterans in the tech industry from around the globe.

Register today! Space is limited.

Wednesday December 12, 2018 12:15pm - 1:45pm
Skagit 4/5 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

12:15pm

Lunch
Wednesday December 12, 2018 12:15pm - 1:45pm
Hall 4AB

1:00pm

Meet the Ambassador: Ross Kukulinski, Heptio
Speakers
avatar for Ross Kukulinski

Ross Kukulinski

Senior Product Manager, Heptio
Ross Kukulinski is a Senior Product Manager at Heptio, Inc., where he focuses on growing the Kubernetes community, tackling global-scale engineering problems, and guiding businesses on their Cloud Native journey. His technical background is in architecting and deploying scalable... Read More →


Wednesday December 12, 2018 1:00pm - 1:30pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

1:00pm

1:30pm

Meet the Ambassador: Ross Kukulinski, Heptio
Speakers
avatar for Ross Kukulinski

Ross Kukulinski

Senior Product Manager, Heptio
Ross Kukulinski is a Senior Product Manager at Heptio, Inc., where he focuses on growing the Kubernetes community, tackling global-scale engineering problems, and guiding businesses on their Cloud Native journey. His technical background is in architecting and deploying scalable... Read More →


Wednesday December 12, 2018 1:30pm - 2:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

1:30pm

1:45pm

Effective Development with Kubernetes: Techniques, Tools and Telepresence - Philip Lombardi, Datawire.io
Every software development cycle is rife with inefficiency. Seasoned devs know the pain of getting access to essential remote systems, waiting for tests to run (and then fail), or debugging with only log files. This talk teaches you how to best leverage Kubernetes, remote infrastructure and related tooling to create a dev cycle that maximizes velocity and minimizes developer friction and frustration.

Using tools such as Kubernetes, Docker and Telepresence, I will walk attendees through several advanced techniques that can be used to produce an effective developer experience and optimized dev loop. The goal of this is to eliminate many sources of frustrating inefficiency and reduce cycle time between releases. I will demonstrate how to incrementally adopt some of these techniques and how to approach introducing new and unfamiliar technology and techniques to skeptical dev teams.

Speakers
avatar for Philip Lombardi

Philip Lombardi

Lead Platform Engineer, Datawire.io
Philip Lombardi is Lead Platform Engineer at Boston startup Datawire.io where he is responsible for the teams internal Kubernetes platform and many of the dev tools that help Datawire engineers write and ship code daily. Philip is an active contributor to the CNCF Telepresence project... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
Ballroom 6E

1:45pm

Deep Dive: Operator Framework BoF - Diane Mueller & Sebastian Pahl, Red Hat
An Operator is a method of packaging, deploying and managing a Kubernetes application. A Kubernetes application is an application that is both deployed on Kubernetes and managed using the Kubernetes APIs and kubectl tooling. To be able to make the most of Kubernetes, you need a set of cohesive APIs to extend in order to service and manage your applications that run on Kubernetes. You can think of Operators as the runtime that manages this type of application on Kubernetes. http://coreos.com/operators The Deep Dive will cover the * The Operator Framework is an open source toolkit to manage Kubernetes native applications, called Operators, in an effective, automated, and scalable way. This session will discuss the Operator SDK, Operator Metering and Operator Lifecycle Manager.

Speakers
avatar for Diane Mueller

Diane Mueller

Director, Community Development, Red Hat
Director, Community Development at Red Hat | co-chair, Operator Framework SIG | co-chair, OpenShift on Machine Learning SIG | organizer, OpenShift Commons Gathering
avatar for Sebastien Pahl

Sebastien Pahl

Red Hat
I'm a director of engineering at Red Hat, currently leading the Operator Framework teams. I previously managed teams at Mesosphere around Mesos and Kubernetes, and the SRE team at Cloudflare. Before that, I co-founded Dotcloud, the company that later pivoted into becoming Docker... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
602-604

1:45pm

Evolving Legacy Systems into Kubernetes at Lyft: A Hybrid Environment - Lita Cho & Jose Nino, Lyft
Before Kubernetes, Lyft has hundreds services that deployed as VMs in AWS. Moving over to Kubernetes is a big undertaking. This talk will go over how we leveraged Envoy and the go-control-plane (the service that hosts Envoy configuration and discovery API) to split traffic between our legacy infrastructure and our Kubernetes infrastructure. This talk will demonstrate how Lyft handled service discovery within our hybrid environment, various ways to control the traffic when Kubernetes issues came up, and how Lyft used Envoy as a sidecar container to keep in par with the legacy behavior. Lastly, this talk will discuss the various challenges we faced with this migration plan but why it was needed due to the size of Lyft’s legacy infrastructure.

Speakers
avatar for Lita Cho

Lita Cho

Senior Software Engineer, Lyft
Lita is a senior software engineer on the Networking team, building out the service mesh to handle both Kubernetes and legacy systems at Lyft. She also maintains the tracing infrastructure at Lyft. Before that, she worked on building out the API infrastructure using Protocol Buffers... Read More →
JN

Jose Nino

Software Engineer, Lyft
Jose Nino is the lead for Core Server Networking group at Lyft. During his time at Lyft, Jose has been instrumental in creating systems to scale Lyft's Envoy production environment for increasingly large deployments and engineering orgs. He has worked as an open source Envoy maintainer... Read More →


Wednesday December 12, 2018 1:45pm - 2:20pm
611-614

1:45pm

CNCF Cross-Cloud CI - Adding Support for New Platforms - Andrew Kutz, VMware
The CNCF cross-cloud project deploys Kubernetes and popular cloud native applications to multiple platforms on a nightly basis. The results are available each day on the CNCF cross-cloud dashboard, https://cncf.ci. The dashboard helps visitors decide which platform to use when scheduling cloud native workloads. In this presentation, Andrew Kutz will review how to add support for a new platform to the cross-cloud testing project, common challenges faced when doing so, and tips for debugging failed deployments.

Speakers
avatar for Andrew Kutz

Andrew Kutz

Staff Engineer II, VMware
Andrew Kutz has worked in IT professionally for over 15 years and in that time has worn many hats. From speaking at VMworld, editing books on blade servers, or blogging about Golang, Andrew has spent as much time in front of people has he has in front of a computer. At VMware Andrew... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

1:45pm

Open Source, Open Community and Open Development - Craig McLuckie, Heptio
As we look back on the history of Kubernetes, decisions we made on our approach to the community fundamentally shaped not only the character of the project, but drove its success in a contested ecosystem. During this session Craig, one of the Kubernetes founders will talk through decisions made on how to approach the community and how that ultimately shaped the future and success of the project. We will look at lessons learned through the early days of Kubernetes and look at how those can be applied to new projects and initiatives going forwards.

The talk will focus on Open Source and its significance in driving adoption of new enterprise technologies in the emerging world, Open Community and the value of a truly vendor neutral environment, and Open Design that allow users of a technology to participate in its evolution.

Speakers
avatar for Craig McLuckie

Craig McLuckie

CEO, Heptio
Craig McLuckie is the CEO of Heptio. Previously he worked at Google where co-founded the Kubernetes project, bootstrapped the Cloud Native Computing Foundation and launched Google Compute Engine.


Wednesday December 12, 2018 1:45pm - 2:20pm
4C 1/2
  • Skill Level Any

1:45pm

Defining Mutli-Tenant Access Controls for a Cluster - Anund McKague, Atlassian
What we've learned while building an internal PaaS allowing automated self service access to our multi-tenant clusters. Teams have access to create service based namespaces on demand. Beginning with how users authenicate via our open source cli tool connecting ldap and 2fa, continuing through our use of authentication webhooks, on to our use of authorization webhooks and RBAC, and finishing with how we manage creation of dynamic RBAC based roles.

Talk will touch on authentication webhooks, github.com/atlassian/kubetoken, mutating and validating webhooks, api servers as proxies to internal services, managing rbac roles and dynamic creation of role bindings, along with some of the security implications of cluster roles and cluster role bindings.

Speakers
avatar for Anund McKague

Anund McKague

Senior Developer, Atlassian
Anund is Senior Developer at Atlassian. He works on migrating an internal bespoke PaaS to one based on Kuberentes. Never afraid to dig in at any level of the stack. Manager for a few open source projects at Atlassian.



Wednesday December 12, 2018 1:45pm - 2:20pm
Tahoma 1/2 @ TCC The Conference Center (TCC) - Separate from WSCC building

1:45pm

Predictive Application Scaling with Prometheus and ML - Chris Dutra, Schireson
Schireson, a New York City based data science and engineering firm, overcame a challenge in how to properly scale kubernetes services for their application stack.

Consuming data from several tools in the CNCF portfolio (such as Envoy and Prometheus), Schireson developed home-grown machine learning to actively predict the resource requirements for its services at any given time. The models act in a semi-supervised state to ensure the overall stability of their data science platform.

This talk will illustrate the steps taken to construct the models, and offer suggestions to the larger DevOps community on how to implement Predictive Application Scaling in their organization.

Speakers
avatar for Chris Dutra

Chris Dutra

Director, Site Reliability Engineering, Schireson
Chris is the Director of Site Reliability Engineering at Schireson, a data science consulting and engineering firm. Prior to this role, Chris has held several positions in artificial intelligence and cloud organizations. Outside the office, Chris loves traveling the world with his... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
Ballroom 6A

1:45pm

Deep Dive: Release SIG - Josh Berkus, Red Hat; Chuck Ha, Heptio; Doug MacEachern, VMware; Caleb Miles, Google
Supporting all qualified Kubernetes contributors in the Kubernetes release process, while continuing to run the release train, has been a huge effort. Increasing community stewardship of Kubernetes test and release infrastructure has been a journey which two SIG Release contributors from outside of Google, and one from The Collective, will discuss. Join us on an in depth exploration to the tooling and processes of SIG Release.You’ve heard a lot in other sessions and events about how the release cycle is managed, but not much about how the actual releases get built. And, more importantly, what this means for contributors who build Kubernetes tools, plugins, and components. Join members of SIG-Release as we discuss how the build and release actually works, and what things we’d like to change. This deep dive will describe the state of bazel builds, the release repository and the tooling around release as well as the internal-to-google workings. A member of the Kubeadm team will describe what this process means for their builds, and the Google team will explain the internal tooling they have around builds and releases. Finally, the 1.12 branch manager will talk about the Release Team’s efforts to de-Googleify many of the build and release steps.

Speakers
avatar for Josh Berkus

Josh Berkus

Kubernetes Community Manager, Red Hat
Josh Berkus is the Kubernetes Community Manager for Red Hat and a member of SIG-Release and SIG-Contribex. Before joining the Kubernetes project, he spent 18 years working on PostgreSQL, and many other open source projects including OpenOffice. Josh lives in Portland, OR with a librarian... Read More →
avatar for Chuck Ha

Chuck Ha

Systems Engineer, Heptio
kubernetes, go, seattle bouldering project
avatar for Doug MacEachern

Doug MacEachern

Sr Staff Engineer, VMware
Doug is a software engineer, currently working on Kubernetes at VMware. As a member of the Kubernetes release team, he was the Branch Manager Lead for the 1.12 and 1.13 releases.
CM

Caleb Miles

Technical Program Manager, Google



Wednesday December 12, 2018 1:45pm - 2:20pm
3 A/B

1:45pm

Intro: Cloud Provider SIG - Chris Hoge, OpenStack & Jago Macleod, Google
The long-term goal of SIG Cloud Provider is to promote a vendor-neutral ecosystem for our community. New vendors providing support for Kubernetes should feel equally empowered to do so as any of today’s existing cloud providers. More importantly, SIG Cloud Provider is focused on ensuring a consistent and high-quality user experience across providers. The SIG acts as a central group for developing the Kubernetes project in a way that ensures all providers share common privileges and responsibilities. This Intro session will go over historical context, status, and direction of efforts currently underway. We will discuss documentation and code organization and offer an opportunity for participants to offer feedback and ask questions. We will also cover the support for all cloud providers to submit test results to testgrid, the shared infrastructure for recording and visualizing test results. Finally, we will cover the next steps and roadmap for the transition of in-tree cloud providers to external repositories.

Speakers
avatar for Chris Hoge

Chris Hoge

Strategic Program Manager, OpenStack Foundation
Chris Hoge is a Strategic Program Manager for the OpenStack Foundation. He works on collaborations between OpenStack and container development communities, including Airship, Kata Containers, and Kubernetes. He also administers the trademark program for the OpenStack Foundation, and... Read More →
JM

Jago Macleod

Engineering Manager 工程经理, Google



Wednesday December 12, 2018 1:45pm - 2:20pm
615-617
  • Skill Level Any

1:45pm

Intro: CNCF Storage WG - Alex Chircop, StorageOS & Quinton Hoole, Huawei
The CNCF Storage Working Group collaborates to explore and understand
how different storage technologies are used in cloud-native
environments. Topics include block stores, file systems, object
stores, key-value stores and databases, amongst others. Different
architectural approaches (centralized, distributed, sharded etc) are
compared in terms of key attributes like availability, scalability,
performance, data consistency, durability, fault tolerance, ease of
development and operational complexity. We seek to align the
community on common understanding, terminology, classifications and
use cases.

In this intro session we'll provide an overview of the work currently
underway and on the roadmap. You'll get the meet the people leading
these efforts, and find out how best to get involved and contribute.
We also welcome any other input you might have related to cloud-native
storage.

Speakers
avatar for Alex Chircop

Alex Chircop

CTO & Founder, StorageOS
Alex is a founder and CTO of StorageOS, building software defined solutions for cloud native environments. Before embarking on the startup adventure he spent over 25 years engineering infrastructure platforms for companies like Nomura and Goldman Sachs.
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President 技术副总裁, Huawei
Quinton is currently Technical Vice President of Cloud Computing at Huawei. Previously he spend five years at Google, where he was an Engineering Lead on the Kubernetes team, and Technical Lead and Manager of Ads Serving SRE. He was also the founding engineer of the Amazon EC2 cloud... Read More →


Wednesday December 12, 2018 1:45pm - 2:20pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any

1:45pm

Intro: Linkerd – William Morgan, Buoyant
In this session, William Morgan, Linkerd's maintainers, will provide an introduction to Linkerd and the service mesh model. We'll hear some lightning talks from current Linkerd production users, and finish with a brief Q&A.

Speakers
avatar for William Morgan

William Morgan

CEO, Buoyant
William Morgan is the cofounder and CEO of Buoyant, creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, where he helped move Twitter from monolith to microservices. He was a software engineer at Powerset, Microsoft, and Adap.tv, and a research scientist... Read More →


Wednesday December 12, 2018 1:45pm - 2:20pm
618-620
  • Skill Level Any

1:45pm

Intro: Testing SIG - Aaron Crickenberger, Google & Steve Kuznetsov, Red Hat
The Kubernetes test infrastructure schedules and executes all of the tests which validate pull requests and repositories in the Kubernetes ecosystem every day. This presentation will explore how job authors can make use of new job configuration options to write jobs that execute identically inside and outside of the test infrastructure while requiring a minimal set of configuration to be provided. Jobs defined in this manner have reproducible behavior for local debugging and do not require job authors to adopt test-infrastructure-specific frameworks or workflows.

Speakers
avatar for Aaron Crickenberger

Aaron Crickenberger

Senior Test Engineer, Google
Aaron has been involved in open source since 2007, cloud since 2009, and Kubernetes since 2015. He was elected to the Kubernetes Steering Committee in 2017. | | He co-founded the Kubernetes Testing SIG, and actively contributes in the Architecture, Contributor Experience, Release... Read More →
avatar for Steve Kuznetsov

Steve Kuznetsov

Software Engineer, Red Hat
Steve has been involved in open source and Kubernetes since 2014, joining the Testing SIG and becoming a co-lead in 2017.He has contributed to Kubernetes core since the 1.0 days but these days spends most of his focus on improving the testing infrastructure with the Testing SIG. Steve... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
2 A/B
  • Skill Level Any

1:45pm

Implementing Least Privilege Security and Networking with BPF on Kubernetes - Arvind Soni, Covalent
BPF is becoming the fastest growing technology in the Linux kernel and is revolutionizing networking, security, and tracing. At the same time, the rise of Kubernetes is creating demand for routing, load-balancing & security infrastructure that is highly scalable, application-aware, and resilient.
 
 Microservices architectures divvy up application functionality into services and expose them via APIs using protocols such as HTTP/REST, gRPC, or Kafka. This creates new challenges. What was previously traditional Layer 3-4 networking security (limited to the IP and port level) now exposes either the entire API surface or none of it. This is insufficient to implement least privilege security for microservices.
 
This talk introduces the open source project Cilium - built on BPF to provide Linux native networking and least privilege security for microservices while integrating with Kubernetes.

Speakers
avatar for Arvind Soni

Arvind Soni

Product Lead, Isovalent Inc.
Arvind works with the Product team at Isovalent Inc, the founding company behind open source Cilium project. Prior to joining Isovalent team, Arvind worked at VMware focused on Openstack and Cloud-Native technologies.



Wednesday December 12, 2018 1:45pm - 2:20pm
Ballroom 6C
  • Skill Level Any

1:45pm

Do it Live: Measuring your Applications in Production - Jason Keene, Pivotal
Ever had a bug that only shows its head in production? Ever wanted to ask arbitrary questions about your software while it is running with minimal impact on performance? In this talk, we go beyond pre-defined instrumentation and look at various techniques of gathering information about your application to help you solve your production woes. Topics include:

- How to ask good questions, and get good answers.
- Securely running a container in your cluster for probing your application.
- How to use eBPF/BCC tools to gather data without impacting performance.
- Techniques for using ptrace/debuggers when all else fails.
- Knowing when to *not* use these tools and how to better instrument your code in advance of a production issue.

With these tools and techniques you will be better equipped to understand your software and solve the problems you'll face in production.

Speakers
avatar for Jason Keene

Jason Keene

Senior Software Engineer, Pivotal
Jason Keene is an engineer at Pivotal working on observability for Kubernetes and Cloud Foundry. He is currently the tech lead for a team building tools for making egressing observability data from clusters simpler and self-service. He co-organizes the Boulder Golang meetup and frequently... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
606-609

1:45pm

Fine-Grained Cost Allocation in Multi-Tenant Kubernetes Clusters - Yang Guan, Google
An organization operating a multi-tenant Kubernetes cluster may want to attribute the cost of operating the cluster to individual tenants for a variety of reasons. For example, a SaaS provider may want to understand how much it costs them to serve each customer, or an enterprise may want to perform chargeback or showback to internal teams or departments that are sharing the cluster.

This session introduces you to methodologies to track the usage of cloud resources from various Kubernetes objects, and to associate the usage information with the cost of cloud resources on a per-namespace basis. The session also compares the methodologies with existing products in the market. A demo is included at the end to illustrate how we apply the methodologies to perform namespace-granularity cost allocation in GKE clusters.

Speakers
avatar for Yang Guan

Yang Guan

Software Engineer, Google
Yang Guan is a Software Engineer at Google on Google Kubernetes Engine. His primary focus is on multi-tenancy and security. Prior to Kubernetes, Yang worked on a number of open-source projects including Cloud Endpoints and Istio. And before joining Google, Yang obtained Ph.D. from... Read More →



Wednesday December 12, 2018 1:45pm - 2:20pm
4C 3/4
  • Skill Level Any

1:45pm

Using Application Identity to Correlate Metrics: A Look at SPIFFE and SPIRE - Priyanka Sharma, GitLab
In an ideal world, we would have a standardized way to identify running software systems that our monitoring tools could easily lean on, even when spread over multiple teams, geographies, and platforms. But real-world deployments are rarely so simple. I will explain how application identity can be used as the basis for correlating metrics from multiple sources (with the help of OpenTracing) and detail some of the challenges inherent in defining application identity in different contexts (such as virtual machines, functions, and different Kubernetes primitives). I then offer an overview of open source projects like SPIFFE and SPIRE, which have modernized identity authentication across microservices, and demonstrates how SPIRE, Fluentd, Prometheus, and Jaeger can be used together to precisely correlate logs, metrics, and traces to improve and diagnose real-world production issues.

Speakers
avatar for Priyanka Sharma

Priyanka Sharma

Director of Cloud-Native Alliances 云原生协会总监, GitLab
Priyanka Sharma is the Director of Cloud-Native Alliances at GitLab Inc. She also works on the OpenTracing project, an instrumentation standard for distributed tracing. A former entrepreneur with a passion for building developer products and growing them through open source communities... Read More →


Wednesday December 12, 2018 1:45pm - 2:20pm
Ballroom 6B

2:00pm

Meet the Maintainer: Helm - Matt Butcher, Microsoft
Speakers
avatar for Matt Butcher

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Engineer at Microsoft, where he leads the team that created Helm, Draft, and Brigade. He is the author of the Children's Illustrated Guide to Kubernetes, as well as eight "serious" books. Matt holds a Ph.D. in philosophy and teaches in the computer... Read More →


Wednesday December 12, 2018 2:00pm - 2:30pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

2:30pm

Meet the Maintainer: Harbor - Steven Zou, VMware
Speakers
avatar for Steven Zou

Steven Zou

Staff Software Engineer 主任软件工程师, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open source Project Harbor which is an enterprise class container image registry as core engineer. He is also involved in the development of the container projects like vSphere Integrated Container(VIC... Read More →


Wednesday December 12, 2018 2:30pm - 3:00pm
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

2:35pm

Debugging Applications on Kubernetes - Michelle Noorali & Radu Matei, Microsoft
Once upon a time, using a debugger was a normal part of development. Then along came the cloud, and suddenly, a tool developers took for granted completely disappeared. We used to have a single place like an IDE of choice to add some breakpoints, step through the code, and hopefully solve the issue.

In a distributed world where there are many moving parts that can’t always be run on a single machine, debugging an application consisting of multiple services has become significantly harder with microservices written in a variety of languages that come with their own toolchain spread across multiple teams and repositories.

In this demo-led session, we’ll discuss the current state of debugging applications in Kubernetes and provide multiple methods and solutions for debugging so that we can leverage all of the goodness of microservices and the ease of use of existing debugging workflows.

Speakers
avatar for Radu Matei

Radu Matei

Software Engineer, Microsoft Azure
Radu Matei is a Software Engineer at Microsoft who works with customers to help them build cloud native applications. Radu is also a core maintainer on Draft, a tool for building cloud native applications. When he’s not helping customers and contributing to Draft, Radu always has... Read More →
avatar for Michelle Noorali

Michelle Noorali

Senior Software Engineer 高级软件工程师, Microsoft
Michelle Noorali is a Sr. Software Engineer at Microsoft. She is a core maintainer on open source projects in the Kubernetes ecosystem including Helm and Draft. She has been involved in the Kubernetes community since 2015 and serves on the Kubernetes Steering Committee. She is passionate... Read More →


Wednesday December 12, 2018 2:35pm - 3:10pm
Ballroom 6E
  • Skill Level Any

2:35pm

Intro: Cloud Native Network Functions (CNF) BoF - Dan Kohn, Cloud Native Computing Foundation
This birds-of-a-feather (BOF) session will discuss how telcos are evolving their Virtual Network Functions (VNFs) into Cloud-native Network Functions (CNFs) running on Kubernetes.

Speakers
avatar for Dan Kohn

Dan Kohn

Executive Director, Cloud Native Computing Foundation
Dan Kohn is Executive Director of the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes and Prometheus. He also helped create and launch The Linux Foundation’s Core Infrastructure Initiative as an industry-wide response to... Read More →



Wednesday December 12, 2018 2:35pm - 3:10pm
Tahoma 5 @ TCC The Conference Center (TCC) - Separate from WSCC building
  • Skill Level Any