Seattle, WA
December 10–13, 2018
Click Here for More Information & Registration
View Venue Map

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Operations [clear filter]
Tuesday, December 11


Day Two Kubernetes: Tools for Operability - Bridget Kromhout & Zachary Deptawa, Microsoft
Artisanally hand-crafting our own container hosting solutions can be a fun learning experience, but for repeatable production use, we want to deploy and manage Kubernetes clusters in a reproducible fashion. Using open source tools like Helm, Draft, Brigade, and Terraform, we can deploy and update our Kubernetes clusters via a trusted, versioned, repeatable process. We’ll discuss what containers and Kubernetes clusters are at a high level, look into the practical application of open source tools to simplify cluster management, and show you how to deploy Kubernetes clusters in a repeatable and portable fashion.

avatar for Zachary Deptawa

Zachary Deptawa

Cloud Advocate, Microsoft
Zachary is a Cloud Advocate at Microsoft with a focus on Linux (yes, really.) Before that, he's played roles from monitoring technician to system administrator and professional services consultant to solutions architect at startups (Sprout Social, ClearDATA) and larger orgs (Rackspace... Read More →
avatar for Bridget Kromhout

Bridget Kromhout

Principal Program Manager, Microsoft
Bridget Kromhout is a Principal Program Manager at Microsoft, focusing on the open source Kubernetes ecosystem. Her CS degree emphasis was in theory, but she now deals with the concrete (if 'cloud' can be considered tangible). After 15 years as an operations engineer, she traded being... Read More →

Tuesday December 11, 2018 10:50am - 11:25am
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building


Don’t Forget the Data When Embarking on Your Journey to Service Meshes - Shriram Rajagopalan, VMware
It’s no secret that sophisticated enterprises are using data to deliver new value and gain competitive advantage. In the modern application architecture, decentralization of data management results in the data being distributed over a vast surface area across different data stores and locations. At the same time, sensitive data needs to be controlled and protected for compliance with data security and privacy regulations such as PCI-DSS, HIPAA, and GDPR.

The service mesh (Istio/Envoy) provides universal observability across the infrastructure. However, there is more work to be done to track how sensitive data flows, provide data-centric policies and telemetry. This talk highlights some of the challenges, describes customer use cases and how adopting a data-centric approach from the beginning is essential in the modern enterprise.

avatar for Shriram Rajagopalan

Shriram Rajagopalan

Staff Engineer, VMware
Shriram Rajagopalan is a staff engineer at VMware's NSX division working on advanced networking solutions. He is one of the founding engineers behind the Istio service mesh project and currently maintains the networking subsystem within Istio. Prior to working on Istio/Envoy, he worked... Read More →

Tuesday December 11, 2018 11:40am - 12:15pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building


What's Next for etcd Cluster Management? - Gyuho Lee, Amazon Web Services & Sam Batschelet, Red Hat
etcd allows for distributed systems to be built using its provided primitives, but etcd itself is a distributed system. Let’s dig in and see what it takes to make that happen: whether it’s bootstrapping a three-node cluster or expanding from a single node to five. Finally, we’ll look at what improvements could be made to make cluster management easier in future versions.

avatar for Sam Batschelet

Sam Batschelet

Software Engineer, Red Hat
Sam is a Software Engineer with a focus on distributed systems, automation, and container orchestration. He is an active open source contributor and an etcd maintainer.
avatar for Gyuho Lee

Gyuho Lee

Software Developer Engineer, Amazon Web Services, Inc.
Gyuho is working on AWS EKS and a lead etcd maintainer. He loves to talk about distributed systems, and is passionate about making complex systems easier to understand.

Tuesday December 11, 2018 1:45pm - 2:20pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building


Debugging etcd - Joe Betz & Jingyi Hu, Google
Oh no, something’s wrong with my Kubernetes cluster! Was it something I did? Or maybe one of those controllers we installed? The answers might be hidden in the etcd’s logs or data files. We’ll walk through real-world examples of how to make sense of etcd logs and correlate issues back to the commands or controllers that initiated them. We’ll cover tools we use to get answers from etcd’s data files, what to look for, and how to quickly get a cluster healthy again.

avatar for Joe Betz

Joe Betz

Software Engineer, Google
Joe Betz is a contributor to Kubernetes with a focus on custom resource and admission webhook extensibility features. Joe is also etcd project maintainer and directly responsible for the health and stability of the GKE etcd fleet and leads improvements to etcd via open source con... Read More →
avatar for Jingyi Hu

Jingyi Hu

Software Engineer, Google
Jingyi Hu is a Software Engineer for Google Cloud. He is a maintainer of etcd and an active contributor to Kubernetes.

Tuesday December 11, 2018 2:35pm - 3:10pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building


Rightsize Your Pods with Vertical Pod Autoscaling - Beata Skiba, Google
Specifying CPU and memory needs for your application is often a fortune-telling exercise where time will almost certainly prove you wrong. Assigning too few resources endangers you with CPU starvation and Out Of Memory events; assigning too much hinders cluster utilization. Predicting the right values is challenging since workloads change and evolve. In this talk, we'll teach you how Vertical Pod Autoscaler can set resource assignments for you and how using it with Cluster Autoscaling and Scheduling can give you peace of mind.

avatar for Beata Lach

Beata Lach

Software Engineer, Google
Beata is a Software Engineer at Google and has been working on Kubernetes autoscaling for the last 3 years, contributing to Cluster Autoscaling and Horizontal Pod Autoscaling, currently leading the effort of Vertical Pod Autoscaling.

Tuesday December 11, 2018 3:40pm - 4:15pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building


A Basic Kubernetes Debugging Kit: curl, jq, openssl, and Other Best Friends - Joe Thompson, Mesosphere
Joe Thompson walks you through a set of essential command-line Linux tools – curl, jq, openssl, netcat, dig and others – and how to use them to debug network and other issues in your Kubernetes clusters. The basic function and use of each tool is covered, with examples for some common Kubernetes-related tasks like verifying if a certificate is correctly generated or checking if DNS resolution in your cluster is working properly. We’ll also look at some container-based debugging procedures, including how to use one container to debug another that’s not running properly or to debug the host OS when the tools you need aren’t installed there.

avatar for Joe Thompson

Joe Thompson

Senior Solutions Engineer, HashiCorp
I'm a senior solutions engineer for HashiCorp and a regular participant in the Helm and SIG-Apps communities. Prior to HashiCorp, I worked at Mesosphere/D2iQ, Capital One, CoreOS and Red Hat (among others), providing practical solutions and training in and for Kubernetes and other... Read More →

Tuesday December 11, 2018 4:30pm - 5:05pm
Tahoma 3/4 @ TCC The Conference Center (TCC) - Separate from WSCC building
Wednesday, December 12


From Zero to Production with Kubernetes - Daniel Lopez Ridruejo & Gus Lees, Bitnami
This session provides a practical intro to deploying Kubernetes applications into production.

Kubernetes is becoming the standard platform for deploying applications in the enterprise. The Helm project provides tooling for packaging and an extensive catalog of ready to run applications. However, deploying applications in production requires much more: monitoring, logging, certificate management and so on. The community has adopted a de-facto ‘production stack’ that includes popular projects such as Prometheus, Vault, ElasticSearch, Fluentd and others. Unfortunately, putting together this basic plumbing is not standardized, and results in a lot of wasted, duplicated efforts.

This session will introduce the Kubernetes production runtime, an open source stack that can simplify and automate production deployments, and explain how it relates to Knative and Gitlab's Autodevops.

avatar for Angus Lees

Angus Lees

Principal Engineer, Bitnami
Angus Lees is a principal software engineer with Bitnami, working on and with Kubernetes. He has decades of experience with Linux and the Free Software community, including 9 years working with Google’s internal cluster and networking infrastructure, several years as an OpenStack... Read More →
avatar for Daniel Lopez Ridruejo

Daniel Lopez Ridruejo

Founder, Bitnami
Daniel is co-founder and CEO of Bitnami, a company focused on multi-platform application packaging and deployment. Bitnami is an important contributor to several K8s-related open source projects, including Helm, Monocular, Kubeapps, Kubeless and smaller ones. Daniel is an emeritus... Read More →

Wednesday December 12, 2018 10:50am - 11:25am
4C 3/4


Weave & Chick-fil-A: Managing Fleets of Kubernetes Clusters w/ GitOPs - Sean Drucker, Chick-fil-A, Inc. & Alexis Richardson, Weaveworks
GitOps provides an operating model for managing multiple Kubernetes clusters at scale. In this session, Chick-fil-A and Weave will share examples from our production experience running many K8s clusters.

Weave operates a global SaaS product in the cloud using Kubernetes. Chick-fil-A is running Kubernetes clusters at the Edge in restaurants. Both companies have solved the challenges of managing many clusters by combining Kubernetes' natural affinity for declarative infrastructure and its well-defined objects with Git to develop a management technique called “GitOps".

In this session, you will learn what GitOps is and how it can help you
effectively manage and monitor your Kubernetes clusters. We will share about the projects we have built to solve common management problems like CI/CD, K8s object generation, configuration management/drift, and observability of the stack.

avatar for Sean Drucker

Sean Drucker

Principal Engineer, Chick-fil-A
avatar for Alexis Richardson

Alexis Richardson

Founder & CEO, Weaveworks
Alexis is the CEO of Weaveworks and the chairman of the TOC for CNCF. Previously he was at Pivotal, as head of products for Spring, RabbitMQ, Redis, Apache Tomcat and vFabric. Alexis was responsible for resetting the product direction of Spring and transitioning the vFabric business... Read More →

GitOps pdf

Wednesday December 12, 2018 11:40am - 12:15pm
4C 3/4


Fine-Grained Cost Allocation in Multi-Tenant Kubernetes Clusters - Yang Guan, Google
An organization operating a multi-tenant Kubernetes cluster may want to attribute the cost of operating the cluster to individual tenants for a variety of reasons. For example, a SaaS provider may want to understand how much it costs them to serve each customer, or an enterprise may want to perform chargeback or showback to internal teams or departments that are sharing the cluster.

This session introduces you to methodologies to track the usage of cloud resources from various Kubernetes objects, and to associate the usage information with the cost of cloud resources on a per-namespace basis. The session also compares the methodologies with existing products in the market. A demo is included at the end to illustrate how we apply the methodologies to perform namespace-granularity cost allocation in GKE clusters.

avatar for Yang Guan

Yang Guan

Software Engineer, Google
Yang Guan is a Software Engineer at Google on Google Kubernetes Engine. His primary focus is on multi-tenancy and security. Prior to Kubernetes, Yang worked on a number of open-source projects including Cloud Endpoints and Istio. And before joining Google, Yang obtained Ph.D. from... Read More →

Wednesday December 12, 2018 1:45pm - 2:20pm
4C 3/4


Day 2 with Stateful Applications - Implementing a Data Protection Strategy - Deepika Dixit & Vaibhav Kamra, Kasten
As teams start to onboard mission-critical applications into production, there’s a need to address day-2 concerns. Dealing with regulatory requirements, user error, ransomware and cluster upgrades - requires safeguarding of data and state. For this reason, Volume snapshots have been one of the most requested features from the storage team and now show up in the CSI spec. Snapshots alone, however, are often not enough. Application consistency, local storage, archival, retirement and compliance are just some of the other concerns.
In this session, the speakers describe the challenges associated with implementing a robust data protection strategy in a containerized environment, open source tools available to help build this and a framework to evaluate what your environment needs. This talk targets DevOps teams looking to improve the reliability of their production environments.

avatar for Deepika Dixit

Deepika Dixit

Member of Technical Staff, Kasten
Deepika graduated from Arizona State University in May 2016 with a Masters in Computer Science. During her graduate studies she interned at Tintri, Inc. in Mountain View. After graduation she returned to Tintri to continue working on their flagship product VMStore. Deepika is currently... Read More →
avatar for Vaibhav Kamra

Vaibhav Kamra

CTO, Kasten
Vaibhav is co-founder and CTO at Kasten, a startup addressing enterprise data management use-cases in Kubernetes. Previously, Vaibhav worked at Dell EMC, Maginatics, and Microsoft where his focus has been on Storage, Filesystems, and Databases.He's also one of the contributors to... Read More →

Wednesday December 12, 2018 2:35pm - 3:10pm
4C 3/4


Bringing Kubernetes to Bare-metal with a Focus on Users - Nicolas Trangez, Scality
When the team at Scality looked for options to deploy Kubernetes on-prem, we found no option focusing on ease of operations and local storage provisioning. We released MetalK8s, an “opinionated” K8s distribution with a focus on users: easy long-term, on-prem deployments. The project is open source and in production at customers, used as a foundation to deploy Scality’s products.
MetalK8s is based on the Kubespray project to reliably install a base Kubernetes cluster, including all dependencies (like etcd), using Ansible. V1.0 ships with operational tools for monitoring and metering, including Prometheus, Grafana, Elasticsearch and Kibana. Furthermore, an "ingress controller" is deployed by default, based on Nginx. All managed as Helm packages.
Unlike hosted Kubernetes solutions, We focus on managing node-local storage and exposing these volumes to containers managed in the cluster.

avatar for Nicolas Trangez

Nicolas Trangez

R&D Architect, Scality
As a technical architect in the Scality R&D team, focusing on defining and designing delivery, installation and operability of cloud-native solutions. Professional background in cloud, distributed systems and automation for 10+ years, and long-term Open Source contributor to various... Read More →

Wednesday December 12, 2018 3:40pm - 4:15pm
4C 3/4


Kubernetes Manages more than Just Containers - Ashley Schuett, Containership
Kubernetes is known for managing, scaling and deploying containerized applications, but it can also be leveraged for managing your infrastructure. When running a cluster there is the option of running a cloud controller manager(CCM) which can make creating resources and creating hardware synonymous. The CCM can provision loadbalancers, set up routes, and tear down vms.

In this talk we will do a deep dive into the different controllers that make up a CCM, and how they are keeping the state of your infrastructure consistent with the clusters resources. The main controllers behind the CCM are cloud agnostic and live in core kubernetes, but each provider has to specify its own implementation. We will examine how provider specific logic hooks into the core and how to leverage the framework to write a custom CCM for any provider or bare metal solution.

avatar for Ashley Schuett

Ashley Schuett

Software Engineer, Containership
Ashley Schuett is a Software Engineer at Containership, a multi-cloud Kubernetes management platform, where she creates tooling for creating and maintaining Kubernetes clusters. She has a passion for contributing to open source, solving problems and being part of a diverse community... Read More →

Wednesday December 12, 2018 4:30pm - 5:05pm
4C 3/4
Thursday, December 13


Running VM Workloads Side by Side with Container Workloads - Sebastian Scheele, Loodse
On Kubernetes clusters, cloud native workloads and (legacy) VM workloads can run side by side. KubeVirt is a project to bring declarative, Kubernetes-style APIs to VM creation, configuration, and management. In this talk, I will demonstrate how you can use the KubeVirt to set up and manage VM inside of a Kubernetes cluster. I will be describing how KubeVirt leverages CPU virtualization to implement a stronger security architecture for Kubernetes.
When combining both approaches, we can run a wider range of workloads, from container cloud-native applications to lift-and-shift applications with KubeVirt.

avatar for Sebastian Scheele

Sebastian Scheele

CEO, Loodse
Sebastian Scheele is the CEO and co-founder of Loodse. Loodse is an enterprise software platform company that enables enterprises and service providers to deliver automated multi-cloud operations. Loodse Kubermatic, an enterprise Kubernetes management platform, automates thousands... Read More →

Thursday December 13, 2018 10:50am - 11:25am


Kubernetes Scalability: A Multi-Dimensional Analysis - Maciek Różacki, Google & Shyam Jeedigunta
‘How much do our clusters scale?’ has been of interest to the developer and user communities of kubernetes for a long time. This is super important if you want to better understand how to architect your workloads by understand where are the bottlenecks of the system.

We will begin this talk from formulating a ‘scalability envelope’ across attributes and features of scalability dimensions. We will then illustrate limits that are currently known to us through scale-testing experiments and user experiences.

avatar for Shyam Jeedigunta

Shyam Jeedigunta

Software Engineer, Amazon
Shyam is a Software Engineer (formerly at Google) working on the kubernetes project since late 2016. His primary area of focus is performance and scalability of Kubernetes clusters and is a lead for SIG Scalability. He is among the top 20 contributors to the kubernetes project and... Read More →
avatar for Maciek Różacki

Maciek Różacki

Product Manager | Kubernetes & GKE, Google
Product Manager working on Kubernetes scalability.

Thursday December 13, 2018 11:40am - 12:15pm


You Can't Have a Cluster [BLEEP] Without a Cluster - Kris Nova, Heptio
I've been running Kubernetes in production for 2 years, and have worked on enterprise Kubernetes service teams including the Azure managed Kubernetes team. This presentation is very special and will talk about the dangers in using Kubernetes incorrectly. This presentation is drawn on years of real experience reports of providing Kubernetes as a service. We learn about the surprising ways users have used/abused Kubernetes, and how their creative use cases ended up causing catastrophic problems for the rest of the system. A simple example of one of these experience reports is running a large Java application in a docker container in Kubernetes, and how the JVM consumed more memory than the container allocated and ultimately put the node into dead lock. The audience walks away knowing they are not alone in their journey to tackle the new complexities of cloud native application management.

avatar for Kris Nóva

Kris Nóva

Chief Open Source Advocate, Independent
Kris Nova, Chief Open Source Advocate at Sysdig, focuses on security, intrusion detection, and the Linux kernel with Kubernetes and eBPF. As an active advocate for open source, Nova is an ambassador for the CNCF and the creator of kubicorn, a successful Kubernetes infrastructure management... Read More →

Thursday December 13, 2018 1:45pm - 2:20pm


Fly Your Containerized Environments by Joint Work of Harbor and Dragonfly - Jia Zou, VMware & Allen Sun, Alibaba
With the emergence and development of Kubernetes, it's becoming possible to run and operate large-scale containerized applications and services in enterprise environments. How to securely and effectively manage the lots of container images produced in the enterprise organizations and distribute them to the large-scale runtimes with less time and efforts when starting applications or services on demand is still a challenge. In this presentation, we'll introduce a joint solution from the open source trust cloud-native registry Harbor and the open source intelligent P2P based file distribution system Dragonfly to address the above challenge. The main contents include:
1. Manage your container images in a secure and effective way
2. Distribute your container image in the P2P way by layers
3. Pre-release your container applications from the image registry
4. Let's see the fantastic demo


Allen Sun

Staff Engineer, Alibaba Cloud
Allen Sun, a Senior Engineer at Alibaba Group, is currently responsible for the open source construction of the PouchContainer project at Alibaba. I have been involved in cloud computing for over 5 years and is one of the first batch of researchers and practitioners of container technology... Read More →
avatar for Steven Zou

Steven Zou

Staff Engineer, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open-source Project Harbor which is an enterprise-class container image registry as lead engineer and core maintainer. Moreover, he’s doing innovation and incubation of projects on the Kubernetes... Read More →

Thursday December 13, 2018 2:35pm - 3:10pm


Kubernetes the Database - Jonathan Owens & Maryum Styles, New Relic
In the operations world, one of the hardest problems is keeping track of your inventory: Which machines belong to which teams? Which machines are in service? How long have they been there? At New Relic, the ability to keep track of a massive inventory that runs across multiple providers quickly became an unbearable task so much so that it required designing a completely new central {tracking?} system that could scale with a large infrastructure. In this talk, you’ll learn how Jonathan Owens and Maryum Styles used the Kubernetes API server to jump-start this design and create a unified infrastructure description service. They will share how they defined resources, created controller services, and dramatically decreased the process of manual updates.

avatar for Jonathan Owens

Jonathan Owens

Site Reliability Engineer, New Relic
Jonathan is a 10-year veteran of the operations world, has been an SRE at New Relic for over 6 years, and seen - and solved! - firsthand the challenges of operating large databases, clusters, and container in a large and autonomous engineering organization.
avatar for Maryum Styles

Maryum Styles

Site Reliability Engineer, New Relic
Maryum has been a software engineer at New Relic for the past two years. Prior to that she was a QA engineer. Maryum holds a degree in Computer Science from Spelman College.

Thursday December 13, 2018 3:40pm - 4:15pm


Managing Addons with Operators (Or How We Dropped Untested bash/sed for Go) - Jeff Johnson & Justin Santa Barbara, Google
Kubernetes has long deployed core components like kube-dns by running kubectl apply every few minutes from a directory on a master node. This worked great with simple addons on a single master node. Addons are a rapidly growing avenue for delivering new features and this growth has demonstrated the shortcomings of the current approach (k/k#23233, eg: configuration is hard and opaque; changes require a cluster restart; addons must be developed in the main repo)

Jeff and Justin will talk about their work in replacing thousands of lines of bash, sed and replacing it with operators. They’ll discuss managing dependencies between addons, rolling upgrades, configuration, and health. They’ll cover a few addons that have already been converted and open-sourced, and demonstrate building an operator with their open source toolkit which makes it easy to build a best-practice operator.

avatar for Justin Santa Barbara

Justin Santa Barbara

Software Engineer, Google
Justin has been contributing to kubernetes since 2014, acting as one of the primary developers and maintainers for the AWS support, and serves as a lead on sig-aws. He started the kops project, for managing and operating kubernetes clusters, and is a maintainer on kops. He joined... Read More →
avatar for Jeff Johnson

Jeff Johnson

Software Engineer, Google
Jeff is a Software Engineer at Google with experience building on-premise Kubernetes distributions and is now part of the GKE Cluster Lifecycle Team, building life-cycle management and monitoring tools for cluster add-ons. His focus area is networking and application reliability with... Read More →

Thursday December 13, 2018 4:30pm - 5:05pm