Loading…
Attending this event?

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Sunday, November 17
 

8:00am

Spinnaker Summit 2019 hosted by Netflix, Google, and Armory (Additional Registration + Fee Required)
Spinnaker Summit 2019 brings together the rapidly growing global community of Spinnaker users – an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence, created at Netflix and used by JP Morgan Chase, Cerner Healthcare, Capital One and others around the globe. Spinnaker has been battle-tested in production by hundreds of teams over millions of deployments. It combines a powerful and flexible pipeline management system with integrations to the major cloud providers.

This year’s conference provides an opportunity for Spinnaker users to network with fellow open source community members at Cloud Native Computing Foundation’s KubeCon + CloudNativeCon in San Diego. Join us and discover how Spinnaker and Kubernetes integrate seamlessly to make software deployment pipelines more flexible and also help with visibility, configuration, and easier rollbacks. With Kubernetes and Spinnaker, you can create a robust continuous delivery flow that helps to ensure your software is shipped as quickly as it is developed and validated.

For more event information, visit us here!

How to register: Pre-registration is required. To register for Spinnaker Summit 2019, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to spinnakersummit@spinnaker.io.

Sunday November 17, 2019 8:00am - 9:00pm
Hard Rock Hotel San Diego 207 Fifth Avenue, San Diego, CA 92101

10:00am

10:00am

10:00am

2:00pm

2:00pm

2:00pm

Registration + Badge Pick-up at Manchester Grand Hyatt
Sunday November 17, 2019 2:00pm - 8:00pm
Harbor Tower Side - Manchester Grand Hyatt Left of main entrance, next to Hertz rental desk

2:00pm

2:00pm

6:00pm

Kubernetes Contributor Summit (Contributors Only - Additional Registration Required)
The Kubernetes Contributor Summits bring together new and current Kubernetes contributors alike to connect and share face-to-face. The San Diego event will focus on sustainability topics and learning for new and current contributors through workshops, live coding and review sessions, and other interactive fun.

Visit the Kubernetes Contributor Summit website for additional information and to register.

For questions regarding this event, please reach out to community@kubernetes.io.

Sunday November 17, 2019 6:00pm - 9:00pm
Marriott Marquis San Diego Marina Hotel 333 West Harbor Drive, San Diego, CA 92101
 
Monday, November 18
 

7:30am

7:30am

8:00am

AWS Container Day 2019 San Diego hosted by AWS (Free Additional Registration Required)
Start off your KubeCon 2019 in San Diego with AWS! In this full-day event, we'll cover how Amazon EKS makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS through talks, demos, and a workshop. We'll have team members hanging out all day to help answer questions!

The day will include:

  • Discussion of the EKS feature roadmap with the EKS team
  • Deep dive on machine learning and deep learning with EKS
  • Hands-on EKS workshop to help get you up in running
  • Partner discussions on how to use community and 3rd party tools with EKS


If you're interested in joining the workshop, please bring your laptop.

How to Register: Registration is now closed.

For questions regarding this event, please reach out to containers-pmm@amazon.com.

Monday November 18, 2019 8:00am - 5:00pm
Pacific Ballroom - Wyndham San Diego Bayside

8:00am

Cloud Native Security Day hosted by CNCF (Additional Registration + Fee Required)
Cloud Native Security is a multi-objective and multi-constrained problem space spanning many areas. Pretty much everything falls into security, from identity management to storage solutions. Cloud Native Security Day is intended to drive collaboration, discussion, and knowledge sharing of cloud native security accomplishments and roadblocks. Get connected with others that are passionate about security. Learn from practitioners about pitfalls to avoid, hurdles to jump, and how to integrate security into your cloud native project, architecture, and enhance team awareness on security.

How to register: Pre-registration is required. To register for Cloud Native Security Day Hosted by CNCF, add it on during your KubeCon + CloudNativeCon registration.

Monday November 18, 2019 8:00am - 5:00pm
Grand Ballroom 3/4/6 - Marriott Marquis San Diego Marina Hotel

8:00am

EnvoyCon 2019 hosted by CNCF (Additional Registration + Fee Required)
Originally built at Lyft and now a CNCF graduated project, Envoy is a cloud-native high-performance edge/middle/service proxy. In a short period of time, Envoy has been widely adopted throughout the industry in a variety of different deployment scenarios including edge proxy, “service mesh,” internal middle-proxy load balancer, etc. Envoy’s extensibility, performance, quality, API driven configuration, and community have all been drivers for the rapid growth of the project.

The Envoy maintainers are excited to announce the 2nd annual EnvoyCon, a practitioner-driven community conference that emphasizes end-user case studies as well as deep technical talks from vendors that have chosen to build offerings on top of Envoy (zero product pitches!). Come join us for an exciting day of technical content and networking (both the social and computing kind). Learn more about Envoy.

How to register: Pre-registration is required. To register for EnvoyCon 2019, add it on during your KubeCon + CloudNativeCon registration.

8:00am

Modern Service Mesh and API Management hosted by Kong (Additional Registration + Fee Required)
Breakfast & Registration
9am - 10am

API Gateway & Ingress Management 
10am - 12pm
Ingress management is an important part of your configuration and operations. When services are exposed outside a cluster, one needs to take care of authentication, observability to maintain SLOs, auditing, encryption and integrations with other third-party vendors, amongst other things.
During this workshop, we'll go through the architecture and design of an Ingress layer, and set up Kong on Kubernetes.
We will interact and configure Kong via `kubectl` to expose the services running inside the cluster, perform transformations, traffic throttling, authentication, logging on traffic flowing through the cluster.

Lunch & Networking
12pm - 1pm

Service Mesh
1:00pm - 2:45pm
Service mesh is a new pattern to build reliable distributed and decoupled applications, but often too complicated to implement with 1st generation control planes. Kong takes a new approach to service mesh with Kuma in order to build modern architectures across a large variety of platforms, including Kubernetes and VMs. Kuma is a universal control plane that addresses limitations of 1st generation service mesh technologies by enabling seamless management of any service on the network.
We’ll walk you through easily setting up service mesh across multiple environments, and enabling security and observability – in any network – automatically. We will introduce new concepts and products along the way, and let developers and architects of any skillset being comfortable with service mesh.
Registrants may choose to attend morning or afternoon sessions. Light breakfast, lunch and refreshments will be provided.

How to register: Pre-registration is required. To register for Modern Service Mesh and API Management, add it on during your KubeCon + CloudNativeCon registration.
For questions regarding this event, please reach out to events@konghq.com.

Monday November 18, 2019 8:00am - 5:00pm
Room 3 - San Diego Convention Center Upper Level

8:00am

ServiceMeshCon hosted by CNCF (Additional Registration + Fee Required)
ServiceMeshCon is a vendor-neutral conference on service mesh technologies, featuring maintainers across different service mesh projects and also showcasing the lessons learned from running service meshes in production.

How to register: Pre-registration is required. To register for ServiceMeshCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday November 18, 2019 8:00am - 5:00pm
Room 6C - San Diego Convention Center Upper Level

8:00am

8:00am

8:00am

Registration + Badge Pick-up at Manchester Grand Hyatt
Monday November 18, 2019 8:00am - 6:00pm
Harbor Tower Side - Manchester Grand Hyatt Left of main entrance, next to Hertz rental desk

8:00am

FoundationDB Summit hosted by CNCF (Additional Registration + Fee Required)
FoundationDB Summit is a technical conference organized by and for the FoundationDB community.
This year will mark the second FoundationDB Summit and we plan on creating a two-track event. The first track is aimed at attendees that may be new to the community and want to cover architectural overviews. This track will also cover sessions on how people are using FoundationDB to directly enable new business opportunities. The second track is for those in the community that may already be familiar with FoundationDB and want to dive deeper into the technical details on features, challenges, and tooling other community members have been working on. A full agenda will be published closer to the event to allow attendees to plan which track they want to attend.

See more information here.

How to register: Pre-registration is required. To register for FoundationDB Summit 2019, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to cstamps@linuxfoundation.org.



Monday November 18, 2019 8:00am - 6:30pm
Grand Ballroom 1/2/5/8 - Marriott Marquis San Diego Marina Hotel

8:00am

OpenShift Commons Gathering hosted by Red Hat (Additional Registration + Fee Required)
Join key stakeholders, customers, upstream project leads, and contributors that make up the Red Hat OpenShift ecosystem for a full day of talks, demos and case studies from stakeholders, customers, and contributors from across the OpenShift ecosystem.

The OpenShift Commons Gathering brings together experts from all over the world to discuss real-world implementations of container technologies, best practices for cloud native application developers and the upstream open source software projects that make up the OpenShift ecosystem.

Speakers come from the 475+ member organizations that now make up the OpenShift Commons ecosystem.
The San Diego event will take place on the Inspiration Hornblower, docked for a day-long peer-to-peer event. The boat features a 540 seat auditorium, as well as a unique outdoor venue for the evening reception.

More speakers and panelists are being added, check out the full agenda here.

If you are interested in sponsoring the OpenShift Commons Gathering, please click here for more information.

How to register: Pre-registration is required. To register for OpenShift Commons Gathering, visit the website: https://commons.openshift.org/gatherings/San_Diego_2019.html

For questions regarding this event, please reach out to mbecker@redhat.com.

Monday November 18, 2019 8:00am - 7:00pm
Inspiration Hornblower, San Diego Pier 1, Hornblower Landing, 1800 N. Harbor Drive, San Diego, CA 92101

8:30am

CNCF End User Partner Summit (Additional Registration + Fee Required)
The CNCF End User Partner Summit brings together cloud native users to share best practices and lessons learned. The day will start with stories from end users, and their journey to overcome the challenges of adopting cloud native across different industries. It will continue with an unconference, where attendees can meet peers and learn how to navigate and contribute to the cloud native community.

Tickets cost USD $100 which is donated to the diversity scholarship. Your organization must be a member of the CNCF End User Community (https://www.cncf.io/people/end-user-community/) to attend. End user members may purchase up to four tickets, and end user supporters may purchase up to two. Contact chung@linuxfoundation.org with any questions.

How to register: Pre-registration and approval is required. To apply for this event add it on during your KubeCon + CloudNativeCon registration.

Agenda

  • 8:00 Registration and welcome - Cheryl Hung, CNCF
  • 8:30 Jeff Brewer, TOC End User Representative - Jeff Brewer, Intuit
  • 8:50 Testing your Kubernetes cluster for scalability - Federico Hernandez, Meltwater
  • 9:00 APIs Mesh, the new landscape of API management in K8s - Jean-Christophe Counio, WeWork
  • 9:10 ChubaoFS, a new distributed filesystem storage solution for K8s - Liying Zhang and Wei Ding, JD.com
  • 9:30 Open sourcing Kruise Wizard, a tool to create repeatable and standardized Kustomized based deployments - Ken, Fabio and Ryan, Mastercard
  • 10:00 Talk and demo about Keikoproj - Shri Javadekar, Intuit.
  • 10:30 Unconference 
    • Cluster Lifecycle - When and how to upgrade Kubernetes - Federico Hernandez, Meltwater
      • In place upgrades vs new clusters.
      • Testing new versions (and self-developed tooling to support this).
      • Upgrade process (and self-developed tooling to support this).
      • Procedures and practices around the upgrade to guarantee zero-down time for the tenants.
    • CNCF End User Case Studies - Julie Dam, CNCF
  • 11:00 Maintainers panel - ask questions to Alexis Richardson, Michelle Noorali, Eduardo Silva, Torin Sandall, Derek Collison
  • 11:30 Wrap up

Monday November 18, 2019 8:30am - 11:30am
Room 6E - San Diego Convention Center Upper Level

8:30am

Cloud Native Storage Day hosted by the CNS Ecosystem (Additional Registration + Fee Required)
Join us for another very special Cloud Native Storage Day! We have brought together users of cloud native storage technologies as well as experts from top companies to bring you a fantastic day rich with thought-provoking sessions including technical demos, panel discussions, presentations, and a terrific networking opportunity for you to get to know the experts in Container Storage and Data Management. Come learn all about the virtues of multi-cloud operations of stateful services with Kubernetes, running stateful applications in containers, cloud native data management, and all things cloud native storage! The CNS ecosystem companies partnered together again to bring you this creative, community-oriented day. Lunch will be provided, and all attendees will receive our special CNS Day shirt and swag! Also, be sure to stay through the end for a fun networking happy hour, including games, beverages, and snacks!

Visit www.cloudnativestorageday.com to see our past agendas and video recorded sessions!

How to register: Pre-registration is required. To register for Cloud Native Storage Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to lisa@portworx.com.

Monday November 18, 2019 8:30am - 5:00pm
Gaslamp Room - Hilton San Diego Gaslamp Quarter

9:00am

Google OSS Hands-on Workshop A - KNative (Serverless) hosted by Google Cloud (Additional Registration + Fee Required)
Knative aims to provide a serverless development experience hosted on Kubernetes. What does "a serverless development experience" mean? Attend this workshop to learn what Knative offers and get firsthand experience as a developer deploying a set of RPC and event-driven microservices on Knative.

How to Register: Pre-registration is required. To register for Google OSS Hands-on Workshop - KNative (Serverless), add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday November 18, 2019 9:00am - 11:00am
Room 11AB - San Diego Convention Center Upper Level

9:00am

Kubernetes 101 hosted by Nigel Poulton (Additional Registration + Fee Required)
Bringing you the most popular workshop from DockerCon 2019, delivered by world-renowned trainer Nigel Poulton.
 
If you need to get your head around Kubernetes and want to get your hands dirty deploying and managing an app on a real Kubernetes cluster… this workshop is for you!
 
You’ll start out learning and re-enforcing the basics. Things like, what the heck is a cloud-native microservices app, and what do we mean when we say things like “Kubernetes is a cluster and it’s an application orchestrator…”. 
 
You’ll also get your hands-on, with your very own private Kubernetes lab. You'll deploy a simple app, demonstrate self-healing, scale it up and down, connect to it from the internet, do a zero-downtime rolling update, and perform a versioned rollback.

When we're done, you'll be ready to dive into the conference, and be raring to take your next steps.

About the trainer. Nigel has trained over 1,000,000 people and is known for his passion and addictive style of teaching. Some trainers are forgettable, Nigel gets inside your head!
 
About the labs. Everyone gets their own private 3-node Kubernetes cluster on the ground-breaking Magic Sandbox platform (https://msb.com). You get terminal access to your Kubernetes cluster, and an amazing live dashboard that shows everything in your cluster and how things connect and scale etc…
 
And last but not least… the workshop will be fun, and your registration fee will contribute towards supporting the causes listed in the “giving back” page on our website, nigelpoulton.com.

How to Register: Pre-registration is required. To register for Kubernetes 101, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to ash@kubetrainer.com.

Monday November 18, 2019 9:00am - 11:30am
Room 6D - San Diego Convention Center Upper Level

9:00am

Introduction to Containers and Kubernetes hosted by VMware (Additional Registration + Fee Required)
Ready to dive a little deeper into the world of Kubernetes? Understand the first principles of a cloud native infrastructure, and then dig into our lab environment and deploy your first cluster. This training is designed for attendees who are early in their cloud native journey—you will walk out with more knowledge of basic concepts and greater comfort in working with containers. Joe Beda, co-founder of Kubernetes, will join for live Q&A. Laptops are required.

How to register: Pre-registration is required. To register for Introduction to Containers and Kubernetes, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to xiel@vmware.com.

Monday November 18, 2019 9:00am - 12:00pm
Room 2 - San Diego Convention Center Upper Level

9:00am

Anthos/GKE Workshop hosted by Google Cloud (Additional Registration + Fees Required)
Anthos is the new paradigm for infrastructure modernization from Google. Anthos empowers you to create a reliable, portable, and consistent experience; across clouds and on-premises. Built on open-source technologies pioneered by Google, including Kubernetes and Istio, Anthos allows you to build once to run anywhere.
 
In this workshop, you will gain hands-on experience with the Anthos technologies, including the Hub for managing multiple clusters from different locations.  You will set up a multi-service application across multiple environments and connect the services using a multi-cluster service mesh. You'll also learn about the advanced features of Google Kubernetes Engine (GKE) and Anthos. Be sure to bring your laptop for this lab-based workshop. 

How to Register: Pre-registration is required. To register for Anthos/GKE Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday November 18, 2019 9:00am - 12:30pm
Room 9 - San Diego Convention Center Upper Level

9:00am

Anthos Day by Google Cloud (Additional Registration + Fee Required)
Join us for an exclusive look at Anthos—bringing the cloud to you

You’re invited to learn how to transform your IT and build apps for today and the future. Powered by open source technologies like Kubernetes and Istio, Anthos lets you build and manage modern applications, accelerating your application development and enabling your business with transformational technologies like service mesh, containers, and microservices. At Anthos Day, you will hear from our Google Cloud experts on how Anthos enables you to build your applications once and deploy anywhere - whether you are an enterprise straddling between multiple environments or a digital-native born in the cloud.

This event is designed for technology decision makers and practitioners including architects, platform operators, developers and security professionals. Space at this event is limited, so reserve your spot today. Food and beverages will be provided. 

How to Register: Pre-registration is required. To register for Anthos Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to rominav@google.com.

Monday November 18, 2019 9:00am - 4:00pm
Grand Ballroom - Pendry San Diego

9:00am

NSMCon hosted by the Network Service Mesh Community (Additional Registration + Fee Required)
Why Attend NSMCon?

Are you running workloads in multiple clusters? Across multiple clouds: on-premises, hybrid, multicloud, or public cloud? Do they need to interact with legacy workloads running in less “cloudy” environments? Network Service Mesh(NSM) ties them all together, at the granularity of individual workloads, not cluster/VPCs/data centers.

NSM is a community-driven CNCF Sandbox project that is rapidly gaining momentum because of its ability to simplify connectivity between workloads, independent of where they are running. It extends an IP reachability domain to workloads running in multiple clusters, legacy environments, on-premises, or in a public cloud, communicating with the protocols they are currently using.

NSM does this at the granularity of individual workloads. Your workloads have connectivity to just the workloads they need nothing more, nothing less. NSM brings the useful features of a Service Mesh from the lofty heights of HTTP all the way down to IP itself. Applications and Application Service Meshes, such as Istio, run unaltered on top, leaving the hybrid/multicloud IP connectivity to NSM.

The project emerged organically as a community project to solve these problems by applying the Service Mesh thought process all the way down to IP with the global peering mentality of the Internet itself – without breaking your existing environment.

Join the people building and using NSM at NSMCon for a day of tutorials, deep dives, and use cases to learn how NSM works, what it can do for you, and, most importantly, what’s coming next.

How to register: Pre-registration is required. To register for NSMCon , add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to nsmcon@networkservicemesh.io.

Monday November 18, 2019 9:00am - 4:30pm
Room 7B - San Diego Convention Center Upper Level

9:00am

CalicoCon: Hands-On Workshops to Network, Secure, and Operationalize Your Cluster hosted by Tigera (Additional Registration + Fee Required)
After attending CalicoCon, you will understand the basic and advanced networking for Kubernetes, including how to architect a SaaS or CaaS platform for security and scale. You will have hands-on experience securing your cluster from both basic and advanced threats, experience operationalizing through CI/CD automation, and how to integrate with your Security Operations Center. Visit the CalicoCon website to learn more.

A lab environment will be provided for every attendee. Your laptop will be required to access your lab.

How to Register: Pre-registration is required. To register for CalicoCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to carson@tigera.io.

Monday November 18, 2019 9:00am - 5:00pm
Room 15AB - San Diego Convention Center Mezzanine Level

9:00am

Cloud Native Live: Evolving Security hosted by Prisma by Palo Alto Networks (Additional Registration + Fee Required)
Cloud Native Live: Evolving Security

Security teams are challenged by cloud native - organizations are running more apps on more platforms in more places than ever before.  These apps are constantly changing while threats and compliance requirements continue to grow. At the same time, cloud native provides an opportunity to do security in a fundamentally better way - more automated and more integrated with development.  In this edition of Cloud Native Live, we bring together industry leaders, customers, and partners to talk about how they've made this promise real and how you can evolve your own security organization to not just enable cloud native but to capitalize on it.  Go deep not just on threats and countermeasures but also how to leverage cloud native technologies to improve the efficiency and capacity of your security team.

At this Kubecon San Diego co-located event, we'll discuss this challenge, hitting on specifics like:

  • How is cloud native security different than the cloud security you already know?
  • How do you do more than just “shift left” and really integrate runtime security intelligence back with developers?
  • How does a cloud-native, container-first approach change the traditional “firewall” model of security? 
  • How do you build security that spans all your modern compute options - from VMs to containers to serverless and everything in between?
 
Interested in speaking? Submit a CFP here: https://www.papercall.io/cnl-kubecon-colo. Deadline: October 18

How to Register: Pre-registration is required. To register for Cloud Native Live: Evolving Security, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to cloudnativelive@paloaltonetworks.com.

Monday November 18, 2019 9:00am - 5:00pm
Room 16AB - San Diego Convention Center Mezzanine Level

9:00am

Continuous Delivery Summit hosted by Continuous Delivery Foundation (Additional Registration + Fee Required)
The Continuous Delivery Summit is a one-day event that brings together the open source CI/CD community. Meet peers and drive the future direction of continuous delivery.

How to register: Pre-registration is required. To register for Continuous Delivery Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to eruf@linuxfoundation.org.

Monday November 18, 2019 9:00am - 5:00pm
Room 1AB - San Diego Convention Center Upper Level

9:00am

Kubernetes Contributor Summit (Participants Only - Additional Registration Required)
The Kubernetes Contributor Summits bring together new and current Kubernetes contributors alike to connect and share face-to-face. The San Diego event will focus on sustainability topics and learning for new and current contributors through workshops, live coding and review sessions, and other interactive fun.

Visit the Kubernetes Contributor Summit website for additional information and to register.

For questions regarding this event, please reach out to community@kubernetes.io.

Monday November 18, 2019 9:00am - 5:00pm
Marriott Marquis San Diego Marina Hotel 333 West Harbor Drive, San Diego, CA 92101

9:00am

Kubernetes: Application and Container Workflows hosted by VMware (Additional Registration + Fee Required)
Ready to kick your Kubernetes skills up a notch? Understand patterns for source control management, learn how to build and compile applications and containers, and then implement integration testing into builds. This course is designed for attendees who are developing apps in a Kubernetes environment, and/or who create and manage build and deploy pipelines. You will walk out with a greater understanding of the cloud native approach to developing software and deploying it on Kubernetes. Laptops are required.

How to Register: Pre-registration is required. To register for Kubernetes: Application and Container Workflows, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to Ryan at schneiderr@vmware.com.

Monday November 18, 2019 9:00am - 5:00pm
Revolution Room - Hard Rock Hotel San Diego

9:00am

KubeSec Enterprise Summit hosted by Aqua Security (Additional Registration + Fee Required)
KubeSec Enterprise Summit is a full-day event that focuses on the challenges faced by larger organizations with demanding security and compliance requirements when deploying Kubernetes in production. Whether you are just now beginning to roll out your first production implementation of Kubernetes, or are an early adopter looking to learn from the experience of your peers, you are sure to get valuable insights from this educational event. Visit the KubeSec website to learn more.

How to register: Pre-registration is required. To register for KubeSec Enterprise Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to Kubesec@aquasec.com.

Monday November 18, 2019 9:00am - 5:00pm
California Room - Westin San Diego Gaslamp Quarter

9:00am

MulticloudCon: The Zero-Day Event to Learn About New Approaches for a Multi-Cloud Ecosystem hosted by GitLab and Upbound (Additional Registration + Fee Required)
Join us for the first MulticloudCon, the zero-day event that will spark conversation about what multicloud really means, how it’s quickly becoming a reality and why you should care.  The program will include a mix of deep technical talks and demos showcasing the future of multicloud [& workload portability], joined with visionary talks from the ecosystem. Learn from experts in cloud, Kubernetes, database resources, CI/CD, security and more to learn how multicloud is evolving to make developers and operations lives easier. 

How to Register: Pre-registration is required. To register for MulticloudCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@gitlab.com.

Monday November 18, 2019 9:00am - 5:00pm
Room 14AB - San Diego Convention Center Mezzanine Level

9:00am

Observability Practitioners Summit hosted by CNCF (Additional Registration + Fee Required)
The Observability Practitioners Summit focuses on pushing the field of monitoring and observability forwards by providing a mix of high-quality talks and opportunities for discussion between the maintainers and users of tracing, metrics, logging, and alerting systems. For additional details, please visit the website.

How to register: Pre-registration is required. To register for Observability Practitioners Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to sali@linuxfoundation.org.

Monday November 18, 2019 9:00am - 5:00pm
San Diego Ballroom BC - Marriott Marquis San Diego Marina Hotel

9:00am

Serverless Practitioner Summit hosted by CNCF and Cloud Foundry (Additional Registration + Fees Required)
The goal is to unite the serverless community and present end users with comprehensive strategies to understand serverless in a cloud native context. To do that, we plan to create a full-day single-track serverless conference that follows our initial successful work in the CNCF serverless working group and surrounding projects.

VIEW THE SCHEDULE

Sponsor the Event

How to register: Pre-registration is required. To register for Serverless Practitioner Summit, add it on during your KubeCon + CloudNativeCon registration.  For questions regarding this event, please reach out to nwashington@linuxfoundation.org.

Monday November 18, 2019 9:00am - 5:00pm
Room 6F - San Diego Convention Center Upper Level

9:00am

Your Path to Production Ready Kubernetes hosted by Weaveworks (Additional Registration + Fee Required)
Using a combination of instructor-led demonstrations and hands-on exercises, the workshop will enable the attendee to go into detail on the following topics:

· Developing and operating your Kubernetes microservices at scale
· DevOps best practices and the movement towards a “GitOps” approach
· Building with Kubernetes in production: caring for your apps, implementing CI/CD best practices, and utilizing the right metrics, monitoring tools, and automated alerts
· Operating Kubernetes in production: Upgrading and managing Kubernetes, managing incident response, and adhering to security best practices for Kubernetes

Prerequisites:
· Basic knowledge of Kubernetes is required. At a minimum practical experience experimenting with Kubernetes is required
· You have deployed a few applications to a test cluster, and now want a path forward of how to use Kubernetes in production
· Familiarity with the Unix command line
· A complete cloud lab environment will be provided, so bring laptop with a modern browser

This workshop doesn’t cover:
· Deep knowledge of the Prometheus Query Language. We’ll be working through practical examples, but won’t cover the rest of PromQL
· Kubernetes Introduction and concepts. We won’t be going through an overview of Kubernetes, instead we focus on application in the real world.
Light breakfast, Lunch and refreshments will be provided.

Please note you must be registered to attend KubeCon + CloudNativeCon 2019 in San Diego in order to attend this workshop.

How to Register: Pre-registration is required. To register for this event, add it on during your KubeCon + CloudNativeCon North America registration.

For questions regarding this event, please reach out to cezz@weave.works.

Monday November 18, 2019 9:00am - 5:00pm
Room 4 - San Diego Convention Center Upper Level

9:00am

Quiet Room
All attendees may feel free to use the Quiet Room as needed. It is a physical space where conversation and interaction are not allowed, where attendees can go if for any reason they can’t interact with other attendees at that time.

Monday November 18, 2019 9:00am - 6:00pm
Room 13 - San Diego Convention Center Mezzanine Level

10:00am

10:00am

10:00am

11:00am

Advanced Kubernetes Cert: Learn How to Build Your Next App with Kube, Istio, & Advanced Services like Watson hosted by IBM Cloud (Free Additional Registration Required)
Do you need to select the right technologies to build your next application? Get your hands dirty with those technologies before you start your build. Learn how Kubernetes and Istio give you full control over your microservices. Kubernetes minimizes outages and disruptions through self-healing, intelligent scheduling, horizontal scaling, and load balancing. Istio gives you security, advanced routing, policy and insights into your application. Our developers will walk you through the step-by-step in this Hands-on-Lab, and you'll walk away with a certification badge.

How to Register: Pre-registration is required. Please visit this link to register for Advanced Kubernetes Cert.

For questions regarding this event, please reach out to Raleigh Melancon.

Monday November 18, 2019 11:00am - 4:00pm
San Diego Ballroom - The Westin San Diego Gaslamp Quarter

11:30am

Open Policy Agent Summit hosted by Styra (Additional Registration + Fee Required)
The Open Policy Agent Summit is a half-day event, bringing together new and current OPA users and contributors to connect and share best practices, key learnings, and new ideas. The founders and maintainers of the project will be on hand to field 1:1 questions and provide live-coding demos—and you’ll see proven real-world implementations from various OPA adopters.

Whether you’re looking to start down your policy journey, or are an early OPA adopter with Rego skills to share, come join the community for sharing, learning, and socializing. A post-summit “wind down” event is included for when the learning ends, but the camaraderie must continue!

How to register: Pre-registration is required. To register for Open Policy Agent Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to opasummit@styra.com.

Monday November 18, 2019 11:30am - 5:00pm
Room 8 - San Diego Convention Center Upper Level

12:00pm

Cloud Native CI/CD Summit hosted by Codefresh (Additional Registration + Fees Required)
Join us on the historic Berkeley Ferryboat at the San Diego Maritime Museum for this half-day event focused on learning from larger organizations and how they deal with the challenges of delivering microservices on Kubernetes, Serverless, and other cloud-native technologies. With speakers from a diverse background and skillset, you're guaranteed to walk away with some actionable information to improve your continuous integration and delivery, whether you're just starting on the road to Kubernetes or already running in production today. Developer productivity and delivering quality software on-time is the goal.

Lunch provided, plus don't miss the post-event happy hour to be held on the museum's historic sailing ship (read: Pirate ship!)

How to Register: Pre-registration is required. To register for Cloud Native CI/CD Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to Taryn Jones at twhite@codefresh.io.


Monday November 18, 2019 12:00pm - 5:00pm
San Diego Maritime Museum, Berkeley Ferryboat

12:30pm

Harbor Lunch & Learn Workshop hosted by VMware (Additional Registration + Fee Required)
Want to learn more about CNCF’s Incubating project Harbor and how it can be used as a cloud native registry? Join us for lunch with Joe Beda, co-founder of Kubernetes, at 12:30, and then get real hands-on experience with installing, configuring, and using Harbor. You’ll also learn how to push images to Harbor, replicate images across different registries, and scan them for vulnerabilities. Throughout the afternoon, you’ll get an opportunity to interface with the Harbor maintainer team, provide feedback on the project, and ask questions.
 
About Harbor:
Harbor is a trusted cloud native registry that stores, signs, and scans container images and helm charts. Harbor offers key enterprise-level features in identity management (LDAP/AD as well as OIDC support with RBAC), multi-tenancy, 2-way replication to 3rd party registries, advanced online garbage collection, and authenticity and provenance capabilities through scanning and signing.  Harbor deploys in under 30 minutes and can be fully managed through a single web console and comes with a set of rich APIs.
 
With the v1.9 release, Harbor introduces many new features in image lifecycle management such as tag retention and quotas as well as features in continuous integration including webhook notifications and integration with GitLab. 

Lunch is provided. Laptop is required.
 
How to Register: Pre-registration is required. To register for Harbor Lunch & Learn Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to Jonas at jrosland@vmware.com.

Monday November 18, 2019 12:30pm - 4:00pm
Room 6E - San Diego Convention Center Upper Level

1:00pm

Google OSS Hands-on Workshop B - KubeFlow (MLOps) hosted by Google Cloud (Additional Registration + Fees Required)
Kubeflow is an OSS machine learning stack that runs on Kubernetes. The Kubeflow project is dedicated to making deployments of ML workflows on Kubernetes simple, portable, and scalable.
In this workshop, you will learn how to install and use Kubeflow, including Kubeflow Pipelines, to support an end-to-end ML workflow. 
During the workshop, you'll install Kubeflow from scratch, see how to use Kubeflow's multi-user Jupyter notebook servers and other core components, and build and run Kubeflow Pipelines that support full ML workflows, using both the Pipelines UI and its SDK.  In the process, we'll look at how you can use logging, metrics and visualizations, and metadata/artifact tracking, to support ML workflow evaluation and reproducibility.
How to Register: Pre-registration is required. To register for Google OSS Hands-on Workshop - KubeFlow (MLOps), add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday November 18, 2019 1:00pm - 3:00pm
Room 11AB - San Diego Convention Center Upper Level

1:00pm

A Linkerd in Production Workshop hosted by Buoyant (Additional Registration + Fee Required)
Registration Fees: USD $499 (Scholarships available.  Please email events@buoyant.io for more information!)

This hands-on workshop covers how to use Linkerd in production on Kubernetes, including installation and sidecar injection, operational tasks such as upgrades and high availability deployments, and a thorough treatment of Linkerd's reliability, security, and observability features. This workshop is presented by Buoyant, the primary sponsors of the Linkerd project, and is taught by Linkerd maintainers and engineers. Attendees are provided with individual Kubernetes clusters courtesy of DigitalOcean Kubernetes, the managed Kubernetes designed for simple and cost effective container orchestration.

How to Register: Pre-registration is required. To register for this event, add it on during your KubeCon + CloudNativeCon North America registration.

For questions regarding this event, please reach out to events@buoyant.io.

Monday November 18, 2019 1:00pm - 5:00pm
Room 7A - San Diego Convention Center Upper Level

1:00pm

Anthos/GKE Workshop hosted by Google Cloud (Additional Registration + Fees Required)
Anthos is the new paradigm for infrastructure modernization from Google. Anthos empowers you to create a reliable, portable, and consistent experience; across clouds and on-premises. Built on open-source technologies pioneered by Google, including Kubernetes and Istio, Anthos allows you to build once to run anywhere.
 
In this workshop, you will gain hands-on experience with the Anthos technologies, including the Hub for managing multiple clusters from different locations.  You will set up a multi-service application across multiple environments and connect the services using a multi-cluster service mesh. You'll also learn about the advanced features of Google Kubernetes Engine (GKE) and Anthos. Be sure to bring your laptop for this lab-based workshop. 

How to Register: Pre-registration is required. To register for Anthos/GKE Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday November 18, 2019 1:00pm - 5:00pm
Room 9 - San Diego Convention Center Upper Level

1:00pm

Introduction to Containers and Kubernetes hosted by VMware (Additional Registration + Fee Required)
DESCRIPTIONReady to dive a little deeper into the world of Kubernetes? Understand the first principles of a cloud native infrastructure, and then dig into our lab environment and deploy your first cluster. This training is designed for attendees who are early in their cloud native journey—you will walk out with more knowledge of basic concepts and greater comfort in working with containers. Joe Beda, co-founder of Kubernetes, will join for live Q&A. Laptops are required.

How to register: Pre-registration is required. To register for Introduction to Containers and Kubernetes, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to xiel@vmware.com.

Monday November 18, 2019 1:00pm - 5:00pm
Room 2 - San Diego Convention Center Upper Level

2:30pm

Kubernetes 101 hosted by Nigel Poulton (Additional Registration + Fee Required)
Bringing you the most popular workshop from DockerCon 2019, delivered by world-renowned trainer Nigel Poulton.
 
If you need to get your head around Kubernetes and want to get your hands dirty deploying and managing an app on a real Kubernetes cluster… this workshop is for you!
 
You’ll start out learning and re-enforcing the basics. Things like, what the heck is a cloud-native microservices app, and what do we mean when we say things like “Kubernetes is a cluster and it’s an application orchestrator…”. 
 
You’ll also get your hands-on, with your very own private Kubernetes lab. You'll deploy a simple app, demonstrate self-healing, scale it up and down, connect to it from the internet, do a zero-downtime rolling update, and perform a versioned rollback.
 
When we're done, you'll be ready to dive into the conference, and be raring to take your next steps.
 
About the trainer. Nigel has trained over 1,000,000 people and is known for his passion and addictive style of teaching. Some trainers are forgettable, Nigel gets inside your head!
 
About the labs. Everyone gets their own private 3-node Kubernetes cluster on the ground-breaking Magic Sandbox platform (https://msb.com). You get terminal access to your Kubernetes cluster, and an amazing live dashboard that shows everything in your cluster and how things connect and scale etc…
 
And last but not least… the workshop will be fun, and your registration fee will contribute towards supporting the causes listed in the “giving back” page on our website, nigelpoulton.com.

How to Register: Pre-registration is required. To register for Kubernetes 101, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to ash@kubetrainer.com.

Monday November 18, 2019 2:30pm - 5:00pm
Room 6D - San Diego Convention Center Upper Level

3:00pm

Google OSS Hands-on Workshop C - Agones (Gaming) hosted by Google Cloud (Additional Registration + Fees Required)
In this workshop you will learn how to turn you Kubernetes cluster into a powerful backend for running multi-player game services using Agones and Open Match -- two open source projects that extend Kubernetes for game infrastructure developers. Leave having set up a basic game connection!

How to Register: Pre-registration is required. To register for Google OSS Hands-on Workshop - Agones (Gaming), add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday November 18, 2019 3:00pm - 5:00pm
Room 11AB - San Diego Convention Center Upper Level

5:02pm

Lightning Talk: What Makes a Good Multi-tenant Kubernetes Solution? - Victor Varza, Adobe
Multi-tenancy leads to sharing resources with hundreds of independent users or teams. Currently, Kubernetes primitives do not provide support for running production workloads in a multi-tenant architecture.

This talk is focused on how to glue together open-source technologies in order to achieve soft multi-tenancy requirements such as: self-management, access control, resource control and workload isolation.

You will learn how to build production ready cross-cloud multi-tenant clusters using Kubernetes primitives and other open-source technologies like Cilium, Heptio Contour, Kata Containers, Open Policy Agent and friends.

Speakers
avatar for Victor Varza

Victor Varza

Sr. Cloud Software Engineer, Adobe
Victor Varza is a Senior Cloud Software Engineer at Adobe Romania, where he is currently working on running an enterprise cross-cloud multi-tenant microservices platform based on Kubernetes. He has over 8 years of experience in development of large-scale platforms based on Linux... Read More →



Monday November 18, 2019 5:02pm - 5:07pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:08pm

Lightning Talk: Boosting Your kubectl Productivity - Mauricio Salatino, LearnK8s
If you work with Kubernetes, then kubectl is probably one of your most-used tools. Whenever you spend a lot of time working with a specific tool, it is worth to get to know it very well and learn how to use it efficiently. The goal of this lighting talk is not only to make your daily work with Kubernetes more efficient but also more enjoyable!

Speakers
avatar for Mauricio Salatino

Mauricio Salatino

Principal Software Developer / Instructor, Camunda / LearnK8s
Kubernetes-addict, Open Source enthusiast Spring Cloud Kubernetes, Contributor Jenkins X Contributor JHipster fan Principal Software Engineer @ Camunda / @ZeebeHQ Instructor @ LearnK8s.io Ex - Red Hat/JBoss - Drools & jBPM Core committer


Monday November 18, 2019 5:08pm - 5:13pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:14pm

Lightning Talk: Get Started With Non-Code Contributions to Kubernetes - David Strebel, Microsoft
Want to contribute to contribute to the Kubernetes project, but not a coder? This lightning talk will focus on how you can contribute back to Kubernetes without writing a line of code.

There exists this notion of developers, developers, developers and that you need to write code to be able to contribute to open source. There are many different ways that you can help out in an open source project without being a developer. In quick talk we will show the different needs open source projects have for non-code contributions and the roles that fit in for non-code contributors.

Coming away from this lightning talk you will have a good understating of how you can get involved in the Kubernetes project and start contributing with no code at all!

Speakers
avatar for David Strebel

David Strebel

Open Source Architect, Microsoft
Dave Strebel is a Global Open Source Architect on the Microsoft Global Black Belt team. Dave focuses on containers, microservice architecture and the cloud-native ecosystem. Dave has been working in technology for over 15 years and has a mixed background across application development... Read More →


Monday November 18, 2019 5:14pm - 5:19pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:20pm

Lightning Talk: Kuber-What-Es?! Misadventures in Building UIs for K8s-Based ML Platforms - Alexandra Johnson, Independent
Last year, our team set out to build a machine learning platform for launching hyperparameter optimization jobs. However, after our launch, the kubernetes-based machine learning platform wasn't a hit with our internal users. This talk explains why, starting with our three critical user interface design decisions, the two problems these led to, and our one direction for future work. This talk is meant to be a very compact, but honest, look at some of the user experience challenges faced by teams building kubernetes-based ML platforms.

Speakers
avatar for Alexandra Johnson

Alexandra Johnson

Tech Lead, Independent
Alexandra loves creating simple and easy to use interfaces for complicated products. Until recently, she was the Platform Tech Lead at SigOpt, where she and her team worked on everything from machine learning infrastructure to web dashboards to API design. She is based out of San... Read More →



Monday November 18, 2019 5:20pm - 5:25pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:26pm

Lightning Talk: Code Kubernetes While You Are Using It - Mario Loriedo, Red Hat
This lightning talk is about deploying a development platform on a Kubernetes cluster and using it to code and rollout an Kubernetes component update. Without stopping coding.

To do so we are going to use Eclipse Che, a container based IDE that runs on Kubernetes and is particularly adapted for rapid cloud native development.

Speakers
avatar for Mario Loriedo

Mario Loriedo

Senior Principal Software Engineer, Red Hat
Mario is a Software Engineer at Red Hat and has been involved in various open source projects integrating containers and development tools. He is the principal architect of the open source project Eclipse Che.


Monday November 18, 2019 5:26pm - 5:31pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:32pm

Lightning Talk: Sharing a GPU Among Multiple Containers - Patrick McQuighan, Algorithmia
We’ve been sharing GPU resources across multiple containers since 2016, and we’ve learned a few lessons along the way. In this lightning talk, we’ll walk you through the work we’ve done and discuss some newer approaches to the same problem.

Specifically, this talk will address:

* Why GPUs matter
* What makes sharing GPUs across containers hard
* How we’ve managed to share GPUs in the past
* Recent solutions, including the GPUShare Scheduler Extender project (https://github.com/AliyunContainerService/gpushare-scheduler-extender)


Speakers
avatar for Patrick McQuighan

Patrick McQuighan

Senior Software Engineer, Algorithmia
Patrick joined Algorithmia in December 2015 and has focused on improving system performance and creating the Enterprise AI Layer Enterprise product, an ML deployment and management system that runs on multiple cloud providers and on-prem infrastructures. Previously, Patrick worked... Read More →



Monday November 18, 2019 5:32pm - 5:37pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:38pm

Lightning Talk: How the Observability Team at Spotify Radically Decreased On-Call Alerts - Lauren Muhlhauser, Spotify
The Reliability team at Spotify took over the monitoring stack and decreased incident pages by 42% within 6 months. At first, they were devoting all their time to managing on-call alerts and tech debt. Now, on-call alerts are manageable and infrequent, and the team is on a path to using entirely open sourced products.

This stack was developed years prior, when there were few well-developed open source solutions available. Lauren describes how migrations to new tools (Grafana and Prometheus) decreased their backlog and on-call pages. She will also cover the improvements the team made to their own open source products (Heroic and FFWD) and why they chose to continue using and maintaining them. Lastly, she will discuss a new tool that the team will be repurposing and open sourcing in the near future.

Speakers
avatar for Lauren Muhlhauser

Lauren Muhlhauser

Site Reliability Engineer, Spotify
Lauren is a Site Reliability Engineer at Spotify on the Observability team. She is currently working on maintaining the monitoring and alerting stack, as well as implementing tracing.



Monday November 18, 2019 5:38pm - 5:43pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:44pm

Lightning Talk: CRDs All the Way Down – Using OPA for Complex CRD Validation and Defaulting - Puja Abbassi, Giant Swarm
Custom Resource Definitions (CRDs) and custom controllers (aka the operator pattern) are becoming the main way we extend Kubernetes. From etcd and Prometheus to full-on Kubernetes extensions a la Cluster API and Service Broker API - a lot of teams are building operators.

As the CRD concept is maturing SIG API machinery is adding useful features like validation, defaulting, structural schemas, etc. In more complex extensions with multiple CRDs and multiple controllers, we run into validation and defaulting use cases that can only be modeled with custom validation and mutation webhooks.

This talk will discuss use cases for complex CRD validation and defaulting, incl. common use cases like validating a CRD against another CRD. Furthermore, the speaker will make a point of why to use Open Policy Agent as a common agent to implement such use cases.

Speakers
avatar for Puja Abbassi

Puja Abbassi

Developer Relations & Product, Giant Swarm
Puja Abbassi is a Developer Advocate and Product Owner at Giant Swarm. As a CNCF ambassador, he's passionate about bringing cloud native technologies to more developers and their companies around the globe. In Kubernetes he focuses on security and authentication as well as extending... Read More →



Monday November 18, 2019 5:44pm - 5:49pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:50pm

Lightning Talk: Easily Observing Operators - Lili Cosic, Red Hat
With everyone building their own operator, instrumenting them is an important piece of the puzzle. In this lighting talk, Lili will demonstrate how to implement operator observability by using kube-state-metrics as a library, to natively expose operator specific metrics.

Join this session to learn how to generate operator and custom resource metrics on the fly in just a few lines of code, by leveraging kube-state-metrics.

Speakers
avatar for Lili Cosic

Lili Cosic

Senior Software Engineer, Red Hat
Lili Cosic is a Senior Software Engineer at Red Hat, working on the in cluster monitoring team. She is also a kube-state-metrics project maintainer. Previously she worked at Weaveworks on the Weave cloud integration with Kubernetes and before that, she found her passion for Kubernetes... Read More →


Monday November 18, 2019 5:50pm - 5:55pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:56pm

Lightning Talk: Open Match - Matchmaking Framework - Robert Bailey, Google
Open Match is an open source game matchmaking framework that simplifies building a scalable and extensible Matchmaker. Open Match is designed to give the game developer full control over how to generate quality matches without having to deal with the challenges of building a scalable online production service. It enables the game developer to re-use the core framework code across games, and just focusing on the rebuilding the matchmaking logic custom to each game.

At its core, Open Match comprises of a set of services hosted in a Kubernetes cluster that manage Players, trigger custom matchmaking logic to generate match proposals and provides ability to evaluate these for quality. The framework also provides functionality such as monitoring, alerting, metrics analysis, autoscaling etc.

Speakers
avatar for Robert Bailey

Robert Bailey

Staff Software Engineer, Google
Robert is part of Google's Cloud Gaming team working on open source gaming infrastructure projects founded by Google such as Agones and Open Match. He was previously a lead for the Cluster Lifecycle SIG, worked on Kubernetes for more than 4 years, and was one of the founding members... Read More →


Monday November 18, 2019 5:56pm - 6:01pm
Exhibit Hall AB - San Diego Convention Center Ground Level

6:02pm

Lightning Talk: Is Your Kubernetes Cluster's DNS Working? - Jonathan Perry, Flowmill
Your Kubernetes cluster is gaining traction and more and more developers are bringing up new services. That’s great news. But you’ve been getting reports of intermittent service failures that you haven’t been able to track down. It doesn’t seem to be anything else...could it be DNS? Maybe we’re not running enough DNS pods or they are restarting too frequently?

This talk will explain how to actually measure DNS health for your Kubernetes cluster and properly plan its capacity. We will share some specific mechanisms to gather DNS traffic information per service both with some standard Linux tools and systematically with eBPF.

Speakers
avatar for Jonathan Perry

Jonathan Perry

CEO and Co-Founder, Flowmill
Jonathan is CEO at Flowmill. Jonathan was a Facebook fellow and previously worked for 7 years in communication systems R&D and HPC algorithm development in the Israeli Defense Force (IDF). Jonathan received his Ph.D. from MIT CSAIL’s Networks and Mobile Systems group, where his... Read More →


Monday November 18, 2019 6:02pm - 6:07pm
Exhibit Hall AB - San Diego Convention Center Ground Level

6:08pm

Lightning Talk: Want to Donate a Project to the CNCF? Here's How - Cheryl Hung, CNCF
From the very first open source project, Kubernetes, to over 30 now, the projects are the lifeblood of the CNCF. The most mature (aka graduated) projects have become de-facto industry standards, backed by thriving communities.

However, it's not always clear how new projects are chosen to enter the CNCF.

Cheryl explains how you can propose a project to join the CNCF, and what the Technical Oversight Committee is looking for.

Speakers
avatar for Cheryl Hung

Cheryl Hung

Director of Ecosystem, Cloud Native Computing Foundation
Cheryl Hung is the Director of Ecosystem at the CNCF. Her mission is to increase the adoption of Kubernetes and cloud native by growing the community and advocating for end users. She founded and runs the Cloud Native London meetup. Previously Cheryl spent five years as a C++ engineer... Read More →



Monday November 18, 2019 6:08pm - 6:13pm
Exhibit Hall AB - San Diego Convention Center Ground Level
 
Tuesday, November 19
 

6:15am

Group Fun Run
Group Fun Run will meet at 6:15 am near the Grand Staircase outside Hall D of the San Diego Convention Center.

Join other runners each morning and see some local San Diego sights like the Gaslamp Quarter, the Embarcadero, Petco Park, and more! Please meet at the San Diego Convention Center Grand Staircase (outside hall D) at 6:15 am. Participants will be required to provide their own running attire and water.

Please sign up using the Google Form for updates.

Meet Time: 6:15 AM
Start Time:  6:30 AM

Tuesday November 19, 2019 6:15am - 6:30am
Grand Staircase, Outside Hall D - San Diego Convention Center
  • Experience Level Any

7:00am

7:00am

7:30am

The New Stack Pancake Breakfast: Kubernetes and Cloud-Native Security - sponsored by Palo Alto Networks
Seating availability limited and on a first-come-first-serve basis. This event tends to fill up fast, so get in line early to secure your spot.

The reports are in — Kubernetes and cloud-native technologies open the attack surface far and wide. Come have a short stack with The New Stack for a Q&A with our expert panelists about the issues and options for managing security in cloud-native workloads. Be prepared and enjoy some pancakes at KubeCon + CloudNativeCon in San Diego!

Moderators
avatar for Joab Jackson

Joab Jackson

Reporter, The New Stack
avatar for Alex Williams

Alex Williams

Founder & Editor-in-Chief, The New Stack

Speakers
avatar for Sean Michael Kerner

Sean Michael Kerner

Jedi
Sean Michael Kerner is a technology journalist and his coverage of the technology industry appears in multiple publications around the world. Kerner is also an IT consultant, technology enthusiast and tinkerer, and has been known to spend his spare time immersed in the study of the... Read More →
avatar for John Morello

John Morello

VP of product for Prisma, Palo Alto Networks
John Morello is the VP of Product at Palo Alto Networks, and the former Chief Technology Officer at Twistlock. Prior to that,  John was a CISO at a Fortune 500 global chemical company. Before that, he spent 14 years at Microsoft, in both Microsoft Consulting Services and product... Read More →
avatar for Chenxi Wang, Ph.D.

Chenxi Wang, Ph.D.

Managing General Partner, Rain Capital
Chenxi Wang, Ph.D., founder of the Jane Bond Project. Dr. Wang also serves on the board of directors for the Open Web Application Security Project (OWASP) Foundation, as an investment advisor to ClearSky Cyber Security and SixThirty Cyber and a strategy advisor to various security... Read More →


Tuesday November 19, 2019 7:30am - 8:45am
Room 2 - San Diego Convention Center Upper Level

8:00am

Quiet Room
All attendees may feel free to use the Quiet Room as needed. It is a physical space where conversation and interaction are not allowed, where attendees can go if for any reason they can’t interact with other attendees at that time.

Tuesday November 19, 2019 8:00am - 6:00pm
Room 13 - San Diego Convention Center Mezzanine Level

9:00am

Keynote: Hiding in the Dark - Dan Kohn, Executive Director, Cloud Native Computing Foundation
What can Minecraft teach us about the adoption of cloud native technologies?

Speakers
avatar for Dan Kohn

Dan Kohn

Executive Director, CNCF
Dan is Executive Director of the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes and Prometheus. He also helped create the Linux Foundation's Core Infrastructure Initiative as an industry-wide response to the security vulnerabilities demonstrated by Heartbleed.He previously served as CTO of several startups, including Spreemo, a healthcare marketplace, and Shopbeam, a shoppable ads company. Earlier, he was a general partner at Skymoon Ventures, a seed-stage... Read More →


Tuesday November 19, 2019 9:00am - 9:10am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:10am

Keynote: CNCF Updates - Cheryl Hung, Director of Ecosystem, Cloud Native Computing Foundation
Speakers
avatar for Cheryl Hung

Cheryl Hung

Director of Ecosystem, Cloud Native Computing Foundation
Cheryl Hung is the Director of Ecosystem at the CNCF. Her mission is to increase the adoption of Kubernetes and cloud native by growing the community and advocating for end users. She founded and runs the Cloud Native London meetup. Previously Cheryl spent five years as a C++ engineer... Read More →


Tuesday November 19, 2019 9:10am - 9:20am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:20am

9:47am

Sponsored Keynote: Keep Kubernetes Caffeinated - Erin Boyd, Principal Software Engineer, Red Hat
Today, we have a whole host of amazing coffee makers that can take a pod of coffee, brew it, deploy it into your cup, add the milk and sweetener, and deliver it just how you like it. In the same way, Kubernetes Operators are taking the complexity out of producing, deploying, and operating applications.
One particular example of where Operators are making a big impact is Storage. Storage features in Kubernetes are evolving to solving more complex problems such as data replication and support for object storage. Come and see how the Rook project is extending these storage capabilities to deliver your applications—just like your favorite cup of coffee.

Speakers
avatar for Erin Boyd

Erin Boyd

Principal Software Engineer, Red Hat
Erin is currently a Senior Principal Engineer for Red Hat working in the CTO Office. Erin is a Kubernetes contributor and an Apache Ambari committer. Erin is an active contributor to the Kubernetes Storage SIG and is currently the co-chair of the CNCF Storage SIG. Erin's main focus... Read More →


Tuesday November 19, 2019 9:47am - 9:52am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:54am

Keynote: NATS: Past, Present and the Future - Derek Collison, Founder and CEO, Synadia
A brief history of the NATS project, where it is today, how it fits into cloud-native architecture, and where it's going in the near future.

Speakers
avatar for Derek Collison

Derek Collison

President and CEO, Synadia
Derek Collison is the founder and CEO of Synadia and is an industry veteran, entrepreneur, and pioneer in large-scale distributed systems and cloud computing. He’s the creator of NATS and Cloud Foundry. Previously, he was founder and CEO of Apcera and held executive positions at... Read More →


Tuesday November 19, 2019 9:54am - 10:14am
Exhibit Hall AB - San Diego Convention Center Ground Level

10:00am

Chair Massage & Relaxation Stations
Relaxation stations will be located around the convention to offer attendees a short “time out”.  Each location will be stocked with games, treats and other miscellaneous items that are designed to allow attendees to clear their minds.  One activity that will be offered will be 5-minute chair massages with onsite sign-ups. 

Tuesday November 19, 2019 10:00am - 2:00pm
San Diego Convention Center

10:16am

Sponsored Keynote: Lachlan Evenson, Principal Program Manager, Microsoft Azure
Speakers
avatar for Lachlan Evenson

Lachlan Evenson

Principal Program Manager, Microsoft
Lachlan is a Principal Program Manager on the Container Compute team at Azure. He has spent the last few years working with Kubernetes and enabling Cloud Native journeys. Lachie serves as a Cloud Native ambassador and TOC contributor, and has deep operational knowledge of many Cloud... Read More →


Tuesday November 19, 2019 10:16am - 10:21am
Exhibit Hall AB - San Diego Convention Center Ground Level

10:20am

10:20am

10:20am

10:20am

10:20am

10:20am

10:20am

10:20am

10:21am

Keynote: Closing Remarks - Vicki Cheung, KubeCon + CloudNativeCon North America 2019 Co-Chair & Engineering Manager, Lyft
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.


Tuesday November 19, 2019 10:21am - 10:25am
Exhibit Hall AB - San Diego Convention Center Ground Level

10:25am

10:25am

10:55am

Containing the Container: Developer Experience vs Strict Security Posture - Brian Bagdzinski & Sharat Nellutla, Verizon
Within Verizon IT we manage multiple multi-tenant Kubernetes clusters across on-prem and multiple clouds hosting hundreds of applications. Containers, Kubernetes, and cloud-native are central pillars: both for our application modernization strategy, and for our north star architecture. However we operate in a highly regulated environment, and our security posture is such that our developers are not permitted to run tools locally that might be considered essential to deliver on this strategy: Docker and Minikube! In this talk we will candidly discuss how we are evolving the developer experience in this space, despite the security constraints, leveraging open source tooling such as Skaffold, Harbor, Kaniko, and Jib.

Speakers
SN

Sharat Nellutla

Associate Director, Verizon
Sharat is an Associate Director at Verizon.  With over 15 years of experience in platform engineering and leadership experience, Sharat leads Verizon's enterprise Kubernetes engineering and Gitops platform engineering teams. He is responsible for multi-cloud Kubernetes architecture... Read More →
avatar for Brian Bagdzinski

Brian Bagdzinski

Cloud Engineer, Verizon
Brian Bagdzinski is a Senior Cloud Engineer at Verizon. As an application developer, as well as being part of a small team responsible for launching a Serverless platform, he is very familiar with how process can get in the way of innovation and creativity. This has instilled in him... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 29ABCD - San Diego Convention Center Upper Level

10:55am

Kubernetes at Cruise: Two Years of Multitenancy - Karl Isenberg, Cruise
Cruise has been working on self-driving cars for six years and growing exponentially for most of that time. Two years ago they started using Kubernetes, betting on namespace-level multitenancy to provide isolation between teams and projects. Today they have over 40 internal tenants, 100,000 pods, 4,000 nodes, and… an embarrassing number of KubeDNS replicas.

This session will take you through the motivations, story, and results of migrating to multitenant Kubernetes, along with some hard-earned Pro Tips from the trenches.

You’ll also learn about the open source tooling they built around Spinnaker, Vault, Google Cloud, and Istio in order to integrate with our multitenant Kubernetes.

Come see how they went from barely isolated to very isolated and saved a few million dollars doing it!

Speakers
avatar for Karl Isenberg

Karl Isenberg

Tech Lead Manager, Cruise
Karl Isenberg leads the PaaS Core Team within the Cruise Infrastructure department. He and his team manage and operate the internal Kubernetes-based Cruise PaaS and assist other teams in getting their services from concept to production. Karl has been working on container platforms... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 6F - San Diego Convention Center Upper Level

10:55am

Building Reusable DevSecOps Pipelines on a Secure Kubernetes Platform - Steven Terrana, Booz Allen Hamilton & Michael Ducy, Sysdig
Onboarding development teams can often be the critical point in determining if a team will adopt modern Cloud Native and DevSecOps practices. If there is too much friction for developers to build, scan, and test their applications or to secure their application environments then these best practices are often pushed aside. In this talk we’ll cover how we automated the creation of a trusted software supply chain. Through a live demonstration, we will show how this approach accelerates adoption by allowing developers to inherit a preconfigured pipeline performing various security tests (and underlying tooling) as well as safeguards (via the CNCF Sandbox project Falco) put in place to monitor production workloads for security problems.

Speakers
avatar for Steven Terrana

Steven Terrana

Lead Technologist, Booz Allen Hamilton
Steven Terrana is a Lead Technologist at Booz Allen Hamilton. A Certified Kubernetes Administrator and Jenkins Contributor, he has built DevSecOps platforms and pipelines across multiple government agencies helping to maximize the velocity of over 50 development teams without sacrificing... Read More →
avatar for Michael Ducy

Michael Ducy

Director of Open Source, Sysdig
Michael Ducy started his technology journey at a young age. Always curious, he was once threatened that he’d never have toys bought for him again if he didn’t stop taking them apart to see how they worked. His first workbench was given to him at the age of 5. His first programming... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Ballroom Sec 20AB - San Diego Convention Center Upper Level

10:55am

Sharing is Caring: How to Begin Speaking at Conferences - Jenny Burcio & Ashlynn Polini, Docker
For many, the idea of speaking in front of a bunch of strangers can be enough to prevent you from ever responding to a CFP. But don't let it! Speaking at conferences, meetups, or even at your own company is a fantastic way to share you knowledge, meet others, advance your career, and give back. Whether you are on the fence, have decided to take the plunge and submit a CFP, or have already even a few talks, this session is for you. Jenny Burcio and Ashlynn Polini will outline tips and strategies for turning your idea into a winning proposal and ultimately a compelling talk. Drawing on their experience reviewing DockerCon CFPs and prepping speakers (including themselves) for a variety of conferences, they will share how to submit and prepare for your first - or next - conference talk.

Speakers
avatar for Jenny Burcio

Jenny Burcio

Sr. Manager, Marketing, Docker
Jenny Burcio manages the Docker Community, including managing content for DockerCon and the Captains program, where she helps awesome Docker community members inspire and educate others. Prior to Docker, Jenny worked at Apigee helping to build their community programs and partner... Read More →
avatar for Ashlynn Polini

Ashlynn Polini

Sr Manager, Events, Docker
Ashlynn Polini runs the user conference known as DockerCon, where she helps awesome Docker community members inspire, connect and learn from each other. Prior to Docker, Ashlynn worked at startups helping to build marketing and operations programs. Ashlynn is a recovering soccer athlete... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 31ABC - San Diego Convention Center Upper Level

10:55am

Only Slightly Bent: Uber’s Kubernetes Migration Journey for Microservices - Yunpeng Liu, Uber
Uber started using docker containers at scale in 2015, and has gone through a few generations of cluster management and service discovery technologies. In early 2019, we started working on migration from Mesos to Kubernetes to support secure service mesh and machine learning workloads.

This is a complex problem - there are thousands of services, tens of millions of containers to be launched daily while maintaining high machine resource utilization. To that end, a lot of customizations are built into our Kubernetes stack including elastic resource sharing, oversubscription, fast rollback and deploy, changes to service discovery and attestation etc.

This talk will cover:
- Overview of Uber Compute Infra
- API server benchmark and tweaks
- Custom controller and scheduler logic
- CRI: resource, health check, logging, isolation
- SPIRE and service discovery setup at Uber

Speakers
avatar for Yunpeng Liu

Yunpeng Liu

Sr Software Engineer, Uber
Lead the compute cluster lifecycle management at Uber. Currently working on efficiency and federation projects in Uber Compute.



Tuesday November 19, 2019 10:55am - 11:30am
Room 30ABCDE - San Diego Convention Center Upper Level

10:55am

Running Apache Samza on Kubernetes - Weiqing Yang, LinkedIn Corporation
Apache Samza is a distributed stream processing framework that allows you to process and analyze your data in real-time. It has been widely used at Linkedin and other companies on a large scale. Recently, we added Kubernetes as the new scheduler backend for Samza to run in distributed mode. In this talk, we will deep dive into the technical details about how Samza runs natively on Kubernetes by leveraging the primitives provided by Kubernetes for scheduling, storages, etc. We will also compare running Samza on Kubernetes with other existing solutions such as YARN and standalone mode. Finally, we will share some practices about running Kubernetes as a container orchestration framework for other big data processing engines.

Speakers
avatar for Weiqing Yang

Weiqing Yang

Software Engineer, LinkedIn
Weiqing has been working in big data computation frameworks since 2015 and is an Apache Spark/HBase/Hadoop/Samza contributor. She is currently a software engineer in streaming infrastructure team at LinkedIn, working on Samza, Brooklin, etc. Before that, she worked in Spark team at... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 1AB - San Diego Convention Center Upper Level

10:55am

CNCF SIG-Security Intro - Sarah Allen, CNCF SIG-Security & Brandon Lum, IBM
“Cloud Native” is open source cloud computing for applications — a complete trusted toolkit for modern architectures (CNCF presentation). There are multiple proposed projects which address key parts of the problem of providing access controls and addressing safety concerns. Each of these adds value, yet for these technical solutions to be capable of working well together and manageable to operate they will need a minimal shared context of what defines a secure system architecture.

Speakers
avatar for Sarah Allen

Sarah Allen

Co-chair, CNCF SIG-Security
Sarah was a founding co-chaired the SAFE WG, now renamed to CNCF SIG-Security. She has been worrying about security concerns, since first building Shockwave in the mid-90s (Netscape plug-in and ActiveX control). In early 2000s, she started developing open source as part of the OpenLaszlo... Read More →
avatar for Brandon Lum

Brandon Lum

Software Engineer, IBM
Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). He enjoys tackling both technical and business challenges and has a side interest in organizational behavior and leadership. At IBM Research... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 6D - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

Intro to gRPC - Jayant Kolhe & Eric Anderson, Google
gRPC is a modern, open source remote procedure call (RPC) framework that can run anywhere. It enables client and server applications to communicate transparently, and makes it easier to build connected systems. Join us for this session to hear about the gRPC project, how you can use it in your applications, and how to get involved with contributing!

Speakers
avatar for Eric Anderson

Eric Anderson

Staff Software Engineer, Google
Eric Anderson is the tech lead of gRPC Java as a Staff Software Engineer at Google. He contributed to the gRPC wire protocol and is experienced with HTTP/2. Previously, he developed the Connectors v4 framework for the Google Search Appliance. Prior to Google, Eric maintained data-driven... Read More →
avatar for Jayant Kolhe

Jayant Kolhe

Engineering Director, Google
Jayant is Director of Engineering at Google working in Google Cloud Organization. He has been at Google for last 10 years. He manages teams that work in areas of Networking, distributed systems and APIs. He has led and managed multiple Open Source Projects such as gRPC and Protocol... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 14AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

10:55am

Intro: Brigade - Matt Butcher & Radu Matei, Microsoft
Brigade is a lightweight, Kubernetes-native framework which allows the creation of event-driven workflows. Using JavaScript, Brigade chains together containers and controls their execution in an in-cluster scripting environment that enables easy error handling and data sharing. In this session, you will learn how to get started with Brigade, how to use the existing GitHub, CloudEvents and generic event support and integrate them in your workflow, and how different companies are using Brigade to automate their internal workflows (from code quality assessment and security scanning, to automatically generating preview environments for each pull request), and ultimately allow teams to build massively distributed workflows using a few lines of JavaScript.

Speakers
avatar for Radu Matei

Radu Matei

Software Engineer, Microsoft
Radu is a Software Engineer at Microsoft Azure, working on Kubernetes and open source developer tools for distributed systems. He is a core maintainer of Brigade, as well as of the Cloud Native Application Bundles (CNAB) project.When he is not working on open source, he loves playing... Read More →
avatar for Matt Butcher

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Developer at Microsoft, where he leads the team of open source developers that manage Helm, CNAB, Brigade, Porter, and several other projects. Matt has a Ph.D. in philosophy, and is the author of eight technical books. He’s also the co-author... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 33ABC - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

Intro: Kubernetes SIG PM - Stephen Augustus, VMware
Kubernetes is one of the most high-velocity open source projects in the world, and one of the most unique features of this community project - that it has it's own PM team and PM process. SIG PM, originally established as a Product Management Group, today covers multiple aspects of Product, Program and Project Management of Kubernetes. In this session, the SIG PM co-chairs will provide a brief overview of SIG PM history and basic principles, the areas of interaction with the Kubernetes community, together with the information on how to start contributing to Kubernetes as a PM.

Speakers
avatar for Stephen Augustus

Stephen Augustus

Lead, Cloud Native Developer Strategy, VMware
Stephen Augustus is an active leader in the Kubernetes community. He currently serves as a Special Interest Group Chair (Release, PM), a Release Manager, and a subproject owner for Azure.Stephen leads the Cloud Native Developer Strategy team at VMware, driving meaningful interactions... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 32AB - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

KubeEdge – Kubernetes Native Edge Computing Framework - Jason Wu & Sean Wang, Futurewei
KubeEdge is an open source edge computing framework that extends the power of kubernetes from central cloud to edge. In this session attendees will learn about: - Why KubeEdge is useful for Edge Computing; - Architecture and major design considerations of KubeEdge; - Latest updates and challenges we faced getting there; - Where KubeEdge is headed. There will be an extended open Q&A at the end for attendees to ask questions. KubeEdge was accepted as the first edge computing project hosted under the Cloud Native Computing Foundation (CNCF) in March 2019.

Speakers
JW

Jason Wu

VP of Product, Futurewei
avatar for Sean Wang

Sean Wang

Senior Director, FutureWei
Sean Wang is a senior director at FutureWei Inc in Seattle. He is the founder of edge computing platform at FutureWei, and product owner of the commercial edge service which later on contributed to CNCF as KubeEdge.Sean has deep interest in large scale distributed systems, built... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 17AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

10:55am

OPA Introduction & Community Update - Rita Zhang, Microsoft & Patrick East, Styra
Come to this session to learn about the Open Policy Agent (OPA) project. OPA is a general-purpose policy engine that solves a number of policy-related use cases in Kubernetes and the wider cloud native ecosystem. During this session the OPA maintainers will introduce the project and then provide updates on the latest and greatest features to land in OPA and OPA Gatekeeper.

Speakers
avatar for Rita Zhang

Rita Zhang

Principal Software Engineer, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco. She spends most of her days contributing to various open source projects as part of the Azure Cloud Native Compute engineering team. Rita is passionate about open source, running distributed workloads... Read More →
avatar for Patrick East

Patrick East

Senior Software Engineer, Styra


Tuesday November 19, 2019 10:55am - 11:30am
Room 5AB - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

Securing the Software Supply Chain with in-toto - Santiago Torres-Arias & Justin Cappos, NYU
The cloud native ecosystem and tooling allows for rapid development and delivery of applications using various services in different configurations in highly-automated software supply chains. Unfortunately, this supply chain has become an attractive target for attacks. An attacker that compromises any of the steps of the supply chain, compromises a dependency or alters the product in transit, can affect all users at once and with devastating consequences.

In this talk, we will talk about the current integrations of in-toto in the cloud/container space. In addition, we will cover the existing in-toto toolchains and how they can be used in various scenarios, from supply CI systems like Jenkins, to providers such as GitLab, and beyond. We will showcase these in different real-world use cases with concrete examples inspire attendees on how to secure their supply chain.

Speakers
avatar for Santiago Torres Arias

Santiago Torres Arias

PhD student, New York University
Open source developer, arch linux packager and security team, member of the reproducible builds project. I do research on securing the devops pipeline and the software supply chain.I'm interested in helping you secure your software supply chain using in-toto.
avatar for Justin Cappos

Justin Cappos

Professor, NYU
Justin Cappos is a professor in the Computer Science and Engineering department at New York University, who strives to provide service to society through technology. Justin's research philosophy focuses on solving real world security problems in practice. He and his students often... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 23BC - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

SIG Cloud Provider Intro - Fabio Rapposelli, VMware & Nick Turner, Amazon
The long-term goal of SIG Cloud Provider is to promote a vendor-neutral ecosystem for our community. New vendors providing support for Kubernetes should feel equally empowered to do so as any of today’s existing cloud providers. More importantly, SIG Cloud Provider is focused on ensuring a consistent and high-quality user experience across providers. The SIG acts as a central group for developing the Kubernetes project in a way that ensures all providers share common privileges and responsibilities. This intro session will begin with an introduction to the SIG activities in representing the collective interests of all participating cloud providers in the Kubernetes ecosystem, and help guide participants in how to become involved with SIG and to transition from specific cloud SIGs to Cloud Provider Working Groups.

Speakers
NT

Nick Turner

Software Engineer, Amazon
avatar for Fabio Rapposelli

Fabio Rapposelli

Staff Engineer 2, VMware
Purveyor of all things open source, loves distributed systems and solving complex problems. Renaissance man and human Rube Goldberg machine, Fabio has been working at the intersection between Kubernetes and VMware for the past 4 years. Frequent speaker at conferences such as dotGo... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 7AB - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

The Release Team Shadow Program - Mentoring For the Future - Guinevere Saenger, GitHub & Lachlan Evenson, Microsoft
Each Kubernetes release is guided by a team of specialist community members to shepherd the process and to culminate in a new release of the world’s most popular container orchestration tool. After Release Day, the team members update some docs, and then disband to re-focus their efforts elsewhere in the project, giving room to others to fill their former roles. But have you ever wondered how the Kubernetes Release Team gets formed in the first place? Come to this talk to find out how YOU could be part of a future Kubernetes Release Team! This talk will discuss the purpose and implementation of the Kubernetes Release Team Shadow Program, give examples of success and areas of growth, and may help you decide if this is an area where you would like to start your journey as a Kubernetes contributor.

Speakers
avatar for Lachlan Evenson

Lachlan Evenson

Principal Program Manager, Microsoft
Lachlan is a Principal Program Manager on the Container Compute team at Azure. He has spent the last few years working with Kubernetes and enabling Cloud Native journeys. Lachie serves as a Cloud Native ambassador and TOC contributor, and has deep operational knowledge of many Cloud... Read More →
avatar for Guinevere Saenger

Guinevere Saenger

Software Engineer, GitHub


Tuesday November 19, 2019 10:55am - 11:30am
Room 6E - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

Low Latency Multi-cluster Kubernetes Networking in AWS - Paul Fisher, Lyft
Lyft is migrating their entire service stack of hundreds of microservices to Kubernetes on AWS. A critical component to Lyft’s successful migration is their open source set of CNI plugins which implement a simple, fast, and low latency networking stack tying together multiple Kubernetes clusters into a flat network within AWS Virtual Private Clouds. Paul’s talk takes a deep dive into the design and implementation of Lyft’s multi-cluster Kubernetes platform from a network-centric perspective, including Envoy mesh integration and performance characteristics.

Speakers
avatar for Paul Fisher

Paul Fisher

Software Engineer, Lyft
Paul Fisher works on all things infrastructure related at Lyft, from monitoring software to the service provisioning stack. He’s currently leading the Lyft migration to Kubernetes. Paul tends toward work that lies at the intersection of systems programming and scale. He's previously... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 28ABCDE - San Diego Convention Center Upper Level

10:55am

Blazin’ Fast PromQL - Tom Wilkie, Grafana Labs
PromQL, the Prometheus Query Language, is a concise, powerful and increasingly popular language for querying time series data. But PromQL queries can take a long time when they have to consider >100k series and months of data. Even with Prometheus’ compression, a 90 day query over 200k series can touch ~100GB of data.

In this talk we will present a series of techniques employed by Cortex (a CNCF project for clustered Prometheus) for accelerating PromQL queries -- namely query results caching, time slice parallelisation, aggregation sharding and automatic recoding rule substitutions.

But there’s more: we will show how you can use this technology to get these improvements with Thanos and Prometheus. Finally, we will cover optimisations to the PromQL engine by the Cortex team, and how these have already been merged upstream to benefit the whole community.

Speakers
TW

Tom Wilkie

VP Product, Grafana Labs
Tom is VP Product at Grafana Labs, but really he is a software engineer. Tom is a maintainer on the Prometheus project and a maintainer and the original author of Cortex, both CNCF projects. Previously Tom founded Kausal, a company working on Prometheus, and worked at companies such... Read More →


Tuesday November 19, 2019 10:55am - 11:30am
Room 11AB - San Diego Convention Center Upper Level

10:55am

Making the Most Out of Kubernetes Audit Logs - Laurent Bernaille & Robert Boll, Datadog
The Kubernetes audit logs are a rich source of information: all of the calls made to the API server are stored, along with additional metadata such as usernames, timings, and source IPs. They help to answer questions such as “What is overloading my control plane?” or “Which sequence of events led to this problematic situation?”. These questions are hard to answer otherwise—especially in large clusters. At Datadog, we have been running clusters with 1000+ nodes for more than a year and during that time, the audit logs have proved invaluable.

In this talk, we will first introduce the audit logs, explain how they are configured, and review the type of data they store. We will then demo a functioning setup and show a few different types of analysis techniques. Finally, we will describe in detail several scenarios where they have helped us to diagnose complex problems.

Speakers
LB

Laurent Bernaille

Staff Engineer, Datadog
Laurent Bernaille worked several years as a consultant specialized in cloud, containers, and automation and helped organizations migrate to the public cloud, adopt containers and improve their deployment pipelines. He is now Staff Engineer at Datadog and works in the Compute team... Read More →
RB

Robert Boll

Engineering Manager, Runtime Platforms, Datadog
Rob is a software engineer with a keen interest in cloud infrastructure and delivery. He is currently an Engineering Manager at Datadog, working on the infrastructure platform and scaling global compute infrastructure built on Kubernetes.


Tuesday November 19, 2019 10:55am - 11:30am
Room 6C - San Diego Convention Center Upper Level

10:55am

The Devil in the Details: Kubernetes’ First Security Assessment - Aaron Small, Google & Jay Beale, InGuardians
In October of last year, the Kubernetes project created a new Security Audit working group and began Kubernetes’ first comprehensive third-party security assessment. In the months that followed, we worked closely with Trail of Bits and Atredis Partners to assess and improve Kubernetes’ security posture.  Through code review and penetration testing, we found and addressed 37 new vulnerabilities.  With support from many Kubernetes contributors, the third party security firms and Kubernetes project produced a formal threat model covering eight critical components across six different trust zones.  In this talk, we will share our findings, methodology, and vision for future security investments.  We’ll discuss what the work uncovered, and what this means to Kubernetes security both now and for the future.

Speakers
avatar for Aaron Small

Aaron Small

Product Manager, Google
avatar for Jay Beale

Jay Beale

CTO, InGuardians
- Co-lead of Kubernetes Security Audit Working Group- Architect and co-developer of the Peirates attack tool for Kubernetes and Bust-a-Kube- Created two broadly used security tools: Bastille Linux and the CIS’ first Linux scoring tool.- He teaches and speaks on Linux and Kubernetes... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 16AB - San Diego Convention Center Mezzanine Level

10:55am

Service Mesh: There and Back Again - Hema Lee & Cody Vandermyn, Nordstrom
You might have heard about service mesh and its amazing benefits. Maybe you believe it’s the next big thing, but will it truly meet expectations? As any start to a relationship, things look fun and easy but once we talk performance at scale, compliance with internal security policies, and seamless onboarding, you might reconsider taking it home to meet your parents!

With a highly distributed system that includes services running on Kubernetes clusters along with VM and Serverless workloads, vanilla service mesh would not work for us. In this talk, Hema & Cody will cover how Nordstrom’s relationship with service mesh evolved, what initial results revealed, what surprised us, and the open source contributions and adaptations we made to get to production readiness. We will share lessons learned and hopefully help with your service mesh relationship.

Speakers
avatar for Hema Lee

Hema Lee

Senior Engineer, Nordstrom
Hema is a Senior Engineer at Nordstrom and a member of the Engineering Platform organization. Currently, she's deep in the world of securing service to service communications across all of Nordstrom's compute infrastructure. Previously, her work spanned developing components for distributed... Read More →
avatar for Cody Vandermyn

Cody Vandermyn

Sr. Software Engineer II, Nordstrom
Cody Vandermyn works as a Senior Engineer at Nordstrom. He is an active contributor to open source including the Linkerd project. As an avid software geek, Cody enjoys building cloud native applications using new technology, ensuring they are easy to maintain and educating others... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Ballroom Sec 20CD - San Diego Convention Center Upper Level

10:55am

Beyond Storage Management - Andrew Large & Yinan Li, Google
Kubernetes added alpha support for persistent volume snapshotting in 1.12 through the Container Storage Interface (CSI). While having some limitations, this feature is critical to stateful workloads and serves as one of the building blocks for developing advanced, enterprise-grade capabilities around data protection.
This talk provides an overview of standard enterprise data protection policies and practices and discusses how those might map into Kubernetes. We’ll discuss the full scope of what data protection might look like in Kubernetes and considerations that go into building an enterprise-grade data protection solution, placing the volume snapshot work in a larger context, and propose some explicit potential future standards activities.

Speakers
YL

Yinan Li

Software Engineer, Google
Yinan Li is currently a Software Engineer at Google. He focuses on work that enriches Kubernetes with enterprise-grade data management capabilities and work that enables large-scale data processing on Kubernetes, including the Kubernetes scheduler backend for Apache Spark. Yinan is... Read More →
AL

Andrew Large

Software Engineer, Google
Andrew Large is currently a software engineer at Google. He focuses on work that enriches Kubernetes with enterprise-grade data management capabilities in hybrid and multi-cloud environments. Prior to Google, Andrew led the cloud analytics teaocsm at Tintri - an enterprise storage... Read More →



Tuesday November 19, 2019 10:55am - 11:30am
Room 15AB - San Diego Convention Center Mezzanine Level

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:50am

eBay Search On K8s - Mohnish Kodnani & Yashwanth Vempati, eBay
eBay currently has billions of items available for search. The search engine at any given time can get around 100K’s of queries per second for search within this inventory.
In order to support this scale of traffic and the size of the inventory we need thousands of servers. The inventory is sharded and then replicated across these servers to handle the traffic. In this talk we will go through how we migrated the application to kubernetes and its deployment architecture while meeting some of the business requirements for resiliency and availability. We will also go through our index distribution architecture that leverages kubernetes principles. At the end we will also share our challenges and learnings while deploying the application on kubernetes.

Speakers
avatar for Mohnish Kodnani

Mohnish Kodnani

Sr MTS, Software Engineer, eBay
Mohnish works on eBay Search Engine’s Indexing and Data Acquisition domains. He is currently in-charge of migrating the Search Engine’s deployment on top of k8s. In his spare time he loves to travel, rock climb and spend time with his 5 year old son.
YV

Yashwanth Vempati

MTS 1,Software Engineer, eBay
Yashwanth is a passionate engineer interested in solving complex business problems. Right now he is working on moving majority of traditional application into cloud native. He is also working on storing data from kubernetes clusters and use them for monitoring and machine learning... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 6C - San Diego Convention Center Upper Level

11:50am

Scaling Resilient Systems: A Journey into Slack's Database Service - Rafael Chacon & Guido Iaquinti, Slack
Monitoring and observability are important concepts, especially in complex and distributed systems. Redundancy and defensive programming are important as well, but sometimes they are not enough. Designing systems to minimize the blast radius when the unexpected happens is often the key.

In this talk, Rafael and Guido will share an overview about how Slack designed, built, scaled and then iterated to improve its distributed database service based on top of Vitess, now a CNCF project. The Databases team at Slack scaled a Vitess cluster from 0 to spikes of 2.7 Million queries per second. This journey has taught us how to operate a database cluster with more than 2000 nodes and expecting to growth to more than 3500 in the next 12 months.

Speakers
avatar for Guido Iaquinti

Guido Iaquinti

Site Reliability Engineer, Freelance
Guido is a system engineer with academic background and experience in high volume/high availability Internet architectures. He is a technology enthusiast excited about open source software. His passion is to develop, scale and automate complex systems.
RC

Rafael Chacon

Staff Software Engineer, Slack
Rafael Chacon is a Staff Software Engineer on the infrastructure team at Slack, where he is working on the MySQL database layer on top of Vitess. Rafael has been part of the team that has migrated more than 30% of Slack database traffic from MySQL to Vitess. He is also now a core... Read More →


Tuesday November 19, 2019 11:50am - 12:25pm
Ballroom Sec 20AB - San Diego Convention Center Upper Level

11:50am

Applying Policy Throughout The Application Lifecycle with Open Policy Agent - Gareth Rushgrove, Snyk
Open Policy Agent is built to be used as a library in other tools and there are already several open source projects using OPA as generic policy engine. This is powerful because it allows end users to invest in one use case, and reuse some of the same knowledge and tools, especially the Rego data assertion language, to solve other adjacent problems.

In this talk we will look at applying Open Policy Agent tools throughout the application lifecycle. We’ll explore:

* Writing unit tests for Kubernetes configuration (and Helm charts) using Conftest
* Defining a CI pipeline in code, and testing that using OPA
* Gating deployments to the cluster using Gatekeeper
* Auditing the cluster for security best practices, by porting the Kubesec ruleset to Rego
* Porting pod security policies to OPA
* Writing unit tests for the Rego policy code we wrote above

Speakers
avatar for Gareth Rushgrove

Gareth Rushgrove

Director Product Management, Snyk
Gareth works remotely from Cambridge, UK, helping to build interesting tools for people to better manage infrastructure and applications. He currently works at Snyk, working on developer-first security tooling. He has previously worked for the UK Government Digital Service focused... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 29ABCD - San Diego Convention Center Upper Level

11:50am

Panel: What’s Essential in an OSS Project Launch Playbook? - Betty Junod, Solo.io; Jian He, Alibaba; Karen Chu, Matt Butcher, & Ronan Flynn-Curran, Microsoft
Creating/developing a new OSS project is hard as is, but how can you go about successfully sharing your project with the community once you’re ready?

Collectively, this panel has launched/worked on multiple open source projects such as Helm, OpenKruise, CNAB, Docker, Gloo & Service Mesh Interface. From their experience, they've identified elements essential to any open source project launch, no matter how small/big your project is.

In this panel, they'll discuss what should be in an OSS project launch playbook:
• Infrastructure: tools needed to create a public space for your project
• Communications: techniques for setting a tone, creating a brand & spreading the word
• Governance: what you need to create a protected but open space for your community
• Goal: purpose of open sourcing your project, rules of engagement
• Community: what you need to plan to grow, cultivate & engage members

Speakers
avatar for Matt Butcher

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Developer at Microsoft, where he leads the team of open source developers that manage Helm, CNAB, Brigade, Porter, and several other projects. Matt has a Ph.D. in philosophy, and is the author of eight technical books. He’s also the co-author... Read More →
avatar for Karen Chu

Karen Chu

Community Manager, Microsoft
Karen Chu is a community manager on the Azure Container Compute team with a focus on open source container-native developer tools such as Helm, CNAB, Brigade, Virtual Kubelet, and more. She has also worked on and keynoted with The Illustrated Children’s Guide to Kubernetes book... Read More →
JH

Jian He

Staff Engineer, Alibaba
Jian He is a Staff Engineer at Alibaba Cloud where he works on container infrastructure to support Alibaba ecosystem. Prior to that, he worked at Hortonworks where he mainly works on Hadoop and is a Hadoop committer and PMC member. Jian He graduated from Brown University in Computer... Read More →
avatar for Betty Junod

Betty Junod

VP of Marketing, Solo.io
Betty Junod is the VP of Marketing at Solo.io focused on open source and commercial software tools in the Service Mesh and Kubernetes ecosystem including Gloo, SuperGloo, GlooShot, Squash and Service Mesh Hub. Previously Betty led product and partner marketing at Docker, the container... Read More →
avatar for Ronan Flynn-Curran

Ronan Flynn-Curran

Designer/Software Engineer, Microsoft
Ronan is a designer and developer who brands, builds and works to boost open source projects at Microsoft Azure. He works within the Deis Labs team, whose goal is to make container-based developer tools accessible and friendly to all. Day-to-day he works on making sites, identity... Read More →


Tuesday November 19, 2019 11:50am - 12:25pm
Room 7AB - San Diego Convention Center Upper Level

11:50am

Hardware-based KMS Plug-in to Protect Secrets in Kubernetes - Raghu Yeluri & Haidong Xia, Intel
Secrets are a key pillar of K8S security, and K8S 1.10+ enhanced the protection of secrets at-rest in the etcd, with support for an external KMS (via KMS plug-ins), and supporting envelope encryption. However, the secret encryption keys (DEKs/KEK) are in the clear in memory of the K8S Master in the KMS plug-ins (during execution). An attacker with privilege access to k8S master node/host, can read the keys from memory, access secrets, compromising data & k8s cluster. This session proposes a solution (with a quick demo) to add a new KMS plug-in that leverages hardware based TEE (Trusted execution environment – like Intel SGX) to ensure that the keys, and the encryption of the secrets, are protected by the CPU on the master, addressing the threat vector mentioned. It enumerates multiple options for the integration with KMS, articulating the the trade-offs of the approaches.

Speakers
avatar for Raghu Yeluri

Raghu Yeluri

Sr. Principal Engineer, Intel
Raghu Yeluri is a Sr. Principal Engineer and lead Security Architect in the Data Center Group at Intel Corporation with focus on container, virtualization and cloud security. In this role, he drives security solution architecture and development to deliver hardware-assisted security... Read More →
HX

Haidong Xia

Sr. Solutions Architect, Intel
Haidong is a Sr. security solution architect in Data Center Group at Intel Corporation. He is also a seasoned developer working on Kubernetes/container security, OpenStack integration of h/w security features and controls, and micro-service/cloud native architecture development. He... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 6E - San Diego Convention Center Upper Level

11:50am

Enabling Kubeflow with Enterprise-Grade Auth for On-Prem Deployments - Yannis Zarkadas, Arrikto & Krishna Durai, Cisco
Kubeflow is an open source machine learning platform built on Kubernetes. Every service in Kubeflow is implemented either as a Custom Resource Definition (CRD) (e.g., TensorFlow Job) or as a standalone service (e.g., Kubeflow Pipelines).

As enterprises start to adopt Kubeflow, the need for access control, authentication, and authorization is emerging. An enterprise-grade solution to authenticate and authorize on two API layers: Kubernetes APIs and Kubeflow’s stand-alone services APIs. For better adoption, the solution should also integrate seamlessly with existing user management solutions in enterprises, such as LDAP or Active Directory (AD).

We present how we combined open-source, cloud-native technologies to design and implement a flexible, modular solution for enterprise authentication and authorization in Kubeflow. The talk will include a live demo.

Speakers
avatar for Yannis Zarkadas

Yannis Zarkadas

Software Engineer, Arrikto
A software engineer at Arrikto, Yannis is a contributor at Kubeflow and is the author and maintainer of the ScyllaDB Operator and the Rook Cassandra Operator.
avatar for Krishna Durai

Krishna Durai

Software Engineer, Cisco
Krishna is a software engineer at Cisco, Bangalore and is a contributor to the Kubeflow open-source project. He has been designing and engineering AI platforms in enterprise domains like healthcare.



Tuesday November 19, 2019 11:50am - 12:25pm
Room 16AB - San Diego Convention Center Mezzanine Level

11:50am

Cortex 101: Horizontally Scalable Long Term Storage for Prometheus - Chris Marchbanks, Splunk
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus metrics, and a horizontally scalable, Prometheus-compatible query API. Cortex allows users to deploy a centralised, globally aggregated view of all their Prometheus instances, storing data indefinitely. In this talk we will discuss Cortex's history, Cortex's architecture, and how to get started with Cortex. Cortex is a CNCF sandbox project.

Speakers
avatar for Chris Marchbanks

Chris Marchbanks

Senior Software Engineer, Splunk
Chris is a Software Engineer at Splunk where he delivers observability for teams working on multiple internal Kubernetes clusters. He is a team member for two CNCF projects, Prometheus and Cortex. Outside of work, Chris enjoys skiing uphill in the mountains of Colorado.


Tuesday November 19, 2019 11:50am - 12:25pm
Room 15AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

11:50am

Five Things You Didn’t Know You Could Do with SPIFFE and SPIRE - Andrew Jessup & Andrés Vega, Scytale
Zero Trust networking and secure authentication are hot topics in security team meetings all over the world. But how do you actually get started? The open-source SPIFFE and SPIRE projects are your foundation for building ridiculously secure software, even between multiple clouds and clusters.

In this talk, we will guide you through five practical applications with the open-source SPIFFE and SPIRE projects, including automatic authentication and mutual TLS encryption between:

workloads on two different clouds,
a workload in a virtual machine and an Istio cluster,
a container in a Google Container Engine cluster and Amazon Web Services
a workload in a Kubernetes cluster and a MySQL database
a workload in a Kubernetes cluster and a Hashicorp Vault cluster
a workload in a Kubernetes cluster and an API gateway

And we’ll do all of this without any annoying passwords, API keys, or secrets.

This talk focuses on real, practical examples of the SPIFFE and SPIRE projects. It assumes no prior knowledge of them, though some passing familiarity with Kubernetes will be helpful.

Speakers
avatar for Andrew Jessup

Andrew Jessup

Recovering Engineer, Scytale
Recovering Engineer at Scytale
avatar for Andrés Vega

Andrés Vega

Product Manager, Scytale


Tuesday November 19, 2019 11:50am - 12:25pm
Room 31ABC - San Diego Convention Center Upper Level

11:50am

How to Migrate a MySQL Database to Vitess - Sugu Sougoumarane, PlanetScale & Morgan Tocker, PlanetScale
Vitess is a cloud-native storage solution that can scale indefinitely. This session will cover a high level overview of all the Vitess features, the architecture, and what database workloads are a good fit. We will then walk through a demo of live-migrating an existing MySQL installation into Vitess. Because Vitess also speaks the MySQL protocol, it is easy to retrofit scaling into your existing database systems.

Speakers
avatar for Sugu Sougoumarane

Sugu Sougoumarane

CTO, PlanetScale
Sugu is CTO at PlanetScale. He is also the lead developer and community leader of the Vitess open source project which he co-created at Youtube in 2010. Vitess has helped multiple companies scale MySQL massively. Prior to Vitess, he worked on various scaling and infrastructure projects... Read More →
MT

Morgan Tocker

Developer Advocate, PlanetScale



Tuesday November 19, 2019 11:50am - 12:25pm
Room 6D - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Intro to Cloud Native Buildpacks - Terence Lee, Heroku & Emily Casey, Pivotal
You're great at running containers but you shouldn't have to be great at building them. In this talk, you'll learn about Cloud Native Buildpacks, a higher-level abstraction for building apps compared to Dockerfiles. Buildpacks are a standardized tool for creating images in a secure, reproducible, and efficient manner. As an app developer, you don't need to know best practices around ordering commands for layer reuse. As an operator, you don't need to worry about exposing developers to the responsibilities that come with Dockerfile. Come learn how buildpacks meet developers at their source code, automate the delivery of both OS-level and application-level dependency upgrades, and help you efficiently handle day-2 app operations

Speakers
EC

Emily Casey

Cloud Native Buildpacks Lead Engineer, Pivotal
TL

Terence Lee

Principal Languages Engineer, Heroku


Tuesday November 19, 2019 11:50am - 12:25pm
Room 14AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

11:50am

Intro to SIG Service Catalog - Jonathan Berkhahn, IBM & Mateusz Szostok, SAP
This is an introduction to the Kubernetes Service Catalog extension project. Service Catalog lets you provision cloud services directly from the comfort of native Kubernetes tooling, regardless of where the service is actually hosted. Service Catalog is a Kubernetes implementation of the Open Service Broker API, an open standard to provision and manage cloud services. Come learn how you can use Service Catalog to access third-party services from your Kubernetes applications or to offer your service to Kubernetes users. We will walk through provisioning a relational database through Service Catalog and and then connect to it from an application running on Kubernetes.

Speakers
JB

Jonathan Berkhahn

Open Source Contributor, IBM
Jonathan Berkhahn is an open source contributor working on behalf of IBM. He co-chairs SIG Service Catalog and is a Member of the Open Service Broker API working group. He also manages his own open source project Blockhead, an OSB broker for provision blockchain nodes for use by cloud... Read More →
avatar for Mateusz Szostok

Mateusz Szostok

Senior Software Engineer, SAP
Mateusz Szostok works at SAP in an open-source project called Kyma. He is one of the co-chairs of the Service Catalog SIG. He specializes in such domains as Service Catalog, Brokers, and Controllers. Currently, he is in charge of the task to replace the Aggregated API Server with... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 32AB - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Intro: Contributor Experience SIG - Elsie Phillips, Red Hat & Paris Pittman, Google
In this 30 minute session, we will explore the projects we have been working on with Contributor Experience and the future work we have on deck. We will provide an update to the following projects and have information on how to get involved.

Speakers
avatar for Paris Pittman

Paris Pittman

Kubernetes OSS Strategy, Google
Paris is a Developer Relations Program Manager on Google Cloud's Open Source Strategy team focusing on the Kubernetes Community. She is a co-chair of the special interest group for Contributor Experience and an organizer of Bay Area Kubernetes Meetup with 4,000 members. She has 14... Read More →
EP

Elsie Phillips

Product Marketing Manager, Red Hat


Tuesday November 19, 2019 11:50am - 12:25pm
Room 23BC - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Intro: Flux - Stefan Prodan, Weaveworks & Alexis Richardson, Weaveworks
In this session, we will introduce the basics of Flux and its Helm Operator sub-project. Flux is an open source operator that makes GitOps happen in your cluster. It automatically ensures that the state of your Kubernetes cluster matches the configuration you’ve supplied in Git. We will explore the GitOps methodology and talk about the benefits of using Flux to do Kubernetes cluster management and application delivery. We shall compare Flux with other approaches like Spinnaker and talk about the differences between CiOps and GitOps. Flux joined CNCF in August 2019 as a sandbox project.

Speakers
avatar for Alexis Richardson

Alexis Richardson

Founder & CEO, Weaveworks
Alexis is the CEO of Weaveworks and the chairman of the TOC for CNCF. Previously he was at Pivotal, as head of products for Spring, RabbitMQ, Redis, Apache Tomcat and vFabric. Alexis was responsible for resetting the product direction of Spring and transitioning the vFabric business... Read More →
avatar for Stefan Prodan

Stefan Prodan

DX Engineer, Weaveworks
Stefan is a Developer Experience engineer at Weaveworks and an open source contributor to cloud-native projects like Flagger, FluxCD, Helm Operator, OpenFaaS and others. He worked as a software architect and a DevOps consultant, helping companies embrace DevOps and the SRE movement... Read More →


Tuesday November 19, 2019 11:50am - 12:25pm
Room 5AB - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Introduction to CRI-O - Mrunal Patel, Red Hat, Inc. & Peter Hunt, Red Hat, Inc.
You have a lot of complicated things to think about as a developer and Kubernetes admin. Your container runtime shouldn't be one of them. CRI-O is there to be your "no-worry" CRI option. Running distributed applications, even with kubernetes, is a challenging task, and ultimately a developer’s focus should be on providing value to their end-users. CRI-O is a container runtime designed to be secure and reliable and is developed exclusively for Kubernetes so that you can focus on what matters more. Join Mrunal Patel and Peter Hunt as they walk through the architecture and design of CRI-O and show you how to deploy and run with kubernetes, so you can choose it as your runtime, and promptly forget about it.

Speakers
MP

Mrunal Patel

Principal Software Engineer, Red Hat
Mrunal Patel is a Principal Software Engineer at Red Hat working on containers for Openshift. He is a maintainer of runc/libcontainer and the OCI runtime specification. He is the lead developer of CRI-O. He has helped contribute support for user namespaces to the Go programming language... Read More →
PH

Peter Hunt

Software Engineer, Red Hat, Inc.



Tuesday November 19, 2019 11:50am - 12:25pm
Room 33ABC - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Introduction to Virtual Kubelet – Featuring Titus by Netflix - Ria Bhatia, Microsoft & Sargun Dhillon, Netflix
Virtual-kubelet can extend kubernetes in many interesting and unique ways. This talk will go through how providers are utilizing virtual-kubelet to extend Kubernetes either for their customers, or for the benefit of their platform. The talk will also go through how Netflix is using virtual-kubelet to aid in integration with their existing architecture. Virtual-kubelet is able to give them the best of both worlds. Netflix has been able to leverage the Kubernetes API Server and the controllers as a mechanism to accelerate their control plane, whilst being able to use their existing containerization and isolation technology that’s been in development under the guise of the Titus (https://medium.com/netflix-techblog/the-evolution-of-container-usage-at-netflix-3abfc096781b) project since December 2015. The flexibility of the project, has allowed them to introduce new southbound, and northbound concepts to their product, which is enabling greater efficiency, and scalability.

Speakers
avatar for Ria Bhatia

Ria Bhatia

Program Manager, Microsoft
Ria Bhatia is a Program Manager for Azure within Microsoft. She's been working with the community on different ways to scale in Kubernetes. She actively maintains Virtual Kubelet and has spoken at multiple meetups and conferences, including LinuxCon in Shanghai. She's also helped... Read More →
avatar for Sargun Dhillon

Sargun Dhillon

Senior Software Engineer, Netflix
Sargun Dhillon is a software engineer. He's been working in the container ecosystem for a number of years, ranging from projects like LXC to Mesos. He currently works on the Netflix container platform, Titus as a member of the agent team.


Tuesday November 19, 2019 11:50am - 12:25pm
Room 6F - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Rethinking the K8s DNS for the Modern Enterprise - Deepa Kalani & Venil Noronha, VMware
The Domain Name System (DNS) is the component that provides the most vital piece of information for one to locate and communicate with services running in a Kubernetes cluster. This technology provides a set of features for name resolution, service discovery, metrics collection, query tracing, etc. However, this is only sufficient to satisfy the requirements of traditional workloads, and modern enterprises demand more.

In this talk, we will discuss the state-of-the-art in the modern enterprise in the context of the Kubernetes DNS. We will present use-cases like extensive aliasing, multi-tenancy, security, etc. that stretch the capabilities of currently available DNS solutions like CoreDNS, Kube-DNS, etc. We will then examine possible approaches to solve these challenges and see where these technologies fall short and how they could be improved.

Speakers
DK

Deepa Kalani

Staff Engineer 2, VMware
Deepa Kalani is a Staff Engineer at VMWare, responsible for development of service mesh technologies with a focus on Istio and Envoy integrations for the enterprise. Prior to VMware, Deepa held various engineering roles at PLUMgrid and Cisco Systems.
avatar for Venil Noronha

Venil Noronha

Open Source Engineer, VMware
Venil Noronha is an engineer with the Open Source Technology Center at VMware. He primarily contributes upstream to open source projects in the service mesh domain, like Istio and Envoy proxy. In the past, he has contributed to several open source projects including Kubernetes, Spring... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 30ABCDE - San Diego Convention Center Upper Level

11:50am

No-Nonsense Observability Improvement - Cory Watson, SignalFx
Observability has gone from a thing you read about on Twitter or Medium thinkpieces to something your organization “has”. Maybe you’ve got a few new observability tools deployed. How is that working out for you?

Regardless of your adoption level – from logs on local boxes up to the highest cardinality traces and feature analysis – at the end of the day these are tools, not magic spells. How do you teach, train, use, evangelize, and measure the impact they have in your organization?

Cory has been a part of solo and large observability teams, in-house and vendor, and worked with dozens of companies. In this session he’ll explain some no-nonsense, tool agnostic methods for wringing more value out of what you have, identifying when to use new tools, how to handle migrations, how to measure value, and how to deal with “why does this cost so much?”

Speakers
avatar for Cory Watson

Cory Watson

Technical Director, SignalFx
Cory Watson is Director of Technology at SignalFx, leading high impact, customer-focused projects around observability and monitoring. Cory started his journey as an SRE at Twitter, and continued on to found the observability team at Stripe. He is a strong voice in the observability... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 17AB - San Diego Convention Center Mezzanine Level

11:50am

Take Envoy Beyond a K8s Service Mesh - to Legacy Bare Metal and VMs + More - Steve Sloka & Steven Wong, VMware
Envoy’s mission is to extract network and communication security code from applications in a way that developers and users can deploy components that just work no matter where they run or what hosts them.

This session will show how to leverage Envoy to achieve interoperation of applications and services, split across Kubernetes and traditional VM or bare metal hosts. We’ll look at how to incrementally bring Kubernetes into an existing application architecture based on existing VM or bare metal applications and services.


Specific examples will demonstrate:
- Using Contour with Envoy as an Ingress and load balancer solution with a richer feature set than some common alternatives
- Sending requests from VM workloads to Kubernetes services
- Direct requests to services running on a VM from Kubernetes
- Dynamical traffic steering - K8s and VM workloads at the same time

Speakers
avatar for Steven Wong

Steven Wong

Open Source Engineer, VMware
Steve Wong has been active in the Kubernetes and Apache Mesos communities since 2015. He is a co-organizer of the IoT and Edge Working Group and a prospective co-chair of a proposed VMware User Group on the Kubernetes project. He is a past speaker at KubeCon, MesosCon, Open Source... Read More →
avatar for Steve Sloka

Steve Sloka

Senior Member of Technical Staff, VMware
Steve Sloka is a Sr. Member of Technical Staff at VMware based in Pittsburgh, PA dealing with all things Cloud, Containers, and Kubernetes. Steve is a maintainer of Contour, Gimbal, the Elasticsearch Operator and is a contributor to many other open source projects. Steve is also a... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Room 28ABCDE - San Diego Convention Center Upper Level

11:50am

CAP_NET_RAW And ARP Spoofing in Your Cluster: It's Going Downhill From Here - Liz Rice, Aqua Security
Did you know that by default, your applications running in Kubernetes can open raw network sockets? This talk demonstrates how, in the right circumstances, the CAP_NET_RAW capability that allows this can be abused by a compromised application.

* ARP spoofing: pretending to represent the wrong IP address
* If the app can ARP spoof the IP address of the DNS service, this potentially lets it spoof DNS addresses: pretending to represent the wrong domain name

Sounds bad, doesn't it?

These attacks, and their consequences, will be demonstrated live, along with preventative measures that you can take to ensure they aren't happening on your cluster.

This talk explains CAP_NET_RAW and spoofing, but the audience is expected to be comfortable with Kubernetes concepts like pod specs and admission controllers.

Speakers
avatar for Liz Rice

Liz Rice

VP Open Source Engineering, Aqua Security
Liz Rice heads the Open Source team at container security specialists Aqua Security, working on projects including kube-hunter, kube-bench and kubectl-who-can. She is chair of the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon in 2018. She has... Read More →


Tuesday November 19, 2019 11:50am - 12:25pm
Room 11AB - San Diego Convention Center Upper Level

11:50am

How the Department of Defense Moved to Kubernetes and Istio - Nicolas Chaillan, Department of Defense
This session will showcase the DoD Enterprise DevSecOps initiative and its architecture. It describes how the Department of Defense is securing OCI compliant containers, moving to Kubernetes and Istio, ensuring abstraction and scale across hundreds of environments, including Clouds, on-premise and classified environments. It will particularly focus on the sidecar security stack leveraging Envoy and sidecar containers to ensure zero trust security and baked-in multi-layer security.

Speakers
avatar for Nicolas Chaillan

Nicolas Chaillan

Chief Software Officer, Department of Defense
Mr. Nicolas Chaillan is appointed as the first Air Force Chief Software Officer, under Dr. William Roper, the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics, Arlington, Virginia. He is also the co-lead for the DoD Enterprise DevSecOps Initiative with... Read More →



Tuesday November 19, 2019 11:50am - 12:25pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level

11:50am

Building Blocks: How Raw Block PVs Changed the Way We Look at Storage - Jose A. Rivera & Rohan Gupta, Red Hat
Raw block PersistentVolumes (PVs) allow applications to consume storage in a new way. In particular, Rook-Ceph now makes use of them to provide the backing store for its clustered storage in a more Kubernetes-like fashion and with improved security. Now we can rethink the notion of how we structure our storage clusters, moving the focus away from static nodes and basing them on more dynamic, resilient devices.

This talk will go over how we incorporated raw block PVs, how the operator manages them, and how we can now define storage cluster. It will also include a demo of the resiliency of these new types of devices. By the end of the talk, you'll not only know how to use raw block PVs but also why and when to use them.

Speakers
avatar for Jose A. Rivera

Jose A. Rivera

Senior Software Engineer, Red Hat
Jose Rivera is a Senior Software Engineer at Red Hat. He's worked in and around storage for over 10 years, with experiences spanning across multiple networked and software-defined storage projects such as Samba (SMB) and GlusterFS. Currently he works on OpenShift Container Storage... Read More →
avatar for Rohan Gupta

Rohan Gupta

Associate Software Engineer, Red Hat
Rohan Gupta is an Associate Software Engineer at Red Hat. He graduated with a Computer Science degree in 2018. He participated in Google Summer of Code 2018 with CNCF and worked on adding NFS operator in Rook. He Joined Red Hat as an intern and was converted into a full time employee... Read More →


Tuesday November 19, 2019 11:50am - 12:25pm
Room 1AB - San Diego Convention Center Upper Level

12:20pm

12:20pm

12:20pm

12:20pm

12:20pm

12:20pm

12:20pm

12:20pm

12:20pm

12:25pm

Lunch (Provided)
Lunches will be served in Hall C, the West Terrace and the 20 Foyer at the San Diego Convention Center.  Specialty meals (if requested) can be picked up at the Cafe Express in Hall C.

Tuesday November 19, 2019 12:25pm - 2:25pm
Hall C + West Terrace + 20 Foyer - San Diego Convention Center

12:25pm

Attendee Headshots, sponsored by Codefresh (Reservation Required; Link in Description)
Get ready for your close up! We are proud to offer a limited number of complimentary headshots to attendees that are looking to spruce up their resume or LinkedIn profile. A reservation is required.
Thank you to our sponsor, Codefresh!

Tuesday November 19, 2019 12:25pm - 2:25pm
Room 21 - San Diego Convention Center Upper Level

1:15pm

Chair Yoga (RSVP Required)
Need to take a break and stretch after your session? Join one of our chair-yoga classes!  Chair Yoga is a great way to reset without having to leave your seat. Just a quick 30-minute session focused on movement and flexibility is enough to revitalize meetings and event participants. All levels of fitness can benefit from chair yoga including those with disabilities or mobility issues.
Space is limited. Please sign up through the attached Google Form.  

Tuesday November 19, 2019 1:15pm - 1:45pm
23A - San Diego Convention Center Upper Level
  • Experience Level Any

1:20pm

1:20pm

1:20pm

1:20pm

1:20pm

1:20pm

1:20pm

1:20pm

1:20pm

2:20pm

2:20pm

2:20pm

2:20pm

2:20pm

2:20pm

2:20pm

2:20pm

2:20pm

2:25pm

A Peek Inside the Enterprise Cloud at Salesforce - Xiao Zhou & Thomas Hargrove, Salesforce
This talk offers a peek inside the enterprise cloud infrastructure at Salesforce. Kubernetes is open source software which is becoming the de facto standard for running services as scale.
Enterprise data centers are aiming to be closely managed and very secure. At Salesforce, we are bringing these two together. We are using Kubernetes to manage 2600+ hosts across 20+ private data centers. In this talk, we’ll be looking at the challenges and our approaches for using Kubernetes as the management software from several perspectives: Multi-tenants and self-serving, Management tooling, Security, Testing, Monitoring/alerting, also Visibility.

Speakers
avatar for Thomas Hargrove

Thomas Hargrove

Software Engineering Senior Director, Salesforce
Thomas is a Software Engineering Senior Director at Salesforce on the infrastructure engineering team. He helped build the hosted Kubernetes offering for Salesforce 1st party data centers with many enhancements around security, visibility and integration to internal systems. Before... Read More →
avatar for Xiao Zhou

Xiao Zhou

Director Software Engineering, Salesforce
Xiao is a Software Engineering Director in Salesforce. She has about 10 years of experiences in the large scale and distributed computing area. Xiao has led numerous cloud native efforts and projects at Salesforce, and previously VMware. She is very passionate about improving quality... Read More →



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 14AB - San Diego Convention Center Mezzanine Level

2:25pm

Running Istio and Kubernetes On-prem at Yahoo Scale - Suresh Visvanathan & Mrunmayi Dhume, Verizon
At Yahoo!, there are 18+ production grade Kubernetes(K8s) clusters and my team operates one of the largest on-prem K8s clusters handling 150K+ containers, 500+ applications and serving 1Million+ request per second. Mission critical Applications, such as Yahoo! Sports/Finance/Home are deployed and enabled by K8s/Istio platforms. The journey started 2 years ago as a ‘proof of concept’ with K8s and signing up for ‘early engagement program’ with Istio team to adopt Istio/Envoy to modernize our stack and move towards micro service architecture. During this journey, 1.Build Identity platform which provide unique identity for workloads 2.Enabled workload with sidecar envoy proxy and integrated with in-house Custom CA & RBAC for authN/Z 3. Build tools to manage both Istio & K8s cluster at scale.This talk will detail how K8s and Istio/Envoy used to deploy/secure/connect workloads @ Yahoo Scale.

Speakers
SV

Suresh Visvanathan

Sr Director/Architect, Verizon
Suresh Visvanathan is a Sr Architect/Director in the Core Platforms team at Verizon Media (Yahoo!). Suresh leads the team responsible for modernizing Yahoo Tech stack using Kubernetes/Istio platforms. Suresh’s responsibilities also include the architecture, vision, strategy and... Read More →
MD

Mrunmayi Dhume

Senior Software Engineer, Verizon Media
Mrunmayi Dhume is a Senior Software Engineer in the Core Infrastructure team at Verizon Media. She is part of the team responsible for providing an L3/L4 routing solution at Verizon Media and leads the design and implementation of the routing layer and Identity Provider system components... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Ballroom Sec 20AB - San Diego Convention Center Upper Level

2:25pm

Managing Helm Deployments with Gitops at CERN - Ricardo Rocha, CERN
Kubernetes has taken a key role at CERN both for physics analysis and core IT services, simplifying and accelerating deployments and allowing a much higher rate of updates and upgrades.

This session will describe how helm is used for managing the description and configuration of the services. How CERN uses chartmuseum to maintain its private chart repositories, and how a custom plugin is used to manage secrets in the configuration, safely pushing encrypted payloads into git repositories. How a well defined structure of umbrella charts (sometimes referred to as meta charts) is used to define high level applications with complex dependencies, and how the notion of service variants and environments is exposed.

A demo will show the full gitops lifecycle for both production and canary deployments, relying on weave flux to quickly propagate changes to clusters.

Speakers
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a software engineer at CERN currently part of the CERN cloud team, focusing primarily on networking and container based deployments. Previously he helped develop and deploy several components of the Worldwide LHC Computing Grid, a network of ~200 collaborating sites around... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level

2:25pm

Mental Health in Tech - Dr. Jennifer Akullian, Growth Coaching Institute
According to research by Open Sourcing Mental Illness, 51% of individuals working in the tech community have been identified with a mental illness. This is disproportionate to the 20% prevalence in the general population. To compound the concern, many working in the tech community are at risk for burnout, a condition that often resembles mental illness. While lots of people in tech struggle with mental health, industry-specific research and advocacy in the community is disproportionately inadequate.

For organizations, awareness and advocacy around employee mental health is crucial, after all, happy employees are more productive and less likely to leave their job. For employees who are struggling, it is important they know that they are not alone and there is help. This talk is focused on reducing the stigma around mental illness and expanding education and awareness into how to help yourself and others in your community. Jennifer will provide mental health background as she reviews the research pertaining to the tech community. Industry-specific burnout will be discussed and strategies for improving one’s experience or helping a friend or colleague will be examined.



Speakers
avatar for Dr. Jennifer Akullian

Dr. Jennifer Akullian

Founder/IO Psychologist, Growth Coaching Institute
Jennifer is an industrial-organizational psychologist that works to grow individuals and organizations in the tech community.  Founder and executive coach at the Growth Coaching Institute, Jennifer works to support professionals through one-to-one coaching, and provides organizational... Read More →



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 6E - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

Russian Doll: Extending Containers with Nested Processes - Christie Wilson & Jason Hall, Google
Kubernetes extensibility has gone mainstream. From CRDs to admission controllers to custom schedulers, as a platform builder you have access to a powerful toolbox! But what about the humble Pod and its hardworking containers? What if you want to extend them? What tools are at your disposal?

In this talk you’ll learn how to extend a container by overriding its binary. This inventive approach is used by Prow (the CI/CD system that tests Kubernetes itself) and systems built on Tekton Pipelines (a Kubernetes based CI/CD platform) like Jenkins X and OpenShift Pipelines.

You’ll see how you can control the order of container execution within a Pod, stream logs to a persistent store at scale, and gracefully handle the appearance and lifecycle of injected sidecars. You’ll learn some of the benefits and drawbacks, as well as how to overcome the hurdles.

Speakers
avatar for Jason Hall

Jason Hall

Software Engineer, Google
Jason Hall (he/him) is a software engineer at Google, currently working on the Tekton project. Before Tekton, he helped launch Google Cloud Build (formery Google Cloud Container Builder), and before that helped launch Google Cloud Source Repositories.
avatar for Christie Wilson

Christie Wilson

Software Engineer, Google
Christie Wilson (she/her) is a software engineer at Google, currently leading the Tekton project. Over the past decade+ she has worked in the mobile, financial and video game industries. Prior to working at Google she led a team of software developers to build load testing tools for... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 6C - San Diego Convention Center Upper Level

2:25pm

Introducing KFServing: Serverless Model Serving on Kubernetes - Ellis Bigelow, Google & Dan Sun, Bloomberg
Production-grade serving of ML models is a challenging task for data scientists. In this talk, we'll discuss how KFServing powers some real-world examples of inference in production at Bloomberg, which supports the business domains of NLP, computer vision, and time-series analysis. KFServing (https://github.com/kubeflow/kfserving) provides a Kubernetes CRD for serving ML models on arbitrary frameworks. It aims to solve 80% of model serving use cases by providing performant, high abstraction interfaces for common ML frameworks. It provides a consistent and richly featured abstraction that supports bleeding-edge serving features like CPU/GPU auto-scaling, scale to and from 0, and canary rollouts. KFServing's charter includes a rich roadmap to fulfill a complete story for mission critical ML, including inference graphs, model explainability, outlier detection, and payload logging.

Speakers
DS

Dan Sun

Senior Software Engineer, Bloomberg
Dan Sun is a Senior Software Engineer of the Data Science Infrastructure team at Bloomberg, focusing on designing and building mission critical production ML inference managed solution. He strives to understand and tackle data scientists' complex problems. He also has many years of... Read More →
EB

Ellis Bigelow

Software Engineer, Google
Ellis Bigelow is a software engineer at Google Cloud developing next generation systems for the AI Platform Prediction Service. In addition to his efforts on Google's managed product, he leads the open source project, Kubeflow/KFServing, a kubernetes-based serverless inferencing platform... Read More →



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 15AB - San Diego Convention Center Mezzanine Level

2:25pm

Cloud Provider Subproject AWS / User Group AWS - Nishi Davidson, Pulumi & Justin SB, Google
SIG AWS is now a sub project of SIG Cloud provider. It is also a User Group. In this session, we will discuss what this means for you and our ongoing roadmap. We will also both demo and discuss features of the 7 projects (previously SIG AWS subprojects) that are part of Cloud Provider Subproject AWS. Bring details of your use cases and feature requests so you can define the future roadmap / feature ask. Also bring your priorities wrt documentation and testing. Finally we will gather together to discuss immediate contributions that folks can make to make these projects meaningful for all users of k8s on AWS.

Speakers
avatar for Nishi Davidson

Nishi Davidson

Solution Engineering, Pulumi
Nishi Davidson has been in the cloud infrastructure and software application space for 16 years working across engineering, product and strategy in S.E Asia, MEA and the US markets. Currently she is responsible for AWS’s open source engineering efforts in the Kubernetes community... Read More →
JS

Justin SB

Software Engineer, Google
Justin has been contributing to kubernetes since 2014, acting as one of the primary developers and maintainers for the AWS support, and serves as a lead on sig-aws. He started the kops project, for managing and operating kubernetes clusters, and is a maintainer on kops. He joined... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 6D - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

Intro to Thanos: Scale Your Prometheus Monitoring With Ease - Lucas Serven, Red Hat & Dominic Green, Improbable
Thanos is an open-source CNCF Sandbox project that builds upon Prometheus components to create a global-scale highly available monitoring system. It seamlessly extends Prometheus in a few simple steps and it is already used in production by dozens of companies that aim for high multi-cloud scale for metrics while keeping low maintenance cost. During this talk, core maintainers of Thanos will explain basic concepts behind the project, its use cases, and tradeoffs. You will learn where to start and how to quickly deploy Thanos on Kubernetes without impacting your existing Prometheus setup. This talk is recommended for beginners that want to know more about running highly available Prometheus setup at scale with potentially unlimited metric retention with the lowest possible effort and cost.

Speakers
avatar for Dominic Green

Dominic Green

Software Engineer, Improbable
Dom was the first cadet to outsmart the Kobiashi Maru, completed the Kessel Run in less than twelve parsecs, and beat Parzival to the First Gate. While not melting reality with fiction Dom works as a Software Engineer at Improbable a London based startup creating virtual worlds with... Read More →
LS

Lucas Serven

Senior Software Engineer, Red Hat
I am a Spanish software engineer currently working for Red Hat in Berlin. By trade I am an electrical engineer, with a Masters in robotics. After two years at CoreOS, I joined Red Hat where I work on Prometheus. Outside of work, I am passionate about deep learning and hack on machine... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 6F - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

Intro: Linkerd - William Morgan, Buoyant
In this session, William Morgan will provide an introduction to Linkerd, the CNCF's service mesh project. Linkerd features blazing fast performance, an ultralight footprint, a Kubernetes-native design, and open governance. You'll learn what it does, why it's useful, differences with other service meshes, and finish with a brief Q&A.

Speakers
avatar for William Morgan

William Morgan

CEO, Buoyant
William Morgan is the cofounder and CEO of Buoyant, creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, where he helped move Twitter from monolith to microservices. He was a software engineer at Powerset, Microsoft, and Adap.tv, and a research scientist at MITRE... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 11AB - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

Introduction to Autoscaling - Marcin Wielgus, Google & Vivek Bagade, Google
Come and see how to reduce the cost of your cluster and make your workloads more robust by dynamically adjusting them to the current traffic. During this talk members of SIG-Autoscaling will explain why you should be autoscaling both applications and clusters, and what tools Kubernetes provides to do that. You will learn the mechanics of Cluster, Horizontal Pod and Vertical Pod Autoscalers, their new features as well as the best practices for applying them in production.

Speakers
avatar for Marcin Wielgus

Marcin Wielgus

Staff Software Engineer, Google
Marcin Wielgus is a Staff Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes before the 1.0 release... Read More →
avatar for Vivek Bagade

Vivek Bagade

Software Engineer, Google
Vivek Bagade is a Software Engineer at Google where he has been working on the Cluster Autoscaler and Node Auto-provisioning. He has been working on and with Kubernetes for the past 4 years. He has also worked as an Engineering Team Lead at Rapyuta Robotics building a Kubernetes based... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 28ABCDE - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

Introduction to CNI, the Container Network Interface Project - Bryan Boreham, Weaveworks & Dan Williams, Red Hat
CNI, the Container Network Interface, is a small but critical piece of infrastructure linking runtimes such as Kubernetes and CloudFoundry to dozens of different container network implementations. This session is aimed at users and developers who have little previous knowledge of container networking. Attendees will hear: - A broad overview of what CNI is - What the CNCF-hosted CNI project has delivered - How CNI relates to Kubernetes - How they can get more involved in the project

Speakers
avatar for Dan Williams

Dan Williams

Principal Software Engineer, Red Hat
Daniel C. B. Williams is a Principal Software Engineer at Red Hat, with a focus on container networking and orchestration, specifically with OpenShift, Kubernetes, CNI, and related projects. As co-lead of the Kubernetes SIG Network group, lead of the Network Plumbing Working Group... Read More →
avatar for Bryan Boreham

Bryan Boreham

Director of Engineering, Weaveworks
Bryan is Director of Engineering at Weaveworks, delivering deployment, observability and monitoring for containers and microservices. After first getting into programming as a kid, creating a video game called "Splat", Bryan's career has ranged from charting pie sales at a bakery... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 17AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

2:25pm

Introduction to Windows Containers in Kubernetes - Michael Michael, VMware & Deep Debroy, Docker
The chairs for SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This will concentrate on presenting an introduction of Windows Containers in Kubernetes and new features that are being delivered.

Speakers
avatar for Michael Michael

Michael Michael

Director of Product Management, VMware
Michael Michael (or M2 as he's known) is VMware's Director of Product Management. He is currently working on cloud native technologies, delivering agility and simplicity to developers and accelerating the modernization of enterprise applications. Michael co-chairs SIG-Windows, one... Read More →
avatar for Deep Debroy

Deep Debroy

Engineering Manager, Docker Inc.
Deep Debroy is a software Engineering Manager at Docker Inc. focussing on different aspects of enabling Windows workloads on Kubernetes as well as Persistent Storage in general. He is an active contributor to Kubernetes projects under SIG Windows and SIG Storage.


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 5AB - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

KubeVirt Intro: Virtual Machine Management on Kubernetes - Steve Gordon, Red Hat & Chandrakanth Jakkidi, F5
This session will provide an introduction to the KubeVirt project, which turns Kubernetes into an orchestration engine for not just application containers but virtual machine workloads as well. This provides a unified development platform where developers can build, modify, and deploy applications made up of both Application Containers as well as Virtual Machines in a common, shared environment.

In the session, you will learn more about why KubeVirt exists, how people are using it today, and how the project actually works from an architectural perspective. You will also see a short demo of the project in action!

Finally, you will hear about future plans for developing KubeVirt’s capabilities that are emerging from the community.

Speakers
avatar for Steve Gordon

Steve Gordon

Principal Product Manager, Red Hat
Geographically displaced Australian. Focused on building infrastructure solutions for compute use cases using a spectrum of virtualization, containerization, and bare-metal provisioning technologies. Stephen is currently a Principal Product Manager at Red Hat based in Toronto, Canada... Read More →
avatar for Chandrakanth Jakkidi

Chandrakanth Jakkidi

Senior Software Engineer, F5 Networks
Chandrakanth Reddy Jakkidi is an Active OpenSource Contributor. He is involved in CNCF and Open Infrastructure community projects. He is Contributed to Openstack , Kubernetes projects.Presently an active contributor to Kubevirt Project.Chandrakanth is having 14+ years experience... Read More →



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 33ABC - San Diego Convention Center Upper Level

2:25pm

SIG Usability: Intro and How to Get Started - Tasha Drew, VMware
SIG Usability is a new SIG focused on the core end-user usability of the Kubernetes project. This covers topics like user experience and accessibility. The goal of SIG Usability is to facilitate adoption of the Kubernetes project by as diverse a community of end users as possible. We do this be ensuring that each end user’s interaction with Kubernetes, from discovery to successful production use is seamless and positive. Examples of efforts include user research, internationalization and accessibility. Join us at this session to learn about the SIG, what we've been up to, and how to get involved as a new contributor!

Speakers
avatar for Tasha Drew

Tasha Drew

Product Line Manager, VMware
Tasha Drew is a product line manager at VMware, working on Tanzu for SDDC and Project Pacific on vSphere, and is the co-chair for the Kubernetes Multi-tenancy working group, the co-chair for SIG-Usability, and the chair for diversity and inclusion at Kubecon North America's Contributor... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 23BC - San Diego Convention Center Upper Level
  • Experience Level Any

2:25pm

Adapting Kubernetes to Constrained IP Address Environments - Mahesh Narayanan & Satyadeep Musuvathy, Google
When it comes to IP addresses, Kubernetes has a demand and supply issue.
On the Demand side, Kubernetes treats Pods as first class citizens with their own IPs. This makes port mappings and usage from a developer’s point of view much much simpler. But from an infrastructure perspective, this makes the whole cluster use IP addresses liberally.

On the Supply side, Kubernetes deployments generally run alongside incumbent networks. Therefore there are not enough IPs to allocate and have a production grade deployment.

Based on real world experience by our customers so far, we have found that there are a few ways to design your clusters to address these concerns:
-- Optimize the per node allocation so that the overall consumption can be optimized
-- re-use IP addresses for Infrastructure but have unique Services IPs.
-- Leverage a new IP addressing scheme through non-RFC 1918 ranges





Speakers
avatar for Mahesh Narayanan

Mahesh Narayanan

Product Manager, Google
Mahesh Narayanan is a Cloud Networking Product Manager at Google Cloud. He works on GKE and drives its networking strategy and roadmap. Mahesh has also worked in sales and customer support roles and has a good understanding of customer perspective. Prior to Google, Mahesh worked in... Read More →
SM

Satyadeep Musuvathy

Software Engineer, Google
Satya is a Software Engineer at Google. He lives and breathes GKE including GKE On-Prem. Satya has extensive Enterprise customer experience with stints at companies like Yahoo and Walmart.



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 16AB - San Diego Convention Center Mezzanine Level

2:25pm

From Issue to PR Merged: A Fluentd “Tail” - Jordan Hamel, Amgen
Do you often find yourself opening an issue or looking for an alternative open-source project with support for your use case? Not sure where to start in contributing a fix for an issue?
Getting involved in the Fluentd ecosystem and submitting a PR helped make it possible for Amgen to effortlessly collect CloudTrail logs from hundreds of AWS accounts owned by separate teams.
We'll take a look at the details of how to collect and annotate logs stored in any format or account in AWS with Fluentd where hundreds or any number of accounts are in use. We'll also follow the details of contributing this now merged PR to the Fluentd S3 plugin that made it possible.
Whether you're a new or long-time user of Fluentd, come and be inspired to consider contributing back to observability related open-source projects like Fluentd and the benefits it can bring to your organization and the community.

Speakers
avatar for Jordan Hamel

Jordan Hamel

Sr Mgr Software Development Engineering, Amgen
Jordan Hamel is a software engineer currently at Amgen who cares about making sure software and the users like each other. Having previously led E-commerce operations for years at Newegg.com, he is a huge fan and supporter of making the user experience as observable as possible and... Read More →



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 7AB - San Diego Convention Center Upper Level

2:25pm

Living with the Pathology of the Cloud: How AWS Runs Lots of Clusters - Micah Hausler, Amazon
Disk speed screeches to a crawl, packets get dropped, connections time out: welcome to the cloud! Most of the time the cloud "just works", but when it doesn’t, how does Kubernetes and etcd handle failure? In this talk Micah will discuss considerations for building and configuring cloud native systems for failure including how Amazon EKS’s architecture and design accounts for outages and dependency failures. Micah will also cover and lessons learned from managing lots and lots of Kubernetes and etcd for customers around the world.

Speakers
avatar for Micah Hausler

Micah Hausler

Sr System Development Engineer, Amazon Web Services
Micah is a Kubernetes contributor, an associate member of the Kubernetes Product Security Committee, and works on EKS at Amazon Web Services.


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 29ABCD - San Diego Convention Center Upper Level

2:25pm

PodOverhead: Accounting for Greater Cluster Stability - Eric Ernst, Intel
Accounting is very important in Kubernetes. Better accounting leads to improved node stability, density, and more accurate charging users based on their actual resource utilization. Unfortunately, there are gaps in resource accounting in Kubernetes today, mostly based on the fact that running a pod is not actually free.

In Kubernetes 1.16, the PodOverhead feature is introduced to fix these issues.

We’ll dive into the details of a pod’s journey from client CLI to running on a node, touching on kubectl, API server, admission controllers, etcd, scheduler, kubelet, containerd/cri-o, and runtimes like Kata Containers and gVisor. Through this we will highlight the current gaps and how the PodOverhead feature addresses them.

Attend to get a basic understanding of the Pod creation process, and learn what the new PodOverhead feature is and how it can be used to improve cluster stability.

Speakers
avatar for Eric	Ernst

Eric Ernst

Senior software engineer, Intel
Eric is a senior software engineer at Intel’s Open Source Technology Center, based out of Portland, Oregon. Eric has spent the last several years working on embedded firmware and the Linux kernel. Eric has been a developer and technical lead for the Intel Clear Containers project... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 1AB - San Diego Convention Center Upper Level

2:25pm

Enforcing Automatic mTLS With Linkerd and OPA Gatekeeper - Ivan Sim, Buoyant & Rita Zhang, Microsoft
Whether you are operating a 5-node or a 500-node Kubernetes clusters, ensuring the integrity and security of the traffic among your workloads is something that should be taken seriously. As your team grows, it is important to automate the application and management of different mTLS policies.

In this talk, Ivan and Rita will share with you how Linkerd and Gatekeeper work together to automate and enforce mTLS policy in production. They will show you how easy it is to encrypt all east-west traffic using Linkerd’s zero config automatic mTLS feature. Then, you will see how Gatekeeper is used to define, enforce and audit every workload entering your cluster to ensure configuration is valid and conformant to policy.

Speakers
avatar for Rita Zhang

Rita Zhang

Principal Software Engineer, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco. She spends most of her days contributing to various open source projects as part of the Azure Cloud Native Compute engineering team. Rita is passionate about open source, running distributed workloads... Read More →
avatar for Ivan Sim

Ivan Sim

Software Engineer, Buoyant
Ivan Sim is a software engineer at Buoyant. He is currently working on the open source Linkerd project. He likes working with the Linkerd community by answering their questions on Slack, and reviewing their PRs. He is passionate about helping users to adopt Linkerd to solve their... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 31ABC - San Diego Convention Center Upper Level

2:25pm

Porting Envoy to Windows; A Progress Report - Yechiel Kalmenson & William A. Rowe, Jr., Pivotal
Envoy is a high-performance open source edge and service proxy that makes the network transparent to applications. As of now Envoy is only available on Linux, and that’s a big blocker for Windows teams who want to migrate their monolithic apps to more service-oriented architectures.

Last year a team at Pivotal started working with Microsoft on making Envoy on Windows a reality. This talk will give a progress report on the work being done:

* An overview of the history of the project. Starting with the work done by Microsoft, contributions to upstream so far, and what we have left.

* Some of the challenges the team faced and how they overcame them. For example, the workarounds we employed to get a working Windows environment for Envoy, and some of the performance issues which still need to be solved.

* What the team is currently working on and what the outlook for the future is like.

Speakers
avatar for William A. Rowe, Jr.

William A. Rowe, Jr.

Principal Software Engineer, Pivotal
William is a veteran of the Apache HTTP Server and APR projects, establishing Windows as a first class platform at these projects. He's applying this experience at Pivotal to help the Envoy Proxy project crew bring Envoy to native Windows OS.
avatar for Yechiel Kalmenson

Yechiel Kalmenson

Software Engineer, Pivotal
Yechiel Kalmenson was born and raised in Brooklyn. He got his rabbinical training in Israel and spent a few years teaching both children and adults. After a brief stint in Tech Support, he found his next calling and went on to study software development. He currently works as a... Read More →


Tuesday November 19, 2019 2:25pm - 3:00pm
Room 32AB - San Diego Convention Center Upper Level

2:25pm

Building a Database as a Service on Kubernetes - Abhi Vaidyanatha & Lucy Burns, PlanetScale
Stateful, scalable storage on Kubernetes is an unsolved problem. Creating it as a service is even more difficult. The cloud-native ecosystem offers many tools such as the operator-sdk, Prometheus, Grafana, etcd, Vitess, and much more, but integrating them isn't necessarily intuitive.

Two of PlanetScale's employees that have engineered and managed the project describe the journey of leveraging all of these open source technologies to build out a database as a service on Kubernetes.

Speakers
avatar for Lucy Burns

Lucy Burns

Product Manager, PlanetScale
avatar for Abhi Vaidyanatha

Abhi Vaidyanatha

Software Engineer, PlanetScale
Abhi is a confused economist who enjoys writing backend code for various parts of PlanetScale's Vitess management software. In his spare time he is a DJ, podcast host, and competitive Super Smash Bros. player.



Tuesday November 19, 2019 2:25pm - 3:00pm
Room 30ABCDE - San Diego Convention Center Upper Level

3:20pm

Managing Apache Flink on Kubernetes - FlinkK8sOperator - Anand Swaminathan, Lyft
We have designed and built an open-source Kubernetes native operator that manages the complete lifecycle of Apache Flink applications from creation to execution. FlinkK8sOperator (https://github.com/lyft/flinkk8soperator) leverages Kubernetes CustomResourceDefinition to enable native management of Flink applications on Kubernetes. In this session, I will be presenting some of the unique challenges of running a complex, stateful application on Kubernetes, and the lessons we have learnt. I will also be providing an overview of how flink operator abstracts out the complexity of hosting, configuring, managing and operating 1000s of Flink clusters from application developers, and concluding with a demo.

Speakers
avatar for Anand Swaminathan

Anand Swaminathan

Software Engineer, Lyft
Anand currently works as a Software Engineer at Lyft building infrastructure for large scale streaming and batch processing systems. He is a major contributor and core maintainer of the open source project - FlinkK8sOperator. Prior to Lyft, Anand worked on DynamoDB (AWS), building... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 6D - San Diego Convention Center Upper Level

3:20pm

10 Weird Ways to Blow Up Your Kubernetes - Melanie Cebula & Bruce Sherrod, Airbnb
It’s a brand new world in infrastructure with the advent of microservices, containerization, Kubernetes, and service mesh. And all is well. Or is it? Find out how easy it is to break container runtimes, abuse your service mesh, and take all of your production services down-- the results will surprise you! In the last year Airbnb scaled up to over 700 services in Kubernetes, running on all types of workloads across 1000s of nodes and dozens of clusters. We’ve learned a lot along the way and have some of our favorite stories to share-- from weird bugs, to hacky workarounds, to serious downtime. Favorites include:
- “Just what is the autoscaler doing”?
- “Knock knock, It’s Kube-DNS”
- “Whose PID is it anyway”?
and more!

Speakers
MC

Melanie Cebula

Software Engineer, Airbnb
Melanie Cebula is a software engineer on the service orchestration team at Airbnb, where she empowers thousands of engineers to create and operate hundreds of production Kubernetes services. She's previously spoken about Airbnb's journey to microservices and developing Kubernetes... Read More →
BS

Bruce Sherrod

Software Engineer, Airbnb
Bruce Sherrod is a software engineer on the service orchestration team at Airbnb.


Tuesday November 19, 2019 3:20pm - 3:55pm
Ballroom Sec 20AB - San Diego Convention Center Upper Level

3:20pm

Kubernetes in Your 4x4 – Continuous Deployment Directly to the Car - Rafal Kowalski, Grape Up
Automotive industry is getting more and more digitalized. Vehicles are not only a mean of transportation, but they pursue to be the drivers' control center with multiple software components onboard. To keep pace with evolving customer expectations and the newest technological solutions, vehicle's software requires frequent updates. However, the delivery process in a scaled up environment is not straightforward. Developers and operators have to face challenges, which are unusual in the typical Cloud Native world. Even basic service deployment may be complicated due to network performance or geographical considerations. During this talk, Rafał will show how to use Kubernetes, KubeEdge, k3s, Jenkins and RSocket for building continuous deployment pipelines, which ship software directly to the car, deals with rollbacks and connectivity issues.

Speakers
avatar for Rafał Kowalski

Rafał Kowalski

Cloud Solution Architect, Grape Up
Rafał Kowalski is a Cloud Solution Architect at Grape Up and a PhD student at the Complex Theory System Department at the Institute of Nuclear Physics Polish Academy of Science. His professional career, as well as scientific work, is related to delivering robust, scalable cloud-based... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 6C - San Diego Convention Center Upper Level

3:20pm

Admission Webhooks: Configuration and Debugging Best Practices - Haowei Cai, Google
Admission (mutating and validating) webhooks have become popular mechanisms for extending Kubernetes API request admission. The admission webhook API is graduating GA in Kubernetes 1.16, where new features are introduced and debuggability improvements are made. In this talk, the audience will learn common pitfalls in admission webhook development, best practices in webhook configuration, and how to identify and debug failures caused by misconfigured or buggy admission webhooks.

Speakers
avatar for Haowei Cai

Haowei Cai

Software Engineer, Google
Haowei Cai is a Software Engineer for Google Cloud. He is one of the owners of Kubernetes Python client library and an active Kubernetes SIG API Machinery contributor. He has been contributing to Kubernetes Extensibility (Admission Webhooks and CRD) to GA working group in the past... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 29ABCD - San Diego Convention Center Upper Level

3:20pm

Towards Continuous Computer Vision Model Improvement with Kubeflow - Derek Hao Hu & Yanjia Li, Snap Inc.
With deep learning gaining popularity in industry, there is a lot of material focusing on model training and serving. However, in production machine learning typically isn't complete after a single round of training. Model owners need to find ways to improve trained models regularly, and good machine learning pipelines achieve this by leveraging continuous feedback.

In this talk, we will demonstrate how Kubeflow and Kubeflow Pipelines are being used to continuously improve computer vision models at Snapchat. We will walkthrough how we orchestrate multiple components with Kubeflow Pipelines to extract data, label images, and (re)train machine learning models. We will also discuss best practices for authoring Kubeflow Pipeline components based on our experiences from developing and deploying these components for production use.

Speakers
DH

Derek Hao Hu

Software Engineer, Snap Inc.
Derek Hao Hu is a software engineer at Snap on the Perception team. He's been working on building machine learning infrastructure, components, pipelines and tools that power different types of computer vision experiences inside Snapchat.
YL

Yanjia Li

Software Engineer, Snap Inc.
Yanjia Li is a Software Engineer on the Perception team of Snap. He has been working on the algorithms and systems behind various computer vision products in Snapchat. One of his focus areas is building the software to handle large-scale deep learning model training and inference... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 31ABC - San Diego Convention Center Upper Level

3:20pm

An Introduction to Helm - Matt Farina, Samsung SDS & Josh Dolitsky, Blood Orange
CNCF Helm is a package manager that provides the tools to find, share, and install and manage software in Kubernetes. In this session you will learn the basics about using Helm. We will look at the makeup of charts, the packages for Helm. From there we will explore the ways to share and consume charts. To complete the lifecycle, we will look at installing and managing charts in a Kubernetes cluster. Helm is a project that was first introduced in 2015 and was part of Kubernetes prior to the creation of the CNCF. It entered the CNCF as part of Kubernetes and grew to eventually became a sister project, alongside Kubernetes, in the CNCF.

Speakers
avatar for Matt Farina

Matt Farina

Senior Staff Engineer, Samsung SDS
Matt works on the Cloud Native Computing Team at Samsung SDS where he focuses on cloud native applications and open source software. He is a published author, speaker, and regular contributor to open source. He is a maintainer for multiple open source projects, including Helm, and... Read More →
avatar for Josh Dolitsky

Josh Dolitsky

Founder & Chief Engineer, bloodorange.io



Tuesday November 19, 2019 3:20pm - 3:55pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level
  • Experience Level Any

3:20pm

CNCF Network SIG Intro & Deep-Dive - Lee Calcote, Layer5 & Matt Klein, Lyft
“It’s the network!” is the cry of every system administrator, every developer. With the increased prevalence of microservice-based distributed systems, it’s true - networking as a discipline has never been more critical in the efficient operation of cloud native deployments. Networking primitives, including load balancing, observability, authentication, authorization, policy, rate limiting, QoS, mesh networks, legacy infrastructure bridging, and so on are now receiving substantial development and investment throughout the industry and are the subject of focus of the CNCF Network SIG.

Join this talk for an intro to the SIG, its charter and a deeper discussion of current cloud native networking topics being advanced in this SIG. Current CNCF projects in-scope: CNI, CoreDNS, Envoy, gRPC, Linkerd, NATS, Network Service Mesh.

Speakers
MK

Matt Klein

Software Engineer, Lyft
Matt Klein is a software engineer at Lyft and the creator of Envoy. He has been working on operating systems, virtualization, distributed systems, networking, and making systems easy to operate for nearly 20 years across a variety of companies. Some highlights include leading the... Read More →
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about developer platforms and management software for clouds, containers, functions and applications. Advanced and emerging technologies have been a consistent focus through Calcote’s tenure at SolarWinds, Seagate... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 6E - San Diego Convention Center Upper Level

3:20pm

Community Bridge BoF - Ihor Dvoretskyi, Cloud Native Computing Foundation & Shubhra Kar, Linux Foundation
CommunityBridge is a platform Developed by the Linux Foundation, which accelerates the adoption, innovation, and sustainability of open source software. This year, CNCF is participating in the Community Bridge, sponsoring three students to work on Kubernetes and CoreDNS projects during the foundations’ pilot stage. This BoF is an opportunity to meet in person and discuss the areas of collaboration between Community Bridge and the Cloud Native Community.

Speakers
avatar for Shubhra Kar

Shubhra Kar

Vice President, Product, TechServices and MarketingOps, Linux Foundation
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate, Cloud Native Computing Foundation
Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation, focused on Kubernetes-related efforts in the open source community.Ihor is a co-founder and co-lead of the Kubernetes Product Management Special Interest Group (SIG-PM), focused on enhancing Kubernetes as... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 23BC - San Diego Convention Center Upper Level
  • Experience Level Any

3:20pm

Fluentd: Cloud Native Logging - Yuta Iwama, Arm Treasure Data & Masahiro Nakagawa, Arm Treasure Data
Logging for cloud-native applications and environments is a continuous challenge from an operational perspective. Fluentd offers a full logging layer than can be accommodated and extended as required to solve any logging need. In this Fluentd session, you will learn about its administration and log processing from a general perspective.

Speakers
MN

Masahiro Nakagawa

Principal Engineer, Arm Treasure Data
Fluentd maintainer
YI

Yuta Iwama

Software Engineer, Arm Treasure Data
Fluentd maintainer



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 17AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

3:20pm

Intro to the Kubernetes Working Group for Multi-tenancy - Tasha Drew, VMware
This introduction will go over what the multi-tenancy working group has been working on and how new contributors can become engaged. New users and contributors are encouraged to attend if multi-tenancy in core Kubernetes is something you are interested in or are working on implementing at your own organization.

Speakers
avatar for Tasha Drew

Tasha Drew

Product Line Manager, VMware
Tasha Drew is a product line manager at VMware, working on Tanzu for SDDC and Project Pacific on vSphere, and is the co-chair for the Kubernetes Multi-tenancy working group, the co-chair for SIG-Usability, and the chair for diversity and inclusion at Kubecon North America's Contributor... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 5AB - San Diego Convention Center Upper Level
  • Experience Level Any

3:20pm

Intro: Harbor - Enterprise Cloud Native Artifact Registry - Steven Ren, VMware & Alex Xu, VMware
As container technology becomes widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage containerized application packages with either container image or Helm Chart format. Project Harbor is an open-source trusted cloud native registry project that stores, manages, signs, and scans content, thus resolving common image or Helm Chart management challenges. In this presentation, we will focus on the management of container images and Helm Charts through Harbor. We will review and provide solutions to the challenges faced by organizations, including RBAC (Role-Based Access Control), vulnerability scanning, large scale content distribution, content replication, content trust (notary), webhook, tag retention, and DevOps integrations, etc.. Real-world use cases will be discussed in the session. Of course, fantastic demos will be shown to let you easily understand the related use cases.

Speakers
SR

Steven Ren

Senior Manager, VMware
AX

Alex Xu

Product Manager, VMware


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 14AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

3:20pm

Jaeger Intro - Yuri Shkuro, Uber Technologies & Pavol Loffay, Red Hat
This session is an introduction to Jaeger and distributed tracing. We will do a demo of the current Jaeger features, talk about the roadmap, and finish with a Q&A. After this session the attendees should better understand how Jaeger fits in the observability space for cloud native applications. For more information on the project everybody is welcome to attend the Jaeger Deep Dive Session.

Speakers
avatar for Pavol Loffay

Pavol Loffay

Software Engineer, Red Hat
avatar for Yuri Shkuro

Yuri Shkuro

Software Engineer, Uber Technologies
Yuri Shkuro is a software engineer at Uber Technologies, working on distributed tracing, observability, reliability, and performance problems; author of the book ["Mastering Distributed Tracing"](https://www.shkuro.com/books/2019-mastering-distributed-tracing/); creator of Jaeger... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 16AB - San Diego Convention Center Mezzanine Level
  • Experience Level Any

3:20pm

Service Discovery With Hybrid and Multi-Cloud: Introduction to CoreDNS - Yong Tang, MobileIron
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. While best known for its ability to serve as the cluster DNS of Kubernetes, CoreDNS is also capable of service discovery in hybrid or multi-cloud environments. The flexibility and extensibility of CoreDNS comes from its unique plugin-based architecture. With plugins such as Route53, Azure, or Google Cloud DNS, CoreDNS exposes services from Kubernetes clusters and cloud service providers in similar fashion. In this Intro session, the focus is it to discuss service discovery in a hybrid environment. Several interesting Corefile configurations will be shared, which are very useful in production usage. The updates on the current state and the road map of CoreDNS, and how CoreDNS as a project could be extended for usages beyond DNS, will be discussed as well.

Speakers
avatar for Yong Tang

Yong Tang

Director of Engineering, MobileIron
Yong Tang is the Director of Engineering at MobileIron working on cloud infrastructure. He contributes to different container and machine learning projects for the open source community. He is a maintainer of CoreDNS and Docker/Moby projects, and had multiple talks in KubeCon before... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 33ABC - San Diego Convention Center Upper Level
  • Experience Level Any

3:20pm

Using TUF to Mitigate Repository Compromises - Marina Moore, NYU & Justin Cappos, NYU
The secure distribution of software is critical to the overall security of a system. In this talk, Justin Cappos and Marina Moore will provide an introduction to The Update Framework (TUF), a CNCF project that has been used throughout the cloud native community for compromise resilient software updates. TUF provides a flexible framework for secure updates even through a compromise of signing keys or the update repository. You will come away from this talk with an understanding of why secure distribution of software is important and how TUF can be used to achieve this goal.

Speakers
avatar for Justin Cappos

Justin Cappos

Professor, NYU
Justin Cappos is a professor in the Computer Science and Engineering department at New York University, who strives to provide service to society through technology. Justin's research philosophy focuses on solving real world security problems in practice. He and his students often... Read More →
MM

Marina Moore

Ph.D. Student, NYU
Marina Moore is a PhD student at NYU focusing on supply chain security. While at NYU she has worked primarily on secure software updates through research and development on TUF and Uptane.


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 32AB - San Diego Convention Center Upper Level
  • Experience Level Any

3:20pm

Design Decisions for Communication Systems - Eric Anderson, Google
When hearing about a new programming language, one might learn it is imperative, strongly-typed, dynamically-type-checked, object-oriented, and garbage-collected. If they have used multiple languages in the past, they now have a pretty good view of the basic constraints of the language.

When it comes to communication systems, it's not as much common knowledge the design choices made and the impact they have. Come hear Eric Anderson discuss a variety of communication systems, from IPC to message queues to REST, modern and historical, and the various features they provide and some trade-offs involved. Learn where gRPC fits and how its design choices impact your service design.

Speakers
avatar for Eric Anderson

Eric Anderson

Staff Software Engineer, Google
Eric Anderson is the tech lead of gRPC Java as a Staff Software Engineer at Google. He contributed to the gRPC wire protocol and is experienced with HTTP/2. Previously, he developed the Connectors v4 framework for the Google Search Appliance. Prior to Google, Eric maintained data-driven... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 15AB - San Diego Convention Center Mezzanine Level

3:20pm

Weighing a Cloud: Measuring Your Kubernetes Clusters - Han Kang, Google & Elana Hashman, Red Hat
Kubernetes is complicated. Instrumenting it can be worse. Measuring the components of a distributed system shouldn't be as daunting as being asked to weigh a literal cloud.

In this talk, we'll go over the components of a Kubernetes control-plane and show you where to look to figure out what is actually happening. We will show you common cluster issues and how they would look in your instrumentation, so that you can more effectively diagnose clusters.

Starting in version 1.14, Kubernetes metrics were overhauled to provide consistent, high quality metrics. Han Kang and Elana Hashman will go over the changes and the potential ingestion implications of this overhaul and how it may affect you.

Speakers
avatar for Han Kang

Han Kang

Senior Software Engineer, Google
Han Kang is a Senior Software Engineer at Google. He is member of SIG API Machinery, where he works on things related to control-plane boot-sequences and health-checking, as well as SIG Instrumentation, where he focuses on efforts to make metrics more stable.
EH

Elana Hashman

Principal Site Reliability Engineer, Red Hat
Elana Hashman currently works for Red Hat as a Principal Site Reliability Engineer as a technical lead on the Azure Red Hat OpenShift managed service. She is a member of the Kubernetes Instrumentation SIG, where she focuses on benchmarking and metrics usability. In the wider FOSS... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 30ABCDE - San Diego Convention Center Upper Level

3:20pm

Building the Cloud Native Kernel: Kubernetes Release Engineering - Tim Pepper & Stephen Augustus, VMware
Is Kubernetes a kernel or distribution? Yes! It is necessarily both!

CRD’s, out-of-tree cloud providers, and CNI/CSI/CRI abstractions evolve Kubernetes’ core toward an extensible kernel.

At 2017, KubeCon NA Tim Hockin and Michael Rubin started a conversation on formalizing “Kubernetes upstream as a distro”, proposing we clean up thinking/processes, define tools/standards, incentivize distros to stay close. They argued for a Kubernetes reference distribution focused on correctness and stability.

So where is it?

After a slow start, we have momentum in 2019 to improve conformance, API stability, and better documented support stances. However to understand why we don’t (yet) have an upstream reference distro, we need to dive deep on build/release/test tooling.

This talk will summarize Kubernetes distro issues/advances and potential contribution areas for individuals and companies.

Speakers
avatar for Stephen Augustus

Stephen Augustus

Lead, Cloud Native Developer Strategy, VMware
Stephen Augustus is an active leader in the Kubernetes community. He currently serves as a Special Interest Group Chair (Release, PM), a Release Manager, and a subproject owner for Azure.Stephen leads the Cloud Native Developer Strategy team at VMware, driving meaningful interactions... Read More →
avatar for Tim Pepper

Tim Pepper

Software Engineer, VMware
Tim is a Senior Staff Engineer in VMware's Open Source Technology Center with over 20 years in open source. He works as an open source developer advocate and contributor to Kubernetes (SIG Release chair; WG LTS organizer). Prior work includes Linux kernel/drivers/distributions, software... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 1AB - San Diego Convention Center Upper Level

3:20pm

Superpowers for Windows Containers - Deep Debroy & Jean Rouge, Docker
The Windows Operating System does not support privileged operations from inside a container today. Daemon-sets on Windows nodes in Kubernetes clusters that need to perform configuration actions on the node are significantly impacted by the absence of privileged mode support on Windows. In this talk we:
1. Explore the pros and cons of the options the SIG Windows community brainstormed to provide containers running on Windows the ability to perform privileged operations while being managed by Kubernetes.
2. Delve into the specific characteristics of the privileged proxy approach we decided to adopt.
3. Demonstrate how the privileged proxy approach is used to support privileged operations that need to be executed by daemon-sets associated with CSI plugins running on Windows nodes in a Kubernetes cluster.

Speakers
avatar for Deep Debroy

Deep Debroy

Engineering Manager, Docker Inc.
Deep Debroy is a software Engineering Manager at Docker Inc. focussing on different aspects of enabling Windows workloads on Kubernetes as well as Persistent Storage in general. He is an active contributor to Kubernetes projects under SIG Windows and SIG Storage.
JR

Jean Rouge

Senior Software Engineer, Docker
Jean is a Senior Software Engineer at Docker and an active contributor in kubernetes and various Docker open-source projects. Most recently he has led the work around GMSA support in Windows on Kubernetes. He's been passionate about DevOps since the beginning of his career: he's worked... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 7AB - San Diego Convention Center Upper Level

3:20pm

Walls Within Walls: What if Your Attacker Knows Parkour? - Tim Allclair & Greg Castle, Google
What happens if an attacker escapes a container and compromises your node? Is it game over for the whole cluster, or can you limit the blast radius? Whether it be for defense in depth or multi-tenancy, it is important to understand the security boundaries in your cluster. In this talk, we’ll discuss various isolation approaches and evaluate them through the eyes of an attacker who has compromised a node and is looking to propagate.

We’ll deep dive on ‘node isolation’: using Kubernetes scheduling to execute workloads on separate nodes, and demonstrate live attacks and defences to educate about strengths and weaknesses of this strategy. We’ll also discuss progress made by SIG-Auth in this area over the past few releases. After this talk you will understand when node isolation is or isn't an appropriate security mechanism, the steps to implement it, and what some alternatives are.

Speakers
avatar for Greg Castle

Greg Castle

Kubernetes/GKE Security Tech Lead, Google
Greg is the tech lead for the Kubernetes and Google Kubernetes Engine (GKE) security team at Google, and is a regular at SIG-Auth. Greg has 15 years of experience in a number of security roles including product security, penetration testing, incident response, platform hardening... Read More →
avatar for Tim Allclair

Tim Allclair

Google, Software Engineer
Tim Allclair joined the Kubernetes project with Google just after the 1.0 launch in 2015. He co-chairs sig-auth, is an active sig-node contributor, and a member of the Kubernetes Product Security Team (responsible for responding to vulnerabilities in Kubernetes). His most recent charter... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm
Room 6F - San Diego Convention Center Upper Level

3:20pm

Airbnb Service Discovery: Past, Present, Future (Challenges of Change) - Chase Childers, Airbnb
In 2013, Airbnb released an open source service discovery solution (SmartStack) and has functioned on the same framework for years. Historically our infrastructure ran on AWS EC2 instances and utilized HAProxy (within Smartstack) for proxying traffic. With a migration to Service Oriented Architecture and Kubernetes, our service discovery must also change. In this presentation we will cover the evolution of our service discovery framework starting with where we started, where we’ve been, where we’ve failed, and where we’re going (hint: Envoy) at Airbnb. This includes both our missteps and our learnings from migrating within a hybrid EC2/Kubernetes world. We’ll dive deep into topics such as challenges of managing and migrating your own service discovery stack, migrating ingress and egress traffic independently, and rolling out infrastructure changes across a massive fleet of services.

Speakers
avatar for Chase Childers

Chase Childers

Site Reliability Engineer, Airbnb
Chase Childers is on the Site Reliability Engineering Team at Airbnb. He has collaborated with the Service Orchestration and Traffic teams to focus on service discovery migrations in the EC2 and Kubernetes context. Outside of this collaboration, his related work includes preparing... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 28ABCDE - San Diego Convention Center Upper Level

3:20pm

Vitess: Stateless Storage in the Cloud - Sugu Sougoumarane, PlanetScale
When Vitess was migrated to run from bare-metal into Google's cloud, it was deployed as a regular stateless application. This meant that a process reschedule resulted in all the local data being wiped.

The property of Vitess to survive in such an unforgiving environment made it naturally suited to run on Kubernetes.

How did Vitess manage to run on such an environment without losing data, and providing High Availability, Scale and Performance? How are other organizations running Vitess?

This session will answer these questions, as well as go into the design principles that prepared Vitess to be cloud-native.

Speakers
avatar for Sugu Sougoumarane

Sugu Sougoumarane

CTO, PlanetScale
Sugu is CTO at PlanetScale. He is also the lead developer and community leader of the Vitess open source project which he co-created at Youtube in 2010. Vitess has helped multiple companies scale MySQL massively. Prior to Vitess, he worked on various scaling and infrastructure projects... Read More →


Tuesday November 19, 2019 3:20pm - 3:55pm
Room 11AB - San Diego Convention Center Upper Level

3:20pm

3:20pm

3:20pm

3:20pm

3:20pm

3:20pm

3:55pm

4:20pm

4:20pm

4:20pm

4:20pm

4:20pm

4:20pm

4:25pm

Developing Edge with Kubernetes - Dejan Bosanac & Ted Ross, Red Hat
While its original intent was to solve cloud-centric architecture challenges, Kubernetes can be used as a platform for developing Edge and IoT applications.
The session will take a look at this topic from the developer's point of view. It'll focus on special aspects of developing services for IoT and Edge environments, like autonomy, locality and secure communication to name some.
What Kubernetes features can be used to address IoT and Edge aspects of developing microservices?
What other projects in the ecosystem can developers use to achieve their goals?
We'll try to answer those questions and demonstrate the flexibility of the platform by demoing an Edge application consisting of services deployed into various environments (like Edge clusters and Edge nodes) working autonomously and communicating securely with each others and the central cloud services.

Speakers
avatar for Dejan Bosanac

Dejan Bosanac

Software Engineer, Red Hat
I'm an engineer at Red Hat with broad expertise in messaging and integration technologies. I’ve been an active member of open source communities for many years and a contributor to various projects. My latest interests revolve around developing open source IoT cloud platform so... Read More →
TR

Ted Ross

Senior Principal Software Engineer, Red Hat
Ted Ross has been with Red Hat Engineering since 2007 working on messaging products like MRG and A-MQ. His background is in embedded systems and Networking. One of his primary interests is in bringing the performance, scale, and reliability of Networking together with the rich utility... Read More →



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 28ABCDE - San Diego Convention Center Upper Level

4:25pm

Making an Internal Kubernetes Offering Generally Available - James Wen, Spotify
In the span of two years, Spotify went from two developers investigating what a potential migration to Kubernetes might involve to having an internal, multi-tenant offering of Kubernetes become generally available for all its developers as the new, primary runtime offering.

Spotify has previously given talks on the earlier bootstrapping, experimentation, alpha, and beta phases of this migration process. However, this talk will focus on the latter work involved in bringing the internal offering of Kubernetes “across the finish line.” The talk will cover what was required to bring the offering to general availability, including work shoring up scalability and reliability via a multicluster strategy, DIRT testing, operational metrics and alerts. This talk will also cover the technical and process elements involved in designing a successful self-service migration experience for developers.

Speakers
avatar for James Wen

James Wen

Senior Site Reliability Engineer, Spotify
James Wen is a senior site reliability engineer at Spotify, where he’s currently focused on revamping Spotify’s runtime infrastructure. Previously, James was the team lead (anchor) of the Cloud Foundry Buildpacks team at Pivotal and served as a core contributor and maintainer... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 30ABCDE - San Diego Convention Center Upper Level

4:25pm

Mario’s Adventures in Tekton Land - Vincent Demeester, Red Hat & Andrea Frittoli, IBM
Tekton is a Kubernetes-native, lightweight, easy to manage CI/CD pipelines engine. Pipeline building blocks can be reused, version controlled and curated in a catalogue that embeds best practices. Tekton, hosted by the CD Foundation, aspires to be the common denominator in CI/CD. The Tekton team wanted to make sure that the project is going in the right direction by "dogfooding" i.e. by using Tekton to run its own automation "plumbing". The initial continuous integration setup embedded most of the testing pipelines in bash scripts. The speakers replaced this with Tekton, hence improving the readability of the pipelines and the reproducibility of CI runs. Eventually, they moved onto continuously delivering Tekton and its pipelines via Tekton. In this talk, the speakers will tell their experiences about using a cloud-native pipeline system to test, release and continuously deploy itself.

Speakers
avatar for Andrea Frittoli

Andrea Frittoli

Open Source Developer Advocate, IBM
Andrea Frittoli is a Developer Advocate at IBM and an open source enthusiast. He is a contributor to the Tekton project and he has contributed to OpenStack for several years. He's a strong advocate for transparency in open source. He likes working on IaaS projects as well as machine... Read More →
avatar for Vincent Demeester

Vincent Demeester

Principal Sofware Engineer, Red Hat
I'm a french developer, Gopher, sysadmin, factotum, free-software fan and unicode lover ; tektoncd, docker/moby maintainer, knative contributor amongst other project.


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 17AB - San Diego Convention Center Mezzanine Level

4:25pm

Polymorphic Reconcilers in Kubernetes - Advanced DuckTyping - Scott Nichols & Matt Moore, Google
The explosion of Custom Resources in Kubernetes has lead to the development of new techniques to reference and reconcile objects in Kubernetes. Come learn how we are leveraging some simple patterns to produce complex systems within Kubernetes in the Knative project, and how you can adapt these methods to your applications.

Speakers
avatar for Matthew Moore

Matthew Moore

Uber TL, VMware
Matt is a member of the Technical Oversight Committee for Knative, leads Knative Serving, and started Knative Build. Previously as Google, Matt was Uber TL of container tools, and was the original TL for Google's Container Registry (gcr.io).
avatar for Scott Nichols

Scott Nichols

Software Engineer, VMware
Scott Nichols is a now at VMware focused on making it easy to create and understand portable event driven serverless workloads. This work is done through Kubernetes, Knative and CloudEvents.



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 16AB - San Diego Convention Center Mezzanine Level

4:25pm

Measuring and Optimizing Kubeflow Clusters at Lyft - Konstantin Gizdarski, Lyft & Richard Liu, Google
Machine learning workloads are often resource-intensive operations. As companies adopt more of these workloads, tracking resource consumption and optimizing spending becomes more challenging.

At Lyft, we developed a system which scrapes metrics from Kubernetes clusters and persists them in data warehouses. We then built a pipeline that transforms snapshots into cluster utilization metrics along the dimensions of CPU, memory, and GPU. Finally we join these metrics into our cost and usage dataset, so teams can budget resources accordingly and reduce spending.

In this talk, we will give an overview of Infraspend - our infrastructure for tracking Kubernetes usage. Attendees will learn how the data we collected helped Lyft reduce spending for Kubeflow clusters. The audience will also gain insights into how Kubernetes clusters can be optimized without performance or stability compromises.

Speakers
avatar for Richard Liu

Richard Liu

Senior Software Engineer, Google
Richard Liu is a Senior Software Engineer at Google Cloud. He is currently an owner and maintainer of the TensorFlow operator and Katib projects in Kubeflow. Previously he had worked as a software developer at Microsoft Azure.
avatar for Konstantin Gizdarski

Konstantin Gizdarski

Software Engineer, Lyft
Konstantin Gizdarski is a Software Engineer at Lyft, where he has been working on — among other things — surfacing the utilization and efficiency of Kubernetes infrastructure. Previously, he has worked on machine learning and product at both Facebook and Stripe.



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 6C - San Diego Convention Center Upper Level

4:25pm

Birds of a Feather (BoF): SODA: The Path To Data Autonomy - Steven Tan, Futurewei & Anjaneya "Reddy" Chagam, Intel
Data autonomy is the ability to control data anywhere, anytime. It is about storing, running and managing data for cloud native, virtualization, and legacy environments both on-premise and in the cloud. The SODA Foundation is embarking on a mission to deliver open data autonomy for end users. To tackle this formidable task, SODA has brought together a community of global innovators to collaborate and contribute to this open source project.

Speakers
AR

Anjaneya Reddy Chagam

Senior Principal Engineer and Chief Software-Defined Storage Architect, Intel
Anjaneya “Reddy” Chagam is a Senior Principal Engineer and Chief Software-Defined Storage Architect in Intel’s Data Center Group. He is responsible for developing software-defined storage strategy, architecture, and technology initiatives. He is a member of the Technical Steering... Read More →
ST

Steven Tan

VP & CTO Cloud Solution, Futurewei
Steven Tan is OpenSDS TSC chair, and VP & CTO Cloud Solution at Futurewei where he is responsible for cloud solutions, and open-source collaboration. Steven brings over 20 years of engineering experience spanning cloud, virtualization, data security, data management, and storage... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 6D - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

4:25pm

Dragonfly Intro: Plugin Framework and New Distribution Strategy - Haibing Zhou, eBay & Ben, Ye, N/A: Individual
In cloud native world, image distribution is never an easy problem when the number and size of container images scale up. It has to be fast and resource efficient and to be cloud native. This session shows how Dragonfly solves this problem, and how it can increase the speed of image distribution while keeping the operation effort as less as possible. Meanwhile, this session shares the latest update on Dragonfly project where plugin framework is coming into the picture, and how this can benefit dragonfly users, as an example, this sessions shares how this plugin framework gives a chance for new decentralized distribution strategy.

Speakers
HZ

Haibing Zhou

Software Engineer, eBay
BY

Ben Ye

Independent
I am a graduate student at Northeastern University. I am one of the maintainers of Dragonfly.



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 32AB - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

Intro to Cloud Provider Azure - Rita Zhang, Microsoft & Craig Peters, Microsoft
In this session, you'll learn about how Kubernetes runs on the Azure infrastructure. We will cover development in the cloud provider over recent Kubernetes releases with support for new features in Azure compute like VMSS, networking like Standard Load Balancer, and storage. We'll also cover how all of this is tested and developed, and help you get involved if you would like to contribute.

Speakers
avatar for Rita Zhang

Rita Zhang

Principal Software Engineer, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco. She spends most of her days contributing to various open source projects as part of the Azure Cloud Native Compute engineering team. Rita is passionate about open source, running distributed workloads... Read More →
avatar for Craig Peters

Craig Peters

Principal Program Manager, Microsoft
Craig is a Principal Program Manager on the Container Compute team at Azure focused on container infrastructure projects. Craig is active in many Kubernetes Special Interest Groups and contributing to Windows nodes in Kubernetes. He is a technology generalist interested in making... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 11AB - San Diego Convention Center Upper Level

4:25pm

Intro to Kubernetes Sig-Architecture Subprojects - Davanum Srinivas, VMware & Jordan Liggitt, Google
SIG Architecture maintains and evolves the design principles of Kubernetes, and provides a consistent body of expertise necessary to ensure architectural consistency over time. The SIG takes care of evolution of Conformance definitions, API definitions/conventions, Deprecation Policy, Design principles, etc. To support these activities the SIG participants work on multiple subprojects.

They are as follows:

* Architecture and API governance - is largely oriented towards sub-project maintainers.
* Code organization - is oriented towards maintainers and distributions.
* Conformance - is oriented towards distributions and community/ISV ecosystems solutions.
* Production readiness - is oriented towards distributions, support organizations, and users.

In this talk, we will walk through what each of the subprojects does, how they work, how each of them benefit and influence work in the kubernetes community, and how you can get involved.

Speakers
avatar for Davanum Srinivas

Davanum Srinivas

Staff Engineer II, VMware
avatar for Jordan Liggitt

Jordan Liggitt

Staff Software Engineer, Google



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 33ABC - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

Intro: CNCF CI - Lucina Stricko, Vulk Coop & Denver Williams, Vulk Coop
The CNCF CI status dashboard -- cncf.ci -- provides a third party validation of builds, deployments and end-to-end testing for CNCF’s Graduated and Incubating projects. The CNCF CI status dashboard continually validates each CNCF project, for any commit on stable and head, running on Kubernetes clusters which are provisioned to a bare metal environment. The results of each testing stage are published to the cncf.ci status dashboard. An Intro session will give an overview of the cncf.ci status dashboard’s key features, goals, technologies used, and allow time for Q&A.

Speakers
DW

Denver Williams

Project Co-Lead, cncf.ci, Vulk Coop
avatar for Lucina Stricko

Lucina Stricko

Partner / Product Manager, Vulk Coop
Lucina Stricko is a co-owner at Vulk Co-operative (vulk.coop) and Product Owner of the CNCF CI Status Dashboard (cncf.ci). Lucina uses her Certified Scrum Product Owner knowledge and empathy to combine features, priorities, and project plans to best serve the end user. When Lucina’s... Read More →



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 7AB - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

Intro: Kubernetes SIG Apps - Adnan Abdulhussein, VMware & Matt Farina, Samsung SDS
Kubernetes SIG Apps covers developing, deploying, and operating applications on Kubernetes with a focus on the application developer and application operator experience. In this session we will focus on the Workloads API (e.g. Deployments, StatefulSet, DaemonSet, Job etc.), the Application CRD, and the supporting elements to make application developers and operators successful with Kubernetes. That includes using the Kubernetes API to run your workloads and leveraging Kubernetes resources to develop Kubernetes native applications.

Speakers
avatar for Matt Farina

Matt Farina

Senior Staff Engineer, Samsung SDS
Matt works on the Cloud Native Computing Team at Samsung SDS where he focuses on cloud native applications and open source software. He is a published author, speaker, and regular contributor to open source. He is a maintainer for multiple open source projects, including Helm, and... Read More →
avatar for Adnan Abdulhussein

Adnan Abdulhussein

Software Engineer, VMware
Adnan Abdulhussein is a Software Engineer at VMware (previously at Bitnami), where he works on building tools to make apps easier to run on Kubernetes. He contributes to the Kubernetes community as a co-chair of SIG-Apps and a core maintainer of the Helm project. Adnan is passionate... Read More →



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 31ABC - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

Intro: OpenEBS - Amit Kumar Das, MayaData & Vishnu Itta, MayaData
Recently OpenEBS was accepted as a CNCF sandbox project. OpenEBS is a block storage provider that is built on top of Kubernetes APIs as well as extends these APIs to let end users have granular control on persistent storage decisions. We welcome communities to join us and make innovations in Container Attached Storage space. In this talk, Amit Das & Vishnu Itta, the core maintainers of OpenEBS will share the background and design principles behind OpenEBS. Through real life use cases, Amit and Vishnu will share the experiences of various OpenEBS users on solving their persistent needs on Kubernetes environments ranging from home grown labs to managed cloud platforms to on premise solutions and other hybrids.

Speakers
avatar for Amit Kumar Das

Amit Kumar Das

Director Of Engineering, MayaData
Amit is a strong open source advocate and a firm believer of `taco bell programming` that helps him building simple & easy to use software. When he is not into programming, you will find him understanding the world from his daughter's perspective. Amit is the maintainer & core contributor... Read More →
VI

Vishnu Itta

Director Of Engineering, MayaData
Developer who always eager to learn, loves math, algorithms and programming. Have good experience in storage protocols, ZFS, FreeBSD internals, Linux, device drivers. Enjoys playing Table Tennis and doing travel.


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 1AB - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

Kubernetes SIG Instrumentation - Intro - Frederic Branczyk, Red Hat & Piotr Szczesniak, Google
Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. This intro session will give an overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make instrumentation even better!

Speakers
avatar for Frederic Branczyk

Frederic Branczyk

Principal Software Engineer, Red Hat
Frederic is an engineer at Red Hat (previously CoreOS) contributing to Prometheus and Kubernetes to build state of the art modern infrastructure and monitoring tools. He discovered his interest in monitoring tools and distributed systems in his previous jobs, where he used machine... Read More →
avatar for Piotr Szczesniak

Piotr Szczesniak

Tech Lead/Manager, Google
Piotr is Tech Lead/Manager working at Google since 2014. He works on GKE/Kubernetes for 4+ years, joining the project in its early days. Piotr leads GKE Monitoring team and Special Interest Group “Instrumentation” in Kubernetes open source community. Piotr graduated from University... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 6E - San Diego Convention Center Upper Level
  • Experience Level Any

4:25pm

Understanding and Troubleshooting the eBPF Datapath in Cilium - Nathan Sweet, DigitalOcean
The advent of eBPF (extended Berkeley Packet Filters) has contributed significantly to container networking progress. However, the tooling for diagnosing and troubleshooting eBPF issues is nascent, and most members of the K8s and Linux communities are unfamiliar with it.

This talk will help demystify eBPF and cover its history. We'll present the default network datapath of the Linux kernel and contrast it in depth with how various eBPF program types diverge from this datapath. In addition, we'll match up the ways in which cilium implements various CNI and K8s constructs/objects with their eBPF program type, so that you'll be able to identify the right troubleshooting methods easily. Finally, we'll match appropriate methods and tools to the various eBPF program types.

Speakers
avatar for Nathan Sweet

Nathan Sweet

Senior Software Engineer, DigitalOcean
Nathan Sweet is a Senior Software Engineer at DigitalOcean that works on the managed Kubernetes team. He has been working on managed cloud products for the past 5 years, and managed Kubernetes products for the past 3 years. He focuses specifically on system and network performance... Read More →



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 15AB - San Diego Convention Center Mezzanine Level

4:25pm

Scaling Kubernetes to Thousands of Nodes Across Multiple Clusters, Calmly - Ben Hughes, Airbnb
In under a year, Airbnb went from 600 Kubernetes nodes across a couple handcrafted clusters to over 5000 nodes on tens of clusters. Successful adoption of Kubernetes by services led to more and faster adoption leading to challenges of scale. Facing this, Airbnb switched to a multiple production cluster architecture to get around single cluster scalability limits and ensure ample capacity for services.

This process increased the consistency of the cluster configurations while reducing manual operations. This talk will discuss the problems that were faced during scaling, the shape of the solutions, specific approaches that worked well (and didn’t), and how this was accomplished without a drastic shift away from existing pre-Kubernetes infrastructure tooling. A key result was reducing the time to create a new, production-ready cluster from over a week to under an hour.

Speakers
BH

Ben Hughes

Software Engineer, Airbnb
Ben Hughes has worked on database scaling, Ruby and Node.js performance, incident response, and Kubernetes at Airbnb. He has previously spoken about [Scaling Airbnb](https://www.oreilly.com/library/view/velocity-conference-new/9781491900406/video191370.html) at VelocityConf NY, [Alerting](https://www.youtube.com/watch?v=MYmVu_IMC20... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level

4:25pm

Extending containerd - Samuel Karp & Maksym Pavlenko, Amazon
containerd, a graduated CNCF project, is a widely used container runtime that provides core functionality for Docker. containerd was designed to be small and simple, but also very modular and extensible. This talk covers the architecture of containerd, explains the responsibilities of each component, and dives deep into containerd’s facility for extension. We’ll cover the individual gRPC services that make up containerd and show how they can be extended with proxy plugins, Go plugins, process interfaces (OCI runtimes and process-based logging), thick client implementations, and build-your-own containerd for compiled-in extension. These extension mechanisms can be shown with simple examples and real-world use in the firecracker-containerd project.

Speakers
avatar for Samuel Karp

Samuel Karp

Senior Software Development Engineer, Amazon Web Services
Samuel Karp is a Senior Software Development Engineer at AWS working on containers and helping to build core components behind AWS Fargate, Amazon EKS, and Amazon ECS. Sam has been a contributor to Docker/Moby since 2015 and to containerd since 2017, and is currently building the... Read More →
avatar for Maksym Pavlenko

Maksym Pavlenko

Software Development Engineer, Amazon Web Services
Maksym Pavlenko is a Software Development Engineer at AWS working on containers and helping to build core components behind AWS Fargate, Amazon EKS, and Amazon ECS. Maksym is a maintainer in containerd, and is currently building the firecracker-containerd project to run containers... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 5AB - San Diego Convention Center Upper Level

4:25pm

Panel: Control Plane vs Data Plane: Untangling the Tenets of Multitenancy - Erica Von Buelow, Red Hat; Sanjeev Rampal, Cisco; Ryan Bezdicek, Cray Inc.; Adrian Ludwin, Google; & Fei Guo, Alibaba
Virtually every organization over a certain size wants to be able to share their clusters between different sets of users. As a result, the Multi-tenancy Working Group is seeing increasingly high demand for higher-level features to support Kubernetes multi-tenancy. Unfortunately, each organization has different and often unspoken assumptions about what tenancy means to them, so different use cases and needs often get conflated. In this discussion, our panelists will share their proposals for the principles of multi-tenancy, according to both the type of concerns (control plane vs data plane) as well as the type of tenants (such as dev teams, production teams and third-party users).

Speakers
avatar for Sanjeev Rampal

Sanjeev Rampal

Principal Engineer, Cisco
Sanjeev Rampal, PhD, is a Principal Engineer in the Cloud Platforms and Solutions group at Cisco Systems where he works on the Cisco Container Platform, an enterprise multi-cloud platform based on Kubernetes and cloud native technologies. He has over 20 years of experience in development... Read More →
avatar for Erica von Buelow

Erica von Buelow

Senior Software Engineer, Red Hat
Erica Von Buelow is a Senior Software Engineer at Red Hat and previously at CoreOS. She is a full stack engineer and software developer working on the Openshift Container Platform and Kubernetes at Red Hat with focus on security and auth functionality. She is a full-stack software... Read More →
avatar for Ryan Bezdicek

Ryan Bezdicek

Software Engineer, Cray Inc.
Ryan Bezdicek is using Kubernetes to build the next generation of supercomputer at Cray Inc. He’s active in several Kubernetes working groups including multi-tenancy and conformance. A tester and DevOps consultant by background, Ryan has experienced first hand the benefits of adding... Read More →
avatar for Adrian Ludwin

Adrian Ludwin

Senior Software Engineer, Google
Adrian Ludwin is a software engineer on GKE working on multi-tenant and multi-cluster policies. In addition to Kubernetes, he's worked on distributed compilation with Bazel, as well as over a decade in the FPGA industry working on hierarchical and parallel design algorithms at Altera... Read More →
FG

Fei Guo

Senior Staff Engineer, Alibaba
Fei Guo is currently a senior staff engineer in Alibaba Container Platform Group. He has more than 10 years of experience in compute resource management and performance optimization for virtualized and containerized environments. His work focuses on providing workload automation and... Read More →


Tuesday November 19, 2019 4:25pm - 5:00pm
Room 29ABCD - San Diego Convention Center Upper Level

4:25pm

KubeFlow’s Serverless Component: 10x Faster, a 1/10 of the Effort - Orit Nissan-Messing, Iguazio
Serverless simplifies data science by automating the process of code to container and enables users to add instrumentation and auto-scaling with minimum overhead. However, serverless has many limitations involving performance, lack of concurrency, lack of GPU support, limited application patterns and limited debugging possibilities. Orit Nissan-Messing will introduce Nuclio, a KubeFlow open source component which is 10x faster when compared to alternatives at a 1/10 of the effort. She will explain how to use Nuclio to extend KubeFlow pipelines, accelerating and automating each step of the workflow. This includes parallel processing, automated code building/deployment, stream processing and artifact tracking. Orit will demonstrate how to achieve devops automation involving auto-scaling, automated logging and monitoring, security hardening, CI/CD and workload mobility.

Speakers
ON

Orit Nissan-Messing

Chief Architect, Iguazio
Orit Nissan-Messing has vast experience in cloud architectures, storage, AI and big data. Prior to Iguazio, Orit was Chief Architect at XIV (acquired by IBM) and held management roles in various companies from startups to corporations. Orit is a CNCF contributor and a member of the... Read More →



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 6F - San Diego Convention Center Upper Level

4:25pm

Panel: Is Service Mesh Ready for Edge-Native Applications? - Wendy Cartee, Ramki Krishnan, VMware; Srini Addepalli, Intel; Parveen Patel, Google; & Ravi Chunduru, Verizon
Edge deployments, in contrast to large public clouds, pose interesting demands since they are physically insecure & capacity constrained. Also, Edge Computing Apps such as AR-VR, have low-latency characteristics with RTT typically few msec and pose further demands to edge deployments.

Edge Computing Apps like to use Service Meshes (SM) such as Istio/Envoy, Linkerd etc. to offload infrastructure related activities such as security.

In this panel, we first examine the unique challenges in using SM technologies for Edge Computing Apps - especially the additional latency and resource usage to due to Kernel Networking. Next, we will explore software techniques such as Kernel Bypass, QUIC as an alternative to TCP/IP etc. to alleviate the performance bottlenecks introduced by SM technologies including early results. Last, we will touch upon hardware acceleration techniques for the above.

Speakers
avatar for Ramki Krishnan

Ramki Krishnan

Lead Technologist, Open Source, VMware
Ramki, with 20+ years of industry experience, has a deep understanding of various technologies and strong business acumen to lead and transform innovation into customer-winning products. Currently, at VMware, he is responsible for Telco/Enterprise open source technology vision, strategy... Read More →
avatar for Wendy Cartee

Wendy Cartee

Senior Director of Marketing, VMware
Wendy Cartee is head of Cloud Native Advocacy at VMware where she works across engineering, field, partners, and customers to drive awareness and adoption of cloud native technologies. Wendy has been in open source for nearly a decade and helped form the Linux Foundation’s IO Visor... Read More →
SR

Srinivasa Rao Addepalli

Sr. Principal Engineer & Chief Architect, Intel
Srini Addepalli has over 22+ years of experience in networking, security, analytics and automation. He has been in Intel for last 3 years working as Sr. Principal Engineer & Chief Architect. In his current role, he technically leads the software engineering & architecture activities... Read More →
avatar for Ravi Chunduru

Ravi Chunduru

Distinguished Member of Technical Staff, Verizon
Ravi Chunduru is a Senior Architect at Network and Technology, Verizon responsible for design and implementation of OSS systems for Virtual Network Services. An Open source contributor to projects such as Openstack, OPNFV Promise. He joined Verizon from Clearpath Networks worked... Read More →
PK

Parveen K Patel

Director, Cloud Software Engineering, Google



Tuesday November 19, 2019 4:25pm - 5:00pm
Room 14AB - San Diego Convention Center Mezzanine Level

4:25pm

How to Backup and Restore Your Kubernetes Cluster - Annette Clewett & Dylan Murray, Red Hat
Operating Kubernetes clusters introduces many new practices, but does not change the need to be able to backup and recover your applications and data. Yet traditional methods of server backup work poorly with Kubernetes clusters. How can you make sure your cluster is protected? How can persistent data get saved in a manner so there is minimal or no corruption to the application if recovery is required?

In this session we will explore how to use open-source disaster recovery tools you can use today such as Velero and Restic. We’ll also discuss how to use the Noobaa S3 API to reliably save and store backups for all resources including snapshots housed in Rook-Ceph. To prove this is not just smoke and mirrors, we will demonstrate in a live Kubernetes cluster deleting everything in a namespace and then continue on to show complete recovery of all resources and data.

Speakers
avatar for Annette Clewett

Annette Clewett

Principal Architect, Red Hat
Red Hat Storage Architect with broad knowledge across a spectrum of technologies – network, storage, virtual, and platform. Have successfully delivered countless studies that improved end-user experience and created a more efficient and available infrastructure. Current projects... Read More →
avatar for Dylan Murray

Dylan Murray

Senior Software Engineer, Red Hat
Red Hat Senior Software Engineer specializing in OpenShift Container Platform. Previously worked on deploying containerized applications to Kubernetes as well as contributing to the Operator SDK project developing Ansible-based CoreOS Operators. Current projects include developing... Read More →



Tuesday November 19, 2019 4:25pm - 5:00pm
Ballroom Sec 20AB - San Diego Convention Center Upper Level

5:20pm

5:20pm

5:20pm

5:20pm

5:20pm

5:20pm

5:21pm

Keynote: Kubernetes Project Update - Vicki Cheung, KubeCon + CloudNativeCon North America 2019 Co-Chair & Engineering Manager, Lyft
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.


Tuesday November 19, 2019 5:21pm - 5:41pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:41pm

Sponsored Keynote: Modernizing Virtualization Technology for Cloud Native Computing - Arjan van de Ven, Intel Fellow, Intel
Fifteen years of virtualized system software has led increasingly powerful capabilities, from containers to FaaS stacks, offering increasing levels of density and agility to application developers. These modern solutions, however, build on top of legacy layers that predate cloud computing as we now know it. Rethinking and reinventing these lower layers of the system stack can offer even greater improvements in density, performance, and security.

One such example is at the VMM layer, which commonly depends on software that includes emulation and other unnecessary features. The rust-vmm project provides an alternative approach: a toolkit to build workload-specific virtual machine monitors. This keynote will discuss new developments in that project, from support of lightweight virtual machines to FaaS, and why you’d want to use different VMMs for these different delivery models.

Speakers
avatar for Arjan van de Ven

Arjan van de Ven

Intel Fellow, Intell
Arjan van de Ven is an Intel Fellow as well as Linux and data-centric software architect in SystemSoftware Products at Intel Corp. He drives pathfinding and advanced engineering includingperformance, security, and secure containers. Van de Ven’s passion is addressing the seeminglyimpossible... Read More →


Tuesday November 19, 2019 5:41pm - 5:46pm
Exhibit Hall AB - San Diego Convention Center Ground Level

5:46pm

Keynote: (Open)Telemetry Makes Observability Simple - Sarah Novotny, Open Source Wonk, Azure OCTO, Microsoft & Liz Fong-Jones, Principal Developer Advocate, Honeycomb.io
Observability is a fundamental requirement for sustainably developing and operating cloud native applications. It must be accessible to a diversity of users and support a robust ecosystem of tooling around these common needs.

Liz and Sarah explain how OpenTracing and OpenCensus merging benefits the entire cloud native ecosystem. With OpenTelemetry, users and vendors alike can focus on distilling insights out of their data rather than duplicating instrumentation work. Sarah and Liz will show the progress so far, integrations with peer CNCF projects, and how you can participate!

Speakers
avatar for Liz Fong-Jones

Liz Fong-Jones

Principal Developer Advocate, Honeycomb.io
Liz is a developer advocate, labor and ethics organizer, and Site Reliability Engineer (SRE) with 15+ years of experience. She is an advocate at Honeycomb.io for the SRE and Observability communities, and previously was an SRE working on products ranging from the Google Cloud Loa... Read More →
avatar for Sarah Novotny

Sarah Novotny

Open Source Wonk, Azure OCTO, Microsoft
Sarah Novotny has long been an Open Source champion in communities such as Kubernetes, NGINX and MySQL.  She is now part of the Microsoft Azure Office of the CTO.  Novotny sits on the  Linux Foundation  Board of Directors, has previously led an Open Source Strategy group at Google... Read More →


Tuesday November 19, 2019 5:46pm - 6:06pm
Exhibit Hall AB - San Diego Convention Center Ground Level

6:06pm

Sponsored Keynote: Beyond Badges—How Inclusive Communities Accelerate Innovation - Kostadis Roussos, Principal Engineer, VMware
This talk is an expression of gratitude. The energy and innovation of this community is transforming our company. Our first forays into the world of containers were inward-looking and produced some false starts. As we have engaged more with the community around Kubernetes, you have flipped our perspective from infrastructure up to developer down.

Now we’re moving with the ecosystem and making our biggest technology bet in a decade—embedding Kubernetes in our flagship product, vSphere. Kubernetes has the power to be a uniting force for IT operators and developers, and this community is the catalyst.

Speakers
avatar for Kostadis Roussos

Kostadis Roussos

Principal Engineer, VMware
Kostadis Roussos (he/him) is a Principal Engineer at VMware, working on vCenter since 2015. His current major effort is the integration of K8s into vSphere, recently announced as Project Pacific.  Before VMware, Roussos was Chief Engineer at Zynga where he led the AppOps/DevOps... Read More →


Tuesday November 19, 2019 6:06pm - 6:11pm
Exhibit Hall AB - San Diego Convention Center Ground Level

6:11pm

Keynote: Reflections - Kelsey Hightower, Staff Developer Advocate, Google
Reflecting on KubeCon + CloudNativeCon from the beginning to where we are now.

Speakers
avatar for Kelsey Hightower

Kelsey Hightower

Staff Developer Advocate, Google
Kelsey Hightower has worn every hat possible throughout his career in tech, and enjoys leadership roles focused on making things happen and shipping software. Kelsey is a strong open source advocate focused on building simple tools that make people smile. When he is not slinging Go... Read More →


Tuesday November 19, 2019 6:11pm - 6:23pm
Exhibit Hall AB - San Diego Convention Center Ground Level

6:20pm

6:20pm

6:20pm

6:20pm

6:20pm

6:20pm

6:25pm

6:35pm

6:40pm

Taco Tuesday Welcome Reception + Sponsor Booth Crawl, sponsored by SAIC
Holy guacamole - this may turn out to be the most specTACOlar booth crawl yet! Don’t miss a night of fun and games with new and old friends, sponsor conversations, and entertainment all while enjoying fantasTACO south of the border favorites.

Tuesday November 19, 2019 6:40pm - 8:40pm
Sails Pavilion + Ballroom 6AB - San Diego Convention Center Upper Level

6:45pm

Puppy Pawlooza / Paw Therapy
We are excited to bring Puppy Pawlooza / Paw Therapy to KubeCon+CloudNativeCon North America 2019 and have partnered with the San Diego Humane Society & Love on a Leash to bring some of these amazing therapy dogs to interact with attendees throughout.

The San Diego Humane Society offers a wide range of programs and services that strengthen the human-animal bond, prevent cruelty/neglect, provide medical care, educate the community on the humane treatment of animals, and provide services for families needing assistance keeping their pets.

Tuesday November 19, 2019 6:45pm - 8:45pm
Sponsor Showcase, Sails Pavillion - San Diego Convention Center Upper Level
  • Experience Level Any

7:20pm

7:20pm

7:20pm

7:20pm

7:20pm

7:20pm

 
Wednesday, November 20
 

6:15am

Group Fun Run
Group Fun Run will meet at 6:15 am near the Grand Staircase outside Hall D of the San Diego Convention Center.

Join other runners each morning and see some local San Diego sights like the Gaslamp Quarter, the Embarcadero, Petco Park, and more! Please meet at the San Diego Convention Center Grand Staircase (outside hall D) at 6:15 am. Participants will be required to provide their own running attire and water.

Please sign up using the Google Form for updates.

Meet Time: 6:15 AM
Start Time:  6:30 AM

Wednesday November 20, 2019 6:15am - 6:30am
Grand Staircase, Outside Hall D - San Diego Convention Center
  • Experience Level Any

7:30am

The New Stack Pancake Breakfast: Microservices Security with Service Mesh - sponsored by VMware
Seating availability limited and on a first-come-first-serve basis. This event tends to fill up fast, so get in line early to secure your spot.

It’s time for pancakes in San Diego! Come have a short stack with The New Stack for a Q&A with our expert panelists about the issues and options for managing identity in service mesh environments. Cloud native security and how it affects the pace of enterprise adoption will be the mainstay of our conversation for this latest stop on the pancake breakfast circuit.

Moderators
avatar for Joab Jackson

Joab Jackson

Reporter, The New Stack
avatar for Alex Williams

Alex Williams

Founder & Editor-in-Chief, The New Stack

Speakers
avatar for Lita Cho

Lita Cho

Software Engineer, Lyft
Lita is a senior software engineer on the Networking team, building out the service mesh to handle both Kubernetes and legacy systems at Lyft. Before that, she worked on building out the API infrastructure using Protocol Buffers, creating systems that would generate code and bring... Read More →
avatar for Fuyuan Bie

Fuyuan Bie

Software Engineer, Pinterest
Fuyuan is a software engineer from Pinterest. He dedicates most of his time on modernizing Pinterest services infrastructures with service mesh.
avatar for Ines Envid

Ines Envid

Group Product Manager, Google
Ines is a Group Product Manager at Google and leads the product team for Google Cloud networking, including Virtual Private Cloud, network security, hybrid and Anthos networking. Ines has launched over the last 5 years at Google Cloud, multiple solutions for VPC, network security... Read More →
avatar for Wei Fu

Wei Fu

Engineering Manager, Uber
Wei Fu is an accomplished software engineer with over 10 years of comprehensive experience in software architecture, design, coding and testing. She has strong skills in large-scale distributed system, identity and security problem solving, and can deliver enterprise-grade software... Read More →
avatar for Pere Monclus

Pere Monclus

CTO Networking & Security Business, VMware
Pere Monclus is the CTO in the Networking and Security Business Unit at VMware. Pere is responsible for defining strategy and leading an innovation team driving the evolution of networking in the currentcloud native application and multi-cloud world. Before that, he was the CTO and... Read More →


Wednesday November 20, 2019 7:30am - 8:45am
Room 2 - San Diego Convention Center Upper Level
  • Experience Level Any

7:30am

7:30am

8:00am

Quiet Room
All attendees may feel free to use the Quiet Room as needed. It is a physical space where conversation and interaction are not allowed, where attendees can go if for any reason they can’t interact with other attendees at that time.

Wednesday November 20, 2019 8:00am - 6:00pm
Room 13 - San Diego Convention Center Mezzanine Level

9:00am

9:05am

Keynote: Everything Worked Before Kubernetes - Vicki Cheung, KubeCon + CloudNativeCon North America 2019 Co-Chair & Engineering Manager, Lyft
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.


Wednesday November 20, 2019 9:05am - 9:25am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:27am

Sponsored Keynote: Network, Please Evolve – Chapter 2 - Vijoy Pandey, Vice President/CTO Cloud, Cisco
Connectivity, security, and observability are critical to developer productivity and application velocity. The Network Service Mesh (or NSM) Project attempts to simplify how multi-cluster networking is consumed in Kubernetes by extending the core concepts that are already familiar to the K8s community. This talk will demonstrate how easy it is becoming for developers to consume networking via NSM, when we change our 35-year old view of IP networking.

Speakers
avatar for Vijoy Pandey

Vijoy Pandey

Vice President/CTO Cloud, Cisco
Vijoy Pandey is Vice President and CTO of Cisco’s Cloud Platform and Solutions Group. He is responsible for driving Cisco's design and production of new cloud technologies and architectures, which enable customers to create, consume, and compete in a multicloud, automated world.  Vijoy... Read More →


Wednesday November 20, 2019 9:27am - 9:32am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:34am

Keynote: The Long Road to IPv4/IPv6 Dual-stack Kubernetes - Tim Hockin, Principal Software Engineer, Google & Khaled (Kal) Henidak, Principal Software Engineer, Microsoft Azure
Prepare yourself - IPv4/IPv6 dual-stack Kubernetes is almost here! In this session, we will share the journey of how this enhancement has progressed over the years and how the community has banded together to land such a massive change that touches almost every part of Kubernetes. We will also cover the new opportunities that dual-stack provides to the Kubernetes ecosystem including larger cluster size, IoT edge and even dual-stack enabled hosted environments.

Speakers
avatar for Tim Hockin

Tim Hockin

Software Engineer, Google
Tim is a Principal Software Engineer at Google, where he works on the Kubernetes and Google Container Engine (GKE). He is a co-founder of the project, and he is responsible for topics like networking, storage, node, federation, resource isolation, and cluster sharing. Before Kubernetes... Read More →
avatar for Khaled (Kal) Henidak

Khaled (Kal) Henidak

Principal Software Engineer, Microsoft Azure
Kal is a Software Engineer at Azure. Kal enjoys working on core compute and networking projects. He loves them almost as much as he does coffee.


Wednesday November 20, 2019 9:34am - 9:54am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:54am

Sponsored Keynote: Making the Impossible Possible with Kubernetes - Rae Wang, Group Product Manager, Google Cloud
At KubeCon + CloudNativeCon Europe in Barcelona earlier this year, we saw physicists from CERN recreate an incredible feat of engineering identifying the Higgs boson with Kubernetes. Around the world, every day, Kubernetes and open source tools built on top of it are transforming the impossible into the possible. In this presentation, we share some of those stories.

Speakers
avatar for Rae Wang

Rae Wang

Group Product Manager, Google Cloud
Rae is a Group Product Manager at Google and leads the product team for GCP Identity, Config and Policy Management. Passionate about helping enterprise customers adopt Cloud and OSS tools, Rae has launched products in security, CI/CD, cost management and config management. She has... Read More →


Wednesday November 20, 2019 9:54am - 9:59am
Exhibit Hall AB - San Diego Convention Center Ground Level

9:59am

Keynote: E2E 5G Cloud Native Network - Heather Kirksey, VP, Community and Ecosystem Development, Linux Foundation; Azhar Sayeed, Chief Architect, Red Hat; & Fu Qiao, Project Manager, China Mobile
It’s no secret that Kubernetes has gained significant traction in the cloud and enterprise software ecosystem, but less widely known is how this momentum is now moving into global telco networks as the next major area of adoption. Building on the momentum from a live keynote demo In Amsterdam last fall (See the demo here: https://www.youtube.com/watch?v=ClQ7nBKfL5I&t=385s), a team made up of volunteers from several project communities, companies, and network operators has taken a cloud native approach to developing an E2E 5G network demonstration built on open source infrastructure. The demo will use a live prototype running in labs around the world using k8s and other open source technologies to deliver a fully containerized 5G network on stage in San Diego. The demo will showcase both how the telecom industry is using cloud native software to build out their next gen networks, and also show solution providers what’s possible in this exciting new space.

Speakers
avatar for Heather Kirksey

Heather Kirksey

VP, Community and Ecosystem Development, Linux Foundation
Heather Kirksey works with the community to advance the adoption and implementation of open source NFV platforms.Before joining The Linux Foundation, she led strategic technology alliances for MongoDB. Earlier in her career she held various leadership positions in the telecom industry... Read More →
FQ

Fu Qiao

Project Manager, China Mobile
Qiao Fu is a project manager at China Mobile Research Institute, working on research of network technology. Qiao Fu is responsible for the China Mobile National Experiment Network of NFV, and is also engaged in technical research of edge cloud, hardware acceleration and NFV system... Read More →
avatar for Azhar Sayeed

Azhar Sayeed

Chief Architect, Red Hat
Azhar Sayeed is currently at Red Hat Inc., as a Chief Architect driving their Service Provider Architectures and solutions with Openstack, SDN, NFV and DC orchestration. Prior to Red Hat, Azhar is a 17 year veteran of Cisco Systems Inc. His last responsibility there was a Sr. Director... Read More →


Wednesday November 20, 2019 9:59am - 10:24am
Exhibit Hall AB - San Diego Convention Center Ground Level

10:00am

Chair Massage & Relaxation Stations
Relaxation stations will be located around the convention to offer attendees a short “time out”.  Each location will be stocked with games, treats and other miscellaneous items that are designed to allow attendees to clear their minds.  One activity that will be offered will be 5-minute chair massages with onsite sign-ups.

Wednesday November 20, 2019 10:00am - 2:00pm
San Diego Convention Center

10:20am

10:20am

10:20am

10:20am

10:20am

10:20am

10:20am

10:20am

10:24am

10:25am

10:25am

10:55am

Are You About to Break Prod? Acceptance Testing with Ephemeral Environments - Erin Krengel, Pulumi & Sean Holung, Nordstrom
How confident are you that the changes you’re about to make won’t break production? In a world of Continuous Delivery, we need to be prepared for the fact that our code is going to production. K8s makes it easy to quickly deploy applications, so building pipelines with robust quality gates is vital. There’s a lot of emphasis on this, yet how to create a solid deployment strategy isn’t clearcut.

Erin and Sean will demonstrate a pattern for acceptance testing complex architectures, which verifies a K8s app properly interacts with its infrastructure. Leveraging ephemeral environments, these tests will validate as well as document the app’s business and functional requirements.

Utilizing infrastructure as code and K8s Jobs, they will demo how to create a comprehensive acceptance test suite that allows you to continuously deploy to production.

Speakers
avatar for Erin Krengel

Erin Krengel

Software Engineer, Pulumi
Erin is a Software Engineer at Pulumi, where she works on their SaaS product. Previously she worked at Nordstrom on number of DevOps teams responsible for Go microservices, their infrastructure, CI/CD pipelines and production support. Most recently, she developed and architected key... Read More →
avatar for Sean Holung

Sean Holung

Software Engineer, Nordstrom
Sean is a Software Engineer at Nordstrom where he works on their event-driven Order Management System. Prior to Nordstrom, Sean worked as a Software Engineer at CenturyLink Cloud. There he worked on their internal monitoring product used to monitor infrastructure and applications... Read More →



Wednesday November 20, 2019 10:55am - 11:30am
Ballroom Sec 20CD - San Diego Convention Center Upper Level

10:55am

How Spotify Migrated Ingress HTTP Systems to Envoy - Erica Manno & Vladimir Shakhov, Spotify
Erica and Vladimir are on the team responsible for perimeter systems that sit between Spotify’s clients and its backend services. They started unifying those systems from a range of different technologies and protocols to a solution based on Envoy proxies and a unified control plane.

This talk introduces Spotify’s vision for the next-gen perimeter. However, it will mainly focus on the migration of all HTTP ingress traffic, handled by a brittle, custom Nginx/HAProxy setup to an Envoy-based solution.

The speakers will discuss how they’re migrating multiple high volume web services, serving millions of requests/sec, with minimum disruptions and zero-downtime for the feature teams that maintain Spotify’s backend services.

This talk will also illustrate how Spotify’s engineering culture of loosely coupled but highly aligned teams has informed the decisions taken during the migration.

Speakers
EM

Erica Manno

Software Engineer, Spotify
Erica is a Software Engineer on Spotify's Infrastructure and Operations department in Stockholm, Sweden. Her team maintains and operates critical infrastructure that handles all ingress and egress traffic at the edge of Spotify's network. Before joining Spotify, Erica worked as a... Read More →
avatar for Vladimir Shakhov

Vladimir Shakhov

Software engineer, Spotify
Vladimir is a software engineer. He works on Spotify's Infrastructure and Operations team in Stockholm, mainly focused on clients to backend messaging. Vladimir previously worked at Yandex, where he helped develop task tracking product offering. He is a geek and has a dog.



Wednesday November 20, 2019 10:55am - 11:30am
Room 30ABCDE - San Diego Convention Center Upper Level

10:55am

A Series of Fortunate CloudEvents - Ian Coffey, Salesforce
Serverless and Eventing are two ultra-popular areas of tech right now, describing a broad set of ideas and capabilities that can service a range of possible systems. We are told that these concepts will expand and help define the next generation of web services.

That’s all well and good, but what is really going on inside these systems? What technology do those terms rely on and what does an Eventing workflow look like under the hood? Given the complexity and size of these projects’ codebases, it can be difficult to drill down and see what’s happening on a micro scale.

Together, we will discuss, operate and modify a running distributed system built with CloudEvents and Knative Eventing. The system will be based around the concept of an automated conversation between kubernetes services.

Speakers
IC

Ian Coffey

LMTS, Salesforce
Ian Coffey has been in the platform and infrastructure business for 15 years and currently writes code for Heroku at Salesforce. Away from work, Ian’s free time is usually spent adventuring with his wife and two little girls. He has an affinity for small VW/Audis, vintage Ampeg... Read More →


Wednesday November 20, 2019 10:55am - 11:30am
Room 5AB - San Diego Convention Center Upper Level

10:55am

A Week in the Life of the Kubernetes Community - Dawn Foster, Pivotal & Jorge Castro, VMware
You’re new to Kubernetes and interested in contributing, but when you start poking through the community pages, you find a bunch of SIGs and so many meetings. What’s a SIG? Where should you start? Which meetings should you attend? How can you participate?

In this talk, Jorge and Dawn from SIG Contributor Experience will live out a week within the Kubernetes community by walking the audience through what happens in this busy community. As part of the day by day tour of the community, we will cover:
* Getting started and locating meeting calendars
* Finding and participating in SIGs
* Attending meetings and what to expect
* How to get involved
* Where to get help

New contributors, users interested in contributing, engineering managers whose teams are contributing, and anyone interested in learning about new ways to get involved in the Kubernetes community will benefit from attending.

Speakers
avatar for Dawn M. Foster

Dawn M. Foster

OSS K8s Contributor Lead, Pivotal
Dawn leads the OSS Kubernetes Contribution program at Pivotal in London. She has more than 20 years of experience at companies like Puppet Labs, Intel, Jive Software, and others. She has expertise in community building, open source software, metrics, and more. Dawn is on the Governing... Read More →
avatar for Jorge Castro

Jorge Castro

Community Manager, VMware
Jorge is a Community Manager at VMware where he helps to support and advance the open Kubernetes ecosystem. He works in SIG Contributor Experience on the Kubernetes Office Hours, running the YouTube channel, forums admin, and a bunch of miscellaneous programs. He resides in Ann Arbor... Read More →



Wednesday November 20, 2019 10:55am - 11:30am
Room 15AB - San Diego Convention Center Mezzanine Level

10:55am

Practical Way to Build Kubernetes Native Java Controller - Zibo He & Min Jin, Ant Financial
The controller pattern has been proven as an effective way for managing Kubernetes workloads. However, for other languages, there are still many challenges remained in developing third-party controllers for Kubernetes. In this talk, we will discuss how to implement reflector, internal store, working queue and leader election in native Java style, and demonstrate controller runtime that makes it easier to develop Java controllers from scratch. We will also discuss different operators that we build to integrate with micro-service framework for cloud native application development.

Speakers
avatar for Tony He

Tony He

Senior SW Engineer, Ant Financial
Zibo(Tony) He, Senior Engineer of Ant Financial. Tony is a co-maintainer of Kubernetes community, mainly focus on CLI, controller runtime, multi-tenancy and secure container runtime. Tony is now co-leading engineering effort on Ant Financial's Cafe Standard Product(the cloud native... Read More →
avatar for Min Jin

Min Jin

Software Engineer, Ant Financial
Min Jin/Kim, yue9944882, Kubernetes maintainer, subproject-owner. Actively contributing (mostly SIG API-Machinery) in the Kubernetes community for about 2 years. He is not real orange cat.


Wednesday November 20, 2019 10:55am - 11:30am
Room 31ABC - San Diego Convention Center Upper Level

10:55am

Advanced Model Inferencing Leveraging KNative, Istio and Kubeflow Serving - Animesh Singh, IBM & Clive Cox, Seldon
Model Inferencing use cases are becoming a requirement for models moving into the next phase of production deployments. More and more users are now encountering use cases around canary deployments, scale-to-zero or serverless characteristics. And then there are also advanced use cases coming around model explainability, including A/B tests, ensemble models, multi-armed bandits, etc.

In this talk, the speakers are going to detail how to handle these use cases using Kubeflow Serving and the native Kubernetes stack which is Istio and Knative. Knative and Istio help with autoscaling, scale-to-zero, canary deployments to be implemented, and scenarios where traffic is optimized to the best performing models. This can be combined with KNative eventing, Istio observability stack, KFServing Transformer to handle pre/post-processing and payload logging which consequentially can enable drift and outlier detection to be deployed. We will demonstrate where currently KFServing is, and where it's heading towards.

Speakers
avatar for Animesh Singh

Animesh Singh

STSM and Program Director, IBM
Animesh Singh is a senior technical staff member (STSM) and program director for IBM Watson and Cloud Platform, where he leads machine learning and deep learning initiatives on IBM Cloud and works with communities and customers to design and implement deep learning, machine learning... Read More →
avatar for Clive Cox

Clive Cox

CTO, Seldon
Clive is CTO of Seldon. Seldon helps enterprises put machine learning into production. Clive developed Seldon's open source Kubernetes based machine learning deployment platform Seldon Core. He is also a core contributor to the Kubeflow and KFServing projects.


Wednesday November 20, 2019 10:55am - 11:30am
Room 17AB - San Diego Convention Center Mezzanine Level

10:55am

Cloud Provider OpenStack Community Session - Kendall Nelson, OpenStack Foundation & Aditi Sharma, NEC
In this session, the Cloud Provider OpenStack team will give a brief overview of OpenStack cloud integration projects, including the: * OpenStack cloud controller manager. * Cinder and Manilla storage providers. * Cluster API provider. * Keystone identity integrations. * Other provider interfaces. In addition to this overview, they will also engage the community to plan future development efforts and priorities. Both OpenStack beginners and experts are encouraged to join the session, and the community content will be tailored to fit audience interests.

Speakers
avatar for Kendall Nelson

Kendall Nelson

Upstream Developer Advocate, OpenStack Foundation
Kendall is an Upstream Developer Advocate at the OpenStack Foundation based in Seattle, WA. She started working on OpenStack during the Liberty release and has been involved in several of the subprojects and held a variety of positions. She's been involved in the release team, helped... Read More →
AS

aditi sharma

Software Engineer, NEC
Aditi works as a Software Enginner at NEC, She primarily works on cloud native technologies, she contributes to opensource projects like Kubernetes, OpenStack. She is also approver/reviewer for provider-openstack subproject under SIG-Cloud-Provider.


Wednesday November 20, 2019 10:55am - 11:30am
Room 6E - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

Day 2 Operations with Windows Containers - Michael Michael, VMware & Patrick Lang, Microsoft
The chairs for SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This session will concentrate on presenting new features and capabilities as well as focus on day 2 operations and troubleshooting. We will also have a detailed discussion on our future roadmap, key functionality that we want to enable, and open the floor for Q&A with customers and members of the SIG-Windows community. Some familiarity with Windows on Kubernetes is required for the deep dive part since we will have an in-depth discussion on key features that are in the pipeline for Windows, explain their implementation and have a discussion on trade-offs with the community.

Speakers
avatar for Patrick Lang

Patrick Lang

Software Engineer, Microsoft
Patrick Lang is a Software Engineer at Microsoft building and teaching how to use Kubernetes and Windows container technologies. He is a regular speaker on Windows Server Container development and management that helped launch the tech at MS Ignite and Build conferences along with... Read More →
avatar for Michael Michael

Michael Michael

Director of Product Management, VMware
Michael Michael (or M2 as he's known) is VMware's Director of Product Management. He is currently working on cloud native technologies, delivering agility and simplicity to developers and accelerating the modernization of enterprise applications. Michael co-chairs SIG-Windows, one... Read More →


Wednesday November 20, 2019 10:55am - 11:30am
Room 14AB - San Diego Convention Center Mezzanine Level

10:55am

Deep Dive: CNCF CI - W. Watson, Vulk Coop & Denver Williams, Vulk Coop
The CNCF CI status dashboard -- cncf.ci -- provides a third party validation of builds, deployments and end-to-end testing for CNCF’s Graduated and Incubating projects. The newest iteration of the cncf.ci status dashboard focuses on supporting a sustainable and scalable project ecosystem. To accelerate adding & maintaining projects on cncf.ci, the status dashboard can integrate with a project’s existing CI System and accept contributions from CNCF project maintainers. This Deep Dive session will include a walk-through of integrating a CNCF project with Travis CI to utilize the Travis CI build status and artifacts in the cncf.ci dashboard and allow time for Q&A.

Speakers
DW

Denver Williams

Project Co-Lead, cncf.ci, Vulk Coop
avatar for W. Watson

W. Watson

Principal, Vulk Coop
W. Watson has been professionally developing software for 23 years and is an advocate of open source governance models. He has spent the last couple of years developing complementary cloud native systems such as the cncf.ci dashboard. He current works on the Layer 2 integration to... Read More →



Wednesday November 20, 2019 10:55am - 11:30am
Room 6D - San Diego Convention Center Upper Level

10:55am

KubeEdge Deep Dive - Sean Wang, FutureWei
KubeEdge is an open source project extending native containerized application orchestration and device management to from central cloud to Edge. It is built upon Kubernetes and provides core infrastructure support for networking, application deployment and metadata synchronization across cloud and edge. In this session, Kevin will deep dive details of KubeEdge architecture and some advanced features. The future roadmap and current pain points will also be discussed.

Speakers
avatar for Sean Wang

Sean Wang

Senior Director, FutureWei
Sean Wang is a senior director at FutureWei Inc in Seattle. He is the founder of edge computing platform at FutureWei, and product owner of the commercial edge service which later on contributed to CNCF as KubeEdge.Sean has deep interest in large scale distributed systems, built... Read More →


Wednesday November 20, 2019 10:55am - 11:30am
Room 33ABC - San Diego Convention Center Upper Level

10:55am

KubeVirt Deep Dive: Virtualized GPU Workloads on KubeVirt - David Vossel, Red Hat & Vishesh Tanksale, NVIDIA
KubeVirt is a Kubernetes extension that supports running traditional Virtual Machine workloads side by side with containers.

In this session we will explore the architecture behind KubeVirt and how NVIDIA is leveraging that architecture to power GPU workloads on Kubernetes. Using NVIDIA’s GPU workloads as a case study, we’ll provide a focused view on how host device passthrough is accomplished with KubeVirt as well as providing some performance metrics comparing KubeVirt to standalone KVM. You’ll come away with a high level understanding of what KubeVirt is capable of and the general design principles that drive the project.

Speakers
avatar for David Vossel

David Vossel

Principal Software Engineer, Red Hat
VT

Vishesh Tanksale

Sr. Software Engineer, NVIDIA



Wednesday November 20, 2019 10:55am - 11:30am
Room 1AB - San Diego Convention Center Upper Level

10:55am

Performance Tuning and Day 2 operations - Goutham Veeramachaneni, Grafana Labs
Cortex is a distributed version of Prometheus with a lot of moving parts. We have a pretty good getting started guide with enough information to get a working cortex cluster that can ingest data and answer queries. But there is limited material on the day 2 operations: Capacity planning, query performance debugging, and general health monitoring. In this talk, we will take you through the debugging workflow, the typical knobs that should be tweaked for optimal performance, the mixin for cortex that covers the dashboards and alerts, and in general how to approach debugging and maintaining an existing cortex cluster.

Speakers
avatar for Goutham Veeramachaneni

Goutham Veeramachaneni

Software Engineer, Grafana Labs
Goutham Veeramachaneni is a developer from India who started his journey as an infra intern at a large company where he worked on deploying Prometheus. After the initial encounter, he started contributing to Prometheus and interned with CoreOS, working on Prometheus’ new storage... Read More →


Wednesday November 20, 2019 10:55am - 11:30am
Room 6C - San Diego Convention Center Upper Level

10:55am

SIG Testing Intro - Sean Chase & Erick Fejta, Google
This session will provide an overview of the testing infrastructure and automation used by the kubernetes project. We manage over 180 GitHub repos, generate test results from over 10,000 jobs per day. We'll walk through some of the improvements we've made to enable contributor self-service since last KubeCon.

Speakers
EF

Erick Fejta

Staff Software Engineer, Google
Erick works at Google. He writes tooling for the kubernetes community and helps chair sig-testing. He helps create and maintain a lot of community infrastructure such as peribolos, prow, testgrid, kubetest and gubernator. He is also the lesser-known human face behind fejta-bot, which... Read More →
SC

Sean Chase

Software Engineer, Google
Sean is an Integration Engineer, recently refurbished into a Productivity Engineer in early 2019. He has been working with k8s sig-testing group for six months (primarily on TestGrid) trying to make all the pieces fit together.


Wednesday November 20, 2019 10:55am - 11:30am
Room 32AB - San Diego Convention Center Upper Level
  • Experience Level Any

10:55am

Using TUF and in-toto to Tighten the Release Process. - Santiago Torres-Arias, NYU & Justin Cappos, NYU
As enterprise companies move to Cloud Native, the supply chain has become a very attractive target for attacks. An attacker who compromises a project's supply chain can greatly increase the blast radius of their attack to all users of the system. In some cases the exploit is an unintended bug (e.g. Equifax); in others, it is more insidious. In this talk, Santiago and Justin will show you how you can use TUF and in-toto to create a tightly-secured software supply chain. Starting from secure container delivery using TUF, and moving towards the left to tools like build farms, vulnerability scanners, and version control systems. The talk will be grounded in real business delivery values by pointing out common software supply chain misconfiguration pitfalls and through an integration example on one of the largest open source operating systems.

Speakers
avatar for Santiago Torres Arias

Santiago Torres Arias

PhD student, New York University
Open source developer, arch linux packager and security team, member of the reproducible builds project. I do research on securing the devops pipeline and the software supply chain.I'm interested in helping you secure your software supply chain using in-toto.
avatar for Justin Cappos

Justin Cappos

Professor, NYU
Justin Cappos is a professor in the Computer Science and Engineering department at New York University, who strives to provide service to society through technology. Justin's research philosophy focuses on solving real world security problems in practice. He and his students often... Read More →


Wednesday November 20, 2019 10:55am - 11:30am
Room 23BC - San Diego Convention Center Upper Level

10:55am

Multiple Networks for Kubernetes Workloads - Piotr Skamruk, CodiLime & Doug Smith, Red Hat
Embark on a tour of CNI multiplexers -- an adventure in attaching multiple network interfaces to pods. We'll show the advantages of each and provide examples to get you started using them. We'll also talk about the history and future of multiple network attachments in Kubernetes.
Kubernetes is based on simplicity, and Kubernetes networking is no different-- simplicity is king. Each pod is given a single IP address, and a single network in which “everything sees everything”.
This model is not always what consumers expect, especially for high performance networking. In this world we need to have network isolation (to isolate traffic between control & data planes) or to have multiple interfaces in pods. This provides operators better control over functionality, latency and throughput.
We'll make sure you're geared up for the adventure with CNI multiplexers and multiple network attachments!

Speakers
avatar for Doug Smith

Doug Smith

Principal Software Engineer, Red Hat, Inc.
Doug Smith is a Principal Software Engineer with Red Hat's Office of the CTO. Focusing on Network Function Virtualization and container technologies, Doug integrates new networking technologies with container systems like Kubernetes and OpenShift. He is a member of the Network Plumbing... Read More →
avatar for Piotr Skamruk

Piotr Skamruk

Senior Software Engineer, CodiLime
Piotr is a long-time GNU/Linux and Forth language enthusiast, sys administrator and sys developer. He has worked on kernel sources, backend apps and even on frontends in a wide variety of languages. At Intel he did the kvm flavor for CoreOS RKT, enabling it to run containers on VMs... Read More →



Wednesday November 20, 2019 10:55am - 11:30am
Room 29ABCD - San Diego Convention Center Upper Level

10:55am

Doing Things Prometheus Can’t Do with Prometheus - Tim Simmons, DigitalOcean
The current Cloud Native Observability dogma is that metrics (and logs and traces) are “not good enough” and that this brave new world needs brave new Observability tools. This is false.

This session will focus on how to utilize Prometheus and friends to solve problems that are typically cited as limitations. This talk is for anyone interested in learning how Prometheus can solve the majority of your Observability problems, no vendor required.

An outline of this talk is:
- How to thoughtfully utilize existing Observability tools
- Deploying High Availability Prometheus
- Effectively interacting with high-cardinality data
- Long-term metrics storage
- Doing “machine learning” on metrics
- Handling thousands of alerts in a sane way (https://twitter.com/timsimlol/status/1145790451129167872)
- How to measure *everything* with Prometheus
- Fostering a healthy Observability culture with SLOs

Speakers
avatar for Tim Simmons

Tim Simmons

Senior Engineer, DigitalOcean
Tim Simmons is a Senior Engineer on the Observability Platforms team at DigitalOcean. He primarily cares for DigitalOcean's internal Prometheus infrastructure. On a normal day, he helps his colleagues with PromQL queries, writes custom Prometheus exporters, and builds tools around... Read More →



Wednesday November 20, 2019 10:55am - 11:30am
Room 28ABCDE - San Diego Convention Center Upper Level

10:55am

Running Large-Scale Stateful Workloads On Kubernetes at Lyft - Surinder Singh & Anmol Khurana, Lyft
Along with core services, K8s at Lyft also forms the base to run a large variety of data processing stateful data processing jobs which includes Spark, Flink and other jobs via various ML and Data processing pipelines.

At Lyft, K8s has become the driver for the majority of our data processing needs running 10s of thousands of concurrent jobs. Operating the platform at this scale presents an unique set of challenges which get more complex with highly variable load pattern.

In this talk, the speakers will share their journey through some of these challenges and learnings.
- Potential pitfalls of running stateful jobs on K8s.
- Knobs/tweaks to optimize K8s for stateful jobs.
- Running k8s in a cloud environment.
- Building a fault-tolerant self-healing system with multiple K8s clusters underneath.

Talk will also focus on optimizations done to support the widely used workloads at Lyft.

Speakers
SS

Surinder Singh

Software Engineer, Lyft
Surinder Singh is a software engineer at Lyft in Seattle. He led execution plane for Flyte, Lyft’s open-source Machine learning and Data processing pipelines platform. Before Lyft, Surinder was at Microsoft where he worked on Azure Storage and SQL Server Query Optimizer.
AK

Anmol Khurana

Software Engineer, Lyft
Anmol Khurana is a software engineer at Lyft. He is part of Data Platform team responsible for leading effort on Containerized Spark on K8s. Before Lyft, Anmol was at Amazon for 5+ years mostly with AWS Elastic Block Store team.



Wednesday November 20, 2019 10:55am - 11:30am
Ballroom Sec 20AB - San Diego Convention Center Upper Level

10:55am

Implementing a Consumer Focused SLA for a Kubernetes Based PaaS - Shrenik Dedhia, Box
Box's (internal) Platform as a Service empowers other Box teams to deliver 100's of micro services, on 1000's of hosts, across 10,000's of pods. As they scaled to support a large number of micro services and clusters, they ran into several scaling challenges around both the control and data planes. In order to deliver a production-grade platform, they realized the need for a Service Level Agreement (SLA) for their platform to not only demonstrate availability for infrastructure, but also "value" for a consumer, and serve as a benchmark to prioritize those challenges.


In this talk, Shrenik Dedhia will present how their team approached the problem of defining a SLA, principles used, options explored, path chosen, and future work to improve the platform's availability from ~99.4% to ~99.99%, thereby improving the overall availability of micro services that power Box.com.

Speakers
avatar for Shrenik Dedhia

Shrenik Dedhia

Sr. Staff Engineer / TLM, Box
Shrenik has been at Box for about 2yrs as a Sr. Staff Engineer, with total 10+ years of experience in designing and implementing secure and scalable platforms. Shrenik is currently leading the Platform As A Service team at Box.



Wednesday November 20, 2019 10:55am - 11:30am
Room 11AB - San Diego Convention Center Upper Level

10:55am

Binary Authorization in Kubernetes - Aysylu Greenberg, Google & Liron Levin, Palo Alto Networks
Kritis is an open-source solution for securing your software supply chain for Kubernetes applications. Kritis enforces deploy-time security policies that ensures only trusted container images are deployed on kubernetes to your cluster. With Kritis, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying. Kritis enables tighter control over your container environment by ensuring only verified images are integrated into production.
Talk outline:
- Introduction to the concept of binary authorization
- Live demo of using Kritis and Grafeas for deploying images with confidence in Kubernetes
- Grafeas and Kritis roadmap
At the end, attendees will gain solid understanding on the process of binary authorization and how to incorporate it in their build and deployment pipelines

Speakers
avatar for Liron Levin

Liron Levin

Chief software architect, Palo alto networks
Liron is the Chief Software Architect at Twistlock, where he focus on scaling, engineering methodologies and security . Before that, he worked as a tech lead at Microsoft on cloud computing and machine learning projects. He is an active contributor to popular open source go projects... Read More →
avatar for Aysylu Greenberg

Aysylu Greenberg

Senior Software Engineer, Google
Aysylu Greenberg is a Senior Software Engineer at Google working on infrastructure and the Engineering Lead of the Grafeas and Kritis open source projects. In her spare time, she ponders the design of systems that deal with inaccuracies, enthusiastically reads CS research papers... Read More →


Wednesday November 20, 2019 10:55am - 11:30am
Room 16AB - San Diego Convention Center Mezzanine Level

10:55am

Stitching a Service Mesh Across Hundreds of Discrete Networks - Jason Webb & Anil Attuluri, Intuit
Intuit has experienced large growth in its microservices ecosystem over the last few years, which was primarily using a hub and spoke API Gateway for service communication. As the ecosystem expanded, the increased latency and data transfer costs became significant. To facilitate future growth efficiently, Intuit needed a better model. Moving to a distributed Service Mesh running on k8s to enable secure service-to-service communication was the solution. As Intuit was building a migration path for hundreds of services communicating across discrete networks, they faced a host of challenges. While developing a platform to provide end-to-end encryption, they defined a pattern for federated workload identities and learned to manage a federated set of mesh control planes. Jason and Anil will share these learnings and Admiral, a project they are open-sourcing that enabled the migration path.

Speakers
AA

AnilKumar Attuluri

Software Engineer, Intuit, Inc.
Anil is a Software Engineer at Intuit working on some of the key challenges to move Intuit's microservices onto Service Mesh. His other areas of work at Intuit include distributed and scalable rate limiting algorithm, orchestration layer in API Gateway for Graphql and designing OSGi... Read More →
avatar for Jason Webb

Jason Webb

Principle Engineer, Intuit
Jason is the Services Fabric Chief Architect at Intuit. Where he works on building tools and platforms to enable Intuit’s microservices ecosystem. Jason is passionate about cloud-native infrastructure, developer tools & experience, and open source. Prior to Intuit, Jason worked... Read More →



Wednesday November 20, 2019 10:55am - 11:30am
Room 6F - San Diego Convention Center Upper Level

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:20am

11:50am

K9P: Kubernetes as 9P Files - Terin Stock, Cloudflare
K9P, a virtual file system, exposes the state of a Kubernetes cluster as files. Our terminals have been optimized over the last 40 years towards working with files, kubectl not so much. K9P allows us to carry the mantra of "everything is a file" to the distributed computing extreme.

K9P allows you to integrate Kubernetes resources into an existing workflow, or create new ones. Scale a Deployment by writing to a file. Locate failing Pods with grep. Update configuration in ConfigMaps with sed.

Speakers
avatar for Terin Stock

Terin Stock

Software Engineer, Cloudflare
Software engineer working on scaling bare-metal Kuberentes clusters by day. Builds experiments with esoteric 90s technology by night. Previous talks include an introduction to Kubernetes controllers at KubeCon EU 2018 and Building a Go-based MIDI Player at FOSDEM 2019.



Wednesday November 20, 2019 11:50am - 12:25pm
Room 1AB - San Diego Convention Center Upper Level

11:50am

Case Study: AI-as-a-Service on Kubernetes at Scale and In Production - Itay Gabbay, Israel Ministry of Defense (MOD) & Tushar Katarki, Red Hat
AI is popular and yet faces two big challenges in the industry: 1) self-service and automation 2) Use in real production.

At the Israel Ministry of Defense we are taking on the challenges with containers and Kubernetes. We have built AI-as-a-service with open source tools and Kuberentes. Our Data Scientists use the service for data, experimentation and to deliver models into production iteratively with self-service and automation.

Using Kubernetes, we are able to run massive machine learning pipelines automatically, and improve our machine learning models. We implemented several principles of AutoML - a wide research area nowadays. Using AutoML & Kubernetes, we can further improve our machine learning models and pipelines - automatically.

Come find out how we built our AI service on Kubernetes, issues we ran into and best practices with a live demo and supporting slides.

Speakers
avatar for Tushar Katarki

Tushar Katarki

Product Manager, Red Hat
Tushar Katarki is a senior technology professional with experience in cloud architecture, product management and engineering. He is currently at Red Hat as a product manager for OpenShift with focus on AI/ML on OpenShift . Tushar is involved with several open source projects around... Read More →
IG

Itay Gabbay

Machine Learning Engineer, MOD Israel
Itay Gabbay is a software engineer specialized in machine learning and AutoML. He is currently at the Israeli ministry of defense, responsible for a machine learning platform he designed and implemented, based on OpenShift.


Wednesday November 20, 2019 11:50am - 12:25pm
Room 6C - San Diego Convention Center Upper Level

11:50am

Leveling Up Your CD: Unlocking Progressive Delivery on Kubernetes - Daniel Thomson & Jesse Suen, Intuit
Kubernetes Continuous Delivery methods have continued to evolve to more advanced strategies such as canary, A/B testing, and blue-green. Progressive delivery is the next step of CD, enabling service promotion for a subset of users in an automated fashion backed by metrics.

There’s no one-size-fits-all on what are the appropriate metrics to drive promotions. Often, the four golden signals (latency, traffic, errors, saturation) are used, but what if this isn’t enough? More sophisticated techniques might use algorithmic or even AI-driven analysis.
The Argo Experiment and Analysis CRDs provides simple constructs to drive automated promotion in an extensible fashion.

This session discusses how Intuit leverages experimentation and analysis, the challenges in providing an automatic but generic approach to analyzing experiments, and envisioning the future of declarative progressive delivery.

Speakers
avatar for Jesse Suen

Jesse Suen

Principal Engineer, Intuit
Jesse is a Principal Engineer at Intuit and a core contributor and technical lead of the open-source Argo suite of projects (Workflows, CD, Rollouts). He has spent the past three years developing microservices-based, distributed applications, and controllers for Kubernetes. He was... Read More →
avatar for Daniel Thomson

Daniel Thomson

Software Engineer, Intuit
Danny Thomson is a software engineer working on Intuit’s Modern Saas platform and contributing to their open source project: Argoproj. Before joining Intuit Danny did his undergrad from Stanford University while being a national level swimmer. He believes that developer services... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm
Ballroom Sec 20CD - San Diego Convention Center Upper Level

11:50am

Panel: Beyond Codes of Conduct: Igniting Diversity in Your Community - Jemma Bolland, The Scale Factory; Lara Owen, Github; Shanis Windland, VMware; & Kevin Stewart, Independent
There’s diversity – and then there’s inclusion. The difference between being invited and being a valued participant is vast. The Kubernetes and KubeCon community have made significant strides on both the diversity and inclusion front – but should not be satisfied with progress to date. Join this panel of thought leaders to learn how to turn a diverse community into an inclusive one, hear the challenges of building versus changing a culture, and how to ignite the power of diversity where you contribute.
How does the KubeCon/K8s community continue to lead the way in both diversity AND inclusion? Time to fill the dance floor. It's still too empty.

Speakers
avatar for Shanis Windland

Shanis Windland

VP, Diversity & Inclusion, VMware
Shanis Windland is the new VP of Diversity & Inclusion at VMware. Shanis joined VMware in December, coming from the Heptio acquisition. Shanis is a vigorous advocate of diversity AND inclusion - and will be a strong leader for VMware on this journey. Shanis lead a panel discussion... Read More →
avatar for Jemma Bolland

Jemma Bolland

COO, The Scale Factory
Jemma is in charge of operations, marketing, people and finance at The Scale Factory. Her 15+ years’ experience in operational, strategic and marketing roles with start-ups and SMEs in the UK and Australia brings a wealth of insight to her role. Jemma's experience in the start-up... Read More →
avatar for Kevin Stewart

Kevin Stewart

Kevin Stewart is an engineering leader on sabbatical. Previously, he held VP Engineering positions at Fastly, Heptio (now VMware) and NodeSource and was a Director of Engineering at Adobe.
LO

Lara Owen

Director, Global Workplace Experience, GitHub
An instructor at Remote-How Academy, a speaker at the first-ever Running Remote Conference, and honored as one of 2018’s Bisnow Bay Area Thought Leaders, Lara Owen is the Director of Global Workplace Experience at GitHub and is responsible for ensuring 1200+ employees, scattered... Read More →


Wednesday November 20, 2019 11:50am - 12:25pm
Room 6D - San Diego Convention Center Upper Level

11:50am

Growth and Design Patterns in the Extensions Ecosystem - Eric Tune, Google
How big is the Kubernetes Extensions ecosystem today and how quickly has it grown? How many CNCF projects does it touch?  Data gathered from Github over 2 years by the speaker provides detailed answers.  

Based on experience as a Kubernetes contributor and API reviewer, and from analyzing hundreds of extensions, the speaker has identified recurring Design Patterns, like: Provisioner, Composition, Enforcer, Claim, and Class.  End users will learn to recognize the patterns, and API authors will learn when to apply them.
 
The talk will be accessible to a general audience. However, experts on Kubernetes Extensions will still find ideas and data not presented anywhere before. Illustrative examples will be used from various CNCF projects, such as Vitess, Jaeger, OpenEBS, and Rook.


Speakers
ET

Eric Tune

Senior Staff Software Engineer, Google
Eric is a Senior Staff Software Engineer at Google, where he is an overall lead technical lead on Google Container Engine (GKE). He started contributing to Kubernetes in 2014. Before Kubernetes, he worked on Google's Borg project, and was a co-author of the Borg paper.


Wednesday November 20, 2019 11:50am - 12:25pm
Room 31ABC - San Diego Convention Center Upper Level

11:50am

Building and Managing a Centralized Kubeflow Platform at Spotify - Keshi Dai & Ryan Clough, Spotify
Machine learning workflows within Spotify have been migrated to Kubernetes by adopting Kubeflow and Kubeflow Pipelines. It helps teams increase model development speed and reduce the time to productionize a machine learning model.

In this talk, we will demonstrate some best practices Spotify has learned from managing Kubernetes for backend services and apply them to building a centralized Kubeflow platform. We treat infrastructure as code. We establish customizable and repeatable deployment process. Even with a handful of machine learning/data engineers, we are successfully able to manage multiple Kubernetes clusters and machine learning workloads at scale.

We will also show how teams at Spotify use Kubeflow platform as a one-stop shop for their machine learning development, which helps them build better products to improve user listening experience.

Speakers
avatar for Keshi Dai

Keshi Dai

Senior ML Infra Engineer, Spotify
Keshi Dai is a Senior Engineer at Spotify who works on Machine Learning platform. His team is building a centralized Kubeflow platform to help Machine Learning engineers at Spotify to adopt Kubernetes. Previously, Keshi also worked on Discover Weekly and Release Radar at Spotify... Read More →
avatar for Ryan Clough

Ryan Clough

Senior ML Engineer, Spotify
Ryan Clough is a Senior Engineer on Spotify's Machine Learning Infrastructure team. Alongside his colleagues, he is responsible for designing and building the platform and tools that ML practitioners all across Spotify use to bring ML solutions from an idea all the way to production... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm
Room 29ABCD - San Diego Convention Center Upper Level

11:50am

CNCF Research User Group - Bob Killen, University of Michigan
This session is open to those interested in running Kubernetes and cloud native platforms in a research context. The CNCF Research User Group’s purpose is to function as a focal point for the discussion and advancement of Research Computing using “Cloud Native” technologies. This includes enumerating current practices, identifying gaps, and directing effort to improve the Research Cloud Computing ecosystem. Mission statement: https://github.com/cncf/research-user-group

Speakers
avatar for Bob Killen

Bob Killen

Research Cloud Administrator, University of Michigan
Bob is a Research Cloud Administrator with the Advanced Research Computing Technology Services (ARC-TS) group at the University of Michigan. He has been with the University for more than 15 years, serving in various capacities within the Health System and ARC-TS. As a CNCF Ambassador... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm
Room 23BC - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Deep Dive into Autoscaling - Marcin Wielgus, Google & Vivek Bagade, Google
Come and see how to debug and optimize your autoscalers and decrease your monthly infrastructure costs even further. During this talk members of SIG-Autoscaling will discuss the internals of HPA, VPA and Cluster Autoscaler, their peculiar features, and ways to fine tune them across dimensions like cost and availability. After this talk you will know where to look for information about the autoscaler activity, what settings can be changed and which flags should probably be left alone.

Speakers
avatar for Marcin Wielgus

Marcin Wielgus

Staff Software Engineer, Google
Marcin Wielgus is a Staff Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes before the 1.0 release... Read More →
avatar for Vivek Bagade

Vivek Bagade

Software Engineer, Google
Vivek Bagade is a Software Engineer at Google where he has been working on the Cluster Autoscaler and Node Auto-provisioning. He has been working on and with Kubernetes for the past 4 years. He has also worked as an Engineering Team Lead at Rapyuta Robotics building a Kubernetes based... Read More →


Wednesday November 20, 2019 11:50am - 12:25pm
Room 30ABCDE - San Diego Convention Center Upper Level

11:50am

Deep Dive into Cloud Provider Azure - Pengfei Ni, Microsoft & Brendan Burns, Microsoft
In this session, we'll dig into the implementation of the Azure cloud provider, and current work to enhance the operations of Kubernetes. Work for Kubernetes 1.17 and designs for the next versions will be discussed. There will be demos of the newest capabilities. You will also learn how the maintainers set up their development environments so you can contribute easily too.

Speakers
avatar for Brendan Burns

Brendan Burns

Distinguished Engineer, Microsoft
Brendan Burns is a co-founder of the Kubernetes open source project and a Distinguished Engineer at Microsoft Azure where he focuses on containers, Kubernetes and DevOps. He has a PhD in Computer Science from the University of Massachusetts and a BA in Computer Science and Studio... Read More →
avatar for Pengfei Ni

Pengfei Ni

Senior Software Engineer, Microsoft
Pengfei Ni is a senior software engineer at Microsoft Azure and maintainer of the kubernetes project. He has extensive experience in Cloud Computing, Kubernetes and Software Defined Networking (SDN). He has given presentations on KubeCon China 2018, ArchSummit 2018, LC3 2018, and... Read More →


Wednesday November 20, 2019 11:50am - 12:25pm
Room 33ABC - San Diego Convention Center Upper Level

11:50am

Deep Dive: Flux the GitOps Operator for Kubernetes - Stefan Prodan, Weaveworks
In this session, Stefan will talk about the GitOps principles governing Flux, its main features and roadmap. Stefan will do a deep dive into Flux’s Kustomize support and show how you can leverage Flux to manage a multi-tenant Kubernetes cluster. We will continue with Flux Helm Operator deep dive to showcase app delivery automation with Git operations.

Speakers
avatar for Stefan Prodan

Stefan Prodan

DX Engineer, Weaveworks
Stefan is a Developer Experience engineer at Weaveworks and an open source contributor to cloud-native projects like Flagger, FluxCD, Helm Operator, OpenFaaS and others. He worked as a software architect and a DevOps consultant, helping companies embrace DevOps and the SRE movement... Read More →


Wednesday November 20, 2019 11:50am - 12:25pm
Room 16AB - San Diego Convention Center Mezzanine Level

11:50am

Deep Dive: Harbor - Enterprise Cloud-native Artifact Registry - Steven Zou, VMware & Daniel Jiang, VMware
Harbor is an open-source trusted cloud-native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve both the container image and Helm Chart management challenges. In this session, we will cover some advanced features of using Harbor, such as OIDC support, improved content replication among Harbor and other non-Harbor registries, content management in a cloud environment, unified management of Helm Chart and container images, quota management, webhooks, tag retention, highly-available deployments and more. Our guest speaker and fellow Harbor maintainer, Daniel Pacak from Aqua Security, will show you how to utilize the pluggable scanning framework in Harbor to increase confidence in your compliance policies.
 
Additionally, we'd like to share some Harbor community-related things like the governance model and contributing guide to encourage more participation in the Harbor community. Furthermore, the team would love to get feedback from users and contributors to current features and future roadmap.

Speakers
avatar for Steven Zou

Steven Zou

Staff Engineer, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open-source Project Harbor which is an enterprise-class container image registry as lead engineer and core maintainer. Moreover, he’s doing innovation and incubation of projects on the Kubernetes... Read More →
avatar for Tan Jiang

Tan Jiang

Staff Engineer, VMware
I'm a software engineer from VMware, who joined the company around the end of 2015. Currently working on a open source registry project called Harbor. I'm one of the founding member of this project. I have been giving speech in different meet-ups talking about docker image management... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm
Room 5AB - San Diego Convention Center Upper Level

11:50am

Deep Dive: Prow - Steve Kuznetsov, Red Hat & Alvaro Aleman, Loodse
This session will dive into some of the major features we have added to prow, including how they are implemented, and the challenges we faced. Examples include the new prow monitoring stack, hooking up prow to other bug tracking systems than github, and refactoring prow to support in-repo config to enable better self-service.

Speakers
avatar for Steve Kuznetsov

Steve Kuznetsov

Software Engineer, Red Hat
Steve has been involved in open source and Kubernetes since 2014, joining the Testing SIG and becoming a co-lead in 2017.He has contributed to Kubernetes core since the 1.0 days but these days spends most of his focus on improving the testing infrastructure with the Testing SIG. Steve... Read More →
avatar for Alvaro Aleman

Alvaro Aleman

Software Engineer, Loodse
Alvaro is working on products related to Kubernetes cluster lifecycle management. A year ago, Loodse adopted Prow as its CI/CD platform of choice. In the process, Alvaro started to get involved into its upstream development and stayed active there ever since.


Wednesday November 20, 2019 11:50am - 12:25pm
Room 7AB - San Diego Convention Center Upper Level

11:50am

gRPC Deep Dive: Prevent Your Service From Overtaking Itself - Lidi Zheng, Google
In any distributed system, it is very common to have mismatched processing power on sending (client) and receiving (server) side. This can result in failures or excessive buffering of messages on either side leading to out-of-memory situation. Fortunately, gRPC has a flow control mechanism that transparently throttles the traffic to protect both services. In this presentation, we will dive into how does networking protocols (like TCP, HTTP, gRPC) control traffic, and how gRPC flow control facilitate your usage of the bandwidth between your services.

Speakers
avatar for Lidi Zheng

Lidi Zheng

Software Engineer, Google
Lidi Zheng is a Software Engineer at Google under the Tech Infra Network Systems area. He is an active maintainer of gRPC repo, and mostly contributing to gRPC Python. He focuses on the API design, distributed system and tooling. Prior to Google, he completed his Master degree from... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm
Room 14AB - San Diego Convention Center Mezzanine Level

11:50am

Intro: Telepresence - Daniel Bryant & Rafael Schloming, Datawire
This session will provide an intro to Telepresence, a CNCF Sandbox tool. We’ll talk about development workflows for Kubernetes. We’ll discuss the differences between traditional development, and different approaches people take to building Kubernetes services. We’ll then introduce Telepresence and discuss how it integrates with different organizational development workflows. Finally, we’ll talk about the evolution of Telepresence and how we are actively moving Telepresence forward from its heritage as a VPN-type approach into a more sophisticated L7 routing layer for developers.

Speakers
avatar for Rafael Schloming

Rafael Schloming

Co-founder and Chief Architect, Datawire
Rafael Schloming is Co-founder and Chief Architect of Datawire. He is a globally recognized expert on messaging and distributed systems and a spec author of the AMQP specification. He has spoken on microservices at numerous technical conferences including ApacheCon, the O’Reilly... Read More →
avatar for Daniel Bryant

Daniel Bryant

Product Architect, Datawire
Daniel Bryant works as an Independent Technical Consultant and Product Architect at Datawire. His technical expertise focuses on ‘DevOps’ tooling, cloud/container platforms, and microservice implementations. Daniel is a Java Champion, and contributes to several open source projects... Read More →


Wednesday November 20, 2019 11:50am - 12:25pm
Room 6E - San Diego Convention Center Upper Level
  • Experience Level Any

11:50am

Scaling SPIRE for Performance and Availability - Tyler Julian, Uber
SPIRE, the community-supported implementation of SPIFFE, enables users to take advantage of workload identity primitives like X.509s and JWTs without needing a deep understanding of complex topics like trust bootstrap, secure introduction, and credential provisioning/rotation.

But implementing the SPIFFE standard is not without its difficulties. SPIRE must scale to meet the needs of hundreds of thousands of workloads in today's hybrid cloud architectures. And, despite a requirement for high, efficient throughout, the system must remain resilient in the face of failure.

In this deep dive, we will study the challenges encountered during the implementation of SPIRE, design considerations and philosophy, and production use cases.

Speakers
avatar for Tyler Julian

Tyler Julian

Security Engineer, Uber
Security Engineer at Uber focused on authentication and distributed systems, with a background in cryptocurrency protocols.


Wednesday November 20, 2019 11:50am - 12:25pm
Room 32AB - San Diego Convention Center Upper Level

11:50am

Build Your Own Private 5G Network on Kubernetes - Frank Zdarsky, Red Hat & Raymond Knopp, Eurecom
Private 5G networks are dedicated cellular networks, confined to user premises and tailored to a specific use case. In smart factories, for instance, they may soon enable remote control of robots, augmented reality-enhanced maintenance, and other use cases for which ultra-low latency, high bandwidth, and reliable radio connectivity to local edge computing services is a must.

Did you know you can build your own private 5G network purely from open source software and off the shelf hardware? This session will introduce OpenAirInterface, an open source 5G radio and core network implementation, and how to pick and set up hardware for it. Participants will learn how the latest Kubernetes technologies like Multus, SR/IOV CNI, real-time workers, device plugins, etc. need to come together to support these exigent Containerized Network Functions on Kubernetes and to manage them using Operators.

Speakers
RK

Raymond Knopp

Professor in Communication Systems, Eurecom
Raymond is Professor in the Communication Systems Department at EURECOM. His current research interests include software radio architectures, implementation aspects of signal processing systems, and real-time wireless networking protocols. He has a proven track record in managing... Read More →
avatar for Frank Zdarsky

Frank Zdarsky

Senior Principal Software Engineer, Red Hat
In the old days, long before NFV had its name, Frank was leading mobile network research at a large telco equipment provider and running mobile network services on public cloud. He later joined Red Hat's Office of the CTO to build and lead a team of great engineers that worked with... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm
Room 17AB - San Diego Convention Center Mezzanine Level