Loading…
Room 16AB - San Diego Convention Center [clear filter]
Monday, November 18
 

9:00am PST

Cloud Native Live: Evolving Security hosted by Prisma by Palo Alto Networks (Additional Registration + Fee Required)
Cloud Native Live: Evolving Security

Security teams are challenged by cloud native - organizations are running more apps on more platforms in more places than ever before.  These apps are constantly changing while threats and compliance requirements continue to grow. At the same time, cloud native provides an opportunity to do security in a fundamentally better way - more automated and more integrated with development.  In this edition of Cloud Native Live, we bring together industry leaders, customers, and partners to talk about how they've made this promise real and how you can evolve your own security organization to not just enable cloud native but to capitalize on it.  Go deep not just on threats and countermeasures but also how to leverage cloud native technologies to improve the efficiency and capacity of your security team.

At this Kubecon San Diego co-located event, we'll discuss this challenge, hitting on specifics like:

  • How is cloud native security different than the cloud security you already know?
  • How do you do more than just “shift left” and really integrate runtime security intelligence back with developers?
  • How does a cloud-native, container-first approach change the traditional “firewall” model of security? 
  • How do you build security that spans all your modern compute options - from VMs to containers to serverless and everything in between?
 
Interested in speaking? Submit a CFP here: https://www.papercall.io/cnl-kubecon-colo. Deadline: October 18

How to Register: Pre-registration is required. To register for Cloud Native Live: Evolving Security, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to cloudnativelive@paloaltonetworks.com.

Monday November 18, 2019 9:00am - 5:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
 
Tuesday, November 19
 

10:55am PST

The Devil in the Details: Kubernetes’ First Security Assessment - Aaron Small, Google & Jay Beale, InGuardians
In October of last year, the Kubernetes project created a new Security Audit working group and began Kubernetes’ first comprehensive third-party security assessment. In the months that followed, we worked closely with Trail of Bits and Atredis Partners to assess and improve Kubernetes’ security posture.  Through code review and penetration testing, we found and addressed 37 new vulnerabilities.  With support from many Kubernetes contributors, the third party security firms and Kubernetes project produced a formal threat model covering eight critical components across six different trust zones.  In this talk, we will share our findings, methodology, and vision for future security investments.  We’ll discuss what the work uncovered, and what this means to Kubernetes security both now and for the future.

Speakers
avatar for Aaron Small

Aaron Small

Product Manager, Google
avatar for Jay Beale

Jay Beale

CEO and CTO, InGuardians
Jay Beale is CTO and CEO for InGuardians. He works on Kubernetes, Linux and Cloud-Native security, both as a professional threat actor and an Open Source maintainer and contributor. He's the architect of the open source Peirates attack tool for Kubernetes and Bustakube CTF Kubernetes... Read More →



Tuesday November 19, 2019 10:55am - 11:30am PST
Room 16AB - San Diego Convention Center Mezzanine Level

11:50am PST

Enabling Kubeflow with Enterprise-Grade Auth for On-Prem Deployments - Yannis Zarkadas, Arrikto & Krishna Durai, Cisco
Kubeflow is an open source machine learning platform built on Kubernetes. Every service in Kubeflow is implemented either as a Custom Resource Definition (CRD) (e.g., TensorFlow Job) or as a standalone service (e.g., Kubeflow Pipelines).

As enterprises start to adopt Kubeflow, the need for access control, authentication, and authorization is emerging. An enterprise-grade solution to authenticate and authorize on two API layers: Kubernetes APIs and Kubeflow’s stand-alone services APIs. For better adoption, the solution should also integrate seamlessly with existing user management solutions in enterprises, such as LDAP or Active Directory (AD).

We present how we combined open-source, cloud-native technologies to design and implement a flexible, modular solution for enterprise authentication and authorization in Kubeflow. The talk will include a live demo.

Speakers
avatar for Yannis Zarkadas

Yannis Zarkadas

Software Engineer, Arrikto
Yannis is a software engineer at Arrikto, working with Kubeflow and the Kubernetes sig-storage group. He loves contributing to open source projects and has authored the Cassandra Operator in Rook and the official Scylla Operator, which he is currently maintaining.
avatar for Krishna Durai

Krishna Durai

Software Engineer, Cisco
Krishna is a software engineer at Cisco, Bangalore and is a contributor to the Kubeflow open-source project. He has been designing and engineering AI platforms in enterprise domains like healthcare.



Tuesday November 19, 2019 11:50am - 12:25pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Machine Learning + Data

2:25pm PST

Adapting Kubernetes to Constrained IP Address Environments - Mahesh Narayanan & Satyadeep Musuvathy, Google
When it comes to IP addresses, Kubernetes has a demand and supply issue.
On the Demand side, Kubernetes treats Pods as first class citizens with their own IPs. This makes port mappings and usage from a developer’s point of view much much simpler. But from an infrastructure perspective, this makes the whole cluster use IP addresses liberally.

On the Supply side, Kubernetes deployments generally run alongside incumbent networks. Therefore there are not enough IPs to allocate and have a production grade deployment.

Based on real world experience by our customers so far, we have found that there are a few ways to design your clusters to address these concerns:
-- Optimize the per node allocation so that the overall consumption can be optimized
-- re-use IP addresses for Infrastructure but have unique Services IPs.
-- Leverage a new IP addressing scheme through non-RFC 1918 ranges





Speakers
avatar for Mahesh Narayanan

Mahesh Narayanan

Product Manager, Google
Mahesh Narayanan is a Cloud Networking Product Manager at Google Cloud. He works on GKE and drives its networking strategy and roadmap. Mahesh has also worked in sales and customer support roles and has a good understanding of customer perspective. Prior to Google, Mahesh worked in... Read More →
SM

Satyadeep Musuvathy

Software Engineer, Google
Satya is a Software Engineer at Google. He lives and breathes GKE including GKE On-Prem. Satya has extensive Enterprise customer experience with stints at companies like Yahoo and Walmart.



Tuesday November 19, 2019 2:25pm - 3:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Networking

3:20pm PST

Jaeger Intro - Yuri Shkuro, Uber Technologies & Pavol Loffay, Red Hat
This session is an introduction to Jaeger and distributed tracing. We will do a demo of the current Jaeger features, talk about the roadmap, and finish with a Q&A. After this session the attendees should better understand how Jaeger fits in the observability space for cloud native applications. For more information on the project everybody is welcome to attend the Jaeger Deep Dive Session.

Speakers
avatar for Pavol Loffay

Pavol Loffay

Principal Software Engineer, Red Hat
Pavol Loffay is a principal software engineer at Red Hat working on open-source observability technology for modern cloud-native applications. Pavol contributes and maintains Cloud Native Computing Foundation (CNCF) projects OpenTelemetry and Jaeger. In his free time, Pavol likes... Read More →
avatar for Yuri Shkuro

Yuri Shkuro

Software Engineer, Uber Technologies
Yuri Shkuro is a software engineer at Uber Technologies, working on distributed tracing, observability, reliability, and performance problems; author of the book ["Mastering Distributed Tracing"](https://www.shkuro.com/books/2019-mastering-distributed-tracing/); creator of Jaeger... Read More →



Tuesday November 19, 2019 3:20pm - 3:55pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Maintainer Track Sessions
  • Experience Level Any
  • Session Slides Included Yes

4:25pm PST

Polymorphic Reconcilers in Kubernetes - Advanced DuckTyping - Scott Nichols & Matt Moore, Google
The explosion of Custom Resources in Kubernetes has lead to the development of new techniques to reference and reconcile objects in Kubernetes. Come learn how we are leveraging some simple patterns to produce complex systems within Kubernetes in the Knative project, and how you can adapt these methods to your applications.

Speakers
avatar for Matthew Moore

Matthew Moore

Software Engineer, VMware
Matt is a member of the Technical Oversight Committee for Knative, leads Knative Serving, and started Knative Build. Previously as Google, Matt was Uber TL of container tools, and was the original TL for Google's Container Registry (gcr.io).
avatar for Scott Nichols

Scott Nichols

Founder Chainguard, Chainguard, Inc
Scott Nichols is a focused on making it easy to create and understand portable event driven serverless workloads. This work is done through Kubernetes, Knative and CloudEvents.



Tuesday November 19, 2019 4:25pm - 5:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
 
Wednesday, November 20
 

10:55am PST

Binary Authorization in Kubernetes - Aysylu Greenberg, Google & Liron Levin, Palo Alto Networks
Kritis is an open-source solution for securing your software supply chain for Kubernetes applications. Kritis enforces deploy-time security policies that ensures only trusted container images are deployed on kubernetes to your cluster. With Kritis, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying. Kritis enables tighter control over your container environment by ensuring only verified images are integrated into production.
Talk outline:
- Introduction to the concept of binary authorization
- Live demo of using Kritis and Grafeas for deploying images with confidence in Kubernetes
- Grafeas and Kritis roadmap
At the end, attendees will gain solid understanding on the process of binary authorization and how to incorporate it in their build and deployment pipelines

Speakers
avatar for Liron Levin

Liron Levin

Chief software architect, Palo alto networks
Liron is the Chief Software Architect at Twistlock, where he focus on scaling, engineering methodologies and security . Before that, he worked as a tech lead at Microsoft on cloud computing and machine learning projects. He is an active contributor to popular open source go projects... Read More →
avatar for Aysylu Greenberg

Aysylu Greenberg

Senior Software Engineer, Google
Aysylu Greenberg is the Tech Lead of GCP Container Analysis, focusing on the software supply chain integrity and security. In her spare time, she ponders the design of systems that deal with inaccuracies, enthusiastically reads CS research papers, and paints.



Wednesday November 20, 2019 10:55am - 11:30am PST
Room 16AB - San Diego Convention Center Mezzanine Level

11:50am PST

Deep Dive: Flux the GitOps Operator for Kubernetes - Stefan Prodan, Weaveworks
In this session, Stefan will talk about the GitOps principles governing Flux, its main features and roadmap. Stefan will do a deep dive into Flux’s Kustomize support and show how you can leverage Flux to manage a multi-tenant Kubernetes cluster. We will continue with Flux Helm Operator deep dive to showcase app delivery automation with Git operations.

Speakers
avatar for Stefan Prodan

Stefan Prodan

Principal Engineer, Weaveworks
Stefan is a Principal Engineer at Weaveworks and an open source contributor to cloud-native projects. He is the creator of Flagger the progressive delivery operator for Kubernetes, and a core maintainer of the CNCF's Flux project. Stefan has over 15 years of experience with software... Read More →



Wednesday November 20, 2019 11:50am - 12:25pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Maintainer Track Sessions

2:25pm PST

Jaeger Deep Dive - Yuri Shkuro, Uber Technologies & Pavol Loffay, Red Hat
This session is dedicated to an in-depth understanding of the Jaeger project. We will give a short demo of the recently added features, talk about various topics including the architecture, adaptive sampling, multi-tenancy, and configuration, and review the roadmap. After this session the attendees should better understand the Jaeger architecture, how to deploy it and get the best benefits, and to make contributions to the project.

Speakers
avatar for Pavol Loffay

Pavol Loffay

Principal Software Engineer, Red Hat
Pavol Loffay is a principal software engineer at Red Hat working on open-source observability technology for modern cloud-native applications. Pavol contributes and maintains Cloud Native Computing Foundation (CNCF) projects OpenTelemetry and Jaeger. In his free time, Pavol likes... Read More →
avatar for Yuri Shkuro

Yuri Shkuro

Software Engineer, Uber Technologies
Yuri Shkuro is a software engineer at Uber Technologies, working on distributed tracing, observability, reliability, and performance problems; author of the book ["Mastering Distributed Tracing"](https://www.shkuro.com/books/2019-mastering-distributed-tracing/); creator of Jaeger... Read More →



Wednesday November 20, 2019 2:25pm - 3:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Maintainer Track Sessions

3:20pm PST

How to Include Latency in SLO-based Alerting - Björn Rabenstein, Grafana Labs
Chapter 5 of “The Site Reliability Workbook” is an excellent study of how to create meaningful alerts based on SLOs by measuring the rate at which the error budget is burned over different time windows. This rather complex approach is blissfully straight-forward to implement in Prometheus, as demonstrated in the chapter itself. However, all of it is based on error rates, leaving latency concerns out of scope. Björn “Beorn” Rabenstein will explore various options of applying the same ideas to latency-based SLOs. The foundation is a precise and meaningful definition of the SLO. From there, Beorn will explore various techniques to translate the SLO into an error budget and how to measure its burn rate with Prometheus. Once that is done, creating error-budget-based alerts is relatively simple. There are, however, pitfalls and trade-offs along the way, which Beorn will help cope with.

Speakers
avatar for Björn Rabenstein

Björn Rabenstein

Engineer, Grafana Labs
Björn “Beorn” Rabenstein is an engineer at Grafana Labs and a Prometheus developer. Previously, he was a Production Engineer at SoundCloud, a Site Reliability Engineer at Google, and a number cruncher for science.


slides pdf

Wednesday November 20, 2019 3:20pm - 3:55pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Observability

4:25pm PST

Realizing End to End Reproducible Machine Learning on Kubernetes - Suneeta Mall, Nearmap
Industry adaptation of data-science has grown rapidly in the last few years. The probabilistic nature of this space requires the right tools and techniques to ensure that the answers produced are reliable. Models are derived from data, which is almost always evolving, massive (as in deep-learning), and requiring clean-up and pre-processing before use. Reproducibility, reporting, tracking and management around the tasks of 1) data - collection, pre-processing, often feature engineering and 2) model – training, tuning, evaluation and serving are essential.

With tools such as Pachyderm, Kubeflow, Katib, ModelDB, Seldon and Argo, an automated end-to-end reproducible machine learning framework can be built on Kubernetes. This talk will detail how the aforementioned tools can be used to build an automated, reproducible machine learning framework.

Speakers
avatar for Suneeta Mall

Suneeta Mall

Head of AI Engineering, Harrison.ai



Wednesday November 20, 2019 4:25pm - 5:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Machine Learning + Data

5:20pm PST

Are We There Yet? My Experience Leading a Kubernetes Release Team - Claire Laurence, Pivotal
9 months, 3 releases, 3 roles, and countless new faces - here’s a story about how I went from a brand new community member to release lead in less than a year and what I discovered along the way. Over 9 months I dove into the Kubernetes release world and dealt with the challenges of shipping a release, the tough decisions that need to be made, and how to adapt our release plan to stay on target.

The Kubernetes release is at the core of the community. Managing an open source release requires flexibility, transparency, and radical collaboration. As the size of the contributors grows, how does the release process adapt? How are decisions made? How do we react when plans change? How did I quickly move from a shadow to the release lead role? In this talk I plan on addressing these questions and my experience leading the 1.15 release team

Speakers
avatar for Claire Laurence

Claire Laurence

Senior Technical Program Manager, Pivotal
Claire is a Senior Technical Program Manager at Pivotal Software. Claire helps manage releases for the Pivotal Container Service (PKS) offering. In the open source community, Claire is a member of SIG-Release and has participated on 3 Kubernetes release teams as an enhancements shadow... Read More →



Wednesday November 20, 2019 5:20pm - 5:55pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Community
 
Thursday, November 21
 

10:55am PST

KEDA: Event Driven and Serverless Containers in Kubernetes - Jeff Hollan, Microsoft
Event driven and serverless architectures are defining a new generation of apps. However, to take full advantage of the serverless benefits of event driven, your application needs to scale and react to those events instantly - scaling from zero to potentially thousands of instances. These events may come in the form of queue and Kafka messages, or events from a cloud provider like AWS SQS or Azure Event Hubs. KEDA 1.0 is an open sourced component created in partnership with Red Hat and Microsoft Azure that provides event driven autoscaling for your Kubernetes workloads. In this demo-filled session, learn how to get started with KEDA, how customers are using it to efficiently scale and run event-driven apps, and how everything from a simple container to a serverless function can integrate seamlessly and scale natively in an event-driven and Kubernetes world.

Speakers
avatar for Jeff Hollan

Jeff Hollan

Principal PM Manager, Microsoft
Jeff Hollan is Principal PM Manager for Azure Functions and KEDA. He is a spokesperson for serverless and cloud native for Microsoft and presented at keynotes and conferences around the world. His team focuses on building capabilities for serverless both in the cloud and on-premises... Read More →



Thursday November 21, 2019 10:55am - 11:30am PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Serverless

11:50am PST

Exporting Kubernetes Event Objects for Better Observability - Mustafa Akın & Ahmet Şeker, Atlassian
Objects in Kubernetes, such as Pod, Deployment, Ingress, Service publish events to indicate status updates or problems. Most of the time, these events are overlooked and their 1 hour lifespan might cause missing important updates. They are also not searchable and cannot be aggregated.

We are open-sourcing our internal tool for publishing the events in Kubernetes to Opsgenie, Slack, Elasticsearch, Webhooks, Kinesis, Pub/Sub. It has a configuration language for matching events based on various criteria, such as the content and the related object’s labels. It also has the capability to route the events intelligently, inspired by Prometheus Alertmanager.

For instance, you can notify an owner of Pod for runtime OCI failures, you can aggregate how many times the images are pulled, how many times container sandbox changes for various resource labels.

Speakers
avatar for Mustafa Akın

Mustafa Akın

SRE, Atlassian
Mustafa works at Atlassian Opsgenie as a Senior Site Reliability Engineer. He works on Kubernetes and Golang to keep Opsgenie up all the times and works on observability and tracing. In his free time, he works on scheduling algorithms for Kubernetes for his PhD studies.
avatar for Ahmet Şeker

Ahmet Şeker

SRE, Atlassian
Ahmet is Engineering Manager at Atlassian Opsgenie SRE Team. Besides his management and SRE tasks, he tries to construct unified build system in Opsgenie. He and his team is the main driver for Opsgenie's K8s journey



Thursday November 21, 2019 11:50am - 12:25pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Observability

2:25pm PST

Panel: State of the Kubernetes Union - Steering Committee Discussion - Davanum Srinivas, Timothy St. Clair, Jorge Castro, VMware; Paris Pittman, Google; Derek Carr, Christoph Blecker, Red Hat; & Nikhita Raghunath, Loodse
The steering committee[1] is tasked with decision-making and oversight with all things related to Kubernetes. This panel discussion is a chance for some navel gazing on where we are today, what got us here and where we are headed to next. This will also be a chance for the newly elected steering committee (October `19 election) to meet face to face with their constituents in the community and wider ecosystem.

[1] https://github.com/kubernetes/steering

Moderators
avatar for Jorge Castro

Jorge Castro

Community Manager, VMware
Jorge is a Community Manager at VMware where he helps to support and advance the open Kubernetes ecosystem. He works in SIG Contributor Experience on the Kubernetes Office Hours, running the YouTube channel, forums admin, and a bunch of miscellaneous programs. He resides in Ann Arbor... Read More →

Speakers
DC

Derek Carr

Distinguished Engineer, Ancestry
avatar for Nikhita Raghunath

Nikhita Raghunath

Software Engineer, Loodse
Nikhita is a software engineer at Loodse and is a core contributor to Kubernetes. She is on the Kubernetes Steering Committee, a CNCF Ambassador, and the technical lead for SIG Contributor Experience.
avatar for Paris Pittman

Paris Pittman

Kubernetes OSS Strategy, Google
Paris is a Developer Relations Program Manager on Google Cloud's Open Source Strategy team focusing on the Kubernetes Community. She is a co-chair of the special interest group for Contributor Experience and an organizer of Bay Area Kubernetes Meetup with 4,000 members. She has 14... Read More →
avatar for Timothy St. Clair

Timothy St. Clair

Principal SW Engineer, VMware
Timothy St. Clair is a Principal Software Engineer at VMware and is a core contributor to the Kubernetes project, a Steering Committee member, and a lead on SIG-Cluster-Lifecycle. Timothy has worked on the development and integration of various open source distributed systems projects... Read More →
avatar for Davanum Srinivas

Davanum Srinivas

Principal Engineer, AWS
Davanum Srinivas (a.k.a Dims) is a Principal Engineer with AWS working full time on Kubernetes and related projects at CNCF. At CNCF, Dims has served as a member of the Technical Oversight Committee and as the chair and represented the TOC on the CNCF Governing Board. In Kubernetes... Read More →


Thursday November 21, 2019 2:25pm - 3:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level

3:20pm PST

Evolving the Kubernetes Ingress APIs to GA and Beyond - Christopher M Luciano, IBM & Bowei Du, Google
The Ingress API has existed as beta type since early 2016 release in Kubernetes 1.2. Since its inception, it has been fairly lightweight and additions remained infrequent in attempts to maintain portability within the Kubernetes ecosystem. In response, Ingress API implementations commonly leverage a different internal API or extend the Ingress API by heavily decorating the resource with annotations.

In this session, we will present the Ingress enhancements for the GA/v1 Ingress API and what factors went into these decisions. Furthermore, we'll explore several possible directions for what a v2 API could entail and walk through several examples including existing non-Kubernetes implementations.

Speakers
avatar for Christopher Luciano

Christopher Luciano

Advisory Software Engineer, IBM
Christopher M Luciano is an advisory software developer for IBM’s Digital Business Group, where he works on Kubernetes, Istio, and Envoy. Previously, Christopher was the lead on the Watson container runtime squad. He is a frequent speaker about Istio and Kubernetes and has recently... Read More →
avatar for Bowei Du

Bowei Du

Senior Staff Engineer, Google
Bowei is a lead on Kubernetes Networking at Google. He has worked on various topics in SIG-NETWORK, the most recent being helping shepard the new Gateway APIs (https://gateway-api.sigs.k8s.io/)



Thursday November 21, 2019 3:20pm - 3:55pm PST
Room 16AB - San Diego Convention Center Mezzanine Level

4:25pm PST

Fine Grained Mesh Metrics for Better Visibility With Native Performance - Mandar Jog & Kuat Yessenov, Google
Knowing granular traffic patterns is crucial in understanding the functioning and health of a service mesh. The existing Envoy extensions collecting metrics are either not granular enough or can consume too many resources.

In this session, attendees will learn about an efficient way of producing granular metrics. This method introduces a new metadata exchange protocol between peer workloads and uses the new Envoy/WASM metrics API to produce richly dimensioned metrics based on the exchanged metadata.

The operator can add arbitrary peer dimensions like availability zones and locality to get additional insights into the traffic. Istio will use this technique to efficiently produce highly dimensioned Istio standard telemetry.

Attendees will see a demo of rich telemetry collection to Prometheus at near native performance.

Speakers
avatar for Mandar Jog

Mandar Jog

Istio TL/M, Google
Mandar is a co-lead of the Istio extensions and the Istio performance and scalability workgroups. He would like to see adoption of service meshes everywhere so as to realize the full promise of micro services architecture. Mandar has been working on the Isio project since its inception... Read More →
KY

Kuat Yessenov

software engineer, google
Kuat is a maintainer of the envoyproxy/go-control-plane and a contributor to envoy. He has been an integral part of the Istio team at google since the beginning.



Thursday November 21, 2019 4:25pm - 5:00pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Service Mesh

5:20pm PST

Kubernetes Policy Enforcement Using OPA At Goldman Sachs - Miguel Uzcategui, Goldman Sachs & Tim Hinrichs, Styra
Managing state on multiple shared Kubernetes clusters may sound scary. The Goldman Sachs Kubernetes team uses OPA to manage that state using two different applications of policy. The first is the validating admission control policies that prevent unsafe resources on the cluster. The second, and novel, application goes beyond simple yes/no decisions and uses OPA policy to provision new resources on the cluster to implement a common baseline, e.g. RBAC, Volumes, ResourceQuotas, and LimitRanges.

This talk focuses on the architectural design that allows GS to run OPA at scale in production. Along the way we discuss best practices and lessons learned, highlighting how GS reduced policy deployment times from days to under 10 minutes. The audience will learn how to create their own policy pipelines using popular open-source tools to enforce OPA policy across multiple Kubernetes clusters.

Speakers
avatar for Tim Hinrichs

Tim Hinrichs

CTO, Styra
Tim Hinrichs is a co-founder and CTO of Styra, the cloud-native authorization company, and he is a co-creator of the open source CNCF Open Policy Agent project. Before that, he worked at VMware and co-founded the OpenStack Congress project. Tim has 20+ years of experience developing... Read More →
avatar for Miguel Uzcategui

Miguel Uzcategui

Associate, Goldman Sachs
Miguel Uzcategui is a Technology Associate in the Unix Engineering team at Goldman Sachs. He spends his time managing the compute infrastructure in areas such as configuration management, OS patching, and kubernetes. Miguel's team is currently responsible for engineering & maintaining... Read More →



Thursday November 21, 2019 5:20pm - 5:55pm PST
Room 16AB - San Diego Convention Center Mezzanine Level
  Security + Identity + Policy
 

Filter sessions
Apply filters to sessions.