Room 31ABC - San Diego Convention Center [clear filter]
Tuesday, November 19

10:55am PST

Sharing is Caring: How to Begin Speaking at Conferences - Jenny Burcio & Ashlynn Polini, Docker
For many, the idea of speaking in front of a bunch of strangers can be enough to prevent you from ever responding to a CFP. But don't let it! Speaking at conferences, meetups, or even at your own company is a fantastic way to share you knowledge, meet others, advance your career, and give back. Whether you are on the fence, have decided to take the plunge and submit a CFP, or have already even a few talks, this session is for you. Jenny Burcio and Ashlynn Polini will outline tips and strategies for turning your idea into a winning proposal and ultimately a compelling talk. Drawing on their experience reviewing DockerCon CFPs and prepping speakers (including themselves) for a variety of conferences, they will share how to submit and prepare for your first - or next - conference talk.


Jenny Burcio

Sr. Manager, Marketing, Docker
Jenny Burcio manages the Docker Community, including managing content for DockerCon and the Captains program, where she helps awesome Docker community members inspire and educate others. Prior to Docker, Jenny worked at Apigee helping to build their community programs and partner... Read More →
avatar for Ashlynn Polini

Ashlynn Polini

Sr Manager, Events, Docker
Ashlynn Polini runs the user conference known as DockerCon, where she helps awesome Docker community members inspire, connect and learn from each other. Prior to Docker, Ashlynn worked at startups helping to build marketing and operations programs. Ashlynn is a recovering soccer athlete... Read More →

Tuesday November 19, 2019 10:55am - 11:30am PST
Room 31ABC - San Diego Convention Center Upper Level

11:50am PST

Five Things You Didn’t Know You Could Do with SPIFFE and SPIRE - Andrew Jessup & Andrés Vega, Scytale
Zero Trust networking and secure authentication are hot topics in security team meetings all over the world. But how do you actually get started? The open-source SPIFFE and SPIRE projects are your foundation for building ridiculously secure software, even between multiple clouds and clusters.

In this talk, we will guide you through five practical applications with the open-source SPIFFE and SPIRE projects, including automatic authentication and mutual TLS encryption between:

workloads on two different clouds,
a workload in a virtual machine and an Istio cluster,
a container in a Google Container Engine cluster and Amazon Web Services
a workload in a Kubernetes cluster and a MySQL database
a workload in a Kubernetes cluster and a Hashicorp Vault cluster
a workload in a Kubernetes cluster and an API gateway

And we’ll do all of this without any annoying passwords, API keys, or secrets.

This talk focuses on real, practical examples of the SPIFFE and SPIRE projects. It assumes no prior knowledge of them, though some passing familiarity with Kubernetes will be helpful.

avatar for Andrew Jessup

Andrew Jessup

Recovering Engineer, Scytale
I'm head of product at Scytale, where we're redefining Privileged Access Management for a multi-cloud, micro-services driven world. A significant part of that vision is working to drive the SPIFFE and SPIRE projects to help organisations securely connect un-trusted systems.
avatar for Andres Vega

Andres Vega

Founder, M42

Tuesday November 19, 2019 11:50am - 12:25pm PST
Room 31ABC - San Diego Convention Center Upper Level
  Maintainer Track Sessions

2:25pm PST

Enforcing Automatic mTLS with Linkerd and OPA Gatekeeper - Ivan Sim, Buoyant & Rita Zhang, Microsoft
Whether you are operating a 5-node or a 500-node Kubernetes clusters, ensuring the integrity and security of the traffic among your workloads is something that should be taken seriously. As your team grows, it is important to automate the application and management of different mTLS policies.

In this talk, Ivan and Rita will share with you how Linkerd and Gatekeeper work together to automate and enforce mTLS policy in production. They will show you how easy it is to encrypt all east-west traffic using Linkerd’s zero config automatic mTLS feature. Then, you will see how Gatekeeper is used to define, enforce and audit every workload entering your cluster to ensure configuration is valid and conformant to policy.

avatar for Rita Zhang

Rita Zhang

Principal Software Engineer, Microsoft
Rita Zhang is a software engineer at Microsoft, based in San Francisco. She leads the Azure Container Upstream team building features for Kubernetes upstream and various CNCF projects. Rita is a Kubernetes SIG Auth co-chair, a maintainer of the Secrets Store CSI Driver project, and... Read More →
avatar for Ivan Sim

Ivan Sim

Software Engineer, Red Hat

Tuesday November 19, 2019 2:25pm - 3:00pm PST
Room 31ABC - San Diego Convention Center Upper Level

3:20pm PST

Towards Continuous Computer Vision Model Improvement with Kubeflow - Derek Hao Hu & Yanjia Li, Snap Inc.
With deep learning gaining popularity in industry, there is a lot of material focusing on model training and serving. However, in production machine learning typically isn't complete after a single round of training. Model owners need to find ways to improve trained models regularly, and good machine learning pipelines achieve this by leveraging continuous feedback.

In this talk, we will demonstrate how Kubeflow and Kubeflow Pipelines are being used to continuously improve computer vision models at Snapchat. We will walkthrough how we orchestrate multiple components with Kubeflow Pipelines to extract data, label images, and (re)train machine learning models. We will also discuss best practices for authoring Kubeflow Pipeline components based on our experiences from developing and deploying these components for production use.


Derek Hao Hu

Software Engineer, Snap Inc.
Derek Hao Hu is a software engineer at Snap on the Perception team. He's been working on building machine learning infrastructure, components, pipelines and tools that power different types of computer vision experiences inside Snapchat.

Yanjia Li

Software Engineer, Snap Inc.
Yanjia Li is a Software Engineer on the Perception team of Snap. He has been working on the algorithms and systems behind various computer vision products in Snapchat. One of his focus areas is building the software to handle large-scale deep learning model training and inference... Read More →

Tuesday November 19, 2019 3:20pm - 3:55pm PST
Room 31ABC - San Diego Convention Center Upper Level

4:25pm PST

Intro: Kubernetes SIG Apps - Adnan Abdulhussein, VMware & Matt Farina, Samsung SDS
Kubernetes SIG Apps covers developing, deploying, and operating applications on Kubernetes with a focus on the application developer and application operator experience. In this session we will focus on the Workloads API (e.g. Deployments, StatefulSet, DaemonSet, Job etc.), the Application CRD, and the supporting elements to make application developers and operators successful with Kubernetes. That includes using the Kubernetes API to run your workloads and leveraging Kubernetes resources to develop Kubernetes native applications.

avatar for Matt Farina

Matt Farina

Distinguished Engineer, SUSE
Matt works as a Distinguished Engineer at SUSE, where he works on Rancher, focusing on cloud native technologies. He is also a member of the CNCF Technical Oversight Committee. Matt is an author, speaker, and regular contributor to open source.
avatar for Adnan Abdulhussein

Adnan Abdulhussein

Software Engineer, VMware
Adnan Abdulhussein is a Software Engineer at VMware (previously at Bitnami), where he works on building tools to make apps easier to run on Kubernetes. He contributes to the Kubernetes community as a co-chair of SIG-Apps and a core maintainer of the Helm project. Adnan is passionate... Read More →

Tuesday November 19, 2019 4:25pm - 5:00pm PST
Room 31ABC - San Diego Convention Center Upper Level
  Maintainer Track Sessions
  • Experience Level Any
  • Session Slides Included Yes
Thursday, November 21

10:55am PST

CloudEvents - Intro, Deep-Dive and More! - Doug Davis, IBM; Clemens Vasters, Microsoft; Klaus Deissner, SAP; & Vladimir Bacvanski, PayPal
In this session the we'll summarize the history and status of the CloudEvents project. We may even have a major announcment! We'll then talk about what our future plans are. Finally, there's will be a more indepth discussion around how people are using CloudEvents in production and how it has helped address the pain points people were experiencing.

avatar for Doug Davis

Doug Davis

PM Microservices, Microsoft
Doug is currently focusing on improving the developer experience for cloud native computing in Azure Cloud. He’s been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker, Kubernetes... Read More →
avatar for Klaus Deissner

Klaus Deissner

Development Architect, SAP
Klaus is an architect at SAP focusing on event-driven architecture. He has over 20 years of experience in architecting and engineering software and has spent a large portion of his career with technology topics such as building messaging infrastructures, developer tools, as well as... Read More →
avatar for Clemens Vasters

Clemens Vasters

Principal Architect, Microsoft
Clemens Vasters is Lead Architect in Microsoft’s Azure Messaging team that builds and operates a fleet of hyper-scale messaging services, including Event Grid, Service Bus, and Event Hubs. Clemens represents Microsoft in messaging standardization in OASIS (AMQP) and CNCF (CloudEvents... Read More →
avatar for Vladimir Bacvanski

Vladimir Bacvanski

Distinguished Architect, PayPal
Dr. Vladimir Bacvanski is a Principal Architect with Strategic Architecture at PayPal. He is the lead architect for Privacy and the lead architect for Developer Experience, which includes variety of tools in the DevOps arena. Before joining PayPal, Vladimir was the CTO and founder... Read More →

Thursday November 21, 2019 10:55am - 12:25pm PST
Room 31ABC - San Diego Convention Center Upper Level
  Maintainer Track Sessions
  • Experience Level Any
  • Session Slides Included Yes

2:25pm PST

Cloud Native Runtime Security with Falco - Kris Nova, Sysdig & Abhinav Srivastava, Frame.io
Falco is a CNCF Sandbox project focused on Container Runtime Security. In this maintainers track session the Falco maintainers will focus on what runtime security is and how it differs from other layers of security for Kubernetes. They will show how to enable system call abnormality detection using Falco’s eBPF integration, as well as how to detect abnormal behavior in the Kubernetes API server. Lastly, the Falco maintainers will walk through various implementation examples from end users of Falco, and how to integrate Falco in with cloud based event processing services to build security event pipelines. Attendees will leave with a better understanding of Falco and runtime security, how to get started writing their own Falco rules, and how to contribute improvements to the project.

avatar for Kris Nóva

Kris Nóva

Chief OSS, Sysdig
Kris Nova, Chief Open Source Advocate at Sysdig, focuses on security, intrusion detection, and the Linux kernel with Kubernetes and eBPF. As an active advocate for open source, Nova is an ambassador for the CNCF and the creator of kubicorn, a successful Kubernetes infrastructure management... Read More →
avatar for Abhinav Srivastava

Abhinav Srivastava

VP and Head of Information Security, Frame.io
Abhinav Srivastava is the Head of Information Security at Frame.io, where he leads infrastructure, security, and compliance initiatives. Before joining Frame.io, Abhinav spent 6 years in AT&T Shannon Labs as a Principal Researcher working on systems, cloud, IoT, and network security... Read More →

Thursday November 21, 2019 2:25pm - 3:55pm PST
Room 31ABC - San Diego Convention Center Upper Level

4:25pm PST

Intro + Deep Dive: Specialized Network Protocols for IoT+Edge with Kubernetes - Steven Wong, VMware & Dejan Bosanac, Red Hat
This session will survey communication protocols and technologies used in the edge and IoT space. These use cases can call for specialized protocols and transports: -publish subscribe, multicast -protocols tolerant of intermittent connectivity -Protocols popular in industry verticals (vehicle bus, industrial automation, building automation) In some cases, support exists now for use with Kubernetes. If not, device gateways and protocol converters might be an option. Agenda: -survey of protocols and transport standards for IoT and edge -Intro to how a device gateway or protocol converter works -Intro to extending Kubernetes with CRDs to manage new device types -Deep Dive / Futures: Could the service mesh concept be extended beyond TCP, HTTP(s)? -Demonstration: Kubernetes management of an edge application using a specialized protocol -Demonstration: Use a device gateway with Kubernetes

avatar for Dejan Bosanac

Dejan Bosanac

Principal Software Engineer, Red Hat
I’m a software engineer at Red Hat with an interest in open source and integrating systems. Over the years I’ve been involved in various open source communities tackling problems like: Software supply chain security, IoT cloud platforms and Edge computing, Enterprise messaging... Read More →
avatar for Steven Wong

Steven Wong

Staff Engineer, VMware
Steve Wong has been active in the Kubernetes community since 2015. He is a co chair of the CNCF Working Group. Steve is co-chair of the VMware User Group on the Kubernetes project. He has implemented industrial control systems for many factories, pipelines, and process control systems... Read More →

Thursday November 21, 2019 4:25pm - 5:55pm PST
Room 31ABC - San Diego Convention Center Upper Level
  Maintainer Track Sessions
  • Experience Level Any
  • Session Slides Included Yes

Filter sessions
Apply filters to sessions.