Loading…
Attending this event?
In-person
19-22 March
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Monday, March 18
 

12:00 CET

AWS Immersion Day: Securing your Infrastructure as Code Hosted by Snyk, HashiCorp, and AWS
As teams leverage Infrastructure as Code (IaC) at scale, ops and platform teams are tasked with implementing provisioning standards to prevent security breaches, non-compliance, or provisioning practices that drive cloud waste.

With a developer-friendly approach to IaC security, operators are able to gain early visibility into possible security issues to ship more secure configurations in less time.

Join our hands-on (virtual) workshop with experts from Snyk, HashiCorp, and AWS to learn how to:
  -  Detect configuration issues directly in code and reduce risk to infrastructure deployments
  -  Automate security checks for infrastructure changes made across any major public cloud
  -  Embed 400+ quality security rules and policies for cloud resources, and Kubernetes, into each and every Terraform Cloud “Run”
  -  Quickly create and deploy secure workload and infrastructure configurations with fast, frustration-free fixes and context
If you’d like to participate in the hands-on portion of the event, please be sure to have the following software in your local machine:
  -  Create a free Snyk account
  -  Create a free Terraform Cloud account

Link to Join Workshop: https://snyk.zoom.us/j/99428658161

Please note that this is a VIRTUAL Sponsor-hosted Co-located event.

For questions regarding this event, please contact: david.lugo@snyk.io



Monday March 18, 2024 12:00 - 13:30 CET
Virtual

14:00 CET

 
Tuesday, March 19
 

07:30 CET

Badge Pick-Up
Tuesday March 19, 2024 07:30 - 17:30 CET
Pavilion 7 | Level 7.1 | Hall 7.1

07:30 CET

CloudNativeHacks
Set to run alongside KubeCon + CloudNativeCon Europe 2024, CNCF is excited to offer the first-ever hackathon, CloudNativeHacks, with challenges provided by the United Nations. This in-person event will kick-off at the Paris Expo Port de Versailles, the same venue as KubeCon + CloudNativeCon, on 19 March and run through 21 March. The winners will be announced and featured during the closing keynote on Friday, 22 March.
This inaugural hackathon will focus exclusively on advancing the delivery of the UN Sustainable Development Goals (SDGs). Participants will create AI or web applications to help support the 17 SDGs as these challenges can only be solved by a global partnership. The hackathon will bring developers together to solve some of the most pressing issues and contribute meaningfully to create a better, more sustainable world.
Registration to KubeCon + CloudNativeCon Europe 2024 is required and selected participants will receive a complimentary registration.
To apply for participation in CloudNativeHacks, complete the application by the 26 February, 08:45 CET (25 February, 23:45 PST) deadline. Review the FAQs for answers to questions you have, but should you still have questions, please reach out to hackathon@cncf.io. We look forward to having you with us, and Happy Hacking!

Tuesday March 19, 2024 07:30 - 19:00 CET
Pavilion 7 | Level 7.3 | E07 - E08

09:00 CET

Kubernetes on Edge Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Kubernetes on Edge Day Schedule is now LIVE!

Kubernetes on Edge Day invites developers and adopters from across the entire cloud native ecosystem to come together and share their insights and experiences in constructing, enhancing, and improving their edge infrastructure. This event is a must-attend for any developer interested in understanding how to deploy Kubernetes and cloud native projects at the edge.

By 2025, Edge Computing is projected to quadruple the size of cloud computing and will be responsible for generating 75% of the global data. With hardware and software dispersed across hundreds or even thousands of locations, the simple paradigms around observability, loosely coupled systems, declarative APIs, and strong automation that have propelled the success of cloud native technologies in the cloud are the only feasible way to manage these distributed systems. Kubernetes is already a significant component of the edge ecosystem, driving integrations and operations. Join us at Kubernetes on the Edge Day at KubeCon + CloudNativeCon and take part in defining the future intersection of cloud native and edge computing. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 09:00 - 12:30 CET
Pavilion 7 | Level 7.3 | S05

09:00 CET

Multi-TenancyCon Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Multi-TenancyCon Schedule is now LIVE!

Multi-TenancyCon is a vendor-neutral conference designed to foster collaboration, discussion, and knowledge sharing on Multi-Tenancy framework and technologies, and challenges for implementing and adopting in a production set-up. This event is aimed at audiences that are new to this concept of Multi-Tenancy as well as providing depth to those currently using Multi-Tenancy frameworks and technologies within their organization. Connect with others that are passionate about Multi-Tenancy and interact with open source project maintainers on this topic. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Multi-Tenancy in your cloud-native environment. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 09:00 - 12:30 CET
Pavilion 7 | Level 7.3 | S02

09:00 CET

OpenTofu Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
OpenTofu Day Schedule is now LIVE!

Join us for OpenTofu Day 2024, a dedicated day for the infrastructure-as-a-code community. We will bring practitioners, experts, and enthusiasts to in-person sessions on the essential topics of IaC, the plans for the OpenTofu releases, novel ideas, and projects built on top of OpenTofu.
Don’t miss this opportunity to learn, contribute, and join the OpenTofu community.

To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 09:00 - 12:30 CET
Pavilion 7 | Level 7.3 | E05 - E06

09:00 CET

ThanosCon Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
ThanosCon Schedule is now LIVE!

Join us in the first ever conference fully focused on the CNCF Incubated Thanos project! Learn from experts, connect with maintainers, end users and community members and get into the cost efficient, open-source scalable metric world now!

Learn from the experts:
  • What’s Thanos and how to contribute.
  • How to scale Thanos effectively and efficiently on production.
  • Common Thanos pitfalls.
  • How users size and deploy Thanos; what’s their benchmark results.
  • Innovative, pragmatic and powerful ways to integrate with Thanos.
  • Future of Thanos.

To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org

Tuesday March 19, 2024 09:00 - 12:30 CET
Pavilion 7 | Level 7.3 | Room E02

09:00 CET

Rancher Day Hosted by Rancher by SUSE
Enhance your knowledge at Rancher Day, a full-day immersive technical workshop led by the team behind popular open-source cloud-native tools Rancher and NeuVector. Learn the latest Kubernetes hacks as our engineers cover topics including; cluster optimization and implementation hacks, best practices in securing production-grade environments, and simplified application deployment in Kubernetes using open-source tools. This intermediate-level technical workshop is designed for operators and developers with basic Kubernetes experience. Spaces are limited and registration is required.

Please note that this is an off-site Sponsor-hosted Co-located event.

For questions regarding this event, please contact: todd.harrison@suse.com

Tuesday March 19, 2024 09:00 - 14:30 CET
Mercure Paris Porte de Versailles Expo, Eiffel Conference Room 36 38 Rue du Moulin, 92170 Vanves, France

09:00 CET

Operator Day Hosted by Canonical
Get ready for the 8th edition of operator day: Operate and scale open source software on Kubernetes

In this edition, we will focus on operators for popular open source software running on Kubernetes to create cloud-native solutions, including:

PostgreSQL Operator: Database servers are typical cases for automating operational tasks. See how the charm for PostgreSQL covers automation for disaster recovery and other management tasks.

MongoDB Operator: Learn how a charm for MongoDB supports deployment, management, patching, and upgrading on Kubernetes or IaaS clouds.

Modern Relationship-based Access Control (ReBAC) with OpenFGA: A context-aware ReBAC model based on OpenFGA provides more flexibility and expressiveness – perfect for running operators. See how the open source orchestration engine Juju takes advantage of a modern access model.


Please note that this is a VIRTUAL Sponsor-hosted Co-located event.

For event information, log-in and details, please visit:  https://app.myonvent.com/event/operator-day

For questions regarding this event, please contact: mohamed.elmasry@canonical.com



Tuesday March 19, 2024 09:00 - 15:00 CET
Virtual

09:00 CET

CalicoCon Hosted by Tigera (creator of Calico)
Join us for an immersive event led by the Calico team, where you'll gain education, training, and best practices of Kubernetes networking, security, and observability.

We will cover the state of Project Calico. Calico users & engineers will deep dive into various areas, including eBPF, Windows HNS, multi-cluster mesh, best practices for network policies, egress gateway, scale, performance, encryption, and compliance.

Attendees will get to ask their questions and network with the Calico engineering and leadership team.

We'll end with a reception where you can meet other Calico users on their Kubernetes journeys and those behind Calico.

Please note that this is an off-site Sponsor-hosted Co-located event.

Hall 78 at the Courtyard by Marriott Paris Porte de Versailles

For more information and event details, please visit:  https://www.tigera.io/lp/calicocon-2024/
For questions regarding this event, please contact: marketing@tigera.io



Tuesday March 19, 2024 09:00 - 16:00 CET
Courtyard by Marriott Paris Porte de Versailles 5 Rue Ernest Renan

09:00 CET

Azure Day with Kubernetes Hosted by Microsoft Azure
Join our team of Microsoft experts in-person to learn best practices for building cloud-native and intelligent apps with Kubernetes on Azure.

Please note that this is an off-site Sponsor-hosted Co-located event.

You must be registered in order to attend Azure Day with Kubernetes Hosted by Microsoft Azure
Please use the following Registration Link: Azure Day with Kubernetes

For questions regarding this event, please contact: v-lpalmer@microsoft.com

Tuesday March 19, 2024 09:00 - 17:00 CET
The Westin Paris 3 rue de Castiglione, 75001 Paris

09:00 CET

AppDeveloperCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
AppDeveloperCon Schedule is now LIVE!

AppDeveloperCon is designed for developers at all levels who are involved in the architecture, design, and development (using any programming language) of cloud-native applications. To learn more please visit our events website. 

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org



Tuesday March 19, 2024 09:00 - 17:30 CET
Pavilion 7 | Level 7.3 | S04

09:00 CET

ArgoCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
ArgoCon Schedule is now LIVE!

ArgoCon is designed to foster collaboration, discussion, and knowledge sharing on the Argo Project, which consists of four projects: Argo CD, Argo Workflows, Argo Rollouts and Argo Events.

The Argo Project is a suite of open source tools for deploying and running applications and workloads on Kubernetes. It extends the Kubernetes APIs and unlocks new and powerful capabilities in application deployment, container orchestration, event automation, progressive delivery, and more.

Connect with others that are passionate about Argo and interact with project maintainers. Learn from practitioners about pitfalls to avoid and best practices on how to adopt Argo in your cloud-native environment. Get inspired by and provide input to Argo leads on project roadmaps.

The event is vendor-neutral and is being organized by the CNCF Argo Community. Topics in the past have included getting started with Argo, scaling and managing Argo, lessons learned from production deployments, technical sessions, and thought leadership. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org




09:00 CET

BackstageCon Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
BackstageCon Schedule is now LIVE!

BackstageCon is a one-day conference focused on all things Backstage: an open platform for building developer portals. At BackstageCon, we’ll provide a vendor-neutral space for collaboration and learning centered on improving developer experience and effectiveness through open source technologies.

The event is vendor-neutral and organized by members of the Backstage community. To learn more please visit the event's website.

Tuesday March 19, 2024 09:00 - 17:30 CET
Pavilion 7 | Level 7.1 | Room C

09:00 CET

Cilium + eBPF Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Cilium + eBPF Schedule is now LIVE!

Cilium is an open source, widely-used, and highly scalable cloud native networking, observability, and security solution based on the kernel technology eBPF, that connects workloads in Kubernetes and beyond, with powerful built-in observability and security capabilities. Cilium + eBPF Day focuses on how Cilium and eBPF are being developed, deployed, and used across the cloud native landscape to revolutionize cloud native platforms.
At Cilium + eBPF Day you’ll hear from end users sharing how Cilium and other eBPF projects unlocked levels of scalability, performance, and security that weren’t possible before and from contributors who will teach you about how cloud native projects are leveraging eBPF to gain these benefits. From eBPF internals in cloud native projects to how Cilium and eBPF are helping businesses achieve their goals, you’ll hear it all at Cilium + eBPF Day. Dive deep into the world of high-performance networking, transparent security, and scalable observability at Cilium + eBPF Day! To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 09:00 - 17:30 CET
Pavilion 7 | Level 7.3 | S01

09:00 CET

Cloud Native AI Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Cloud Native AI Day Schedule is now LIVE!

Join us for an event dedicated to advancing batch workloads for High-Performance Computing (HPC) and seamlessly integrating AI/ML into Kubernetes. This gathering is tailored for a diverse range of technical enthusiasts, including open source contributors, practitioners, researchers, and end-users, all united by a common goal: enhancing Kubernetes as the ultimate infrastructure management tool for research, training, and production.

To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 09:00 - 17:30 CET
Pavilion 7 | Level 7.3 | S03

09:00 CET

Istio Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Istio Day Schedule is now LIVE!

Istio Day community event for the industry’s most popular service mesh, where you will find lessons learned from running Istio in production, hands-on experiences, and featuring maintainers from across the Istio ecosystem. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 09:00 - 17:30 CET
Pavilion 7 | Level 7.3 | S06

09:00 CET

Observability Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Observability Day Schedule is now LIVE!

Observability Day fosters collaboration, discussion, and knowledge sharing of cloud-native observability projects (including but not necessarily limited to Prometheus, Fluentd, Fluent Bit, OpenTelemetry, and OpenMetrics), as well as vendor-neutral best practices for addressing observability challenges.

To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

09:00 CET

Platform Engineering Day Hosted by CNCF - Full Day Event | ALL ACCESS PASS REQUIRED
Platform Engineering Day Schedule is now LIVE!

Internal Developer Platforms (IDPs) provide curated capabilities, frameworks and experiences to facilitate and accelerate the productivity of internal customers such as application developers. The process and techniques described in the CNCF Platforms White Paper and Platform Engineering Maturity Model highlight how organizations aspiring to build effective Developer Experience via an IDP require socio-technical investment. While many focus on the technical tools, this day will focus on how to grow an effective ecosystem around technical solutions. Platform Engineering Day brings together Platform Engineers, Product Managers, Solutions Architects and key stakeholders across the Cloud Native Community to share lessons learned in building and managing internal platforms, measuring platform maturity and improving golden paths and developer experience.To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.




Tuesday March 19, 2024 09:00 - 17:30 CET
Pavilion 7 | Level 7.1 | Room B

09:00 CET

CNCF Projects Lightning Talks
Join us for a rapid-fire journey through the CNCF ecosystem, where experts, including project maintainers and community members, share insights, innovations, and real-world applications of Cloud Native Computing Foundation projects. Each speaker has just five minutes to present, promising to enlighten and inspire with cutting-edge tools and practices that shape the future of cloud-native development. Whether you're a seasoned pro or just getting started, there's something for everyone in the world of Cloud Native Computing!

FAQ:
  • Do I need an all-access pass to attend the project lightning talks? No, you will only need your KubeCon + CloudNativeCon only pass for access.
  • When will the schedule of Project Lightning Talks be available? The week of February 26.


Tuesday March 19, 2024 09:00 - 17:30 CET
TBA
  Project Opportunities
  • Content Experience Level Any

09:00 CET

OpenShift Commons Gathering Hosted by Red Hat
This Hybrid OpenShift Commons Gathering will be held in-person and all talks will be delivered live and streamed live via Hopin to attendees around the globe. As always, our focus is on creating a welcoming and inclusive space for peer-to-peer interactions both in-person and online. This Gathering will focus on talks from and by Cloud Native practitioners with production deployments sharing their use cases, insights into their workloads and lessons learned along the way.

Please note that this is an off-site Sponsor-hosted Co-located event.

For event information and details, please visit: https://commons.openshift.org/gatherings/kubecon-24-mar-19/


For questions regarding this event, please contact: npazmino@redhat.com

Tuesday March 19, 2024 09:00 - 18:00 CET
Gaumont Aquaboulevard 16 rue du Colonel Pierre Avia, 75015 Paris

13:00 CET

Prêt-à-Déployer: Unleash the power of your data on K8s Hosted by Portworx by Pure Storage
Bienvenu!
Join us for a delightful journey into application modernization with Kubernetes & Portworx.
New services, improved productivity, scalability anywhere at any time, are Kubernetes promises.
Unlocking the potential of K8s implies unlocking the power of data, and we’ve got just the workshop to get you there!


Imagine managing databases and other stateful components, deploying and moving applications everywhere with the finesse of a French chef creating a culinary masterpiece.
We'll be talking about data availability, mobility and protection, sharing des histoires vraies, success stories and getting hands-on experience with Portworx products.


Whether you're a Kubernetes maître or just beginning your journey, this talk promises to be a véritable festin of insights into managing stateful applications while giving you the full control over your data.
So bring along your trusty laptop and we'll bring the clusters!
A bientôt!


Please note that this is an off-site Sponsor-hosted Co-located event.


For questions regarding this event, please contact: aspethmann@purestorage.com


Tuesday March 19, 2024 13:00 - 17:00 CET
Novotel Paris Porte de Versailles 4 avenue de la Porte de la Plaine - 75015 Paris

13:15 CET

Cloud Native StartupFest Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Join us for the second ever Cloud Native StartupFest. Cloud Native StartupFest will address topics only relevant to open source and cloud native startups. Get inspired by hearing from successful cloud native entrepreneurs, learn about some of the most exciting cloud native startups in the space, get a glimpse into the current state of fundraising and receive guidance on how to take your idea from community adoption to success. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.



Tuesday March 19, 2024 13:15 - 13:30 CET
Pavilion 7 | Level 7.3 | Room E01

13:15 CET

Data on Kubernetes Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Data on Kubernetes Day Schedule is now LIVE!

Data on Kubernetes has a transformative impact on organizations. The Data on Kubernetes Report reveals that many companies have increased their productivity twofold, regardless of their tech maturity. DoK Day is where the industry convenes to share best practices and use cases, forge critical relationships, and learn about advancements in using Kubernetes for data. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 13:15 - 13:30 CET
Pavilion 7 | Level 7.3 | S05

13:15 CET

Cloud Native Wasm Day Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Cloud Native Wasm Day Schedule is now LIVE!

Cloud Native WebAssembly Day highlights the growing importance and ubiquity of WebAssembly throughout the cloud-native ecosystem. As an application host, an application plugin, or an application platform, WebAssembly is a technology that is compatible with containers and Kubernetes but not dependent upon them. Along with devices, virtual machines, containers, and kubernetes, WebAssembly is an additional deployment method for workloads everywhere.To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 13:15 - 17:30 CET
Pavilion 7 | Level 7.3 | E05 - E06

13:15 CET

Kubeflow Summit Hosted by CNCF - Half Day Event | ALL ACCESS PASS REQUIRED
Kubeflow Summit Schedule is now LIVE!

Kubeflow is the MLOps platform of choice, used across the globe, by data scientists and machine learning engineers to develop and deploy models. It is a cloud-native application designed to run AI at scale.

Kubeflow Summit Europe 2024 brings together MLOPs users, enthusiasts, contributors, professionals and the Kubeflow community. During the event, we will foster collaboration, discussion and knowledge sharing about Kubeflow and its applications. This event is intended both for audiences who are new to the MLOps world and seasoned practitioners.

Kubeflow Summit EU 2023 will enable you to spend time peeking under the hood of major Cloud Native Computing Foundation Kubeflow projects and broadening your knowledge about MLOps.
The event is vendor-neutral and organized by members of the community. To learn more please visit the event's website.

For questions regarding this event, please reach out to cncfcolocatedevents@linuxfoundation.org.

Tuesday March 19, 2024 13:15 - 17:30 CET
Pavilion 7 | Level 7.3 | S02

14:00 CET

Marketing Office Hours
Meet the CNCF Marketing Team for Office Hours
  • Tuesday, 19 March: 14:00 - 16:00
  • Wednesday, 20 March: 13:00 - 15:00
  • Thursday, 21 March: By appointment

All office hours will be held in room 736 onsite at the conference center
Book your appointment here.

Tuesday March 19, 2024 14:00 - 16:00 CET
Pavilion 7 | Level 7.3M | Room 736

15:00 CET

Hands-On Cloud-Native Security Workshop Hosted by Sysdig
Bring your laptop and learn from experienced cloud native security engineers, and round out the evening with our security soiree!

We will start with an overview of key security concepts for containers, Kubernetes, and cloud-based workloads, then dive into the reality of what cloud attacks look like. We will have a series of hands-on exercises where you can see these principles in action. No previous security experience is required, but you should be familiar with the Linux command line and the core fundamentals around containers and Kubernetes.

Please note that this is an off-site Sponsor-hosted Co-located event.

For event information and details, please visit: https://www.eventbrite.com/e/hands-on-cloud-native-security-workshop-and-party-tickets-790404249387

For questions regarding this event, please contact: cindy.zane@sysdig.com




Tuesday March 19, 2024 15:00 - 21:00 CET
Courtyard by Marriott Paris Porte de Versailles 5 Rue Ernest Renan

17:00 CET

PaaS Forward feat. DJ KUNGS Hosted by OVHcloud + Rancher by SUSE
Looking for some cloud-native innovation mixed with a good taste of Parisian fun?
Look no further! PaaS Forward is the party to attend. We take care of everything, ensuring you have all the right tracks to move forward and an amazing experience to remember...

#NoKidding

Please note that this is an off-site Sponsor-hosted Co-located event.

For event information and details, please visit: https://events.ovhcloud.com/en/paasforward190324-20241903/
For questions regarding this event, please contact: event@ovhcloud.com



Tuesday March 19, 2024 17:00 - 23:30 CET
La Palmeraie 20 Rue du Colonel Pierre Avia, 75015 Paris

17:30 CET

⚡ Lightning Talk: AI and Kubernetes: Achieving Together in the Next Decade - Steven Zou, VMware
The rise of AI is reshaping various domains, and Kubernetes has become a key platform for deploying applications. The synergy between AI and Kubernetes will be crucial in the next decade. This lightning talk will focus on: OCI Artifact Integration: Leveraging OCI Artifact specification to integrate AI models and datasets into Kubernetes containers seamlessly. Interoperability: Exploring artifact replication for interoperability between model repositories and file storage, following OCI standards. Parallel Downloads: Utilizing OCI artifacts layering for parallel downloads, speeding up AI training workload deployment. Custom AI Pods: Creating dedicated AI Pods in Kubernetes for rapid bootstrapping of AI training or inference applications. Simplifying Kubernetes for AI: Tailoring Kubernetes for specific AI applications to accelerate adoption in the AI domain. Join us to uncover the future of AI and Kubernetes collaboration!

Speakers
avatar for Steven Zou

Steven Zou

Staff II Engineer, VMware, VMware
Steven Zou is a senior engineer with years of experience in cloud computing and cloud-native technology. He is currently working as a Staff II engineer at VMware, focusing on cloud-native and Kubernetes-related platform services. In addition, he is a core maintainer of the CNCF open-source... Read More →


Tuesday March 19, 2024 17:30 - 17:35 CET
Pavilion 7 | Level 7.3 | Paris Room

17:35 CET

⚡ Lightning Talk: Debunking Myths About Environmental Sustainability in the Cloud, Building a Greener CNCF Landscape - Niki Manoledaki, Grafana Labs & Kristina Devochko, Independent
Environmental sustainability is an increasingly important topic in general and in the cloud native and open source realm as well. However, with the steadily growing attention to the topic, misconceptions and doubts appear regarding the actual impact of proposed actions that are meant to promote environmental sustainability in the cloud. We would like to put our myth-busting hats on to address and debunk some of these misconceptions. We will provide an objective, evidence-based understanding of the real implications some actions may have on environmental sustainability in the cloud-native context. Join the Cloud Native Sustainability Mythbusters Squad, bring your open mind, discover facts, challenge assumptions, and contribute to a more informed and greener community.

Speakers
avatar for Niki Manoledaki

Niki Manoledaki

Software Engineer & CNCF Environmental Sustainability Lead, Grafana Labs
Niki Manoledaki is a software engineer, environmental sustainability advocate, keynote speaker, meetup organiser, and community facilitator. She advocates for environmental sustainability in the CNCF as a Lead of the CNCF Environmental Sustainability TAG where she co-chairs the Green... Read More →
avatar for Kristina Devochko

Kristina Devochko

Platform Engineer, Content Creator, TAG Environmental Sustainability Lead, Tietoevry, Public 360° unit
Kristina Devochko is a platform engineer, tech content creator, speaker and tech community contributor. She focuses on all things cloud native, Kubernetes and green tech. Kristina is an owner of kristhecodingunicorn.com tech blog, a CNCF Ambassador, Microsoft Azure MVP, CNCF TAG Environmental... Read More →


Tuesday March 19, 2024 17:35 - 17:40 CET
Pavilion 7 | Level 7.3 | Paris Room

17:40 CET

⚡ Lightning Talk: Expand Your Kubernetes Horizons with Multiple Service CIDRs: A Game-Changer for Network Management - Antonio Ojea, Google
Kubernetes Services are a crucial aspect of network communication within a Kubernetes cluster. Kubernetes clusters are configured at creation time with an IP address range from which Services are assigned IP addresses, and is not possible to safely change this range afterwards. The current approach of using a single service CIDR can pose several challenges, including: IP address exhaustion, network conflicts issues, and limited flexibility. To address these challenges, Kubernetes version 1.29 brings a new feature, described on the KEP-1880, that allows Kubernetes to manage multiple service CIDRs. This would enable the creation of separate service CIDRs, addressing the limitations of the current single service CIDR approach. This new feature will enhance the network management capabilities of Kubernetes, and provide a more scalable, secure, and flexible network environment.

Speakers
avatar for Antonio Ojea

Antonio Ojea

Software Engineer, Google
Antonio Ojea is a Software Engineer at Google, where he works on Kubernetes. He is one of the top contributors of the Kubernetes project, with a stronger presence on the areas of networking and reliability. He has a vast experience in Open Source, networking and distributed systems... Read More →


Tuesday March 19, 2024 17:40 - 17:45 CET
Pavilion 7 | Level 7.3 | Paris Room

17:45 CET

⚡ Lightning Talk: Help! My Envoy Sidecar Is Consuming 8GBs of Memory! - Krzysztof Słonka, Kong
You probably imagine scaling a Service Mesh is as smooth as scaling a Kubernetes cluster. From one node on your laptop to hundreds of nodes in a datacenter. In the beginning everything seems fine, but you might wake up one day, look at the metrics and see that the Envoy sidecar is consuming 8GBs of memory and 30% of the CPU. What on earth happened there? Well your system grew, but the Mesh grew even bigger. In this talk Krzysztof will go over algorithms that allow delivering incremental config updates (delta-xds, on-demand-xds) and explain why big systems that use “state of the world updates” cause Envoy to grow that big. Then he will focus on what can be done to improve the situation on the Control Plane and Envoy level and what is currently available in the off the shelf open source Service Meshes like Kuma, Istio, Consul.

Speakers
avatar for Krzysztof Słonka

Krzysztof Słonka

Senior Software Engineer, Kong
Krzysztof is a software engineer with a diverse background: back-end, front-end, Bluetooth Mesh and now Service Mesh at Kong. Currently working on Kuma an Open Source Envoy-based Service Mesh.


Tuesday March 19, 2024 17:45 - 17:50 CET
Pavilion 7 | Level 7.3 | Paris Room
  ⚡ Lightning Talks, Service Mesh

17:50 CET

⚡ Lightning Talk: How Did We Get Here? Why You Need Platform Engineering - Ettie Eyre, Ovo Energy
Everyone is telling you you need a shared platform. Clean interfaces for developers, automation of cloud native tools, empowering your developers to focus on core business value. All sounds great doesn’t it! But what if your organisation has an established cloud estate? What are the telltale signs your organisation needs a shared platform? How should you start your journey into platform engineering from where you are today? In this talk we will take a journey through Ovo’s history. We will look at past decisions we made, where this has led to inefficiencies, sharing some war stories along the way. Finally we will take a look at how we are solving these problems with our platform engineering journey.

Speakers
avatar for Ettie Eyre

Ettie Eyre

Ovo Energy
Ettie is a Production Engineer at Ovo Energy; building platforms, reusable tools and automation for teams across the business. Before joining Ovo, Ettie worked as a platform engineer at a number of different startups.


Tuesday March 19, 2024 17:50 - 17:55 CET
Pavilion 7 | Level 7.3 | Paris Room
  ⚡ Lightning Talks, Platform Engineering
  • Content Experience Level Any

17:55 CET

⚡ Lightning Talk: Decoding and Taming the Costs of Serving Large Language Models - Yuan Chen, NVIDIA
Running generative AI applications can be prohibitively expensive. This talk unravels the soaring costs of inference - providing real-time responses to user queries using large language models with billions or trillions of parameters.We estimate the staggering costs to serve individual user queries by accessing massive models, and delve into the performance and cost challenges, from GPU hardware accelerators to latencies in running ChatGPT. We then explore the potential for improving resource efficiency and performance of running large-scale AI applications on Kubernetes and in cloud-native environments through GPU resource sharing, advanced scheduling, and dynamic batching.We hope this talk will spur further discussion and collaboration within the CNCF community around taming the costs of deploying and scaling generative AI using cloud native technologies and best practices.

Speakers
avatar for Yuan Chen

Yuan Chen

Principal Software Engineer, Nvidia
Yuan Chen is a Principal Software Engineer at Nvidia. Before joining Nvidia, Yuan served as a staff software engineer at Apple, where he contributed to the development of Apple's Kubernetes infrastructure beginning in 2019. Yuan has actively contributed to the Kubernetes projects... Read More →


Tuesday March 19, 2024 17:55 - 18:00 CET
Pavilion 7 | Level 7.3 | Paris Room

18:00 CET

⚡ Lightning Talk: Language Inclusivity in Tech: A Call to Action - Ali Dowair, Independent
By and large, modern technology has been developed by, and for, English speakers. The CNCF (and the tech industry at large) have made massive, successful strides towards inclusivity, yet 80% of the world's population is still unrepresented in technology due to a language barrier. It does not help that most non-English speakers across the globe live in developing nations, where the opportunity to learn a second language is often a privilege. Everybody has the potential to be a developer, a creator, an inventor. Technology has the ability to transcend borders, but we must proactively ensure that speakers of all languages are able to come to the table as participants, rather than observers. This problem is tough, but not impossible, to solve. In this talk I will go over some open-source tools developers can use to localize their projects, highlight some successful CNCF efforts at breaking down these barriers, and give some more actionable ways attendees can get involved.

Speakers
avatar for Ali Dowair

Ali Dowair

Cloud Storage Software Engineer, Independent
Ali is a cloud storage software engineer with 3 years of experience in building virtualized and distributed storage solutions at Kasten by Veeam and Nutanix. An Egyptian national and second-language English speaker, he actively advocates for cross-team collaboration and improved communication... Read More →


Tuesday March 19, 2024 18:00 - 18:05 CET
Pavilion 7 | Level 7.3 | Paris Room

18:05 CET

⚡ Lightning Talk: Locking the Monster: Strategies to Isolate Resource Big Eaters - Peter Pan, DaoCloud
For Kubernetes containers on the same node, they may compete for crucial resources such as CPU, memory, network, disk, kernel parameters, GPU, and others. Although we are not defenseless: Kubernetes QoS , Quota and GC mechanism can restrict most potential problems. But for some other cases, pods may be able to break through container isolation walls (consciously or unconsciously), becoming disruptive neighbors, causing performance degradation, even node failures: examples: Pods eat up shared kernel resources( pid, fs.inotify), network resources(tcp_max_tw_buckets), overconsumption ..etc when goes to AI/LLM workloads, GPU contention is another main issue, as well as pod heavy stress on IO(gradient aggregation, checkpoint saving, dataset loading) This talk shares cases of resource-intensive pods and resource contention, then seek mitigation solutions, to minimize the impact of disruptive neighbors, enhance resource utilization, and prevent node failures.

Speakers
avatar for Peter Pan

Peter Pan

VP of R&D Engineering, DaoCloud
- DaoCloud Software Engineering VP - CNCF Open Source Enthusiast. - GithubID: panpan0000 Maintainer of some other open source projects: - Hwameistor (CNCF landscape, https://github.com/hwameistor/hwameistor) - Cloudtty (https://github.com/cloudtty/cloudtty) - Kubean (https://github.com/kubean-io/kubean... Read More →


Tuesday March 19, 2024 18:05 - 18:10 CET
Pavilion 7 | Level 7.3 | Paris Room

18:10 CET

⚡ Lightning Talk: Minecraft Meets Kubernetes: Crafting Future Developers on a Pixelated Playground - Jenny Bartz, MINNY.IO & Enrico Bartz, SVA GmbH
Embark on a captivating journey exploring the intersection of Minecraft, Kubernetes, and modern technology. This talk reveals the potential of a Kubernetes-native learning platform merged with Minecraft, empowering 8 to 11-year-olds to become digital pioneers. Learn how hosting Minecraft servers and understanding programming can spark a passion for technology. Discover how integrating the Kubernetes-based platform, HobbyFarm, with Minecraft education transforms learning into an adventurous, coding-rich experience. This innovative method inspires young developers, making education engaging and immersive. Join us in this unique venture, combining Minecraft, Kubernetes, and coding education. With HobbyFarm, we open a world of endless possibilities, inspiring the next generation of creators and innovators. Embrace this opportunity to shape future tech enthusiasts.

Speakers
avatar for Enrico Bartz

Enrico Bartz

OpenSource and Minecraft Enthusiast, SVA GmbH
Since beginning his journey in the IT world in 2008, Enrico Bartz has carved a unique path that blends the rigor of operations with the creativity of development. His career started in a traditional operations role, but over time, Enrico embraced the evolving landscape of IT, gaining... Read More →
avatar for Jenny Bartz

Jenny Bartz

Minecraft Education Ambassador, MINNY.IO
I'm a trained IT specialist turned graphic designer. My career transitioned from frontend development to graphic design. With motherhood, I pivoted to education, volunteering in schools during the pandemic. Since 2022, I'm building a non-profit that blends traditional and digital... Read More →


Tuesday March 19, 2024 18:10 - 18:15 CET
Pavilion 7 | Level 7.3 | Paris Room

18:15 CET

⚡ Lightning Talk: Rust-Based Magic: Streamlined and Secure - Christian Hüning, BWI GmbH
Read about Rust, and you hear claims that seem too good to be true: memory safety, zero-cost abstractions, blazing speed…all at the same time? Back in 2018, the Linkerd project chose Rust for its data plane, betting that the language really would deliver the kind of speed and security that handling user data required. In 2021, they brought Rust to the control plane, betting that projects like kube-rs and kubert had matured enough that they could get the same kinds of wins in Kubernetes controllers. Join us for a whirlwind tour of how those bets have paid off for the service mesh, how great it is not to worry about null pointers and memory stomps, and why more and more projects are adopting Rust.

Speakers
CH

Christian Hüning

Lead System Architect SL Cloud, BWI GmbH


Tuesday March 19, 2024 18:15 - 18:20 CET
Pavilion 7 | Level 7.3 | Paris Room

18:30 CET

Software Delivery & DevOps Meet-up Hosted by Harness
Following ArgoCon, join Harness for an evening of cocktails, small bites, networking and talks from engineering experts. They'll share how open source software is powering the next generation of DevOps platforms which are purpose built for cloud native environments. Plus, our lightning demos will give you the chance to present something you are working on to the audience!


Please note that this is an off-site Sponsor-hosted Co-located event.


For questions regarding this event, please contact: events@harness.io

Tuesday March 19, 2024 18:30 - 20:30 CET
750g La Table 397 Rue de Vaugirard, 75015 Paris, France

19:00 CET

House of Kube Hosted by Humanitec
The hottest party in cloud native comes back. This time in Paris.
You bring you, we take care of the rest.
Build real connections and hang out with pioneers from the cloud native world, enjoy the best food Paris has to offer (tsss cocktails too), dance to the funkiest house and techno beats.

Please note that this is an off-site Sponsor-hosted Co-located event.
For event information and details, please visit: https://www.houseofkube.com/
For questions regarding this event, please contact: mariya.skalka@humanitec.com

Tuesday March 19, 2024 19:00 - Wednesday March 20, 2024 02:30 CET
TBA
 
Wednesday, March 20
 

07:00 CET

Fun Run
Fun Run | Get your morning off to a great start by meeting up with a group of like-minded exercise enthusiasts for a morning pick-me-up before KubeCon kickoff! The Fun Run is hosted by a local running group who will provide a guided run past several city landmarks - a perfect way to wake up and build some energy on the first day. All paces are welcome!

Meeting Location | Outside Pavilion 7, Porte de Versailles - look for individuals holding Fun Run signs!

Meeting Time | 6:50, run begins at 7:00

Details | Three guided running groups to accommodate all running levels. These will be sightrunning tours without stops along the way.
  • Tour #1 - This more advanced group will run approximately 7km (Faster pace, but not too fast)
  • Tours #2 and #3 - These groups will run approximately 5k (Moderate/Slower Paces)

Participants are required to provide their own running attire and water. Paris in March can be cold so please come prepared.

Photos will be taken on the running tours; please let your guide know at the start of the tour if you do not wish to have your photo taken.

**You MUST be registered for KubeCon + CloudNativeCon Europe 2024 to participate**

Wednesday March 20, 2024 07:00 - 08:00 CET
Pavilion 7 | Main Entrance

07:30 CET

Badge Pick-Up
Wednesday March 20, 2024 07:30 - 18:00 CET
Pavilion 7 | Level 7.1 | Hall 7.1

07:30 CET

CloudNativeHacks
Set to run alongside KubeCon + CloudNativeCon Europe 2024, CNCF is excited to offer the first-ever hackathon, CloudNativeHacks, with challenges provided by the United Nations. This in-person event will kick-off at the Paris Expo Port de Versailles, the same venue as KubeCon + CloudNativeCon, on 19 March and run through 21 March. The winners will be announced and featured during the closing keynote on Friday, 22 March.
This inaugural hackathon will focus exclusively on advancing the delivery of the UN Sustainable Development Goals (SDGs). Participants will create AI or web applications to help support the 17 SDGs as these challenges can only be solved by a global partnership. The hackathon will bring developers together to solve some of the most pressing issues and contribute meaningfully to create a better, more sustainable world.
Registration to KubeCon + CloudNativeCon Europe 2024 is required and selected participants will receive a complimentary registration.
To apply for participation in CloudNativeHacks, complete the application by the 26 February, 08:45 CET (25 February, 23:45 PST) deadline. Review the FAQs for answers to questions you have, but should you still have questions, please reach out to hackathon@cncf.io. We look forward to having you with us, and Happy Hacking!

Wednesday March 20, 2024 07:30 - 18:30 CET
Pavilion 7 | Level 7.3 | E07 - E08

08:00 CET

EmpowerUs
Attendees who identify as women, non-binary individuals and allies are invited to join this networking breakfast for an open discussion about challenge, leadership, innovation, and empowerment in our fast-growing ecosystem.

Wednesday March 20, 2024 08:00 - 09:00 CET
TBA

09:00 CET

Keynote: Welcome + Opening Remarks - Priyanka Sharma, Executive Director, Cloud Native Computing Foundation
Speakers
avatar for Priyanka Sharma

Priyanka Sharma

Executive Director, Cloud Native Computing Foundation
Priyanka is the Executive Director of the Cloud Native Computing Foundation (CNCF) which serves as the vendor-neutral home for 100+ of the fastest-growing open source projects, including Kubernetes, Prometheus, and Envoy. She is also a co-creator of the Inclusive Naming Initiative... Read More →
avatar for Paige Bailey

Paige Bailey

Lead Product Manager (Generative Models), Google DeepMind, Google
avatar for Timothée Lacroix

Timothée Lacroix

Co-founder, Mistral AI
8 years as an engineer & PhD student at Meta, working on various AI topics. Joined forces with Guillaume Lample & Arthur Mensch in june 2023 to create Mistral AI
avatar for Jeffrey Morgan

Jeffrey Morgan

Founder, Ollama


Wednesday March 20, 2024 09:00 - 09:25 CET
Pavilion 7 | Level 7.3 | Paris Room

09:25 CET

Keynote: Accelerating AI Workloads with GPUs in Kubernetes - Kevin Klues, Distinguished Engineer, NVIDIA & Sanjay Chatterjee, Engineering Manager, NVIDIA
As AI and machine learning become ubiquitous, GPU acceleration is essential for model training and inference at scale. However, effectively leveraging GPUs in Kubernetes brings challenges around efficiency, configuration, extensibility, and scalability.

This talk provides an overview of the capabilities needed to address these challenges, enabling seamless support for next-generation AI applications on Kubernetes.

- GPU resource-sharing mechanisms such as MPS (Multiple-Process Service), Time-Slicing, MIG (Multi-Instance GPU), and GPU virtualization

- Flexible accelerator configuration using the traditional device plugin and the upcoming Dynamic Resource Allocation (DRA) feature

- Advanced scheduling and resource management techniques, including gang scheduling, topology-awareness, fault-tolerance and more

- Key learnings (and areas of improvement) necessary to scale multi-node AI/ML jobs in large production clusters

Some of these capabilities are already supported today and some of them are not. By addressing the remaining challenges, Kubernetes is poised to emerge as the go-to platform for accelerated AI/ML in the cloud, mirroring Linux's pervasive dominance in the datacenter.

Speakers
avatar for Kevin Klues

Kevin Klues

Distinguished Engineer, NVIDIA
Kevin Klues is a distinguished engineer on the NVIDIA Cloud Native team. Kevin has been involved in the design and implementation of a number of Kubernetes technologies, including the Topology Manager, the Kubernetes stack for Multi-Instance GPUs, and Dynamic Resource Allocation (DRA... Read More →
avatar for Sanjay Chatterjee

Sanjay Chatterjee

Engineering Manager, NVIDIA
Sanjay Chatterjee is an engineering manager at NVIDIA. He works on GPU compute infrastructure with a focus on GPU scheduling to enable DL/AI and HPC workloads scale on Kubernetes. Previously he worked on multiple DoE/DARPA funded advanced technology projects towards designing the... Read More →


Wednesday March 20, 2024 09:25 - 09:40 CET
Pavilion 7 | Level 7.3 | Paris Room

09:40 CET

Sponsored Keynote: Build an Open Source Platform for AI/ML - Jorge Palma, Principal PM Lead, Microsoft
Generative AI and LLMs get lots of attention, but many of us are still figuring out how to most effectively use AI in our platforms and tooling, while balancing cost and security.  

Deploying open source models on Kubernetes along with your own data keeps you in control, and open source tools, such as the Kubernetes toolchain operator (KAITO), can simplify training and inferencing for open source LLMs. KAITO uses the node autoprovisioning functionality from Karpenter, a Kubernetes subproject, which lets you improve the efficiency and cost of running AI workloads by provisioning GPUs right when you need them.

What can AI do for your platform? You get to decide by choosing the right mix of GPUs and models to meet your specific needs, while staying in control with open source.

Speakers
avatar for Jorge Palma

Jorge Palma

Principal PM Lead, Microsoft
Jorge is the Principal PM Lead for AKS (Azure Kubernetes Service) where he serves thousands of customers and mission critical application and helped lead the service to become the fastest growing service in Azure’s history. Formerly he was the Technical Lead for App Dev and DevOps... Read More →


Wednesday March 20, 2024 09:40 - 09:45 CET
Pavilion 7 | Level 7.3 | Paris Room

09:45 CET

Keynote: Optimizing Performance and Sustainability for AI - Lu Qiu, Alluxio; Susan Wu & Clayton Coleman, Google; Victor Jakubiuk, Ampere Computing; Ricardo Rocha, CERN
Moderated by Susan Wu, Outbound Product Manager, Google

The recent explosion of AI has created unprecedented demand for cloud resources to train and run these workloads, with the goal of achieving faster business value through AI but sacrificing operational and energy efficiency.

Learn about the ways to optimize your AI workloads on Kubernetes for TCO, performance and sustainability:

  • Clayton Coleman, Distinguished Engineer, Google, on making Kubernetes a simpler and more efficient platform for accelerators, high-scale frameworks, and more directly supporting key ML workloads like inference and training.
  • Victor Jakubiuk, Head of AI, Ampere Computing on using ARM for AI Inferencing to enhance performance while addressing their ESG goals for greater sustainability.
  • Ricardo Rocha, Computing Engineer, CERN on using GPU concurrency techniques, enabling higher GPU utilization and performance.
  • Lu Qiu, AI Platform Tech Lead, on using advanced data management approaches, focusing on innovative caching techniques to reduce inter-region data transfer costs while addressing data locality.

Speakers
avatar for Susan Wu

Susan Wu

Outbound Product Manager, Google as Moderator
Susan is an Outbound Product Manager at Google Cloud. She previously led product and technical marketing roles at Sun/Oracle, Canonical, Docker, Citrix, Midokura (SDN startup now part of Sony Group), VMware NSX and Tanzu Service Mesh. She is a frequent speaker at conferences such... Read More →
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer at CERN IT focusing on containerized deployments, networking and more recently machine learning platforms. He has led for several years the internal effort to transition services and workloads to use cloud native technologies, as well as dissemination... Read More →
avatar for Clayton Coleman

Clayton Coleman

Distinguished Engineer, Google
Architect, engineer, and strategic visionary for application platforms in the cloud.  Core contributor to Kubernetes and OpenShift, the open source platform as a service and the containerized cluster manager.  I helped launch the shift to cloud native applications and the platforms... Read More →
avatar for Lu Qiu

Lu Qiu

AI Platform Tech Lead, Alluxio
Lu Qiu is the PMC maintainer of the Alluxio open-source project and is the AI Platform Tech Lead at Alluxio.Lu is responsible for deeply cooperating with the open-source community to integrate Alluxio with deep learning training in the cloud. Lu received an M.S. degree from George... Read More →
avatar for Victor Jakubiuk

Victor Jakubiuk

Head of AI, Ampere Computing
Victor Jakubiuk is an AI entrepreneur and the Head of AI at Ampere Computing. Victor is a pioneer in the AI industry and has decades of experience building AI software solutions. Victor has a MS & BS in Computer Science from Massachusetts Institute of Technology and he is based in... Read More →


Wednesday March 20, 2024 09:45 - 10:00 CET
Pavilion 7 | Level 7.3 | Paris Room

10:00 CET

Keynote: The Cloud Native News Show: AI Breakthroughs Revealed - Nikhita Raghunath & Rajas Kakodar, VMware; Patrick Ohly & Cathy Zhang, Intel
Welcome to “The Cloud Native News Show”, your one-stop destination for the latest headlines in the dynamic world of cloud native and AI. Join us as we learn about the latest and cutting-edge advancements across CNCF projects, exploring the intersection of cloud native and AI like never before.

In this special AI edition, we'll embark on a journey through the evolving landscape of cloud native for AI and AI for cloud native. Our expert correspondents will provide coverage of ground breaking innovations, from revolutionary features to game-changing use of LLMs in Kubernetes.

With exclusive interviews, insightful analyses, and behind-the-scenes access to CNCF maintainers, "The Cloud Native News Show” promises to deliver the pulse of the rapidly evolving CNCF ecosystem.

So tune in as we decode the future of cloud native and AI and get ready to witness history in the making – this is "The Cloud Native News Show," where every headline is a step closer to tomorrow's breakthroughs.

Speakers
avatar for Cathy Zhang

Cathy Zhang

senior principal engineer, Intel
As a member of the CNCF TOC, Cathy has been sponsoring and guiding projects' applications for graduation/incubating, and reviewing/approving new sandbox projects. She has been a committee member for several KubeCon. Cathy is a currently Senior Principal Engineer at Intel, leading... Read More →
avatar for Patrick Ohly

Patrick Ohly

Cloud Software Architect, Intel GmbH
Patrick Ohly is a software engineer at Intel GmbH, Germany. In the past he has worked on performance analysis software for HPC clusters ("Intel Trace Analyzer and Collector") and cluster technology in general (PTP and hardware time stamping). Since January 2009 he has worked for Intel... Read More →
avatar for Rajas Kakodkar

Rajas Kakodkar

Senior Member of Technical Staff, VMware and Tech Lead, CNCF TAG Runtime, VMware
Rajas is a Senior Member of Technical Staff at VMware and a Tech Lead of Technical Advisory Group, Runtime in CNCF. He is currently serving as the Co-Chair for Cloud Native AI Day Paris 2024. He is active in the AI and WASM working groups in the CNCF landscape and a contributor to... Read More →
avatar for Nikhita Raghunath

Nikhita Raghunath

Staff Software Engineer, CNCF TOC Member, VMware
Nikhita is a staff software engineer at VMware and a maintainer of the Kubernetes project. She is a member of the CNCF Technical Oversight Committee and has won the CNCF Top Committer Award in 2021 for her technical contributions. She is currently the technical lead for Kubernetes... Read More →


Wednesday March 20, 2024 10:00 - 10:15 CET
Pavilion 7 | Level 7.3 | Paris Room

10:15 CET

Keynote: Platform Building Blocks: How to Build ML Infrastructure with CNCF Projects - Yuzhui Liu, Team Lead, Bloomberg & Leon Zhou, Software Engineer, Bloomberg
Join the Bloomberg Data Science Platform's engineering team as they share some of their experience in providing managed ML platforms that have been built with versatile, open source CNCF projects. This session will offer an overview, beginning with how to manage a Jupyter notebook platform using Istio, OPA, Web Assembly (WASM), and Calico to provide a secure interactive environment.

This talk will then share strategies and lessons learned for building a model training platform, utilizing Kubeflow training operators, cloud-native GPU components and Buildpacks. The speakers will also reveal how cross-cluster batch scheduling can be a game-changer to improve resource utility.

Moving onto Istio and KServe, this talk will also discuss how to set up a resilient model serving platform that is fit for production demands. By the end of this talk, you'll have a blueprint for building an efficient, scalable ML platform within the CNCF ecosystem. Let's build together!

Speakers
avatar for Leon Zhou

Leon Zhou

Software Engineer, Bloomberg
Leon Zhou is a software engineer on the Data Science Platform engineering team at Bloomberg. With prior experience in ML during his time at ByteDance and the University of Pennsylvania, he is now working on platform engineering to facilitate machine learning development, as well as... Read More →
avatar for Yuzhui Liu

Yuzhui Liu

Team Lead, Bloomberg
Yuzhui Liu leads a strong and dynamic engineering team at Bloomberg, which is focused on providing managed solutions for model training, notebook, and HPC infrastructure. She collaborates widely in the CNCF community, was a contributor to KServe, and is the co-chair for Cloud Native... Read More →


Wednesday March 20, 2024 10:15 - 10:30 CET
Pavilion 7 | Level 7.3 | Paris Room

10:30 CET

10:45 CET

Coffee Break ☕
Wednesday March 20, 2024 10:45 - 11:15 CET

10:45 CET

Solutions Showcase
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Wednesday March 20, 2024 10:45 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

10:55 CET

Project Pavilion Tour with Jorge Castro, CNCF
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!

Wednesday March 20, 2024 10:55 - 11:15 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | Project Pavilion
  Project Opportunities
  • Content Experience Level Any

11:15 CET

A GitOps Mistake That Destroyed a Database and Its Backups - Simon Koudijs, Viya
Using GitOps, Kubernetes, and ArgoCD to deploy and manage infrastructure is a cool endeavor that is very nice and satisfying most of the time. It can even be more useful when you also destroy your resources automatically. Very useful in many cases, unless it is not by intention. This is a true story about an absolute misadventure. It starts nice and cozy by deploying a database. It's all initiated in a GitOps way by pushing the required configuration into a helm chart that is deployed by an ArgoCD application. Then, a few months later, one tiny refactor quickly turns into a disaster because the app-of-app pattern disguises the true nature of the change. The cascading character of the applied mechanisms (auto-sync, pruning) even resulted in removing all available backups. Solid advice and learnings will be offered to ensure that you will not make the same mistakes.

Speakers
avatar for Simon Koudijs

Simon Koudijs

Technical Product Manager, Viya (powered by ShipitSmarter)
Simon Koudijs is a passionate engineer who has been programming since high school, and his love for it has only grown stronger. He has never lost his thrill for crunching numbers and creating eye-catching graphs. For Simon, true success lies in making observable improvements that... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience

11:15 CET

10 Years of Kubernetes Patterns Evolution - Bilgin Ibryam, Diagrid & Roland Huss, Red Hat
Much like the timeless 'Gang of Four' design patterns for object-oriented programming, Kubernetes has spawned its own timeless design patterns for distributed applications design. These patterns are not utilizing objects, classes, and interfaces, but new primitives pioneered by Kubernetes, such as Pods, Jobs, and Deployments, that span across processes, and nodes. In this talk, Bilgin will explore the top 10 most widely used Kubernetes design patterns and their evolution over the 10 years of Kubernetes existence. These patterns prevent reinventing the wheel by offering time-tested solutions to common challenges. Understanding this pattern language is crucial for grasping the Kubernetes' mindset, boosting your ability to comprehend, discuss, and design Kubernetes-based applications that are good cloud-native citizens set to last another decade.

Speakers
avatar for Roland Huss

Roland Huss

Senior Principal Software Engineer, Red Hat
Roland Huß is a software engineer at Red Hat with over 25 years of experience in programming. Currently serving as the architect for OpenShift Serverless and contributing to Knative upstream, he is the founder of Jolokia and creator of several developer tools for building and deploying... Read More →
avatar for Bilgin Ibryam

Bilgin Ibryam

Product Manager, Diagrid
Bilgin Ibryam is a technical product manager at Diagrid, working on developer productivity tools. Prior to this role, he served as a consultant and architect at Red Hat and has also been a committer and member of the Apache Software Foundation. Bilgin has also co-authored two books... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice

11:15 CET

A Decade of High-Volume Data and APIs: The Evolution of SIG-Apps - Maciej Szulik, Red Hat & Janet Kuo, Google
Over the last decade, Kubernetes expanded support for various workloads from stateless to stateful, from simple jobs to complicated batch workloads. All the APIs have become mature, consistent, and full-featured. We've been busy in SIG Apps, and there's more to come. In this session the SIG Apps leads will provide an overview of what has been accomplished since its inception. They will highlight major milestones, sub-projects and share various stories surrounding major events. They will also discuss how the work has been shared between SIG Apps, Work Groups and sub-projects. The session will conclude with an open discussion and Q&A. Attendees will learn about contributing to SIG Apps themselves.

Speakers
avatar for Janet Kuo

Janet Kuo

Staff Software Engineer, Google
Janet Kuo is a Staff Software Engineer at Google. She's joined the Kubernetes project since before the 1.0 launch in 2015. She is Kubernetes project maintainer, SIG Apps chair, and KubeCon co-chair emeritus. In her free time, she enjoys traveling and taking photos.
avatar for Maciej Szulik

Maciej Szulik

Senior Principal Software Engineer, Red Hat
Maciej is a passionate developer with almost 2 decades of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects with python. In his spare time he enjoys reading a good book or taking photos.


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | E05 - E06

11:15 CET

CoreDNS Plugins: A Deep Dive - John Belamaric, Google & Yong Tang, Ivanti
As a flexible and extensible DNS server with a focus on service discovery, CoreDNS has been widely used in different cloud-native systems. The extensibility of CoreDNS mostly comes from its plugin-based architecture that allows easy addition of new features. In this session, we will take a deep dive and discuss the rich plugin ecosystems of CoreDNS. We will learn the integrations of CoreDNS with cloud-vendors and how this fits hybrid-cloud strategy of different companies. We will also walk through a simple yet complete golang implementation of a CoreDNS plugin for demo purposes. At the end are the project update and road map for CoreDNS community.

Speakers
avatar for Yong Tang

Yong Tang

Senior Director of Engineering, Ivanti
Yong Tang is Senior Director of Engineering at Ivanti. He is a core maintainer of CoreDNS and contributes to many container, cloud-native, and machine learning projects for the open source community. In addition to CoreDNS, he is a maintainer of Docker/Moby. He is also a maintainer... Read More →
avatar for John Belamaric

John Belamaric

Sr Staff Software Engineer, Google
John is a Sr Staff SWE, and a co-chair of Kubernetes SIG Architecture, leading efforts on production readiness, conformance, and software architecture. He is co-founder of Nephio, an LF project for K8s-based automation of large scale telco edge deployments, and a maintainer of CoreDNS... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | N03

11:15 CET

Falco: A Grand Promenade Through Cloud Native Runtime Security - Luca Guerra, Leonardo Grasso & Jason Dellaluce, Sysdig; Carlos Tadeu Panato Junior, Chainguard; Melissa Kilby, Apple
In the bustling world of cloud-native runtime security, Falco is a reliable and effective real-time threat detection and compliance violation monitoring project and stands as an unwavering companion for your needs. Journey through Falco’s remarkable transformation, from its incubation days to its current standing as a CNCF-graduated project, witnessing its pivotal milestones: adept threat detection, intuitive rule structuring, performance enhancements catering to a burgeoning community, an adaptable plugin framework, enhanced user-friendliness, and a robust governance structure ensuring sustained success. Continuing this trajectory, Falco remains dedicated to relentless advancement, continuously refining its capabilities to detect stealthy cyber threats. Join us in celebrating Falco’s legacy and embracing its promising future.

Speakers
avatar for Carlos Panato

Carlos Panato

Staff Engineer, Chainguard
Carlos Panato (@cpanato) is a Staff Software Engineer at Chainguard, Inc., who’s working on development and infrastructure using Kubernetes and containers. Previously, he’s worked on development, testing, processes, and management. He contributes to several CNCF/LF projects and... Read More →
avatar for Leonardo Grasso

Leonardo Grasso

Falco Core Maintainer, Sysdig
Leonardo Grasso is an Open Source Software Engineer at Sysdig, based in Italy. He has a strong passion for software design and has long professional experience in the R&D field. Leonardo loves Linux, Kubernetes, Containers, Security, and building tools other engineers would like to... Read More →
avatar for Melissa Kilby

Melissa Kilby

Security Engineer | Falco Core Maintainer, Apple
Before joining Apple, Security Engineer Melissa Kilby contributed to US Government research projects and taught Applied Data Science at BlackHat. She has a Ph.D., specializing in machine learning and biomechanics. She has also contributed to NASA’s space suit engineering program... Read More →
avatar for Jason Dellaluce

Jason Dellaluce

Senior Open Source Engineer, Sysdig
Jason Dellaluce is an Open Source Engineer at Sysdig and a core maintainer of Falco, the CNCF tool for Cloud Native Runtime Security. On a daily basis, he contributes to the Falco Community and is exposed to Linux, Kubernetes, Containers, Security, eBPF, and the Open Source world... Read More →
avatar for Luca Guerra

Luca Guerra

Sr. Open Source Engineer, Sysdig
Luca is an experienced software engineer, specializing in software design and security research. His professional experience includes designing security solutions, building and breaking secure systems, and vulnerability management. Luca is a core maintainer for the Falco project and... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | W02-03

11:15 CET

OpenTelemetry: Project Updates, Next Steps, and AMA - Severin Neumann, Cisco; Austin Parker, Honeycomb; Trask Stalnaker, Microsoft; Daniel Gomez Blanco, Skyscanner; Alolita Sharma, Apple
Join us for the official OpenTelemetry session at KubeCon+CloudNativeCon. Governance committee members will provide insights into the latest developments since the last event in Chicago and offer a glimpse into the future of the project. This session is your chance to engage with OpenTelemetry contributors, ask questions about the project, and receive direct responses from maintainers who will be present at the event. Don't miss this opportunity to stay informed and contribute to the discussion on the exciting advancements within OpenTelemetry.

Speakers
avatar for Trask Stalnaker

Trask Stalnaker

Principal Software Engineer, Microsoft
OpenTelemetry Governance Committee, OpenTelemetry Java Instrumentation Maintainer, Glowroot Author, Java @ Microsoft
avatar for Alolita Sharma

Alolita Sharma

Engineering Leader, Apple
Alolita Sharma is a member of OpenTelemetry GC, CNCF Observability TAG co-chair and CNCF Governing Board member from Apple. She leads Apple’s AIML observability teams. She contributes to open source, open standards at OpenTelemetry, O11y Query Language standard, Unicode, W3C. She... Read More →
avatar for Austin Parker

Austin Parker

Director of Open Source, Honeycomb
Austin Parker has been solving - and creating - problems with computers and technology for most of his life. He is Principal Developer Advocate at LightStep and maintainer on the OpenTracing and OpenTelemetry projects. His professional dream is to build a world where we're able to... Read More →
avatar for Daniel Gomez Blanco

Daniel Gomez Blanco

Principal Software Engineer at Skyscanner, OpenTelemetry Governance Committee Member, Skyscanner
Observability lead at Skyscanner, member of the OpenTelemetry Governance Committee, and author of "Practical OpenTelemetry: Adopting Open Observability Standards Across Your Organization". Throughout my career, my main focus has been reducing the cognitive load required to operate... Read More →
avatar for Severin Neumann

Severin Neumann

Open Source Architect, Cisco
Severin is a member of the OpenTelemetry Governance Committee and a maintainer of OpenTelemetry SIG Communication (Docs, Website). Severin is an Open Source Architect at Cisco, where he is driving and coordinating Cisco’s contributions to the OpenTelemetry project and the engagement... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | N04

11:15 CET

Rook: Intro and Deep Dive with Ceph - Jean-Charles "JC" Lopez, Orit Wasserman, & Blaine Gardner, IBM; Alexander Trost, Koor Technologies
The Rook project will be introduced to attendees of all levels and experience. Rook is an open source cloud-native storage operator for Kubernetes, providing the platform, framework, and support for Ceph to natively integrate with Kubernetes. The panel will discuss various scenarios to show how Rook configures Ceph to provide stable block, shared file system, and object storage for your production data. Rook was accepted as a graduated project by the Cloud Native Computing Foundation in October 2020.

Speakers
avatar for Jean-Charles Lopez

Jean-Charles Lopez

Open Source SDS aficionado, IBM
Working with Ceph since 2013 and Rook since 2019, I am really into open source storage solutions and so eager to see it progressing into the container world.
avatar for Orit Wasserman

Orit Wasserman

Distinguished Engineer, IBM
Orit is a Distinguished Engineer at IBM, specializing in Software Defined Storage (Ceph) and storage for containerized apps (OpenShift Data Foundation) as well as hybrid/multi-cloud. With a strong background as a software engineer and architect, Orit's passion lies in open-source... Read More →
avatar for Blaine Gardner

Blaine Gardner

Senior Advisory Systems & Software Engineer, International Business Machines (IBM)
Blaine is a Senior Advisory Software Engineer at IBM Storage on the Ceph OpenShift Data Foundation (ODF) team. He is a maintainer of the CNCF-graduated Rook project making sure Ceph and Kubernetes live together in harmony. Their current focus topics are the Container Object Storage... Read More →
avatar for Alexander Trost

Alexander Trost

Alexander Trost, Koor Technologies, Inc
Founding Engineer at Koor Technologies, Inc. Rook Maintainer. Sysadmin, Developer and Gamer with passion. Kubernetes, Container and Storage. Certified Kubernetes Administrator.


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | E01-02

11:15 CET

Advanced Resource Management for Running AI/ML Workloads with Kueue - Michał Woźniak, Google & Yuki Iwai, CyberAgent, Inc.
Kueue is a Job-level queueing manager which stands up to the challenges of managing computational resources to run batch workloads on Kubernetes. We walk you through its architecture, demonstrating how it can be used to set up quota- and priority-based sharing of resources between multiple teams. We describe how the Kueue’s scheduler decides when to start or stop (preempt) a job. We showcase Kueue by its production use at CyberAgent, where it is a building block of the multi-tenant system, supporting multiple engineers and ML research teams; using multiple types of CPUs and GPUs. Here, Kueue manages various types of Jobs (batch Job, MPIJob, or in-house Jobs), using various ML frameworks (TensorFlow, PyTorch or DeepSpeed). Finally, we discuss the challenge of running ML training jobs which require all pods to be scheduled. We show how it is solved by using Kueue at CyberAgent, and how it can be solved using Kueue in the autoscaling environments with the new ProvisioningRequest API.

Speakers
avatar for Michał Woźniak

Michał Woźniak

Software Engineer, Google
Michał is a software engineer with background in computer science, a PhD in computational biology, and 5+ years of professional experience. In his current role he is focusing on enhancing the support for batch workloads in the Kubernetes ecosystem. Outside of work he enjoys playing... Read More →
avatar for Yuki Iwai

Yuki Iwai

Software Engineer, CyberAgent, Inc.
Yuki is a Software Engineer at CyberAgent, Inc. He works on an internal platform for machine-learning applications and high-performance computing. He is currently a maintainer of some Kubeflow WG AutoML / Training sub-projects. He is also a WG Batch member and a Kubernetes' Kueue... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | Paris Room

11:15 CET

OCI as a Standard for ML Artifact Storage and Retrieval - Peyman Norouzi & Eric Koepfle, Bloomberg
Bloomberg's internal Data Science Platform (DSP) provides infrastructure for the development and management of its ML initiatives. The DSP recently added a storage layer tailored to machine learning’s unique demands, specifically aspects like consistency, efficiency, provenance, and governance for ML assets. As container image registries become essential in cloud-native infrastructure, the Open Container Initiative's (OCI) artifact distribution specification has emerged as a versatile standard for managing ML assets. Utilizing container layering, versioning, and metadata addresses these ML-specific challenges. This talk presents our approach to storing and sharing ML models and datasets as OCI Artifacts, which are integrated into our platform – from model building to serving. The lessons learned from our experience will help those who want to adopt similar methods or explore OCI's role in the field of ML.

Speakers
avatar for Eric Koepfle

Eric Koepfle

AI Data Platform Engineer, Bloomberg
Eric has been designing and implementing distributed systems for Bloomberg since 2012.
avatar for Peyman Norouzi

Peyman Norouzi

Sr. Product Manager at Bloomberg L.P., Bloomberg
Peyman Norouzi is a Product Manager in the ML Platforms team in the Office of the CTO at Bloomberg, where he is focused on shaping the strategic direction and roadmap for the firm’s internal ML infrastructure. Outside of work, Peyman is all about films - watching, critiquing, and... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.1 | Room F
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

11:15 CET

Gen AI at the Edge: How Cloud Native Technologies Enable the Next Wave of Intelligent Applications - Kevin Wang, Huawei; Tina Tsou, LF Edge; Yin Ding, Google; Hongbing Zhang, DaoCloud
Generative AI (Gen AI) is a branch of AI that can create novel and realistic content, such as text, images, audio, and video. Gen AI has many potential applications in various domains, but also poses significant challenges for edge computing. Gen AI models, especially LLMs, require high-performance computing, large memory, and massive data, which are not always available at the edge. How can cloud native technologies, such as Kubernetes, containers, and microservices, help overcome these challenges and enable Gen AI at the edge? What are the trade-offs between cloud and edge for Gen AI? And what are the benefits and opportunities for the cloud native and edge computing ecosystems? Join this panel with us to discuss the state and future trends of Gen AI at the edge, the best practices and tools for cloud native Gen AI development and deployment, and the challenges and solutions for optimizing the performance, efficiency, and security of Gen AI models on different edge devices, etc.

Speakers
avatar for Kevin Wang

Kevin Wang

CNCF Ambassador, TOC contributor, Kubernetes emeritus Maintainer, Founder and Maintainer of multiple CNCF projects, Lead of Cloud Native Open Source Team at Huawei, Huawei
Kevin Wang has been an outstanding contributor in the CNCF community since its beginning and is the leader of the cloud native open source team at Huawei. Kevin has contributed critical enhancements to Kubernetes, led the incubation of the KubeEdge, Volcano, Karmada projects in CNCF... Read More →
avatar for Tina Tsou

Tina Tsou

Board Chair, LF Edge
Tina Tsou, Director of Infrastructure Ecosystem at Arm, is a recognized leader in open source software, cloud infrastructure, and edge computing. She chairs the Kubernetes Edge Day events under the Cloud Native Computing Foundation (CNCF) and serves as the Board Chair of LF Edge... Read More →
avatar for Yin Ding

Yin Ding

Engineering Manager, Google
Yin Ding, an Engineering Manager at Google, lead the Kubernetes Hardening team and brings over 15 years of expertise in large-scale and distributed computing. As a co-founder of the CNCF KubeEdge open-source project and the TSC Chair of LF Edge Akraino, Yin Ding has made significant... Read More →
avatar for Hongbing Zhang

Hongbing Zhang

Chief Operating Officer, DaoCloud
Hongbing Zhang is Chief Operating Officer of DaoCloud. He is a veteran in open source areas, he founded IBM China Linux team in 2011 and organized team to make significant contributions in Linux Kernel/openstack/hadoop projects. Now he is focusing on cloud native domain and leading... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | S04
  Networking + Edge + Telco

11:15 CET

Agent-Based Design for Automating Large-Scale K8s Operations - Karan MV, GitHub
GitHub is home to 100+ million developers who use hundreds of millions of repositories. Kubernetes is at the core of the paved path at GitHub for running containerized services, which powers many microservices of the GitHub platform and some key internal tools. The Kubernetes footprint at GitHub includes multiple clusters in multiple regions with thousands of nodes. To operate such a large K8s footprint efficiently, reliably and securely, GitHub has built internal tools that implement an agent-based K8s lifecycle management. This design and tools help codify operator tasks and reliably apply changes and upgrades to clusters across both the control plane and the worker nodes. In this talk, you'll hear more about: - K8s footprint at GitHub and how it forms a part of the paved path - The agent-based K8s lifecycle management design and how it helps in operating large-scale clusters - Examples of how K8s infra at GitHub helps power some large-scale services, including GitHub Copilot

Speakers
avatar for Karan MV

Karan MV

Senior Manager, Developer Relations at GitHub, GitHub
Karan leads a developer relations team at GitHub, focussed on supporting developer ecosystems in India and Latin America, by helping them in their journey with open source and GitHub. He is passionate about DevOps, and is also an active developer contributing to engineering at GitHub... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance

11:15 CET

Architecting Resilience: Lessons from Managing 7K+ Kubernetes Clusters at Scale - Kwanghun Choi & Gyutae Bae, Kakao
As a Kakao’s private Kubernetes as a Service team member, we manage over 7K+ clusters, 100K+ nodes. Due to a data center fire that occurred last year, we experienced significant economic and social impacts. Many developers within the company utilize Kubernetes clusters, and the various services which run on Kakao's services each use multiple clusters. In this situation, failure in a data center would affect multiple services. Therefore, cluster high-availability has become an important consideration, and we have been thinking about how to provide highly available Kubernetes clusters more efficiently for developers. In this talk, we will describe the design ideas we had for providing highly available Kubernetes clusters and the various problems and concerns we encountered while implementing them.

Speakers
avatar for Gyutae Bae

Gyutae Bae

Cloud Platform Engineer, Kakao
Gyutae is a member of the Cloud Platform team at Kakao corp. focuses on Kubernetes. He has been developing and maintaining a private Kubernetes As A Service that runs on OpenStack-based IaaS for Team. He did quite a lot of things for that system, which includes designing and developing... Read More →
avatar for Kwanghun Choi

Kwanghun Choi

Cloud Platform Engineer, Kakao
Kwanghun is a member of the cloud platform team at Kakao Corp. focusing on Kubernetes. He develops and maintains a private Kubernetes as a Service running on OpenStack-based IaaS for the team. He is also the developer of an automatic version upgrade API for the private Kubernetes... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

11:15 CET

Is Serverless Powerfully Powerless? - Jose Gomez-Selles & Kevin Dubois, Red Hat
One of the main benefits and selling points of serverless solutions like Knative is that it saves CPU cycles and RAM consumption (and by extension, money) by only using resources when they are actually needed. Because of that, we would semi-automatically infer that using a serverless approach when architecting our applications is the way to go if we want to be efficient and do our planet a favor by saving energy. But wouldn’t it be nice to, actually, have some data to support this statement? Until very recently, we could only guess. But technology is advancing fast and now we have tools to observe and test this hypothesis. In this talk we will show if, and if so how much, serverless can save not only in computing power but real energy as well. We will do this by actually measuring energy consumption of nodes and workloads with Kepler and shed some light on this topic to figure out if our assumptions are true, or just a myth which needs to be busted.

Speakers
avatar for Kevin Dubois

Kevin Dubois

Principal Developer Advocate, Red Hat
Kevin is a Java Champion, software engineer, author and international speaker with a passion for Open Source, Java, and Cloud Native Development & Deployment practices. He currently works as developer advocate at Red Hat where he gets to enjoy working with Open Source projects and... Read More →
avatar for Jose Gomez-Selles

Jose Gomez-Selles

PhD, Senior Product Manager, Red Hat
Senior Product Manager in Observability and Sustainability at Red Hat. In a previous life, he did a PhD for nanothings. Keys, metal and virtual racing.


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.1 | Room A
  SDLC

11:15 CET

OAuth2 Token Exchange for Microservice API Security - Ahmet Soormally & Letz Yaara, Tyk
APIs need a way to authenticate, authorize and propagate identity between services. Load Balancers, API Gateways, ingress and chained microservice calls make propagating identity and authorization in a secure manner significantly more complex. In this session, we will dive into typical OAuth2.0 flows with practical examples using Keycloak. We will then illustrate some of the challenges you will face applying OAuth2 in a microservice environment, alongside the typical workarounds or hacks that are seen in the wild. We will discuss advantages and drawbacks of each approach, and most importantly highlight potential vulnerabilities. Finally, we will present a relatively new standard known as the OAuth2 Token Exchange RFC8693 as a recommended approach to authorization and propagating identity using Keycloak to demonstrate. Key Points: - OAuth 2.0 Essentials - Live Demo: with shortcomings applying OAuth2 in a microservice environment - Token Exchange RFC8693 Importance

Speakers
avatar for Yaara Letz

Yaara Letz

Yaara Letz, Tyk
Yaara Letz is the Head of DevX at Tyk, a cool Open Source API Gateway and Management Platform. She loves to understand users’ needs and their JTBD to rock the business value. She is passionate about building an innovative DX framework for a smooth SDLC that can deliver high-quality... Read More →
avatar for Ahmet Soormally

Ahmet Soormally

Head of R&D, Tyk Technologies
Ahmet is Head of R&D at Tyk Technologies, an Open Source API Gateway and Management Platform. He has over 10 years experience designing, building and generally wrangling APIs as both an API consumer and producer. Ahmet designed and brought to market the Tyk Kubernetes Operator - which... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.1 | Room D
  Security
  • Content Experience Level Any

11:15 CET

Sponsored Session: American Airlines Increases Velocity by Leveraging K8s at Scale and Autonomous App-level Optimization - Vijay Premkumar, American Airlines & Markus Flierl, Intel
As American Airlines moves more of its workloads to the cloud, automation has taken a more crucial role in making platforms such as AKS more efficient.

American Airlines will share how they partnered with Intel Software and solved the trade-off between new features and performance optimization, allowing them to focus on time to market rather than costs, and how they used automation to improve performance metrics and lower K8s costs.

Explore the advantages of optimization for K8s-based workloads and best practices for capacity optimization, followed by a deep dive into the untapped final step of the optimization journey, autonomous, continuous app-level optimization.

Speakers
avatar for Markus Flierl

Markus Flierl

CVP Cloud Services, Intel
Seasoned Silicon Valley technology leader, Markus  with a solid track record of delivering and operating cutting edge end-to-end solutions in compute, networking and storage for large-scale public, private and hybrid cloud enterprise environments spanning the entire software stack... Read More →
avatar for Vijay Premkumar

Vijay Premkumar

Sr. Manager – Product Management, Cloud & Engineering Platforms, American Airlines
With over 20 years of experience in cloud and platform engineering, Vijay is a senior manager of cloud engineering at American Airlines, where he oversees the public and private cloud infrastructure and services, as well as the FinOps and automation initiatives. Vijay is passionate... Read More →


Wednesday March 20, 2024 11:15 - 11:50 CET
Pavilion 7 | Level 7.3 | S05

11:15 CET

AI HUB | 🤖 Welcome, Keynote, and Unconference Pitches + Talk Selections
The AI Hub is back! This one-day unconference will explore AI topics impacting the cloud native community. LLMs, AI policy, AI operations, AI data governance and more. Join us for active conversations and learn from your peers on how they are using AI in their organizations.

  • Have an unconference session idea? Bring it with you! Sessions will be collected/posted in person. Unconference sessions are casual group conversations about a topic, so no need to bring anything other than yourself and your thoughts to share with the group.
  • Have a cool topic you'd like to discuss? What are you most interested in hearing about? What questions do you have around AI? Share those ideas here! (Note this is not a topic submission.) Please submit all thoughts, interests, and questions by EOD Monday, 18 March.

Agenda
11:15 - 11:20 | Welcome
11:20 - 11:55 | Keynote
11:55 - 12:30 | Unconference Pitches + Talk Selections

12:30 - 13:05 | Unconference Sessions Round 1
13:05 - 14:30 | Lunch - Sponsor Showcase
14:30 - 14:35 | Welcome Back
14:35 - 15:00 | Demo
15:00 - 15:35 | Unconference Sessions Round 2
15:35 - 16:10 | Unconference Sessions Round 3
16:10 - 16:30 | Coffee Break
16:30 - 17:05 | Unconference Sessions Round 4
17:05 - 17:15 | Wrap Up + Thank You's

Click here for the shared Google folder to add your unconference session notes

Wednesday March 20, 2024 11:15 - 12:30 CET
Pavilion 7 | Level 7.3 | W06-07
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

11:15 CET

CNCF Governing Board Town Hall
All members of the CNCF community are welcome to join us for this town hall meeting, at which you can learn about the CNCF Governing Board, ask questions, and provide feedback on the cloud native ecosystem.

Wednesday March 20, 2024 11:15 - 12:45 CET
Pavilion 7 | Level 7.3 | S06

11:15 CET

Tutorial: Chaos Unleashed Workshop: Embrace the Chaos in Real-Time! - Nele Lea Uhlemann, Fiberplane & Guillermo Ruiz, AWS
Get ready for a hands-on chaos engineering workshop that takes interactive learning to the next level! Picture yourself immersed in a chaotic environment, guided by a captivating narrative, and empowered to shape both the chaos and its resolution. G and Nele will kick off with a ChaosToolkit-driven simulation of pod and network failures in a production Kubernetes environment. Attendees, using a voting app, will collaboratively troubleshoot the system, exploring insights through examining logs, metrics, traces, and terminal outputs. Essential tools, such as Prometheus, alongside visualization in Perse, will play a key role in the workshop. Recognizing that humans are integral to such scenarios, dice rolling will introduce some unplanned humanistic chaos. This workshop combines the excitement of a live-action game with the principles of chaos engineering, delivering a unique and unforgettable experience. Join the open chaos and find out if we can escape from it in 90 minutes.

Speakers
avatar for Nele Lea Uhlemann

Nele Lea Uhlemann

Developer Advocate, Fiberplane
Nele Uhlemann is a Developer Advocate at Fiberplane. Her passion is enabling collaboration among multiple stakeholders that are involved in building and running Software. Switching sides from application development to infrastructure topics she understands the challenges to enable... Read More →
avatar for Guillermo Ruiz

Guillermo Ruiz

Sr. Developer Advocate, AWS
Developer Advocate with roots in infrastructure and a passion for DevOps, IoT, and robotics. Co-founder of a trailblazing startup and architect of services across leading cloud platforms. Bridging the gap between code and community


Wednesday March 20, 2024 11:15 - 12:45 CET
Pavilion 7 | Level 7.3 | N01-02
  Tutorials, Cloud Native Novice
  • Content Experience Level Any

11:15 CET

🚨 Contribfest: Armada Working Session: Write a Unit Test for Jobs in Non-UTC Timezones
This is a Good First Issue and we would love to engage the community's help to make Armada more accessible to contributors. Details: Running the Armada unit-tests (by doing mage tests) results in 3 consistent test failures, when the host system's timezone is not set to UTC. These are where timestamp values from Postgres are returned in the local timezone offset, and not the "Zulu"/UTC time as expected in the tests.

Speakers
avatar for Dejan Zele Pejchev

Dejan Zele Pejchev

Open Source Engineer, G-Research
Dejan is a seasoned Software Engineer with over 8 years of experience building and scaling distributed systems and an advocate of open source & Kubernetes-native solutions.Dejan is also a maintainer of Armada, the Kubernetes multi-cluster batch scheduling tool, Testkube, the Kubernetes-native... Read More →
avatar for Caterina Rindi

Caterina Rindi

Director Developer Relations and Community, G-Research
Caterina started her professional career teaching bilingual kindergarten, and is still using those skills in her current role as Director of Community and Developer Relations for the Open Source Software team at G- Research. She has been working with remote teams in the P2P, blockchain... Read More →


Wednesday March 20, 2024 11:15 - 12:45 CET
Pavilion 7 | Level 7.3 | W01

12:10 CET

Cloud Native Desktops in Action - Thomas Fricke, Freelancer
The talk shows the state of the art of highly integrated cloud native desktops. Office (Text, Spreadsheets, Presentation), Communication (Chat, Video Calls, Email) and Business Processes (Search, Archive, Project Management, Low Code Programming). The German administration has started an Open Desk initiative as part of their Digital Sovereignty strategy which has been developed into a full fledged set of integrated applications running in the browser. Other solutions are used in highly secured environments in the industry. The talk shows what is possible and what is needed to move the entire desktop stack into a cloud. The speaker has been involved in this projects as CI/CD as an Open Source, Kubernetes and cloud security architect.

Speakers
avatar for Thomas Fricke

Thomas Fricke

Cloud Security Architect, Freelancer
Thomas Fricke has been working with containers and Kubernetes for 9 years, with Linux and networks for 30 and with computers for 40. His focus is on security in KRITIS environments (energy, health care) and the all the transformations that are necessary to turn these environments... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience

12:10 CET

An Acronym Free Introduction to Software Supply Chain Security - Joshua Lock, Verizon
No acronyms, just principles. In recent years, since Secure Software Supply Chain (and similar terms) entered the standard software development lexicon, it has become increasingly difficult for even subject matter experts to unpack all of the standards, tools, legislation, and more. This talk is designed to provide a lighthearted foundation for exploring and understanding the rapid-moving space of software supply chain security without using unfamiliar acronyms or expecting any expert knowledge. We will introduce principles and practices that can help to secure any software supply chain, regardless of size or infrastructure, and refer to open source projects and standards that can help achieve the principle in your own software supply chains. We’ll also introduce some common terms, so that you can bust them out in future discussions and impress your friends.

Speakers
avatar for Joshua Lock

Joshua Lock

Distinguished Engineer, Verizon
Joshua is Open Source Architect in Verizon's Open Source Program Office, where he leads efforts to improve consistency around how Verizon uses open source. As part of his work at Verizon he works upstream on software supply chain security standards and tools; he is a steering committee... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice
  • Content Experience Level Any

12:10 CET

Distributed Tracing with Jaeger and OpenTelemetry - Pavol Loffay, Red Hat & Jonah Kowall, Aiven
In this session, we will introduce the Jaeger project, explain distributed tracing concepts, and the value it brings compared to other telemetry signals like metrics and logs. The session will continue with a live Jaeger demo after which the audience will understand the platform features. Then we’ll delve into service performance monitoring, the future of Jaeger as we move towards our next major version V2, and further integration with the OpenTelemetry project. We will finish by talking about the roadmap and how to get involved with the project including our expanding LFX mentorship program.

Speakers
avatar for Pavol Loffay

Pavol Loffay

Principal Software Engineer, Red Hat
Pavol Loffay is a principal software engineer at Red Hat working on open-source observability technology for modern cloud-native applications. Pavol contributes and maintains Cloud Native Computing Foundation (CNCF) projects OpenTelemetry and Jaeger. In his free time, Pavol likes... Read More →
avatar for Jonah Kowall

Jonah Kowall

VP Product Management, Aiven
Jonah Kowall, computer scientist and open-source contributor to Jaeger (Maintainer),  OpenSearch (Leadership Committee Member), OpenTelemetry. A technical leader across startups to large enterprises specialized in operations, security, and performance. Led Gartner research on monitoring... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | N03

12:10 CET

Enforcable Software Supply Chain Policies and Attestations Using in-Toto - Alan Chung Ma & Santiago Torres-Arias, Purdue University
The SUNBURST attack (of SolarWinds) from 2020 has become the poster child for the software community as to what could go wrong. To meet new cybersecurity regulations, software producers are capturing metadata that shows the integrity of their supply chain. CNCF projects like in-toto / Witness capture machine-verifiable attestations about software supply chain operations. Frameworks like SLSA provide guidance on the type of attestations to generate. However, the real value of such attestations comes from verifying them against strict security policies that enforce a consumer’s expectations about the integrity of their software supply chain. In this talk, we walk through specific policies that can defend against high-profile supply chain attacks. We dive into the TAG-Security catalog of supply chain attacks like SUNBURST and describe how in-toto can be configured to reduce the likelihood of such attacks. We also contextualize this with SLSA specifications and US/EU regulations.

Speakers
avatar for Santiago Torres-Arias

Santiago Torres-Arias

Assistant Professor of Electrical and Computer Engineering, Purdue University
Santiago is an Assistant Professor at Purdue's Electrical andComputer Engineering Department. His interests include binaryanalysis, cryptography, distributed systems, andsecurity-oriented software engineering. His current researchfocuses on securing the software development lifecycle... Read More →
avatar for Alan Chung Ma

Alan Chung Ma

Student, Purdue University
Alan is a Computer Engineering student at Purdue University. He is passionate about open software and has contributed to software supply chain security projects such as in-toto and sigstore.


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | W02-03

12:10 CET

Planning for Maturity: SIG Release's Revamp for a More Stable Kubernetes - Adolfo García Veytia, Stacklok & Kat Cosgrove, Dell Technologies
Releasing the largest Go project in the world is a constantly evolving challenge. The rate of change varies, active contributors increase in some areas and shrink in others. But as Kubernetes transitions to maturity, one thing is clear: the number of features in each release grows, and the number of users keeps rising, as does the demand for the artifacts SIG Release builds and publishes monthly. The two subprojects of our group, Release Engineering and the Release Team, have recently embarked on new plans for 2024 and beyond. SIG Release will kick start new work and introduce new processes to keep up with its mission to make Kubernetes releases more introspectable, secure, and consumable. During the talk, we will lay out the upcoming work including making artifact validation more robust, revamping our packaging infrastructure, redesigning the K8s security feed, and improvements to the Release Team like the new Release Signal subteam and the revamped document freeze process.

Speakers
avatar for Kat Cosgrove

Kat Cosgrove

Lead Developer Advocate, Dell Technologies
Kat is a Lead Developer Advocate at Dell focused on the growth and nurturing of open source through authentic contribution. In particular, her specialties are approachable 101-level content and deep dives on the history of technology, with a focus on DevOps and cloud native. She has... Read More →
avatar for Adolfo García Veytia

Adolfo García Veytia

Staff Software Engineer, Stacklok
Adolfo García Veytia (@puerco) is a staff software engineer with Stacklok. He is one of the Kubernetes SIG Release Technical Leads. He specializes in improvements to the software that drives the automation behind the Kubernetes release process. He is also the creator of the OpenVEX... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | E05 - E06

12:10 CET

The State of Backstage in 2024 - Ben Lambert & Patrik Oldsberg, Spotify
Join some of the maintainers for the latest news on the Backstage project. The past year has brought a slew of new features to Backstage, both large and small. They will dive in and highlight some of these improvements, in order to help you get the most out of your own Backstage setup. The talk will also cover the latest updates on the Backstage project governance and processes, including Backstage Enhancement Proposals, the Community Plugins repository, and more. Finally there will be a look towards the future, highlighting the roadmap going forward and what to be excited for in the coming year!

Speakers
avatar for Patrik Oldsberg

Patrik Oldsberg

Senior Engineer, Spotify
Patrik is a Senior Software Engineer at Spotify and a core maintainer of Backstage. In 2019 he joined the team in Spotify’s platform organization that owned the Backstage platform, and worked together with the rest of the team to bring it out in the open. Before joining Spotify... Read More →
avatar for Ben Lambert

Ben Lambert

Senior Engineer, Spotify
Ben is an Engineer at Spotify and a Maintainer of Backstage.io


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | N04

12:10 CET

Vitess: Introduction, New Features and the Vinted User Story - Florent Poinsard & Deepthi Sigireddi, PlanetScale; Kazimieras Aliulis, Vinted
Welcome to the Vitess maintainer track session! Today, you will learn what Vitess is, hear about its high level architecture and the feature set it offers. After that, you will hear a real world story on how migrating to Vitess improved sleep quality for Vinted SRE and developer teams. You will see the steps Vinted took to go from the struggle of managing multiple database clusters to confidence that they can use Vitess to scale databases as much as needed. You will finally hear about what is new in recent Vitess releases and see a preview of planned features.

Speakers
avatar for Florent Poinsard

Florent Poinsard

Software Engineer, PlanetScale
Florent has been working at PlanetScale as a software engineer for over two years. He is a maintainer of Vitess, an open-source cloud-native database. He spends most of his weekends traveling, taking photos, and snowboarding when weather allows it.
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Vitess Engineering Lead, PlanetScale, Inc.
Deepthi is the Technical lead for Vitess, a CNCF graduated open source project. She also leads the Vitess engineering team at PlanetScale which offers a database service built on Vitess. She brings over 20 years of experience building scalable systems to this role. She enjoys speaking... Read More →
avatar for Kazimieras Aliulis

Kazimieras Aliulis

Site Reliability Engineer, Vinted
Kazimieras is a Site Reliability Engineer at Vinted passionate about scaling out infrastructure and database systems.


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | E01-02

12:10 CET

Accelerating Kubernetes Data Intensive APPs with Cloud Native Local Storage - Simon YN Zhao & Zhou Mingming, DaoCloud
Data intensive APPs in Cloud Native environments like AI/ML, middleware (MQ, Kafka, MySQL), edge computing, virtualization (Kubevirt) require the underlying storage low cost, high performance, and high efficiency. HwameiStor is a Cloud Native Software-Defined Local Storage combined the advantages of both local disks and commercial storage products. In LLM training, we provide a simple efficient way for accelerating datasets access (read) and CKPT quick save (write): Object Storage + Local Storage; in Middleware & KubeVirt, we provide storage solutions with performance, HA, and VM snapshots/cloning/recovery; in edge computing, we provide stable storage with a small resource footprint.

Speakers
avatar for Simon YN Zhao

Simon YN Zhao

Senior Solution Architect, DaoCloud
Senior Solution Architect of DaoCloud, 20 years storage and 5 years cloud native experience, used to work for HDS, Sun, EMC. Speaker in 2023 WAIC & 2015 Oracle Open World (San Francisco), Lector of EMC Executive Briefing Center
avatar for 明明 周

明明 周

Developer, DaoCloud
Zhou Mingming, Maintainer of Hwameistor Open Source Community, DaoCloud Cloud Native Development Engineer.


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | Paris Room
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

12:10 CET

Future of Intelligent Cluster Ops: LLM-Azing Kubernetes Controllers - Rajas Kakodkar, VMware & Amine Hilaly, AWS
As a Kubernetes operator, you must have spent countless hours upgrading clusters, deploying complex applications and troubleshooting issues. Have you ever wondered if you could automate this and literally speak to your cluster by asking - Is it safe to upgrade to v1.29? - Why isn’t Node X Ready? Join this session by Rajas and Amine to discover how AI can empower cluster operations with K8s controllers backed by LLMs. Discover the stages of data processing, fine-tuning LLMs and integrating them with K8s controllers and CRDs. And witness the addition of Speech Recognition to the K8s controller to operate clusters. To unravel the myths of AI hype, there will be a live demo to “talk” to K8s controller powered by LLM for - Auditing and upgrading clusters - Simulating Chaos scenarios - Scanning clusters for CVEs - Observability of cluster health The audience will get to know how domain knowledge helps improve AI model accuracy to ensure that it follows data ethics and security principles.

Speakers
avatar for Amine Hilaly

Amine Hilaly

AWS, Software Development Engineer @ EKS, AWS
Amine is a Software Development Engineer at Amazon Web Services working on the Kubernetes and Open source related projects for about three years. Amine is a Go, open-source, and Kubernetes fanatic.
avatar for Rajas Kakodkar

Rajas Kakodkar

Senior Member of Technical Staff, VMware and Tech Lead, CNCF TAG Runtime, VMware
Rajas is a Senior Member of Technical Staff at VMware and a Tech Lead of Technical Advisory Group, Runtime in CNCF. He is currently serving as the Co-Chair for Cloud Native AI Day Paris 2024. He is active in the AI and WASM working groups in the CNCF landscape and a contributor to... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.1 | Room F

12:10 CET

How Many Network Policies Can I Create? - Nadia Pinaeva, Red Hat & Shaun Crampton, Tigera
Network Policy is an API that helps Kubernetes users secure their networking. If you have ever created more than 1000 Network Policies, you have probably asked (yourself or your cluster provider): am I hitting the limit? How many more can I create? Without well-defined scalability limits almost any bug may be a scalability bug. We will discuss why Network Policies are so difficult to scale test and present the Network Policy-focused scale testing framework we developed. We will also share some tools to translate end users’ requirements to testing profiles. Every platform or network plugin may have different requirements for a successful scale test, we will share testing experience and results for ovn-kubernetes and Calico network plugins as first framework users. Attendees will learn how to use our scale testing framework, contribute more performance profiles based on your needs, or just get an idea on how to better explain scale limits to end users.

Speakers
avatar for Shaun Crampton

Shaun Crampton

Distinguished Software Engineer, Tigera
Shaun is a Senior Software Engineer at Tigera, working as a core developer on Project Calico. Before joining the Tigera team, Shaun worked on a number of Software Defined Networking products and cloud scale applications. He holds a BA in Computer Science from Cambridge University... Read More →
avatar for Nadia Pinaeva

Nadia Pinaeva

Senior Software Engineer, Red Hat
Nadia Pinaeva is a Senior Software Engineer at Red Hat working on Openshift Networking. She collaborates with the SIG-network-policy to improve network security for Kubernetes clusters, and works on ovn-kubernetes network plugin.


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | S04
  Networking + Edge + Telco

12:10 CET

AI-Assisted Runbooks - Instigating Precision and Efficiency in Kubernetes Operations - Vinothini Raju, gopaddle.io & Diane Mueller, Bitergia
This session highlights the role of context-aware runbooks that use Generative AI for optimizing Kubernetes environments and enabling accurate troubleshooting. We'll discuss the current gaps in using ChatGPT for troubleshooting, like providing contextual information and effectively utilizing the responses without compromising the environment's integrity. The talk will then explore how CNCF's comprehensive ecosystem of open-source tools can be integrated to create automated, context-aware runbooks. These runbooks provide deep insights into both the environment and applications, thereby enhancing the AI's contextual understanding and streamlining actions based on AI responses. The session will also highlight the role of OpenAPI schema in minimizing errors. The session will include a use case, showcasing how Kubernetes resources were optimally provisioned, critical issues automatically resolved, and support requests raised with rich documentation using data-driven generative AI.

Speakers
avatar for Diane Mueller-Klingspor

Diane Mueller-Klingspor

Director, Research and Advisory Services, Bitergia
Diane Mueller is Bitergia's Managing Director, Research and Advisory Services. Her research focuses on open source ecosystems, community and product development strategy, with a focus on Cloud Native, Python and AI/ML technology ecosystems.
avatar for Vinothini Raju

Vinothini Raju

Founder & CEO, gopaddle.io
Vinothini Raju, is the Founder & CEO at gopaddle.io. She has been awarded the B2B Woman Tech Entrepreneur of the Year, 2023 by Women In Cloud & Insight Enterprises. Under her leadership, gopaddle focuses on building a next-generation platform for cloud native applications​. Her... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance

12:10 CET

Bloomberg's Journey to a Multi-Cluster Workflow Orchestration Platform - Yao Lin & Reinhard Tartler, Bloomberg
At Bloomberg, we maintain a cloud-native workflow orchestration platform for automation, data pipelines, model training, and general utility compute. This service offering has seen rapid adoption, with more than 10K workflows submitted weekly. With this growth, we face new, emerging challenges, such as additional latency on resource creation and query timeouts. This talk shares our unique needs as a growing workflow orchestration platform. We compare and contrast our initial implementation for resource and cluster federation, which involved bespoke in-cluster pull agents and a source-of-truth, to our current approach, which is back-end with a solution based on a highly-available PostgreSQL database and Kine. We share how we investigated related projects and what inspiration we took from Karmada, OCM, and others. In the end, we reach a lightweight Kubernetes API server interface design that allows for multi-cluster federation to deploy heterogeneous resources in an efficient manner.

Speakers
RT

Reinhard Tartler

Sr. Software Engineering Team Lead, Bloomberg
Reinhard leads an infrastructure team at Bloomberg, where he oversees an engineering and application platform designed for run-to-completion batch jobs. This platform is built on Kubernetes, providing a safe and scalable runtime environment for executing arbitrary code. Bloomberg's... Read More →
avatar for Yao Lin

Yao Lin

Senior Software Engineer, Bloomberg
Yao Lin is a senior software engineer at Bloomberg, where she has worked for six years. She works as a platform engineer on the company's workflow orchestration platform, which is built on Kubernetes and hosts Argo Workflows as its orchestration back-end. This multi-tenant platform... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

12:10 CET

Is Your Image Really Distroless? - Laurent Goderre, Docker
With the introduction of multi-stage builds in Docker, it is possible to separate build-time dependencies from run-time dependencies by starting with a fresh base image and copying only the necessary output of the build stage(s). This in turn helps create "distroless" images that don’t contain many convenience tools included in a distribution, such as a package manager. This makes it harder for a malicious actor to add additional software to a container, and also reduces the surface area for potential vulnerabilities that need to be kept up-to-date. However, many applications still rely on extra tooling, such as shells, to configure the runtime environment of the application to meet the needs of users. This talks demonstrates how using init containers allow us to separate the logic needed to configure a runtime environment from the environment itself, to get images that don’t contain shells or scripting capabilities, and provide a more secure container.

Speakers
avatar for Laurent Goderre

Laurent Goderre

Software Engineer, Docker
Laurent is a software engineer with over 20 years of experience in software development in the private and public sectors with extensive experience contributing to open source software. Since 2016, he has built and maintained Docker Official Images before joining Docker in 2023 to... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.1 | Room A
  SDLC

12:10 CET

Playing Defense: The Reactive Cloud Native Security Battle - Ayse Kaya, Slim.AI
Recent joint research from ESG and Slim.AI, polled from SREs, DevOps & Platform Engineers explores the state of cloud native security, shedding light on an increasingly worrying attack surface that is only growing. Analyzing the data we learn that a mere 12% are managing to achieve security SLOs. This is compounded by regulatory pressures, the complexity of the supply chain with its own set of exploits & challenges, all this with a fragmented tooling ecosystem that is making it difficult to understand how to prioritize & remediate rapidly in a single consolidated place. This session will dive into these new findings, on how container & OSS security continues to add difficulty with triaging security––as well as the cascading impact of the continuous rise in cloud native sec, vulns, and the supply chain as a whole. Join this session to learn how to take cloud native security from reactive to proactive along with real practical tips for minimizing the noise & achieving security SLOs.

Speakers
avatar for Ayse Kaya

Ayse Kaya

VP, Strategic Insights & Analytics, Slim.AI
Ayse Kaya is the Senior Director of Strategy and Analytics at Slim.AI. She is an accredited data scientist and container enthusiast. A graduate of the MIT Sloan School of Management's Operations Research Center, Kaya was previously a strategy and analytics lead at CloudLock and Cisco... Read More →


Wednesday March 20, 2024 12:10 - 12:45 CET
Pavilion 7 | Level 7.1 | Room D
  Security
  • Content Experience Level Any

12:30 CET

AI HUB | 🤖 Unconference Sessions
The AI Hub is back! This one-day unconference will explore AI topics impacting the cloud native community. LLMs, AI policy, AI operations, AI data governance and more. Join us for active conversations and learn from your peers on how they are using AI in their organizations.

  • Have an unconference session idea? Bring it with you! Sessions will be collected/posted in person. Unconference sessions are casual group conversations about a topic, so no need to bring anything other than yourself and your thoughts to share with the group.
  • Have a cool topic you'd like to discuss? What are you most interested in hearing about? What questions do you have around AI? Share those ideas here! (Note this is not a topic submission.) Please submit all thoughts, interests, and questions by EOD Monday, 18 March.

Agenda
11:15 - 11:20 | Welcome
11:20 - 11:55 | Keynote
11:55 - 12:30 | Unconference Pitches + Talk Selections
12:30 - 13:05 | Unconference Sessions Round 1
13:05 - 14:30 | Lunch - Sponsor Showcase
14:30 - 14:35 | Welcome Back
14:35 - 15:00 | Demo
15:00 - 15:35 | Unconference Sessions Round 2
15:35 - 16:10 | Unconference Sessions Round 3
16:10 - 16:30 | Coffee Break
16:30 - 17:05 | Unconference Sessions Round 4
17:05 - 17:15 | Wrap Up + Thank You's

Click here for the shared Google folder to add your unconference session notes


Wednesday March 20, 2024 12:30 - 13:05 CET
Pavilion 7 | Level 7.3 | W06-07
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

12:45 CET

Lunch 🍲
Wednesday March 20, 2024 12:45 - 14:30 CET

13:00 CET

Marketing Office Hours
Meet the CNCF Marketing Team for Office Hours
  • Tuesday, 19 March: 14:00 - 16:00
  • Wednesday, 20 March: 13:00 - 15:00
  • Thursday, 21 March: By appointment

All office hours will be held in room 736 onsite at the conference center
Book your appointment here.

Wednesday March 20, 2024 13:00 - 15:00 CET
Pavilion 7 | Level 7.3M | Room 736

13:15 CET

Project Pavilion Tour with Jorge Castro, CNCF
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!

Wednesday March 20, 2024 13:15 - 13:35 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | Project Pavilion
  Project Opportunities
  • Content Experience Level Any

14:30 CET

AI HUB | 🤖 Welcome Back + Demo
The AI Hub is back! This one-day unconference will explore AI topics impacting the cloud native community. LLMs, AI policy, AI operations, AI data governance and more. Join us for active conversations and learn from your peers on how they are using AI in their organizations.

  • Have an unconference session idea? Bring it with you! Sessions will be collected/posted in person. Unconference sessions are casual group conversations about a topic, so no need to bring anything other than yourself and your thoughts to share with the group.
  • Have a cool topic you'd like to discuss? What are you most interested in hearing about? What questions do you have around AI? Share those ideas here! (Note this is not a topic submission.) Please submit all thoughts, interests, and questions by EOD Monday, 18 March.

Agenda
11:15 - 11:20 | Welcome
11:20 - 11:55 | Keynote
11:55 - 12:30 | Unconference Pitches + Talk Selections
12:30 - 13:05 | Unconference Sessions Round 1
13:05 - 14:30 | Lunch - Sponsor Showcase
14:30 - 14:35 | Welcome Back
14:35 - 15:00 | Demo

15:00 - 15:35 | Unconference Sessions Round 2
15:35 - 16:10 | Unconference Sessions Round 3
16:10 - 16:30 | Coffee Break
16:30 - 17:05 | Unconference Sessions Round 4
17:05 - 17:15 | Wrap Up + Thank You's

Click here for the shared Google folder to add your unconference session notes

Wednesday March 20, 2024 14:30 - 15:00 CET
Pavilion 7 | Level 7.3 | W06-07
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

14:30 CET

A Cilium Introduction: Back to Bee-Sics - Nico Vibert & Dan Finneran, Isovalent
Cilium is now the first CNCF Graduated project in the Cloud Native Network category and has now its first certification with the Cilium Certified Associate (CCA) program! But while networking is a fundamental aspect of Kubernetes, it remains an intimidating topic for many engineers. In this session, you will learn that Kubernetes networking and Cilium don't need to be daunting subjects after all! This session will provide an introduction to the core Kubernetes networking requirements and how Cilium addresses these use cases. Expect an demo-packed and inclusive session where newcomers and experienced network engineers alike will improve their cloud native networking knowledge and understand the benefits of using Cilium and eBPF for networking, observability and security. Finally, the session will also provide tips on some of the core topics and domains covered in the Cilium Certified Associate and enable participants to effectively prepare for the exam.

Speakers
avatar for Daniel Finneran

Daniel Finneran

Principal Community Advocate, Isovalent
Dan Finneran is a Principle Community Advocate at Isovalent. His journey to today has included bare-metal, jails, zones, vms and containers where he is currently enjoying the fast paced ride in the cloud native space. He also created & maintains a popular Open-Source load-balancer... Read More →
avatar for Nico Vibert

Nico Vibert

Senior Technical Marketing Engineer, Isovalent
Nico Vibert is a Senior Technical Marketing Engineer at Isovalent – the company behind the open-source cloud native solution Cilium. Nico has worked in many different roles – operations and support, design and architecture, technical pre-sales – at companies such as HashiCorp... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience
  • Content Experience Level Any

14:30 CET

Navigating the Processing Unit Landscape in Kubernetes for AI Use Cases - Mofi Rahman & Kaslin Fields, Google & Rob Koch, Slalom
With the emergence of LLMs (Large Language Models) and other Machine Learning (ML) workloads running on Kubernetes, gone are the days when just CPU is enough. Machine Learning and Artificial Intelligence workloads are best served by specialized processing units. While CPUs are great at doing work sequentially, Artificial Intelligence and Machine Learning require a different approach to processing information - a highly parallel one. In Kubernetes, that means GPUs (Graphical Processing Units) and TPUs (Tensor Processing Units). This talk gives you an introduction of what each type of processing unit is, what they are good at, and how to use them well in Kubernetes.

Speakers
avatar for Rob Koch

Rob Koch

Principal, Slalom Build
A tech enthusiast who thrives on steering projects from their initial spark to successful fruition, Rob Koch, AWS Data Hero, is a Principal at Slalom Build and Co-chair of the CNCF Deaf and Hard of Hearing Working Group. His expertise in architecting event-driven systems is firmly... Read More →
avatar for Kaslin Fields

Kaslin Fields

Developer Advocate, Google
Kaslin Fields is a Developer Advocate at Google Cloud, a Container enthusiast and creator of tech comics. She uses her knowledge of DevOps technologies and methodologies to help others as they enter the Cloud Native world. By creating comics about DevOps tech, she hopes to make learning... Read More →
avatar for Mofi Rahman

Mofi Rahman

Developer Relations Engineer, Google
Mofizur Rahman (@moficodes) is a Developer Advocate at Google. His favorite programming language these days is Go. He is a strong believer of the power of open source and importance of giving back to the community. He is a self proclaimed sticker collecting addict and has collected... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice

14:30 CET

Cloud Native Storage: The CNCF Storage TAG Projects, Technology & Landscape - Raffaele Spazzoli, Red Hat; Alex Chircop, Akamai
This talk will introduce the CNCF Storage TAG and discuss how the TAG operates, how we work with CNCF Storage projects, and the work we have done to build guidance and write whitepapers for the ecosystem. During this session we will cover an overview of storage projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Storage Whitepaper, Performance and Benchmarking whitepaper, Cloud Native Disaster Recovery whitepaper, and the Data on Kubernetes whitepaper. Join us to find out how to contribute and participate in the CNCF storage community and discover practical guidance on how to use cloud native storage in your environments.

Speakers
avatar for Alex Chircop

Alex Chircop

Chief Product Architect, Akamai
Chief Product Architect at Akamai. Previously a founder and CTO of Ondat (formerly StoraeOS), building software defined solutions for cloud native environments. Alex is also a co-chair of the CNCF Storage TAG (previously SIG). Before embarking on the startup adventure he spent over... Read More →
avatar for Raffaele Spazzoli

Raffaele Spazzoli

Senior Principal Architect, red hat
Raffaele is a full-stack enterprise architect with 20+ years of experience. Currently Raffaele covers a consulting position of cross-portfolio application architect with a focus on OpenShift. Most of his career Raffaele worked with large financial institutions allowing him to acquire... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | E05 - E06

14:30 CET

Crossplane Intro and Deep Dive - the Cloud Native Control Plane Framework - Jared Watts & Philippe Scorsolini, Upbound
The maintainers of Crossplane, a CNCF Incubating project, will lead this session that will introduce the project to new attendees, as well as dive into the finer details of Crossplane’s functionality and roadmap. We will explain how Crossplane enables you to compose cloud infrastructure and services into your custom platform APIs, and how best to get started building a platform of your own. We will take a tour through the key features included in the latest releases, what problems and use cases they are solving, and how you can adopt them into your control planes. Finally, there will be an interactive opportunity to engage with the maintainers, ask questions, and influence the future of the project direction.

Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by enabling anyone to build their own cloud platform. He is also a co-creator of the open source Crossplane (https://crossplane.io) and Rook (https://rook.io) projects. Prior to... Read More →
avatar for philippe scorsolini

philippe scorsolini

Senior Software Engineer, Upbound
Philippe is a Senior Software Engineer at Upbound, where he joined the control planes team, contributing to the CNCF incubating project Crossplane. Prior to Upbound, Philippe worked at ControlPlane as a security-focused software engineer, at EnterpriseDB helping to build the now open-source... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | N04

14:30 CET

Emissary-Ingress: Present and Future - Flynn, Buoyant
Emissary-ingress, a CNCF Incubating project built on the Envoy Proxy, is one of the first Kubernetes-native, self-service API gateways and ingress controllers. In this session, we'll give attendees an overview of the need for ingress controllers in general, the benefits of self-service developer workflows, and how Emissary-ingress can help with these issues... but even more importantly, we'll talk about the current state of the project and open up our crystal ball to look into Emissary-ingress' future. There are some important decisions coming up for Emissary, and this session is a great opportunity to talk directly with Emissary-ingress maintainers, make sure your voice is heard when it comes to the project's future, and learn how to get involved as a contributor or simply to offer feedback. Looking forward to seeing you there!

Speakers
avatar for Flynn -

Flynn -

Technical Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, spreading the good word about the Linkerd service mesh and educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering - from the kernel up through distributed applications... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | W02-03

14:30 CET

Enabling the Software Supply Chain Ecosystem with Notary Project - Toddy Mladenov, Microsoft; Ivan Wallis, Venafi; Shuting Zhao, Nirmata
Securing the software supply chain involves various components and hence it requires a vibrant ecosystem. In addition, real-world organizations are constrained to using existing tools while improving security. They insist on smooth transition. Come join this session to learn how the Notary Project is designed to be extensible, enabling other CNCF projects and ecosystem tools to implement solutions for authenticity and integrity across the supply chain. It also enables enterprises to leverage their existing investments while becoming more secure. As a bonus, you will learn about exciting new features and the future plans for the project.

Speakers
avatar for Ivan Wallis

Ivan Wallis

Global Architect - Cloud Native Solutions, Venafi
Ivan Walllis is primarily responsible for working closely with customers worldwide as they adopt their code signing strategy as part of their cloud-native security strategy. He is currently Senior Architect, Cloud Native Solutions at Venafi. For more than 20+ years, Ivan has been... Read More →
avatar for Shuting Zhao

Shuting Zhao

Staff Engineer, Nirmata
Shuting Zhao is a Kyverno maintainer and a Staff Engineer at Nirmata. Her passion for open source extends beyond her professional role, as she has also taken on the role of mentor for several LXF mentorship programs since March 2021, she enjoys helping others contribute to open source... Read More →
avatar for Toddy  Mladenov

Toddy Mladenov

Principal Product Manager, Microsoft
Toddy has over 25 years of experience in software engineering and design, consulting, and product management for companies like Microsoft, T-Mobile, and SAP. He started his cloud journey 14 years ago as part of the Azure team. Since then, Toddy worked on large-scale cloud implementations... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | N03

14:30 CET

Supercharging Argo CD’s Manifest Generation Capabilities - Alexander Matyushentsev, Akuity & Leonardo Luz Almeida, Intuit
The Argo CD is known for its first-class support of config management tools like Helm and Kustomize. This integration goes beyond just detection, offering a visual representation of information like default values and workload images. All of it improves the experience and boosts developers' productivity. The K8S ecosystem keeps changing rapidly, and new tools are entering the scene. To keep up with this dynamic ecosystem, Argo CD has introduced a plugin system known as Config Management Plugins (CMP). Argo CD team keeps working on a 2nd iteration of CMP that promises to deliver the same level of user experience as first-class support. In the talk, we will take a deep dive into CMP. Our audience will learn the advantages of moving to the new CMP version. The live demo of packaging a real config management tool into a plug is included! Finally, we will share the challenges CMP implementation still has and describe the enhancements coming in the next release.

Speakers
avatar for Alexander Matyushentsev

Alexander Matyushentsev

Co-founder and Chief Architect, Akuity
Argo Co-Creator, Argo CD Lead, and maintainer. Energetic and passionate software engineer with over a decade of software development experience. I'm an enthusiast of continuous integration, agile environments, and a huge open-source believer. Core contributor and maintainer of http://argoproj.io... Read More →
avatar for Leonardo Luz Almeida

Leonardo Luz Almeida

Leonardo Luz Almeida, Intuit
Leo is a staff member of the core Argo team at Intuit responsible for improving and operating Argo CD and Argo Rollouts in the company. He is an active Argo maintainer sharing his time between open-source and internal development. Leo is passionate about native cloud applications... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | E01-02

14:30 CET

Accelerators(FPGA/GPU) Chaining to Efficiently Handle Large AI/ML Workloads in K8s - Sampath Priyankara, Nippon Telegraph and Telephone Corporation & Masataka Sonoda, Fujitsu Limited
Large AI/ML workloads in production require tightly coupled multiple accelerators such as FPGA, GPU, TPU, or ASICs in chains to achieve its service level performance goals such as low latency, and low power consumption. Accelerators in these chains are using direct data transfer between devices which can eliminate unnecessary memory copies, decrease CPU overheads, and reduce latency, resulting in significant performance improvements. K8s is used as a backend for most AI/ML workload deploying frameworks. However, current K8s do not have the functionality to orchestrate or configure such device chains. In this talk, we present how we extend the K8s with Custom Resource-based resource architecture and operators to orchestrate and configure such device chains in a Kubernetes-native way. We will also demonstrate how easy to deploy such workloads and discuss our future work with Dynamic Resource Allocation (DRA) support and CNI extensions.

Speakers
avatar for Masataka Sonoda

Masataka Sonoda

Fujitsu Limited
I'm a research engineer at Fujitsu Limited.I've been involved in the development of technologies such as fault handling in cloud environments and processing/data deployment planning in wide-area distributed environments.I'm currently engaged in the development of disaggregated computing... Read More →
avatar for Sampath Priyankara

Sampath Priyankara

Senior Manager, NTT (Nippon Telegraph and Telephone Corporation)
Sampath is a senior research engineer at NTT Software Innovation Center, specializing in distributed systems and virtualization. With a Ph.D. in Information Science, he has led various OSS projects, including OpenStack masakari. Currently, Sampath's focus lies in the field of disaggregated... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | Paris Room

14:30 CET

Self-Hosted LLMs on Kubernetes: A Practical Guide - Hema Veeradhi & Aakanksha Duggal, Red Hat
Have you ever considered deploying your own large language model (LLM), but the seemingly complex process held you back from exploring this possibility? The complexities of deploying and managing LLMs in production environments often pose significant challenges. This talk will serve as a comprehensive introductory guide, empowering beginners to commence their LLM journey by effectively hosting their own models on Kubernetes. We will discuss the process of selecting appropriate open source LLM models, containerization of the models, and creating Kubernetes deployment manifests and resource provisioning to support the LLM's computational needs. Self-hosted LLMs offer enhanced data privacy, flexibility in model training, and reduced operational costs, making them an attractive option for organizations seeking greater control over their AI infrastructure. By the end of this talk, attendees will possess the necessary skills and knowledge to navigate the exciting path of self-hosting LLMs.

Speakers
avatar for Hema Veeradhi

Hema Veeradhi

Senior Data Scientist, Red Hat
Hema Veeradhi is a Senior Data Scientist working in the Emerging Technologies team part of the office of the CTO at Red Hat. Her work primarily focuses on implementing innovative open AI and machine learning solutions to help solve business and engineering problems. Hema is a staunch... Read More →
avatar for Aakanksha Duggal

Aakanksha Duggal

Senior Data Scientist, Red Hat Inc
Aakanksha Duggal is a Senior Data Scientist in the Emerging Technologies Group at Red Hat. She is a part of the Data Science team and works on developing open source software that uses AI and machine learning applications to solve engineering problems.


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.1 | Room F

14:30 CET

How to Choose the Best Kubernetes AI Edge Deployment Patterns for Your Use Case - Jacqueline Koehler & Myriam Fentanes Gutierrez, Red Hat
As a Machine Learning Operations (MLOps) Engineer focused on AI at the edge, you will be faced with many unique challenges and decisions. You may have many questions such as: How do I handle distributed architectures across hybrid environments? How do I manage all the data being produced at the edge and getting that data to the core hub for useful insights? What do I do with my old devices running critical analytics? How do I manage my far edge deployments that are disconnected? There are multiple options to solve the above issues and the best option heavily depends on the industry and use case. Our goal is to help you with answering all of these questions so you can decide how to select the best deployment patterns for your AI at the edge. Using Kubernetes and Open Data Hub, we will show a live demo using MLOps pipelines, Open Cluster Management, and OpenTelemitry to deploy a model to the edge and gather, store, and forward key metrics to the central hub.

Speakers
avatar for Jacqueline Koehler

Jacqueline Koehler

Senior Manager, Artificial Intelligence, Red Hat
Jaqueline has 23 years of combined experience as an engineer and a Senior Software Engineer manager with a focus on cyber security, AI/MLOps, and incorporates Diversity, Equity, and Inclusion (DEI) as part of her regular roles. She was an integral part in building the WiCyS community... Read More →
avatar for Myriam Fentanes Gutierrez

Myriam Fentanes Gutierrez

Principal Product Manager, Red Hat
I have been working in the opensource industry for over 15 years focused mainly in automation, even processing and lately AI to power cloud native applications.


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S04
  Networking + Edge + Telco
  • Content Experience Level Any

14:30 CET

Crossplane Observability and Traceability for Effective Multi-Cloud Management - Katharina Sick, Dynatrace & Viktor Farcic, Upbound
Companies adopting cloud-native technologies increasingly use declarative definitions of cloud infrastructure. This shift offers excellent scalability, flexibility and agility opportunities, but also comes with challenges: What if resource creation takes longer than expected? What if resources fail to materialize at all? How to identify problems and potential performance optimizations? The answer lies in a familiar strategy: as in software development, we can address these challenges through instrumentation and leveraging observability data to uncover patterns, pinpoint root causes, and drive informed optimizations. Join to learn how to answer those questions using existing metrics, logs and distributed traces emitted by tools like Crossplane, a popular open source CNCF project. The presenters will walk you through their best practices for making declarative cloud infrastructure traceable and leverage this data to improve issue resolution and your cloud infrastructure's reliability.

Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a lead rapscallion at Upbound, a member of the CNCF Ambassadors, Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Katharina Sick

Katharina Sick

Senior Software Engineer, Dynatrace
I'm all about making things user-friendly, especially when it comes to Cloud Native and Kubernetes.I've done a fair share of mobile app and backend work, but lately, I'm really into Cloud Native computing and enjoy it a lot.Outside of work, you'll find me hanging out in tech and sports... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S05
  Observability
  • Content Experience Level Any

14:30 CET

Beyond Default: Harnessing CPU Affinity for Enhanced Performance Across Your Workload Portfolio - Antti Kervinen, Intel & Dixita Narang, Google LLC
In the pursuit of maximizing computational efficiency, the strategic allocation of CPU resources emerges as a pivotal factor for performance. Restricting workloads to run on a particular set of CPUs, known as CPU pinning or CPU affinity, can be beneficial in certain scenarios to achieve predictable performance, isolation, or resource management goals. In this talk, we delve into CPU affinity, beyond default settings to attain optimal performance across diverse workloads. Participants will gain a thorough understanding of tailoring CPU affinity for their workload portfolio, leading to enhanced performance. The talk explores rising core counts, addressing software challenges and hardware insights, including the implications of CPU cores sharing a cache and the significance of data or PCI device locality. Finally, we cover the "balloons" resource policy in the NRI plugin for Kubernetes, allocating essential CPU cores with automated selection and configurable control across pods.

Speakers
avatar for Antti Kervinen

Antti Kervinen

Cloud Software Engineer, Intel
Antti Kervinen is a Cloud Orchestration Software Engineer working at Intel, whose interest in Linux and distributed systems has led him from academic research of concurrency to the world of Kubernetes. When unplugged, Antti spends his time outdoors discovering wonders of nature.
avatar for Dixita Narang

Dixita Narang

Software Engineer, Google
Dixita Narang is a Software Engineer at Google on the Kubernetes Node team. With a primary focus on resource management within Kubernetes, Dixita is deeply involved in the development and advancement of the Memory QoS feature, which is currently in the alpha stage. She is a new contributor... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance

14:30 CET

Building a Large Scale Multi-Cloud Multi-Region SaaS Platform with Kubernetes Controllers - Sébastien Guilloux, Elastic
Controllers in Kubernetes are implemented through a pattern that reconciles entities towards their desired state. This pattern can actually be extended to cover a large set of use cases, beyond the scope of Kubernetes, while still relying on Kubernetes libraries such as controller-runtime. Come learn how Elastic is building a large-scale multi-cloud multi-region platform on top of Kubernetes, and what design decisions it led to. In this presentation we’ll describe an architecture made of hundreds of Kubernetes clusters, and talk about the challenges we have faced along the way. For example, by going into some details about how some of our controllers don’t actually work with etcd and the apiserver as their backend. They use a different datastore, and reconcile resources in different clusters than the one they are deployed into. We’ll also describe how some CNCF tools help achieve that scale (ArgoCD, Crossplane, Helm, Backstage, cert-manager, etc.).

Speakers
avatar for Sebastien Guilloux

Sebastien Guilloux

Software Engineer, Elastic
Sébastien is a backend software engineer at Elastic. In the past few years he has focused on designing and building the platform backing Elastic Cloud, a large scale multi-cloud multi-region platform based on Kubernetes to deploy the Elastic stack and Elastic solutions.


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

14:30 CET

Simplified Inner and Outer Cloud Native Developer Loops - Oleg Šelajev, AtomicJar & Alice Gibbons, Diagrid
Despite the quality of modern cloud-native tools, the user experience for inner and outer developer loops are still radically different, which introduces friction and hampers developer productivity. Development setups are app-centric, while production environments deal with deployments and tools required for operations teams to keep applications running. This session explores tools to simplify both side and improve developer productivity through a platform engineering and polyglot approach using a toolchain that: Gives developers a standard set of app-level APIs to solve common distributed app challenges, using Dapr. Equips developers and product teams with consistent, polyglot feature flags through OpenFeature. Facilitates easy local development, outside of a Kubernetes cluster, with Testcontainers. Attendees will walk away with a working demo showcasing a straightforward, lightweight and effective inner and outer dev loop, ensuring the seamless promotion of apps from dev to prod.

Speakers
avatar for Oleg Šelajev

Oleg Šelajev

Head of Developer Relations, AtomicJar
Oleg Šelajev is a head of developer relations at AtomicJar working on making local development and testing bring joy. Developer. Java Champion. Docker captain. Loves all languages.
avatar for Alice Gibbons

Alice Gibbons

Customer Success Engineer, Diagrid
As a Customer Success Engineer at Diagrid, Alice helps customers with app modernization scenarios through architecture design sessions, demos and discussions, and by getting hands-on with proof of concepts. As a self-proclaimed people-person, Alice loves nothing more than working... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.1 | Room A
  Platform Engineering

14:30 CET

Tackling Configuration Management at Scale with Flux, CUE and OCI at Cisco - Alec Hothan, Cisco & Stefan Prodan
The Cisco IoT platform manages 245M+ IoT devices on a large number of Kubernetes clusters deployed globally with GitOps and Flux. Configuration management at this scale poses challenges for any CD solution. This talk explores Cisco's approach using open-source tools like Flux, Helm, OCI, CUE and Timoni. Alec Hothan discusses their GitOps implementation using a 3-tier Git repository layout, how CUE integrates with Flux to validate configuration and secret management across Git repositories/Vaults and how this helps scale Flux-managed Helm releases across fleets of clusters while fostering collaboration between devs, test, build, release and SRE teams. Flux core maintainer, Stefan Prodan, explains how leveraging OCI artifacts mitigates the complexity and limitations in managing Git repository layers and introduces Timoni, a Kubernetes package manager combining CUE's features for robust deployments.

Speakers
avatar for Alec Hothan

Alec Hothan

Principal Engineer, Cisco
Alec Hothan is a Principal Engineer at Cisco and has been driving the migration to Cisco's new IoT cloud native platform which runs hundreds of applications on multiple data centers across the world. This migration included the implementation of multiple cloud native technologies... Read More →
avatar for Stefan Prodan

Stefan Prodan

Stefan is a an open source contributor to cloud-native projects. He is the creator of Flagger the progressive delivery operator for Kubernetes, and a core maintainer of the CNCF's Flux project. Stefan has over 15 years of experience with software development and he enjoys programming... Read More →


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S06
  SDLC

14:30 CET

Safety or Usability: Why Not Both? Towards Referential Auth in K8s - Rob Scott, Google & Mo Khan, Microsoft
Is your essential tooling leaving your Kubernetes clusters vulnerable to CVEs? Are you sure? For example, Ingress and Gateway controllers are often deployed with read access to all Secrets in a cluster. What if we could introduce new authorization APIs that both mitigate future CVEs and enable entirely new reference patterns? In this talk, Rob and Mo will show how new APIs being developed by the community can help keep your clusters secure and safely enable cross-namespace references. Along the way, you’ll learn the history of these problems, including various stop-gap solutions that have been attempted along the way, to help you understand the context for the proposed changes. This session will provide you with clear guidelines for how to keep your clusters secure today by limiting unnecessary access to components running in your clusters. You’ll also learn how you can shape the future of these Kubernetes APIs by providing early feedback in the coming months of active development.

Speakers
avatar for Mo Khan

Mo Khan

Software Engineer, Microsoft
Mo Khan is a software engineer who is passionate about open source and security. He started working on Kubernetes in 2016, and currently serves as a chair, technical lead and subproject owner for Kubernetes SIG Auth, a member of the Kubernetes Security Response Committee and a contributor... Read More →
avatar for Robert

Robert

Software Engineer, Google
Rob is an open source enthusiast currently working on Kubernetes Networking at Google. He's been a maintainer of Gateway API since the very early days of the project and led the development of other Kubernetes networking APIs like EndpointSlices.


Wednesday March 20, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.1 | Room D
  Security

14:30 CET

Stewarding Open Collaboration and Governance for a Trusted Digital World BoF - Mirko Boehm, Linux Foundation Europe & Dana Wang, OpenSSF
This discussion aims to address the elephant in the room: the security and sustainability of the open source ecosystem. As we integrate open source into the very fabric of our lives, we must ensure it meets the highest security standards. With security being a shared - and a global - responsibility, and with compliance with the Cyber Resilience Act on the horizon, this panel will discuss open collaborative frameworks - both the resources that organizations can leverage, and the pathways that organization should pursue - that help to create trusted, secure, and compliant open source infrastructure no matter your jurisdiction.

Speakers
MB

Mirko Boehm

The Linux Foundation
DW

Dana Wang

Chief Architect, OpenSSF


Wednesday March 20, 2024 14:30 - 15:15 CET
Pavilion 7 | Level 7.3 | W04
  Birds of a Feather, Experiences
  • Content Experience Level Any

14:30 CET

Tutorial: Cloud Native Sustainable LLM Inference in Action - Chen Wang, Eun Kyung Lee & Bo Wen, IBM; Huamin Chen, Red Hat; Cathy Zhang, Intel
Join our tutorial on sustainable Large Language Models (LLM) inference using cloud-native tech. We'll cover LLMs, energy use, and Kepler's role in monitoring power during LLM workloads. Learn about balancing environmental sustainability and tech efficiency, using AI accelerator frequency adjustments in Cloud Native tech for optimized LLM inference. This ensures power efficiency and cost-effectiveness. Experience a live demo of vLLM, an advanced inference framework, in action. See how we tweak AI accelerator settings in a Kubernetes cluster for ideal power-computation balance. This tutorial is a must-attend for professionals keen on integrating environmental sustainability with cloud-native technology solutions. Whether you're a developer, an IT specialist, or a sustainability advocate, you'll gain valuable insights into the future of eco-friendly cloud computing. Join us to be at the forefront of this significant technological evolution.

Speakers
avatar for Eun Kyung Lee

Eun Kyung Lee

Senior Research Scientist, IBM Research
Eun Kyung Lee is a senior research scientist in the Hybrid Cloud Infrastructure software team at IBM Research. He also leads the sustainability research efforts in the department. His team is currently focusing on sustainability for the foundation model (FM) system for different phases... Read More →
avatar for Chen Wang

Chen Wang

Staff Research Scientist, IBM
Chen Wang is a Staff Research Scientist at the IBM T.J. Watson Research Center. Her interests lie in Kubernetes, Container Cloud Resource Management, Cloud Native AI systems, and applying AI in Cloud system management. She is an open-source advocate, a Kubernetes contributor, and... Read More →
avatar for Cathy Zhang

Cathy Zhang

senior principal engineer, Intel
As a member of the CNCF TOC, Cathy has been sponsoring and guiding projects' applications for graduation/incubating, and reviewing/approving new sandbox projects. She has been a committee member for several KubeCon. Cathy is a currently Senior Principal Engineer at Intel, leading... Read More →
avatar for Huamin Chen

Huamin Chen

Distinguished Engineer, Red Hat
Dr. Huamin Chen is a passionate developer at Red Hat' CTO office. His recent contributions to the CNCF ecosystem include Project Kepler, TAG Environmental Sustainability, and Cloud Native AI WG. He is also one of the founding members of Kubernetes SIG Storage, member of Ceph, Knative... Read More →
avatar for Bo Wen

Bo Wen

Staff Research Scientist, Cloud Architect, IBM
Dr. Bo Wen is a versatile researcher with extensive experience in generative AI, cloud architect, data orchestration and analysis, semiconductor/electronics/software development and large scale international scientific project management. He has domain expertise in digital health... Read More →


Wednesday March 20, 2024 14:30 - 16:00 CET
Pavilion 7 | Level 7.3 | N01-02

14:30 CET

🚨 Contribfest: Diving Into Buildpacks: Improving the Pack CLI
The pack CLI, written in Go, is the most widely used platform for local buildpacks builds. It also facilitates buildpack creation, packaging, and publishing, and provides tooling to inspect buildpacks-built images and other build components, such as SBOM. In this session, we will work on improving the end-user experience of pack by tackling issues that make the build process more intuitive - from simplifying the way inputs are provided, to making output information displays more clear and accurate. Contributors will walk away with a basic understanding of both the buildpacks project and the pack CLI repository. All levels of experience are welcome.

Speakers
avatar for Aidan Delaney

Aidan Delaney

Buildpacks Maintainer, Bloomberg
avatar for Natalie Arellano

Natalie Arellano

Software Engineer, Broadcom
Natalie is a maintainer on the Cloud Native Buildpacks project and a software engineer at Broadcom.


Wednesday March 20, 2024 14:30 - 16:00 CET
Pavilion 7 | Level 7.3 | W01

15:00 CET

AI HUB | 🤖 Unconference Sessions
The AI Hub is back! This one-day unconference will explore AI topics impacting the cloud native community. LLMs, AI policy, AI operations, AI data governance and more. Join us for active conversations and learn from your peers on how they are using AI in their organizations.

  • Have an unconference session idea? Bring it with you! Sessions will be collected/posted in person. Unconference sessions are casual group conversations about a topic, so no need to bring anything other than yourself and your thoughts to share with the group.
  • Have a cool topic you'd like to discuss? What are you most interested in hearing about? What questions do you have around AI? Share those ideas here! (Note this is not a topic submission.) Please submit all thoughts, interests, and questions by EOD Monday, 18 March.

Agenda
11:15 - 11:20 | Welcome
11:20 - 11:55 | Keynote
11:55 - 12:30 | Unconference Pitches + Talk Selections
12:30 - 13:05 | Unconference Sessions Round 1
13:05 - 14:30 | Lunch - Sponsor Showcase
14:30 - 14:35 | Welcome Back
14:35 - 15:00 | Demo
15:00 - 15:35 | Unconference Sessions Round 2
15:35 - 16:10 | Unconference Sessions Round 3
16:10 - 16:30 | Coffee Break
16:30 - 17:05 | Unconference Sessions Round 4
17:05 - 17:15 | Wrap Up + Thank You's

Click here for the shared Google folder to add your unconference session notes

Wednesday March 20, 2024 15:00 - 15:35 CET
Pavilion 7 | Level 7.3 | W06-07
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

15:00 CET

Technical Oversight Committee + TAG Chairs Meeting
The Technical Oversight Committee and the Technical Advisory Groups meet to discuss current issues and next steps.

Wednesday March 20, 2024 15:00 - 16:30 CET
Pavilion 7 | Level 7.3 | Room E04

15:25 CET

Cloud Native Perspectives: Understanding and Advocating for Accessibility in Tech - Emmanuelle Aboaf, SHODO; Rynn Mancuso, Honeycomb.io; James Spurin, DiveInto; Purvi Kanal, Honeycomb; Devin Nance, VMware
Fostering inclusion is not just a buzzword; it's a fundamental necessity. Join this panel discussion to delve into the heart of accessibility in tech. Panelists, each with unique disabilities, will share their experiences, shedding light on what it truly means to navigate the tech world for them. From the challenges they face to the triumphs they celebrate, our panelists will articulate why accessibility is not just a checkbox but a pivotal aspect of creating a thriving and innovative tech community. They'll explore the practical implications of accessibility, discuss the importance of an inclusive cloud native community, and unveil strategies to make technology more accessible to all. This session will emphasize the human side of tech and our responsibilities in promoting inclusivity. Join this talk for an eye-opening conversation that will hopefully inspire *you* to champion accessibility, too.

Speakers
DN

Devin Nance

Client Solution Architect, VMware
avatar for Rynn Mancuso

Rynn Mancuso

Senior Developer Community Manager, Honeycomb.io
Rynn Mancuso is the developer community manager at Honeycomb, one of the maintainers of OpenTelemetry’s End User Working Group, and a CNCF Ambassador. Before joining Honeycomb, they led developer communities at New Relic, Tidelift, Mozilla and Wikimedia. They also actively contribute... Read More →
avatar for James Spurin

James Spurin

CNCF Ambassador, Docker Captain, Founder and CEO of DiveInto, DiveInto
James Spurin, a CNCF Ambassador, Docker Captain and a Technical Course Creator has educated over 100K students in Cloud Native, DevOps and Kubernetes across Udemy, O'Reilly, and Coursera. His 25-year career includes management, engineering and software development at Nomura, Goldman... Read More →
avatar for Purvi Kanal

Purvi Kanal

Senior Software Engineer, Honeycomb
Purvi Kanal is a Senior Software Engineer at Honeycomb where she works on several open source projects. She is an approver for OpenTelemetry JavaScript with an interest in frontend observability. She has worked across the stack, making web and mobile apps in several languages with... Read More →
avatar for Emmanuelle Aboaf

Emmanuelle Aboaf

Fullstack developer, SHODO
Emmanuelle ABOAF, a Paris-based full-stack developer at Shodo, is deeply committed to digital accessibility — a value rooted in her own experiences as a deaf individual. Actively involved in tech inclusivity, she's a member of the Duchess France Association, advocating for women... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience
  • Content Experience Level Any

15:25 CET

Choose Your Own Adventure: The Struggle for Security - Whitney Lee, VMware & Viktor Farcic, Upbound
Our hero, a running application in a Kubernetes production environment, knows they are destined for greater things! They are serving end users, but currently, they are also endangering those users, the system, and themselves! But the struggle for security is HARD, filled with system design choices concerning secrets management; cluster-level, runtime, and network policies; and image scanning and signing. It is up to you, the audience, to guide our hero and help them grow from a vulnerable, unprotected application to their final form⎯an app that is secure against invasion. In their third KubeCon ‘Choose Your Own Adventure’-style talk, Whitney and Viktor will present choices that an anthropomorphized app must make as they try to protect themselves against every kind of exploit. Throughout the presentation, the audience (YOU!) will vote to decide our hero app's path! Can we navigate CNCF projects to safeguard our app, system, and users against attack before the session time elapses?

Speakers
avatar for Viktor Farcic

Viktor Farcic

Developer Advocate, Upbound
Viktor Farcic is a lead rapscallion at Upbound, a member of the CNCF Ambassadors, Google Developer Experts, CDF Ambassadors, and GitHub Stars groups, and a published author. He is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.
avatar for Whitney Lee

Whitney Lee

Staff Technical Advocate, Broadcom
Whitney is a lovable goofball and a CNCF Ambassador who enjoys understanding and using tools in the cloud native landscape. Creative and driven, Whitney recently pivoted from an art-related career to one in tech. You can catch her lightboard streaming show ⚡️ Enlightning on Tanzu.TV... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice
  • Content Experience Level Any

15:25 CET

Cilium: Connecting, Observing, and Securing Service Mesh and Beyond with EBPF - Liz Rice & Maartje Eyskens, Isovalent; Nico Meisenzahl, white duck; Vlad Ungureanu, Palantir Technologies
Welcome to Cilium's maintainer track session where you'll get an update on how Cilium is expanding the frontiers of cloud native networking, observability, and security. After graduating and becoming the de-facto standard CNI for Kubernetes, what comes next? We'll start with a brief overview of each part of the project before giving a update on Cilium Service Mesh's mutual authentication. Next, we'll dive into how Cilium is expanding beyond Kubernetes with load balancing and multi-cloud networking and into runtime enforcement with Tetragon. In this session, you'll hear from Cilium contributors and users Isovalent, Palantir, and white duck.

Speakers
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium project. She was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of O'Reilly books "Learning eBPF" and... Read More →
avatar for Maartje Eyskens

Maartje Eyskens

Software Engineer, Isovalent
Maartje is a Software Engineer working on extending Cilium's service mesh capabilities while working on trains all over Europe. Previously she worked as a computer science teacher and as engineer on several cloud native projects. In her spare time she's not afraid of electronics... Read More →
avatar for Nico Meisenzahl

Nico Meisenzahl

Head of DevOps Consulting & Operation, white duck
Nico Meisenzahl works as Head of DevOps Consulting & Operations at white duck. As Cloud Solution Architect, an elected Microsoft MVP and GitLab Hero, his current passion is for topics around Cloud Native and Kubernetes. Nico is a frequent speaker at conferences, user group events... Read More →
avatar for Vlad Ungureanu

Vlad Ungureanu

Engineering Lead, Palantir Technologies
Vlad Ungureanu is an Engineering Lead within Palantir's Production Infrastructure organization. He is responsible for Palantir's strategy and execution regarding deployment of Kubernetes in all environments in which Palantir operates: commercial cloud, classified cloud, on-premises... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | W02-03

15:25 CET

Dapr in 2024: Deployments Beyond Sidecars, Distributed Scheduler API and App-Level Zero Trust - Yaron Schneider & Josh van Leeuwen, Diagrid
Dapr is a set of developer-centric APIs for building fault-tolerant, secure and portable applications that run in the cloud or on the edge. This talk will cover a brief overview of the project and show several upcoming initiatives for 2024 from a maintainer perspective, including deploying Dapr in a shared model, a new API for scheduling massively scalable reliable tasks and a larger focus on application level security.

Speakers
avatar for Yaron Schneider

Yaron Schneider

CTO, Diagrid
Yaron co-created the CNCF projects Dapr and KEDA while at Microsoft and led the engineering architecture for serverless container platforms that run at scale using open source technologies. Yaron is an avid lover of open source tech and distributed systems, and is a co-founder and... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | N04

15:25 CET

Linkerd Project Update: VM Support, Ingress, Security on the Edge, and Rust - Matei David & David McLaughlin, Buoyant
In this project update by Linkerd maintainers, you'll learn about exciting new developments in the fast-paced world of Linkerd, the world's fastest, lightest service mesh. We'll discuss our adoption of Rust, the newly-added "mesh expansion" support for running Linkerd's dataplane outside of Kubernetes, how we've been tackling edge deployments (especially around security), and our upcoming plans for handling ingress traffic. Come prepared to learn about the first service mesh project ever to achieve graduation status in the CNCF!

Speakers
DM

David McLaughlin

Principal Software Engineer, Buoyant
avatar for Matei David

Matei David

Software Engineer, Buoyant
Matei is a London based software engineer at Buoyant and an avid open source contributor. One of the maintainers of the Linkerd project, CNCF's graduated service mesh, Matei is passionate about networking (not just the social type!) and systems engineering.


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | N03

15:25 CET

TAG Security Highlights - Marina Moore, New York University; Michael Lieberman, Kusari; Ragashree M C, Independent
TAG Security brings together security experts in the cloud native community to improve the security of CNCF projects and provide security guidance. In this talk we will present highlights from our recent work including mapping open source tools to specific problems in the software supply chain, and our Security Pals initiative to start self-assessments for CNCF projects. We will discuss our outputs from each of these initiatives, and explore how you can get involved in cloud native security. Participants will learn about the work of TAG Security and how they can participate in these and other initiatives.

Speakers
avatar for Michael Lieberman

Michael Lieberman

Co-founder and CTO, Kusari
Michael Lieberman is co-founder and CTO of Kusari where he helps build transparency and security in the software supply chain. Michael is an active member of the open-source community, co-creating the GUAC and FRSCA projects and co-leading the CNCF’s Secure Software Factory Reference... Read More →
avatar for Ragashree M C

Ragashree M C

Security Engineer, N/A
Ragashree M C is a Security professional and open source enthusiast. She is a contributor to open source security communities in CNCF, OWASP and is currently serving the Cloud Native Computing Foundation Security Technical Advisory Group (TAG) as a technical lead.
avatar for Marina Moore

Marina Moore

PhD Candidate, New York University
Marina Moore is a PhD candidate at NYU Tandon’s Secure Systems Lab researching secure software updates and software supply chain security. She is a maintainer of The Update Framework (TUF), a CNCF graduated project, as well as in-toto, an incubating project. She contributed to the... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | E05 - E06

15:25 CET

What’s New in Containerd 2.0? - Wei Fu, Microsoft & Akhil Mohan, Independent
Containerd as a mature, 7-year old project is moving from eight major releases into a new era: containerd 2.0. We announced the first LTS release in 2022 based on 1.6.x as a preparatory step for the 2.0 release. We’ll dive into all the new exciting features in 2.0, like Sandbox API, Transfer Service and WASM/WASI support, and help users understand what these new features enable for their use case. We’ll also provide an upgrade checklist and highlight changes users need to make before upgrading to the 2.0 release, since the 2.0 release will remove features marked as deprecated in past releases. We’ll also cover new updates on the 1.6 LTS release and provide guidance on using any supported release to support new Kubernetes releases. We're excited to share the progress of the containerd project. Come join us and ask your containerd questions with the handful of on-site containerd maintainers.

Speakers
avatar for Wei Fu

Wei Fu

Software Engineer, Microsoft
containerd maintainer: Building things for others who build things
avatar for Akhil Mohan

Akhil Mohan

Software Engineer, Independent
Akhil works as a Senior Member of Technical Staff at VMware. An active contributor to projects in cloud native and container ecosystem. Akhil is a reviewer for containerd and a maintainer of kubernetes publishing-bot. He works mostly on container runtimes and kubernetes sig-node... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | E01-02

15:25 CET

AI, Edge, and Storage Walk Into a Mongolian Mine - Reza Jelveh, SoftSage Solutions OU
Being able to interpret and mitigate seismic activity in mines can drastically improve safety for workers. However, mines are complex, noisy, and resource constrained environments, leading to suboptimal data. The computing environment can also be challenging with limited bandwidth and lack of modern computing equipment. This talk covers our journey in building a cloud native edge AI stream processing platform to analyze and interpret seismic activity in real time. We will discuss overcoming the challenges of an industry heavily reliant on proprietary data formats and API’s, and of deploying Kubernetes (and other technologies) in air-gapped and low-resource environments, where cloud native storage goes right (and wrong). We will also demonstrate how we simulated our environment in the cloud and the benefits this brought to our deployment. The audience will walk away with a few nuggets of gold on how we created a real time decision making platform ready for the Gobi desert.

Speakers
avatar for Reza Jelveh

Reza Jelveh

CTO, SoftSage Solutions OU
Reza has been a CTO for startups and a €bn revenue German government institution that underwent restructuring. Ever since he received his first laptop and installed Slackware on it in 2002, he has contributed to hundreds of open source projects, including FFMpeg, the Linux kernel... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | Paris Room
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

15:25 CET

Strategies for Efficient LLM Deployments in Any Cluster - Angel M De Miguel Meana, VMware & Francisco Cabrera, Microsoft
Undoubtedly, Large Language Models (LLMs) are the technological advancement of 2023. These models show many capabilities, from chatting like a historical character to converting unstructured data into JSON format. However, their substantial size (GBs), resource demands, and the management complexity present considerable challenges. At the same time, Kubernetes has emerged as the de facto technology for orchestrating workloads, and LLMs are no exception. In this talk, we will explore multiple strategies to reduce the footprint of these models in your cluster, making it possible to move them from the cloud to the edge. We will answer questions like how to select the right model, reduce their size, and optimize resource utilization by running them in a lightweight environment provided by WebAssembly. The end goal is to find a balance between resource usage and quality. It is a challenge, but this ecosystem is moving fast, and new technologies, projects and models are emerging.

Speakers
avatar for Angel M De Miguel Meana

Angel M De Miguel Meana

Staff 2 Engineer, VMware
Angel is a Staff Engineer at VMware AI Labs working on multiple WebAssembly initiatives. His background is as full-stack web developer working primarily with UIs, APIs, automation and Kubernetes. Angel is an Open Source (OSS) enthusiast, both as a creator and contributor to different... Read More →
avatar for Francisco Cabrera

Francisco Cabrera

Senior Technical Program Manager, Microsoft
Francisco is a Technical Program Manager at AKS Hybrid team, working on edge computing and Kubernetes at the Edge. For the past couple of years, he’s been working within the open-source community, developing end-to-end IoT solutions. Since joining Microsoft, he’s been responsible... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.1 | Room F

15:25 CET

How We Are Moving from GitOps to Kubernetes Resource Model in 5G Core - Joel Studler & Ashan Senevirathne, Swisscom
5G is the next evolution in mobile networking. While the rollout of Radio antennas and base stations is ongoing globally, the next generation of mobile core is still being developed. At Swisscom we are moving from a GitOps oriented approach with static configuration to a more dynamic KRM (Kubernetes Resource Model) oriented approach to improve deployment and lifecycle of the mobile network. This involves rethinking configuration management and change management as well as introducing new concepts from the cloud native world like Kubernetes Operators and Custom Resource Definitions. In this talk, you will learn what we are currently doing in achieving an end-to-end automation with dynamic configuration management that is based on Kubernetes clusters. We will talk about Nephio, custom built Kubernetes Operators, CI/CD tools like Flux and Argo and how it all ties in to GitOps.

Speakers
avatar for Ashan Senevirathne

Ashan Senevirathne

Product Owner, Swisscom
Experienced Product Owner and Senior DevOps Engineer with a proven track record in driving innovation and efficiency in telecommunications. Currently with Swisscom, leading the development of a cloud-native orchestration framework for 5G Core using Kubernetes. Adept at optimizing... Read More →
avatar for Joel Studler

Joel Studler

DevOps Engineer, Swisscom
Joel is a DevOps Engineer who currently works in a team that builds the cloud native 5G core at Swisscom. He is experienced in infrastructure automation, software defined networking and highly available databases. He is CK* certified and has written several CRD/Operator based Kubernetes... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | S04
  Networking + Edge + Telco

15:25 CET

Dealing with eBPF’s Observability Data Deluge - Anna Kapuścińska, Isovalent
eBPF has created quite a buzz in observability because of its promise of no-instrumentation, low overhead, and complete observability. However, being able to observe and collect everything that is happening in a system can also create a deluge of data. Instead of sifting and winnowing to create a clear picture, eBPF can instead produce an even larger haystack to search through to find the critical observability needle. Drawing on practical production experience running observability systems for enterprises, this talk dives into strategies to deal with this torrent of data. It will go through examples from both the application monitoring and security observability arenas and demonstrate the commonalities between them and showcase real world benchmarking results. The audience will walk away with a better understanding of the pitfalls and perils of using eBPF for observability and how to overcome them.

Speakers
avatar for Anna Kapuścińska

Anna Kapuścińska

Software Engineer, Isovalent
Anna is a Software Engineer at Isovalent, focusing on Kubernetes observability. Her previous roles span the industry: she wore both developer and SRE hats, and worked in AdTech, FinTech, public healthcare, end-user SaaS company and a hosting provider. On good weather nights you can... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | S05
  Observability

15:25 CET

Breaking the Rules of Operator Development for AI at the Far Edge - Varsha Prasad Narsing & Michael Hrivnak, Red Hat
Edge workloads, including AI and ML, require different operational considerations than the established Kubernetes Operator patterns. This session will challenge the established best practices for operator development and propose new patterns for managing workloads at the far edge, especially AI workloads. Attendees will learn about 1. Why is an operator especially valuable on a far edge system, including real-world use cases. 2. How to design operators differently for the small footprint of the device-edge versus the server-edge. 3. How the operator/operand relationship differs at the edge, including when to combine operators into a single binary. 4. How and why to install, upgrade and roll back AI model changes separately from the software operand, without using any on-cluster package management solution. The role of an operator in monitoring and reporting AI model accuracy.

Speakers
avatar for Michael Hrivnak

Michael Hrivnak

Senior Principal Software Engineer and Software Architect, Red Hat
Michael Hrivnak is a Senior Principal Software Engineer and Software Architect at Red Hat, where he’s been focused on container technology since 2014. He’s been a leader in developing early registry and distribution technology, the Operator SDK, and Kubernetes-native infrastructure... Read More →
avatar for Varsha Narsing

Varsha Narsing

Senior Software Engineer, Red Hat
Varsha is a software engineer at Red Hat. She is passionate about solving problems by developing and leveraging various software technologies. She currently works with the Portfolio Enablement team (Operator Framework) and is an active contributor to Kubernetes SIGs projects like... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance
  • Content Experience Level Any

15:25 CET

Building AI-Ready Platforms - Symphony for Developer and Platform Engineer - Thomas Vitale, Systematic & Lize Raes, LangChain4j
You’ve just built a platform, but now AI arrives and brings new requirements for applications wielding the power of large language models. Are you ready to support them? This session bridges the gap between platform engineers and developers, focusing on adapting your platform for AI while providing a smooth developer experience. You’ll learn to: - Assess the capabilities of polyglot LLM-powered cloud native apps, including prompt engineering, LangChain4j AI Services, and integration of external knowledge. - Build AI golden paths to streamline integrations and provisioning of models and embedding databases using Backstage, Buildpacks, and Crossplane. - Implement production-grade capabilities for scaling and LLM observability using Knative and OpenTelemetry. Join Lize and Thomas in building an AI-ready platform and implementing a composer AI assistant. In a final twist, you’ll choose which movie scene to score, and they’ll compose the music live for it, supported by AI.

Speakers
avatar for Thomas Vitale

Thomas Vitale

Software Engineer, Systematic
Thomas Vitale is a software engineer and architect focused on building cloud native, resilient, and secure applications and platforms. He works at Systematic, is a CNCF Ambassador, KCD organizer, and the author of “Cloud Native Spring in Action”. Thomas likes contributing to open-source... Read More →
avatar for Lize Raes

Lize Raes

Inspirational Speaker, LangChain4j
Lize Raes is a Java software engineer with a background in electrical engineering. She began her career with contributions to cochlear implant research at Ghent University. During the COVID-19 outbreak, she developed a prognosis model and advised the Belgian government together with... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

15:25 CET

State of Platform Maturity in the Norwegian Public Sector - Hans Kristian Flaatten, Norwegian Labor and Welfare Administration
Ever since the two largest branches of the Norwegian government, Tax Administration and Labor and Welfare Administration, met during KubeCon 2017, Norway has been on the fast track to digital public services with the help of Cloud Native technologies. Fast forward to 2023 and we have gathered almost 50 public agencies that all share the same passion for building internal developer platforms in one community sharing best practices and knowledge. Using the newly published CNCF Platform Engineering Maturity Model we have surveyed how mature their platforms are, and what technologies they have chosen. Those that have a platform are well on their way at Level 2 and 3 across all aspects, and our findings indicates that they are most mature when it comes to Interfaces and Operations and least mature when it comes Measurements. This presentation will dig more details of the survey findings as well as examples of how the different agencies have build and structured their platforms.

Speakers
avatar for Hans Kristian Flaatten

Hans Kristian Flaatten

Platform Engineer, Norwegian Labor and Welfare Administration
Platform Engineering at the Norwegian Labour and Welfare Administration (NAV) working on NAIS a platform built to increase development speed by providing the best experience to build, run and operate applications. Previously Principal Consultant at TietoEVRY with focus on large enterprises... Read More →


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.1 | Room A
  Platform Engineering

15:25 CET

When They Go High, We Go Low – Hooking Libc Calls to Debug Kubernetes Apps - Tal Zwick, MetalBear
Many tools exist for debugging cloud-native applications, and they mostly take one of two approaches: they either continuously sync local files to the remote container, or they connect the local machine to the cluster. mirrord takes a novel approach: when developers run their code with mirrord, it injects a dynamic library into the process, hooks libc calls, and relays some operations to be executed on the cluster instead of locally. That way, developers can run their code locally and debug it with a debugger. With all of the code's input and output forwarded to and from the cluster, the local process “thinks” it’s running in the cluster and can be tested and debugged in cloud conditions. This talk will discuss the rationale behind using low-level techniques in cloud-native tooling, explain some of the low level Rust code that makes it possible, and show mirrord in action with a live demo.

Speakers
avatar for Tal Zwick

Tal Zwick

Software Engineer, MetalBear
I started my way in the tech world with military service in a cyber security related unit, and then studied computer science at the Technical University of Munich. I now work at MetalBear, where I write low-level, open-source Rust code for mirrord.


Wednesday March 20, 2024 15:25 - 16:00 CET
Pavilion 7 | Level 7.3 | S06
  SDLC

15:35 CET

AI HUB | 🤖 Unconference Sessions
The AI Hub is back! This one-day unconference will explore AI topics impacting the cloud native community. LLMs, AI policy, AI operations, AI data governance and more. Join us for active conversations and learn from your peers on how they are using AI in their organizations.

  • Have an unconference session idea? Bring it with you! Sessions will be collected/posted in person. Unconference sessions are casual group conversations about a topic, so no need to bring anything other than yourself and your thoughts to share with the group.
  • Have a cool topic you'd like to discuss? What are you most interested in hearing about? What questions do you have around AI? Share those ideas here! (Note this is not a topic submission.) Please submit all thoughts, interests, and questions by EOD Monday, 18 March.

Agenda
11:15 - 11:20 | Welcome
11:20 - 11:55 | Keynote
11:55 - 12:30 | Unconference Pitches + Talk Selections
12:30 - 13:05 | Unconference Sessions Round 1
13:05 - 14:30 | Lunch - Sponsor Showcase
14:30 - 14:35 | Welcome Back
14:35 - 15:00 | Demo
15:00 - 15:35 | Unconference Sessions Round 2
15:35 - 16:10 | Unconference Sessions Round 3
16:10 - 16:30 | Coffee Break
16:30 - 17:05 | Unconference Sessions Round 4
17:05 - 17:15 | Wrap Up + Thank You's

Click here for the shared Google folder to add your unconference session notes

Wednesday March 20, 2024 15:35 - 16:10 CET
Pavilion 7 | Level 7.3 | W06-07
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

16:00 CET

Coffee Break ☕
Wednesday March 20, 2024 16:00 - 16:30 CET

16:00 CET

OSPO BoF + Happy Hour
CNCF in collaboration with TODO Group is excited to host an Open Source Program Office (OSPO) Birds of a Feather meeting followed by a Happy Hour. This event is a great opportunity for professionals managing open source operations and strategy in their organizations to connect, discuss, and share best practices on integrating open source knowledge and cloud native adoption across security, IT and business teams.

BoF Highlights:
  • Dive into OSPO day-to-day operations. 
  • Engage in discussions about common challenges and share perspectives.
  • Contribute to the OSPO Book Project. Participants will be acknowledged in Chapter 5, attributing to the collective wisdom shared during the BoF session.
  • Meet like-minded professionals and expand your network in the open source / Cloud Native community.

Who Should Attend?
Whether you are a seasoned OSPO professional or just starting with open source management and strategy in your organization, this event is perfect for anyone interested in the inner workings of Open Source Program Offices and keen on contributing to a open and community-driven knowledge base.

Space is limited, and we encourage early registration to ensure your participation. Click here to RSVP and secure your spot!


Wednesday March 20, 2024 16:00 - 18:00 CET
Pavilion 7 | Level 7.3 | W04
  Birds of a Feather
  • Content Experience Level Any

16:30 CET

Developers Demand UX for K8s! - Máirín Duffy, Red Hat, Inc. & Conor Cowman, Atlantic Technological University
Who hasn't had their app break due to a mismatch between devel and prod environments? Developers still write YAML by hand - or more often, compose files handed off to SRE for a YAML rewrite. An issue occurs in Kubernetes, and you're stabbing in the dark trying to access running object states to assess the problem. Why is working with K8s still so frustrating for developers? The answer: There isn't enough user experience (UX) focus on developers in K8s. K8s is more oriented towards ops and SREs than developers, developers find setting up a local environment difficult, and Kubernetes generally intimidates them. We engaged in a three-month long user research study of developers and the platform engineers who support them on their Kubernetes usage. We'll present our findings, and you'll gain insight into workflows and pain points of developers working with Kubernetes. Get inspired to help improve the UX for developers you work with, and learn how you can run your own study!

Speakers
avatar for Máirín Duffy

Máirín Duffy

Senior Principal UX Designer, Red Hat, Inc.
Máirín is a Sr. Principal Interaction Designer at Red Hat. A recipient of the O’Reilly Open Source Award, Máirín has over 15 years of expertise in UX & design working upstream in FLOSS communities. Her portfolio is wide-ranging, from OS management tools; to OS infra UIs; to... Read More →
avatar for Conor Cowman

Conor Cowman

Software Development Student, Atlantic Technological University
Conor studied Psychology at Waterford Institute of Technology (now known as SETU) then went on to receive a Masters in Organisational Psychology at University College Cork where he took a keen interest in UI & UX design. This inspired him to pursue a H.Dip. in Software Development... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience
  • Content Experience Level Any

16:30 CET

Dungeons and Deployments V2: The Clusters of Chaos - Kat Cosgrove, Dell Technologies; Noah Abrahams, Oracle; Seth McCombs, AcuityMD; Ian Coldwater, Independent; Natali Vlatko, Cisco
You haven't mastered the basics of Kubernetes until you have a grasp on its security concerns. Join our merry band of adventurers as we journey to the Duchy of D'voups in search of knowledge, glory, and the Weregoose who stole the Holy Certificate. We will need to find ways to buff our party's defenses, guard our camp, and watch each other's backs, all while making sure the Weregoose doesn't learn our secrets. Whether you're a paladin, a rogue, or a sorcerer, there's a way you can help keep your cluster secure. This is a light-hearted talk covering the fundamentals of Kubernetes security, while the panel plays a tabletop role-playing game. You will learn about role-based access control, transport layer security, controlling privileges, and more. Roll for initiative: your cluster is under attack.

Speakers
avatar for Noah Abrahams

Noah Abrahams

Senior Principal Technical Program Manager, Oracle
Noah has been involved in the CNCF since 2016, running meetups and delivering talks and education. He has been a vendor and an end-user, working with everyone across the spectrum. Involved with k8s as a part of several SIGs, Noah has helped deliver the Contrib Summit, and created/led... Read More →
avatar for Ian Coldwater

Ian Coldwater

Security Researcher, Independent
Ian Coldwater is co-chair of Kubernetes SIG Security, a longtime community organizer, and a security researcher specializing in hacking and hardening Kubernetes, containers, and cloud native infrastructure. When they're not busy making good trouble, they like to read all the docs... Read More →
avatar for Kat Cosgrove

Kat Cosgrove

Lead Developer Advocate, Dell Technologies
Kat is a Lead Developer Advocate at Dell focused on the growth and nurturing of open source through authentic contribution. In particular, her specialties are approachable 101-level content and deep dives on the history of technology, with a focus on DevOps and cloud native. She has... Read More →
avatar for Seth McCombs

Seth McCombs

Seth McCombs, AcuityMD
Seth is a Senior Infrastructure Engineer at AcuityMD, currently residing in the Bay Area (California). He has spent time on past Kubernetes release teams, and various other open source projects. His background centers around containers, deployment pipelines, and building efficient... Read More →
avatar for Natali Vlatko

Natali Vlatko

Open Source Architect, Cisco
Natali Vlatko (she/her) is an Open Source Architect at Cisco, specializing in open software, policy, compliance, and governance, and is a SIG Docs Co-Chair for Kubernetes. She plays on the fun computer in her spare time. Her academic background is in Egyptology and Archaeology; specifically... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice

16:30 CET

Build Your Contributor Base - Josh Berkus & Ali Ok, Red Hat; Dawn Foster, CHAOSS; Catherine Paganini, Buoyant; Sandeep Kanabar, NortonLifeLock
You’ve joined the CNCF, your technology is great, you’ve done several releases, and you even have a nice web page. So why isn’t your project attracting more contributors? TAG Contributor Strategy is here to help you with tips, ideas, and guides on how to attract, retain, and promote contributors to your project. This session will include a brief snapshot of the TAG’s many contribution guides, plus tips from project leaders who have grown their projects, including: - How to use roadmaps to recruit contributors - Retention, promotion, and ladders - Making your project more accessible - Contributor recognition - Monitoring recruitment and growth - Mentoring: not just for students If you lead any part of an open source project, please join us and learn how to accelerate your contributor growth.

Speakers
avatar for Sandeep Kanabar

Sandeep Kanabar

Lead Software Engineer, NortonLifeLock
Sandeep is a passionate Elasticsearch Consultant hailing from India. A frequent meetup speaker, he enjoys sharing his lessons learned from 15+ years in the tech space with the community. He's a staunch advocate for diversity and inclusion and an active member of the CNCF Deaf and... Read More →
avatar for Josh Berkus

Josh Berkus

Kubernetes Community Architect, Red Hat
Josh Berkus is the Kubernetes Community Manager for Red Hat. He contributes to Kubernetes, Etcd, Elekto, and a few other projects. Josh is a TAG Contributor Strategy co-chair, and recently retired from being a Kubernetes SIG lead. He also still dabbles in databases, despite being... Read More →
avatar for Dawn Foster

Dawn Foster

Director of Data Science, CHAOSS
Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community... Read More →
avatar for Catherine Paganini

Catherine Paganini

Head of Marketing, Buoyant
Catherine Paganini is TAG Contributor Strategy Co-chair, CNCF Deaf & Hard of Hearing WG facilitator, CNCF Cloud Native Glossary founder, and Head of Marketing at Buoyant, the creator of Linkerd. A marketing leader passionate about open source, Catherine started her contributor journey... Read More →
avatar for Ali Ok

Ali Ok

Principal Software Engineer, Red Hat
Ali Ok works for Red Hat as a principal software engineer. He is a Knative steering committee member and works with working groups within Knative. Besides the technical contributions to Knative and many CNCF projects, Ali is a CNCF Ambassador and a regular contributor to the CNCF... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | E05 - E06

16:30 CET

Chart Your Course Like a Champion - Andrew Block & Karena Angell, Red Hat; Joe Julian, Stealth Startup; Scott Rigby, Independent
Helm provides the features and capabilities to package and manage Kubernetes applications with ease. However, are you properly taking advantage of all of the features that Helm has to offer? In this session, join Helm project maintainers as they highlight some of the key ways that you can elevate your use of Helm and become a helm chart champion. Areas in particular include: * Chart structuring * Templating * Dependency management * Chart testing and releasing Cross the finish line with the knowledge that you can’t afford to miss!

Speakers
avatar for Joe Julian

Joe Julian

Technical Lead, Stealth Startup
Joe Julian is a seasoned Tech Lead with a passion for large-scale systems. With an eye for detail and a strategic mindset, Joe excels in solutions that drive efficiency and innovation. Beyond technology, he finds solace in outdoor activities, embracing the balance between the digital... Read More →
avatar for Andrew Block

Andrew Block

Distinguished Architect, Red Hat
Andrew Block is a Distinguished Architect at Red Hat that works with organizations to design and implement solutions leveraging cloud native technologies. He specializes in Continuous Integration and Continuous Delivery methodologies with a focus on security to reducing the overall... Read More →
avatar for Scott Rigby

Scott Rigby

CNCF Ambassador, Me and who?
Scott is a Brooklyn-based interdisciplinary artist and Developer Advocate. He co-founded the Basekamp art and research group in 1998 and the massively collaborative Plausible Artworlds international network. In technology, he enjoys helping develop open source software that anyone... Read More →
avatar for Karena Angell

Karena Angell

Senior Principal Product Manager, Red Hat
Karena Angell is a Senior Principal Product Manager at Red Hat focusing on cloud native application workloads for Kubernetes, open source software projects, as well as solutions for the 'open' hybrid cloud. She is a Helm maintainer and TAG App Delivery Technical Lead.


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | N03

16:30 CET

Distributed AI: Using NATS.Io to Seamlessly Connect AI Applications from Cloud to Edge - Tomasz Pietrek & Jeremy Saenz, Synadia
Alongside the meteoric rise of generative AI, edge computing is continuing to dominate industry conversation, leaving engineering teams tasked with figuring out how to keep moving quickly in a world that is getting more and more distributed. In this highly interactive talk, Jeremy Saenz and Tomasz Pietrek will give an overview and update on NATS.io and illustrate how companies are leveraging this CNCF project to build an end-to-end central nervous system for their organization. Come prepared to participate in an exciting collaborative experience with real AI applications and devices, and learn how you can start utilizing NATS.io to solve for AI, Cloud, Edge, or all three!

Speakers
avatar for Tomasz Pietrek

Tomasz Pietrek

OSS Engineering Manager, Synadia
Tomasz is OSS Engineering Manager at Synadia, spearheading thr OSS team while actively contributing to key NATS projects, including NATS Server, Rust client and others. Before that he held Principal Architect, Tech Lead and Solution Architect roles in companies spanning Fintech, Industry... Read More →
avatar for Jeremy Saenz

Jeremy Saenz

Senior Software Engineer @ Synadia, Synadia
Jeremy is an engineer at Synadia Communications, which currently maintains the NATS open source project. Jeremy has worked on many popular open source projects in the Go community: including Martini, Negroni, CLI, Gin and Inject. Previously Chief Product Officer at Kajabi, Jeremy... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | W02-03

16:30 CET

Keptn: A Deep Dive - Giovanni Liva & Anna Reale, Dynatrace
Embark on a journey exploring Keptn with the maintainers. This user guide presents Keptn's philosophy, features, and its latest innovations, showcasing how it empowers your organization to enforce good DevOps/SRE practices. We will show a unified way to collect DORA metrics out of the box, add tests or security checks, and validate Service Level Objectives (SLO) as part of the deployment, all done in a cloud-native way. Finally, we will demonstrate how Keptn automates and controls the promotion of artifacts across stages while providing and linking traces of your deployments. Keptn leverages OpenTelemetry, Grafana, and existing Kubernetes primitives such as Custom Resources to support an observable delivery of your applications. Join the Keptn community to contribute and shape the project's future.

Speakers
avatar for Anna Reale

Anna Reale

Software Engineer, Dynatrace
Anna contributed to multiple CNCF projects, such as OpenFeature and currently, she serves as a maintainer of the Keptn project, actively mentoring junior community members.
avatar for Giovanni Liva

Giovanni Liva

Senior Software Engineer, Dynatrace
Giovanni Liva is a Senior Software Engineer at Dynatrace, where he drives open source initiatives around cloud native delivery, DevOps, and observability. He has contributed to several CNCF projects and currently serves as a Maintainer and Technical Committee member of the Keptn... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | N04

16:30 CET

Policy as Code: A Game-Changer for Stack Security - Raz Cohen, Permit.io
In today's fast-paced world of software development, building a product might be straightforward, but ensuring its security is a distinct challenge. Dive into the world of "Policy as Code", and uncover the transformative power of integrating an authorization layer directly into your codebase. From highlighting the significance of security (with a nod to the OWASP Top Ten) to delving into the nuances of access control models like ABAC, RBAC, and REBAC, this talk offers a comprehensive look at the landscape of policy-driven security. Furthermore, attendees will gain insights into the capabilities and distinctions of leading policy engines, including OPA, Cedar, and OpenFGA. In our modern era of application development, policies aren't just a choice—they are a mandate. Discover how you can seamlessly embed them into your workflow and bolster your stack's security. Join me and elevate your security game to the next level!

Speakers
avatar for Raz Cohen

Raz Cohen

Core Team Lead @ Permit.io, Permit.io
I'm Raz Cohen, Core Tech Lead at Permit.io, bringing over eight years of expertise in Developer Tools, specializing in Kubernetes, cloud-native solutions, Python & Golang. As a former member of the 8200 Intelligence corps, I've had the privilege of presenting at events like Cloud... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | E01-02

16:30 CET

Cloud-Native LLM Deployments Made Easy Using LangChain - Ezequiel Lanza & Arun Gupta, Intel
Deploying large language model (LLM) architectures with billions of parameters can pose significant challenges. Creating gen AI interfaces is difficult enough on its own but add to that the complexity of managing a complex architecture while juggling computational requirements and ensuring efficient resource utilization, and you’ve got a potential recipe for disaster when transitioning your training models to a real-world scenario. LangChain, an open source framework for developing applications powered by LLMs, aims to simplify creating these interfaces by streamlining the use of several NLP components into easily deployable chains. At the same time, Kubernetes can help manage the underlying infrastructure. This talk walks you through how to smoothly and efficiently transition your trained models to working applications by deploying an end-to-end LLM containerized LangChain application in a cloud-native environment . You'll learn how quickly and easily it be achieved.

Speakers
avatar for Arun Gupta

Arun Gupta

Vice President/General Manager, Intel
Arun Gupta is vice president and general manager of Open Ecosystem Initiatives at Intel Corporation. He is an open source strategist, advocate, and practitioner for over two decades. He has taken companies such as Apple, Amazon, and Sun through systemic changes to embrace open source... Read More →
avatar for Ezequiel Lanza

Ezequiel Lanza

AI Open Source Evangelist, Intel
Passionate about helping people discover the exciting world of artificial intelligence, Ezequiel is a frequent AI conference presenter and the creator of use cases, tutorials, and guides that help developers adopt open source AI tools.


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | Paris Room

16:30 CET

Super Reliable Cloud Native Data Processing Using Apache Spark and Cloud Shuffle Manager - Bo Yang & HAI TAO, Apple
Apache Spark is a widely used framework to do large scale data processing. When running on Kubernetes, it lacks fault tolerance for internal shuffle data which is stored on workers' local disk. Spark will have high failure rate when running on unreliable cloud environment like shared cluster with heavy workload, or Spot Instance/VM which is prone to termination by cloud provider. To make Spark super reliable and leverage Spot Instance/VM to save cost, we built a new Shuffle Manager to store shuffle data replication on cloud storage. Spark will read shuffle data from workers in normal case, and read from cloud storage in case of worker failure. This greatly increases reliability without compromising performance. This talk will present how we built the Cloud Shuffle Manager and share the underlying optimizations we did to improve shuffle performance. We will also show how to leverage this to run Spark application on Spot Instance/VM reliably with lower cost in large scale.

Speakers
avatar for Bo Yang

Bo Yang

Staff Engineer, Apple
Bo Yang worked in the Big Data area for 10+ years in various companies building large-scale systems including Apache Spark data processing platform and Uber's Remote Shuffle Service. He currently works in Apple, building Spark as a Service on Kubernetes, and is the creator of the... Read More →
avatar for HAI TAO

HAI TAO

Software Engineer, Apple
Hai Tao is a software engineer working in the Data Infrastructure Spark team at Apple. He specializes in the realm of data infrastructure development, with a keen focus on optimizing cost efficiency for running Spark in the cloud environments in the recent years. His role also involves... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.1 | Room F

16:30 CET

Simplifying Multi-Cluster and Multi-Cloud Deployments with Cilium - Liz Rice, Isovalent
Multi-cloud, multi-cluster Kubernetes deployments are used for high-availability, global distribution, to take advantage of different cloud vendor features, or to use both on-prem and public clouds. But sharing workloads in these distributed environments doesn’t have to be complicated! This talk uses live demos to introduce Cilium’s ClusterMesh capabilities, which make it easy to connect and secure workloads distributed across clouds and clusters. - Securely connecting multiple Kubernetes clusters - Distributing services across them - Load balancing and service affinity - Applying network policies across multiple clusters - Exposing distributed services to external traffic You’ll also learn about the requirements for the underlying internet connectivity between clusters, with an overview of IP address management considerations. You’ll need a basic familiarity with Kubernetes concepts like pods, services, nodes and clusters to get the most out of attending this talk.

Speakers
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium project. She was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of O'Reilly books "Learning eBPF" and... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | S04
  Networking + Edge + Telco

16:30 CET

Disintegrated Telemetry: The Pains of Monitoring Asynchronous Workflows - Johannes Tax, Grafana Labs
Different components involved in asynchronous workflows typically communicate via messages or events. Instrumenting and observing such workflows often results in disintegrated telemetry pieces (metrics and traces), from which it is hard to deduce the lifetime and impact of a message or event. Distributed Tracing offers two different solution approaches to this problem: strong correlation via parent/child relationships, and weak correlation via links. I show how each solution approach is broken in its own way, and provide insights that help you to choose the least broken solution for your scenario. Finally, to show some light at the end of the tunnel, I give an overview of standardization efforts in this space, including W3C context propagation drafts for messaging protocols, and the messaging semantic conventions created by the OpenTelemetry messaging workgroup, which I'm leading.

Speakers
avatar for Johannes Tax

Johannes Tax

Principal Software Engineer, Grafana Labs
I’m a Principal Software Engineer at Grafana Labs, I help Grafana users be successful with OpenTelemetry instrumentation. I'm an approver for OpenTelemetry semantic conventions, and I lead a group dedicated to improving and stabilizing OpenTelemetry messaging semantic conventio... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | S05
  Observability

16:30 CET

Building Confidence in Kubernetes Controllers: Lessons Learned from Using E2e-Framework - Matteo Ruina, Datadog & Philippe Scorsolini, Upbound
When working with cluster components, or while developing new controllers, it is often necessary to run end-to-end (E2E) tests against real clusters. This allows developers to have confidence in the changes being made, allowing for frequent updates without compromising on reliability. Although Kubernetes has its own E2E framework, it is baked into the Kubernetes source code, making it difficult to consume from other projects. For this reason, the Testing Special Interest Group built the e2e-framework, an out-of-tree Go framework to define end-to-end tests suites that can be used to test Kubernetes components. In this session we will talk about the e2e-framework and will explain how Datadog and Crossplane adopted it to test their own clusters and controllers. We will cover why we chose this framework, how to start writing your own tests, the approach we took, as well as the drawbacks you need to be aware of.

Speakers
avatar for Matteo Ruina

Matteo Ruina

Senior Software Engineer, Datadog
Matteo is a Senior Software Engineer at Datadog where he is part of the team responsible for managing hundreds of Kubernetes control planes. Prior to Datadog, Matteo worked at Skyscanner on Kubernetes, CI/CD, operators and progressive rollout controllers. Matteo has been contributing... Read More →
avatar for philippe scorsolini

philippe scorsolini

Senior Software Engineer, Upbound
Philippe is a Senior Software Engineer at Upbound, where he joined the control planes team, contributing to the CNCF incubating project Crossplane. Prior to Upbound, Philippe worked at ControlPlane as a security-focused software engineer, at EnterpriseDB helping to build the now open-source... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance
  • Content Experience Level Any

16:30 CET

Cultural Shifts: Fostering a Chaos First Mindset in Platform Engineering - Sayan Mondal, Harness & Raj Vadheraju, FIS
In today's dynamic digital landscape, the reliability and resilience of complex systems are critical for delivering seamless user experiences. Chaos Engineering has emerged as a powerful discipline for proactively identifying and mitigating potential system weaknesses. This talk delves into the synergy between Chaos and Platform Engineering, presenting a paradigm shift in how organizations can enhance their platform engineering practices by leveraging chaos-first principles. Focusing on its application to real-world platform scenarios, the session aims to demonstrate how Chaos Engineering can play a pivotal role in advancing and maturing platform engineering practices. By the end, attendees will be equipped with the knowledge and tools to embark on their Chaos Engineering. The transformative potential of Chaos, when coupled with Observability, Load Generation, and CI/CD, will empower participants to elevate their platforms into highly resilient, reliable systems.

Speakers
avatar for Rajeshwar Vadheraju

Rajeshwar Vadheraju

SRE Architect, FIS
Rajeshwar Vadheraju is an engineering leader with 20 years of experience in the development and delivery of multiple enterprise applications in digital and core banking services with a recent primary focus on operational excellence, reliability engineering, and data center transformation... Read More →
avatar for Sayan Mondal

Sayan Mondal

Senior Software Engineer 2, Harness
Sayan is a Senior Software Engineer II at Harness, building their Chaos Engineering platform and helping them shape the customer experience market with Kubernetes, React, and Golang. He's the maintainer of a few open-source libraries and is also a maintainer of LitmusChaos (the Incubating... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

16:30 CET

The Art of Kubernetes Add-on Validation: Secure Strategies for the Modern Developer Platform - Joaquin Rodriguez, Microsoft
Validating cluster add-on upgrades securely and confidently across a Kubernetes fleet of clusters poses a significant challenge for platform teams. This session draws upon our combined enterprise expertise to demonstrate advanced techniques for both validating and deploying these upgrades, with a focus on securing infrastructure and streamlining operational workflows. We will guide you step-by-step through the comprehensive validation stages required for add-ons, highlighting their integration within an add-on ecosystem using ephemeral virtual clusters (vClusters), and ensuring compatibility across Kubernetes versions. Furthermore, leveraging GitOps, we will outline effective strategies for the safe and incremental rollout of these add-ons.

Speakers
avatar for Joaquin Rodriguez

Joaquin Rodriguez

Senior Software Engineer, Microsoft
Joaquin Rodriguez, a Senior Software Engineer in the Industry Solutions Engineering organization at Microsoft, helps customers tackle their toughest technical problems, on the cloud and at the edge. With over ten years of experience, Joaquin is passionate about open-source technologies... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.1 | Room A
  Platform Engineering

16:30 CET

The Chain of Trust: Towards SLSA L3 with Tekton Trusted Artifacts - Jerop Kipruto, Google & Andrea Frittoli, IBM
As supply chain attacks become more prevalent, securing build systems is vital. Tekton has implemented features to address this, such as trusted resources, provenance, and Sigstore integration. However, users still don't have a secure way to share data that can preserve the chain of trust for artifacts from input materials to output products tracked in attestations. To address this issue, the Data Interface SIG is focused on providing first-class support for artifacts, adhering to critical standards like SLSA, in-toto, and CDEvents. This will be done while ensuring scalability for large enterprise environments and a user-friendly API. In this talk, we’ll discuss the SIG's approach to this problem, highlighting both successes and lessons learned. We'll present the design of the new artifact-related features and we'll share exciting news about the project roadmap. Join us to learn how to secure artifacts in Tekton and discuss ideas on how to further secure software supply chains.

Speakers
avatar for Andrea Frittoli

Andrea Frittoli

Open Source Developer Advocate, IBM
Andrea Frittoli is a Developer Advocate at IBM and an open source enthusiast. He is the co-founder of the CDEvents project and member of the project Governing Board. He is the chair of the CDF TOC and member of the Governing Board. He's a strong advocate for transparency in open source... Read More →
avatar for Jerop Kipruto

Jerop Kipruto

Senior Software Engineer, Google
Jerop Kipruto is a Senior Software Engineer at Google where she makes it easier and safer for developers to build and ship cloud native applications. She is a maintainer and governing board member of the Tekton project, and she is a frequent speaker at industry conferences, including... Read More →


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.3 | S06
  SDLC

16:30 CET

Securing the Supply Chain with Sigstore Artifacts Signatures at Scale - Dmitry Savintsev & Yonghe Zhao, Yahoo
An exploration into Yahoo’s year-long integration journey of Sigstore, enhancing Supply Chain Security through verifiable "certificates of origin" for artifacts. Despite the challenges of scaling Sigstore in a high-traffic environment, the Paranoids — Yahoo’s information security organization — successfully secured around 60,000 daily builds, spanning 700 clusters and 100,000 pods. Join us as we: * Showcase the image signing and verification process, sharing insights from our experiences. Learn about the enhancements we implemented in Sigstore and cosign to achieve an "enterprise-grade" deployment at Yahoo's scale. * Delve into how we adapted these components to Yahoo’s corporate environment where we have our own certificate authority and identity provider (Athenz). Attendees will leave this session with the knowledge to seamlessly implement Sigstore in their Continuous Integration (CI) pipelines, customized to their specific components and enterprise architecture.

Speakers
avatar for Dmitry Savintsev

Dmitry Savintsev

Paranoid, Yahoo
Dmitry Savintsev is a veteran Yahoo Paranoid (Security Engineer) with over 20 years of experience in the areas of Software Development and Security with the emphasis on their combination. As part of the internal R&D team, he works on large-scale projects to improve security of the... Read More →
avatar for Yonghe Zhao

Yonghe Zhao

Software Dev Engineer, Yahoo
Yonghe Zhao is a Software Dev Engineer at Yahoo. He is responsible for designing & implementing security-related software systems at Yahoo. A pragmatic lifelong learner, he brings a proactive and results-oriented approach to his work.


Wednesday March 20, 2024 16:30 - 17:05 CET
Pavilion 7 | Level 7.1 | Room D
  Security
  • Content Experience Level Any

16:30 CET

AI HUB | 🤖 Unconference Sessions, Wrap-Up + Thank You's
The AI Hub is back! This one-day unconference will explore AI topics impacting the cloud native community. LLMs, AI policy, AI operations, AI data governance and more. Join us for active conversations and learn from your peers on how they are using AI in their organizations.

  • Have an unconference session idea? Bring it with you! Sessions will be collected/posted in person. Unconference sessions are casual group conversations about a topic, so no need to bring anything other than yourself and your thoughts to share with the group.
  • Have a cool topic you'd like to discuss? What are you most interested in hearing about? What questions do you have around AI? Share those ideas here! (Note this is not a topic submission.) Please submit all thoughts, interests, and questions by EOD Monday, 18 March.

Agenda
11:15 - 11:20 | Welcome
11:20 - 11:55 | Keynote
11:55 - 12:30 | Unconference Pitches + Talk Selections
12:30 - 13:05 | Unconference Sessions Round 1
13:05 - 14:30 | Lunch - Sponsor Showcase
14:30 - 14:35 | Welcome Back
14:35 - 15:00 | Demo
15:00 - 15:35 | Unconference Sessions Round 2
15:35 - 16:10 | Unconference Sessions Round 3
16:10 - 16:30 | Coffee Break
16:30 - 17:05 | Unconference Sessions Round 4
17:05 - 17:15 | Wrap Up + Thank You's


Click here for the shared Google folder to add your unconference session notes

Wednesday March 20, 2024 16:30 - 17:15 CET
Pavilion 7 | Level 7.3 | W06-07
  ML/AI + Data Processing + Storage
  • Content Experience Level Any

16:30 CET

Tutorial: Cloud Native WebAssembly and How to Use It - Brooks Townsend, Cosmonic & Michael Yuan, Second State
WebAssembly (Wasm) changes the way we think about software. For application developers, a platform agnostic, secure by default, polyglot binary developed by open standards bodies is a dream come true. But, how does it work? How does Wasm fit into an existing cloud native stack? What is a WASI, or a preview 2, or the component model, or a wit? This tutorial is a deep dive into cloud native WebAssembly. It starts with a brief overview of the binary format itself, moving on the standards that power Wasm applications, and finishing with running the exact same binary in two different CNCF application runtimes: wasmCloud and WasmEdge. For those wondering what it looks like from the platform side, this tutorial will touch on how you can integrate Wasm into your existing container or Kubernetes focused infrastructure through a variety of approaches. Audience members will have the opportunity to ask maintainers of both projects questions through creating their first Wasm application.

Speakers
avatar for Michael Yuan

Michael Yuan

Co-founder, Second State
Co-founder at Second State
avatar for Brooks Townsend

Brooks Townsend

Lead Software Engineer, Cosmonic
Brooks is a Lead Software Engineer at Cosmonic, focusing on harnessing WebAssembly to alleviate the pains of modern software development. Brooks started his software development career with Critical Stack, a Kubernetes container orchestration platform that is now open source. He joined... Read More →


Wednesday March 20, 2024 16:30 - 18:00 CET
Pavilion 7 | Level 7.3 | N01-02
  Tutorials, SDLC

16:30 CET

🚨 Contribfest: Metal3 - Hands-on Introducton and Contribution Workshop
Metal3 is a K8s native way to mange the life cycle of bare metal K8s clusters at scale via the Cluster API. The Metal3 community is always exploring ways to get feedback and make the task of bare metal life cycle management more approachable for newcomers. For those new to the project we will provide a tour of the repository and help set up development environments to begin contributing on some existing issues of outstanding technical debt. For those that have some familiarity with Metal3, we will spend time getting deeper in technical detail about possible questions about implementation details, pending feature requests and ways to cooperate better along common interest.

Speakers
avatar for Adam Rozman

Adam Rozman

Experienced Developer, Ericsson
Adam has 6+ years of work experience in various developer roles e.g. Embedded, DevOps and Cloud. Right now Adam is working for Ericsson as an experienced developer on opensource projects as an upstream developer. He is a member of the Metal3 developer community since July of 2021... Read More →


Wednesday March 20, 2024 16:30 - 18:00 CET
Pavilion 7 | Level 7.3 | W01

17:25 CET

How to Save Millions Over Years Using KEDA ? - Solene Butruille, BlackRock
KEDA, Kubernetes Event-Driven Autoscaling, is an open-source project enabling automatic scaling of resources in Kubernetes based on event-driven triggers, contrasting with the classic HPA limited to CPU and memory usage. It allows Kubernetes workloads to dynamically scale based on various events such as custom metrics from third party software (Prometheus, RabbitMQ...), making it well-suited for optimising resource utilisation. During this session, we will dive into KEDA, what it is and how it works. Then, we will cover our use case, using KEDA to perform event driven autoscaling down of resources. First, we will review our decision to use KEDA and the alternate options. Then, we will explore metrics exposure using Prometheus, and reading them with KEDA. We will then move on to the Keda setup and the main challenges we faced. Finally, we will evaluate the anticipated cost savings and compare it to the actual results. All the steps will be illustrated by a live demo!

Speakers
avatar for Solene Butruille

Solene Butruille

Solene Butruille, BlackRock, BlackRock
Solene Butruille is a software engineer at BlackRock working on Aladdin, a software unifying the investment process. She has been working on multiple areas of the software including cybersecurity, alpha generation and cloud native applications. She is always eager to learn more and... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience

17:25 CET

Savoir Faire: Cloud Native Technical Leadership - Arun Gupta, Intel; Nikhita Raghunath, VMware; Lin Sun, solo.io; Emily Fox, Red Hat; Nancy Chauhan, LocalStack
Like baking a loaf of Pain Poilâne, technical leadership requires a balance of ingredients and continued practice and refinement of skills to create valuable and positive change. Renowned Parisian baker Lionel Poilâne believed the process is the most important aspect of vision. Cloud native technical leadership isn't any different, it is the exemplification of cloud native values in the communications, decisions, and commitment we make to the ecosystem. As individuals, we are responsible for our “loaves” or work from start to finish. But what does it mean? How can we create a recipe for other technologists to replicate those contributions to our projects and community successes? In this Panel, Technical Leaders across the cloud native ecosystem will share their experiences, insights, and methods to provide accessible explanations on being cloud native technical leaders across an international, diverse community of cloud native technologists.

Speakers
avatar for Lin Sun

Lin Sun

Head of Open Source, solo.io
Lin is the Director of Open-Source at Solo.io. She has worked on Istio service mesh since 2017 and serves on the Istio Technical Oversight Committee. Previously, she served on the Istio Steering Committee for three years and was a Senior Technical Staff Member and Master Inventor... Read More →
avatar for Arun Gupta

Arun Gupta

Vice President/General Manager, Intel
Arun Gupta is vice president and general manager of Open Ecosystem Initiatives at Intel Corporation. He is an open source strategist, advocate, and practitioner for over two decades. He has taken companies such as Apple, Amazon, and Sun through systemic changes to embrace open source... Read More →
avatar for Nancy Chauhan

Nancy Chauhan

DevRel Engineer at LocalStack, CNCF Ambassador, LocalStack
Nancy is an Engineer and Developer Advocate at LocalStack. She is a CNCF Ambassador. She has taken the initiative to establish the "Women in Cloud Native Community" to encourage diversity and participation. Nancy recently organized the first cloud-native sustainability mini-conference... Read More →
avatar for Nikhita Raghunath

Nikhita Raghunath

Staff Software Engineer, CNCF TOC Member, VMware
Nikhita is a staff software engineer at VMware and a maintainer of the Kubernetes project. She is a member of the CNCF Technical Oversight Committee and has won the CNCF Top Committer Award in 2021 for her technical contributions. She is currently the technical lead for Kubernetes... Read More →
avatar for Emily Fox

Emily Fox

Security Lead - Emerging Technologies, Security Community Architect - OSPO, Red Hat
Emily Fox is a DevOps enthusiast, security unicorn, and advocate for Women in Technology. She has worked in security for over 13 years to drive a cultural change where security is unobstructive, natural, and accessible to everyone. Serving as chair on the Cloud Native Computing Foundation’s... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice
  • Content Experience Level Any

17:25 CET

Cortex Intro: Multi-Tenant Scalable Prometheus - Ben Ye, Amazon Web Services & Friedrich Gonzalez, Adobe
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus. In this talk, Ben will do an introduction of Cortex architecture and project status. He will also walk through those new features added to Cortex throughout 2023 and how to utilize them efficiently in production.

Speakers
avatar for Friedrich Gonzalez

Friedrich Gonzalez

Cloud Operations Software Engineer, Adobe
20 years of experience as a Software Engineer. Cortex Maintainer
avatar for Ben Ye

Ben Ye

Software Development Engineer, Amazon Web Services
Ben Ye is a software development engineer at AWS. He is a maintainer of Thanos and Cortex, and contributor to many CNCF and Prometheus ecosystem projects, such as Prometheus itself, Prometheus operator, Kubernetes, etc. His interests include observability, distributed systems, storage... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | W02-03

17:25 CET

DRAcon: Demystifying Dynamic Resource Allocation - from Myths to Facts - Kevin Klues, NVIDIA & Patrick Ohly, Intel
At KubeCon NA 2023, dynamic resource allocation (DRA) made headlines because it was mentioned in the keynote. This generated so much buzz that Tim Hockin quipped on social media that it felt like he attended DRAcon instead of KubeCon. At KubeCon EU we’ll demystify this new technology! DRA is a new approach for describing resource requirements in a Kubernetes cluster. It was first introduced in Kubernetes 1.26 and continues to remain in an alpha state in 1.29. It offers several advantages compared to existing approaches: Support for custom hardware can be added by developing and deploying DRA drivers, without having to modify Kubernetes. Resource parameters are defined by vendors. Sharing of a resource instance between containers and pods. In order to move forward to beta and beyond, we need feedback from the community to understand whether it’s ready in its current form, who wants to use it for what, and how we can solve some of the open challenges, like cluster autoscaler support.

Speakers
avatar for Patrick Ohly

Patrick Ohly

Cloud Software Architect, Intel GmbH
Patrick Ohly is a software engineer at Intel GmbH, Germany. In the past he has worked on performance analysis software for HPC clusters ("Intel Trace Analyzer and Collector") and cluster technology in general (PTP and hardware time stamping). Since January 2009 he has worked for Intel... Read More →
avatar for Kevin Klues

Kevin Klues

Distinguished Engineer, NVIDIA
Kevin Klues is a distinguished engineer on the NVIDIA Cloud Native team. Kevin has been involved in the design and implementation of a number of Kubernetes technologies, including the Topology Manager, the Kubernetes stack for Multi-Instance GPUs, and Dynamic Resource Allocation (DRA... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | E01-02

17:25 CET

From UI to Storage: Unraveling the Magic of Thanos Query Processing - Michael Hoffmann, Aiven GmbH & Giedrius Statkevičius, Vinted
Thanos is a popular open-source, highly available Prometheus setup with long-term storage capabilities. It is designed as a system of microservices that communicate over gRPC. Users trust Thanos with deployments that manage billions of series and years of retention in globe-spanning clusters. But how does it manage to answer PromQL queries using data from disparate highly distributed sources? In this talk, Thanos maintainers, Giedrius and Michael will answer that question by providing a brief walkthrough of PromQL evaluation from the time that a query is submitted to the UI, to how the data is gathered from different nodes, and how it is used by the new, more efficient, PromQL Engine to produce a result. Throughout this walkthrough, the audience will learn how Thanos works and how to effectively configure and deploy Thanos on your Kubernetes cluster and beyond. Join us, ask questions, and connect with the Thanos community!

Speakers
avatar for Giedrius Statkevičius

Giedrius Statkevičius

Site Reliability Engineer, Vinted
Giedrius is a site reliability engineer at Vinted mainly working on the internal monitoring infrastructure. He has been a Thanos maintainer for almost 5 years.
avatar for Michael Hoffmann

Michael Hoffmann

Mister, Aiven GmbH
Michael is a site reliability engineer at Aiven where he works on the internal monitoring infrastructure. Aiven is a SaaS platform that takes the pain out of cloud infrastructure by providing fully managed opensource databases. He has been contributing to Thanos for about a year... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.1 | Room B

17:25 CET

Kubernetes Steering Committee: Genesis, Bootstrap, Now & Future - Nabarun Pal, Broadcom & Paco Xu, DaoCloud
The Kubernetes Steering Committee plays a crucial role in overseeing the non-technical aspects of the Kubernetes project and making important project-wide decisions. The committee has a wide scope of working and responsibilities. The committee has evolved over the years. In this session, let’s take a look at how the committee came to be created, the bootstrap era, how it works now and what’s in store for the future. We will have excerpts from our emeritus members who served to shape the goals and vision of the steering committee. We will explore how you can leverage our learnings to enhance the governance of your own cloud native projects. If you are eager to gain insights or have queries about the governance journey of the Kubernetes project, we encourage you to drop by and engage in an insightful discussion.

Speakers
avatar for Paco Xu

Paco Xu

OpenSource Team Leader, DaoCloud
Paco is an active Kubernetes contributor in multi SIGs and the lead of the DaoCloud open-source team.Kubernetes Steering CommitteeKubeadm MaintainerKubernetes v1.30 Release Signal Team LeadSIG-Node ReviewerHe organized Kubernetes Contributor Summit China 2023 and KCD Chengdu 2022, and speaked at KubeCon EU 2023, KubeCon China 2021 & 2023, KCD Shanghai. In 2024, he becomes LFAPAC Evangelist... Read More →
avatar for Nabarun Pal

Nabarun Pal

Staff Engineer at VMware, Kubernetes Steering Committee and Maintainer, Broadcom
Nabarun is a Staff Software Engineer at VMware, a maintainer of the Kubernetes project, an elected Kubernetes Steering Committee member and a chair of Kubernetes SIG Contributor Experience. He is a Release Manager for Kubernetes and has been the Kubernetes 1.21 Release Team Lead... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | E05 - E06

17:25 CET

Longhorn: Intro, Deep Dive and Q&a - David Ko, SUSE
Longhorn stands as a cloud-native distributed block storage solution, purpose-built for Kubernetes environments. It is a flexible distributed storage solution supporting various storage interfaces to satisfy different volume/access modes in Kubernetes. Its versatility allows it to operate across diverse landscapes, be it on-prem, in the cloud, or at the edge. Besides, Longhorn boasts an array of data and operational services, including volume/system backup/restore, snapshot/revert, recurring jobs, replica auto-balancing, CSI compatibility, and so on. This session aims to introduce Longhorn, delve into its current status, and spotlight key features from recent releases, such as the update of the v2 data engine since the 1.5 release, backing image backup/restore, and more improvements. We'll also share insights into the roadmap and engage the audience in an in-depth discussion. Notably, Longhorn has been an incubating project by the Cloud Native Computing Foundation since November 2021.

Speakers
avatar for David Ko

David Ko

Senior Engineering Manager, SUSE
A hands-on senior software manager and architect with 15+ years of software development experience, familiar with Microservices, Distributed system design, CI/CD, Automation, DevOps, Container, WASM, Container Orchestration (Kubernetes, Mesos), Cloud computing, Cloud Native Solution... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | N04

17:25 CET

Project Harbor, All the Year Around, and What Comes Next - Orlin Vasilev & Miner Yang, VMware; Vadim Bauer, 8gears Container Registry; Yan Wang, Broadcom
In 2023, we released Harbor v2.8, which integrated CloudEvents, improved the JobService dashboard, and supported OCI distribution spec 1.1. In our v2.9 release, we introduced the Security Hub and significantly improved the GC for parallel deletion. The platform was further strengthened by integrating Nydus and Notation. The winter release of Harbor - v2.10, introduced improved customization of access to robot accounts through the user interface and paved the way for the integration of SBOM. Our roadmap for the next year includes finalizing the SBOM implementation, integrating multi-scanners, and designing policies for organizing various auto-generated SBOMs. Our goal is to increase the adoption of distribution OCI spec 1.1 and expand our client base. We are also exploring an AI-assistant registry - trends in AI. We welcome software engineers and DevOps professionals to join our community and explore the possibilities of Harbor together. Let's work together to make Harbor even better!

Speakers
avatar for Orlin Vasilev

Orlin Vasilev

Mr, VMware
Orlin Vasilev is Sr. Community Manager for Project Harbor as part of the Cloud Native team at VMware. Second term CNCF Ambassador and driving the biggest Meetup Group(~1.3 K members) in Bulgaria. KubeCon CfP review board member and co-chair for Track 101 and Community. Previously... Read More →
avatar for Yan Wang

Yan Wang

Staff Engineer, Broadcom
Yan Wang is a Staff engineer working on VMWare. As one of the core maintainer of CNCF project Harbor and the maintainer of CNCF project distribution, his main work focuses on technology research and innovation in the cloud native field.
avatar for Vadim Bauer

Vadim Bauer

Harbor Maintainer, 8gears Container Registry
Vadim Bauer is a Container Silverback with over a decade of experience in running containers in production. As a maintainer of the CNCF project Harbor, he focuses on extending the boundaries of OCI artifact management, adoption, and developer experience. At 8gears, Vadim helps cloud... Read More →
avatar for Miner Yang

Miner Yang

CNCF Project Harbor Contributor, Member of VMware Kubernetes techinal staff, VMware
Join Cloud Native and Harbor team 2 years ago, Developer of Harbor, Harbor-helm and Harbor Carvel Package.


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | N03

17:25 CET

Empowering Developers with Easy, Scalable Stream Processing Technologies on Kubernetes - Derek Wang & Vigith Maurice, Intuit
Stream processing and data analytics are needed by both data engineers and non-data engineers such as platform engineers, DevOps, etc. How to make real-time stream data processing easy to use, cost-efficient and resilient to pod restarts or node upgrades is a big challenge. While there are existing stream processing solutions, they require a steep learning curve, are operationally intensive and usually costly. This talk will share our experience building a generic open-source K8s native stream processing framework called Numaflow. It enables developers to easily and quickly run large-scale stream processing jobs without needing to depend on heavy and costly data processing platforms; Using this platform, Intuit’s application developers process ~5B messages for analytics, ML engineers train 135K models and make 60M predictions daily. It’s been powering Intuit’s large scale anomaly detection platform running in 200+ Kubernetes clusters.

Speakers
avatar for Derek Wang

Derek Wang

Principal Software Engineer, Intuit
Derek Wang is a Principal Software Engineer working for Intuit, his main focus is on the architecture of event-driven systems, as well as streaming data processing. He is the project lead of a couple of open source projects: CNCF graduated project Argo Events, and Numaflow (a Kubernetes... Read More →
avatar for Vigith Maurice

Vigith Maurice

Principle Engineer, Intuit
Vigith is a co-creator of Numaproj, and Principal Software Engineer for the Intuit Observability and Analytics team in Mountain View, California. One of Vigith's current day-to-day focus areas is on the various challenges in building scalable data and AIOps solutions for both batch... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | Paris Room

17:25 CET

The Data Pipelines Behind Forest Carbon Credits – Why Pachama Uses Flyte to Orchestrate Workflows - Bernhard Stadlbauer, Pachama
Navigating the current landscape of carbon credit projects demands a commitment to transparency and openness in carbon credit computation methods, particularly in the face of growing skepticism towards forest-based initiatives. The essence of trust lies in establishing a clear data lineage, tracing the journey from earth observations, such as satellite imagery, all the way to the generation of carbon credits. This talk is a case study on how Pachama uses Flyte — a Kubernetes-native workflow orchestrator — to handle complex data and machine learning pipelines. Key highlights of this session include: 1. Introduction to Flyte 2. Flyte's Workload Management in Kubernetes 3. Pachama's Flyte Configuration 4. Lessons Learned and Common Pitfalls 5. Comparison to Other Orchestrators Such As Argo or Kubeflow

Speakers
avatar for Bernhard Stadlbauer

Bernhard Stadlbauer

Staff Data Engineer, Pachama, Pachama
Bernhard works as a Staff Data Engineer at Pachama, focusing on bringing transparency to the Forest Carbon market. With a genuine love for open source, he actively contributes to the technical steering committee for Flyte, a Kubernetes Native workflow orchestrator. Outside of work... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.1 | Room F

17:25 CET

Persistence Pays off: The Path to Session Persistence in Gateway API - Jung-Yu (Gina) Yeh, Google & Grant Spence, Red Hat
Session persistence provides a seamless user experience and performance benefits for applications with local client state by directing connections consistently to the same server. Setting up session persistence in Kubernetes can be challenging, as each protocol has a unique approach to configuration. Fortunately, the latest and most requested addition to Gateway API adds the capability to configure session persistence. In this talk, we will explore the concept of session persistence, unravel how it works, and discuss how we designed an API to standardize its implementation in Kubernetes. We will navigate through the confusing terminology used for session persistence, establishing distinctions between persistence, affinity, and sticky sessions. You'll learn about the challenges we encountered while designing a portable and extensible API. Additionally, we'll also explore Gateway API Metaresources and demonstrate how we use them to augment the functionality of existing Gateway API.

Speakers
avatar for Grant Spence

Grant Spence

Software Engineer, Red Hat
Grant is an OpenShift Engineer at Red Hat working on evolving the Gateway API offerings. He's an active community member and contributor of Gateway API and CoreDNS. Grant's aspiration is to continually expand his knowledge and expertise by exploring and innovating with emerging technologies... Read More →
avatar for Gina Yeh

Gina Yeh

Staff Software Engineer, Google
With over 10 years of experience as a software engineer and technical leader, Gina has worked across Web, Mobile, and IoT and been involved in multiple open source project development, including gRPC, Matter, and FireFox.


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | S04
  Networking + Edge + Telco

17:25 CET

From Configurations to Conclusions: Lessons from Fine-Tuning Open Telemetry’s Collector for Tracing - Vijay Samuel & Aishwarya Yandapalli, eBay
The adoption of Open Telemetry’s distributed tracing capabilities has revolutionized the way we analyze and monitor complex systems. Tracing allows us to speed up time to triage in massively distributed systems. Open Telemetry provides SDKs and a collector to do vendor neutral ingest into an Observability platform of choice. As many have described over time, the collector specifically, provides building blocks like Legos. Similar to Legos, one could easily put together either a masterpiece or something really ugly. In our journey to adopt Open Telemetry we went through a plethora of configuration patterns ranging from a single tier of collectors to multiple tiers of collectors with their own performance characteristics. In this talk, we will go over the various capabilities that can be used while adopting Open Telemetry Collector for Distributed Tracing, our journey of evolving pipeline configurations and valuable lessons we have learned along the way.

Speakers
AY

Aishwarya Yandapalli

Senior Software Engineer, eBay
A highly enthusiast individual to solve complicated problems and a very high interest in working with opensource.
avatar for Vijay Samuel

Vijay Samuel

Principal MTS, Architect, eBay
Vijay Samuel works with eBay's observability platform as its architect. During his time at eBay Vijay has transformed eBay's observability platform into a cloud native offering that is primarily built on top of open source technologies. He loves to code in Go and play video games... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | S05
  Observability

17:25 CET

Cloud-Agnostic Approach to Bin-Packing Pods in Managed Kubernetes in AWS, GCP and Azure - Vinay Suryadevara & Jianfei Hu, ClickHouse Cloud
This session will provide a unified approach to optimizing resource utilization via bin-packing pods and reducing costs in Kubernetes across AWS, GCP, and Azure. We will delve into the concept of bin-packing pods and its application in Kubernetes through the kube-scheduler's scoring policies. These policies prioritize nodes with higher utilization ratios for pod scheduling, enhancing cluster utilization and enabling the cluster autoscaler to remove underutilized nodes. We will explore the practical implementation of these strategies in different CSPs, demonstrating how to handle system utility workloads and over-provisioning for smoother scale-ups. We will also cover the current state of native support for bin-packing in managed k8s - EKS, GKE and AKS, providing insights into how to overcome these challenges. We will explore how, at ClickHouse Cloud, we saved millions of dollars on our Kubernetes infrastructure by employing a custom scheduler for efficient bin-packing of pods.

Speakers
avatar for Jianfei Hu

Jianfei Hu

Senior Software Engineer, ClickHouse
Jianfei Hu is a senior software engineer at ClickHouse, working on ClickHouse Cloud product, focusing on infrastructure part. Before that, he worked as an Istio maintainer when he was in Tetrate and Google. He also had worked on Google App Engine and Serverless products.
avatar for Vinay Suryadevara

Vinay Suryadevara

Senior Software Engineer, ClickHouse Cloud
Vinay Suryadevara is a Senior Software engineer in the Infrastructure team at ClickHouse cloud where he works on building a serverless, cloud based ClickHouse DB using open source tools such as Kubernetes, Cilium, Istio etc.


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance

17:25 CET

Troubleshooting Hidden Performance and Costs in Network Traffic Across Multiple AZs with eBPF - Shahar Azulay, Groundcover & Nirmal Mehta, Amazon Web Services
Spanning Kubernetes Clusters across multiple Availability Zones is common when optimizing for resiliency but introduces challenges like network performance and costs when workloads communicate with each other across AZs. AZs are designed for low roundtrip latency between different AZs in the same region, yet in a modern microservices application a single request can trigger multiple interactions crossing an AZ boundary over and over again, through several network layers including Application Load Balancers and Kubernetes proxies. This can create an aggregated effect which is usually hard to detect and troubleshoot on both latency and performance, but also cost since data transfer charges apply for cross-AZ communication. Enhanced Berkeley Packet Filter (eBPF) offers unparalleled visibility into the network stack of a Kubernetes cluster. It can be used to unravel concealed performance bottlenecks and understand the nuanced cost implications of network requests cross AZs in Kuberenetes.

Speakers
avatar for Shahar Azulay

Shahar Azulay

CEO, groundcover
Shahar, CEO of groundcover and a seasoned R&D leader in cybersecurity and machine learning, boasts an impressive career at Apple, DayTwo, and Cymotive Technologies. With a background in the Cyber division of the Israeli Prime Minister’s Office and three degrees from the Technion... Read More →
avatar for Nirmal Mehta

Nirmal Mehta

Principal Solutions Architect, Amazon Web Services
Nirmal Mehta is an AWS Principal Specialist Solutions Architect in the Worldwide Application Modernization team. He is experienced in distributed apps, kubernetes, emerging tech, devops and org strategy. Nirmal is a Docker Captain through his early public sector customers. He has... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.1 | Room A
  Platform Engineering
  • Content Experience Level Any

17:25 CET

Shift-Left: Past, Present, and Future of Validation in CI for GitOps Workflows - Alexander Zielenski, Google & Stefan Schimanski, Upbound
GitOps has become the de facto approach for managing configurations. However; without robust validation mechanisms, automated deployments can lead to unpredictable outcomes and high maintenance costs. Up until now GitOps users have largely been on their own for this critical step of their pipeline. Ever see a CI hooked up to prod? Or dry-running against a cluster that takes 10 minutes to spin up? Or forget to update an ObjectReference? Many real world usages defer to spinning up an apiserver with hundreds of CRDs installed as part of CI/CD just to test their manifests, since nothing else is reliable; others resort to incomplete and incorrect JSON schema validations. This is slow, expensive, and wastes valuable time. In this talk you will learn how to reliably, quickly, locally, validate your Kubernetes manifests using kubectl-validate to how avoid common mistakes and reinventing the wheel when setting up CI for your GitOps system.

Speakers
avatar for Stefan Schimanski

Stefan Schimanski

Senior Principal Engineer, Upbound
Stefan is a Senior Principal Engineer at Upbound working on control planes, Kubernetes, kcp, with a focus on API machinery. He contributed a major part of the CRD feature set. Stefan is a 2nd time GoogleSummer of Code mentor with CNCF, loves to teach and help people to learn. Before... Read More →
avatar for Alexander Zielenski

Alexander Zielenski

Software Engineer, Google
Alex is a former compiler and embedded systems engineer who has been contributing to open source Kubernetes since version 1.23 focusing on the apiserver.


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.3 | S06
  SDLC

17:25 CET

SLSA and FRSCA: Beyond Snacks and Soda! - Christopher Hanson, RX-M, llc.
As the systems where we build software grow in complexity and interconnectedness, so do potential risks. Thus, ensuring the security of the software supply chain has become a critical concern for any organization providing or consuming build platforms or packaging infrastructure. To address this concern, the Supply-chain Levels for Software Artifacts (SLSA) framework provides a set of guidelines to help organizations articulate how secure their systems are. This talk will begin by discussing the concepts of the SLSA framework: tracks, levels, and requirements. We will then build artifacts using a build system based on open source tooling from the Factory for Repeatable Secure Creation of Artifacts (FRSCA) reference implementation to demonstrate how to iteratively achieve increasing SLSA build levels. By the end, attendees should be able to begin assessing the security of their own organization’s software development and distribution processes and have a vocabulary for improvement goals

Speakers
avatar for Christopher Hanson

Christopher Hanson

Senior Cloud Native Engineer, RX-M, llc.
Christopher is an engineer, instructor, and consultant at RX-M, a leading cloud native advisory, consulting, and training firm. Chris has spoken at conferences, written blogs, authored courseware, and delivered training globally to hundreds of DevOps engineers at Fortune 100 companies... Read More →


Wednesday March 20, 2024 17:25 - 18:00 CET
Pavilion 7 | Level 7.1 | Room D
  Security

18:00 CET

End User Reception
The CNCF End User Reception brings together cloud native users for food, beverages, networking, and a casual setting to discuss best practices and lessons learned. Join us to meet peers and learn helpful tactics to help navigate the cloud native community!
Note: This event is reserved exclusively for active or applying CNCF end user members.

Wednesday March 20, 2024 18:00 - 20:00 CET
Terminal 7

18:00 CET

🎉 #KubeCrawl + #CloudNativeFest Sponsored by Adevinta and Upbound
Thank you to our sponsors, Adevinta and Upbound!

Join us for a captivating evening at KubeCrawl + CloudNativeFest, the highlight of our conference in Paris! Immerse yourself in the world of VR games, experience unlimited positivity at the Happiness Station, unleash your playful side at the arcade and Lego workshop, and engage in friendly competition with lawn bowling and games. Marvel at the skills of roaming entertainers, from jugglers and magicians to fortune-tellers and mimes. Plus, don't miss out on the exhilarating ClashLoopBackOff, where two competitors will showcase their technical ingenuity and creativity in solving a challenge set by the Scheduler. The competition will last twenty minutes, with entries judged on Stability, Resiliency, Flexibility, and Observability. Join us, root on our competitors, and feel free to engage live! It's an unforgettable night of laughter, fun, and unique experiences – an event not to be missed!

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🤟 Cloud Native Sign Language Crash Course (ASL/IS)
Ever wondered how to sign Kubernetes or Cloud Native? Join us for a fun intro to sign language by members of the CNCF Deaf & Hard of Hearing Working Group. Attendees will learn how sign language works, how to say hello, and some basic cloud native signs. Don't miss this interactive session!

Join us for a 20-minute session during KubeCrawl + CloudNativeFest Wednesday evening:
  • 18:00 - 18:20
  • 18:30 - 18:50
  • 19:00 - 19:20
  • 19:30 - 19:50

Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | LUXEMBOURG GARDENS ZONE
  Experiences
  • Content Experience Level Any

18:00 CET

🪧 Poster Session: Avoiding the Heat Death of Kubernetes and the CNCF Landscape - Lucas Käldström, Upbound & Madhav Jivrajani, VMware
The concept of entropy is a measure of disorderliness or chaos. The second law of Thermodynamics states that the Universe evolves spontaneously towards more chaotic states, eventually to “the Heat Death”. Kubernetes started off as a container orchestrator for stateless web apps. But now, what once was an orderly list of use-cases, has become a turbulent sea of possibility and complexity. This is also the case for the CNCF Landscape as a whole. With novel use cases in e.g. AI, cloud native will also need to evolve, increasing entropy. However, as we navigate these possibilities with Kubernetes at the base, it is critical that we talk about some of the philosophies and early decisions of the project, as well as how they have fared with an evolving industry. In doing so, we understand what we can rely on it for and what we can’t. Continuing from Tim Hockin’s keynote, join us as we talk about the physics of cloud native and how our community can deal with unseen use cases and scale.

Speakers
avatar for Lucas Käldström

Lucas Käldström

Senior Software Engineer, Upbound
Lucas is a Kubernetes and cloud native expert who has been serving the CNCF community in lead positions for 6 years. He’s awarded Top CNCF Ambassador 2017 with Sarah Novotny. Lucas was a co-lead for SIG Cluster Lifecycle, co-created kubeadm, Weave Ignite, and ported Kubernetes to... Read More →
avatar for Madhav Jivrajani

Madhav Jivrajani

Member of Technical Staff 2, VMware by Broadcom
Madhav is currently working at VMware on upstream Kubernetes. He has been a part of the Kubernetes community for about a year and mainly helps out with SIG-{Contribex, Node, Architecture, API-Machinery}. He was also involved with the structured logging efforts in the Kubernetes project... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Cloud-Native Dataspaces: Experiences from the German Research Data Ecosystem - Sebastian Beyvers, Justus Liebig University Giessen
Data on Kubernetes and stateful applications have gained remarkable adoption across the community. But why stop there? Kubernetes and cloud-native tools can provide compelling core technologies for building sophisticated data ecosystems, from advanced metadata handling to workflows and events. Enter the realm of "dataspaces," a transformative concept empowering organizations to seamlessly integrate and synchronize data sharing patterns for diverse existing data landscapes, that can even extend across organizational boundaries. Our session will give practical examples how Kubernetes and open source tools can be used to harmonize a heterogeneous data ecosystem. The resulting cloud-native dataspaces increase interoperability, reduce vendor lock-ins, and create an overall boost in operational efficiency by enabling the use of modern DataOps practices.

Speakers
avatar for Sebastian Beyvers

Sebastian Beyvers

Scientific Associate, Giessen University
Sebastian Beyvers is a distributed systems researcher in bioinformatics and a cloud-native Rust developer at Giessen University. Sebastian's current work focuses on cloud-native data storage and processing solutions that try to harmonize existing national and international data ecosystems... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Kinema: Resource-aware Pod (Re)scheduling in Kubernetes - Jannik Straube, vystem.io & Mohak Chadha, Technical University of Munich
This talk will introduce Kinema, an advanced rescheduling system designed to enhance the resource efficiency and cost-effectiveness of Kubernetes (K8s) clusters running in the cloud, particularly during idle periods. The default combination of the cluster autoscaler and the K8s scheduler often leads to underutilization of the cluster due to inaccurate compute node choices based on resource requests rather than actual resource utilization. To address this challenge, Kinema adopts a proactive approach by combining real-time node resource-utilization data from the K8s API, vendor prices per node, and future node resource requirement forecasts. Following this, it uses an internal optimizer with the gathered data as input to calculate the optimal cluster configuration, including node choices and optimal pod placements. Finally, Kinema initiates and monitors a rescheduling iteration using the K8s scheduler to actualize the optimal configuration. This talk concludes with a demo of Kinema.

Speakers
avatar for Mohak Chadha

Mohak Chadha

Research Associate, Technical University of Munich
Mohak Chadha is a final-year Ph.D. candidate at the Technical University of Munich. He is working in the broad domain of cloud computing, particularly focusing on solving several challenges in serverless computing. During his studies, he has worked at Intel Labs, the Central Research... Read More →
avatar for Jannik Straube

Jannik Straube

M. Sc. Computer Science, Technical University of Munich
Jannik Straube began his career as a Junior Software Engineer at IBM, focusing on polystore databases and hybrid cloud Kubernetes at Almaden Research Center in Silicon Valley and in Stuttgart, Germany.Following his tenure at IBM, he co-founded vystem, a live stream and event platform... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Kubernetes in the Confidential Computing Marvels: Unlocking SMPC Across Multi-Cloud Clusters - Gilles Seghaier & Nayani Parameshwari, Astran
Embark on the captivating journey of leveraging Kubernetes in a multi-cloud setting for Secure Multiparty Computation (sMPC). Witness the wonders of confidential computing, from secret sharing to collaborative computing, all empowered by Kubernetes. sMPC, a cryptographic technique for secure joint computation over private inputs, takes center stage, ensuring robust data security in a distributed, dynamic environment. Independent Kubernetes clusters materialize as secure parties, collaborating and computing seamlessly without revealing the secret input provided by a external client. This presentation by Nigel Smart, a distinguished cryptography professor, and Gilles Seghaier, Astran's co-founder & CTO, delves into the synergy of Kubernetes multi-clusters and advanced service mesh features based on Istio, in order to confidentially compute on secret data.

Speakers
NP

Nayani Parameshwari

DevOps Engineer, Astran
avatar for Gilles Seghaier

Gilles Seghaier

Cofounder & CTO, Astran
Gilles, co-founder and CTO of Astran, brings a robust software engineering background and extensive experience from leading software companies, including Salesforce. Serving as the visionary creator behind Astran's tech stack, he offers innovative solutions to address evolving challenges... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Leveraging the Linux Kernel for Building a Zero-Trust Environment Without a Service Mesh - Nándor Krácser & Zsolt Varga, Cisco
Faced with the need to establish a zero-trust network, our team sought an alternative to complex and resource-heavy service meshes. In this session, we share our journey toward a unique solution: a kernel module that enables mTLS and access control directly from the Linux Kernel by relying on proven technologies like WebAssembly, kTLS, or OPA. This approach allowed us to assign strong identities to workloads and encrypt traffic without modifying application code or interfering with the network layer, overcoming the typical complexities associated with traditional methods. We will discuss the challenges we faced, our thought process, and the practical steps taken in developing and deploying this solution. Importantly, we made our kernel module open-source, contributing a simpler, more efficient method for achieving zero-trust security to the wider community.

Speakers
avatar for Nándor István Krácser

Nándor István Krácser

Engineering Team Lead, Cisco
Specialities and interests: - Deep understanding of server-side programming and distributed systems, particularly in core Java, Golang and Rust - Kubernetes power user from day one - Infrastructure-as-code advocate - Experienced in multi-threaded and concurrent programming - Understanding... Read More →
avatar for Varga Zsolt

Varga Zsolt

Engineering Technical Lead, Cisco
Zsolt Varga is a senior software engineer with Cisco Outshift. He is an early-adopter of new technologies and has more than 20 years of experience in software development and infrastructure engineering. His focus in the past several years was around cloud native technologies and service... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2
  🪧 Poster Sessions, Security
  • Content Experience Level Any

18:00 CET

🪧 Poster Session: Push-Button End-to-End Testing for Kubernetes Operators - Tyler Gu, University of Illinois Urbana-Champaign
Kubernetes operator is the de facto mechanism for managing cloud-native systems. Almost every system deployed on Kubernetes has operators that automate critical tasks. However, validating correctness of operator implementation is challenging, due to enormous state space and complexity of custom resources. We show that existing testing practice is fundamentally deficient. We’ll present our research on building a push-button technique for end-to-end testing of operators and demonstrate our tool called Acto. Acto uses a state-centric approach to test operators together with the managed system. Acto continuously instructs an operator to reconcile the system to different states, with fully automated oracles to check if the system reaches desired states. Acto has found 56 new bugs in 11 popular operators. The research paper, published at the 2023 ACM Symposium on Operating Systems Principles (SOSP): https://tylergu.com/papers/acto.pdf The Acto project: https://github.com/xlab-uiuc/acto

Speakers
avatar for Tyler Gu

Tyler Gu

Research Assistant, University of Illinois Urbana-Champaign
Tyler Gu is a PhD student at the University of Illinois Urbana-Champaign. His research is on reliable cloud-native systems. He is currently working on enhancing Kubernetes reliability via software testing, model checking, and program verification. The tools he developed have successfully... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2
  🪧 Poster Sessions, Emerging + Advanced
  • Content Experience Level Any

18:00 CET

🪧 Poster Session: QubeSec: Quantum-Resilient Strategies for Kubernetes Security - Shubham Tatvamasi, Independent & Vipin Rathi, University of Delhi
In the ever-evolving landscape of Kubernetes security, the advent of quantum computing poses a unique set of challenges. Classical cryptographic algorithms and pseudo-random number generators (PRNG) that currently safeguard data at rest and in transit may be vulnerable to quantum threats. Enter QubeSec, a cutting-edge Kubernetes operator designed to fortify security measures through Quantum-Resilient strategies. QubeSec, an all-encompassing set of cryptographic algorithms, smoothly combines the capabilities of Post-Quantum Encryption (PQE), Quantum Random Number Generation (QRNG), and Quantum Digital Signature (QDS) to enhance the security stance of Kubernetes environments. The integration of QubeSec enables these environments to enjoy increased entropy and robust cryptographic methodologies. Join us to unravel the quantum-resistant strategies embedded in QubeSec, as we navigate the quantum landscape and fortify Kubernetes security against the challenges of tomorrow. 0 characters

Speakers
avatar for Shubham Tatvamasi

Shubham Tatvamasi

Senior Consultant
Shubham Tatvamasi, is the lead organizer for the Cloud Native Security India CNCF chapter. He is also a TSC member for the 5G Core Magma project under the Linux Foundation. He is a CKA and a CKS, and is well versed in OpenStack, Kubernetes and security protocols. Additionally, he... Read More →
avatar for Vipin Rathi

Vipin Rathi

Assistant Professor, University of Delhi
Vipin Rathi is an Assistant Professor at the University of Delhi. He is a Board Member at OpenInfra Foundation Asia. He was Vice-Chair and Individual Board of Directors at OpenInfra Foundation. He is the Chairperson of Linux Foundation Hyperledger Telecom SIG. He is Vice President... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Reinforcing Kubernetes CRDs for Continuous Deployment - Mostafa Hadadian Nejad Yousefi & A. Lazovik, University of Groningen
Modularity is crucial for rapid updates and continuous deployment. While Kubernetes CRDs are a good option for defining modules, frequently updating CRDs poses a challenge and disrupts progress since CRDs are APIs for managing modules. This work solves this problem by presenting a modular design of extendable CRDs and controllers without updating the CRD schema. Delving into reconcile loops, the talk describes how to create customizable control mechanisms. Decoupling K8s instructions from control mechanisms by linking CRDs to Helm charts allows organizations to customize modules efficiently. To enhance user experience, this approach employs automated custom resource creation through code wrappers and GUI, concealing unavoidable schema changes. The talk showcases real-world demonstrations focusing on managing data processing pipeline lifecycles in the Netherlands' water sector, drawing from seven years of collaborative research in academia and industry.

Speakers
avatar for A. Lazovik

A. Lazovik

Professor in Distributed Systems, University of Groningen
Alexander Lazovik, Professor of Distributed Systems at the University of Groningen since 2009, specializes in AI, optimization in distributed environments, cloud computing, and scalable IT infrastructures. He earned his Ph.D. from the University of Trento in 2006 on the topic of Interaction... Read More →
avatar for Mostafa Hadadian Nejad Yousefi

Mostafa Hadadian Nejad Yousefi

Ph.D Candidate, University of Groningen
Mostafa is a PhD candidate in Computer Science at the University of Groningen, ranked among the top 100 universities. His research interests lie in cloud native and machine learning development, emphasizing MLOps. Complementing his academic pursuits, he brings a wealth of industry... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Serve CAKES for Your Developers: Introducing the Cloud Native CAKES Stack for Zero Trust! - Lin Sun, solo.io & Davanum Srinivas, Amazon Web Services
Who can resist the allure of cakes? In this session, Lin and Dims (maintainers from Istio and Kubernetes) will unveil the CAKES stack—a zero trust composition using five widely adopted CNCF graduated projects: - Cilium (C): An innovative CNI based on evolutionary eBPF. - Istio Ambient ( A): The most deployed service mesh in production with the new sidecar-less data plane choice. Kubernetes (K): The de facto platform for managing containerized workloads and services - Envoy (E): A high-performance proxy for API gateways. - Spire (S): A production-ready SPIFFE implementation to attest workload identities. They will delve into the technical requirements for establishing an effective zero trust architecture and showcase through live demo how the combining of these projects results in a powerful, open, and extensible platform, enabling developers to secure their cloud native applications with zero trust principle while ensuring consistency and reliability.

Speakers
avatar for Lin Sun

Lin Sun

Head of Open Source, solo.io
Lin is the Director of Open-Source at Solo.io. She has worked on Istio service mesh since 2017 and serves on the Istio Technical Oversight Committee. Previously, she served on the Istio Steering Committee for three years and was a Senior Technical Staff Member and Master Inventor... Read More →
avatar for Davanum Srinivas

Davanum Srinivas

Principal Engineer, AWS
Davanum Srinivas (a.k.a Dims) is a Principal Engineer with AWS working full time on Kubernetes and related projects at CNCF. At CNCF, Dims has served as a member of the Technical Oversight Committee and as the chair and represented the TOC on the CNCF Governing Board. In Kubernetes... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:00 CET

🪧 Poster Session: Towards a Cloud-Native, Scalable and Fault-Tolerant Platform for Digital Agriculture - Braulio Dumba, IBM & Gloire Rubambiza, Cornell University
Digital agriculture (DA) broadly is the use of data-driven techniques toward the sustainable intensification of farm yields and efficiency, which can have major financial, environmental, and societal impacts. We present a cloud-native edge computing framework that allows agricultural decision-makers to make sustainable crop management choices in DA. This framework is powered by the KubeStellar open-source project that focuses on addressing configuration management challenges in multi-cluster environments, including edge. The proposed framework is designed with agricultural users in mind and allows researchers to rapidly deploy/manage computational AI models for plant disease detection using NASA imagery without retaining confidential stakeholder information. This system will empower agricultural stakeholders to make well-informed data-driving decisions by granting them access to accurate data on the farm and the latest advances in SI-ML disease detection in a cloud-native environment.

Speakers
avatar for Braulio Dumba

Braulio Dumba

Staff Research Scientist, IBM
Dr. Braulio Dumba is a Staff Research Scientist at IBM Research. In 2018, he joined IBM under the Hybrid Cloud organization. His current research is focus on edge computing and hybrid cloud computing. Dr. Dumba earned a Ph.D. in Computer Science from University of Minnesota, Twin... Read More →
avatar for Gloire Rubambiza

Gloire Rubambiza

PhD Candidate, Cornell University
Gloire Rubambiza is a Ph.D. candidate in CS at Cornell University, where he conducts research in hybrid cloud computing for digital agriculture with an emphasis on societal impact. At Cornell, he was a University Fellow, a fellow of NSF National Research Traineeship in Digital Plant... Read More →


Wednesday March 20, 2024 18:00 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

18:10 CET

Project Pavilion Tour with Jorge Castro, CNCF
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!

Wednesday March 20, 2024 18:10 - 18:30 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | Project Pavilion
  Project Opportunities
  • Content Experience Level Any

18:30 CET

CLBO: ClashLoopBackOff
Come and watch a competition of two people using their technical ingenuity and creativity to solve a challenge put forth by the Scheduler (host). Time is limited and stakes are high, as this isn’t just a “live demo” for the masses. Over the course of twenty minutes, competitors will attempt to resolve a broken cluster, or deploy a service to production. At the end of the time, entries will be judged on four categories. Each category will be rated on Stability, Resiliency, Flexibility, and Observability. 

Participants won’t know what challenge they’ll be given ahead of time, but will be informed whether certain cloud resources or APIs will need to be enabled and available. Pre-creating any helpful scripts, code, or cloud resources is strictly prohibited. During the competition, the Scheduler will bounce between the participants’ screens, engage with the audience, and ask questions of the participants live. 

Join us, root for our competitors, and feel free to engage live!

Wednesday March 20, 2024 18:30 - 20:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | Project Pavilion
  Experiences
  • Content Experience Level Any
 
Thursday, March 21
 

07:30 CET

Badge Pick-Up
Thursday March 21, 2024 07:30 - 18:00 CET
Pavilion 7 | Level 7.1 | Hall 7.1

07:30 CET

CloudNativeHacks
Set to run alongside KubeCon + CloudNativeCon Europe 2024, CNCF is excited to offer the first-ever hackathon, CloudNativeHacks, with challenges provided by the United Nations. This in-person event will kick-off at the Paris Expo Port de Versailles, the same venue as KubeCon + CloudNativeCon, on 19 March and run through 21 March. The winners will be announced and featured during the closing keynote on Friday, 22 March.
This inaugural hackathon will focus exclusively on advancing the delivery of the UN Sustainable Development Goals (SDGs). Participants will create AI or web applications to help support the 17 SDGs as these challenges can only be solved by a global partnership. The hackathon will bring developers together to solve some of the most pressing issues and contribute meaningfully to create a better, more sustainable world.
Registration to KubeCon + CloudNativeCon Europe 2024 is required and selected participants will receive a complimentary registration.
To apply for participation in CloudNativeHacks, complete the application by the 26 February, 08:45 CET (25 February, 23:45 PST) deadline. Review the FAQs for answers to questions you have, but should you still have questions, please reach out to hackathon@cncf.io. We look forward to having you with us, and Happy Hacking!

Thursday March 21, 2024 07:30 - 18:30 CET
Pavilion 7 | Level 7.3 | E07 - E08

08:00 CET

Marketing Office Hours*
Meet the CNCF Marketing Team for Office Hours
  • Tuesday, 19 March: 14:00 - 16:00
  • Wednesday, 20 March: 13:00 - 15:00
  • *Thursday, 21 March: By appointment

All office hours will be held in room 736 onsite at the conference center
Book your appointment here.

Thursday March 21, 2024 08:00 - 18:00 CET
Pavilion 7 | Level 7.3M | Room 736

09:00 CET

09:05 CET

Keynote: 🇫🇷 Hip, Hip, Beret! No Cap, Just Cloud Native Facts - Taylor Dolezal, Head of Ecosystem, Cloud Native Computing Foundation
Join Taylor Dolezal, Head of Ecosystem at CNCF, on an exciting journey through the cloud native universe. Explore groundbreaking developments and amazing feats accomplished by our end users. Get ready for a celebration of innovation, collaboration, and a glimpse into the future of cloud computing.

Speakers
avatar for tdolezal@linuxfoundation.org

tdolezal@linuxfoundation.org

Head of Ecosystem, The Linux Foundation (CNCF)
I work on infrastructure tools that enable innovation. I specialize in Kubernetes, Terraform, public clouds, and distributed systems. You can also find me buried deep in a book. preparing a technical talk, or going for a run with the dogs.


Thursday March 21, 2024 09:05 - 09:15 CET
Pavilion 7 | Level 7.3 | Paris Room

09:15 CET

09:30 CET

09:40 CET

Sponsored Keynote: A Cloud Native Overture to Enterprise End User Adoption - Fabian Deutsch, Senior Engineering Manager, Red Hat & Michael Hanulec, Vice President and Technology Fellow, Goldman Sachs
When is music at its best? When you are in concert. Goldman Sachs - a Cloud Native End User - was envisioning this for their applications:

Eliminating intermediate layers, reducing complexity, and putting their applications closer to where the harmonies blend - close to the platform. Kubernetes - paired with KubeVirt, as well as other CNCF ecosystem projects such as Prometheus, Argo CD, and Rook - is now serving as a unified, open-source, and forward looking platform, running thousands of their existing VMs at scale. And setting the stage for a frictionless adoption of cloud-native applications and development models.

We’ll look at:
  • How Goldman Sachs is shifting their existing VM real estate to Kubernetes and KubeVirt, and how it’s run at scale
  • Why Kubernetes and the cloud-native ecosystem unlocks and accompanies their technical transformation by collaborating with the community and giving them access excellence and innovation
  • Why starting with existing real estate was not a mishap, but the beginning of a journey

Speakers
MH

Michael Hanulec

Vice President & Technology Fellow, Goldman Sachs & Co. LLC
avatar for Fabien Deutsch

Fabien Deutsch

KubeVirt Maintainer + Engineering Manager, Red Hat
Fabian Deutsch has been working in open source for quite a while, Initially gaining experience in the Linux plumbing layer, and image building, he later focused on the virtualization stack, and recently joined the container track.


Thursday March 21, 2024 09:40 - 09:45 CET
Pavilion 7 | Level 7.3 | Paris Room

09:45 CET

Keynote: Building IT Green: A Journey of Platforms, Data, and Developer Empowerment at Deutsche Bahn - Gualter Barbas Baptista, Lead Consultant for Platform Strategy and Enablement, Deutsche Bahn
In this session, we will explore Deutsche Bahn's ongoing efforts to monitor and minimize the ecological impact of our cloud-based applications. Central to this endeavor is collecting data on energy usage and empowering developers as agents of change to reduce the ecological costs of digitalization.

We will delve into how we enact this at three levels: 1) central platform operations to maximize node usage on K8s clusters; 2) providing tools for developers to ease workload scheduling and scaling; and 3) extending application monitoring for GreenOps with Kepler, Prometheus, and Grafana.

Furthermore, we will demonstrate how we integrate Kepler-exported metrics with Deutsche Bahn's data catalog and enterprise architecture management of thousands of cloud applications. These higher-level insights into our digital landscape are critical in enabling decision-makers to understand and optimize the financial and ecological impacts of the digitalization of our railways.

Speakers
avatar for Gualter Barbas Baptista

Gualter Barbas Baptista

Lead Consultant for Platform Strategy and Enablement, Deutsche Bahn - DB Systel
Gualter is a platform strategist and enabler with over 25 years experience in Linux and FLOSS. He worked as a Product Owner within multiple platform teams. Driven by a passion for sustainability, Gualter draws from his unique academic journey in environmental engineering, complemented... Read More →


Thursday March 21, 2024 09:45 - 10:00 CET
Pavilion 7 | Level 7.3 | Paris Room

10:00 CET

Sponsored Keynote: Cloud Native x AI: Continuous Open Source and Openness, Fully Embracing the Intelligent Era - Dennis Gu, Chief Architect, Huawei Cloud
Technological innovations represented by cloud native and AI technologies will gather new momentum for the industrial transition in the intelligent era.

In the past few years, cloud native has brought many changes to the traditional IT technology system, triggering digital transformation in the Internet and government fields. New formats and models, such as flash sales and all-in-one office, are emerging. The rapid development and application of AI technologies such as large models also provide a core driving force for the intelligence of various industries.

When the cloud native and AI technology "energy superposition" will open a new stage of enterprise digital intelligence with systematic innovation.

Join us for this talk to learn more about our cloud native journey and vision. Let's work together to improve productivity through openness and innovation.

Speakers
avatar for Dennis Gu

Dennis Gu

Chief Architect of Cloud Computing, Huawei Cloud
Chief architect of HUAWEI CLOUD, Huawei Fellow, and director of the cloud architecture innovation lab. Led the architecture planning and design of Huawei public cloud, industry cloud/dedicated cloud, partner cloud full-stack solutions, and infrastructure as a service (IaaS), as well... Read More →


Thursday March 21, 2024 10:00 - 10:05 CET
Pavilion 7 | Level 7.3 | Paris Room

10:05 CET

Keynote: Innovating Responsibly: How to Navigate Sustainability in the Era of Kubernetes - Aparna Subramanian, Shopify; David Meder-Marouelli, Continuous Delivery; Todd Ekenstam, Intuit
With almost a decade of successful K8s adoption, the focus of cloud platforms now shifts towards maximizing resource utilization to drive sustained innovation for the future. In the face of pressing climate change concerns, sustainability emerges as a critical theme demanding attention. Despite its importance, the concept of building sustainable cloud workload remains ambiguous, leaving platform operators and users grappling with actionable steps. In this session, Aparna is joined by _to be announced_ industry experts and practitioners and together they will demystify platform efficiency and offer actionable insights on how to contribute to sustainability.

You'll not want to miss this opportunity to leave with a practical to-do list for advancing innovation responsibly.

Speakers
avatar for David Meder-Marouelli

David Meder-Marouelli

Expert Continuous Delivery, 1&1 Mail & Media
David Meder-Marouelli is a systems architect and expert for Continuous Delivery. After several positions in the web hosting environment he currently works at 1&1 Mail & Media since 2015. In this position he is responsible as the Product Owner for the design and development of the... Read More →
avatar for Todd Ekenstam

Todd Ekenstam

Principal Software Engineer, Intuit
Todd Ekenstam is a Principal Engineer at Intuit, building a platform for secure, multi-tenant Kubernetes infrastructure. Todd has worked on various large-scale distributed systems projects during his career, ranging from hierarchical storage management, peer-to-peer database replication... Read More →
avatar for Aparna Subramanian

Aparna Subramanian

Director of Production Engineering, Shopify
Aparna Subramanian is a technologist and cloud-native enthusiast. She started her career as a Software Engineer and has spent most part of her 18 years of experience specializing in Infrastructure and Data Platforms. She serves as co-chair of the “CNCF End User Developer Experience... Read More →


Thursday March 21, 2024 10:05 - 10:20 CET
Pavilion 7 | Level 7.3 | Paris Room

10:20 CET

10:30 CET

Coffee Break ☕
Thursday March 21, 2024 10:30 - 11:00 CET

10:30 CET

Solutions Showcase
Visit our sponsors in the Solutions Showcase to try the latest demos, watch live presentations, talk to experts, check out job opportunities, and score some swag.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Thursday March 21, 2024 10:30 - 17:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2

10:40 CET

Project Pavilion Tour with Jorge Castro, CNCF
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!

Thursday March 21, 2024 10:40 - 11:00 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | Project Pavilion
  Project Opportunities
  • Content Experience Level Any

11:00 CET

The Journey of Organizing an Kubernetes Community Days Events – Our Odyssey Unveiled - Jade Lassery, Datadog; Carol Valencia, Krol Cloud; Luiz Bernardo Levenhagen, Red Hat
Join us as we unravel the intricacies and share the behind-the-scenes stories of orchestrating these community-driven events. In this session we will dive into the challenges, triumphs, and pivotal moments that shaped our odyssey, gaining valuable insights into the "art" of seamlessly organizing KCD gatherings. You will discover the magic that happens when passionate individuals, from different background and places around the world unite to celebrate and advance the Kubernetes ecosystem. We will share the evolution of our approach to organize an oficial CNCF event, the impact on the community and the collaborative spirit. Besides that our narrative tells you the strategies and lessons learned that led the KCD Brazil to success. Whether you're a seasoned Kubernetes enthusiast or a newcomer to the community, this talk promises a thought-provoking exploration of community building, event organization, and the shared excitement that fuels the Kubernetes journey.

Speakers
avatar for Luiz Bernardo Levenhagen

Luiz Bernardo Levenhagen

Technical Marketing Manager, Red Hat
Luiz Bernardo joined Red Hat is 2019 where he has supported and advocated for technologies like Linux containers and Kubernetes by providing meaningful engagements with the open source community and Red Hat customers. Born in Brazil and currently living in the Netherlands, Luiz is... Read More →
avatar for Carolina Valencia

Carolina Valencia

Solution Architect, Krol Cloud
Carol is a passionate software developer dedicated to implementing secure cloud-native practices. She actively contributes to CNCF projects and the Kubernetes community as an open-source contributor. She enjoys learning new technologies and creating material, some of which she shares... Read More →
avatar for Jade Lassery

Jade Lassery

Sales Engineer, Datadog
Passionate about merging innovation and technology, Jade leverages her expertise in Open Source, Cloud technologies, Observability, Containers, Kubernetes, SaaS and App. Modernization to drive success in the Cloud Native ecosystem. As a tech savvy, CNCF organizer and community advocate... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice
  • Content Experience Level Any

11:00 CET

Heating Pools with Cloud Power: A New Wave in Green Computing - Saiyam Pathak, Civo & Mark Bjornsgaard, Deep Green Technologies
How do you use the heat generated by servers in cloud for social good? In 2023, Civo & DEEP GREEN pioneered a project in Devon, transforming server heat into community benefits. Imagine miniaturising the data centre, locating it in a secured plant room of a swimming pool & then running a cloud stack services solution on it? Then transform the way that mini data centre is cooled, recapturing & redeploying 96% of the energy it uses, offering end-users green cloud computing, & at the same time providing cost-saving free heat to hosts. We'll explore the technical synergy between DEEP GREEN's cooling technology & Civo's cloud stack. The integration not only reduced energy waste significantly but also posed unique operational challenges. Attendees will learn about server modifications for optimal cooling, the management & insights into deploying eco-friendly cloud solution. This case study is a beacon of socially responsible technology, offering lessons in sustainability & climate response.

Speakers
avatar for Saiyam Pathak

Saiyam Pathak

Field CTO, Civo
Saiyam is working as Field CTO at Civo with a focus on defining the Civo cloud platform for simplifying Kubernetes and making it accessible for developers. Previously at Walmart Labs, Oracle, and HP, Saiyam has worked on many facets of k8s including machine learning platform, scaling... Read More →
avatar for Mark Bjornsgaard

Mark Bjornsgaard

Heating pools with cloud power, Deep Green Technologies
Mark has grown numerous businesses from scratch to scale including Lifted (Senior care - a JV with British Gas), Altogether (US healthcare, JV with GSK) and Secret Source (augmented tech teams, Europe). Mark was a founding investor in Elmo https://elmodrive.com/ (EV subscriptions... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | S06
  Emerging + Advanced

11:00 CET

CNCF TAG Network: Projects, Technology & Landscape - Lin Sun, solo.io & Lee Calcote, Layer5
This talk will introduce the CNCF TAG Network and discuss how the TAG operates, how we work with CNCF network projects, and the work we have done to build guidance and write whitepapers for the ecosystem. During this session we will cover an overview of network projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Network Whitepaper, Performance and Benchmarking whitepaper etc. Join us to find out how to contribute and participate in the CNCF network community and discover practical guidance on how to use cloud native networks in your environments.

Speakers
avatar for Lin Sun

Lin Sun

Head of Open Source, solo.io
Lin is the Director of Open-Source at Solo.io. She has worked on Istio service mesh since 2017 and serves on the Istio Technical Oversight Committee. Previously, she served on the Istio Steering Committee for three years and was a Senior Technical Staff Member and Master Inventor... Read More →
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus through... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | E05 - E06

11:00 CET

Contributing to Kubernetes in Its Second Decade - SIG ContribEx Style! - Madhav Jivrajani, VMware by Broadcom; Nabarun Pal, Broadcom; Priyanka Saggu, SUSE; Kaslin Fields, Google
SIG Contributor Experience has been wildly successful in helping grow the contributor base of Kubernetes in the first ten years of the project via New Contributor Workshops. We stressed on the importance of growing existing contributors in our last maintainer track session. However, the other side of the sustainability coin is ensuring that contributors who get started with contributing to Kubernetes, actually stick around. A lot has changed in the last decade, and we also need to change how we teach folks to contribute and interact with the community. Join us as we give a comprehensive overview of the Kubernetes governance and community structure, where you can seek help and what some pitfalls are that you will unexpectedly but inadvertently face in your contributor journey. We will highlight areas that are suited for folks from all backgrounds: marketing, content creation, event planning, community elections, automation and so much more!

Speakers
avatar for Nabarun Pal

Nabarun Pal

Staff Engineer at VMware, Kubernetes Steering Committee and Maintainer, Broadcom
Nabarun is a Staff Software Engineer at VMware, a maintainer of the Kubernetes project, an elected Kubernetes Steering Committee member and a chair of Kubernetes SIG Contributor Experience. He is a Release Manager for Kubernetes and has been the Kubernetes 1.21 Release Team Lead... Read More →
avatar for Priyanka Saggu

Priyanka Saggu

Kubernetes Integration Engineer, SUSE
Priyanka Saggu is a Kubernetes Integration Engineer at SUSE and has made significant contributions to different aspects of the Kubernetes project. She serves as the Technical Lead for the project's SIG ContribEx and has held leadership positions as Kubernetes Release Lead Shadow (v1.27... Read More →
avatar for Madhav Jivrajani

Madhav Jivrajani

Member of Technical Staff 2, VMware by Broadcom
Madhav is currently working at VMware on upstream Kubernetes. He has been a part of the Kubernetes community for about a year and mainly helps out with SIG-{Contribex, Node, Architecture, API-Machinery}. He was also involved with the structured logging efforts in the Kubernetes project... Read More →
avatar for Kaslin Fields

Kaslin Fields

Developer Advocate, Google
Kaslin Fields is a Developer Advocate at Google Cloud, a Container enthusiast and creator of tech comics. She uses her knowledge of DevOps technologies and methodologies to help others as they enter the Cloud Native world. By creating comics about DevOps tech, she hopes to make learning... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | N03

11:00 CET

CRI-O Odyssey: Exploring New Frontiers in Container Runtimes - Julien Ropé & Sohan Kunkerkar, Red Hat
No journey is ever really done, it only continues differently. CRI-O's journey in continuing its effort to be the best container runtime made specifically for Kubernetes is no different, even after graduating within the CNCF. In this talk, join the CRI-O developers as they walk you through the new frontiers of container runtimes: such as integration with WebAssembly (WASM), secured and simplified Podman-in-Kubernetes, and the present and future of Confidential Computing. This session will also cover initiatives CRI-O is following within SIG-Node, such as CRI stats and separate image file systems.This session caters to both newcomers and seasoned users, offering insights into CRI-O's new features and journey beyond.

Speakers
avatar for Julien Ropé

Julien Ropé

Senior Software Engineer, Red Hat
Working on Openshift Sandboxed Containers to integrate Kata and Confidential Containere in Openshift. Contributing in CRI-O and Kata Containers.
avatar for Sohan Kunkerkar

Sohan Kunkerkar

Senior Software Engineer, Red Hat Inc
Sohan Kunkerkar is a Senior Software Engineer at Red Hat, bringing expertise in distributed systems, backend engineering, and containers. His active contributions extend to CRI-O, a container runtime engine, and various sub-projects within the Kubernetes Sig-Node community. Sohan... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | W02-03

11:00 CET

Etcd 3.6 and Beyond - Wenjia Zhang, Marek Siarkowicz & Siyuan Zhang, Google; Benjamin Wang, VMware
SIG-Etcd and the Etcd Project are hard at work on version 3.6, and could use your help and feedback. This deep dive session will go into detail about current and future Etcd development efforts to share with both Etcd and Kubernetes users and contributors. In this session we will go over 3.6 release priorities, and more, including: - Update on bbolt (Data corruption issue investigation and improvement, Add logger to bbolt, Release bbolt 1.4.0) - Update on raft (Asynchronous storage writes, Some other minor improvements, Release raft 3.6.0) - V2 API deprecation - Improvement on lease. - Enabling minor version downgrade - livez and readyz probes - Performance regression testing Join our etcd maintainers and contributors to learn about these recent developments and future plans, including how you can contribute to them. Bring your questions, too.

Speakers
avatar for Marek Siarkowicz

Marek Siarkowicz

Senior Software Engineer, Google
Marek is a Software Engineer working at Google in Etcd team. He began his career in local startups where he loved open source and extreme programming. Currently he is a etcd maintainer and active member of SIG-instrumentation leading structured logging effort in Kubernetes. In his... Read More →
avatar for Wenjia Zhang

Wenjia Zhang

Engineering Manager, Google
Wenjia is a Senior Software Engineer at Google Cloud, working on Kubernetes and etcd for Google Kubernetes Engine (GKE) and Google Distributed Cloud (GDC). She currently contributes to open source etcd as a project maintainer. In her free time, she enjoys skiing, golfing, and rea... Read More →
avatar for Siyuan Zhang

Siyuan Zhang

Software Engineer, Google
I am a software engineer at Google. My past experience include machine learning and cloud infrastructure. I have been an etcd contributor since 2023.
avatar for Benjamin Wang

Benjamin Wang

Staff software engineer, VMware (acquired by broadcom)
Benjamin Wang is a staff software engineer at VMware (acquired by broadcom). He is passionate about open source. He currently is an etcd maintainer and technical lead of sig-etcd. He loves to play Chinese chess in his spare time.


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | N04

11:00 CET

Scaling New Heights with KEDA: Performance, Extensions, and Beyond - Jorge Turrado, SCRM Lidl International Hub & Zbynek Roubalik, Kedify
Dive into the evolving world of Kubernetes Event-Driven Autoscaling (KEDA) in our interactive session. We begin with an essential introduction to KEDA's new significant feature - scaling modifiers, explaining their purpose and demonstrating their value to users through a practical demo. Next, we shift focus to KEDA's performance improvements, offering a quick tour of our tooling (Grafana K6) and repository. Discover what we measure, how results are obtained, and replicate these test cases in your infrastructure. We'll briefly cover recent enhancements, including performance tweaks, new scalers, and secret provider updates like AWS/GCP authentication. Plus, get insights into our advanced monitoring capabilities with Prometheus, OpenTelemetry, and CloudEvents. The session culminates with an exploration of the HTTP Add-on, detailing path-based routing, comprehensive /scale resource support, and end-to-end coverage improvements.

Speakers
avatar for Zbynek Roubalik

Zbynek Roubalik

CTO, Kedify
Zbynek is a founder and CTO of Kedify, a company specializing in enterprise-grade autoscaling of Kubernetes applications. He is also the maintainer of KEDA, a CNCF project focused on enabling autoscaling for event-driven applications on Kubernetes. Zbynek has previously served as... Read More →
avatar for Jorge Turrado

Jorge Turrado

Principal SRE, SCRM Lidl International Hub
I have over 8 years of experience working in software development, including development, infrastructure architecture, and monitoring. Currently, I am an SRE at SCRM Lidl International Hub, as well as a Microsoft MVP award recipient for 4 years in a row and a CNCF Ambassador. I spend... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | E01-02

11:00 CET

Faster, Safer, Serverless - Empowering Apache Spark Standalone Cluster on Kubernetes - Huichao Zhao, Apple
In the realm of running quick data analysis via Spark SQL on Kubernetes, the impact of prolonged startup times is undeniable, affecting overall processing efficiency. For scenarios involving short processing tasks, any delay can cascade into hurdles, potentially disrupting entire Airflow task DAGs. In this talk, we will explore how to deliver a truly K8s-native Serverless Spark Service on Kubernetes, emphasizing speed, simplicity, with a new K8s operator for standalone cluster creation and job submission. Instead of relying solely on Spark, it also harness the elastic and police management power of Kubernetes with K8S metrics server, HPA and Kyverno, simplifying the workflow for Apache Spark itself, infra engineers, and users. The solution provides rapid responsiveness (less than 4 seconds) and facilitates the integration of longevity ML training frameworks. Join us as we propel Apache Spark into a realm of unparalleled efficiency and responsiveness, with Kubernetes as its core.

Speakers
avatar for huichao zhao

huichao zhao

Software Engineer (Tech Lead), Apple
Software Engineer on AI/ML Data Platform team, Apple


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | Paris Room

11:00 CET

We Tested and Compared 6 Database Operators. The Results are In! - Jérôme Petazzoni, Tiny Shell Script LLC & Alexandre Buisine, Enix
In the early days of Kubernetes, stateful workloads (like databases) were not often run on Kubernetes. Times have changed, and the stateful landscape has matured, with the CSI (Container Storage Interface) being supported by many cloud and storage vendors, and the DoK (Data on Kubernetes) community showing and enabling growing adoption of K8S for databases and stateful workloads. Running a database on Kubernetes is relatively straightforward, but running a production database is more complex: we want replication, automated failover, backups, PITR (point-in-time recovery), just to name a few. Many operators claim to take care of these tasks. CNPG, StackGres, MOCO, others from Zalando or Percona... But do they meet expectations? Our team has tested (and runs in production for our customers) most of these operators, and will give you a candid yet detailed review of our experience and how they stack up against each other in various scenarios.

Speakers
avatar for Jérôme Petazzoni

Jérôme Petazzoni

Tinkerer Extraordinaire, Tiny Shell Script LLC
Jérôme was part of the team that built and launched Docker. He worked there for 7 years. These days he teaches Kubernetes at Enix, a French Cloud Native shop. When he's not busy with computers, he collects musical instruments. He can arguably play the theme of Zelda on a dozen of... Read More →
avatar for Alexandre Buisine

Alexandre Buisine

Speaker en herbe, Enix
Alexandre joined Enix as CEO in 2018. Over the past 15 years he spent time dealing with technical and management while staying an open-source enthusiast. He previously launched a B2C VR (Virtual Reality) business based on a Docker applicative stack, which noticeably orchestrate massive... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.1 | Room F

11:00 CET

From RUM to Front-End Observability with OpenTelemetry - Purvi Kanal, Honeycomb
RUM tooling focuses on high level analytics and performance metrics, whereas front-end observability is focused on finding and fixing problems affecting users by sending telemetry that is tailored to your specific use case. As our browser applications have gotten much more complex over the last decade, our observability capabilities have not scaled at the same pace. This is where front-end observability closes the gap. In this talk, we’ll dive into how to use tracing with OpenTelemetry to start surfacing unknown-unknowns, whether you’re using React, Angular or {insert-frontend-framework-of-the-month}. We’ll take a look at how to connect browser requests with backend traces, best practices for performance monitoring, analytics, and mapping user journeys - all with real user data in only one tool. We’ll learn how to ship features and fix production issues with confidence, because we can’t improve what we can’t measure!

Speakers
avatar for Purvi Kanal

Purvi Kanal

Senior Software Engineer, Honeycomb
Purvi Kanal is a Senior Software Engineer at Honeycomb where she works on several open source projects. She is an approver for OpenTelemetry JavaScript with an interest in frontend observability. She has worked across the stack, making web and mobile apps in several languages with... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | S05
  Observability
  • Content Experience Level Any

11:00 CET

Connecting Millions of Containers Spanning Dozens of Clusters - Laurent Bernaille & Antoine Tollenaere, Datadog
As Kubernetes clusters grow large, service discovery becomes challenging. But when workloads start spanning multiple clusters, it gets even harder! Datadog fully runs on Kubernetes and our infrastructure consists of millions of containers running across hundreds of clusters in different cloud providers. Most of our workloads are data-intensive and we need service to service communication to be as efficient as possible. When our workloads started spanning multiple clusters, we had to find solutions to discover services in other clusters, and to target deployments spanning multiple clusters. We will describe these challenges in detail and the different options we explored and their trade-offs. We will explain how we give pods native VPC IPs using Cilium and how we run a global DNS architecture relying on Kubernetes endpoints but independent of clusters. Finally, we will discuss the emerging challenges we see with our current approach and potential ideas to address them.

Speakers
avatar for Laurent Bernaille

Laurent Bernaille

Principal Engineer, Datadog
Laurent Bernaille worked several years as a consultant specializing in cloud, containers, and automation and helped organizations migrate to the public cloud and adopt containers. He is now Principal Engineer at Datadog and works closely with infrastructure teams, which are responsible... Read More →
avatar for Antoine Tollenaere

Antoine Tollenaere

Software Engineer, Datadog
Some bio


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance

11:00 CET

The Hard Life of Securing a Particle Accelerator - Antonio Nappi & Sebastian Lopienski, CERN
Identity and Access Management is an essential part of any organization’s IT infrastructure. It helps members of the organization (and beyond) safeguard their data against cyberattacks and to secure their systems from unauthorized access. This becomes considerably more crucial at CERN, where we operate the Large Hadron Collider, the biggest particle accelerator in the world. This session will describe CERN’s SSO infrastructure, which is based on Keycloak and runs on top of Kubernetes. It will highlight the key decisions, difficulties, and architectural choices that were taken for one of the most important systems at CERN.

Speakers
avatar for Antonio Nappi

Antonio Nappi

Computer Engineer, CERN
Since 2015, Antonio has worked as a computer engineer at CERN. He was in charge of the Java Hosting Platform's migration to Kubernetes. He enjoys innovation and he was the primary supporter for GitOps adoption in his team. Prior to joining CERN, he worked as an OpenStack and Python... Read More →
avatar for Sebastian Lopienski

Sebastian Lopienski

SSO service manager, CERN
Single Sign-On service manager at CERN (European Laboratory for Particle Physics, operating the Large Hadron Collider particle accelerator). Previously, 15 years as Deputy CERN Computer Security Officer.


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | S04
  Operations + Performance

11:00 CET

How Spotify Re-Created Our Entire Backend Without Skipping a Beat - Nick Rutigliano & Daniel de Repentigny, Spotify
If you had to re-create every Kubernetes cluster you have, migrate half a million pods, and non-zero downtime meant international press, where would you start? Spotify Platform Engineers will share the journey of completing the arduous task of recreating our entire Kubernetes fleet from scratch, how we migrated millions of pods across tens of thousands of nodes, without downtime, or impacting application developers - without the music ever skipping a beat. We’ll take you through the migration from inception to execution, the motivations and principles behind it, and the obstacles along the way. We’ll be sharing the key architecture features and limitations that simultaneously enabled and shaped our efforts to finish such a daunting task and what others can do if they too have cluster recreations in their future. Learn where Spotify built, connected, and orchestrated automation and tooling to do all of this in a live production environment supporting over half a billion listeners.

Speakers
avatar for Daniel de R.

Daniel de R.

-, Spotify
Daniel is a Senior Product Manager at Spotify working on their compute platform
avatar for Nick Rutigliano

Nick Rutigliano

Senior Site Reliability Engineer, Spotify
I'm a Senior Site Reliability Engineer at Spotify based out of NYC, working in Core Infrastructure. I work on our Kubernetes and DNS infrastructure powering our entire backend as well as our reliability initiatives across the company. Previously I was at Electronic Arts, under the... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

11:00 CET

Unleashing the Power of DRA (Dynamic Resource Allocation) for Just-in-Time GPU Slicing - Abhishek Malvankar & Olivier Tardieu, IBM
AI/ML experts leveraging Kubernetes clusters to train, fine-tune, or serve large language models (LLMs) would like to dynamically allocate GPUs and GPU slices based on the demand of their workloads. The DRA (Dynamic Resource Allocation) approach currently developed by the community is promising but will require changes to Kubernetes scheduling mechanisms with the introduction of latency-inducing roundtrips between schedulers and DRA controllers. Moreover, GPU slices have to be requested by means of novel resource classes and claims, requiring users to adapt. This talk demonstrates how we exploit DRA today to enable just-in-time GPU slicing on large production Kubernetes clusters running a mix of small fractional and large distributed workloads. InstaSlice acts on queued AI workloads to slice GPUs with the help of DRA. By augmenting DRA with InstaSlice, we make it simple for users to leverage DRA with zero changes to queued workloads and zero changes to Kubernetes schedulers.

Speakers
avatar for Olivier Tardieu

Olivier Tardieu

Principal Research Scientist, Manager, IBM Research
Dr. Olivier Tardieu is a Principal Research Scientist and Manager at IBM T.J. Watson, NY, USA. He joined IBM Research in 2007. His current research focuses on cloud-related technologies, including Serverless Computing and Kubernetes, as well as their application to Machine Learning... Read More →
avatar for Abhishek Malvankar

Abhishek Malvankar

Senior Software Engineer, IBM
Abhishek is Senior Software Engineer and Master Inventor at IBM Research. He works closely with Red Hat as Partner Engineer. He focuses on resource management, performance, and distributed computing for AI workloads in the cloud. He enjoys designing easy-to-use solutions for the cloud... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.1 | Room A
  Platform Engineering

11:00 CET

I'll Let Myself in: Kubernetes Privilege Escalation Tactics - Andrew Martin & Iain Smart, ControlPlane
Penetration testing Kubernetes shouldn't be easy, but we can make it so! Rogue SRE insider threat? Platform developers with grudges? Hostile internet citizens? Discover how to escalate your privilege, attain persistence, wreak cluster-wide havoc, and hide any trace of your activity in this enthralling exploration of cloud native security! Join us for a learner-friendly yet advanced dive into the myriad ways both trusted and unprivileged users can exploit Kubernetes. We'll guide you through best practices for detection and demonstrate the most cost-effective and efficient strategies for securing your clusters. - Understand Kubernetes vulnerabilities that SREs, security teams, and pentesters should know — and techniques to mitigate them - Explore edge-cases of component abuse, and cruel and unusual interactions between components - Identify various adversary levels and tailor your defences accordingly - Learn the most economical and rapid strategies for robust cluster security

Speakers
avatar for Iain Smart

Iain Smart

Principal Consultant, Control Plane
Iain Smart is a Principal Consultant at ControlPlane, where he reviews cloud-native deployments and performs offensive security engagements. He enjoys playing with new technologies, and if he's not hacking a Kubernetes cluster or attacking a build pipeline he can probably be found... Read More →
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.3 | S02
  Security

11:00 CET

Navigating the Software Supply Chain Defense Landscape - Marina Moore & Aditya Sirish A Yelgundhalli, New York University
Software supply chain attacks are on the rise, but so are the number of defense mechanisms. The proliferation of CNCF projects like in-toto and TUF in conjunction with other frameworks and systems like Sigstore and SLSA can make it hard to understand how all of these different tools work and the security guarantees they each provide. TAG Security’s Software Supply Chain working group has compiled a mapping of software supply chain tools to requirements from the Software Supply Chain Best Practices Guide. In this talk, we use this mapping to pull together different tools that can be combined for end-to-end software supply chain security. We provide example scenarios of combining certain tools and describe how folks can use the guide for their own software supply chains to determine the right tools for them.

Speakers
avatar for Marina Moore

Marina Moore

PhD Candidate, New York University
Marina Moore is a PhD candidate at NYU Tandon’s Secure Systems Lab researching secure software updates and software supply chain security. She is a maintainer of The Update Framework (TUF), a CNCF graduated project, as well as in-toto, an incubating project. She contributed to the... Read More →
avatar for Aditya Sirish A Yelgundhalli

Aditya Sirish A Yelgundhalli

Ph.D. Candidate, New York University
Aditya is a Ph.D. candidate at New York University where he researches software supply chain security. He is a maintainer of in-toto, which is incubated at the CNCF. He is also a contributor to TUF, another CNCF project, and a maintainer of gittuf, a sandbox project at the OpenSSF... Read More →


Thursday March 21, 2024 11:00 - 11:35 CET
Pavilion 7 | Level 7.1 | Room D
  Security

11:00 CET

Open Space Session: Bridging the Gap: Securing Kubernetes without Crippling Operations
Explore the different perspectives of DevOps and security teams regarding Kubernetes security and identify the root causes of their friction. Share practical strategies and tools to implement robust security measures while maintaining application performance and usability.

Goal: Foster a collaborative and open discussion to understand the challenges and opportunities in securing Kubernetes deployments and the workloads/applications running on them.

Thursday March 21, 2024 11:00 - 11:45 CET
Open Space Session 2 | Solutions Showcase

11:00 CET

Open Space Session: Meet the Kubernetes Bookclub!
We'd like to welcome bookclub attendees, hosts and authors together first time in-person after the bookclub started in 2019! We will share what kind of a journey this has been for us, in our Kubernetes learning, in hosting the virtual meetup, making friends and getting closer and closer. We'd like to hear more from you! How best to help each other and get more traction to our community. 

Thursday March 21, 2024 11:00 - 11:45 CET
Open Space Session 1 | Solutions Showcase

11:00 CET

SECURITY HUB | Unconference
Come check out the Security Hub located inside KubeCon + CloudNativeCon Europe on Thursday and Friday! This will be a dedicated space for attendees to learn, share, and collaborate regarding the latest security practices and tools in the Kubernetes and cloud native ecosystem. Discover a range of security-related topics, from securing software supply chains to implementing zero-trust security, managing security for cloud-native infrastructure and applications, or building a security-first culture.

Industry experts, practitioners, and YOU will be able to share your insights and continue your conversations post KubeCon sessions at Security Hub informal spaces. CNCF STAG (Security Technical Advisory Group) leads will be available to answer your cloud native security questions. Message the @tag-security-leads handle anywhere on CNCF Slack and we will set up a time to chat in-person. Help us make the Security Hub an inclusive and engaging destination for anyone interested in securing their cloud-native journey.

BLOCK 1
  • Session 1: 11 - 11:35 - Unconference
  • Transition time: 11:35-11:55
  • Session 2: 11:55 - 12:30 - Unconference
Unconference sessions can be more casual group conversations about a topic. Have a topic proposal for the KubeCon + CloudNativeCon Europe 2024 Security Hub Unconference? Submit your topic via the Unconference Interest Form!


Thursday March 21, 2024 11:00 - 12:30 CET
Pavilion 7 | Level 7.3 | W06-07
  Security
  • Content Experience Level Any

11:00 CET

SECURITY HUB: 🚩 An Introduction to Cloud Native Capture the Flag
The Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon Europe attendees.  In preparation for getting started with the activity, you are invited to attend an introductory session.

This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together.


Speakers
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →
avatar for Iain Smart

Iain Smart

Principal Consultant, Control Plane
Iain Smart is a Principal Consultant at ControlPlane, where he reviews cloud-native deployments and performs offensive security engagements. He enjoys playing with new technologies, and if he's not hacking a Kubernetes cluster or attacking a build pipeline he can probably be found... Read More →


Thursday March 21, 2024 11:00 - 12:30 CET
Pavilion 7 | Level 7.3 | W08
  Security
  • Content Experience Level Any

11:00 CET

Tutorial: Configuring Your Service Mesh with Gateway API - Mike Morris, Microsoft & Flynn, Buoyant
Gateway API v1.0 is here! But... what does that mean? How do we actually use it? Does it even work? Can we get real, useful things done with Gateway API? Let’s find out! Join Gateway API and GAMMA contributors for a hands-on workshop using either Linkerd or Istio to get things done using Gateway API! We’ll start with unconfigured clusters, walk through installing a demo application with your choice of service mesh, then dig into how to use Gateway API for routing, resilience, progressive delivery, and ingress traffic management. You’ll walk away with practical, real-world knowledge about what Gateway API can do and how to use it, and portable skills you’ll be able to apply to the many projects implementing Gateway API!

Speakers
avatar for Flynn -

Flynn -

Technical Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, spreading the good word about the Linkerd service mesh and educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering - from the kernel up through distributed applications... Read More →
avatar for Mike Morris

Mike Morris

Senior Product Manager, Microsoft
Mike is a product manager at Microsoft working on upstream open source projects with a focus on Istio service mesh, and a former co-lead of the Gateway API GAMMA initiative. He is interested in building healthy, sustainable communities and scalable distributed systems, and working... Read More →


Thursday March 21, 2024 11:00 - 12:30 CET
Pavilion 7 | Level 7.3 | N01-02
  Tutorials, Service Mesh
  • Content Experience Level Any

11:00 CET

🚨 Contribfest: PipeCD Contribfest
In the latest release of PipeCD, we have introduced a new feature that allows for a pluggable architecture in Piped. This exciting enhancement means that PipeCD is no longer limited to supporting only five types of applications. Users now have the flexibility to develop stages and plugins for application types specific to the platforms they are utilizing. During this session, we will focus on reviewing the interface of Piped for the pluggable architecture and demonstrate how to create a simple plugin. Attendees can build a simple plugin that only includes the QuickSync stage for their application's platform use. In addition, we have prepared many good-first-issues so that participants can get acquainted with the PipeCD project and understand how PipeCD is used to achieve progressive delivery quickly and effectively.

Speakers
avatar for Khanh Tran

Khanh Tran

Software Engineer, CyberAgent, Inc.
Khanh is a maintainer of the PipeCD project. He is currently employed at CyberAgent inc, and responsible for the CI/CD system across the organization. As a member of the developer productivity team, his primary focus is on automation and anything that enhances the development process... Read More →


Thursday March 21, 2024 11:00 - 12:30 CET
Pavilion 7 | Level 7.3 | W01

11:55 CET

Reimagining Knative: A Case Study on How Designers Shape Better Documentation - Zainab Husain & Mariana Mejia, OCAD University
Have you ever been stuck in documentation hell, looking for a specific feature and instead finding yourself drowning in between pages of explanations? Have you ever felt confused as a project maintainer on how to organize your own project documentation? If so, then this talk is for you! While open source projects like Knative are primarily developed by technically oriented contributors, the absence of designers often impacts their usability and adoption. The new Knative UX working group has employed several user experience research methods to improve our website navigation. Namely, we will share how card sorting techniques and surveys were used to better structure our documentation. We will also cover other projects the Knative UX group has undertaken to improve the user experience of Knative as well as its accessibility. We want you to walk away from this talk with user research strategies you can apply to your own projects to improve the experience for both contributors and users!

Speakers
avatar for Mariana Mejia

Mariana Mejia

User Researcher at OCAD University and UX Design Lead at Knative, OCAD University
Mariana is a UX Design Researcher working at OCAD University under the Perceptual Artifacts Lab and the UX Design Lead at Knative. She is in her final year of her Industrial design Bachelor’s at OCAD University. She has also been a classroom assistant for the interaction UX design... Read More →
avatar for Zainab Husain

Zainab Husain

Knative UX Design Lead, OCAD University
Zainab Husain is a UX Design Researcher working at OCAD University. She completed her Masters in Engineering at the University of Toronto, focusing on Human Computer Interactions. Zainab is passionate about tools that improve collaboration between Engineers and Designers and is also... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience
  • Content Experience Level Any

11:55 CET

To Infinity and Beyond: Seamless Autoscaling with in-Place Resource Resize for Kubernetes Pods - Aya Ozawa, CloudNatix Inc. & Kohei Ota, Apple
Setting Pod resources like CPU/memory correctly is key for running apps on Kubernetes efficiently and reliably. However, knowing what values to set takes much effort. Sometimes, resources are not set at all, while others are set once during initial testing but never updated. The Vertical Pod Autoscaler (VPA) solves this problem by automatically configuring resources based on historical resource usage. On the other hand, changing resource allocation required Pod recreation since Kubernetes 1.27. This made VPA impractical for workloads where Pod restart is disruptive, resulting in leading to lower availability. With the introduction of the alpha in-place resource resizing, resources can now be updated without recreation, benefiting all workloads. This talk will explore resource management in Kubernetes, including challenges and current solutions. We will then delve into the benefits of in-place resource resizing. By the end, you'll clearly understand effective Pod resource management.

Speakers
avatar for Kohei Ota

Kohei Ota

Senior Field Engineer, Apple
Kohei Ota is a Senior Field Engineer at Apple. In the CNCF community, he is a CNCF Ambassador and the SIG Docs Japanese localization owner for Kubernetes. Beyond his professional roles, Kohei is instrumental in organizing CloudNative Days, the most prominent cloud-native conference... Read More →
avatar for Aya Ozawa

Aya Ozawa

Member of Technical Staff, CloudNatix Inc.
Aya Ozawa is a member of technical staff at CloudNatix. She has been working on platform development based on Kubernetes since 2016. Aya is passionate about open-source technologies, focusing on cloud-native projects. She is also a co-organizer of the Kubernetes Meetup Tokyo, which... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice

11:55 CET

Is There Room for Improving Kubernetes’ HPA? - Berta Serracanta Pujol, UPC Barcelona Tech; Gabor Retvari, L7mp Technologies; Alberto Rodriguez-Natal, Cisco
Our research introduces a control theory-based model of Kubernetes' Horizontal Pod Autoscaler (HPA). We have analyzed the current model of HPA and identified that, although it stabilizes resource utilization effectively, there is potential for improvement in the convergence time. Our proposed framework focuses on a more efficient information distribution strategy, extending from primary microservices to their peripheral counterparts. This approach aims to refine the HPA's responsiveness to fluctuating demands, potentially leading to more rapid adjustments in resource allocation.

Speakers
avatar for Alberto Rodriguez-Natal

Alberto Rodriguez-Natal

Tech Lead, Cisco
Alberto is a Sr. Tech Lead in the Enterprise Networking CTO team at Cisco, working on network virtualization, systems architecture, and protocol design. Before joining Cisco, he earned a PhD in Software-Defined Networking at BarcelonaTech.
avatar for Gábor Rétvári

Gábor Rétvári

PhD, L7mp Technologies (https://l7mp.io)
Gábor Rétvári is co-founder and CTO of L7mp Technologies, and an Associate Professor at BME. He co-founded L7mp Technologies with one ambitious goal: make real-time communications just another boring Kubernetes workload. An expert group of industry specialists and academic researchers... Read More →
avatar for Berta Serracanta Pujol

Berta Serracanta Pujol

PhD Candidate, UPC Barcelona Tech
Berta Serracanta is a PhD candidate at BarcelonaTech. Her research focuses on network-enabled application acceleration, exploring the integration of network and application layers, and the optimization of distributed systems for enhanced operational efficiency.


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | S06
  Emerging + Advanced
  • Content Experience Level Any

11:55 CET

Cloud Native Sustainability Efforts in the Community - TAG Environmental Sustainability - Antonio Di Turi, Data Reply Gmbh & Kristina Devochko, Independent
In tech, sustainability is not just an ideal but a pressing technical challenge, especially within the domain of cloud computing. Enter the CNCF Technical Advisory Group for Environmental Sustainability (TAG ENV), a community group dedicated to cultivating a more eco-friendly CNCF landscape. Join us as we navigate the key challenges confronting our community in the pursuit of a more environmentally friendly cloud native ecosystem. We'll shed light on TAG ENV's latest initiatives and achievements, like our ongoing assessment of the sustainability footprint of CNCF projects. By the end of this session, you'll grasp the current landscape of cloud native sustainability and gain insights into the community's efforts to enhance it. Discover practical ways our work can benefit you and your company, and learn how to actively contribute to our endeavors. Most importantly, you'll recognize sustainability not just as a concept but as an urgent technical challenge demanding attention.

Speakers
avatar for Kristina Devochko

Kristina Devochko

Platform Engineer, Content Creator, TAG Environmental Sustainability Lead, Tietoevry, Public 360° unit
Kristina Devochko is a platform engineer, tech content creator, speaker and tech community contributor. She focuses on all things cloud native, Kubernetes and green tech. Kristina is an owner of kristhecodingunicorn.com tech blog, a CNCF Ambassador, Microsoft Azure MVP, CNCF TAG Environmental... Read More →
avatar for Antonio Di Turi

Antonio Di Turi

Senior consultant & Co-chair WG Green reviews, Data Reply Gmbh
Co-chair of WG Green review in the CNCF TAG-environmental-sustainability. I am determined and dynamic, I like the crowd and I like to be exposed to new stimuli. DevOps and Sustainability are my passions. I feel very lucky because in my job I always find some fun.Headshot: please find... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | E05 - E06

11:55 CET

Gateway API: Beyond GA - Mattia Lavacca, Kong; Surya Seetharaman, Red Hat; Nick Young, Isovalent; Lior Lieberman, Google
The Gateway API project is the next generation of ingress (and service mesh) APIs for Kubernetes. The Gateway API project had it's GA release at the end of last year, but that really is just the beginning of the huge future ahead of the project. In this talk we'll discuss what's going on in the project, and what are some of the next big features and what their status is. We'll have some specific feature focuses, including our "Conformance Profiles" project which enables conformance testing and reports which are an invaluable asset to the project, and can be very valuable to users as well. If you have general Q&A about Gateway API this could be a great place to stop in and ask your questions.

Speakers
avatar for Lior Lieberman

Lior Lieberman

Site Reliability Engineer, Google
Lior is site reliability engineer at Google working on Google Compute Engine. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.
avatar for Surya Seetharaman

Surya Seetharaman

Senior Software Engineer, Red Hat
Surya is an Open Source advocate and contributor, active in the Kubernetes SIG-Network working group. She is working as a Senior Software Engineer at Red Hat in the OpenShift Networking team. Her areas of interest include Cloud Infrastructure and Networked Services and Systems. She... Read More →
avatar for Nick Young

Nick Young

Staff Engineer, Isovalent
Nick has been working to prevent the entropic downfall of systems for 25 years, across datacenters, clouds, networking, and others. He's a Staff Engineer at Isovalent, and a maintainer on the Kubernetes Gateway API project, where he works on improving the ingress and mesh experiences... Read More →
avatar for Mattia Lavacca

Mattia Lavacca

Software Engineer, Kong
Mattia is a Software Engineer at Kong, working on Kubernetes networking. He is a key contributor to some SIG-Network projects, such as Gateway API, Ingress2Gateway, and Blixt, and a co-lead of Kong's Gateway API implementation. He is working on many Kong projects related to networking... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | N04

11:55 CET

Giving and Receiving Professional Feedback - Hilliary Lipsig, Red Hat; Ana Margarita Medina, Lightstep; Danielle Lancashire, Fermyon; Xander Grzywinski, Microsoft
Kubernetes Code of Conduct committee presents: Tips for giving and receiving Professional Feedback. We communicate with each other daily, but one of the hardest forms of communication is feedback, especially when criticism may need to be a part of the feedback. One of the hardest parts of asynchronous feedback in a global organization is how to give that feedback, where tone will not be present and language barriers may result in our words being translated by a 3rd party translation tool. In this session we’ll share patterns and examples of feedback and criticism that can be applied to Pull Request reviews, strategies for disagreeing professionally, and how to examine feedback and criticism you receive.

Speakers
avatar for Ana Margarita Medina

Ana Margarita Medina

Senior Staff Developer Advocate, Lightstep from ServiceNow
Ana Margarita Medina is a Senior Staff Developer Advocate, she speaks on SRE, DevOps, and Reliability. She is a self-taught engineer with over 13 years of experience, focusing on cloud infrastructure & reliability. She has been part of the Kubernetes Release Team since v1.25, serves... Read More →
avatar for Danielle Lancashire

Danielle Lancashire

Principal Software Engineer, Fermyon
Danielle is a principal engineer at Fermyon where she mostly works on the Fermyon Cloud. She is also a co-chair of the CNCF wasm-wg, member of the Kubernetes Code Of Conduct Committee, and a Kubelet maintainer. When not at a computer she can often be found riding bikes and taking... Read More →
avatar for Hilliary Lipsig

Hilliary Lipsig

Principal Site Reliability Engineer, Red Hat
Hilliary is an autodidact and start-up veteran who has frequently learned and applied technologies to get a job done. She’s had her hand in every part of the application delivery process, honing in her skills originally as a QE engineer. Hilliary is an IT polyglot able to talk the... Read More →
avatar for Xander Grzywinski

Xander Grzywinski

Open Source Product Manager, Microsoft
Xander is an open source product manager at Microsoft focusing on container security and policy projects. Previously he worked in various roles on platform and open source teams at Twitter, Apple, and HashiCorp. When not at a computer, you'd most likely find him at a pottery whee... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | W02-03

11:55 CET

Intro + Deep Dive: Kubernetes SIG Scalability - Wojciech Tyczyński, Google & Shyam Jeedigunta, Amazon Web Services
This session will cover different efforts that SIG Scalability is involved in: defining what scalability means for Kubernetes, driving performance improvements, maintaining infrastructure for scalability testing, guarding Kubernetes against performance regressions. In addition to overall overview, the most recent achievement and challenges are always the top focus for the presentation. Cooperation with other SIGs is an important aspect of the presentation as many improvements driven from the SIG are in fact owned by other SIGs. Time for Q&A will be reserved at the end of the session to understand how the SIG can better engage with the community as well as to allow the audience to provide the input about the roadmap.

Speakers
avatar for Wojciech Tyczyński

Wojciech Tyczyński

Senior Staff Software Engineer, Google
Wojciech is working on Google Technical Infrastructure & Cloud since 2012. Since 2015 he works on Kubernetes and GKE. With the main focus on scalability, performance and reliability, he gained experience and contributed to many Kubernetes features and most of its components. Before... Read More →
avatar for Shyam Jeedigunta

Shyam Jeedigunta

Senior Software Engineer, Amazon Web Services
Shyam Jeedigunta has worked with the Kubernetes project for over 7 years. His key focus is availability, performance and resiliency of Kubernetes and managed public cloud offerings. As a co-chair for SIG scalability, he has helped drive its charter in making scalability a first-class... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | N03

11:55 CET

Kubernetes Data Protection WG Deep Dive - Dave Smith-Uchida, Veeam
Data Protection WG is dedicated to promoting data protection support in Kubernetes. The Working Group is working on identifying missing functionalities and collaborating across multiple SIGs to design features to enable data protection in Kubernetes. In this session, we will discuss what is the current state of data protection in Kubernetes and where it is heading in the future. They will also talk about how interested parties (including storage and backup vendors, cloud providers, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.

Speakers
avatar for Dave Smith-Uchida

Dave Smith-Uchida

Technical Leader, Veeam
Dave has been a leader in data protection for Kubernetes for the last several years. In addition to his work at Veeam on Kasten K10, he is a founding member of the Kubernetes Data Protection Working Group and was formerly the architect for the Velero Open Source Kubernetes backup... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | E01-02

11:55 CET

Fink on Kubernetes: Efficient Management of Massive Alert Streams for Astronomical Objects Identific - Fabrice Jammes & Julien Peloton, CNRS; Etienne Fayen, Universite Paris-Saclay
Modern astronomical facilities such as the Rubin Observatory produce real-time streams of millions of alerts each night, distributed by large Apache Kafka clusters. In this context, the role of the Fink broker project is to facilitate the manipulation of these large-scale astronomical alert streams for scientific communities whose main interest is neither computer science nor software engineering, and enable new discoveries to be made every night. In this talk, I will describe the cloud-based infrastructure of Fink, relying on state-of-the-art distributed computing frameworks such as Apache Spark, and the integration with Kubernetes to enable real-time decisions. Finally, I will dive into the details of Fink's complex software stack which is rigorously tested in a self-hosted CI/CD environment on Kubernetes and OpenStack. You will walk away with an understanding of modern challenges in astronomy, and how Kubernetes can help push further the frontiers of science!

Speakers
avatar for Fabrice Jammes

Fabrice Jammes

Research engineer, CNRS IN2P3
Fabrice Jammes, collaborating with Stanford University experts, contributes significantly to the LSST cosmology project, focusing on Qserv and Fink-broker. His role extends to packaging these two complex software stacks in Kubernetes. Fabrice also trains engineers globally, enhancing... Read More →
avatar for Julien Peloton

Julien Peloton

Research Engineer, CNRS
Julien Peloton is a Research Engineer at CNRS. He has spent many years working in the fields of software engineering, cloud computing and astronomy. He is co-PI on the Fink broker project, which has led to the discovery of many new astrophysical objects. He is also actively involved... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | Paris Room

11:55 CET

CRD Vs Dedicated Etcd as Storage Backend : Lessons from Taming High Churn Clusters - Hemanth Malla, Datadog & Marcel Zięba, Isovalent
Configuring Cilium for large clusters introduces a spectrum of challenges, with critical decisions like choosing a CRD backend, leveraging CiliumEndpointSlices, or opting for a dedicated kvstore for state propagation significantly impacting scalability. Each choice comes with its own set of pros and cons, necessitating distinct monitoring strategies. Moreover, once a configuration is in place, the challenge lies in migrating between options seamlessly without incurring downtime. As your kubernetes clusters grow, over time you may need to revisit some decisions to optimize for performance. If you've ever wondered how to fine-tune Kubernetes and Cilium for large-scale clusters or if you're seeking insights on setting up robust monitoring to prevent outages, this session is tailored for you. Join us to explore strategies, best practices, and real-world lessons and leave with actionable insights that will allow you to confidently navigate scale with Kubernetes and Cilium.

Speakers
avatar for Hemanth Malla

Hemanth Malla

Senior Software Engineer, Datadog
Hemanth Malla is a Senior Software Engineer working on Kubernetes and container networking at Datadog. He is also a Cilium CNCF maintainer. Previously he worked on various distributed systems in industries like e-commerce, fintech and high frequency trading. Apart from computers... Read More →
avatar for Marcel Zięba

Marcel Zięba

Staff Software Engineer, Isovalent
Marcel Zięba is a Staff Software Engineer at Isovalent and is leading SIG Scalability in the Kubernetes open-source community. Previously, Marcel worked on Kubernetes and Google Kubernetes Engine since 2020 focusing mainly on performance and scalability. Now he is focusing on the... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance

11:55 CET

The IaC Evolution - on Open Source & Everything Else - Sharone Zitzman, RTFM Please; Mandi Walls, PagerDuty; Ohad Maislish, env0; Solomon Hykes, Dagger.io; Eran Bibi, Firefly
From config management to infrastructure as code, and now CDK––with evolving open source licenses, newly forked projects like OpenTofu and everything else––as with all things cloud native, even our IaC landscape is a continuously moving target. With this panel of experts Ohad Maislish from env0 & OpenTofu, Solomon Hykes Co-Founder at Dagger & Docker, Mandi Walls, DevOps Advocate at PagerDuty, and Eran Bibi, co-Founder at Firefly, we'll unpack how the changes in IaC have impacted our workloads and cloud native operations directly. We'll explore and pontificate on what's coming next in the world of IaC for the cloud native ecosystem, where new developments in CI/CD come into the mix, on open source trials and tribulations, and what challenges still need to be overcome. Come ready to grill these IaC masters to tap into their expertise!

Speakers
avatar for Mandi Walls

Mandi Walls

DevOps Advocate, PagerDuty
avatar for Sharone Zitzman

Sharone Zitzman

Chief DevRel, RTFM Please
Sharone Zitzman, is a developer relations professional and an open source community builder, who likes to work with engineering teams that are building products that developers love. Having built both the DevOps Israel and Cloud Native & OSS Israel communities from the ground up... Read More →
avatar for Ohad Maislish

Ohad Maislish

CEO, env0
Ohad Maislish is the CEO and co-founder of env0. Prior to env0, Ohad was the CEO and founder of Arno Software, and Capester. In addition to these roles, Ohad has served in different technical and management roles at Ravello Systems, eToro and VMware. He started his career as the youngest... Read More →
avatar for Solomon Hykes

Solomon Hykes

CEO, Dagger.io
Solomon Hykes is the co-founder and CEO of Dagger.io, the first programmable CI/CD engine. Before that, he was the co-founder of Docker, where he served for 10 years as CEO then CTO, and a founding member of the CNCF Technical Oversight Committee. Solomon grew up in France, and now... Read More →
avatar for Eran Bibi

Eran Bibi

Co-Founder & CPO, Firefly
Eran Bibi is Co-Founder and Chief Product Officer at Firefly. With years of experience in anything DevOps, he has earned a reputation as a CI/CD, Cloud Infra expert and an avid admin of K8s and containerized environments. Prior to Firefly, Eran was Head of DevOps & Cloud Platform... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | S04
  Operations + Performance
  • Content Experience Level Any

11:55 CET

Kubernetes Controllers in Rust: Fast, Safe, Sane - Matei David, Buoyant
The Rust programming language was built to create reliable, fault-tolerant, and efficient software. These are all desirable properties for a Kubernetes controller! But it’s only been in the last couple of years that projects like kube-rs and kubert have provided Rustaceans with truly viable alternatives to writing controllers in Go using client-go. Linkerd, the graduated CNCF service mesh, has been using Rust for its data plane proxies since the release of Linkerd 2 in 2018: the data plane has to be as fast and secure as possible, so Rust was a natural choice. Most of the control plane was still written in Go, but that all changed with our first Rust controller in 2021. Join us for a deep dive into the challenges, lessons learned, and ultimately the benefits of using Rust for Kubernetes controllers, and why increasingly more projects are adopting Rust.

Speakers
avatar for Matei David

Matei David

Software Engineer, Buoyant
Matei is a London based software engineer at Buoyant and an avid open source contributor. One of the maintainers of the Linkerd project, CNCF's graduated service mesh, Matei is passionate about networking (not just the social type!) and systems engineering.


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

11:55 CET

Seamless Multi-Cloud Kubernetes: A Practical Guide - Justin Santa Barbara, Google & Ciprian Hacman, Microsoft
One Kubernetes cluster can span multiple availability-zones, but running in multiple regions or even multiple clouds is an “exercise for the reader”. We present a realistic and practical approach: how best to run multiple Kubernetes clusters across regions and clouds. We will explore how modern Kubernetes tools like kOps and ClusterAPI enable homogeneous cluster creation and management across diverse cloud platforms. We show how to embrace GitOps principles to effectively manage multiple control planes, eliminating the need for complex federation solutions. We’ll describe solutions for both north-south and east-west network traffic. We’ll also delve into scenarios where this approach is not optimal, such as highly stateful workloads. Benefits of the approach include cost-optimization, disaster recovery, and blue/green cluster upgrades. The approach has deep implications for the evolution of Kubernetes itself, and we’ll share how to think about future Kubernetes cluster management.

Speakers
avatar for Justin Santa Barbara

Justin Santa Barbara

Software Engineer, Google
Justin has been contributing to kubernetes since 2014, initially as the primary maintainer of the kubernetes AWS support, he also started the kOps project. He loves helping users adopt and grow their use of kubernetes, and believes that we have only scratched the surface of the kubernetes... Read More →
avatar for Ciprian Hacman

Ciprian Hacman

Software Engineer, Microsoft
Ciprian Hacman is a Software Engineer, working with cloud-native technologies. He is also an open source project maintainer for kOps (Kubernetes Operations), etcd-manager, cloud-provider-aws and frequent contributor to other projects in the Kubernetes ecosystem.


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.3 | S05
  Platform Engineering

11:55 CET

Unlocking New Platform Experiences with Open Interfaces - Thomas Vitale, Systematic & Mauricio "Salaboy" Salatino, Diagrid
Building beautiful, tailored experiences on top of Kubernetes is hard. Are you building the right abstractions for dev teams to perform their tasks? It is challenging for platform teams to enable such experiences and choose what components they have to build themselves. Mauricio and Thomas will analyze existing CNCF projects to implement an end-to-end experience and support teams from idea to production, using a “function-as-a-service” example. They will look into how: - Knative Serving provides a simplified serverless experience - Knative Func provides a polyglot CLI tool for developers - OpenFunction orchestrates the functions lifecycle - OpenFunction integrates KEDA and Dapr to enable complex use cases. The presentation will identify the strengths of these tools and which gaps platform teams will need to bridge when building a FaaS experience. The lessons learned and tips shared will help teams bring more projects to their platforms without complicating end-to-end workflows.

Speakers
avatar for Mauricio Salatino

Mauricio Salatino

Software Engineer, Diagrid
Mauricio works as an Open Source Software Engineer at @Diagrid, contributing to and driving initiatives for the Dapr OSS project. Mauricio also serves as a Steering Committee member for the Knative Project and Co-Leading the Knative Functions initiative. He published a book titled... Read More →
avatar for Thomas Vitale

Thomas Vitale

Software Engineer, Systematic
Thomas Vitale is a software engineer and architect focused on building cloud native, resilient, and secure applications and platforms. He works at Systematic, is a CNCF Ambassador, KCD organizer, and the author of “Cloud Native Spring in Action”. Thomas likes contributing to open-source... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.1 | Room A
  Platform Engineering

11:55 CET

Brewing the Kubernetes Storm Center: Open Source Threat Intelligence for the Cloud Native Ecosystem - Constanze Roedig, Technische Universität Wien & James Callaghan, ControlPlane
The process of threat modelling can seem an abstract art, especially regarding scoring and prioritisation. We show how a non-expert can practically validate threat modelling predictions and quantify the relative risk of different attack vectors. After a general introduction, we propose an extensible method that, based on a given threat model: a) generates a Kubernetes-based environment with embedded trip-wires, enabling the detection of real attacker paths without interference, b) exposes these simulated environments to the wild to observe quantitative threat intelligence in action, and c) informs cost-effective decisions for a defensive team. We discuss caveats, emphasise the critical role of automation in scalability across diverse threat models, and live showcase one quantified attack tree utilising Tetragon. To benefit the Kubernetes ecosystem, this accessible framework can be crowd-sourced into an open source threat intelligence capturing network for risk exposure quantification.

Speakers
avatar for Dr Constanze Roedig

Dr Constanze Roedig

Head of the Austrian Open Cloud Community, Technische Universität Wien
Constanze earned her doctorate at the Albert Einstein Institute in relativistic radiation hydrodynamics. After 8 years as a software architect focussed on reimplementing legacy systems with transparent, performant, scalable and defensible designs, she returned to academia for an Austrian-wide... Read More →
avatar for James Callaghan

James Callaghan

Principal Consultant, ControlPlane
Dr. James Callaghan is a Principal Consultant at ControlPlane. He started off working as a Theoretical Physicist, but long nights of coding sparked an interest in how easy it can be for vulnerabilities to creep in, and thus a career in cyber security was born. James then spent a number... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.1 | Room F
  Security

11:55 CET

Stop Leaking Kubernetes Service Information via DNS! - John Belamaric, Google & Yong Tang, Ivanti
Most Kubernetes distributions implement role-based access control (RBAC) to keep nosy users from poking around in other people’s applications. Well, maybe for more serious reasons than that, since a fundamental principle of security is keeping information “need to know”. What cluster administrators may not realize is that even when visibility is tightly restricted by RBAC in the Kubernetes API, it is completely unrestricted in DNS! By default, the Kubernetes DNS specification exposes all services to all clients via DNS. In this talk, you will learn how to use CoreDNS to fix that…and why you may not want to!

Speakers
avatar for Yong Tang

Yong Tang

Senior Director of Engineering, Ivanti
Yong Tang is Senior Director of Engineering at Ivanti. He is a core maintainer of CoreDNS and contributes to many container, cloud-native, and machine learning projects for the open source community. In addition to CoreDNS, he is a maintainer of Docker/Moby. He is also a maintainer... Read More →
avatar for John Belamaric

John Belamaric

Sr Staff Software Engineer, Google
John is a Sr Staff SWE, and a co-chair of Kubernetes SIG Architecture, leading efforts on production readiness, conformance, and software architecture. He is co-founder of Nephio, an LF project for K8s-based automation of large scale telco edge deployments, and a maintainer of CoreDNS... Read More →


Thursday March 21, 2024 11:55 - 12:30 CET
Pavilion 7 | Level 7.1 | Room D
  Security

12:30 CET

Lunch 🍲
Thursday March 21, 2024 12:30 - 14:30 CET

12:30 CET

Diversity + Equity + Inclusion Lunch Sponsored by Intel
Join this special lunch program featuring discussion around diversity, equity, and inclusivity. More details TBA.

Seating is limited and will be available on a first come, first served basis.

Thank you to our sponsor, Intel!

Thursday March 21, 2024 12:30 - 14:30 CET
Pavilion 7 | Level 7.3 | W05

13:00 CET

Project Pavilion Tour with Jorge Castro, CNCF
Explore the Project Pavilion, a hub of innovation and discovery! Take part in daily tours, interact with project maintainers at their kiosks, gain insights on community engagement and KCD event organization, and learn more about certification opportunities to showcase your expertise.

Join cloud veteran Jorge Castro as he takes you on a guided tour of our cloud native projects. This tour will include an introduction to the Pavilion, making introductions, interacting with maintainers, and ensuring you end up talking to the right projects!

Thursday March 21, 2024 13:00 - 13:20 CET
Pavilion 7 | Level 7.2 | Hall 7.2 | Project Pavilion
  Project Opportunities
  • Content Experience Level Any

14:00 CET

Open Space Session: Creating a More Accessible Cloud Native Community Together: A Deaf and Hard-of-Hearing Perspective
Join members of the Deaf & Hard of Hearing Group to discuss how *you* can help pave the way for a more accessible cloud native community. What does accessibility really mean? What do deaf and hard of hearing individuals bring to the table? Why should you care? And how can you help advocate for a more accessible cloud native world? Meet our team and become an ally!  

Thursday March 21, 2024 14:00 - 14:45 CET
Open Space Session 1 | Solutions Showcase

14:30 CET

Product Market Misfit: Adventures in User Empathy - Mitch Connors, Aviatrix
How would you respond when the intended users for your new product tell you they do not want it? I got to find out first hand when prospective users of Istio's new Ambient mode informed me one by one that they were unlikely to adopt the software I and dozens of other engineers had spent over a year building. While difficult in the moment, these conversations helped change my understanding of what we had built together, and reshaped the strategy behind Istio's Ambient mode into something altogether new (and yet something very much the same, as we shall see). Along the way, I learned valuable lessons, including what my users think is difficult, and what they think is easy; how to foster honest (and sometimes negative) feedback from users; and the true cost and value of a cloud native platform. In this session, I will share these lessons, and discuss tactics and strategies for developing an empathetic understanding of your users.

Speakers
avatar for Mitch Connors

Mitch Connors

Sr Principal Software Engineer, Aviatrix
Mitch Connors is a Sr. Principal Software Engineer at Aviatrix, and serves on the Istio Technical Oversight Committee. Over the past 17 years, Mitch has worked at Google, F5 Networks, Amazon, an Industrial IoT startup, and State Farm Insurance, giving him a broad perspective on the... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S02
  Cloud Native Experience

14:30 CET

The Rustvolution: How Rust Is the Future of Cloud Native - Flynn, Buoyant
For the last several years, Go and Kubernetes have been all but inseparable. This monoculture approach has brought some tremendous benefits to the cloud-native ecosystem, fueling the growth of companies moving to cloud native through Go's extensive set of widely-available common tools, and the wide base of talent it provided. Today, the maturing ecosystem also recognizes some of Go's limitations and looks to languages like Rust for memory safety, fearless concurrency, and zero-cost abstractions — capabilities that address critical challenges faced by developers in modern distributed systems. With the rise of excellent Rust-native approaches to Kubernetes development, Rust promises us a world without null pointers, memory leaks, and garbage collection. Join this session to learn why (and how) to look to Rust for the future of the cloud native ecosystem.

Speakers
avatar for Flynn -

Flynn -

Technical Evangelist, Buoyant
Flynn is a tech evangelist at Buoyant, spreading the good word about the Linkerd service mesh and educating developers about Linkerd, Kubernetes, and cloud-native development in general. He has spent 40 years in software engineering - from the kernel up through distributed applications... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S01
  Cloud Native Novice

14:30 CET

Leveling up Wasm Support in Kubernetes - Matt Butcher, Fermyon
WebAssembly is a compelling technology for writing high-performance apps inside of Kubernetes. With cold start times coming in at half a millisecond, Wasm programs can be started, scaled, and stopped in the blink of an eye. This makes them a brilliant complement to containers, which often take seconds to cold start, but which are much better for long running process. We took an early shot at adding WebAssembly to Kubernetes when we built Krustlet (a CNCF project). Later, WebAssembly support was added at the Containerd level with Runwasi. In this talk, we explore the future of WebAssembly support in Kubernetes, investigating how we can reap the complete benefits of this new technology without having to force it to act like a container. We’ll explore using proxying to scale WebAssembly workloads from zero to thousands and back again in an instant.

Speakers
avatar for Matt Butcher

Matt Butcher

CEO, Fermyon
Matt Butcher (CEO) is a founder of Fermyon. He is one of the original creators of Helm, Brigade, CNAB, OAM, Glide, and Krustlet. He has written or co-written many books, including "Learning Helm" and "Go in Practice." He is a co-creator of the "Illustrated Children’s Guide to Kubernetes... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S06
  Emerging + Advanced

14:30 CET

CNCF BSI-WG Intro - Klaus Ma, Nvidia & Alexander Scammon, G-Research
Cloud Native Batch System Initiative Working Group is a group formed by passionate batch system maintainers looking to support batch workload in cloud native environments. In the passed year, there're several topics was discussed in this WG, e.g. batch landscape; we'd like to introduce our work into the community for the developer who are also interesting in batch system.

Speakers
avatar for Alex Scammon

Alex Scammon

Head of Open Source Development, G-Research
I enjoy building motivated and effective engineering organizations. Whether at a large international company or a small local startup, I care about how we create products just as much as what those products actually are.
avatar for Klaus Ma

Klaus Ma

Principle Software Engineer, Nvidia
Team leader, system architect, designer, software developer with 10+ years of experience across a variety of industries andtechnology bases, including cloud computing, machine learning, bigdata and financial services. Founding Volcano & kube-batch; Kubernetes SIG-Scheduling emeritus... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | E05 - E06

14:30 CET

GitOps Continuous Delivery at Scale with Flux - Stefan Prodan
In this session, Stefan will talk about best practices when running Flux at scale in production. He will start with an overview of the scaling capabilities of Flux controllers, from vertical scaling to horizontal scaling and sharding. He will do a deep dive into each scaling method and will explain when and how to use them in relation to multi-tenancy, cluster fleet size and workload complexity. Stefan will introduce the Mean Time To Production benchmarking tool that the Flux team has developed using CUE lang and Timoni. The benchmark measures the time it takes for Flux to deploy thousands of Helm charts and Kustomize overlays on Kubernetes clusters. He will explain the benchmark results and will share the lessons learned from running the benchmark on different Kubernetes distributions and providers. Stefan will conclude the session with a quick glance at the Flux roadmap and will share the plans for the next GA release.

Speakers
avatar for Stefan Prodan

Stefan Prodan

Stefan is a an open source contributor to cloud-native projects. He is the creator of Flagger the progressive delivery operator for Kubernetes, and a core maintainer of the CNCF's Flux project. Stefan has over 15 years of experience with software development and he enjoys programming... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | W02-03

14:30 CET

Ingress-Nginx and 2024 Plans - Marco Ebert, Giant Swarm & James Strong, Isovalent
As we begin 2024, there is a diverse set of compelling topics to delve into concerning ingress-nginx, and two notable aspects that warrant thorough discussion are modsecurity and potential LUA replacements. Specifically, we are openly exploring replacing LUA, which is pivotal in facilitating features such as hot reload, with alternatives like Rust or leveraging the NGINX NJS library. While our steadfast objective of decoupling the control plane (ingress) from the data plane (nginx) has been a cornerstone of our long-term plans, it has been challenging. Throughout the presentation, we will candidly share insights into the hurdles we've encountered and how we want to navigate them to fulfill our overarching vision. 2024 holds promising developments for ingress-nginx, & this presentation serves to articulate our plans. We invite you to join us as we unveil our roadmap for the year!

Speakers
avatar for James Strong

James Strong

Solution Architect, Isovalent
James has been working in the cloud for 7 years. He helped build a private cloud at GE Appliances and developed and supported REST API's in AWS on docker. Recently he has passed the CNCF's CKA exam and helps companies migrate their applications to Kubernetes.
avatar for Marco Ebert

Marco Ebert

Site Reliability Engineer, Giant Swarm
Hey there! 👋I'm Marco, involved in Open Source for more than 10 years, working with Kubernetes since 2016 and crazy about everything related to connectivity & computing. I enjoy supporting people with getting the most out of their cloud journey and, in my spare time, work on projects... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | N03

14:30 CET

Kubernetes Policy Time Machine: Where to Next? - Jim Bugwadia, Nirmata & Andy Suderman, Fairwinds
Struggling to navigate the fast paced world of Kubernetes policies? Join members of the Kubernetes Policy Working Group (WG) for a deep dive into each available flavor of policy, from built-in API resources and admission controls, to the new ValidatingAdmissionPolicies which are customizable using the Common Expressions Language (CEL), and powerful policy as code OSS projects that leverage dynamic admission controls. They will dissect the pros and cons of each approach helping you choose the right tools for securing your clusters, optimizing resource usage, and simplifying day-to-day management. They will also discuss current and upcoming activities in the Policy WG, like the Policy Reports API, and how you can get involved.

Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Co-founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy and governance company. Jim is an active contributor in the cloud native community and currently serves as co-chair of the Kubernetes Policy and Multi-Tenancy Working Groups. Jim is also a co-creator and maintainer... Read More →
avatar for Andy Suderman

Andy Suderman

CTO, Fairwinds
Andy Suderman is CTO at Fairwinds, a provider of software for platform teams running Kubernetes to standardize and enable development best practices. Andy has worked with cloud native technologies for the last seven years helping organizations adopt and manage Kubernetes. Andy is... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | E01-02

14:30 CET

Kubernetes SIG Storage: Intro & Deep Dive - Xing Yang, VMware & Jan Šafránek, Red Hat
Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled, storage capacity management (container ephemeral storage usage, volume resizing, etc.), influencing scheduling of containers based on storage (data gravity, availability, etc.), and generic operations on storage (snapshotting, etc.). In this session, we will deep dive into some projects that SIG Storage is currently working on, provide an update on the current status, and discuss what might be coming in the future.

Speakers
avatar for Jan Šafránek

Jan Šafránek

Software Engineer, Red Hat
Jan is a Senior Principal Software Engineer at Red Hat working on storage aspects of Kubernetes. He started developing Kubernetes more than 8 years ago, and is one of the founding members of SIG-Storage. He’s the author of PersistentVolume controller, dynamic provisioning and StorageClass... Read More →
avatar for Xing Yang

Xing Yang

Tech Lead, VMware by Broadcom
Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware by Broadcom. She is a co-chair of CNCF Storage TAG, a co-chair of the Kubernetes Storage SIG, a co-chair of the Data Protection WG, and a maintainer in Kubernetes CSI. Before joining VMware, Xing was the Lead Architect... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | N04

14:30 CET

Fortifying AI Security in Kubernetes with Confidential Containers (CoCo) - Suraj Deshmukh, Microsoft & Pradipta Banerjee, Red Hat
AI models have become valuable intellectual property that can provide organizations with a competitive edge. Users are searching for ways to secure their AI models without implicitly trusting third-party platform providers. While encryption is available to keep models secure when they’re stored & transferred, they’re still decrypted & loaded into memory during inferencing, potentially exposing them to unintentional or intentional exfiltration. This is where "confidential computing" comes in. This technology encrypts memory to protect data in use. Confidential Containers (CoCo) is a CNCF sandbox project that aims to bring confidential computing to k8s. The k8s AI/ML ecosystem is mature & offers many AI/ML training & inferencing options. The focus is on using CoCo with Kserve project to show how CoCo strengthens AI model protection. Apart from inferencing, we will explore broader application of CoCo, emphasizing its role in providing general memory protection for foundational platforms.

Speakers
avatar for Suraj Deshmukh

Suraj Deshmukh

Senior Software Engineer, Microsoft
Suraj Deshmukh is a Senior Software Engineer at Microsoft, where he works on the Confidential Containers project, a CNCF sandbox initiative that aims to provide a secure and private way to run containerized workloads on Kubernetes. Suraj has been involved in the Kubernetes space for... Read More →
avatar for Pradipta Banerjee

Pradipta Banerjee

Senior Principal Software Engineer, Red Hat
Pradipta is a seasoned professional with extensive experience in software product development and open-source communities. He is currently developing technologies to enhance the privacy and security of workloads running in the public cloud. He is one of the project maintainers and... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | Paris Room

14:30 CET

Intelligent Observability: The Foundation for Operating Smarter in the Age of AI - Alolita Sharma, Apple
A cloud-native observability baseline has until today meant instrumenting your applications and infrastructure to emit telemetry data such as metrics, traces and logs to understand system behavior quantitatively. This baseline is evolving as a new generation of cloud-native AI-enabled applications roll in. These applications are leveraging large language models (LLMs) to become exponentially smarter. The next generation of observability platforms will support AI models and applications out of the box. They will collect much more data & serve as the basis for truly understanding system behavior qualitatively in addition to quantitatively. Intelligent observability is the first step of operating smartly aka AIOps. AIOps, refers to the application of AI, ML, data analysis to manage enterprise apps and infrastructure. As we operate global AI-enabled applications, AIOps leverages intelligent observability and helps reduce time to detect, resolve and even prevent system failures and outages.

Speakers
avatar for Alolita Sharma

Alolita Sharma

Engineering Leader, Apple
Alolita Sharma is a member of OpenTelemetry GC, CNCF Observability TAG co-chair and CNCF Governing Board member from Apple. She leads Apple’s AIML observability teams. She contributes to open source, open standards at OpenTelemetry, O11y Query Language standard, Unicode, W3C. She... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S05
  Observability
  • Content Experience Level Any

14:30 CET

Empowering Efficiency: PEAKS - Orchestrating Power-Aware Kubernetes Scheduling - Parul Singh, Red Hat & Krishnasuri Narayanam, IBM
Existing Kubernetes schedulers prioritize resource allocation over varying node power efficiencies. PEAKS (Power Efficiency Aware Kubernetes Scheduler) targets aggregate power optimization during scheduling. Using ML models considering Node Utilization vs Power Consumption, PEAKS recommends nodes for pod scheduling, addressing power inefficiencies on underutilized nodes. This dynamic approach aligns nodes along the utilization-power curve, significantly reducing power compared to default schedulers. Emphasizing multi-objective optimization and power efficiency, PEAKS innovates cloud-native system management. Kepler facilitates energy metrics collection from cluster nodes, enhancing power-aware scheduling. The discussion explores diverse pod placement strategies based on node utilization-power relations, enriching Kubernetes' energy optimization.

Speakers
avatar for Parul Singh

Parul Singh

Senior Software Engineer, Red Hat
Parul Singh is a Senior Software Engineer in the emerging technologies group within the Red Hat Office of the CTO. She is responsible for researching emerging technology trends and developing cloud-native prototypes that address the identified challenges and opportunities and inform... Read More →
avatar for Krishnasuri Narayanam

Krishnasuri Narayanam

Senior Research Engineer, IBM
Krishnasuri is a Research Engineer working on Sustainable Computing at IBM Research, India. Earlier he was a major contributor of Hyperledger Cacti, an open source platform for blockchain interoperability. He is an inventor of 40 Issued US Patents & an author of ACM/IEEE peer-reviewed... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S03
  Operations + Performance
  • Content Experience Level Any

14:30 CET

The Party Must Go on - Resume Pods After Spot Instance Shut Down - Muvaffak Onuş, QA Wolf
Spot instances are about 60% cheaper but they frequently shut down and not every application can be resilient to handle it without data loss, especially long running jobs like automated QA tests or data processing pipelines. What if you can migrate your container to another node with zero-downtime when a shutdown signal is received? At QA Wolf, we heavily rely on spot instances for more than 2 million QA test jobs per month due to their cost-effectiveness but the failures caused by shutdowns at this scale were significant enough for our customers to notice. We built a Kubernetes controller that orchestrates snapshot and recovery of containers of the failing nodes to another node where it can resume from the same state without data loss. In this talk, we will start with a demo, dive deep into the underlying mechanisms and see how much one can save in which scenarios.

Speakers
avatar for Muvaffak Onuş

Muvaffak Onuş

Staff Software Engineer, QA Wolf
Muvaffak is an emeritus maintainer of Crossplane and Staff Software Engineer at QA Wolf where he's leading the infrastructure transformation for AI applications. Formerly, he's worked at Upbound as tech lead of the team maintained Crossplane and Upjet projects, and at SAP where he... Read More →


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.3 | S04
  Operations + Performance

14:30 CET

Introducing ClusterInventory and ClusterFeature API - Eduardo Arango Gutierrez, NVIDIA & Ryan Zhang, Microsoft
Discover how ClusterInventory and ClusterFeature APIs fortify the Kubernetes/CNCF MultiCluster ecosystem. ClusterInventory streamlines cluster management, integrating diverse tools, while ClusterFeature reveals unique cluster attributes, adding depth. This synergy boosts efficiency and flexibility in multi-cluster environments. Explore how these APIs reshape Kubernetes multi-cluster operations, gaining insights for tool compatibility across clusters and smooth transitions between different managers. Join us for a deep dive into the transformative potential, charting the future of Kubernetes multi-cluster application management. During the talk, we will demo a custom controller that makes use of both APIs to easily manage a multi-cluster Environment. Attendees will gain knowledge on how to utilize these two new APIs to simplify multi-cluster management, as well as how to create custom controllers to build upon them.

Speakers
avatar for Ryan Zhang

Ryan Zhang

Principal Software Engineering Manager, Microsoft
Dr. Ryan Zhang is a Principal Software Engineering Manager at Microsoft, working on Azure Kubernetes Service Team. Ryan has been working on Cloud Native open source projects for the past few years including CloudEvents, Open Application Model (OAM) and multi-cluster related initi... Read More →
avatar for Eduardo Arango Gutierez DE

Eduardo Arango Gutierez DE

Senior Systems Software Engineer, NVIDIA
Eduardo is a Senior Systems Software Engineer at NVIDIA, working on the Cloud Native Technologies team. Eduardo has focused on enabling users to build and deploy containers on distributed environments.


Thursday March 21, 2024 14:30 - 15:05 CET
Pavilion 7 | Level 7.1 | Room B
  Platform Engineering

14:30 CET

Unlock Energy Consumption in the Cloud with eBPF - Leonard Pahlke, University of Applied Sciences Hamburg
Let's future-proof your IT infrastructure by starting to record your systems' energy usage. Collecting the data is challenging since energy usage is abstracted away and thus inaccessible. Cloud Native tools are here to help surface the data, and with tech like eBPF, we have an efficient approach at hand. The Kepler project already uses it to expose energy metrics of your Kubernetes cluster. But as with any emerging field, technologies have the