{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2024.3.1"}, "schedule": {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/schedule/", "version": "0.10", "base_url": "https://cfp.cloud-native.rejekts.io", "conference": {"acronym": "cloud-native-rejekts-na-2019", "title": "Cloud Native Rejekts NA (San Diego) 2019", "start": "2019-11-16", "end": "2019-11-17", "daysCount": 2, "timeslot_duration": "00:05", "time_zone_name": "UTC", "colors": {"primary": "#FF0000"}, "rooms": [{"name": "The Theater", "guid": "f65c2d1c-523b-5e8d-8959-3de08f2167f7", "description": null, "capacity": 75}, {"name": "The Gallery", "guid": "668cf7c7-0369-5119-885b-db6c3c77fbeb", "description": null, "capacity": 140}], "tracks": [], "days": [{"index": 1, "date": "2019-11-16", "day_start": "2019-11-16T04:00:00+00:00", "day_end": "2019-11-17T03:59:00+00:00", "rooms": {"The Gallery": [{"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/AMYZFJ/", "id": 143, "guid": "d7e4fc9c-2d16-5cd7-ad4b-6fde84065654", "date": "2019-11-16T09:30:00+00:00", "start": "09:30", "logo": null, "duration": "00:10", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-143-cloud-native-rejekts-kick-off-", "title": "Cloud Native Rejekts Kick-off!", "subtitle": "", "track": null, "type": "Opening", "language": "en", "abstract": "The opening session of CLoud Native Rejekts NA 2019", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "4967f7d9-f800-5a78-a9e8-d2f363599a20", "id": 2, "code": "FBJ7DG", "public_name": "Chris Kuehl", "avatar": null, "biography": "Chris is co-founder and CEO at Kinvolk. He started his open source journey over 15 years ago, becoming a maintainer in the GNOME project. Since founding Kinvolk, he's worked as an engineer on projects like rkt, initiated Flatcar Linux, Kinvolk's container-oriented OS, and Lokomotive, its Kubernetes distribution. He also founded and organizes the Cloud Native Rejects and All Systems Go! conferences. Chris has a singular focus to establish Kinvolk as the most trusted open source participant in the Cloud Native community.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/SQ9DWX/", "id": 78, "guid": "a5d398f7-fba2-5008-9457-9a7851169d75", "date": "2019-11-16T09:45:00+00:00", "start": "09:45", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-78-advanced-interactions-with-kubernetes-as-taught-by-helm-", "title": "Advanced Interactions with Kubernetes (As Taught by Helm)", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Come learn about some of the gotchas and deep internals you'll have to deal with when extending or building on top of Kubernetes. Using some of the Helm code as a backdrop, this talk will dive into the nitty gritty details of checking the status of various workload API objects, complex patching needs, validation, and more!", "description": "Helm is well-known as the package manager for Kubernetes. However, it is less well-known as a showcase for advanced interactions with the Kubernetes libraries and APIs. If you are interested in extending or building on top of Kubernetes, this talk will help you get you acquainted with various Kubernetes libraries and show concrete examples of complex interactions with those libraries. \r\n\r\nThis talk will be highly technical and focused on how to perform various work in Kubernetes with examples from Helm (though no prior experience with Helm is required). These examples will at least include the following, if not more:\r\n- How to handle multiple API versions (such as all of the Deployment object apis and versions)\r\n- Properly using and retrieving the correct statuses of objects (basically how the wait functionality works)\r\n- 3 way patching\r\n- Object building (including unstructured types and how to convert them)\r\n- Validation\r\n- Discovery client and cache invalidation\r\n- How to use some of the more obtuse/little-known k8s packages", "recording_license": "", "do_not_record": false, "persons": [{"guid": "64503695-7036-5758-b822-b1dbd13ffd19", "id": 77, "code": "H9WQHF", "public_name": "Taylor Thomas", "avatar": "https://cfp.cloud-native.rejekts.io/media/profile_d5ZCOp7.png", "biography": "Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys hiking and camping. He has given talks at several KubeCons, Velocity Conf and Helm Summit on a wide variety of container and cloud native related topics.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/B37JMM/", "id": 141, "guid": "ea9ac8ad-fea5-5ff5-be43-488d001bdc1e", "date": "2019-11-16T10:25:00+00:00", "start": "10:25", "logo": "https://cfp.cloud-native.rejekts.io/media/cloud-native-rejekts-na-2019/images/B37JMM/Get_past_the_defaultsTitle_slide.png", "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-141-get-past-the-default-configs-lessons-from-the-k8s-security-audit", "title": "Get Past the Default Configs: Lessons from the k8s Security Audit", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "The Kubernetes security audit turned up some bugs in Kubernetes, but did you know it also includes important security advice for end users? Find out about the security recommendations from the audit and learn how you can apply them in your apps today.", "description": "Once you get your Kubernetes deployments and services up, it\u2019s tempting to take a break. But don\u2019t stop with the default configurations\u2014k8s has a ton of built-in options and features you can use to improve your security.\r\n\r\nUsing the Kubernetes security audit whitepaper as a guide, we\u2019ll discuss what controls you can apply to make your apps more secure. We\u2019ll pick apart the security context and see how to run deployments with read-only root file systems, non-root users, and limited capabilities. Then we\u2019ll dig into features like network policies, RBAC, and admission control; configs like resource limits; and practices like namespacing and consistent metadata. And, of course, we\u2019ll learn how these help you deliver a more reliable and secure app.\r\n\r\nUsing all we\u2019ve learned, we\u2019ll see how native Kubernetes security controls help you block entire classes of vulnerabilities in a live demonstration.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9477b9ae-3b5a-5740-b567-424968cf57c9", "id": 121, "code": "HEKFNV", "public_name": "Connor Gilbert", "avatar": "https://cfp.cloud-native.rejekts.io/media/ConnorGilbertHeadshotSquareCroppedDownsized.jpg", "biography": "Connor Gilbert is a product manager at StackRox, a Kubernetes security company. He recently spoke at BSides SF about achieving least-privilege configurations in Kubernetes, hosted a CNCF webinar on operationalizing Kubernetes security controls, and co-presented on related security threats at Google Next. Connor previously worked in software engineering at StackRox. Before that, as Security Research Scientist at Qadium (now Expanse), he built tools to uncover network perimeter exposures and conducted DARPA Internet security research. His formal training is in computer science. He first discovered Kubernetes in 2015 and has been using it ever since.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/TZY3HR/", "id": 147, "guid": "912bb736-12f1-59c1-bbb2-416cff40383f", "date": "2019-11-16T11:20:00+00:00", "start": "11:20", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-147-flatcar-container-linux-continuing-the-coreos-legacy", "title": "Flatcar Container Linux: Continuing the CoreOS Legacy", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "This session will introduce Flatcar Container Linux, the secure operating system for running containers at scale, based on the pioneering work of CoreOS. We cover the origins, current status, and roadmap of the Flatcar project, and will demonstrate a seamless upgrade from CoreOS Container Linux.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "83dc238d-63dc-5598-a7cf-12d0344c26f7", "id": 142, "code": "WLGPRY", "public_name": "Andrew Randall", "avatar": null, "biography": null, "answers": []}, {"guid": "ac91207a-6035-596a-b58a-0c1eb3d2285b", "id": 143, "code": "PAUTM8", "public_name": "Iago L\u00f3pez Galeiras", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/570c2ccda735b70e6bbd4b0d5b17c0d7_xA1cY4P.jpg", "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/UZ8RTH/", "id": 75, "guid": "c912e58c-cc23-580c-841e-9d11ab636650", "date": "2019-11-16T12:00:00+00:00", "start": "12:00", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-75-why-you-shouldn-t-build-a-kubernetes-operator", "title": "Why you shouldn't build a Kubernetes Operator", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Since its origins at CoreOS and flowering at Red Hat, the Operator pattern has seen lots of explication and promotion -- rightly so. It's a pattern for extending Kubernetes, built from key Kubernetes components and concepts. But it's not right for every application in every case. This talk will help developers make informed choices about when they do, and when they don't, need to extend Kubernetes to get the features their app needs.", "description": "Kubernetes scales and manages stateless applications quite easily. Stateful applications are trickier. Databases, caching systems, and file stores must be dynamically managed with data intact, and often come with their own notion of clustering. Operators are Kubernetes agents that know how to deploy, scale, manage, backup, and even upgrade complex, stateful applications. But not every stateful case needs an Operator; from ConfigMaps to StatefulSets, core Kubernetes abstractions overlap with lower-level Operator functionality, and sometimes an application-specific Operator isn't the right choice. This talk will compare and contrast the Operator pattern with native abstractions to help you know why you shouldn't (or should) build a Kubernetes Operator.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "c509a781-8fcc-5c2e-a3d7-580557f2e502", "id": 47, "code": "DCCZD9", "public_name": "Josh Wood", "avatar": "https://cfp.cloud-native.rejekts.io/media/jx-idca.jpg", "biography": "Josh Wood is a Developer Advocate for Red Hat\u2019s OpenShift Container Platform. He was formerly responsible for documentation at CoreOS. He is passionate about constructing the future of utility computing with open source technologies like Kubernetes. When procrastinating, Josh enjoys photographing polydactyl cats and writing short autobiographies.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/7SMSYV/", "id": 125, "guid": "04fc3a60-d3a5-533a-904d-8b1f37f26cb6", "date": "2019-11-16T14:05:00+00:00", "start": "14:05", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-125-we-ve-made-quite-a-mesh", "title": "We've Made Quite A Mesh", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Kubernetes already has many properties of a primitive service mesh.  Can we make the system better by leaning into this idea?", "description": "There's been a lot of excitement (good & bad) about service meshes, and some people believe that they are the best/only way to tackle the hard problems. There are debates about whether Kubernetes should embrace any particular mesh API or whether we really need a mesh at all. Some users are worried about the complexity of adding service meshes to their Kubernetes clusters, but see few alternatives for multi-cluster environments.\r\n\r\nWe argue that Kubernetes ALREADY HAS a service mesh, albeit a primitive one, and that we should not shy away from thinking of it as such.\r\n\r\nKubernetes APIs already cover many of the things that people think of when they consider meshes. As more and more users face problems that span kubernetes clusters, these mesh-like properties become more visible, and it may be that the solutions to some of our harder problems will be found by leaning into the idea of a mesh.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "75fc4d34-d09d-5431-8bad-4146bcdf449e", "id": 112, "code": "PXK7NC", "public_name": "Tim Hockin", "avatar": "https://cfp.cloud-native.rejekts.io/media/tim_bluhm_2009_small.jpg", "biography": "Tim is a principal software engineer at Google, where he works on Kubernetes and Google Container Engine (GKE).  He has been part of the Kubernetes project since before it was open-sourced, and pays attention to topics like networking, storage, node, multi-cluster, resource isolation, and cluster sharing.  Before Kubernetes, he worked on Google's Borg and Omega projects as well as the Linux Kernel, and before that he enjoyed playing at the boundary between hardware and software in Google's production fleet.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/YAWJME/", "id": 79, "guid": "a1a90ad6-eea3-56d7-a940-f2ad1d3f936d", "date": "2019-11-16T14:45:00+00:00", "start": "14:45", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-79-how-to-make-istio-work-with-your-apps", "title": "How to Make Istio Work With Your Apps", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "The Istio service mesh promises to solve or ease many of the pain points around scaling and securing microservice architectures by giving key tools to make your Kubernetes cluster deployments play nice with each other, but getting some applications to play nice with Istio can be its own major challenge.  For those considering Istio or who want to be on the lookout for pitfalls when starting adoption, this talk will highlight possible roadblocks to your move to Istio and offer both short-term workarounds and long-term fixes to reduce headaches and make sure you can get the most out of Istio at any stage.", "description": "The potential of Istio has generated a huge amount of excitement, but its widespread adoption is hindered in large part by its often-vertical learning curve, extreme operational complexity, and the fast rate of change in its frequent releases.  The official Istio documentation has some great examples that demonstrate what Istio can do, but less information exists about what it is not well suited to and how to coax it into working with applications not designed with Istio in mind. This talk will cover these problem areas and common stumbling blocks, suggesting compromises to ease the migration and deeper changes to make your applications first-class citizens in Istio.\r\n\r\n* Highlight application port and Kubernetes service configurations that are incompatible with Istio or the Envoy proxy out of the box, like mixed-use back-end container ports or headless services\r\n* Talk about how to handle pod lifecycle race conditions introduced by the istio-proxy sidecar container\r\n* Discuss why API and web clients may have connection problems when services move to Istio\r\n* Where to look and what to check when your changes do not \u201cjust work\u201d\r\n* Longer-term strategies for making Istio ready for your application teams (and vice versa) while finding ways to manage Istio itself and the applications you run on the service mesh, especially given the maturing project\u2019s frequent and sometimes-breaking releases", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9e968d91-68a0-5ecd-af42-32ad52e2356a", "id": 78, "code": "ZGVGCN", "public_name": "Karen Bruner", "avatar": null, "biography": "After a couple decades on-call, Karen has developed a phobia of not getting enough sleep. She spends her spare time rendering puns in yarn, learning obscure fiber crafts, and tripping over cats.\r\n\r\nKaren also has a blog, where she shares techniques, stories, and rants about running web services using DevOps principles, [The Nightmare Before DevOps](https://nightmare-before-devops.xyz/).", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/HYEW3M/", "id": 61, "guid": "68cefd5e-85ce-509a-8741-445f68a818f9", "date": "2019-11-16T15:25:00+00:00", "start": "15:25", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-61-code-fast-and-test-accurately-without-kubectl", "title": "Code Fast and Test Accurately Without Kubectl", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "As cloud native software continues to grow and mature, code bases become larger and more complicated. What used to be simple build workflows with some Makefiles, now spans across multiple repositories and registries and CI/CD systems. As a Kubernetes developer, jumping through hoops to test your code change on remote clusters can be frustrating. The commands to learn, the build scripts to debug, the clusters policies to remember and the builds wait times are all nuisances which distract from development and don\u2019t help with the delivery progress. In this talk, Ivan and Dan will share some lessons learned on identifying development workflow bottlenecks, and how we utilize Tilt to streamline the Linkerd development workflow, where Tilt makes \u201cgetting started\u201d boring and the developers will feel \u201cright at home\u201d both when writing code on their laptops as well as remotely in the cloud.", "description": "The developers\u2019 daily development experience is one of the most underserved areas in the cloud native ecosystem. Virtualization, networking, CI, and observability tools keep improving, but they only help cluster administrators. There's been fewer improvements to make the developer's inner loop more cloud native. Developers have to learn CLI tools like kubectl, Docker and Helm just to see the effect of their code change. Hurdles like remote cloud access, rewriting image names and tags, cloud policy configurations etc. increase the microservice tax on development.\r\n\r\nIn this talk, we want to share with our peer developers the importance of a tight inner loop, ways to identify bottlenecks in their workflow, and practical tips on how to code faster and test more accurately. Using a substantial code base like that of Linkerd, we will demonstrate how Tilt serves both the core maintainers and open source contributors by reducing the \u201cGetting Started\u201d guide to a single command, minimizing build wait times through automatic live updates mechanisms, and automating away mundane tasks like building, pushing and tagging images.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "080e8e95-c5ed-5d7b-acd8-0bcbaddca1ac", "id": 61, "code": "LXMZ7N", "public_name": "Ivan Sim", "avatar": "https://cfp.cloud-native.rejekts.io/media/6_crop.jpg", "biography": "Ivan Sim is a software engineer at Buoyant. He is currently working on the open source Linkerd project. He likes working with the Linkerd community by answering their questions on Slack, and reviewing their GitHub PRs. He is passionate about helping users to adopt Linkerd to solve their production environment problems. Prior to joining Buoyant, Ivan had the opportunity to work as DevOps lead and engineer with teams across North America, Europe and Asia to help them manage their cloud environments.", "answers": []}, {"guid": "16f224fb-90a8-5cdb-9d29-45fcdac14a28", "id": 125, "code": "X7NVVU", "public_name": "Daniel Bentley", "avatar": "https://cfp.cloud-native.rejekts.io/media/dbentley.jpg", "biography": "Dan's a software engineer who's currently CEO of Tilt, a microservice development engine. Before that, he spent 13 years at Google and Twitter. He's opened for the Who and has checks from Donald Knuth.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/WABBHC/", "id": 120, "guid": "be5854cf-2d00-553b-b999-57aa523fdab4", "date": "2019-11-16T16:20:00+00:00", "start": "16:20", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-120-building-auto-devops-for-production-grade-databases-on-kubernetes", "title": "Building auto DevOps for production grade databases on Kubernetes", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "On production databases, the data patterns keep changing as the time progresses. CI pipelines need to have access to the latest data or closer to the latest data for effective testing. As Enterprises and FinTechs start to use Kubernetes and microservices-based architecture, their DevOps teams would like to solve two challenges that are well known in the pre-Kubernetes era. The first challenge is to automate the data lifecycle between production and testing. The second challenge is to give developers instantaneous access to the failed environment when the CI pipeline fails. Solving these two challenges in the Kubernetes space will make the DevOps more productive in enterprises. \r\n\r\nIn this practical tutorial of auto DevOps, we demonstrate the construction of GitLab based CI pipeline and show the best practices for the data life cycle management through the use of cloud-native technologies.", "description": "Cloud-native developers and DevOps admins who are using Kubernetes and using any stateful databases. The audience will see the live construction of a GitLab based CI pipeline for large scale stateful application that is in live production. They are expected to gain insights into the best practices around constructing CI pipelines, data life cycle management and techniques around copy data management for live production databases. DevOps admins will gain insights into best practices of injecting chaos and assessing the resiliency of Kubernetes deployments in production. We will demonstrate the end-to-end procedure of building a chaos experiment, injecting both in pipelines (CI) as well as in production (CD) and show the resiliency assessment techniques. The DevOps audience will get the first-hand experience around best practices of auto DevOps and cloud-native chaos engineering.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "422eef2c-de2a-5665-9bb7-d2b39493fa50", "id": 109, "code": "LJQUZL", "public_name": "Uma Mukkara", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/LJQUZL_4OHkQiC.jpg", "biography": "Uma Mukkara manages the operations of a large SaaS platform called app.mayaonline.io that runs on Google cloud. MayaOnline is built using Kubenetes, Prometheus, OpenEBS and other cloud native technologies. Uma and his team continue to build strong DevOps practices around operations of this platform. \r\n\r\nUma contributes heavily to OpenEBS design and documentation. Uma often speaks in local open source meetups about Kubernetes, DevOps, and OpenEBS. Data management around Kubernetes is his passion and drives innovations around data mobility in the cloud operations that happen through OpenEBS DirectorOnline.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/XKTHZU/", "id": 85, "guid": "8c76ae4a-2a78-5e29-95e4-a3599131d043", "date": "2019-11-16T17:00:00+00:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-85-everything-you-needed-to-know-about-kubernetes-tls-but-were-afraid-to-ask", "title": "Everything You Needed to Know about Kubernetes TLS, But Were Afraid to Ask", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Do you know how to inspect Kubernetes TLS when it's broken and identify what the problem is?  Maybe not as well as you think -- but you're in good company: even experienced admins often don't know the basics.  Let's fix that.", "description": "In this session Joe Thompson starts with a quick level-setting \"TLS 101\" and then dives in to examining TLS in a live Kubernetes cluster, focusing on the way cluster components use TLS and showing what various kinds of issues look like and how to use standard tools available to any admin to diagnose them.  You'll also get practical general advice for managing TLS in your environment, including how (and when) to be your own certificate authority.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "51b581b0-2077-5d3a-9e1e-6d7ee93dbe59", "id": 85, "code": "FBP8AK", "public_name": "Joe Thompson", "avatar": "https://cfp.cloud-native.rejekts.io/media/kensey-cropped_vMxxnGt.png", "biography": "I'm a solutions architect for D2iQ (formerly Mesosphere). Prior to D2iQ, I worked at Capital One, CoreOS and Red Hat (among others), providing practical solutions and training in and for Kubernetes and other cloud environments. I was a speaker at KubeCon NA 2017 and 2018 and frequently present at the DC-area NoVa Kubernetes meetup. My experience in IT operations and engineering stretches from present-day cloud and virtualization back to before people \"Googled\" things, and my blood type is caffeine-positive.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/AVUEDB/", "id": 124, "guid": "6bdbfce7-206d-5776-8363-b6867126b91f", "date": "2019-11-16T17:40:00+00:00", "start": "17:40", "logo": null, "duration": "00:05", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-124-on-inclusivity-and-cloud-native-technology", "title": "On Inclusivity and Cloud Native Technology", "subtitle": "", "track": null, "type": "Lightning talk", "language": "en", "abstract": "Powerful cloud native technologies are emerging and proliferating to address the needs of modern apps and their users' expectations. Things is, many require writing Go code and expertise with the internals of K8s or lots of static YAML. We can and need to do better. We need to find ways to make these powerful technologies easier to deploy and more inclusive to a broader range of technologists.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "7076feaf-625d-5533-8a18-3b56851d54cb", "id": 86, "code": "JRLSF7", "public_name": "Tim Appnel", "avatar": "https://cfp.cloud-native.rejekts.io/media/Tim-Appnel-Headshot.jpg", "biography": "Timothy Appnel is a Senior Product Manager, product evangelist and \"Jack of all trades\" on the Ansible team at Red Hat. Tim is an old-timer in the Ansible community that has been contributing since version v0.5. The synchronize module in Ansible is all his fault.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/7GDAMF/", "id": 137, "guid": "412f615a-90a7-57d8-afac-5a7e213c8e86", "date": "2019-11-16T17:45:00+00:00", "start": "17:45", "logo": null, "duration": "00:05", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-137-how-to-do-load-balancing-on-bare-metal-clusters-with-source-ip-preservation", "title": "How to do load balancing on bare metal clusters with source IP preservation", "subtitle": "", "track": null, "type": "Lightning talk", "language": "en", "abstract": "This talk will explain the typical problems faced when solving this and show an answer to this frequently asked question. For this talk I will use metalLB and Contour as examples and a demo on packet.com", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "b2db5979-36fe-521c-bdcc-ab59fec47510", "id": 31, "code": "8FGAEA", "public_name": "Suraj Deshmukh", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/5815795_TXtUwZ4.jpeg", "biography": "Suraj works for Kinvolk and has mainly focused on the security aspect of Kinvolk\u2019s Kubernetes distribution, Lokomotive. He has helped internal teams with PSP adoption for the client applications.\r\n\r\nApart from his day job, he contributes to k8s & k8s docs, helm charts, etc. He is the organizer of the Kubernetes Bangalore Meetup. He has spoken at various local meetups and conferences like FOSDEM, Devconf India, Rootconf India, Pycon India, etc.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/APC7LL/", "id": 111, "guid": "17fe4e15-8ea1-5622-839a-51b85d24ff8e", "date": "2019-11-16T17:50:00+00:00", "start": "17:50", "logo": null, "duration": "00:05", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-111-hosting-a-helm-repository-on-github-pages", "title": "Hosting a Helm repository on github pages", "subtitle": "", "track": null, "type": "Lightning talk", "language": "en", "abstract": "What if you could have your Helm charts directly updated and hosted on Github pages after each new commit?", "description": "Hosting a helm repository does not have to be complicated nor involve running a dedicated web server for that!\r\n\r\nActually, hosting static files in the only requirements to host a Helm repository, and what is the most commonly used static file hosting service among developers? Github it is !\r\n\r\nIn this quick presentation, we'll see\r\n* what a helm chart repository is at its core (spoiler alert: it's pretty straightforward!)\r\n* what key helm CLI commands are necessary to build / update a helm repo\r\n* how to integrate those commands in a nice CI environment for auto update of the Helm repository on commit!", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f58ba6cf-b32e-500e-bea3-4263af20ee57", "id": 102, "code": "CRAXU7", "public_name": "Anthony Dahanne", "avatar": null, "biography": "Software Developer for 10+ years, my favorite topics are containerization (Docker and Kubernetes), building tools, Continuous Integration and, of course, core Java development.\r\n\r\nWorking for Adaptive, I currently work on CI, containerization and deployment of our products.\r\n\r\nOn my spare time, I work on various open source projects: from Twitter bots written in NodeJS, to Android apps - with of course their corresponding Docker images if possible :-)", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/GTANGG/", "id": 67, "guid": "b1792a59-75d2-5048-8126-3c41df1ce506", "date": "2019-11-16T18:00:00+00:00", "start": "18:00", "logo": "https://cfp.cloud-native.rejekts.io/media/cloud-native-rejekts-na-2019/images/GTANGG/octant-logo.png", "duration": "00:05", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-67-using-octant-to-fix-a-kubernetes-workload", "title": "Using Octant to Fix a Kubernetes Workload", "subtitle": "", "track": null, "type": "Lightning talk", "language": "en", "abstract": "Wayne will show the audience how they can use the features of Octant to identify Kubernetes workloads that are having problems and how they can use Octant to fix their workloads.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "d629bbf1-ae1b-56dc-af1c-d9bf00cfb577", "id": 69, "code": "CBUMSC", "public_name": "Wayne Witzel III", "avatar": "https://cfp.cloud-native.rejekts.io/media/imageedit_6_9263286694.jpg", "biography": "I am a Senior Member of Technical Staff at VMware working on Octant. I live on a small farm in Durham, North Carolina with my wife Jessa. We have goats, ducks, and chickens.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/PDFWCS/", "id": 123, "guid": "6dad7f25-49a0-52a1-bba4-c8251a1c427b", "date": "2019-11-16T18:05:00+00:00", "start": "18:05", "logo": null, "duration": "00:05", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-123-automating-multi-cluster-deployments-with-ansible", "title": "Automating Multi-Cluster Deployments with Ansible", "subtitle": "", "track": null, "type": "Lightning talk", "language": "en", "abstract": "This session will demonstrate how Ansible along with its built-in templating and k8s module can be used for rapid, repeatable and consistent deployments to any Kubernetes cluster.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "7076feaf-625d-5533-8a18-3b56851d54cb", "id": 86, "code": "JRLSF7", "public_name": "Tim Appnel", "avatar": "https://cfp.cloud-native.rejekts.io/media/Tim-Appnel-Headshot.jpg", "biography": "Timothy Appnel is a Senior Product Manager, product evangelist and \"Jack of all trades\" on the Ansible team at Red Hat. Tim is an old-timer in the Ansible community that has been contributing since version v0.5. The synchronize module in Ansible is all his fault.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/ZRHNCK/", "id": 68, "guid": "4175af48-ec6a-5e82-a75f-65975967c214", "date": "2019-11-16T18:10:00+00:00", "start": "18:10", "logo": null, "duration": "00:05", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-68-maintain-remote-copies-of-local-pv-a-lesson-for-rainy-days-", "title": "Maintain Remote copies of Local PV - a lesson for rainy days.", "subtitle": "", "track": null, "type": "Lightning talk", "language": "en", "abstract": "In this talk, Chandan will present his observations on using local PV in production for saving ElasticSearch Data. While Local PV has a big disclaimer to be used with applications that can support data management, Local PV is the performant storage solution that is available today.\r\n\r\nAs we get lured into its performance, we have to watch out for some of the common disasters that can hit really hard - if left unchecked. Chandan will list the different challenges or shortcomings of the Local PV along with the available Open Source solutions and tools to address them.\r\nFor example, data protection can be achieved via Restic or Velero.", "description": "This talk will help all the kubernetes users who have been using the local PV in production for better performance but are worried about long term data management. In the talk, Chandan will share his experience with local PV in production, as well as measures he took to ensure nothing is lost during worst-case scenarios.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "d9d81711-d608-598a-bc3b-18cb77521b42", "id": 64, "code": "VHDCMU", "public_name": "Harshvardhan Karn", "avatar": "https://cfp.cloud-native.rejekts.io/media/condayeu2019-karn-sumit_dNnd17Q.jpg", "biography": "Harshvardhan Karn is a Software Engineer at MayaData Inc. company behind OpenEBS, a CNCF Sandbox project. His day job includes working on MayaOnline, a SaaS platform. He mostly writes codes in Go, Java, and JavaScript. With his expertise in ARM, he with his team is working on building OpenEBS for ARM Kubernetes. His craziness for ARM led him to speak at ContainerDays 2019, Europe.", "answers": []}, {"guid": "11ce398a-33d4-55fd-80f1-660d5896d57c", "id": 139, "code": "NDSRUP", "public_name": "Jeffry Molanus", "avatar": null, "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}], "The Theater": [{"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/8JSNVG/", "id": 142, "guid": "19c32810-ceb3-52e4-86bd-563484d7c8a4", "date": "2019-11-16T10:25:00+00:00", "start": "10:25", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-142-building-blocks-dynamic-provisioning-of-kubernetes-local-pv", "title": "Building Blocks: Dynamic provisioning of Kubernetes Local PV", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "How to dynamically provision Kubernetes Local PV by OpenEBS, with managing the life cycle of block devices for Local PVs", "description": "With the Local Persistent Volume plugin, Kubernetes workloads can now consume high performance local storage. While Local Persistent Volumes provide many benefits, they also require careful planning and careful consideration of constraints before committing to them in production (ref Kubernetes.io). The Dynamic Local PV Provisioner can be configured to create a Local PV with either a subpath or the entire disk.\r\n\r\nIn talk will go over how we are performing dynamic provisioning of local PVs, how the provisioner manages them, how we are managing block devices for them.  It will also include a demo of the data agility of these new types of volumes. By the end of the talk, you will know why, how and when to use Local PVs with the dynamic provisioner.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f37bc1a7-9ff6-5d06-adc5-c4601206ec27", "id": 104, "code": "NQMQGM", "public_name": "Amit Kumar Das", "avatar": "https://cfp.cloud-native.rejekts.io/media/Amit_Profile_Picture.jpeg", "biography": "Amit is the director of engineering at cloud storage specialists MayaData, where he works on various open source projects including OpenEBS and MetaController. In his past life, he was a contributor to openstack cinder and apache cloudstack projects. When not writing code, or talking about it, Amit loves practising his manga (a style of Japanese comic books and graphic novels) skills.", "answers": []}, {"guid": "347f4946-8ca5-5365-8b75-43e7163d6724", "id": 110, "code": "QWLBBW", "public_name": "Murat Karslioglu", "avatar": "https://cfp.cloud-native.rejekts.io/media/IMG_6557.jpg", "biography": "Murat Karslioglu is a technologist, and infrastructure architect with over 20 years of experience in storage, distributed systems, and enterprise infrastructure development.\r\n\r\nMurat is currently one of the maintainers of OpenEBS project. He is a Kubernetes enthusiast, blogger, author and passionate about open-source. After 20 years in IT he \"still\" loves to learn and code.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/G3MSXN/", "id": 95, "guid": "1411c486-7162-577a-8b13-cb776db38c16", "date": "2019-11-16T11:20:00+00:00", "start": "11:20", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-95-elastic-pod-autoscaling-with-nodeless-kubernetes", "title": "Elastic Pod Autoscaling with Nodeless Kubernetes", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Nodeless Kubernetes solutions like virtual-kubelet and virtual-cri (with cri-proxy) eliminate the need for configuring cluster capacity management and maintenance woes associated with pet worker nodes. This talks goes over two ways to implement nodeless architecture, lists pros and cons associated with the two approaches, and demonstrates how Horizontal Pod Autoscaler and Vertical Pod Autoscaler enable agile autoscaling in Nodeless world.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f208128d-41c8-5c49-83f7-43f9432a17be", "id": 91, "code": "WV37AZ", "public_name": "Madhuri Yechuri", "avatar": null, "biography": "Madhuri is a systems engineer with 19 years experience in database server technologies (Oracle), virtualization (VMware), and container technologies (ClusterHQ) before founding Elotl. Madhuri received her Masters in Computer Science from Indiana University Bloomington, and Bachelors in Computer Science from Indian Institute of Technology Kharagpur.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/VENJGD/", "id": 94, "guid": "edd7d0be-2ec5-5e86-a594-b5620b002206", "date": "2019-11-16T12:00:00+00:00", "start": "12:00", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-94-what-we-ve-learned-building-a-multi-region-dbaas-on-kubernetes", "title": "What We\u2019ve Learned Building a Multi-Region DBaaS on Kubernetes", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Running geo-distributed clusters on Kubernetes presents no shortage of challenges: it complicates networking and service discovery; it mandates the use of stateful sets and persistent volumes; and it requires cleverness to navigate node pools and firewalls. Here's what we learned along the way.", "description": "When the engineers at Cockroach Labs started development on a global Database as a Service (DBaaS), they weren\u2019t sure if Kubernetes would be the right choice for the underlying orchestration system. They wanted to harness Kubernetes\u2019s powerful orchestration capabilities, but building a system to run geo-distributed Cockroach clusters on Kubernetes presents unique challenges: First, the clusters must run across multiple regions, complicating networking and service discovery. Second, the clusters must store data, requiring the use of stateful sets and persistent volumes. Third, the system must programmatically create Kubernetes clusters on AWS and GKE, which have different APIs for node pools and firewalls. In this presentation, they share their experience of overcoming these challenges to build a global DBaaS.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "315ff42d-fd2a-5eba-948d-1841eac5bf04", "id": 90, "code": "EW8SXW", "public_name": "Carlo Salomon Ruiz", "avatar": "https://cfp.cloud-native.rejekts.io/media/carlo_ruiz.jpg", "biography": "Josh spent his college years programming robots to play soccer in the RoboCup SPL league. There, he learned to love when very complicated computer systems break. This passion for broken computers led him to take an SRE job at Google working on source control systems. Six months ago he moved to Cockroach Labs to work on a DBaaS. Josh enjoyed Borg while at Google and has since spent many long hours puzzling over the strange land of Kubernetes. Josh can often be found roaming the Cockroach Labs NYC office yelling about things like strange node pool API semantics much to the confusion of his coworkers who don\u2019t work on Kubernetes.", "answers": []}, {"guid": "0462bdee-f09d-5cb2-8948-870be0bb699c", "id": 129, "code": "BMMNYZ", "public_name": "Pete Vilter", "avatar": null, "biography": "Pete is a software engineer at Cockroach Labs.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/VDAQ8G/", "id": 148, "guid": "39c7c11e-1bb0-599e-8e4f-68cb6a3abe8d", "date": "2019-11-16T14:05:00+00:00", "start": "14:05", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-148-effortlessly-deploy-and-scale-managed-kubernetes-on-a-baremetal-cloud", "title": "Effortlessly deploy and scale Managed Kubernetes on a Baremetal Cloud", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Witness Cody Hill, Field CTO at Packet and former Director of Technology at Platform9. Combining his love for both companies into a seamless managed Kubernetes offering on world class Baremetal as a Service! Learn how to use Platform9 Managed Kubernetes as well as Packet\u2019s Baremetal Cloud. And see a fully automated deployment of both of these together! And we\u2019ll wrap up with a Q&A", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "01e2bd57-7cdb-5103-bc55-27a304c09856", "id": 144, "code": "ZWPZ3E", "public_name": "Cody Hill", "avatar": "https://cfp.cloud-native.rejekts.io/media/cody_hill_UGmLhK5.jpeg", "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/PYPGWW/", "id": 140, "guid": "5c4bb3a6-66ed-5b7f-a826-1c74c2b9399c", "date": "2019-11-16T14:45:00+00:00", "start": "14:45", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-140-lokomotive-kubernetes-filling-the-gap-between-secure-cutting-edge-and-production-grade-clusters", "title": "Lokomotive Kubernetes: Filling the gap between secure, cutting-edge and production-grade clusters", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "This talk introduces Lokomotive Kubernetes: an open source kubernetes distribution inspired by CoreOS Tectonic and built to run on Flatcar Container Linux, filling the gap between secure, cutting-edge and production-grade clusters.", "description": "This talk will introduce you to Lokomotive Kubernetes, an Opensource Kubernetes distribution inspired by CoreOS Tectonic and built to run on Flatcar Container Linux.\r\n\r\nThe new kid in town runs a self-hosted control-plane, is designed with security in mind (using PSPs too, Calico's security policy). It has support for experimental Linux kernel features using Flatcar Container Linux Edge channel. And it provides a solid base to run your production clusters as it is already handling >100000 requests per second of business-critical traffic.\r\n\r\nThis talk will give a technical overview of the distribution, the supported platforms, demo on how to deploy it and showcase the security features of it.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "b2db5979-36fe-521c-bdcc-ab59fec47510", "id": 31, "code": "8FGAEA", "public_name": "Suraj Deshmukh", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/5815795_TXtUwZ4.jpeg", "biography": "Suraj works for Kinvolk and has mainly focused on the security aspect of Kinvolk\u2019s Kubernetes distribution, Lokomotive. He has helped internal teams with PSP adoption for the client applications.\r\n\r\nApart from his day job, he contributes to k8s & k8s docs, helm charts, etc. He is the organizer of the Kubernetes Bangalore Meetup. He has spoken at various local meetups and conferences like FOSDEM, Devconf India, Rootconf India, Pycon India, etc.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/QCPQZL/", "id": 87, "guid": "1c86cef9-a92f-5d0b-8b52-8f6af77801ab", "date": "2019-11-16T15:25:00+00:00", "start": "15:25", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-87-building-kubernetes-operators-in-an-ansible-native-way", "title": "Building Kubernetes Operators in an Ansible-native way", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Learn how Ansible can help developers quickly ramp up to build Operators to automate and manage the life cycle of complex Kubernetes applications.", "description": "Operators simplify management of complex applications on Kubernetes. They are usually written in Go and require expertise with the internals of Kubernetes. But, there's an alternative to that with a lower barrier to entry. Ansible is a first class citizen in the Operator SDK. Using Ansible frees up application engineers, maximizes time to automate and orchestrate your applications, and doing it across new & existing platforms with one simple language. Here we see how.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "7076feaf-625d-5533-8a18-3b56851d54cb", "id": 86, "code": "JRLSF7", "public_name": "Tim Appnel", "avatar": "https://cfp.cloud-native.rejekts.io/media/Tim-Appnel-Headshot.jpg", "biography": "Timothy Appnel is a Senior Product Manager, product evangelist and \"Jack of all trades\" on the Ansible team at Red Hat. Tim is an old-timer in the Ansible community that has been contributing since version v0.5. The synchronize module in Ansible is all his fault.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/377BS9/", "id": 145, "guid": "3e7120a8-e71d-5741-ab81-f89833c92c87", "date": "2019-11-16T16:20:00+00:00", "start": "16:20", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-145-still-waiting-for-ipv6-get-ingress-to-any-kubernetes-cluster-with-inlets", "title": "Still waiting for IPv6? Get ingress to any Kubernetes cluster with inlets", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "There are numerous reasons why you may not have incoming network access (ingress) to your Kubernetes cluster. You may be behind carrier-grade NAT, sitting in a coffee shop, working on a client\u2019s site, or just not quite sure how you\u2019d benefit from it. IPv6 is one way this problem will be addressed in the future, but the dream has not yet arrived..\r\n\r\nIncoming data is important for local dev/test and for the edge, which is why closed-source tooling like Ngrok is so popular amongst developers. You can integrate systems and share your local endpoints with others.\r\n\r\nIn this session Alex will demonstrate a new Kubernetes Operator built on the Open Source inlets project that means that any private or dev cluster can get a public IP and incoming network access - from the Internet or another private network.\r\n\r\nSo whether you\u2019re running code in Docker, Minikube, KinD, k3s, or with kubeadm on bare-metal, come to see a live demo of the inlets-operator turning LoadBalancer IPs from \u201cPending\u201d to real IPv4 addresses.\r\n\r\nhttps://inlets.dev/", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "0c2fc921-1f5d-50ae-ad3f-10b45bda0329", "id": 134, "code": "3GJLNN", "public_name": "Alex Ellis", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/lP1sBvo1_400x400_e7WkYxE.png", "biography": "Alex is a respected expert on serverless and cloud native computing. He founded OpenFaaS, one of the most popular open-source serverless projects, where he has built the community via writing, speaking, and extensive personal engagement. As a consultant and CNCF Ambassador, he helps companies around the world build great developer experiences and navigate the cloud native landscape.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/89T73S/", "id": 134, "guid": "aa2585f8-5e4d-5ece-9620-f282d4511bf4", "date": "2019-11-16T17:00:00+00:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-134-unleashing-the-power-of-kubectl-kustomize", "title": "Unleashing The Power of Kubectl Kustomize", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Kubernetes objects and configuration management can be tedious and prone to human error. And as deployments grow they tend to suffer from configuration drift..   This presentation will show how in house developers have used Kustomize with MayaData Director to manage configuration issues and then present a quick demo showing how Kustomize makes it easy to manage, generate and compose Kubernetes object YAMLs in a declarative fashion.", "description": "The most basic way to manage objects is through Kubectl configuration templates. However, since Kubectl 1.14, objects can also be managed via Kustomize, a standalone tool that let\u2019s developers customize raw, template-free YAML file for multiple purposes, leaving the original YAML untouched and still usable. Kustomize is like make, in that what it does is declared in a file, and it's like sed, in that it emits edited text. Customizations are declared through a Kustomization file. Kustomize can manage application configuration files such as generating resources from other sources, setting cross-cutting fields for resources and composing and customizing collections of resources. The tool also has concepts of bases and overlays that help in advanced customizations of resources on different environments and platforms. Kustomize has been a useful tool for our in-house SREs and developers for deploying MayaData Director in different environments such as production, staging, etc. Also, the tool has helped in deploying customized MayaData Director on-prem to meet the special needs of our customers.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "3fda26c3-cda8-5671-b9a8-b752f5da663f", "id": 83, "code": "WJXXSV", "public_name": "Ashutosh Kumar", "avatar": null, "biography": "Ashutosh is a recent 2017 Grad and Kubernetes enthusiast and is a Certified Kubernetes Administrator. He is responsible for developing cStor operator for OpenEBS project that helps in volume provisioning. He is a polyglot programmer but Golang is his favorite. His areas of interest are cloud, ARM, CI/CD, storage and distributed systems.\r\nAt the current company, he leads the efforts in declarative storage management and extending Kubernetes using custom controllers.", "answers": []}, {"guid": "e4c77551-b863-5d63-89e1-b4d239e05ebe", "id": 140, "code": "TRYCER", "public_name": "Brian Matheson", "avatar": null, "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}]}}, {"index": 2, "date": "2019-11-17", "day_start": "2019-11-17T04:00:00+00:00", "day_end": "2019-11-18T03:59:00+00:00", "rooms": {"The Gallery": [{"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/DUZANQ/", "id": 131, "guid": "7e7f5f5a-9380-5d40-87d3-c4fb0686004e", "date": "2019-11-17T09:45:00+00:00", "start": "09:45", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-131-ci-cd-for-microservices-best-practices-and-lessons-from-the-trenches", "title": "CI/CD for Microservices: Best Practices and Lessons From the Trenches", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "You have finally split your big monolith into microservices built on top of Kubernetes!\r\n\r\nNow what? How do you validate a more complex application? And how do you make it scale?\r\n\r\nInstead of having one CI/CD pipeline, you have multiple. And as the number of microservices increases so does the number of pipelines. Managing pipelines for microservice applications can quickly get out of hand, especially when you try to reuse common pipeline parts between different applications.\r\n\r\nIn this talk, we will see how you can create CI/CD pipelines designed specifically for microservices and how you can reuse the same pipeline across different applications.", "description": "If you apply monolithic solutions to micro service problems you're going to have a bad time. In this talk we look at two case studies, Expedia's journey to micro services, and Codefresh. If you try to treat micro services like monoliths you'll end up with thousands of broken pipelines that are impossible to maintain. Learn from the mistakes of the past and let us show you how we fought our way to something much better!\r\n\r\nThis talk has everything, tech tips, best practices, and yes, even the fabled business value that our bosses all seem to care so much about!", "recording_license": "", "do_not_record": false, "persons": [{"guid": "70f6f77a-a59e-591b-a171-b7970de3cb7c", "id": 116, "code": "VASRJ9", "public_name": "Dan Garfield", "avatar": "https://cfp.cloud-native.rejekts.io/media/dan-garfield.jpeg", "biography": "Dan Garfield is a full-stack engineer, Google Developer Expert, and member of the Forbes Technology Council. As a Kubernaut and CI/CD expert, Dan has built tools for advanced deployment methodologies with Kubernetes, Helm, and Istio. His code and talks have been featured at conferences including Kubecon, Dev Week, Google Cloud Summit, SwampUp, Redis Conf and many more.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/M8XVPC/", "id": 76, "guid": "986f1778-0076-57ce-8d35-963c138bc5d2", "date": "2019-11-17T10:25:00+00:00", "start": "10:25", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-76-kubernetes-the-video-game", "title": "Kubernetes: The Video Game", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "The Kubernetes API is amazing and we are not only going to break it down and show you how to wield this mighty weapon, we are going to do it while building a video game, live, on-stage. As a matter of fact, you get to play along! The speaker in this session wanted to create a game and learn the kubernetes api. He thought this was out of his reach until he met the Javascript Phaser Game Engine and the Kubernetes API. In this session, Grant Shipley will walk you through the code he wrote to create a retro style Wild West shooter that manipulates Kubernetes resources as part of the game. This session will leave the slides at the door and will focus on code and live demos. At the end of this session, you should have enough knowledge to gamify Kubernetes or to at least automate it for real-world use cases.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "09d98583-9a28-5b26-ad17-72582bc93a11", "id": 75, "code": "FLVE9L", "public_name": "Grant Shipley", "avatar": "https://cfp.cloud-native.rejekts.io/media/profile.png", "biography": "Grant Shipley is a Sr. Director at VMware focused on Kubernetes. Prior to that, Grant worked as Sr. Director on the OpenShift project at Red Hat. He is the author of several books including \"OpenShift for Developers\" and \"Learning OpenShift\".  Grant has over 20 years of software development experience focusing on Java and nodejs. In his free time, he contributes to several open source projects as well as developing mobile applications. Grant has been using Linux on a daily basis since 1994 and is active in the FOSS community.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/VSMYPV/", "id": 81, "guid": "753cc1cc-7516-5395-b16b-3087a1db969c", "date": "2019-11-17T11:20:00+00:00", "start": "11:20", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-81-leveraging-build-pipelines-for-automating-container-os-framework-patching", "title": "Leveraging Build Pipelines for Automating Container OS & Framework Patching", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Containers have become the modern packaging format, regardless of the host they're run on. You may be building your own images, or consuming images from ISVs. While containers have a focused subset of their VM ancestors, containers still have layers of the OS, runtimes and other components that are susceptible to vulnerabilities that must be remediated. Have you considered how you'll patch these deployments? Will you patch the running containers, as you patch VMs, hoping the software continues to run, as you continually patch the same deployed image? \r\nWe'll examine leveraging your build and deployment pipelines to automatically patch, test and deploy updates, during and long after you've moved onto another project. OS & Framework Patching can be an extension of what you're already doing today.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "ef7fd511-9e36-5402-86af-d24cd08d63b1", "id": 80, "code": "WH88HJ", "public_name": "Steve Lasker", "avatar": "https://cfp.cloud-native.rejekts.io/media/LaskerHeadshot2_9AglD82.jpg", "biography": "Steve is a Program Manager for Container Registries at Microsoft and Azure. Prior to joining Microsoft, Steve worked in consulting and broadcast engineering where he learned the life of living on the road and building systems that can be easily troubleshot and repaired as fans don't like waiting for more than a commercial to get back to super bowl.\r\nSteve can be found on Twitter @SteveLasker and his blog @ https://stevelasker.blog", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/MJP7PW/", "id": 121, "guid": "9f3e08bf-9974-5042-84eb-b09efd13e834", "date": "2019-11-17T12:00:00+00:00", "start": "12:00", "logo": "https://cfp.cloud-native.rejekts.io/media/cloud-native-rejekts-na-2019/images/MJP7PW/rubsomecsionit.jpg", "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-121-openebs-deep-dive", "title": "OpenEBS Deep Dive", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "**OpenEBS** is an open source **CNCF Sanbox** project trying to address persistent storage problems in a *100% container native* way not just by rubbing some bacon on It.", "description": "Kubernetes was designed for ephemeral workloads that would allow for cloud native apps to scale up and down. As K8s became the center of many IT operations, people wanted to use the abstraction of it and apply it to persistent workloads. That goes against certain fundamental aspects of K8s, Pets vs. Cattle. \r\n\r\nHow do you keep K8s' agility while dealing with the inertia of storage, monolithic services that provide storage and are an unnatural fit (pet)?\r\n\r\nIn this talk, Murat and Harsh will discuss architecture of OpenEBS and dive into the working logic of the internal components including storage placement, differences between storage engines (Jiva, cStor, dynamic Local PV provisioner, a brand new MayaStor). \r\n\r\nThey will also demo how OpenEBS users use same abstraction layer to provide copy-on-write based cross-cloud application mobility and up to 90% more efficient DR using Velero.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "347f4946-8ca5-5365-8b75-43e7163d6724", "id": 110, "code": "QWLBBW", "public_name": "Murat Karslioglu", "avatar": "https://cfp.cloud-native.rejekts.io/media/IMG_6557.jpg", "biography": "Murat Karslioglu is a technologist, and infrastructure architect with over 20 years of experience in storage, distributed systems, and enterprise infrastructure development.\r\n\r\nMurat is currently one of the maintainers of OpenEBS project. He is a Kubernetes enthusiast, blogger, author and passionate about open-source. After 20 years in IT he \"still\" loves to learn and code.", "answers": []}, {"guid": "d9d81711-d608-598a-bc3b-18cb77521b42", "id": 64, "code": "VHDCMU", "public_name": "Harshvardhan Karn", "avatar": "https://cfp.cloud-native.rejekts.io/media/condayeu2019-karn-sumit_dNnd17Q.jpg", "biography": "Harshvardhan Karn is a Software Engineer at MayaData Inc. company behind OpenEBS, a CNCF Sandbox project. His day job includes working on MayaOnline, a SaaS platform. He mostly writes codes in Go, Java, and JavaScript. With his expertise in ARM, he with his team is working on building OpenEBS for ARM Kubernetes. His craziness for ARM led him to speak at ContainerDays 2019, Europe.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/MHSXUV/", "id": 118, "guid": "2eead9b7-ed33-566e-bec6-48c33382b7bb", "date": "2019-11-17T14:05:00+00:00", "start": "14:05", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-118-cloud-functions-meets-microservices-running-framework-based-functions-on-knative", "title": "Cloud Functions meets Microservices: Running Framework based Functions on Knative", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Function-as-a-service (FaaS)-style programming and serverless platforms increase productivity, enabling you to focus on application code, with the platform taking care of how to deploy, configure, run, and scale the code. They do however require you to adopt a new programming model, creating generic handlers or actions that lack the expressive APIs that you get from frameworks. Options like Knative not make it possible to make existing server frameworks run \"serverless\" on Kubernetes - and to go further to enable you to create FaaS applications that are deployed onto pre-configured servers that are pre-configured with liveness, readiness, and observeabiltty.\r\n\r\nIn this session you'll learn about the methodology by which that can be achieved, and see a live demo of a Functions based application being built and deployed on a serverless server-framework.", "description": "This talk covers the recent advances that make it possible to build a deploy serverless applications on a standard Kubernetes basis using Knative Serving. This in turn means that serverless is no-longer limited to using proprietary cloud functions frameworks such as Amazon Lamba, Azure Cloud Functions, Google Cloud Functions or OpenWhisk - you can easily use open source tools to develop and deploy functions that build on existing frameworks, and deploy as serverless workloads on Knative.\r\n\r\nThis also means that enterprises can drive consistency for their server and serverless deployments - with the ability to use the same configurations and integration with cloud-native capabilities regardless fo whether their developers are programming using server frameworks or creating functions.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a51a55e8-ac12-51fb-a725-cec70203537e", "id": 107, "code": "8FGQ7H", "public_name": "Chris Bailey", "avatar": null, "biography": "Chris is the Chief Architect for Cloud Native Runtimes at IBM, leading teams that contribute to the open source communities for the Node.js, Java and Swift runtimes. He is also the project lead for a number of open source projects, including the Kitura microservice framework for Swift, the CloudNativeJS collection of Node.js modules, and the Appsody developer tools project.\r\n\r\nHe has spoken at a number of conferences on various aspects of developing and deploying applications, including at JavaOne, NodeSummit, Node Interactive, SwiftSummit, QCon and the O'Reilly Software Architecture Conference.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/YWAT3U/", "id": 74, "guid": "39914f6c-0fad-5a81-9a19-796cb0570f19", "date": "2019-11-17T14:45:00+00:00", "start": "14:45", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-74-better-together-form-the-mighty-voltron-with-your-infrastructure", "title": "Better Together: Form the Mighty Voltron with Your Infrastructure", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "In the classic animated series Voltron, five heroes unite to form a giant superrobot to defend the universe from evil. Just like Voltron, the power of each individual CNCF project lies in its unique strengths -- that when combined with other projects, create mega-powerful infrastructure.", "description": "In this talk, we will form our own Voltron to defend our application by building a container (CRI-O), adding a scheduler (Kubernetes), monitoring (Prometheus), traffic splitting (Linkerd), and package management (Helm). You\u2019ll leave with an understanding of today\u2019s open-source infrastructure ecosystem and how CNCF projects are better together.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "b7dce631-304a-59a8-95c4-6cc7c24d132b", "id": 74, "code": "LZQQXE", "public_name": "Carol Scott", "avatar": "https://cfp.cloud-native.rejekts.io/media/carolscottheadshot.jpg", "biography": "Carol is a Software Engineer at Buoyant, where she is a core contributor to the Linkerd service mesh. She focuses on Linkerd\u2019s web API, dashboard and CLI. In addition to Kubernetes, the CNCF technologies she works most closely with are Prometheus and Grafana.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/UNXQFT/", "id": 138, "guid": "e0b6d345-5b87-550f-bfb5-85d9ea8cfa8e", "date": "2019-11-17T15:25:00+00:00", "start": "15:25", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-138-controllers-and-service-catalog-the-power-of-crds", "title": "Controllers and Service Catalog; The Power of CRDs", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Custom Resource Definitions (CRDs) make it easy for you to add new types of primitives that can be managed by the internal control loop of Kubernetes. In this presentation, Chris Hein will provide an in-depth look at how he has been using CRDs to model external services and some of the benefits and pitfalls of using this style. We'll begin by diving into what CRDs are and how they can be used. Why he choose to model cloud resources using CRDs as opposed to Service Catalog. Continuing into a review of what it's like to build using the control loop and we'll end by discussing golang & Kubernetes code generation and how you can speed up your development by using these tools.", "description": "This talk features a deep dive into Controllers and CRDs and how they can be used to manage any type of resource, from something as simple as mutating files on each node using a CRD and a DaemonSet, to Deploying cloud based resources like you see with the AWS Service Operator and Config Connector from Google. This is a space that is heavily influx and with CRDs becoming GA in 1.16, we're about to see an explosion of new use cases for managing resources from within your organizations Kubernetes clusters.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "bdf5f4c8-b8aa-5f10-b46a-cc07e4b0748f", "id": 120, "code": "QPARXD", "public_name": "Chris Hein", "avatar": "https://cfp.cloud-native.rejekts.io/media/headshot.png", "biography": "Chris is a Software Engineer for Apple & a CNCF Ambassador with a focus on Kubernetes, open source and cloud native technologies.\r\nChris helps to maintain multiple open source projects such as the AWS Service Operator and the AWS IAM Authenticator. Prior to Apple, Chris worked for a number of large and small companies like AWS, GoPro, Sproutling, & Mattel.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/QC3ZQJ/", "id": 108, "guid": "0fa15869-4f05-5f74-9cf6-0705dce150a6", "date": "2019-11-17T16:20:00+00:00", "start": "16:20", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-108-the-enemy-within-running-untrusted-code-in-kubernetes", "title": "The Enemy Within: Running Untrusted Code in Kubernetes", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Containers are a great way to deploy and isolate application resources but they can fall short when it comes to security isolation. How do you improve the security of a container while maintaining the flexible and dynamic resource usage of a container? There are many options for sandbox containers but which is right for you?\r\n\r\nIn this talk I will explore sandbox runtimes in depth with a focus on use-cases and challenges on their implementation and maintenance. I will dive into the container security model, the use cases for sandbox pods. I will discuss various approaches and their tradeoffs before diving into the architecture of gVisor, how it differs from virtual machine based sandboxes, and how we are working to make running untrusted code feel more like the containers you know and love. Finally, I will bring it all together with a demo of best practices for using gVisor to run untrusted user code in a Kubernetes cluster.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "0c53e9e4-566e-57e8-95fc-b9312ae98b26", "id": 101, "code": "HPX93D", "public_name": "Ian Lewis", "avatar": null, "biography": "Ian is a software engineer at Google and contributor to the gVisor project. Ian has had various developer and operations roles throughout his career and enjoys working in environments with diverse ways of thinking. Ian has been living in Tokyo since 2006 and is active in the open-source developer community. He is passionate about Security, DevOps, SRE, Go, and container orchestration. When he's not working on container security projects, he runs the Kubernetes Meetup in Tokyo and blogs about Kubernetes and containers at www.ianlewis.org.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/PDHSDH/", "id": 84, "guid": "b004a61a-5cdb-5ba0-b797-570e86bbde4e", "date": "2019-11-17T17:00:00+00:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-84-the-bypass-of-k8s-network-policy", "title": "The bypass of k8s network policy", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "A network policy is a specification of how groups of pods are allowed to communicate with each other and other network endpoints. It will be used by cluster operator to segment resources based on organization policies and enforce access control based on security requirements. In this talk, we will introduce what is network policy and network plugins, then we will show how to enforce network policy to protect a demo application, finally we show step by step examples how to bypass the network policy in the following scenarios: Abuse of privileges, insecure host mounts and misconfiguration of kubelet. Attendees should come away with the idea of securing kubernetes cluster in holistic way.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "4df595c7-556e-5e0f-9fa9-ec0f391dafca", "id": 84, "code": "JG7TQA", "public_name": "Kaizhe Huang", "avatar": "https://cfp.cloud-native.rejekts.io/media/Elain_and_I.jpeg", "biography": "Kaizhe Huang is Security Researcher in Sysdig where he spent a lot time in security research in kubernetes. Previously, as Senior Security Engineer at Oracle Database Security Group, he helped building security products including: Database Vault, Database Privilege Analyzer and Database Assessment Tool. Kaizhe holds M.S. degrees in Information Security from Carnegie Mellon University.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/PMU9XY/", "id": 122, "guid": "e5480d77-35e1-51ba-8782-82ab9daffb57", "date": "2019-11-17T17:40:00+00:00", "start": "17:40", "logo": null, "duration": "00:30", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-122-introduction-to-kudo-kubernetes-operators-the-easy-way", "title": "Introduction to Kudo - Kubernetes Operators The Easy Way", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Kubernetes Operators are the next phase of the journey towards automating complex applications in containers. Many Operators that exist today handle initial deployment, but they don\u2019t provide automation for tasks like binary upgrades, configuration updates, and failure recovery. Implementing a production-grade controller for a complex workload typically requires thousands of lines of code and many months of development.  The Kudo project ( https://kudo.dev ) provides a framework to enable automated creation of operators for Kubernetes, in most cases just using YAML. In this talk I\u2019ll introduce the Kudo project, and demo the creation of a Kubernetes operator using Kudo.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "b7a5961c-3c5e-590d-a341-fa7f5d710f37", "id": 137, "code": "PRWEDJ", "public_name": "Gerred Dillon", "avatar": "https://cfp.cloud-native.rejekts.io/media/GerredDillon.jpeg", "biography": "Gerred Dillon is a Principal Engineer for Cloud Native Applications at D2iQ, building tooling for large scale workloads on top of Kubernetes. He is the creator of the Kubernetes Universal Declarative Operator and assists with the Kubebuilder subproject, SIG API Machinery, and CNCF SIG App Delivery.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/XYP3AG/", "id": 144, "guid": "488f8f40-d9a2-5d97-b619-6ce9f64f9d46", "date": "2019-11-17T18:10:00+00:00", "start": "18:10", "logo": null, "duration": "00:10", "room": "The Gallery", "slug": "cloud-native-rejekts-na-2019-144-closing", "title": "Closing", "subtitle": "", "track": null, "type": "Opening", "language": "en", "abstract": "The closing session of Cloud Native Rejekts 2019", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "4967f7d9-f800-5a78-a9e8-d2f363599a20", "id": 2, "code": "FBJ7DG", "public_name": "Chris Kuehl", "avatar": null, "biography": "Chris is co-founder and CEO at Kinvolk. He started his open source journey over 15 years ago, becoming a maintainer in the GNOME project. Since founding Kinvolk, he's worked as an engineer on projects like rkt, initiated Flatcar Linux, Kinvolk's container-oriented OS, and Lokomotive, its Kubernetes distribution. He also founded and organizes the Cloud Native Rejects and All Systems Go! conferences. Chris has a singular focus to establish Kinvolk as the most trusted open source participant in the Cloud Native community.", "answers": []}], "links": [], "attachments": [], "answers": []}], "The Theater": [{"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/ATPJSX/", "id": 98, "guid": "a2ac294c-205c-5ee3-aab7-7ff68379a22f", "date": "2019-11-17T09:45:00+00:00", "start": "09:45", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-98-cloud-native-ebpf-instrumentation", "title": "Cloud Native eBPF Instrumentation", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "In this talk we are going to see how in **Cloud Native** environments we have the common issue of having tools to instrument and comprehend the application behaviour at kernel level. To try to solve this problem I'll try to illustrate my opinions on how I used **eBPF** and eBPF based tools that are both the **kernel** and **Kubernetes** aware. In other words, Cloud Native.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "1c8268fc-9b27-545d-8efc-6145df880b20", "id": 11, "code": "RBR93Z", "public_name": "Leonardo Di Donato", "avatar": "https://cfp.cloud-native.rejekts.io/media/leodido__levis.jpg", "biography": "Leonardo is an Open Source Software Engineer at Sysdig in the Office of the CTO. He is in charge of the Open Source methodologies and projects of Sysdig. At the same time he mainly takes care of Falco, a CNCF Container Native Runtime Security project. He is also involved in the Linux Foundation's eBPF project (IO Visor) as a maintainer of kubectl-trace project. He's also the creator of go-syslog, a blazingly fast Golang parser for syslog messages and transports, and of kubectl-dig, a tool to have deep visibility into Kubernetes directly from the kubectl. In the meantime he's also involved from the early days into the new CNCF SIG-Security.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/EFEUPX/", "id": 116, "guid": "4b1c2be2-74c0-5b00-8f3d-ea87b84ad6c6", "date": "2019-11-17T10:25:00+00:00", "start": "10:25", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-116-service-mesh-benchmarks", "title": "Service Mesh Benchmarks", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Benchmarking system performance in a repeatable, reproducible way can be a difficult task, both technologically as well as philosophically - doubly so for as complex a system as a service mesh. However, the cost of adding new technology to a stack can be critical in making a decision about adoption - and repeated, reproducible benchmarks can help the service mesh communities to meet, and improve on, their respective quality bar. This talk benefits the ecosystem by not only characterizing the cost of various service mesh implementations in numeric terms, but also by describing what \u201ccost\u201d means in this context, and by introducing an open source framework for running these tests that can be used by anyone in the world to reproduce results.", "description": "Service meshes, a category of SDNs that provide application centric connectivity, routing, introspection, and debugging, have risen to prominence over the recent years, spawning multiple successful projects with different motivations and goals. But what's the cost of adopting a solution to existing networking infrastructure?\r\nThis talk answers this question in a quantitative way. We discuss how to characterize the cost of running a service mesh in terms of both tail latency and resource consumption. We describe how to perform a realistic benchmark, including how to eliminate sources of bias and variance in the measurement process. We present our open source framework for reproducibly benchmarking service meshes. Finally, we report the results of benchmarking Linkerd and Istio under a variety of real-world conditions, and quantify these two technologies by their operational cost.\r\n\r\nPlease find the talk slides here: https://drive.google.com/file/d/1W-wfCfEwzPHTnPD0nfHT9eW5v6xwCAt3/view", "recording_license": "", "do_not_record": false, "persons": [{"guid": "8fc37fa6-6f5e-581b-b218-673bff634946", "id": 38, "code": "REYW9K", "public_name": "Thilo Fromm", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatar.png", "biography": "While Thilo started his professional life with hardware and OS engineering for embedded systems, he eventually switched to Linux kernel and plumbing level work around virtualisation, networking, and storage. In more recent years, Thilo ventured into data centers spanning systems, working with Amazon AWS\u2019 EC2 team in Dresden for more than 3 years. This January, Thilo joined Kinvolk, entering the world of cloud-native systems and software. Thilo\u2019s main focus - besides managing Kinvolk\u2019s engineering team - remains on technical tasks that start on a low level and cross many layers of abstraction.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/3ZTZF8/", "id": 77, "guid": "7b87cfaa-929a-54e1-80b5-d39f7371fee3", "date": "2019-11-17T11:20:00+00:00", "start": "11:20", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-77-managing-thousands-of-edge-k8s-clusters-with-gitops", "title": "Managing Thousands of Edge k8s Clusters with GitOps", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "We will provide a comprehensive overview of how we\u2019ve built a large scale, fully open sourced edge cloud platform. It maps the technology to real use cases and grows the community collaboration around realistic deployments. It will show real operational data at scale from one of the largest retailers in the world. The audience will see not only the k8s deployment but app orchestration across thousands of k8s clusters.", "description": "GitOps provides a standard operating model for managing Kubernetes clusters. A single cluster can be managed individually or with simple CI/CD tooling. However, when dealing with thousands of retail stores, industrial installations or autonomous robotics devices this requires a different approach. \r\n\r\nThe Volterra SRE team operates a global SaaS Edge Platform. Solving various challenges in managing a large number of clusters in various states (i.e. online, offline, etc.); leveraging the Kubernetes ecosystem & tooling with a declarative pull-based model using GitOps.\r\n\r\nIn this session, you will learn how to apply GitOps to effectively manage and monitor fleets of k8s clusters. the tooling built to solve problems around CI/CD, K8s object orchestration, configuration management, and observability of the fleet. A demo of the SRE tooling on how you can control daily cluster updates around the globe.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "d2e6e641-a702-5d43-a20f-5f1a5899f406", "id": 76, "code": "B9KH3D", "public_name": "Jakub Pavlik", "avatar": null, "biography": "Jakub Pavlik is a co-founder, former CTO and chief architect of tcp cloud (acquired by Mirantis in 2016). Jakub and his team worked several years on the IaaS cloud platform based on OpenStack-Salt, Kubernetes and OpenContrail projects, which they deployed and operated for global large service providers. Currently he works as Director of Engineering at Volterra, where they are building Edge Services for Modern Applications using Istio and Kubernetes.\r\n\r\nSpeaker Opportunities \r\nhttps://www.youtube.com/watch?v=Ym_CZ8-crD8&list=PLPNUhBI0OqLq1B3DZvww2K_ve7VruUQHz", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/AHVSZ3/", "id": 146, "guid": "6a9ea6c2-d617-5ca2-9e53-097c35f752a6", "date": "2019-11-17T12:00:00+00:00", "start": "12:00", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-146-kubernetes-for-non-coders", "title": "Kubernetes for Non-coders", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "For most people outside IT departments, understanding how to pronounce Kubernetes is the first step of many steps towards understanding why they should support the transition to Cloud-Native Technologies. This talk seeks to present Kubernetes and cloud-native to non-coders outside the IT department and help them understand how supporting its adoption will benefit them.\r\n\r\nThe talk begins with an overview of what Cloud-Native is, proceeds to a non-technical explanation of Kubernetes using housing as a metaphor, and finishes with key benefits to non-IT departments when adopting Kubernetes. Audience members will learn how to explain and advocate for Kubernetes at an organisational level.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2e9584bb-4a2f-5695-9089-0762708650e0", "id": 141, "code": "KXZTKY", "public_name": "Bill Mulligan", "avatar": "https://cfp.cloud-native.rejekts.io/media/headshot_bill.jpg", "biography": "Bill Mulligan currently works at Loodse as a Kubernetes Advocate, helping companies understand if Kubernetes is the right fit for them. He has been published on DevOps.com and The New Stack and appeared on the Cisco Cloud Unfiltered podcast. He has given talks about Kubernetes at Cloud Native Warsaw, ContainerDays, DevOn Summit, DevOps Gathering, Landing Festival, and Open Networking Summit.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/UGCGEZ/", "id": 97, "guid": "8ccc29be-7fd9-5392-8b64-9d53087aa373", "date": "2019-11-17T14:05:00+00:00", "start": "14:05", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-97-classic-tools-for-the-cloud-native-era-meet-wash-the-cloud-native-shell", "title": "Classic Tools for the Cloud-Native Era: Meet Wash, the Cloud Native Shell", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "If, as they say, Kubernetes is the new OS...then what is the new shell?", "description": "Exploring, understanding, and inspecting cloud-native infrastructure should be simple and straightforward. But containers, pods, object stores, databases, and anything in between - they all have different ways of listing what you have, getting a stream of output, running commands, etc. Every project has their own, unique, bespoke tools and APIs that solve these problems in isolation. Thus, they are difficult to compose together to solve higher-level problems.\r\n\r\nUNIX\u2019s philosophy and abstractions have worked for decades. They\u2019re pretty good, and more importantly, they\u2019re familiar to millions of people. What if we applied them to modern, API-centric infrastructure? What underlying abstractions are needed to make them work? \r\n\r\nDeepak will demo Wash (https://puppetlabs.github.io/wash), how it attacks this problem, and its architecture.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2b133c9a-955a-5336-86c9-ca1fdc911323", "id": 93, "code": "N3YTU7", "public_name": "Deepak Giridharagopal", "avatar": null, "biography": "Deepak Giridharagopal is CTO at Puppet, which builds open-source infrastructure automation and orchestration tools for the masses. He is a long time developer and systems engineer who has worked on a wide variety of projects. At Puppet, he's helped build Puppet (the open source project) itself, created PuppetDB, and helped launch newer projects like Bolt. Prior to Puppet, he was an early engineer at Dell/MessageOne, working on large-scale email indexing systems.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/NV7ZU8/", "id": 58, "guid": "c75a9d94-407d-53b4-b582-3fc171203664", "date": "2019-11-17T14:45:00+00:00", "start": "14:45", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-58-k8s-certificate-rotation-or-how-i-learned-to-start-worrying-and-never-stop", "title": "K8S Certificate Rotation, or How I learned to start worrying and never stop", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "This talk will explore the role the client, server, and cluster CA certificates play in a cluster and the ramifications of their expiration. We'll look at a cluster whose certificates have expired and what lead to that scenario. Finally, we'll look at techniques to avoid certificate expiration and how to recover an inoperable cluster.", "description": "Expiration and rotation of the internal certificates of a Kubernetes cluster has not been a topic widely discussed in the Kubernetes community. Rather, it's been swept under the rug waiting to trip up operations teams. The purpose of this talk is to bring this topic out into the open. To make our community aware of the pitfalls of certificate expiration and how to restore a cluster that\u2019s lived just a little too long. \r\n\r\nThis talk will include a real life example of a Kubernetes cluster whose internal certificates have expired. We'll discuss the work it took to restore cluster functionality as well as the business decisions around keeping a cluster over recreating it. This talk will include the non-technical effects on personal and business relationships an outage like this can have.\r\n\r\nCertificate expiration can be avoided using the right techniques. This talk will touch on some of these techniques, including: upgrading Kubernetes clusters regularly, using an intermediary certificates, and methods to handle rotation. We'll also touch on monitoring and alerting best practices using Prometheus. \r\n\r\nAttendees should expect to walk away from this presentation with an understanding of the role certificates play inside a Kubernetes cluster. They should feel confident in their future decisions on how to care for the whole life of their clusters. Finally, they should know how to avoid certificate expiration and be able to save themselves if they go over the cliff.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "c618fa7c-c4c9-559e-a239-75834560fae2", "id": 59, "code": "KLHDEL", "public_name": "Nicholas Lane", "avatar": "https://cfp.cloud-native.rejekts.io/media/menbren.jpg", "biography": "Nicholas Lane is a Kubernetes Architect at VMware and formerly of Heptio. He\u2019s been using Kubernetes since 2015 when he was a consultant for Red Hat working with OpenShift. Since then Nicholas has become a Kubernetes Org member, became involved in the Azure cluster-api project, and joined the Kubernetes release team. His previous speaking engagements include Kubernetes meetups across North America,at Red Hat Summit, and hosting the regular web series \u201cThe Cloud Native Social Hour\u201d.", "answers": []}, {"guid": "41c78b36-f69e-5c9e-9e82-84f0eba878aa", "id": 131, "code": "KWSQGH", "public_name": "Duffie Cooley", "avatar": "https://cfp.cloud-native.rejekts.io/media/IMG_2810.JPG", "biography": "Duffie is a Staff Cloud Native Architect at VMware focused on helping enterprises find success with technologies like Kubernetes. Duffie has been working with all things virtualization and networking for 20 years and remembers most of it. He likes to present on topics ranging from How do I solve this problem with Kubernetes to What even is a CNI implementation and which one should I choose? A student of perspective, Duffie is always interested in working through problems and design choices from more than one perspective.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/BNSX7W/", "id": 56, "guid": "c0652e98-9697-50e5-95c6-a17f3a3fbb95", "date": "2019-11-17T16:20:00+00:00", "start": "16:20", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-56-7-yaml-customization-tools-that-you-can-t-live-without-or-can-leave-behind-", "title": "7 YAML Customization Tools That You Can\u2019t Live Without (or Can Leave Behind)", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "YAML has taken over our lives. From defining how our applications are deployed and tested to ordering pizza. There is a whole ecosystem of tooling that addresses the need of customizing your YAML for specific circumstances. With several to choose from, how do you know which one is right for your use case? This talk will cover key YAML customisation tools aimed for use with Kubernetes, and break down which are suited for particular use cases, and which are not suited for others.\r\n\r\nThe talk will include practical examples of several tools such as:\r\n- Jk\r\n- Helm\r\n- Pulumi\r\n\r\nWhether you are new to Kubernetes, or are currently using some of these tools, this talk should bring fresh ideas for managing Kubernetes configuration.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "6b04a1ad-857f-55cc-90da-497c4993af9f", "id": 57, "code": "AQVLAV", "public_name": "Alison Dowdney", "avatar": null, "biography": "Alison is a Customer Reliability Engineer at Weaveworks, and an Undergraduate student at the University of Waikato. Coming from a startup background, she has a wealth of hands on experience with Kubernetes. She is passionate about helping others starting out with cloud native applications.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-2019/talk/SUAAY7/", "id": 83, "guid": "8debccf6-efbe-561a-ac21-ad2954b29158", "date": "2019-11-17T17:00:00+00:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "The Theater", "slug": "cloud-native-rejekts-na-2019-83-cluster-migration-data-on-the-fly", "title": "Cluster Migration: Data on the Fly", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Disaster management is a mission-critical function that most startups today don\u2019t plan for. Recent disruption in Cloud providers demonstrates that no infrastructure can avoid the inevitable downtimes caused by the catastrophe. All infrastructures should have fail-safe measures to ensure \u201cnothing\u201d is lost in the event of service disruption. This proposal demonstrates a simple system for ensuring entire Kubernetes clusters can be replicated on-demand. The use-cases are many and obvious including data security, cost optimization and reducing the downtime of workloads.", "description": "In this talk, Ajesh and Vishnu will present a methodology for using OpenEBS custom controllers to replicate/migrate Kubernetes cluster into another Kubernetes cluster. They will demonstrate data migration on the fly and discuss both use cases and hurdles faced.\r\n\r\nThis talk will benefit DevOps attendees who support stateful applications and manage the configuration of Kubernetes clusters. Using this approach users can easily replicate/migrate stateful applications from one Kubernetes cluster to another. \r\n\r\nThe cluster migration pattern is useful in situations like canary deployment, blue-green deployment, cluster upgrade, disaster recovery.\r\n\r\nThis talk will be beneficial SREs and DevOps users who are concerned about data privacy and do not trust third-party vendors. This approach also reduces time and cost overhead.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "808171ad-dcc1-5297-8ee8-7119805362e4", "id": 136, "code": "B3YVVE", "public_name": "Vishnu Attur", "avatar": null, "biography": "Vishnu is an Engineering Director at MayaData Inc. company behind OpenEBS, a CNCF Sandbox project.", "answers": []}, {"guid": "99579a15-2963-527e-981c-3610fad23a1d", "id": 99, "code": "9LRYCM", "public_name": "Vishnu Itta", "avatar": null, "biography": "Developer who is always eager to learn, loves math, algorithms and programming. Maintainer of OpenEBS project. Have good experience in storage protocols, ZFS, FreeBSD internals, Linux, device drivers. Enjoys playing Table Tennis and doing travel.", "answers": []}, {"guid": "005a1b55-a25a-59ae-aaca-67265d90a6e5", "id": 138, "code": "9P9SHJ", "public_name": "Ajesh Baby", "avatar": "https://cfp.cloud-native.rejekts.io/media/Ajesh_Photo.jpg", "biography": "Ajesh Baby is CKA and working as Product Manager at Mayadata Inc. He has expertise in Storage and Identity Management and loves to experiment and find solutions that help customers to perform their daily tasks more easily.", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}