»How We Prepared Infrastructure for Disney+ Launch« Justin Garrison; Talk (30 minutes)

Justin will show you what to consider before a highly anticipated product launch so you can be prep for the unknown. He will provide examples from the recent Disney+ launch and what the infrastructure team did to prepare.


»OpenEBS Deep Dive« Murat Karslioglu, Harshvardhan Karn; Talk (30 minutes)

OpenEBS is an open source CNCF Sanbox project trying to address persistent storage problems in a 100% container native way not just by rubbing some bacon on It.


»Managing Kubernetes with Linkerd« Mofi Rahman; Talk (30 minutes)

As monolithic apps are decomposed into microservices, developers have to worry about the challenges in distributed systems like service discovery, load balancing, monitoring, dynamic routing and perhaps most important of all, compliance and security. Linkerd was created to handle these features.


»Closing« Chris Kuehl; Opening (10 minutes)

The closing session of Cloud Native Rejekts 2019


»Automating Multi-Cluster Deployments with Ansible« Tim Appnel; Lightning talk (5 minutes)

This session will demonstrate how Ansible along with its built-in templating and k8s module can be used for rapid, repeatable and consistent deployments to any Kubernetes cluster.


»Why you shouldn't build a Kubernetes Operator« Josh Wood; Talk (30 minutes)

Since its origins at CoreOS and flowering at Red Hat, the Operator pattern has seen lots of explication and promotion -- rightly so. It's a pattern for extending Kubernetes, built from key Kubernetes components and concepts. But it's not right for every application in every case. This talk will h...


»How to do load balancing on bare metal clusters with source IP preservation« Suraj Deshmukh; Lightning talk (5 minutes)

This talk will explain the typical problems faced when solving this and show an answer to this frequently asked question. For this talk I will use metalLB and Contour as examples and a demo on packet.com


»Democratizing Cloud Native Technology Development« Tim Appnel; Lightning talk (5 minutes)

Powerful cloud native technologies are emerging and proliferating to address the needs of modern apps and their users' expectations. Things is, many require writing Go code and expertise with the internals of K8s or lots of static YAML. We can and need to do better. We need to finds ways to make ...


»Kubernetes: The Video Game« Grant Shipley; Talk (30 minutes)

The Kubernetes API is amazing and we are not only going to break it down and show you how to wield this mighty weapon, we are going to do it while building a video game, live, on-stage. As a matter of fact, you get to play along! The speaker in this session wanted to create a game and learn the k...


»Elastic Pod Autoscaling with Nodeless Kubernetes« Madhuri Yechuri; Talk (30 minutes)

Nodeless Kubernetes solutions like virtual-kubelet and virtual-cri (with cri-proxy) eliminate the need for configuring cluster capacity management and maintenance woes associated with pet worker nodes. This talks goes over two ways to implement nodeless architecture, lists pros and cons associate...


»Advanced Interactions with Kubernetes (As Taught by Helm)« Taylor Thomas; Talk (30 minutes)

Come learn about some of the gotchas and deep internals you'll have to deal with when extending or building on top of Kubernetes. Using some of the Helm code as a backdrop, this talk will dive into the nitty gritty details of checking the status of various workload API objects, complex patching n...


»The bypass of k8s network policy« Kaizhe Huang; Talk (30 minutes)

A network policy is a specification of how groups of pods are allowed to communicate with each other and other network endpoints. It will be used by cluster operator to segment resources based on organization policies and enforce access control based on security requirements. In this talk, we wil...


»7 YAML Customization Tools That You Can’t Live Without (or Can Leave Behind)« Alison Dowdney; Talk (30 minutes)

YAML has taken over our lives. From defining how our applications are deployed and tested to ordering pizza. There is a whole ecosystem of tooling that addresses the need of customizing your YAML for specific circumstances. With several to choose from, how do you know which one is right for your ...


»Using Octant to Fix a Kubernetes Workload« Wayne Witzel III; Lightning talk (5 minutes)

Wayne will show the audience how they can use the features of Octant to identify Kubernetes workloads that are having problems and how they can use Octant to fix their workloads.


»Maintain Remote copies of Local PV - a lesson for rainy days.« Chandan Kumar, Harshvardhan Karn; Lightning talk (5 minutes)

In this talk, Chandan will present his observations on using local PV in production for saving ElasticSearch Data. While Local PV has a big disclaimer to be used with applications that can support data management, Local PV is the performant storage solution that is available today.

As we get lure...


»Anatomy of Cloud Native eBPF Instrumentation« Leonardo Di Donato; Talk (30 minutes)

In this talk the audience will take a deep dive into understanding eBPF in the Linux kernel. The audience will learn how eBPF is used in the Falco’s custom kernel instrumentation for Kubernetes. They will also see how eBPF has enabled us to rewrite the Falco core engine data collection infrastruc...


»Classic Tools for the Cloud-Native Era: Meet Wash, the Cloud Native Shell« Deepak Giridharagopal; Talk (30 minutes)

If, as they say, Kubernetes is the new OS...then what is the new shell?


»The Enemy Within: Running Untrusted Code in Kubernetes« Ian Lewis; Talk (30 minutes)

Containers are a great way to deploy and isolate application resources but they can fall short when it comes to security isolation. How do you improve the security of a container while maintaining the flexible and dynamic resource usage of a container? There are many options for sandbox container...


»Hosting a Helm repository on github pages« Anthony Dahanne; Lightning talk (5 minutes)

What if you could have your Helm charts directly updated and hosted on Github pages after each new commit?


»Cloud Functions meets Microservices: Running Framework based Functions on Knative« Chris Bailey; Talk (30 minutes)

Function-as-a-service (FaaS)-style programming and serverless platforms increase productivity, enabling you to focus on application code, with the platform taking care of how to deploy, configure, run, and scale the code. They do however require you to adopt a new programming model, creating gene...


»Introduction to Kudo - Kubernetes Operators The Easy Way« Matt Jarvis; Talk (30 minutes)

Kubernetes Operators are the next phase of the journey towards automating complex applications in containers. Many Operators that exist today handle initial deployment, but they don’t provide automation for tasks like binary upgrades, configuration updates, and failure recovery. Implementing a pr...


»Building Blocks: Dynamic provisioning of Kubernetes Local PV« Harshita Sharma; Talk (30 minutes)

How to dynamically provision Kubernetes Local PV by OpenEBS, with managing the life cycle of block devices for Local PVs


»Code Fast and Test Accurately Without Kubectl« Ivan Sim, Daniel Bentley; Talk (30 minutes)

As cloud native software continues to grow and mature, code bases become larger and more complicated. What used to be simple build workflows with some Makefiles, now spans across multiple repositories and registries and CI/CD systems. As a Kubernetes developer, jumping through hoops to test your ...


»Deploy to production with Skaffold, BuildPacks and Tekton« Tejal Desai; Talk (30 minutes)

What if we could use the same tool for local development and deployment to production in our CD pipeline? In the last two years, developer experience tools like Skaffold started to help with the challenges of local development of Kubernetes applications. Typically, building and deploying the appl...


»Cloud Native Rejekts Kick-off!« Chris Kuehl; Opening (10 minutes)

The opening session of CLoud Native Rejekts NA 2019


»CI/CD for Microservices: Best Practices and Lessons From the Trenches« Dan Garfield; Talk (30 minutes)

You have finally split your big monolith into microservices built on top of Kubernetes!

Now what? How do you validate a more complex application? And how do you make it scale?

Instead of having one CI/CD pipeline, you have multiple. And as the number of microservices increases so does the number ...


»Unleashing The Power of Kubectl Kustomize« Ashutosh Kumar, Harsh Shekhar; Talk (30 minutes)

Kubernetes objects and configuration management can be tedious and prone to human error. And as deployments grow they tend to suffer from configuration drift.. This presentation will show how in house developers have used Kustomize with MayaData Director to manage configuration issues and then ...


»Controllers and Service Catalog; The Power of CRDs« Chris Hein; Talk (30 minutes)

Custom Resource Definitions (CRDs) make it easy for you to add new types of primitives that can be managed by the internal control loop of Kubernetes. In this presentation, Chris Hein will provide a in-depth look at how he has been using CRDs to model external services and some of the benefits an...


»Get Past the Default Configs: Lessons from the k8s Security Audit« Connor Gilbert; Talk (30 minutes)

The Kubernetes security audit turned up some bugs in Kubernetes, but did you know it also includes important security advice for end users? Find out about the security recommendations from the audit and learn how you can apply them in your apps today.


»We've Made Quite A Mesh« Tim Hockin; Lightning talk (5 minutes)

Kubernetes already has many properties of a primitive service mesh. Can we make the system better by leaning into this idea?


»Service Mesh Benchmarks« Thilo Fromm; Talk (30 minutes)

Benchmarking system performance in a repeatable, reproducible way can be a difficult task, both technologically as well as philosophically - doubly so for as complex a system as a service mesh. However, the cost of adding new technology to a stack can be critical in making a decision about adopti...


»What We’ve Learned Building a Multi-Region DBaaS on Kubernetes« Josh Imhoff, Pete Vilter; Talk (30 minutes)

Running geo-distributed clusters on Kubernetes presents no shortage of challenges: it complicates networking and service discovery; it mandates the use of stateful sets and persistent volumes; and it requires cleverness to navigate node pools and firewalls. Here's what we learned along the way.


»How to Make Istio Work With Your Apps« Karen Bruner; Talk (30 minutes)

The Istio service mesh promises to solve or ease many of the pain points around scaling and securing microservice architectures by giving key tools to make your Kubernetes cluster deployments play nice with each other, but getting some applications to play nice with Istio can be its own major cha...


»Everything You Needed to Know about Kubernetes TLS, But Were Afraid to Ask« Joe Thompson; Talk (30 minutes)

Do you know how to inspect Kubernetes TLS when it's broken and identify what the problem is? Maybe not as well as you think -- but you're in good company: even experienced admins often don't know the basics. Let's fix that.


»Building auto DevOps for production grade databases on Kubernetes« Uma Mukkara; Talk (30 minutes)

On production databases, the data patterns keep changing as the time progresses. CI pipelines need to have access to the latest data or closer to the latest data for effective testing. As Enterprises and FinTechs start to use Kubernetes and microservices-based architecture, their DevOps teams wou...


»Cluster Migration: Data on the Fly« Akash Srivastava, Shovan Maity; Talk (30 minutes)

Disaster management is a mission-critical function that most startups today don’t plan for. Recent disruption in Cloud providers demonstrates that no infrastructure can avoid the inevitable downtimes caused by the catastrophe. All infrastructures should have fail-safe measures to ensure “nothing”...


»Building Kubernetes Operators in an Ansible-native way« Tim Appnel; Talk (30 minutes)

Learn how Ansible can help developers quickly ramp up to build Operators to automate and manage the life cycle of complex Kubernetes applications.


»Managing Thousands of Edge k8s Clusters with GitOps« Jakub Pavlik; Talk (30 minutes)

We will provide a comprehensive overview of how we’ve built a large scale, fully open sourced edge cloud platform. It maps the technology to real use cases and grows the community collaboration around realistic deployments. It will show real operational data at scale from one of the largest retai...


»Better Together: Form the Mighty Voltron with Your Infrastructure« Carol Scott; Talk (30 minutes)

In the classic animated series Voltron, five heroes unite to form a giant superrobot to defend the universe from evil. Just like Voltron, the power of each individual CNCF project lies in its unique strengths -- that when combined with other projects, create mega-powerful infrastructure.


»Managing Highly-Available Kubernetes Clusters: Declaratively and Automatically« Sebastian Scheele; Talk (30 minutes)

Creating a Kubernetes cluster can look easy, but the story doesn't end here. Often, we have to create several clusters for various environments and besides creating them, we have to manage them, too. Operators want to be able to add new nodes quickly, change cluster properties, or patch the clust...


»K8S Certificate Rotation, or How I learned to start worrying and never stop« Nicholas Lane, Duffie Cooley; Talk (30 minutes)

This talk will explore the role the client, server, and cluster CA certificates play in a cluster and the ramifications of their expiration. We'll look at a cluster whose certificates have expired and what lead to that scenario. Finally, we'll look at techniques to avoid certificate expiration an...


»Lokomotive Kubernetes: Filling the gap between secure, cutting-edge and production-grade clusters« Suraj Deshmukh; Talk (30 minutes)

This talk introduces Lokomotive Kubernetes: an open source kubernetes distribution inspired by CoreOS Tectonic and built to run on Flatcar Container Linux, filling the gap between secure, cutting-edge and production-grade clusters.