{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2024.3.1"}, "schedule": {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/schedule/", "version": "0.6", "base_url": "https://cfp.cloud-native.rejekts.io", "conference": {"acronym": "cloud-native-rejekts-na-detroit-2022", "title": "Cloud Native Rejekts NA (Detroit) 2022", "start": "2022-10-23", "end": "2022-10-23", "daysCount": 1, "timeslot_duration": "00:05", "time_zone_name": "US/Eastern", "colors": {"primary": "#FF0000"}, "rooms": [{"name": "Main Room", "guid": "d6cfb315-58b9-5caf-aea7-382cf2967d96", "description": null, "capacity": 120}, {"name": "Side Room", "guid": "a8294b0b-8cd4-5e3d-8610-9a8c90bff387", "description": null, "capacity": 80}], "tracks": [], "days": [{"index": 1, "date": "2022-10-23", "day_start": "2022-10-23T04:00:00-04:00", "day_end": "2022-10-24T03:59:00-04:00", "rooms": {"Main Room": [{"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/ABLPKJ/", "id": 507, "guid": "5daf915d-d303-5f3a-882b-32ed0a411882", "date": "2022-10-23T09:30:00-04:00", "start": "09:30", "logo": null, "duration": "00:10", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-507-opening", "title": "Opening", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "Opening comments", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "28245a4c-1a43-5b7e-b64b-8d620ca44b17", "id": 551, "code": "NEXXVE", "public_name": "Sarah Novotny", "avatar": null, "biography": null, "answers": []}, {"guid": "550e950b-1c9b-51b5-80fb-9a6f2ca9178e", "id": 203, "code": "JJLYBY", "public_name": "Ralph Squillace", "avatar": "https://cfp.cloud-native.rejekts.io/media/IMG-20180127-WA0000.jpg", "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/XJK9WS/", "id": 474, "guid": "67030ce7-656d-56f5-bf4a-ddc65882497d", "date": "2022-10-23T09:50:00-04:00", "start": "09:50", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-474-cloud-native-authorization-landscape", "title": "Cloud Native Authorization Landscape", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Within the cloud native ecosystem there are a wide variety of tools tackling authorization. This presentation covers what those tools are and how they relate to each other so that folks can find the right tool for the job.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9a7db395-6d20-573d-9606-765b61930d2a", "id": 511, "code": "ZPRWCD", "public_name": "Jimmy Zelinskie", "avatar": "https://cfp.cloud-native.rejekts.io/media/1c6b219b7900d6aa4f7f562bc26ae6eb0335725a.jpg", "biography": "Jimmy Zelinskie is the chief product officer and co-founder of authzed and co-creator of SpiceDB. Prior to that, he worked on various cloud-native projects such as Quay, clair, the Operator Framework, and the Open Container Initiative while building Kubernetes products at CoreOS and Red Hat.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/YDJF8N/", "id": 490, "guid": "38295e03-dc49-55e1-88b9-eb571a64a8bd", "date": "2022-10-23T10:30:00-04:00", "start": "10:30", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-490-how-to-measure-cpu-and-memory-usage-of-ebpf-programs", "title": "How to measure CPU and memory usage of eBPF programs", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "eBPF is now a well-known technology used for networking, observability and security purposes in the cloud native landscape. There are a lot of different projects like BCC, Cilium, Falco, Pixie and Inspektor Gadget (to mention a few) that use eBPF as its core technology. One question often asked is how much CPU and memory are used by those programs. This is a hard question to answer as eBPF programs run in the kernel context and traditional tools to measure CPU and memory consumption aren\u2019t aware of them.  \r\n\r\nThe 5.1 release of Linux introduced a new feature to collect statistics on eBPF programs and bpftool implemented support to show them. However, bpftool is not Kubernetes aware and it doesn\u2019t provide an easy way to sort the output. That\u2019s where the new ebpf top gadget comes in. It uses the same bpftool mechanism to collect information about the eBPF programs and maps from the kernel and provides an interface to show the list of programs and their resource consumption with additional information like the processes that created those programs. The ebpf top gadget also provides a mechanism to sort the output based on different parameters like number of runs, memory used, etc. \r\n\r\nIn this talk, Mauricio will make an introduction of the Inspektor Gadget project and then will show how the ebpf top gadget can be used to measure the resource consumption of eBPF programs from different projects like Falco, Cilium and Inspektor Gadget.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "fd2c0742-3164-59a0-bda0-e61c1adc6f2a", "id": 528, "code": "J9N9UZ", "public_name": "Mauricio Vasquez Bernal", "avatar": "https://cfp.cloud-native.rejekts.io/media/profile_crop.png", "biography": "Mauricio works as a software engineer in the Kinvolk team at Microsoft. He is mainly interested in eBPF, Kubernetes, networking and tracing technologies. He has been working with eBPF for some years now. Currently he focuses on developing tools for debugging and observability on cloud native environments. Mauricio has given talks at different conferences and contributed to different open source projects like Linux and BCC.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/EQPDJH/", "id": 483, "guid": "c06acc54-ac5a-52c5-a539-ed388b93d92f", "date": "2022-10-23T11:10:00-04:00", "start": "11:10", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-483-a-new-kind-of-cloud-system-interface-with-webassembly", "title": "A New Kind of Cloud System Interface with WebAssembly", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Engineering distributed applications has never been harder. The development process is filled with work that distracts from business logic, such as state persistence, event-handling, and knowledge about orchestrators, schedulers, and cloud providers. What if we create a new POSIX for the cloud?  \r\n\r\nThe SpiderLightning Project experiments with capabilities as interfaces that extend WASI to create a new POSIX for the cloud. For example, developers can use a key-value interface to manage application states without requiring provider specific knowledge (e.g., Redis) because the host implements this interface and will be configured with the proper implementation. This creates common distributed application APIs and decouples application development from operational knowledge.", "description": "Like how Kubernetes and Istio abstract away networking and the lifecycle of distributed applications, SpiderLightning is an experiment to abstract away common distributed application capabilities and offer developers a set of provider-agnostic APIs, which enable developers to write portable applications without directly depending on vendor specific SDKs. Applications can leverage these interfaces to reduce the amount of code written to achieve tasks such as persisting key/values, participating in pub/sub, handling messages from a message queue, and much more. By reducing the code footprint, this experiment also enables application binaries to be much smaller than similar container-based applications. This feature further increases the maintainability and portability of applications to target constrained runtime environments like edge devices. Most critically, we want to facilitate community discussions on building a consensus on cloud-agnostic distributed application profiles.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "3c82bde3-b028-5e8f-b061-c43bf2fd5913", "id": 523, "code": "MAURDD", "public_name": "Jiaxiao (Joe) Zhou", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/E6380F73-6118-46B0-97A2-F1D0DF937B97_2L96S7K.JPG", "biography": "Jiaxiao Zhou is a software engineer at Deis Labs, Microsoft. He works on bringing Wasm outside of the browser through projects like\r\n\r\n- runwasi, a containerd wasm shim that can run wasm images and be orchestrated by Kubernetes.\r\n- SpiderLightning, a set of interfaces for common distributed application APIs.\r\n\r\nJiaxiao likes learning distributed systems, programming languages, type theory and hopes to build tools that make programming less difficult.", "answers": []}, {"guid": "c4ecaaa3-1ead-549d-a715-2c17e9aecd89", "id": 546, "code": "MRYVMX", "public_name": "Danilo (Dan) Chiarlone", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/dan-chiarlone_ZdSPvSV.jpeg", "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/VBZQE9/", "id": 455, "guid": "f0bb53d2-74a3-5c08-961e-081e6ac59828", "date": "2022-10-23T11:50:00-04:00", "start": "11:50", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-455-the-bits-must-flow-net-working-through-the-abstractions", "title": "The Bits Must Flow: (Net)working through the abstractions", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Virtual Networks, Container Networks and Software Defined Networking have all added layers of abstraction and complication on what used to be straightforward and very tactile, plug in a cable then watch the packets flow. But the basic protocols and how our systems exchange information largely remain the same. This talk is a back to basics look at how we can remember some basic principles to troubleshoot modern problems.", "description": "As with all modern computing, the network stack has gotten increasingly abstracted away as we move to cloud services and cloud native infrastructure, but underneath it all, we\u2019re still trying to accomplish the same things as always, get data from one system to another as quickly and efficiently as possible without interruption or eavesdropping. Starting with the classic interview question, \u201cWhat happens when you try to access a website from your computer?\u201d this talk reviews the modern complexity of the internet and reminds us about how some functional routing, switching and firewall knowledge can help us untangle the modern messes generated by layers of abstraction. We\u2019ll start with some things like, \u201cwhat about before I even get an IP address\u201d and end up talking about BGP, the routing protocol that runs the internet. You\u2019ll leave with a better understanding of what\u2019s actually happening after you apply your chosen network settings to your cluster or hyperscaler, and a better framework for understanding how your cloud native applications and services are communicating across the web.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "c5ac13ed-114f-506b-a017-6755b58466e0", "id": 503, "code": "JXFFDC", "public_name": "Aaron Aldrich", "avatar": "https://cfp.cloud-native.rejekts.io/media/IMG_1015.jpeg", "biography": "Aaron Aldrich is a Developer Advocate at Equinix Metal, rotating host for the Traceroute and Greater Than Code podcasts, and has organized DevOpsDays events in Hartford, New York City and Boston. Passionate about Resilience Engineering and Mental Health in the tech industry, they believe that every technology problem is ultimately, when you get right down to it, a people challenge. Find them at crayzeigh.com for thoughts on technology and people or on twitter @CrayZeigh for a potluck of technology, politics and general tomfoolery.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/UBKNNF/", "id": 472, "guid": "b3a7b4f9-b4cc-5e6c-a3c7-baf62eb59c39", "date": "2022-10-23T14:20:00-04:00", "start": "14:20", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-472-actions-speak-louder-than-words-building-better-communities", "title": "Actions speak louder than words: Building better communities", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "We've all seen it: Conferences fail to provide a diverse line-up, get called out publicly and speakers bail in fear of backlash. But this is just the tip of the iceberg. More often than not, they reveal a failure of leaders to create a diverse and inclusive community in the first place.\r\nIt\u2019s not enough to have the right boxes checked. Marginalised folks need to also feel safe to share their experiences.\r\n\r\nA clear set of values, Codes of Conduct, and programs aimed at underrepresented folks, are all tools that can help. Ultimately, however, a community is made up of people, and it is on us to reflect on our behaviour, resist the urge to go for the option that makes us comfortable and do better.\r\n\r\nIn this talk, I want to discuss how we can take action beyond calling people out on Twitter to build something that will truly benefit everyone.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2e60ed48-0f3d-511b-bb6f-87e181cbef29", "id": 399, "code": "HQMRKZ", "public_name": "Lian Li", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/hacktoberfest-small_p2qxbhL.png", "biography": "Lian always wanted to save the world\r\n\r\nAfter a failed attempt at becoming a lawyer, she decided to do something with computers instead. Working as a Fullstack Software Engineer, she got into attending tech events and giving talks on Machine Learning. During this time, she fell in love with the tech community and discovered her passion for building community and providing a safe and productive environment for all, which led to her co-organising the community conference ServerlessDays Amsterdam.\r\n\r\nCurrently, Lian lives in Amsterdam and works as Developer Advocate at Loft Labs, helping to make developing on Kubernetes easy and fun.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/RTFC8L/", "id": 445, "guid": "15c49eee-323b-5aa2-af39-2b1de8473327", "date": "2022-10-23T15:00:00-04:00", "start": "15:00", "logo": "https://cfp.cloud-native.rejekts.io/media/cloud-native-rejekts-na-detroit-2022/images/RTFC8L/ben_hirschberg_8S8RUL4.jpeg", "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-445-everything-you-want-to-know-about-kubernetes-rbac-and-were-too-afraid-to-ask", "title": "Everything You Want to Know about Kubernetes RBAC and Were Too Afraid to Ask", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Role-based Access Control (AKA RBAC) is a continuous challenge with the growing complexity of cloud native operations, the sheer number of services involved, as well as the privileges required to manage and maintain complex systems with today's ironclad SLAs.  Many modern microservices systems are built upon Kubernetes that has its own unique set of RBAC challenges.\r\n\r\nIn this talk I'll walk through some of the challenges with managing RBAC at scale in Kubernetes operations - from common mistakes (cluster-admin anyone?) and misconfigurations, as well as overly privileged roles including unnecessary access to secrets.  Amir, as a Kubernetes RBAC expert will cover all the questions you always wanted to ask and never dared, such as including how to assign access to secrets (both from a technical and organizational perspective), who should be allowed to delete pods, as well as the age-old question of who really should be allowed to have cluster-admin access.  We'll wrap up with some hard-earned tips for how to architect RBAC best-practices into your systems, and some good open source tools to manage privileges and access in the long term.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "024075a9-dc2a-5584-8ebc-4dfa1a5bf0c9", "id": 498, "code": "YXGXZR", "public_name": "Oshrat Nir", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/oshrat_UqsfG9Y.jpeg", "biography": "Ben Hirschberg\r\nBen is a veteran cybersecurity and DevOps professional, as well as computer science lecturer. Today, he is the co-founder at ARMO, with a vision of making end-to-end Kubernetes security simple for everyone, and a core maintainer of the open source Kubescape project. He teaches advanced information security academically in both undergrad and graduate courses. In his previous capacities, he has been a security researcher and architect, pen-tester and lead developer at Cisco, NDS and Siemens.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/JWTPDH/", "id": 433, "guid": "3484c6f3-28bb-5010-a3d6-cb01c794b03a", "date": "2022-10-23T15:40:00-04:00", "start": "15:40", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-433-cr-based-apis-is-it-the-right-approach-for-your-application-", "title": "CR Based APIs: Is It the Right Approach for Your Application?", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Come explore building micro-service APIs using Kubernetes Custom Resources (CRs)! We'll demo a real-life example of such an API, analyze its advantages and disadvantanges relative to typical REST APIs, and provide some guidelines for deciding whether using a CR based API is right for your application.", "description": "In a microservice application, services need to make API calls to one another. Many Kubernetes applications have begun using Custom Resources (CRs) for their APIs.\r\n\r\nThis approach offers many advantages over REST.  CRs are declarative in nature, so such APIs are simple to develop and evolve. Controllers for CR based APIs are easier to scale out than REST based API servers. CR APIs are more secure to boot, since they leverage native Kubernetes security features.\r\n\r\nHowever, there is a cost to these benefits, chiefly that CRs incur an overhead that may not be acceptable for some applications. How can we decide when it is appropriate to use them?\r\n\r\nIn this talk we explore this mechanism, and go over its advantages and disadvantages versus REST. We will demo a real-life example of a CR based API at work, and measure its performance relative to REST using the open-source tool Kubestr.  Finally we will go over some guidelines for deciding whether moving to a CR based API is the right choice for you.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "78da723a-a774-554e-a19f-8fe5903bf6f4", "id": 545, "code": "JUHCCG", "public_name": "Dave Smith-Uchida", "avatar": null, "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/XX7RLC/", "id": 506, "guid": "5a507803-12f1-585e-a0e7-70e5b8b457c2", "date": "2022-10-23T16:20:00-04:00", "start": "16:20", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-506-detecting-cryptocurrency-mining-with-ebpf", "title": "Detecting Cryptocurrency Mining With eBPF", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "eBPF allows for introspection of events across entire nodes and is a powerful foundation for collecting data from different workloads on a Kubernetes cluster. This talk will explore step-by-step a cryptocurrency mining attack, showing how it behaves, evolves, and how different stages of the attack can be detected using open source eBPF-based tools.\r\n\r\nAs a demonstration, a live miner barely detectable using traditional userspace tools will be shown on a pod. Using tools like Cilium\u2019s project Tetragon and leveraging eBPF\u2019s kernel-based network and process-level visibility, malicious behaviors such as suspicious processes and unexpected outbound connections are easily identified. As a result, the detected miner will be blocked, and the cluster defended.\r\n\r\nAttendees will leave with ideas for protecting Kubernetes clusters, as well as an understanding of how eBPF-based tools can operate across an entire Kubernetes cluster without any modification to applications or their configuration.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "f2105174-7e5d-5815-98fd-96d85585a113", "id": 451, "code": "3HWLAT", "public_name": "Tracy P Holmes", "avatar": "https://cfp.cloud-native.rejekts.io/media/P4_YUByjEq.jpg", "biography": "A \"jackie of all trades\" (and mistress of being herself), Tracy is a Technical Community Advocate at Isovalent focusing on all things Cilium, eBPF, and Anxiety Driven Development. When she isn't leveling up her programming skills or learning all she can about the next \"Something-OPS\", she likes helping others have \"lightbulb\" moments. Tracy is active in the open source community and is a strong believer that open source is like gardening - pay attention to your conditions, and water only when needed. You can find her in most places as @tracypholmes.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/CGU3SC/", "id": 493, "guid": "41e2313e-0451-5f0c-b986-365870a81c70", "date": "2022-10-23T17:00:00-04:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-493-multi-cluster-observability-and-aiops-with-opni", "title": "Multi Cluster Observability and AIOps with Opni", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "The collection and storage of observability data is critical for day to day operations and long term health of clusters and applications. The increasing volume of this observability data can be leveraged by AI algorithms and data analytics to automate triaging, response, and remediation for common issues, reducing mean time to detection and resolution. To achieve this observability based AIOps system, one must be capable of implementing AI algorithms, set up a combination of logging, monitoring, and tracing backends to store data, and agents for each type of observability data in downstream clusters to ship data to the backend. This complex setup can be challenging to users and this talk will demonstrate how Opni can be leveraged to simplify the setup and management of a fully open source AIOps & observability system.", "description": "There are many open source options for logging, monitoring and tracing. Users must set these up individually to collect all 3 types of observability data. The creation and management of these tools is often challenging and can be simplified. In addition to this, to leverage AIOps users must be knowledable with GPUs as well as machine learning and deep learning algorithms. Opni was created to address these challenges and offer an observability management tool that comes with AIOps baked in. Opni is the first open source AIOps tool that offers easy creation and management of logging, monitoring, and tracing backends. It leverages and extends upstream open source projects including OpenSearch, Cortex, OpenTelemetry and others!", "recording_license": "", "do_not_record": false, "persons": [{"guid": "96241372-ea1c-50a3-8e2d-d13bf07c04c3", "id": 529, "code": "TKAHWQ", "public_name": "Sanjay Nadhavajhala", "avatar": null, "biography": "Started Opni at SUSE Rancher and is the engineering manager for the project. Experience in various AI & software projects at big tech companies (IBM, Disney, Amazon). From Cupertino, CA and enjoys playing basketball, tennis and golf. Interested in finance, politics, and black holes.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/SESCY8/", "id": 440, "guid": "ed236886-5842-5f63-815b-898bad85aac2", "date": "2022-10-23T17:40:00-04:00", "start": "17:40", "logo": "https://cfp.cloud-native.rejekts.io/media/cloud-native-rejekts-na-detroit-2022/images/SESCY8/Kim-15_eIbMrzr.jpeg", "duration": "00:10", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-440-creating-a-positive-community", "title": "Creating a Positive Community", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "We all love this community and having the privilege of working in open source. In this talk I will talk about the key tenants of a positive community and specific things we can do to support developers and the community", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "3050ff17-a7f9-5c65-ada3-41d10a190616", "id": 496, "code": "HHELHJ", "public_name": "Kim McMahon", "avatar": null, "biography": "Kim (@kamcmahon) is all about community building, solving challenges, and uniting people. When she isn't hiking or skiing with her 2 black labs, she is leading communities. Join her for french fries and a chat!", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/WDZCXL/", "id": 484, "guid": "21432bf1-aeea-547e-8cdf-eb3e0b702cf0", "date": "2022-10-23T17:55:00-04:00", "start": "17:55", "logo": null, "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-484-kubes-and-cubes-puzzling-out-cloud-native-tech", "title": "Kubes and Cubes: Puzzling Out Cloud-Native Tech", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "What do you do when faced with the ever-growing and always confusing cloud native landscape? Use visual, interactive analogies from the equally confusing twisty-puzzle landscape!", "description": "The number of ways to run Kubernetes keeps growing and growing. It can be hard to follow them all!\r\n\r\nThis tongue-in-cheek talk will help you keep track of all these cluster types by using twisty puzzles (think Rubik's cubes but scarier) to demonstrate the varying complexities and characteristics of different cluster types.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9e968d91-68a0-5ecd-af42-32ad52e2356a", "id": 78, "code": "ZGVGCN", "public_name": "Karen Bruner", "avatar": null, "biography": "Karen likes cats and not much else. She has a long history of smacking computers to get them to work. She misses getting paid to hack on FreeBSD.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/NHSGQQ/", "id": 505, "guid": "17bd181f-94f1-50a7-bdab-35868196244e", "date": "2022-10-23T18:00:00-04:00", "start": "18:00", "logo": null, "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-505-some-assembly-required-infrastructure-lessons-from-lego-k-nex-mario-kart", "title": "Some Assembly Required: Infrastructure lessons from Lego, K'Nex, & Mario Kart", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "The Lego experience is more than just a collection of premium priced bricks in a box. If one looks closer, it's full of guidance for the cloud native developer, including; interoperability, backward compatibility, design, and documentation. This brief rant will highlight ways your project can meet developer expectations, and pitfalls to avoid so your project won't be cast aside like a disappointing toy.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "3b0e2463-fde5-5282-97cb-53445d4897bb", "id": 538, "code": "8GNU3V", "public_name": "Jeremy Tanner", "avatar": "https://cfp.cloud-native.rejekts.io/media/14129838730_9262fd6323_o_copy.jpg", "biography": "Jeremy leads Developer Advocacy at Equinix, the world's digital infrastructure company. When not making CPUs hot, he enjoys motorcycles, bicycles, and mechanical keyboards. \r\n\r\nhttps://twitter.com/Penguin\r\nhttps://www.linkedin.com/in/jeremytanner/", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/FJEA9J/", "id": 464, "guid": "92c2173c-c863-5e36-b5c7-22080ba1d6cb", "date": "2022-10-23T18:05:00-04:00", "start": "18:05", "logo": null, "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-464-e2e-testing-of-kube-controllers-the-good-the-bad-and-the-ugly", "title": "E2E Testing of Kube Controllers - the Good, the Bad and the Ugly", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "End to end testing in Kubernetes apps is usually done with many lines of bash scripts as this may seem as natural progression from testing Kubernetes apps manually with kubectl. Bash is not well-equipped for such tests because users have to create a lot of boilerplate and wrapper functions to make tests reliable. At the same time, Kubernetes provides excellent client libraries in many programming languages. In this presentation, Pawe\u0142 will show that taking advantage of the client libraries can improve tests speed and reliability, and as a side effect, shorten a feedback loop for developers.", "description": "Testing Kubernetes controllers or applications which run inside the Kubernetes cluster and use Kubernetes cluster resources can be a challenging task. While unit tests are easy to write and maintain, thanks to rich Kubernetes client libraries available for End-to-End testing, the top layer of The Test Pyramid is a completely different animal. In this presentation, Pawe\u0142 will talk about how to build end-to-end tests based on manual testing with kubectl and why bash scripts should be reduced to minimum. He will also talk about Elotl\u2019s struggles to keep the end-to-end testing pipeline stable and reliable. He will discuss pros and cons of running tests in local KIND clusters and using clusters provided by the cloud vendors.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9609f364-2aaf-53e3-8a72-1d0d2eddb15c", "id": 421, "code": "AHLJEM", "public_name": "Pawe\u0142 Bojanowski", "avatar": "https://cfp.cloud-native.rejekts.io/media/me_17X1bF0.jpg", "biography": "Platform Engineer at Elotl, Kubernetes & Go fan and amateur squash player. Likes to disassemble and reassemble the software", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/NFRSZX/", "id": 492, "guid": "9d6db59b-270c-5955-8b5d-d0d780fa730b", "date": "2022-10-23T18:10:00-04:00", "start": "18:10", "logo": null, "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-492-setting-up-a-logging-stack-in-5-minutes", "title": "Setting up a logging stack in 5 minutes", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "Log aggregation is one of the cornerstones of observability but setting up a logging stack can be overly complicated. As the number of clusters an operations team are expected to manage explodes a simpler solution is needed. This talk will demonstrate how we can simplify this process and set up a log aggregation platform in 5 minutes.", "description": "Logging systems by their very nature are generalist tools. This means they can cover many use cases but can be unwieldy to configure and maintain. The number of places where Kubernetes clusters are installed and used is rapidly increasing, particularly as the focus on the edge accelerates. A Kubernetes native solution that can easily scale to n clusters is needed. Currently setting up an opensource logging stack is a disjointed process. A central log store needs to be configured and maintained separately from the log aggregation pipeline, often with disparate technologies. This talk demonstrates how these can be integrated into a single unified process.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "96241372-ea1c-50a3-8e2d-d13bf07c04c3", "id": 529, "code": "TKAHWQ", "public_name": "Sanjay Nadhavajhala", "avatar": null, "biography": "Started Opni at SUSE Rancher and is the engineering manager for the project. Experience in various AI & software projects at big tech companies (IBM, Disney, Amazon). From Cupertino, CA and enjoys playing basketball, tennis and golf. Interested in finance, politics, and black holes.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/CDP33E/", "id": 446, "guid": "68c68345-d620-5034-b742-ab28b44bfcf0", "date": "2022-10-23T18:15:00-04:00", "start": "18:15", "logo": "https://cfp.cloud-native.rejekts.io/media/cloud-native-rejekts-na-detroit-2022/images/CDP33E/ben2_eF7FvF2.jpeg", "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-446-demystifying-kubernetes-vulnerability-scanning", "title": "Demystifying Kubernetes Vulnerability Scanning", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "Security like all technology disciplines has its buzzwords. You'll often hear acronyms like SAST, SCA, DAST, and much more\u2026but what does it all really mean?\r\n\r\nIn this talk we will review the many kinds of vulnerability scanning with a focus on Kubernetes security scanning. We'll help you understand what kinds of vulnerabilities you can as well as cannot identify with these tools. We'll review some of the popular open source security scanning tools in the ecosystem, and help you understand where you can use each and what to scan - registries, clusters, CI/CD. This will be demoed through real code examples and scanning scenarios.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "024075a9-dc2a-5584-8ebc-4dfa1a5bf0c9", "id": 498, "code": "YXGXZR", "public_name": "Oshrat Nir", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/oshrat_UqsfG9Y.jpeg", "biography": "Ben Hirschberg\r\nBen is a veteran cybersecurity and DevOps professional, as well as computer science lecturer. Today, he is the co-founder at ARMO, with a vision of making end-to-end Kubernetes security simple for everyone, and a core maintainer of the open source Kubescape project. He teaches advanced information security academically in both undergrad and graduate courses. In his previous capacities, he has been a security researcher and architect, pen-tester and lead developer at Cisco, NDS and Siemens.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/WA3NPU/", "id": 480, "guid": "d8a539e1-b767-5db0-9fb6-08e2c227a5dc", "date": "2022-10-23T18:20:00-04:00", "start": "18:20", "logo": null, "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-480-speed-up-highly-available-deployments-on-kubernetes", "title": "Speed up highly available deployments on Kubernetes", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "In this talk we will show you how we speed up [Cortex](https://cortexmetrics.io/) deployments at scale, using zone-aware Kubernetes controllers. \r\n\r\nKubernetes allow pods to be spread across different zones through topology constraints but these are not taken into consideration during rollout updates, or on pod disruption budgets. For instance, it's recommended to replicate Cortex's ingesters across different zones for high availability, allowing for the system to continue to work in the event of a zone outage. However, the lack of zone aware deployments support forces Cortex operators to allow just a single container to be updated at once, causing long deployments and impacting the velocity in which nodes can be upgraded.\r\n\r\nTo bypass these limitations, the Amazon Managed Service for Prometheus team released a couple of k8s controllers for zone aware rollouts and disruptions that can be used by any high available quorum-base distributed application, such as Cortex, to improve the velocity of deployments in a safe way.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "11aad4c2-9a21-550d-ac33-c82404754099", "id": 522, "code": "LXMLG9", "public_name": "Mariana Ramos Franco", "avatar": "https://cfp.cloud-native.rejekts.io/media/marfram.png", "biography": "Mariana is a Software Engineer with more than 12 years of experience in the development of web applications and highly scalable distributed systems. Currently, she works in the Amazon Managed Service for Prometheus team out of the beautiful city of Vancouver/Canada. Prior to this, Mariana worked on other AWS services such as Amazon Route 53 and Amazon RDS. She also spent 5 years at IBM Software Lab in Brazil. She holds a MS in Computer Engineering from University of S\u00e3o Paulo.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/LBJ7TD/", "id": 478, "guid": "03d9a893-d03e-5503-a535-c4a5dd934c3a", "date": "2022-10-23T18:25:00-04:00", "start": "18:25", "logo": null, "duration": "00:05", "room": "Main Room", "slug": "cloud-native-rejekts-na-detroit-2022-478-the-shifting-sands-of-security-and-compliance-in-the-cloud", "title": "The Shifting Sands of Security and Compliance in the Cloud", "subtitle": "", "track": null, "type": "Lightning Talk", "language": "en", "abstract": "Cloud Custodian is an open source cloud security, governance, and management tool with powerful integrations with AWS cloud services that allows for quick response times to address a wide array of compliance, governance, and security issues. As public cloud adoption increases across industries, the need to be able to properly secure and govern cloud resources is more important than ever. This session will show how to react quickly to changing security and compliance standards in reaction to security bulletins published by public cloud providers in a serverless and event based process.", "description": "Cloud Custodian and its wide array of tools are used industry wide and provide great value in allowing users to create user defined policies that are powerful, extensible, and incredibly customizable. These policies can react in an event based manner allowing for low overhead and a peace of mind. This session will walk through how to take a security bulletin provided by a public cloud provider and translate it into policy, showing the complete end to end lifecycle of how to react quickly and efficiently.\r\nCloud Custodian supports all three major public clouds, AWS, Azure, and GCP, with alpha support for Kubernetes, allowing users to take advantage of a common vocabulary, tools, and workflow when addressing cloud governance needs across a wide array of use cases.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "bf8606df-be7e-5a4f-a48e-667337360864", "id": 520, "code": "BMDDDM", "public_name": "Sonny Shi", "avatar": null, "biography": "Sonny Shi is a Staff Engineer at Stacklet, working on the open source Cloud Native Sandbox Project Cloud Custodian and the Stacklet Platform.", "answers": []}], "links": [], "attachments": [], "answers": []}], "Side Room": [{"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/ZAYEBL/", "id": 448, "guid": "ec9252c2-d467-538c-b96f-f0ebc879e797", "date": "2022-10-23T10:30:00-04:00", "start": "10:30", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-448-efficient-deep-learning-inferencing-in-the-cloud-using-kubernetes-with-smart-provisioning-of-arm-nodes", "title": "Efficient Deep Learning Inferencing in the Cloud using Kubernetes with Smart Provisioning of Arm Nodes", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Deep Learning (DL) models are being successfully applied in a variety of fields.  Managing DL inferencing for diverse models presents cost and operational complexity challenges.  The resource requirements for serving a DL model depend on its architecture, and its prediction load can vary over time, leading to the need for flexible resource allocation to avoid provisioning for the maximum amount of resources needed at peak load.  Using the cloud to allocate resources flexibly adds operational complexity to obtain minimum-cost resources matching model needs from the large and ever-evolving sets of instance types.  Selecting minimum-cost cloud resources is particularly important given the high cost of x86+GPU compute instances, which are often used to serve DL models.\r\n\r\nWe describe an approach to efficient DL inferencing on cloud Kubernetes (K8s) cluster resources.  The approach combines two kinds of right-sizing.  The first is right-sizing the inference resources, using Elotl Luna smart node provisioner to add right-sized compute to cloud K8s clusters when needed and remove it when not.  The second is right-sizing the inference compute type, using cloud Ampere A1 Arm compute with the Ampere Optimized AI library, which can provide a price-performance advantage on DL inferencing relative to GPUs and to other CPUs.\r\n\r\nWe show the benefits of the approach using inference workloads running on auto-scaled TorchServe deployments.  For cloud K8s clusters from two vendors, we compare the cost and operational complexity of right-sizing against two common non-right-sized approaches.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "c8bde6c0-dd90-5e70-9e30-05c35b2f91f2", "id": 387, "code": "LX7WYX", "public_name": "Anne Holler", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/annephoto2_FdOt2WG.jpeg", "biography": "Anne has an ongoing interest in the intersection of resource efficiency and artificial intelligence.\r\nShe worked on Uber's Michelangelo Machine Learning platform, on the management stack for Velocloud's\r\nSD-WAN product, on VMware's Distributed Resource Schedulers for server and storage infrastructure,\r\non performance analysis for VMware's hypervisor and hosted products, on Omnishift's transparent\r\napplication and data delivery over the web to the desktop, on Transmeta's Crusoe processor performance\r\nand power, and on Hewlett-Packard's low-level compiler optimizer.  She received bachelors and masters\r\ndegrees from Duke University, and a doctorate from University of Virginia, all in Computer Science.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/8GP8QM/", "id": 429, "guid": "4f81d76e-87a0-5621-9a66-58fc6fd7ac55", "date": "2022-10-23T11:10:00-04:00", "start": "11:10", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-429-fun-with-freebsd-make-your-own-mini-cloud", "title": "Fun with FreeBSD: Make Your Own Mini-Cloud", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "What do you do when you have one nice PC sitting around but you really need to hack on a multi-node Kubernetes cluster? Build one by installing FreeBSD and using its native bhyve virtualization platform.", "description": "The FreeBSD operating system is not yet a first-class citizen in the cloud native ecosystem, but that does not mean it cannot have a role. One example of how FreeBSD can currently play along is by using its native bhyve virtualization to host a Kubernetes cluster on Linux virtual machines.\r\n\r\nFreeBSD is a stable, elegant, and richly-featured operating system. Bhyve virtualization, built into the kernel, makes it very simple to create and run virtual machines on modern compatible CPUs and network those VMs. This ability makes it a great platform for creating multi-node Linux-based Kubernetes clusters for fun and profit.\r\n\r\nThis talk will briefly cover how amazing FreeBSD is and why you would want to use it. Then it will get down to basics of what it takes to create a few Linux VMs and join them into a full Kubernetes cluster.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9e968d91-68a0-5ecd-af42-32ad52e2356a", "id": 78, "code": "ZGVGCN", "public_name": "Karen Bruner", "avatar": null, "biography": "Karen likes cats and not much else. She has a long history of smacking computers to get them to work. She misses getting paid to hack on FreeBSD.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/G7CXVB/", "id": 501, "guid": "dfffff01-b1a3-5ca8-aa66-843c543defa4", "date": "2022-10-23T11:50:00-04:00", "start": "11:50", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-501-api-server-inception-how-many-layers-down-can-a-virtual-cluster-go-", "title": "API Server Inception: How many layers down can a virtual cluster go?", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Working in a large team, multi-tenant organization can be hard. There can be sub-teams, sibling teams, different BUs, parallel efforts, clients, tenants and more that all need to both collaborate and be kept separate. In this complex type of environment RBAC, access rules, network policies, and api server load can be difficult to manage. Someone might have already suggested looking into virtual clusters. After looking into how virtual clusters provide isolation that namespaces do not, you may have even decided they are a good fit for your environment.\r\n\r\nNow that you have a virtual cluster running on a Kubernetes cluster that runs on a virtual machine that runs in a virtual data center where does it all end?\r\n\r\nIn this talk Mike will be using vcluster to layer virtual cluster on top of virtual cluster, diving deeper & deeper into the depths of inception. While api servers explode around us we'll find out how many api servers are dancing on the head of that pin.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "5d759cf6-33c0-560b-88f2-7a49d092ab57", "id": 536, "code": "FYAWMD", "public_name": "Mike Tougeron", "avatar": null, "biography": "For several years Mike has been building Kubernetes platforms and deployments. With a passion for automation and developer engagement, Mike works towards continuously improving development pipelines to take the complication out of managing services on large-scale infrastructure backed by both vm and containers across multi-cloud environments. Mike is a lazy programmer who would rather write thousands of lines of code for automation instead of running repetitive commands every day. When not coding or playing with his son you\u2019ll find Mike with his nose buried in a book or playing Civilization.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/W8S9WQ/", "id": 435, "guid": "89defe17-ded4-5dbe-bbd0-5499e5890b4c", "date": "2022-10-23T14:20:00-04:00", "start": "14:20", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-435-virtual-kubernetes-clusters-tips-and-tricks", "title": "Virtual Kubernetes Clusters: Tips and Tricks", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "A lot of interest in virtual Kubernetes clusters and the open source tool vcluster has developed over the last year. vcluster allows platform teams to provide virtual Kubernetes clusters to their users. A virtual cluster appears to be a full-blown Kubernetes cluster to the users, but it runs within a namespace of the host cluster. This allows users to have admin access to the cluster, use multiple namespaces in it, and manage global objects like CRDs.\r\n\r\nDuring the last year, many new features have been added to vcluster, and we\u2019ve seen it used for use cases that we hadn\u2019t even imagined. This talk will provide tips and tricks to help teams get more from their virtual clusters and show off some fun things you can do with them.\r\n\r\nWe\u2019ll cover: How to share resources like ingresses from the host cluster, using vcluster\u2019s isolated mode to automatically add network policies and Pod Security Standards to your virtual clusters, pausing and resuming virtual clusters, monitoring and backing up virtual clusters, and writing plugins with the vcluster SDK. We\u2019ll also cover some weirder examples like using vcluster for shadow IT (users don\u2019t need to have elevated privileges in the host cluster to start a virtual cluster) and running a virtual cluster inside a virtual cluster.", "description": "Multi-tenancy in Kubernetes is hard. Teams generally default to either namespace isolation or provisioning tons of clusters, and neither of those solutions is very satisfactory. Virtual Kubernetes clusters allow teams to share clusters while giving users the access they need.\r\n\r\nSince we open sourced vcluster in April of 2021, we've seen a lot of users embrace the tool and find interesting uses for it. It's very easy to get started with virtual clusters but there's a lot more to do to make them very useful. I'd like to give some tips on using virtual clusters to the community while also throwing out some of the fun and weird ideas we've heard from the community.\r\n\r\nNote: vcluster isn't currently a CNCF project but it is a CNCF certified Kuberenetes distribution.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "6eaa36ca-3acb-5c95-8367-8e3840e6816d", "id": 492, "code": "LFAPTU", "public_name": "Rich Burroughs", "avatar": null, "biography": "Rich Burroughs is a Staff Developer Advocate at Loft Labs where he's focused on improving the happiness of teams using Kubernetes. He's the creator and host of the Kube Cuddle podcast where he interviews members of the Kubernetes community. Rich was one of the founding organizers of DevOpsDays Portland, and he's helped organize other community events. Rich also has a strong interest in how working in tech impacts mental health. He has ADHD and has documented his journey on Twitter since being diagnosed.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/Z7GUGX/", "id": 453, "guid": "02ea4179-91b7-5962-bffd-9e82dc07548e", "date": "2022-10-23T15:00:00-04:00", "start": "15:00", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-453-building-the-best-internal-developers-portal-with-backstage", "title": "Building the best internal developers' portal with Backstage", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Where do you find internal documentation about a legacy microservice? How can I make an API call to the new service deployed by other team? How is the status of my service in the production kubernetes cluster? The frontend team finds the backend service is down on Friday\u2019s evening, how can they trigger a PagerDuty?\r\n\r\nAll these questions can be answered with a unique tool, Backstage.\r\n\r\nIt\u2019s possible to integrate Backstage in any platform or company, increase productivity and start the journey with developer experience. With some documentation already in place and starting from scratch, it's very easy to install Backstage and integrate the minimum capabilities to make the life easier to any company member, starting with developers' life.", "description": "Documentation is part of the natural flow in development and engineering. Following best practices to make the documentation of any project as code, stored somewhere in a repository, should be part of the flow.\r\n\r\nHaving documentation as code made things easier to migrate from one tool to another. Here comes Backstage, as part of the sandbox projects in CNCF. Backstage allows stakeholders to find documentation of any kind and research throw APIs and services with really useful plugins like ArgoCD, Jira, GitHub, Jenkins, PagerDuty, etc.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "e7909089-78bd-57aa-8d82-8c80737ee0b8", "id": 501, "code": "APS8YL", "public_name": "Guille Vigil", "avatar": "https://cfp.cloud-native.rejekts.io/media/photo.png", "biography": "Guille is a Platform Engineer currently working at empathy.co. He is focusing his professional path in cloud, infrastructure as code, Kubernetes, DevEx and DevOps methodologies. Guille is constantly learning new technologies and trying to be up to date with latest news in the industry.\r\nAlso Guille is certified in Kubernetes with KCNA, CKA and CKAD; in Terraform and in AWS with Practitioner, Solutions Architect Associate, SysOps Administrator Associate and Developer Associate.\r\nHe enjoys his personal life drinking beers with friends, playing football and listening electro music.", "answers": []}, {"guid": "80058eb5-31ee-5cfe-9643-74e97abbfbb9", "id": 547, "code": "VYBZVY", "public_name": "Javier Par\u00eds", "avatar": "https://cfp.cloud-native.rejekts.io/media/javier_paris.png", "biography": "Javi is a platform Engineer currently working at empathy.co. His daily routine involves managing the company\u2019s internal infrastructure, which is deployed in the AWS cloud. He is also a big fan of open source software and open standards. When he is not working, he likes going out with his friends for a beer or two, and is passionate about the car world.", "answers": []}, {"guid": "ccff0bb1-c9d3-5bc2-8bb2-389023966f24", "id": 548, "code": "HTVVQG", "public_name": "Lukas G\u00f3mez", "avatar": "https://cfp.cloud-native.rejekts.io/media/lukas_gomez.png", "biography": "Platform engineer at empathy.co with experience in technologies and tools such as Kubernetes, IaC, CI/CD pipelines, AWS among others. Interested in the world of DevOps and learning about new tools day by day. Passionate about motorcycles and when the weather doesn\u2019t make him stay at home, he loves to go out to ride.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/EQVJEG/", "id": 482, "guid": "cdddd0a6-cd8f-5f16-8d9d-7bab3e1f3e32", "date": "2022-10-23T15:40:00-04:00", "start": "15:40", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-482-using-kubernetes-and-crossplane-together-to-help-developers-code-cloud-native-applications", "title": "Using Kubernetes and Crossplane Together To Help Developers Code Cloud Native Applications", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "This talk would cover why there is a need to give developers access to Kubernetes based development environments and Crossplane during development: so they can code and test their changes in an environment as close to production as possible.\r\n\r\nThe talk will highlight the challenges developers face due to a lack of simple infrastructure provisioning workflow how Kubernetes and Crossplane come together to solve that. We will then go over how a simple yet powerful dev workflow can be set up using Crossplane and Kubernetes-based development environments. \r\n\r\nThe talk would cover:\r\n- What Kubernetes based development environments are, and how Crossplane provisions infrastructure\r\n- Why developers need the combination of the two for being effective when writing cloud-native applications\r\n- Demo of setting up a dev workflow using them", "description": "All developers building cloud-native applications can benefit from being able to replicate the complex production environment during development. This talk would benefit the ecosystem by showing how Kubernetes based development environments combined with Crossplane have the ability to empower developers to do exactly this.\r\n\r\nAttendees will learn about Kubernetes based development environments and how they make developing cloud-native applications much more simple than traditional ways of development. They will also walk away with a better understanding of how Crossplane works and why it is an effective tool for developers to provision all the production infrastructure during development.\r\n\r\nThis talk aims to solve the problem most developers face these days - not being able to easily replicate their production setup during development. The talk will benefit all cloud-native application developers by showing them how to set up a development workflow using Crossplane, which allows provisioning all the production infrastructure very conveniently during development, and Kubernetes based Remote Development Environments.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "59147b0b-ed37-52ad-9282-d6a93af418e1", "id": 212, "code": "WF7LSW", "public_name": "Ramiro Berrelleza", "avatar": null, "biography": "Ramiro Berrelleza is one of the founders of Okteto. He has spent most of his career (and his free time) building cloud services and developer tools. Before starting Okteto, Ramiro was an Architect at Atlassian and a Software Engineer at Microsoft Azure. Originally from Mexico, he currently lives in the Bay Area.", "answers": []}, {"guid": "53f4a962-f752-55a7-9f72-25b2add97ef2", "id": 531, "code": "XXSQET", "public_name": "Viktor Farcic", "avatar": "https://cfp.cloud-native.rejekts.io/media/avatars/screenshot-04_JxPNv9S.jpg", "biography": "Viktor Farcic is a Developer Advocate at Upbound, a member of the Google Developer Experts, CDF Ambassadors, and Docker Captains groups, and a published author.\r\n\r\nHe is a host of the YouTube channel DevOps Toolkit and a co-host of DevOps Paradox.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/LXNWGF/", "id": 434, "guid": "d55dcf15-3af5-5452-bd1e-e9b562aef329", "date": "2022-10-23T16:20:00-04:00", "start": "16:20", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-434-open-policy-agent-can-do-that-the-many-use-cases-of-opa", "title": "Open Policy Agent Can Do THAT?! The Many Use Cases of OPA", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "That\u2019s right! The Open Policy Agent has other skills than just securing your clusters. The general-purpose design of the Open Policy Agent has enabled many tools, such as Gatekeeper, to adopt it for their own policy decision needs. This is powerful because it provides end-users with a consistent approach to policy enforcement throughout the cloud native ecosystem.\r\n\r\nThis talk will look at several different tools and techniques that leverage OPA's policy engine and how they can benefit the development, deployment, and security of your applications. \r\n\r\nWe'll explore:\r\n- How Regula can evaluate your infrastructure for compliance violations before ever reaching the cloud.\r\n- How Conftest can enforce cluster policies in local environments and CI without the need for a cluster. \r\n- How Gatekeeper can provide cluster audits and prevent insecure workloads from being deployed.\r\n- How Konstraint can automatically generate documentation, constraints, and templates for your policies.\r\n- ... and more!\r\n\r\nBy the end of this talk, the audience will have more tools available to them in their toolkit and gain a different perspective on how the Open Policy Agent is used today to make better decisions for tomorrow.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "2740ba2d-fe4f-57ee-8951-a186ce51799f", "id": 491, "code": "YHTUNS", "public_name": "John Reese", "avatar": "https://cfp.cloud-native.rejekts.io/media/cefe-200o200o2-d4-e92e-4115-8ae4-6ca38d7fb20e.a8c8a7f0-ee3f-4997-96bf-11b0b7ef1927.jpg", "biography": "John Reese is a Software Engineer at Yubico helping build their services platform by leveraging technologies such as Kubernetes, Istio, and Go. Before diving into the world of gophers and service meshes, he primarily worked on ASP.NET applications using C#. He is an active open source contributor, and tries to find any excuse he can to open a pull request. In his free time, he enjoys playing hockey and video games, both of which he takes way too seriously.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.cloud-native.rejekts.io/cloud-native-rejekts-na-detroit-2022/talk/77UXCT/", "id": 497, "guid": "549e60bd-1ef6-523b-b706-9415d19bfca3", "date": "2022-10-23T17:00:00-04:00", "start": "17:00", "logo": null, "duration": "00:30", "room": "Side Room", "slug": "cloud-native-rejekts-na-detroit-2022-497-think-certification-management-is-hard-enable-https-access-in-minutes-with-cert-manager", "title": "Think Certification Management Is Hard? Enable HTTPS Access in Minutes with Cert Manager", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "You\u2019re deploying a project with a Kubernetes service that can be accessed using port-forward or an external IP, by using the load balancer service type. But when it\u2019s time to deploy the project into production, the documentation doesn\u2019t explain how to set up TLS. Now what? \r\n\r\nCert-manager to the rescue! Cert-manager makes it easy to generate a TLS certificate, which can be used to enable HTTPS (secure HTTP) access to an application. During this presentation and live demo, Onkar will show attendees how to:\r\n\r\nInstall cert-manager \r\nDeploy a certificate issuer using \u201cLet's Encrypt\u201d and a DNS-01 resolver\r\nProvision a TLS certificate using cert-manager and the certificate issuer \r\nCreate DNS records to map a domain name to the application's external IP addresses\r\nDeploy an application with the TLS certificate and demo how to access the application using HTTPS on a browser\r\n\r\nThe audience will walk away with a concrete set of steps for deploying their application with TLS, so it can be accessed using HTTPS.", "description": "We deploy Kubernetes clusters in our CI/CD pipeline on a daily basis. In order to build a cloud native product that\u2019s ready for production environments, the applications we deploy within the clusters must have TLS enabled, so that the product can be tested against them. Generating and renewing certificates typically occurs occasionally, so very few people in an organization possess the necessary expertise. Sometimes a certificate expires right before a product release, and the certificate management/renewal process must be quickly re-learned to unblock the pipeline. Understanding how to use cert-manager will benefit anyone in the Kubernetes community who may face such a challenge. \r\n\r\nAlthough cert-manager has been covered in a previous KubeCon presentation, no demos were presented. During this presentation, Onkar will provide an end-to-end demo for a specific use, and take the discussion further by covering the DNS-01 resolver and the creation of DNS records.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "c799b95b-fbfa-53fb-910c-b7bb3053627e", "id": 533, "code": "XKRZMW", "public_name": "Onkar Bhat", "avatar": "https://cfp.cloud-native.rejekts.io/media/onkar_profile.jpeg", "biography": "Onkar Bhat is an Engineering Manager at Kasten by Veeam. His focus has been in the areas of Authentication, Role-based Access Control (RBAC), APIs, monitoring and multi-cluster management for the purpose of cloud native data protection. He has previously worked in the areas of data protection, networking and security at Big Switch Networks, NetApp and Cisco Systems. Onkar received his MS in Information Networking from Carnegie Mellon University.", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}