Can’t-Miss KubeCon EU Sessions
Next week, we’ll be in Amsterdam for KubeCon EU at Booth #SU8 (in the Lily Zone near the Mercedes Benz Picnic Lounge).
The sessions at KubeCon cover a wide range of topics, from beginner-level introductions to advanced technical discussions. With so many options to choose from, it can be challenging to decide which sessions to attend. However, there are always a few talks that we simply can't miss.
Many organizations that consider themselves "cloud native" tend to treat CI infrastructure as an afterthought. The providers available often use outdated infrastructure, which can create bottlenecks when teams need to gradually build, test, and release.
Claudia Beresford does amazing things with Bare Metal, and is one of my favorite writers on GoLang. This talk is sure to be great.
Managing the life cycle of a Kubernetes cluster can be difficult, particularly when you have to deal with thousands of clusters on your clouds. The Cluster API can aid in solving this problem by transferring the responsibility to "management clusters" that are in charge of managing their child workload clusters. Nevertheless, this approach has its own drawbacks.
Great quote from the talk description:
Can we get away with this overhead of "Management clusters" but still leverage all the richness of Cluster API? Yes, that is possible by transforming workload clusters into "Self Managing" clusters.
Sahithi Ayloo is the technical lead for Kubernetes-as-a-Service platform for a multi-tenant cloud provider platform at VMware, and I’m excited to see what she has to share on this topic.
A few years back, there was a major hack of Codecov, a widely-used service in build pipelines. This caught the attention of the industry, and in response, a new solution was developed using Tracee, an open-source runtime security solution. This new solution introduced the concept of profiling with eBPF and verifying software builds, providing greater protection for build pipelines.
This talk is of particular interest to us at Signadot since the use of eBPF to verify builds kind of reminds me of our using OpenTelemetry to perform smart routing of packets for test: it’s using an existing robust system to achieve big improvements to the test/deploy process.
Jose Donizetti is a veteran of the intense Redis engineering at Shopify, and this is sure to be a treat to see.
Larisa and Ionut have spent a big part of 2022 investing in GitOps, learning how to model a deployment system which encompasses stringent organizational CI/CD standards.
As we talk about real operational excellence for releasing code more effectively, and managing infrastructure changes at scale, it’s useful to take a look at how some of the biggest operations around do it.
See some previous writing by this team here, on Advanced Deployment Patterns With Argo.
OpenTelemetry can produce truly insightful system observability data. But if you don’t manage the flow of information, you’re just adding straw to the haystack.
How to support efficient correlation query and real-time analysis in massive high-cardinality telemetry data and reduce the cost of telemetry data storage and computing is a challenge for the Huawei Cloud team, who will here offer some of the ways they managed all the data that OpenTelemetry can produce.
Xiaochun Yang of Northeastern University is one of most-respected voices on data management, this talk is sure to offer some major insights.
What Could Go Wrong with a GraphQL Query and Can OpenTelemetry Help? - Sonja Chevre & Ahmet Soormally, Tyk Technologies
Numerous developers are now turning to GraphQL, a query language and server-side runtime, to create a monolithic facade over their intricate microservice architecture. However, using GraphQL also poses new challenges when it comes to isolating failures and troubleshooting performance issues.
Can OpenTelemetry help? How good is OpenTelemetry support for GraphQL right now? What needs to be improved?
While this use case for OpenTelemetry is more conventional than Signadot’s use of OpeneTelemetry baggage for smart routing, there is a connection: this points to a major frustration of modern development on microservices, since when first developing locally, you won’t find problems like the one described above.
That’s almost definitional: normally when developing locally, you’d be using a mock for GraphQL, so you can’t find any unexpected interactions with the service. What Signadot offers is a way to shift your testing so far left that even your first test environment can interact with a shared staging GraphQL service.
Now THIS is an interesting idea: can you get more secure than straightforward containerization?
Kata-CC is an extension of Kata Containers that makes use of Trusted Execution Environment features present in modern CPUs to enhance security in a multi-tenant environment by combining workload attestation and memory encryption. An issue hindering wider adoption of this technology for some time has been hardware availability.
I’ve never tried to control multi-tenancy to this degree, but it’s important to know where the bleeding edge is for container security
See you all at Kubecon!
The theme of this Kubecon is very much that DevOps partnerships are achieving greater developer velocity and reliability despite environments of increasing complexity. We can’t wait to see you there.
Don’t forget to stop by Booth #SU8! We’d love to chat and hear about how you’re working with Kubernetes. We’ll also be giving away cool swag and raffling off prizes.
Join our 1000+ subscribers for the latest updates from Signadot