Loading…
October 12, 2021
Los Angeles, California + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 - Los Angeles, CA + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.


IMPORTANT NOTE: Timing of sessions and room locations are subject to change through Monday, September 13 due to schedule changes that will be made as speakers finalize whether speaking in person or virtually.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Tuesday, October 12
 

9:00am PDT

Opening Remarks, Marco Palladino ServiceMeshCon Program Committee Member
TBA

Speakers
avatar for Marco Palladino

Marco Palladino

CTO and Co-Founder of Kong, Kong
Marco Palladino is an inventor, software developer and entrepreneur. He is currently the CTO and co-founder of Kong, the leading cloud connectivity company that created widely adopted open source projects such as Kong Gateway, Kuma and Insomnia. Before Kong, Marco co-founded Mashape... Read More →


Tuesday October 12, 2021 9:00am - 9:10am PDT
Room 511 ABC + Online

9:10am PDT

Keynote: Super-Charge Your Mesh Services With Enhanced Data Access- Idit Levine, Founder & CEO, Solo.io
It is clear that service mesh is ‘crossing the chasm’ as more and more organizations not only deploy service mesh into production, but deploy it in large scale, mission critical environments. Development and operations teams value the common security model, fine grained traffic management and end-to-end observability provided by the mesh. Organizations are also realizing that the services and APIs that run within the mesh can expose valuable data and functionality, but application developers still need to write a lot of code to harness this information, limiting the adoption and ultimate benefit these services can provide.

In her talk, Idit Levine, CEO of Solo.io, will discuss innovative use cases that can be enabled by extending a service mesh. She will explore how a mesh can be used to simplify complex data and information access to support a wide variety of clients with minimal code to unlock hidden insights of an organization.

Speakers
avatar for Idit Levine

Idit Levine

CEO, Solo.io
Solo.io founder Idit Levine is the founder and CEO of Solo.io, a company that develops tools to help enterprises adopt and extend innovative cloud technologies alongside modernizing their existing IT investments. The Solo.io portfolio of open source and commercial products includes... Read More →


Tuesday October 12, 2021 9:10am - 9:20am PDT
Room 511 ABC + Online

9:20am PDT

Keynote: Deploying an Envoy-Based Service Mesh in Minutes Across Kubernetes and VMs- Marco Palladino, Co-Founder & CTO, Kong
Deploying a service mesh has traditionally been a complex task, and distributed environments across multiple clusters and clouds can make things even more challenging. But, it doesn’t have to be that way!
In this session, we are going to fire up the terminal and install CNCF’s Kuma across multiple Kubernetes clusters and virtual machines. In just 10 minutes, we will be up and running with a modern Envoy-based service mesh to power both modern and legacy applications for our teams.

Speakers
avatar for Marco Palladino

Marco Palladino

CTO and Co-Founder of Kong, Kong
Marco Palladino is an inventor, software developer and entrepreneur. He is currently the CTO and co-founder of Kong, the leading cloud connectivity company that created widely adopted open source projects such as Kong Gateway, Kuma and Insomnia. Before Kong, Marco co-founded Mashape... Read More →



Tuesday October 12, 2021 9:20am - 9:30am PDT
Room 511 ABC + Online

9:30am PDT

Super Charge Your Service Mesh With eBPF- Alex Ly & Idit Levine, Solo.io
The Linux kernel is an ideal place to implement observation, networking, and security, and improvements in the eBPF space are making it more practical to leverage the Linux kernel for these use-cases. Given that both eBPF and service mesh essentially allows users to program policies to connect, secure, and observe; you may be wondering how service mesh and eBPF intersect? This talk will explore different approaches to supercharge your service mesh with eBPF to make service mesh more secure and efficient.

Speakers
avatar for Alex Ly

Alex Ly

Field Engineer, Solo.io
Alex Ly - Field Engineer @ solo.io Alex is a Field Engineer at solo.io based out of San Francisco, CA. His prior work experiences include similar roles at Oracle, Mesosphere, and Red Hat; mainly focused in the containers and Kubernetes communities. Alex is passionate about helping... Read More →
avatar for Idit Levine

Idit Levine

CEO, Solo.io
Solo.io founder Idit Levine is the founder and CEO of Solo.io, a company that develops tools to help enterprises adopt and extend innovative cloud technologies alongside modernizing their existing IT investments. The Solo.io portfolio of open source and commercial products includes... Read More →


Tuesday October 12, 2021 9:30am - 10:00am PDT
Room 515 AB + Online

9:30am PDT

Get Started With Istio Service Mesh Workshop- Lin Sun, Solo.io (Part 1)
You will be given a quick fly-over of what challenges service mesh solves, service mesh architecture, and various service mesh projects in the ecosystem. Then we will dive into the Istio service mesh project including how it works and the best practice to adopt the Istio service mesh through hands-on labs.

We will cover the following topics in this workshop:
  • Install Istio 
  • Secure services with Istio Ingress Gateway 
  • Add services to the mesh 
  • Secure inter-service communication with Istio 
  • Control traffic

Speakers
avatar for Lin Sun

Lin Sun

Director of Open Source, Solo.io
Lin is the Director of Open-Source at Solo.io. She has worked on service mesh since 2017 and serves on the Istio Technical Oversight Committee. Previously, she was a Senior Technical Staff Member and Master Inventor at IBM for 15+ years. She is the author of the book "Istio Explained... Read More →



Tuesday October 12, 2021 9:30am - 10:00am PDT
Room 511 ABC + Online

10:00am PDT

Track 2 Workshops: Coffee Break
Tuesday October 12, 2021 10:00am - 10:25am PDT
Los Angeles Convention Center + Online 1201 S Figueroa St, Los Angeles, CA 90015

10:05am PDT

Track 1 Sessions: Coffee Break
Tuesday October 12, 2021 10:05am - 10:20am PDT
Los Angeles Convention Center + Online 1201 S Figueroa St, Los Angeles, CA 90015

10:20am PDT

Service Mesh Patterns by the Book- Lee Calcote, Layer5 & Nic Jackson, HashiCorp
Infrastructure diversity is a reality for many organizations. It’s predicted that by 2022, 90% of all apps will feature microservices architectures. A huge range of microservice patterns drives a world of multiple service meshes. As various service meshes have proliferated infrastructures, service mesh patterns and abstractions have emerged. We will break down 60 service mesh patterns into different categories of use, demonstrating and examining a select few using Meshery for deeper review of their problems they solve, discussing caveats, and highlighting anti-patterns. The patterns discussed are being published in Service Mesh Patterns (O’Reilly) by Lee Calcote and Nic Jackson.

Speakers
avatar for Lee Calcote

Lee Calcote

Founder and CEO, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder and CEO of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus... Read More →
avatar for Nic Jackson

Nic Jackson

Developer Advocate, HashiCorp
Nic Jackson is a developer advocate at HashiCorp, and the author of “Building Microservices in Go”, a book which examines the best patterns and practices for building microservices with the Go,



Tuesday October 12, 2021 10:20am - 10:50am PDT
Room 515 AB + Online

10:25am PDT

Get Started With Istio Service Mesh Workshop (Part 2)
You will be given a quick fly-over of what challenges service mesh solves, service mesh architecture, and various service mesh projects in the ecosystem. Then we will dive into the Istio service mesh project including how it works and the best practice to adopt the Istio service mesh through hands-on labs.

We will cover the following topics in this workshop:
  • Install Istio 
  • Secure services with Istio Ingress Gateway 
  • Add services to the mesh 
  • Secure inter-service communication with Istio 
  • Control traffic

Speakers
avatar for Lin Sun

Lin Sun

Director of Open Source, Solo.io
Lin is the Director of Open-Source at Solo.io. She has worked on service mesh since 2017 and serves on the Istio Technical Oversight Committee. Previously, she was a Senior Technical Staff Member and Master Inventor at IBM for 15+ years. She is the author of the book "Istio Explained... Read More →


Tuesday October 12, 2021 10:25am - 11:10am PDT
Room 511 ABC + Online

10:50am PDT

Service Mesh: A Hole in the Pocket?- Venil Noronha & John Murray, Stripe
Service meshes provides a wide range of capabilities including flexible configuration, high fidelity observability, and is transparent to user applications. However, this power, despite it's (often) open-source nature, does not come cheap. In the age of public cloud, vendors typically charge users on several axes of usage. When using a feature like traffic shaping, if not careful, cross-availability-zone traffic can quickly increase spend. High fidelity metrics are useful to operators, but default service mesh configurations can easily overwhelm systems, and users too. Suboptimal defaults coupled with user-local dashboards leads to high cardinality metrics further increasing costs of metrics storage solutions. Yet another area of spend is access logging. While being extremely important to diagnose runtime issues, access logs can quickly become a $$$ drain. The default policy of logging each request is not the best configuration for most users, and organizations need to craft these policies based on their unique environments. In this talk, we will talk about costs we've encountered when using a service mesh at scale at Stripe. We will also discuss some strategies we have in place for reducing spend, and other techniques to improve the overall experience with service meshes.

Speakers
avatar for Venil Noronha

Venil Noronha

Software Engineer, Stripe
Venil Noronha is an engineer with the Service Networking team at Stripe. He contributes upstream to open source projects in the service mesh domain, like Istio and Envoy proxy. In the past, he has contributed to several open source projects including Kubernetes, Spring, and Golan... Read More →
avatar for John Murray

John Murray

Software Engineer, Stripe
John is an infrastructure Engineer working on the Service Networking team at Stripe. He is an occasional contributor to Envoy proxy and has spent most of his career working with web-services.



Tuesday October 12, 2021 10:50am - 11:20am PDT
Room 515 AB + Online

11:10am PDT

Deploy Istio for Production Workshop- Ramratan Vennam, Solo.io (Part 1)
In this workshop, we dive into Istio foundations with a focus on rolling it out to your organization. Istio is powerful, but learning how to deploy it, configure it, debug it, and secure it has many challenges. Some of the topics that we will cover in this workshop include:
  • Installing production ready Istio
  • Establish security and configuration boundaries
  • Expanding the mesh to your organization
  • Connecting to observability systems
  • Debugging tools when things aren't working as expected
The instructor is a Field Engineer and an Istio veteran who helps companies learn, deploy, run and debug Istio on a daily basis. Over the last 3 years, he has gained beneficial knowledge and several best practices that will be shared in this hands-on workshop.

Speakers
avatar for Ram Vennam

Ram Vennam

Field Engineer, Solo.io
Ram Vennam is a Field Engineer at Solo.io where he helps companies design and build highly scalable, resilient, and distributed systems with the latest cloud native technology. Previously, he was at IBM where he was a Technical Product Manager and Developer Advocate for all things... Read More →



Tuesday October 12, 2021 11:10am - 11:55am PDT
Room 511 ABC + Online

11:20am PDT

Single Mesh vs Multi Mesh- Tradeoffs for Enterprise Multi-Tenant Support- Ding Shaojun (Iris Ding) & Zhang Huailong (Steve Zhang), Intel
Service mesh is an infrastructure layer for micro services. It provides functions like: service discovery, traffic routing/shifting, security, observability etc. Multi-tenant is very common in kubernetes clusters. So how to better utilize service mesh capabilities while providing enterprise multi-tenant support in kubernetes clusters? In this talk we will walk you through below items and show you some tradeoffs for different service mesh options. 1. What challenges does multi-tenant bring to Service Mesh? 2. What service mesh options are applicable for multi-tenant support? 3. What does single mesh and multi mesh mean for multi-tenant and what are their Cons & Pros? 4. Performance comparison for different service mesh topology on multi-tenant clusters.

Speakers
avatar for Ding Shaojun (Iris Ding)

Ding Shaojun (Iris Ding)

Cloud software engineer, Intel
Iris Ding works in Intel's IAGS team now and has a rich background in Open source development, cloud computing, middle ware development and design. Her current focus is research in cloud native area such as kubernetes and service mesh. Iris Ding held a speaking engagement in KubeCon... Read More →
avatar for Huailong Zhang

Huailong Zhang

Cloud software engineer, Intel
Huailong(Steve) has rich development experience on cloud computing, such as participated in the research and development of PaaS platform for Operation and Maintenance Department of Baidu, developed PaaS monitoring solution for IBM's public cloud via open source and enterprised projects... Read More →



Tuesday October 12, 2021 11:20am - 11:50am PDT
Room 515 AB + Online

11:55am PDT

Lunch Break
Tuesday October 12, 2021 11:55am - 1:10pm PDT
Los Angeles Convention Center + Online 1201 S Figueroa St, Los Angeles, CA 90015

1:05pm PDT

Replatforming a $4B Retailer Onto Kubernetes and Linkerd- Fredrik Klingenberg, Aurum AS
To increase the pace of feature iteration and reduce costs, Elkjøp, the largest electronics retailer in the Nordics, migrated their application from Azure App Service to Kubernetes and Linkerd. In this talk, Fredrik describes how they built the new platform while rapidly onboarding themselves and their developers onto both Kubernetes and service mesh expertise, and how they addressed the concerns of their developer managers, who were happy with the status quo and uneasy about the proposed change.

Speakers
avatar for Fredrik Klingenberg

Fredrik Klingenberg

Developer, Aurum AS
Fredrik Klingenberg, principal software engineer at Aurum AS, has over 10years of experience developing enterprise applications for both the public and private sectors in Norway. In the last years, he has been focusing on helping large enterprises in Norway migrate their applications... Read More →



Tuesday October 12, 2021 1:05pm - 1:35pm PDT
Room 515 AB + Online

1:10pm PDT

Deploy Istio for Production Workshop (Part 2)
In this workshop, we dive into Istio foundations with a focus on rolling it out to your organization. Istio is powerful, but learning how to deploy it, configure it, debug it, and secure it has many challenges. Some of the topics that we will cover in this workshop include:
  • Installing production ready Istio
  • Establish security and configuration boundaries
  • Expanding the mesh to your organization
  • Connecting to observability systems
  • Debugging tools when things aren't working as expected
The instructor is a Field Engineer and an Istio veteran who helps companies learn, deploy, run and debug Istio on a daily basis. Over the last 3 years, he has gained beneficial knowledge and several best practices that will be shared in this hands-on workshop.

Speakers
avatar for Ram Vennam

Ram Vennam

Field Engineer, Solo.io
Ram Vennam is a Field Engineer at Solo.io where he helps companies design and build highly scalable, resilient, and distributed systems with the latest cloud native technology. Previously, he was at IBM where he was a Technical Product Manager and Developer Advocate for all things... Read More →



Tuesday October 12, 2021 1:10pm - 1:40pm PDT
Room 511 ABC + Online

1:35pm PDT

Designing a Service Mesh for Global Scale At SAP- Fei Yao, SAP
SAP has embarked on a journey to design and implement multi-cluster “Service Mesh as a Service” for its BTP platform.They did not stop there though, they aim to connect these meshes together in a “mesh of meshes” architecture. Fei Yao, Chief Architect at SAP will talk about the challenges and design patterns (with help from Nick Nellis at Solo.io) that are helping enable SAP to connect and manage service meshes for 40,000 engineers and over 10,000 clusters.

Speakers
avatar for Fei Yao

Fei Yao

Chief Architect, SAP
Fei Yao is the Chief Architect at SAP, who has been working on cloud, cloud-native technologies for past 10 years. He enjoys mentoring, and leading teams for building modern distributed cloud native applications at large scale. Beside that he cannot live without spicy food.


Tuesday October 12, 2021 1:35pm - 2:05pm PDT
Room 515 AB + Online

1:40pm PDT

Governing the Cloud Native Event Bus: Applying ServiceMesh to Knative Eventing Workshop - Michael Costello, Red Hat (Part 1)
In the cloud we expect our resources to be able to come and go and react to the environment around them in a way that meets our business needs. While we take on event streaming and serverless architectures to accomplish this need in the cloud, our new architectural constructs can be unwieldy and grow past our traditional attempts to apply authorization, authentication, rate limitation, policy, and other traditional enterprise requirements around our service interactions. In this workshop, we discuss the implications of event streaming and serverless architectures, and how we might re-inject governance models, mutual authentication, all the wonderful guardrails as well as observability a Service Mesh gives us (in our case, Istio) to cloud native event streaming serverless models (in our case, Knative Eventing with Apache Kafka). At the end of this presentation, participants should be able to assert viable architectural patterns to governing these service interactions and will be exposed to the technology behind an implementation of these approaches (via a demo!).

Speakers
avatar for Michael Costello

Michael Costello

Senior Architect, Red Hat
Mike has spent the last 2 decades in the enterprise integration space. Beginning with his love for J2EE, emerged a love for Service Oriented Architecture and as the years carried on his romance with MicroServices and cloud native distributed integration platforms began to really flourish... Read More →


Tuesday October 12, 2021 1:40pm - 2:40pm PDT
Room 511 ABC + Online

2:05pm PDT

Track 1 Sessions: Coffee Break
Tuesday October 12, 2021 2:05pm - 2:20pm PDT
Los Angeles Convention Center + Online 1201 S Figueroa St, Los Angeles, CA 90015

2:20pm PDT

Test in Prod With Canary Everything- Ayush Ghosh & Sergey Sergeev, Cisco Systems Inc
Building and managing data-intensive microservices applications have their challenges. Cellular architecture, Service Mesh & Gitops together help create an independently deployable, manageable, and observable solution. We moved from running multiple expensive non-prod inconsistent environments to testing in production. Istio along with a custom envoy filter let you run account-based canary in production.

Speakers
avatar for Ayush Ghosh

Ayush Ghosh

Engineering Lead, Cisco Systems Inc
A Tech Lead with 10+ years of experience in building and running large data-intensive applications. Have deep expertise in breaking and securing applications.
avatar for Sergey Sergeev

Sergey Sergeev

Engineering Architect, AppD (part of Cisco)
Experienced Software Engineer and Software Architect having 20+ years of experience. Generalist. Good at design and implementation of high performance complex distributed scalable fault-tolerant computer systems.



Tuesday October 12, 2021 2:20pm - 2:30pm PDT
Room 515 AB + Online

2:30pm PDT

Service Mesh War Stories - Lessons Learned the Hard Way- Moderated by Mitch Connors, Google; Iryna Shustava, HashiCorp; Phillip Gibson, Microsoft & William Morgan, Buoyant
Failure is an excellent teacher, and the best failure to learn from is someone else's. This panel will take you behind the scenes in some of the biggest service mesh products around through the eyes of the engineers that build them. Hear from service mesh insiders about the greatest ideas that didn't work. Learn how to avoid adoption pitfalls that often end in disappointment. Get an inside look at how a service mesh product is made, and how service mesh maintainers run their own service mesh. Take away patterns and practices for successfully navigation your service mesh journey, regardless of the implementation you choose.

Speakers
avatar for Phillip Gibson

Phillip Gibson

Microsoft
Phillip Gibson is a passionate technologist that champions the use of cloud native technologies, services, and open-source software. With a career that spans a diverse set of IT roles at Microsoft and Docker, Phillip knows how effective driving incremental technology changes can add... Read More →
avatar for Mitch Connors

Mitch Connors

Software Engineer, Google
Mitch Connors is a Software Engineer at Google where he works as the User Experience Co-Lead for Istio. Over the past 15 years, Mitch has worked at F5 Networks, Amazon, an Industrial IoT startup, and State Farm Insurance, giving him a broad perspective on the needs of Enterprise Software... Read More →
avatar for Iryna Shustava

Iryna Shustava

HashiCorp
Iryna is a Senior Software Engineer working on the Consul Service Mesh at HashiCorp for the past two years. She is passionate about container technologies, security, and making products that are beautiful and intuitive to users. In the past, Iryna has worked as an SRE for Salesforce... Read More →
avatar for William Morgan

William Morgan

CEO, Buoyant
William Morgan is the CEO of Buoyant. Prior to founding Buoyant, he was an infrastructure engineer at Twitter, where he ran several teams building on product-facing backend infrastructure. He has worked at Powerset, Microsoft, adap.tv, and MITRE Corp, and has been contributing to... Read More →


Tuesday October 12, 2021 2:30pm - 3:10pm PDT
Room 515 AB + Online

2:40pm PDT

Track 2 Workshops: Coffee Break
Tuesday October 12, 2021 2:40pm - 3:05pm PDT
Los Angeles Convention Center + Online 1201 S Figueroa St, Los Angeles, CA 90015

3:05pm PDT

Governing the Cloud Native Event Bus: Applying ServiceMesh to Knative Eventing Workshop (Part 2)
In the cloud we expect our resources to be able to come and go and react to the environment around them in a way that meets our business needs. While we take on event streaming and serverless architectures to accomplish this need in the cloud, our new architectural constructs can be unwieldy and grow past our traditional attempts to apply authorization, authentication, rate limitation, policy, and other traditional enterprise requirements around our service interactions. In this workshop, we discuss the implications of event streaming and serverless architectures, and how we might re-inject governance models, mutual authentication, all the wonderful guardrails as well as observability a Service Mesh gives us (in our case, Istio) to cloud native event streaming serverless models (in our case, Knative Eventing with Apache Kafka). At the end of this presentation, participants should be able to assert viable architectural patterns to governing these service interactions and will be exposed to the technology behind an implementation of these approaches (via a demo!).

Speakers
avatar for Michael Costello

Michael Costello

Senior Architect, Red Hat
Mike has spent the last 2 decades in the enterprise integration space. Beginning with his love for J2EE, emerged a love for Service Oriented Architecture and as the years carried on his romance with MicroServices and cloud native distributed integration platforms began to really flourish... Read More →


Tuesday October 12, 2021 3:05pm - 3:30pm PDT
Room 511 ABC + Online

3:10pm PDT

Track 1 Sessions: Coffee Break
Tuesday October 12, 2021 3:10pm - 3:25pm PDT
Los Angeles Convention Center + Online 1201 S Figueroa St, Los Angeles, CA 90015

3:25pm PDT

Planning the Zero-Downtime Lifecycle of Your Service Mesh- Christian Posta, Solo.io
A service mesh is a critical piece of application infrastructure that lives on the request path between your services. Once you get past the “hello world” for your particular mesh, you are left having to plan out your production deployment and more importantly, future upgrades. The architecture and patterns for deployment are as important (if not more?) as the specific mesh capabilities you choose. For example, patterns like separating ingress, running canaries, and focusing on limited configuration blast radius are foundational to enable zero-downtime upgrades of your mesh. In this talk, we discuss the vital patterns and practices cultivated working with mesh adopters around the world. The audience should come away with a core set of practices to enable successful lifecycle management of their service mesh.

Speakers
avatar for Christian Posta

Christian Posta

VP, Global Field CTO, Solo.io
Christian Posta (@christianposta) is Global Field CTO at Solo.io, Steering Committee @ Istio, and well known in the cloud-native community for being an author (Istio in Action, Manning, Microservices for Java Developers, O’Reilly 2016), blogger, speaker, open-source enthusiast and... Read More →



Tuesday October 12, 2021 3:25pm - 3:55pm PDT
Room 515 AB + Online

3:30pm PDT

Multi-cluster Service Mesh Workshop- Will McKinley, Solo.io
This workshop is based on Istio and Gloo Mesh (https://github.com/solo-io/gloo-mesh). It's a hands-on workshop where each participant has a dedicated VM. In the VM, you deploy 3 Kubernetes clusters using Kind. One cluster is a management plane where Gloo Mesh is deployed, while Istio is deployed in the 2 other clusters. Then, you federate the identity of the Istio clusters, configure cross cluster communications, failover, learn about Web Assembly, ... And before each lab, we go through some slides. For example, before the identity federation, we explain you what is SPIFFE, how it's used in Istio, ... The labs are publicly available: https://github.com/solo-io/workshops/tree/master/gloo-mesh

Speakers
avatar for Will McKinley

Will McKinley

Field Engineer, Solo.io
Will McKinley is a Field Engineer for solo.io. Will has been in tech for over 25 years in various capacities including software engineering, management, DevOps evangelist, and architect.  He has been in startups and enterprises spending the first half of his career in VOIP technologies... Read More →


Tuesday October 12, 2021 3:30pm - 4:45pm PDT
Room 511 ABC + Online

3:55pm PDT

Leveraging Service Mesh For Enterprise Multi-Cloud Strategy- Jun Wei & Victor Martinez, Equinix
Multi-cloud strategy is becoming the new norm when it comes to cloud adoption for enterprises, especially for global companies cross multiple geographic regions. Many factors can contribute to the motivation behind multi-cloud strategy, including best of the class solutions from multiple cloud providers, reliability and flexibility, and optimal performance-cost benefits. All major cloud providers are offering coherent solutions to enable hybrid and multi-cloud strategies. Among all solutions, Service Mesh is an effective technology to deliver the benefits of multi-cloud strategy to enterprises. We will examine a few multi-cloud use cases and architecture considerations and how to leverage service mesh for typical enterprise multi-cloud strategies, including failover, best of class, and flexible scale-in-and-out application deployment patterns. In particular, we will explore private connections among multiple cloud providers to ensure enterprises the ultimate security and privacy for their data while enabling multi-cloud strategies.

Speakers
avatar for Jun Wei

Jun Wei

Sr. Principal Solution Architect, Equinix
At Equinix, Jun is currently leading innovation projects, such as hybrid infrastructure collaborating with multiple cloud partners. Jun has been engaging with open innovation for most of her career for Internet technology, cloud providers, telco operators and equipment vendors. Jun... Read More →
avatar for Victor Martinez

Victor Martinez

Senior Solutions Architect, Equinix
I am Senior Solutions Architect at Equinix, digital infrastructure company that enable their customers to access all the right places, partners and possibilities they need to accelerate their business advantage. Coming from an engineering background, currently 100% focused on explain... Read More →



Tuesday October 12, 2021 3:55pm - 4:25pm PDT
Room 515 AB + Online

4:25pm PDT

Scalable Confidential Computing on Kubernetes with Marblerun- Moritz Eckert & Felix Schuster, Edgeless Systems GmbH
Confidential computing (CC) is a new and emerging security paradigm. It enables the always encrypted and verifiable processing of data on potentially untrusted hosts, e.g., the cloud or maybe even your local cluster. Do you wanna add an extra layer of data protection to your Kubernetes workloads? In this talk, we introduce the open-source project Marblerun and discuss the challenges that arise when you deploy CC-enabled workloads on K8s. Marblerun is the control plane for confidential computing, designed to run on Kubernetes. It is an open-source solution that extends the confidentiality, integrity, and verifiability properties of a single enclave to a Kubernetes cluster. Marblerun does not replace your service mesh; it is built to run alongside your existing cloud-native tooling. In essence, Marblerun simplifies deploying, scaling, and verifying end-to-end encrypted apps on vanilla K8s. We will demo how to CC-fy a cloud-native app and run it with K8s+Linkerd+Marblerun.

Speakers
avatar for Moritz Eckert

Moritz Eckert

Chief Architect, Edgeless Systems GmbH
Moritz Eckert leads cloud-related development at Edgeless Systems and is the primary maintainer of Marblerun. Moritz is a seasoned engineer and has presented at top-tier conferences including Usenix Security Symposium, Conf42, and OC3 in the past in the past. Alongside his professional... Read More →
avatar for Felix Schuster

Felix Schuster

CEO, Edgeless Systems GmbH
Felix Schuster is an academic turned startup founder. After his PhD in computer security, he joined Microsoft Research to work four years on the foundations of Azure Confidential Computing, before co-founding Edgeless Systems. The startup’s vision is to build an open-source stack... Read More →



Tuesday October 12, 2021 4:25pm - 4:35pm PDT
Room 515 AB + Online

4:35pm PDT

Understanding Service Mesh Metric Merging- Lawrence Gadban, Solo.io
Observability is a key tenet of any service mesh so each mesh implementation provides several features around observing the state of your mesh. One important aspect of observability is the exporting of metrics which enable operators or service owners to monitor both application and service mesh behavior. However, with service meshes that utilize a sidecar proxy, the exporting of metrics from both the application and the proxy itself is not as straightforward as it seems. In this session we will explore the challenge of consistently and transparently exporting metrics for all components comprising a service mesh workload. We will then dive into how Istio solves this problem with its “metrics merging” feature. This feature provides a simple way of exporting an aggregated set of metrics from all of the pieces in a sidecar-injected workload, including metrics from the Istio agent, sidecar Envoy proxy, and application workload itself. Attendees will leave with a clear picture of why metrics merging is important in general as well as how it works in the Istio service mesh.

Speakers
avatar for Lawrence Gadban

Lawrence Gadban

Field Engineer, Solo.io
Lawrence is a Field Engineer at Solo.io where he primarily works directly with organizations of all sizes to architect, adopt, and implement various application networking components such as service mesh (e.g. Istio and Solo's Gloo Mesh) and Solo's API gateway Gloo Edge. Lawrence... Read More →



Tuesday October 12, 2021 4:35pm - 4:45pm PDT
Room 515 AB + Online

4:50pm PDT

5:00pm PDT

[Re-Broadcast] Keynote: Deploying an Envoy-Based Service Mesh in Minutes Across Kubernetes and VMs- Marco Palladino, Co-Founder & CTO, Kong
Speakers
avatar for Marco Palladino

Marco Palladino

CTO and Co-Founder of Kong, Kong
Marco Palladino is an inventor, software developer and entrepreneur. He is currently the CTO and co-founder of Kong, the leading cloud connectivity company that created widely adopted open source projects such as Kong Gateway, Kuma and Insomnia. Before Kong, Marco co-founded Mashape... Read More →


Tuesday October 12, 2021 5:00pm - 5:10pm PDT
Room 515 AB + Online

5:00pm PDT

Networking Happy Hour
Join us onsite for drinks and appetizers with fellow co-located attendees from Tuesday's CNCF-hosted Co-located Events. Network with attendees from:
  • Cloud Native DevX Day North America hosted by CNCF
  • Cloud Native Security Conference North America hosted by CNCF
  • Cloud Native Wasm Day North America hosted by CNCF
  • FluentCon North America hosted by CNCF
  • GitOpsCon North America hosted by CNCF
  • Kubernetes AI Day North America hosted by CNCF + LFAI & Data
  • ServiceMeshCon North America hosted by CNCF

Tuesday October 12, 2021 5:00pm - 6:30pm PDT
Los Angeles Convention Center, Petree Plaza
 
  • Timezone
  • Filter By Venue Los Angeles, California, USA
  • Filter By Type
  • Breaks
  • Breaks- Track 1
  • Breaks- Track 2
  • Keynote
  • Lightning Talk
  • Networking
  • Opening/Closing
  • Panel
  • Session
  • Workshops
  • Audience
  • Talk Type