October 12, 2021
Los Angeles, California + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 - Los Angeles, CA + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change through Monday, September 13 due to schedule changes that will be made as speakers finalize whether speaking in person or virtually.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Intermediate (Mid-level experience) [clear filter]
Tuesday, October 12

9:30am PDT

Super Charge Your Service Mesh With eBPF- Yuval Kohavi & Idit Levine, Solo.io
The Linux kernel is an ideal place to implement observation, networking, and security, and improvements in the eBPF space are making it more practical to leverage the Linux kernel for these use-cases. Given that both eBPF and service mesh essentially allows users to program policies to connect, secure, and observe; you may be wondering how service mesh and eBPF intersect? This talk will explore different approaches to supercharge your service mesh with eBPF to make service mesh more secure and efficient.

avatar for Idit Levine

Idit Levine

CEO, Solo.io
Solo.io founderIdit Levine is the founder and CEO of Solo.io, a company that develops tools to help enterprises adopt and extend innovative cloud technologies alongside modernizing their existing IT investments. The Solo.io portfolio of open source and commercial products includes... Read More →

Tuesday October 12, 2021 9:30am - 10:00am PDT
Room 515 AB + Online

10:20am PDT

Service Mesh Patterns by the Book- Lee Calcote, Layer5 & Nic Jackson, HashiCorp
Infrastructure diversity is a reality for many organizations. It’s predicted that by 2022, 90% of all apps will feature microservices architectures. A huge range of microservice patterns drives a world of multiple service meshes. As various service meshes have proliferated infrastructures, service mesh patterns and abstractions have emerged. We will break down 60 service mesh patterns into different categories of use, demonstrating and examining a select few using Meshery for deeper review of their problems they solve, discussing caveats, and highlighting anti-patterns. The patterns discussed are being published in Service Mesh Patterns (O’Reilly) by Lee Calcote and Nic Jackson.

avatar for Lee Calcote

Lee Calcote

Founder and CEO, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers and enabling organizations. As Founder and CEO of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent focus... Read More →
avatar for Nic Jackson

Nic Jackson

Developer Advocate, HashiCorp
Nic Jackson is a developer advocate at HashiCorp, and the author of “Building Microservices in Go”, a book which examines the best patterns and practices for building microservices with the Go,

Tuesday October 12, 2021 10:20am - 10:50am PDT
Room 515 AB + Online

11:20am PDT

Single Mesh vs Multi Mesh- Tradeoffs for Enterprise Multi-Tenant Support- Ding Shaojun (Iris Ding) & Zhang Huailong (Steve Zhang), Intel
Service mesh is an infrastructure layer for micro services. It provides functions like: service discovery, traffic routing/shifting, security, observability etc. Multi-tenant is very common in kubernetes clusters. So how to better utilize service mesh capabilities while providing enterprise multi-tenant support in kubernetes clusters? In this talk we will walk you through below items and show you some tradeoffs for different service mesh options. 1. What challenges does multi-tenant bring to Service Mesh? 2. What service mesh options are applicable for multi-tenant support? 3. What does single mesh and multi mesh mean for multi-tenant and what are their Cons & Pros? 4. Performance comparison for different service mesh topology on multi-tenant clusters.

avatar for Ding Shaojun (Iris Ding)

Ding Shaojun (Iris Ding)

Cloud software engineer, Intel
Iris Ding works in Intel's IAGS team now and has a rich background in Open source development, cloud computing, middle ware development and design. Her current focus is research in cloud native area such as kubernetes and service mesh. Iris Ding held a speaking engagement in KubeCon... Read More →
avatar for Huailong Zhang

Huailong Zhang

Cloud software engineer, Intel
Huailong(Steve) has rich development experience on cloud computing, such as participated in the research and development of PaaS platform for Operation and Maintenance Department of Baidu, developed PaaS monitoring solution for IBM's public cloud via open source and enterprised projects... Read More →

Tuesday October 12, 2021 11:20am - 11:50am PDT
Room 515 AB + Online

3:25pm PDT

Planning the Zero-Downtime Lifecycle of Your Service Mesh- Christian Posta, Solo.io
A service mesh is a critical piece of application infrastructure that lives on the request path between your services. Once you get past the “hello world” for your particular mesh, you are left having to plan out your production deployment and more importantly, future upgrades. The architecture and patterns for deployment are as important (if not more?) as the specific mesh capabilities you choose. For example, patterns like separating ingress, running canaries, and focusing on limited configuration blast radius are foundational to enable zero-downtime upgrades of your mesh. In this talk, we discuss the vital patterns and practices cultivated working with mesh adopters around the world. The audience should come away with a core set of practices to enable successful lifecycle management of their service mesh.

avatar for Christian Posta

Christian Posta

VP, Global Field CTO, Solo.io
Christian Posta (@christianposta) is Global Field CTO at Solo.io, Steering Committee @ Istio, and well known in the cloud-native community for being an author (Istio in Action, Manning, Microservices for Java Developers, O’Reilly 2016), blogger, speaker, open-source enthusiast and... Read More →

Tuesday October 12, 2021 3:25pm - 3:55pm PDT
Room 515 AB + Online

3:30pm PDT

Multi-cluster Service Mesh Workshop- Will McKinley, Solo.io
This workshop is based on Istio and Gloo Mesh (https://github.com/solo-io/gloo-mesh). It's a hands-on workshop where each participant has a dedicated VM. In the VM, you deploy 3 Kubernetes clusters using Kind. One cluster is a management plane where Gloo Mesh is deployed, while Istio is deployed in the 2 other clusters. Then, you federate the identity of the Istio clusters, configure cross cluster communications, failover, learn about Web Assembly, ... And before each lab, we go through some slides. For example, before the identity federation, we explain you what is SPIFFE, how it's used in Istio, ... The labs are publicly available: https://github.com/solo-io/workshops/tree/master/gloo-mesh

avatar for Will McKinley

Will McKinley

Field Engineer, Solo.io
Will McKinley is a Field Engineer for solo.io. Will has been in tech for over 25 years in various capacities including software engineering, management, DevOps evangelist, and architect.  He has been in startups and enterprises spending the first half of his career in VOIP technologies... Read More →

Tuesday October 12, 2021 3:30pm - 4:45pm PDT
Room 511 ABC + Online

4:25pm PDT

Scalable Confidential Computing on Kubernetes with Marblerun- Moritz Eckert & Felix Schuster, Edgeless Systems GmbH
Confidential computing (CC) is a new and emerging security paradigm. It enables the always encrypted and verifiable processing of data on potentially untrusted hosts, e.g., the cloud or maybe even your local cluster. Do you wanna add an extra layer of data protection to your Kubernetes workloads? In this talk, we introduce the open-source project Marblerun and discuss the challenges that arise when you deploy CC-enabled workloads on K8s. Marblerun is the control plane for confidential computing, designed to run on Kubernetes. It is an open-source solution that extends the confidentiality, integrity, and verifiability properties of a single enclave to a Kubernetes cluster. Marblerun does not replace your service mesh; it is built to run alongside your existing cloud-native tooling. In essence, Marblerun simplifies deploying, scaling, and verifying end-to-end encrypted apps on vanilla K8s. We will demo how to CC-fy a cloud-native app and run it with K8s+Linkerd+Marblerun.

avatar for Moritz Eckert

Moritz Eckert

Chief Architect, Edgeless Systems GmbH
Moritz Eckert leads cloud-related development at Edgeless Systems and is the primary maintainer of Marblerun. Moritz is a seasoned engineer and has presented at top-tier conferences including Usenix Security Symposium, Conf42, and OC3 in the past in the past. Alongside his professional... Read More →
avatar for Felix Schuster

Felix Schuster

CEO, Edgeless Systems GmbH
Felix Schuster is an academic turned startup founder. After his PhD in computer security, he joined Microsoft Research to work four years on the foundations of Azure Confidential Computing, before co-founding Edgeless Systems. The startup’s vision is to build an open-source stack... Read More →

Tuesday October 12, 2021 4:25pm - 4:35pm PDT
Room 515 AB + Online
  • Timezone
  • Filter By Venue Los Angeles, California, USA
  • Filter By Type
  • Breaks
  • Breaks- Track 1
  • Breaks- Track 2
  • Keynote
  • Lightning Talk
  • Networking
  • Opening/Closing
  • Panel
  • Session
  • Workshops
  • Audience
  • Talk Type