tldr - powered by Generative AI

• Knative Eventing is a platform for creating event-driven applications
• It has primitives for building an event mesh with a broker at the center
• Sources create cloud events and send them to the broker, which dispatches them to interested listeners
• Triggers can be used to register applications to the broker with filters for event types
• Eventing and serving can be used separately or together
• Recent highlights include multi-namespace API server sources and event discovery
• The roadmap includes improving performance and scalability of the serving API

tldr - powered by Generative AI

• Knative offers auto-scaling to dynamically adjust the number of pods based on load
• Knative provides revision management to help manage changes to microservices
• Knative is working on adding TLS to reduce reliance on service mesh for security
• Knative promotes uniformity in services for easier security and monitoring

tldr - powered by Generative AI

• Serverless computing is a deployment model that abstracts the way applications are deployed on infrastructure, provides auto-scaling capabilities, and has a simplified development and deployment model.
• Functions are a programming model that has a certain function signature that needs to be matched to deploy the function.
• The presentation showcases the use of Knative Serving and Eventing building blocks, CNCF Buildpacks, Tekton Pipelines, and Camel-K for processing Amsterdam city data.
• Developers can benefit from serverless concepts and still be able to deploy across multiple cloud environments.
• The demo includes a react application with a node.js backend that emits cloud events and exposes rest APIs.
• The presentation highlights the benefits of using serverless computing for event-driven applications that scale on demand and consume just the right amount of resources.
• The demo showcases the use of serverless functions for adding real-time capabilities to applications.
• The presentation emphasizes the user-friendliness of the solution, with no Dockerfiles or YAML editing required.
• The presentation includes a live demo of the solution in action.

tldr - powered by Generative AI

• Databricks is building a serverless platform for performance-sensitive workloads such as Data Lakehouse on Kubernetes clusters
• They need hard multi-tenant container isolation since each cluster runs code on behalf of multiple customers
• They chose Kata Containers, an open-source container runtime that provides strong isolation by running containers in micro-VMs
• They built a hard compute and network isolation layer among untrusted workloads in Kubernetes clusters leveraging Kata Containers, network policy, and network security group
• They share their first-hand experience on how they integrate Kata Containers with Kubernetes in production, highlighting the challenges they faced, difficult trade-offs among security, performance, and cost, and how to work around the heterogeneity across different public cloud providers

tldr - powered by Generative AI

• Serverless functions have dependencies that can introduce vulnerabilities
• Cloud providers offer some security measures but it's important to scan for vulnerabilities in your own code and dependencies
• Logging and monitoring are important but require automation to be effective
• Permissions and authentication are crucial for securing serverless functions
• Stateless nature of serverless functions makes authentication challenging

tldr - powered by Generative AI

• Service-based applications allow developers to focus on code without worrying about infrastructure or low-level security details
• Containers provide a sealed context that can be replicated anywhere and offer flexibility in language and library choice
• K native is an open-source project that brings service to containers and runs anywhere Kubernetes runs
• Cloud Run is a managed version of K native on Google Cloud that simplifies the process of bringing service to containers
• An anecdote is provided to demonstrate the use of Cloud Eventing to trigger a service based on an uploaded image

tldr - powered by Generative AI

• Prometheus assumes that the system lives long enough to be discovered and scraped, that the service is network-enabled, and that the user can do their own aggregation.
• Prometheus uses a pull-based model for metrics collection, which requires the service to live for at least 5-15 seconds.
• Exposing things over the network requires the ability to listen on a port, spin up a server, and secure communication with firewall rules and TLS certificates.
• Prometheus assumes that the user can do their own aggregation, which can be problematic for metrics like request counts.
• There is a need for a better solution that can handle the challenges of serverless architectures and provide more accurate metrics.

tldr - powered by Generative AI

• A fully managed Kubernetes platform should still prioritize the power and flexibility of Kubernetes
• Simplifying the operation of the cluster should be the goal, not simplicity at the Kubernetes layer
• The platform should allow for bursting and support continued usage
• Node visibility should be maintained while hiding certain bits