Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Katrina Verey
2023-04-21
tldr - powered by Generative AI
The presentation discusses the design principles and implementation of a new system for managing configuration and deployment of applications. The system aims to strike a balance between exposing changes and ensuring meaningful review, while also accommodating the needs of a wide range of users.
- The system was designed with the goal of making it easy for developers to get started and ensuring commonly needed changes would be simple to make
- The system includes a config CLI and API, a version schema, and a customization system
- The config CLI provides a familiar interactive workflow for developers to modify production configuration
- The config API simplifies the user experience by explicitly encoding the main application properties that developers need to control
- The version schema allows for formal versioning and evolution of the system over time
- The customization system allows for advanced users to leverage the full power of Kubernetes APIs when needed
- The system strikes a balance between exposing changes and ensuring meaningful review, while also accommodating the needs of a wide range of users
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Joe Betz
2023-04-18
Have you ever operated a Kubernetes cluster for multiple developers? If you have, you probably realized quickly that things are going to be a lot smoother if you could just enforce some basic conventions. Maybe all your services have a well defined endpoint for the liveness probe but developers sometimes forget to set it up. Or maybe developers should always use a semantic version tag on their containers and avoid :latest. Or maybe there is a deprecated Kubernetes API field and you'd like to ensure it is never used in your cluster. In this talk we will run through a series of easy solutions to help enforce conventions using only YAML. You have a lot more control that you might realize. Learn from a Kubernetes contributor involved in the development of numerous extensibility features including CRDs, admission webhooks and admission policies. We will show you some handy tricks and leveraging new features including new features like Validating Admission Policies alpha API introduced in 1.26.
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Patrick Ohly, Alexander Kanevskiy, Kate Goldenring
2022-10-27
Kubernetes is powerfully declarative with YAML being the UX to request all that a workload needs. Kubernetes has tried to maintain this defining characteristic even as scenarios continue to expand. The device plugin interface was introduced to Kubernetes back in v1.10 to enable requesting and reserving static hardware for workloads, such as GPUs for ML applications. What about other devices used by workloads? This talk will cover several stories of how different types of the devices can be used in Kubernetes clusters: - From traditional datacenters to small IoT centric devices. - From exclusively accessed to shared devices. - From local stateless devices to network attached devices. - From simple single-purpose devices to pipelines of devices. All these scenarios require both a simple yet flexible UX for users to request a variety of devices with various properties. Alexander and Kate will discuss projects and proposals in the Kubernetes ecosystem that are working towards this goal of connecting devices and workloads. They will also discuss how to get involved in this evolution to let workloads be utterly materialistic. Whatever the app needs, it shall get.
Conference: KubeCon + CloudNativeCon North America 2021
Authors: Christopher Bradford, Ty Morton
2021-10-14
tldr - powered by Generative AI
The presentation discusses the challenges and solutions for deploying a database on multiple Kubernetes clusters in different regions.
- Deploying a database on a single Kubernetes cluster is easy, but deploying it on multiple clusters in different regions requires careful planning and consideration of network design, security, and failure handling.
- Multi-cluster deployment can provide high availability, better performance, and geolocality.
- Common pitfalls include issues with networking, automation, and communication between clusters.
- Planning and collaboration between different teams is crucial for successful multi-cluster deployment.
- References to helpful technologies and projects are provided.
Conference: OWASP 20th Anniversary Event
Authors: Christian Schneider
2021-09-24
tldr - powered by Generative AI
Fragile is an open-source agile threat modeling toolkit that generates rule-based risk analysis and outputs reports to mitigate risks in data assets and technical assets.
- Fragile is an open-source agile threat modeling toolkit that generates rule-based risk analysis and outputs reports to mitigate risks in data assets and technical assets
- It uses a YAML file to create a threat model and generates various outputs such as reports, JSON, and REST API
- It has over 40 risk rules that can analyze the graph precisely leading to less false positives
- It has a plug-in interface that allows users to add custom risk rules to extend the tool's functionality
- It has a model macro concept that automates certain changes to the model in a wizard-style question and answer format
- It is released as open-source software under the MIT license and runs offline as a command-line interface or as a web server with a REST API