Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Ionut-Maxim Margelatu, Larisa Andreea Danaila
2023-04-20
tldr - powered by Generative AI
The presentation discusses the challenges of having separate workflows for infrastructure provisioning and application deployment and proposes a unified approach using Crossplane. The speaker also highlights the importance of putting everything in a single release.
- Separate workflows for infrastructure provisioning and application deployment lead to inefficiency, higher risk of errors, longer feedback loop, and unmanageable complexity
- A unified approach using Crossplane can increase iteration speed, quality, and time to market
- Putting everything in a single release is crucial for continuous deployment pipeline and reducing cognitive load on developers
- Examples of challenges include running post-deployment tests, making changes in configuration, and dealing with multiple repositories
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Laurent Bernaille, Marcel Zięba
2023-04-20
tldr - powered by Generative AI
The presentation discusses challenges in running large Kubernetes clusters and offers best practices to overcome them. It also highlights the importance of using informers and avoiding list calls to improve performance.
- Running large Kubernetes clusters is challenging despite community improvements
- Defaults are not always enough and best practices should be followed
- Avoid list calls and use informers to improve performance
- Memory and CPU buffer should be maintained to handle bad events
- Streaming lists in Kubernetes 1.27 can improve memory usage
Conference: Global AppSec San Francisco 2022
Authors: Aakash Shah
2022-11-18
Infrastructure-as-code adoption continues to grow as more organizations seek to automate deployments and better manage the complexity of their cloud applications. Increasingly, development teams are taking ownership of IaC for their application as the boundaries between the application and infrastructure layers continue to blur in the Cloud. Terraform (more accurately - Hashicrop Configuration Language (HCL)) is one of the most widely used infrastructure-as-code (IaC) languages at the forefront of this transformation with over 100M open-source downloads.There are a lot of public Terraform projects available to developers to quickly learn and build from. Terraform also offers modules - an abstraction that allows infrastructure developers to write modular and clean code, allowing them to accelerate development and better maintain this code. And there are many community-driven open-source Terraform modules available for developers to reference in their Terraform code to quickly design & deliver changes to infrastructure.As of today, there are over 90k public repositories on GitHub with Terraform (HCL) code and over 15k open-source terraform modules. As an infrastructure developer if you utilize a community Terraform module or build from an existing example, how can you be assured that your infrastructure design will meet your security needs? What steps do you need to take to ensure that your cloud-native deployment is both secure & compliant?We used automation to assess public Terraform repositories and modules across Github to identify the most common security gaps against industry best practices. We selected best practices based on Cloud Service Provider reference architectures, Cloud Security Alliance, CIS benchmarks and OWASP. To limit the scope, we focused on Terraform for AWS and Azure resources. In this talk, we will share results of this assessment and provide lessons learned. Since this is OWASP, we’ll present the top 10 classes of security issues we found. We will then discuss security best practices for using community Terraform modules and building your cloud architectures from public Terraform repositories.
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Éamon Ryan, Hedley Simons
2022-10-28
Most people are well-aware of the benefits of GitOps for various workflows especially as it relates to Kubernetes deployments - it allows easy integration of approvals, verifiable change history and automation hooks. However, getting users to adopt a different way of working can be challenging - especially if it involves tools and methods that would be convenient for you, the administrator, but inconvenient for the end-user. So, what do you do when your end-users are not directly using Git in their day-to-day work, but you still want to add the benefits of GitOps to your deployments without slowing them down? Simple - you implement GitOps but hide the entire process from them! In this session, Éamon and Heds will take you through how they took an internal Grafana environment that had grown increasingly messy and unreliable due to usage by a rapidly expanding internal team - and transformed it into a repeatable, promotable, process-driven well-oiled machine fueled by GitOps, Kubernetes, Terraform and more - all without the end-users having to learn or interact with Git at all!
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Ricardo Rocha
2022-10-27
tldr - powered by Generative AI
The presentation discusses the importance of having the right tools for cloud native deployments and introduces a set of tools and functionalities that can significantly improve the daily life of developers and operators.
- The Swiss knife is a handy tool that has been around for over 100 years and has evolved to suit different types of individual users.
- Cloud native deployments can be challenging, but having the right tools for each task can make all the difference.
- Tools for logging and metrics, such as Kubernetes and Fluentd for logs and Prometheus for metrics, are essential for cloud native deployments.
- Debugging tools are also important, and Kubernetes now has the ability to deploy ephemeral debug containers.
- The ability to achieve reproducibility is one of the key things about Cloud native tools.
- The speaker provides anecdotes and demos to illustrate the power and simplicity of these tools.
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Abby Bangser
2022-10-27
tldr - powered by Generative AI
The presentation discusses extending Kubernetes using the operator framework and provides a hands-on tutorial for creating a CRUD operator.
- Kubernetes can be extended at various points, including the CLI, custom resource definitions (CRDs), and the API and events API using the operator framework
- The operator framework allows for listening to Kubernetes events and taking reactions accordingly
- The tutorial provides a step-by-step guide for creating a CRUD operator that deploys, updates, and deletes an application
- The tutorial uses an online learning platform that does not require downloading Docker images or configuring laptops
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Liz Rice, Purvi Desai, Thomas Graf, Bill Mulligan, Chandan Aggarwal
2022-10-26
Welcome to Cilium! In this session you'll get an update on how the Cilium project has been progressing on the road towards graduation (we have raised a PR!). You'll hear about the latest developments and future roadmap, including news about some of the largest and most interesting deployments of Cilium. And don't miss this session if you're interested in contributing to the project, as there will be guides on how to get involved and where your help is needed.In this session you'll hear from Cilium contributors from Isovalent, Google, Microsoft and Grafana Labs
Conference: KubeCon + CloudNativeCon Europe 2022
Authors: Yaron Schneider, Henry Spang
2022-05-18
tldr - powered by Generative AI
Dapper is a set of APIs that helps developers make their applications and infrastructure services more resilient and fault-tolerant.
- Dapper provides building blocks for developers to consume APIs for state management, pub/sub, and configuration management.
- Dapper runs on any infrastructure and has a sidecar architecture.
- Components are at the heart of Dapper, allowing developers to talk to different APIs or implementations behind those APIs.
- Dapper has a simple architecture on Kubernetes with a control plane and data plane.
- Dapper enables developers to apply global resiliency policies across their apps and cloud or on-premises infrastructure services.
Conference: KubeCon + CloudNativeCon North America 2021
Authors: Jonathan West, Kshama Jain
2021-10-13
tldr - powered by Generative AI
Argo CD Application Sets can manage multiple Kubernetes clusters and deploy large numbers of applications from multiple repositories using templates and parameterization.
- Argo CD and GitOps workflow are used to manage Kubernetes clusters with Git repositories as the source of truth.
- Managing deployments of large numbers of applications/clusters with Argo CD requires complex custom scripting.
- Argo CD ApplicationSet controller works alongside Argo CD to automatically generate Application deployments using templates and parameterization.
- Application Sets can manage multiple Kubernetes clusters and deploy large numbers of applications from multiple repositories using templates and parameterization.
- Application Sets are based on Argo CD applications and can be customized using data from external data sources.