logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Alexander Constantinescu
2023-04-21

tldr - powered by Generative AI

Improving the reliability of Kubernetes load balancers
  • Kubernetes load balancers are critical for application ingress
  • Current load balancer configuration is simplistic and introduces serious failure modes
  • The proposed solution involves refactoring support to better uphold application SLA
  • The talk covers the background, problem, solution, and future work
Authors: Ameer Abbas, Steve McGhee
2023-04-20

tldr - powered by Generative AI

The presentation discusses the importance of starting with archetypes when building resilient platforms and services, and the trade-offs between reliability and effort.
  • Archetypes provide known good starting points for building resilient platforms and services
  • Applications have multiple services and microservices should be used to degrade gracefully
  • Resilient teams are necessary to build robust platforms that can handle risks
  • There are trade-offs between reliability and effort, and exponential curves show the increasing effort required for higher levels of reliability
Authors: Rob Scott, Liwen Wu
2023-04-19

tldr - powered by Generative AI

The presentation discusses the use of Gateway API and Multi-Cluster Services to create Multi-Cluster Gateways for advanced routing across clusters, improving application availability and reducing latency.
  • Gateway API represents a cloud load balancer for routing configuration
  • Multi-Cluster Services enable connecting clusters together for improved availability and reduced latency
  • Combining Gateway API and Multi-Cluster Services creates Multi-Cluster Gateways for advanced routing across clusters
  • Multi-Cluster routing can improve application availability and demonstrate failover capabilities
  • APIs can provide portable multi-cluster routing configuration even when mapped to different underlying cloud infrastructure
Authors: Stefan Schimanski
2022-10-27

CustomResourceDefinitions are driving the extension ecosystem around Kubernetes. This talk is about the search for the next step, a successor for CRDs in a post-operator world where service providers use CRDs as first-class API for the services they are building and offering to tenants. CRDs as we know them are installed in customer clusters, usually together with operators or controllers. With that they are under control of the users: - users can tweak the CRDs. - users are the ones updating and controlling the operators with all the complexity and pitfalls updating operators and APIs can have. This situation is not a good fit for today's problems, and it's mostly an artifact of how CRDs and their life-cycle were conceived years ago as a tool to add in-cluster concepts. This talk is about lifting CRDs up to be a first-class verhicle for APIs provided and consumed by different parties, without the operator-glue, in different clusters, standardized, securely and federated.
Authors: Randy Abernethy
2022-05-20

tldr - powered by Generative AI

The presentation introduces the world of Kubernetes network communications in a practical way, focusing on container networking, Kubernetes services, and DNS. The goal is to help attendees understand the basics of Kubernetes networking and provide a starting point for further exploration.
  • The presentation covers container networking and how pods communicate using a CNI plugin
  • Kubernetes services are discussed as a way to provide a front end for a set of dynamically changing pods
  • DNS is explored as a way to create an abstraction on top of virtual IPs
  • Understanding Kubernetes concepts is fundamental to understanding Kubernetes networking
Authors: Mario Fahlandt, Tobias Schneck
2022-05-20

tldr - powered by Generative AI

The presentation discusses the implementation of a Kubernetes-based platform for the manufacturing industry, emphasizing the importance of independence, automation, and declarative management tools.
  • The platform is designed to be independent of the cloud and adaptable to different customer needs and infrastructures
  • Automation and declarative management tools are crucial for repeatability, testability, and scalability
  • Services should be consumed as a service to make them quick and easy to use
  • Independence is important for disaster recovery and partial connectivity cases
Authors: Charles Pretzer
2022-05-18

tldr - powered by Generative AI

Setting up multi-cluster failover with service mesh
  • The workshop repository is located at github.com/buoyantio/service-mesh-academy
  • Participants need to check out the multi-cluster failover directory
  • The workshop requires two clusters named east and west
  • The readme file contains all the necessary steps to set up the failover configuration
  • Injecting resources like deployments and stateful sets is possible with linkerd inject
Authors: David de Torres Huerta, Miguel Hernández
2022-05-18

Prometheus has become the standard for monitoring Kubernetes services. It comes with a set of helpful exporters, and Kubernetes offers several metrics endpoints directly through the API. These features enable monitoring and troubleshooting of most situations that SREs face on a daily basis. But, what if an attacker accesses your Prometheus server? How much information can they get for fingerprinting the cluster? Kernel versions, IP addresses, instance types, library versions…the list goes on and on. In this session, you will learn how attackers use this information in the first part of reconnaissance, to see if you are vulnerable. The speakers will share - What secrets they collect to fingerprint your Kubernetes cluster (hint: they're not after your timeseries) - How to leverage this information internally to secure your cluster - How to prevent the exposition of sensitive information No matter how many safety best practices you apply, you must be aware of every link of the chain.Click here to view captioning/translation in the MeetingPlay platform!
Authors: Peter O'Neill
2021-10-15

tldr - powered by Generative AI

The presentation discusses the journey of a network engineer into becoming a K8s developer and the skills and knowledge that transfer between the two roles. It highlights the complexity of Kubernetes and the importance of tools like Telepresence for developing and debugging in the cluster.
  • Network engineering involves troubleshooting and following a network path, which transfers to Kubernetes development.
  • Cloud-native applications are more complex, with multiple services, load balancers, and connections.
  • Troubleshooting in Kubernetes involves identifying which service and connection is causing the issue.
  • Telepresence is a useful tool for bridging a laptop's local network to a Kubernetes cluster for easier development and debugging.
  • The presentation includes a demo of using Telepresence to access the Kubernetes API and work with pods.