KubeCon NA 2020: Deep Dive into Cloud Native Open Source Projects

November 10, 2020 Nikhita Raghunath

This is the era of virtual conferences, and it’s now time for the virtual KubeCon North America 2020 conference. It will also be my sixth KubeCon and, while I wish it would have been possible to meet everyone in person, I’m still very excited. 

VMware is proud to be a Diamond-level sponsor of virtual KubeCon NA 2020 and will be taking part in more than 25 sessions, keynotes, SIG workshops, and lightning talks this year. Stephen Augustus, co-chair for the conference, will present multiple keynotes and will talk about the latest highlights of the Kubernetes project. We’ll also have Grant Shipley and Marissa Bosche take the keynote stage to discuss how you can advance your knowledge of Kubernetes from basic use cases all the way to advanced deployments using KubeAcademy.

A talk at KubeCon NA in 2019. This year's event will be virtual. (Photo courtesy CNCF)

There’s always a lot to do at KubeCon even if it’s virtual. If there’s one session you should not miss, it’s Kenny Coleman’s technical demo at the Sponsor Theater, which will include a demo showing how to ramp up your Kubernetes cluster using eight open source projects—Cluster API, Kubeapps, Harbor, Octant, Antrea, Contour, Sonobuoy, and Velero.

Here are more sessions I’d recommend:

In the first session, Harbor maintainers will review and provide solutions to the challenges faced by enterprise organizations, such as content replication, vulnerability scanning, and large-scale content distribution. They will also share the future roadmap and challenges of Harbor, including an operator for Harbor and improvements of windows containers support.

With a clear understanding of Harbor, the second session will focus on how Harbor makes it easy to operate Kubernetes at the Edge and co-locate your workloads with your cloud native artifacts.

First, take a deep dive into Contour, a CNCF incubating project, and learn how to leverage Contour and Envoy to run Kubernetes workloads in a multitenant environment using features like authentication. Bonus: the team will reveal a preview of Contour’s feature roadmap.

Take the next step in the second session with a look at how the Contour maintainers implemented (and struggled with) Envoy’s xDS API, and learn how you can build a full Envoy control plane for yourself.

This session will focus on how to leverage Cloud Native Buildpacks, the set of tools for transforming application source code to OCI images, on a number of CI/CD systems including Tekton, Gitlab, and CircleCI. The talk will cover powerful features for enterprise users, such as the ability to narrowly define trusted builders, allowing restricted access to registry credentials, as well as the ability to create Windows images.

“Production identity” is a common set of problems facing distributed systems—inability to rotate credentials, no federation with other systems, and few policy opportunities that are valued and critical for organizations. SPIFFE/SPIRE have recently been called the “identity control plane” since they help solve all of these problems. This talk will cover how to leverage the identity control plane for doing identity distribution and attestation for service-to-service communication in complex and heterogeneous environments.

If you ever wanted to understand how Open Policy Agent (OPA) works, this talk is for you! It will cover lessons learned while using OPA and will offer several concrete examples of how OPA is used at VMware to implement ever-changing Kubernetes policy requirements and help tenants achieve a variety of compliance certifications, while at the same time striving to make these security policies unobtrusive to existing CI/CD pipelines and workflows.

In this session by the co-chairs of Working Group (WG) Data Protection, you’ll learn the current state of data protection in Kubernetes, and backup and recovery support at the persistent volume level, application level, and the cluster level. This is an excellent place to get started with the Kubernetes project since this WG involves collaboration across multiple SIGs like SIG Storage, SIG Node, and SIG Apps.

I hope you’ll join me for these sessions! Be sure to make a pit stop by the virtual VMware booth for free Tanzu stickers, to learn more about exciting open source projects that we’ve been working on, discuss open source trends, or just hang out with us. Follow @vmwaretanzu on Twitter for the latest happenings at the conference. I hope you have a happy and safe KubeCon!


About the Author

Nikhita is a senior member of technical staff at VMware, a member of the Kubernetes Steering Committee, and is responsible for the overall governance of the Kubernetes project. She is also a Cloud Native Computing Foundation (CNCF) Ambassador and an international public speaker.

More Content by Nikhita Raghunath
6 Unspoken Laws of Strategic Execution
6 Unspoken Laws of Strategic Execution

Leaders need to recognize six unspoken laws as governing principles of strategic execution.

The Good, Bad, and Ugly of Remote Software Development
The Good, Bad, and Ugly of Remote Software Development

In this episode of the Cloud & Culture podcast, we discuss the state of remote work with Joe Moore and Paul...