KubeCon EU 2021 Notes
Summary (TL;DR)
SIGs are now TAGs (Tech Advisory Groups) [runtimes, storage, security, network, observability, App delivery, Contrib Strategy]
Trending Projects = Kudo — write operators, Keptn — App lifecycle management — SLI checks, Openmetrics Spec — Prom format,Open Telemetry — Spec for Observability,K3s — IOT & Edge,CrossPlane — expose Service API as resources (standard),Parsec — H/W security
Kube will now have 3 releases in a year
PSP deprecated — by 1.25 full deprecation
Flux 2- has gitops toolkit for building CD pipelines, secret mgmt, Multi Cluster, Multi Tenancy.
Kubewarden — WASM in the cloud
eBPF — Bringing Programmability to the Kernel, 1 million instructions,Cilium an early adopter, many use cases in tracing
Keda — Advanced Event based scaling based on app metrics
Cert Manager
Build Kit — Image Building using kubectl, fastest inner loop (no registry push needed)
M3 vs Cortex vs Thanos
M3 = Data within cluster, Push Model
Cortex = Push Model, Caching, Chunk/Block storage
Thanos = Pull/Push model, Block Storage
Keynotes
Day 1 — Trending Sandbox Projects
Schemahero — apply schema update to kube objects
Strimizi — kafka on kube
Pravega — Storage, auto scale
Tremor — rust system, event based system/ replaces logstash
Backstage — Dev Portal to manage Infra
Kudo — write operators
Serverless Workflow Spec
Artifact Hub — to find artifacts , helms etc
Kubevirt — run VMs in Kube
Keptn — App lifecycle management — SLI checks
Openmetrics Spec — Prom format
trickster — reverse proxy , caches, monitoring
Open Telemetry — Spec for Observability
Chaos Mesh /Litmus — Operator which introduces Chaos
K3s — IOT & Edge
CrossPlane — expose Service API as resources (standard)
Volcano — Batch schulding — ML (spark, tenser)
SMI — Spec for Service Meshs
Open Service Mesh — implements SMI
Network Service Mesh — Diff Network Protocols connections
CNI — Genie — multiple CNIs on same cluster
OpenEBS — replicated storage volumes
Cloud Custodian — public cloud policy definition, cert expiry
Cert Manager — auto renew certs
in toto — signs artifacts, build stage
Key lime — remote attestation
Parsec — H/W security
dex — openI connect
kyverno — simpler than OPA (no lang like OPA)
Athenz — x 509 cert manager
Day 2
Kube will now have 3 releases in a year
PSP deprecated — by 1.25 full deprecation
Docker Shim deprecated
Structed logging in beta
Kasten — Backup and recovery
miscofigured access, policies, priv escalation, oprator access
Ransomware —
Plan early — shift left,
Automation — use OPA for RBAC creation, Migrations to new clusters
Business Continuity — Have plan (errs)
Day 2
Session — Deployment using Argo
Argo events powerful
Session — eBPF
Session — Keda (event based scaling)
Session — Cert Manager
Cert Manager — Mesh
Secure nodes and COntrol plane
Session — Kubewarden (admin control) (Web assembly)
Session — Users in K8s
Session — Buildkit
Session — Panel Networking/ Observability
M3coodinator = sidecar
ingesters = mem -> aggregates and then goes to final storage