KubeCrash: Cloud Native Crash Courses
Written By: Danielle Cook
KubeCrash is a new virtual KubeCon co-located event for those who can’t attend KubeCon in person or are in “timezone-left-behinds.” Created by five companies with Kubernetes open source tooling, KubeCrash offers KubeCon-grade courses on cloud native technology. No vendor pitches, just awesome open source content on projects such as Linkerd, cert-manager, CockroachDB, Pulumi and Fairwinds’ projects, and Polaris and Goldilocks.
Kubernetes is the new standard for cloud-hosted application development, allowing DevOps teams to drive the technology choices for enterprise-grade cloud native tooling. Freely available open source solutions are often the primary source for these tooling decisions.
KubeCrash provides a half-day knowledge sharing and virtual learning environment for developers, reliability engineers, cloud security specialists, and platform engineers. Learn directly from the maintainers of some of the most popular open source projects in this series of focused talks and workshops.
What to Expect
The virtual event offers a schedule packed with great content, from the teams that maintain some of the cloud native ecosystem’s most popular open source projects. The agenda will cover the latest learnings on implementing scalable zero-trust, scanning workloads for improved cloud native security, using service mesh to ensure high availability across multi-cluster infrastructure, and delivering “serverless” for multi-cloud deployments.
Using cert-manager to enable zero-trust identities for intra-pod communication — Jake Sanders, cert-manager maintainer
Modern cloud native architectures require the network to be considered untrustworthy, which is why internal workloads are rapidly driving the use of mTLS and private PKI. This workshop from Jetstack will demonstrate how to use cert-manager to issue, manage and rotate mTLS certs, allowing users to have strongly attested and verified Machine Identities between Kubernetes pods-all without the workload private keys leaving node memory! Think of this session as a precursor to implementing a service mesh solution, using cert-manager to establish zero trust environments (perhaps defined by trust domains), and enforcing security for pod to pod traffic.
Multi-cluster failover using Linkerd — Eliza Weisman, Linkerd maintainer
Failover across clusters is a great way to improve the overall uptime and reliability of Kubernetes applications. While whole-cluster failover can be accomplished at the global ingress layer, failing over individual services is a little more difficult. During this session, Linkerd maintainer Eliza Weisman will walk through how to use Linkerd, the CNCF graduated service mesh, to enable traffic failover for individual services across clusters. Attendees will learn how to combine service mesh metrics, traffic shifting and cross-cluster communication in a cohesive and automated way using pure open source, while preserving fundamental security guarantees such as mutual TLS.
Optimizing and Securing Kubernetes Workloads with Polaris and Goldilocks — Rachel Sweeney, Fairwinds and Andy Suderman, Polaris and Goldilocks maintainer
Learn how to scan your Kubernetes workloads to improve resource utilization and security using the open source tools Polaris and Goldilocks. Watch Andy Suderman, Director of R&D and Technology, and Rachel Sweeney, SRE at Fairwinds, as they demonstrate how to correctly configure your clusters based on Kubernetes’ best practices for security and efficiency.
Using Kubernetes to deliver a “serverless” service — Lisa-Marie Namphy and Jim Walker, Cockroach Labs
In this talk, Cockroach Labs team members will share how they leverage Kubernetes to deliver a “serverless” experience. Serverless promises to change the way we consume software. It allows us to potentially pay for what we use only and help drive down operational costs by minimizing resource consumption. Architecting for serverless requires a unique look at app logic and how it is deployed — a combination of the logical and physical worlds. An architectural pattern has emerged where we can scale ephemeral compute separate from services that need to persist.
Multi-cloud, single deploy: cloud engineering with Kubernetes and Pulumi — Aaron Friel and Guinevere Saenger, Pulumi
Business constraints and customer requests often require teams to stand up new Kubernetes environments across multiple cloud providers. This growing complexity in computing infrastructure will incur greater operational costs for organizations when coordinating across multiple teams. Pulumi engineers, Aaron Friel and Guinevere Saenger, will demonstrate standing up Kubernetes clusters, deploying applications and automating ops tasks by building a CLI using the Pulumi Automation API. These tools empower every engineer — from application developers to site reliability engineers — to be a cloud engineer.
Join us on May 17
Anyone can join this KubeCon, whether you are staying in the Americas or up for a late-night session. Joins us on Tuesday, May 17th starting at 9 am PST / 10 am CST/ 12 pm EST. Learn more about open source projects, led by a project maintainer from projects covering modern cloud native security to improving the developer experience. Register today!