KubeCon + CloudNativeCon Europe 2022 is ongoing in Valencia, Spain! And we’re right here with the most recent buzz, keynote data, and Cloud Unfiltered interviews. Right here’s what occurred at Day 2 of the convention.
Quote of the Day
We expect [centralized authorization] may be attractive. If you have a look at it as a extremely attention-grabbing distributed methods downside, it turns into attractive.
– Jimmy Zelinskie on Cloud Unfiltered
The Buzz
The theme that we preserve listening to in keynotes and interviews is that we have to simplify the Kubernetes ecosystem. There are extra distributors and choices than ever earlier than, however with these choices comes complexity. On the identical time, Kubernetes is changing into mainstream, and new adopters want less complicated choices to get them began with cloud native platforms safely and securely.
Talking of safety, one other theme is shifting left. There are some gaps round safety within the Kubernetes ecosystem, and lately attackers have gotten sooner and extra subtle. To reply to this, we not solely want to coach ourselves in safety greatest practices, however we have to implement these greatest practices in an automatic style, as early within the dev cycle, in a method that scales with our organizations.
The Keynotes
The keynotes as we speak bolstered a few of these themes. Here’s a transient synopsis of every one.
Shane Lawrence (Employees Infrastructure Safety Engineer at Spotify) spoke about securing the software program provide chain. Contemplate the varied vulnerabilities that exist each time we set up a bundle or dependency. How can we measure the mixture danger of our software program dependencies? A method to assist confirm your provide chain is thru the SBOM (Software program Invoice of Supplies), composed of instruments and requirements comparable to CycloneDX, Trivy, and Cosign. One other framework tackling the software program provide chain is SLSA (Provide-chain Ranges for Software program Artifacts).
Stephen Augustus (Head of Open Supply at Cisco) gave a quick speak with shortcuts on methods to get began with cloud native by way of SiG ContribEx (the Contributor Expertise Particular Curiosity Group for Kubernetes) and TAG ContribStrat (the CNCF TAG Contributor Technique group). Shifting on from studying to contributing, he stated there are a mess of the way to take action, together with by way of the Open Supply Software program Safety Mobilization Plan from the Open Supply Safety Basis (OpenSSF).
Subsequent up got here the CNCF Technical Oversight Committee. Dave Zolotusky (Principal Engineer at Spotify) and Katie Gamanji (Senior Kubernetes Subject Engineer at Apple) gave updates from the committee on panorama sustainability and cloud native development.
From there, Ricardo Rocha (Computing Engineer at CERN) gave us perception into his expertise at CERN implementing high-performance computing in a cloud native style. It was an interesting overview of the CERN use case and the way Kubernetes is used to deal with its particular wants for high-throughput computing.
Wrapping up the keynotes, Ben Hale (Senior Employees Engineer at VMware) spoke on the rise of PlatformOps to enhance the developer expertise by way of self-service infrastructure platforms, and Emily Fox (Safety Engineer at Apple) gave us greatest practices for securing cloud native platforms.
Cloud Unfiltered Interviews
Cloud Unfiltered@KubeCon is preserving busy as properly. We’ve received a slew of interviews masking shift left, the mainstreaming of Kubernetes, and the impression of group. Our latest conversations:
Jimmy Zelinskie (Authzed)
First, we talked with Jimmy Zelinskie (Co-Founder at Authzed) a couple of managed permissions service primarily based on Google’s Zanzibar system. Starting along with his work at CoreOS and serving to to outline Kubernetes operators, Jimmy has been concerned with the cloud native group from its early phases. Now, with Authzed,
Jimmy is in search of to centralize permissions right into a service, decreasing code duplication throughout companies in addition to permitting permission checking on assets in several functions. Hearken to the total episode right here.
Ariel Shupe (Cisco)
We chatted with Ariel Shupe (Cloud Purposes Safety Lead at Cisco) about how we have to shift left with safety on our CI/CD pipelines. With containerization and microservices, you want extra instruments in your pipeline to validate safety throughout your entire surroundings and in an automatic style. Shifting left—and doing so with automation—means that you can guarantee safety whereas creating at scale. Episode hyperlink coming quickly!
Neil CressWell (Poratainer)
We talked with Neil Cresswell (CEO at Portainer) concerning the mainstreaming of Kubernetes and the necessity for less complicated onboarding options. Kubernetes was primarily the realm of early adopters, however extra lately it has shifted towards mainstream adoption. These newer adopters want options that assist them come into the Kubernetes world simply whereas additionally preserving their platforms safe. Hearken to the total episode right here.
Emilio Salvador (Google)
Emilio Salvador (Developer Relations at Google) got here on the podcast to speak concerning the impression of group on builders and their wants. Builders and software program improvement have modified over time, and the group has turn out to be extra necessary than ever. Not is it simply giant firms that push the expertise envelope; open supply communities at the moment are those shifting the business ahead, pushing firms to maintain up. Hearken to the total episode right here.
Alex Ellis (OpenFaas)
We additionally talked with Alex Ellis (Founding father of OpenFaaS) about creating software program that solves issues for others and really issues—whereas competing with giant, cloud platform suppliers. Alongside the best way, we additionally mentioned developer advertising and marketing and what’s new in OpenFaaS. Hearken to the total episode right here.
Subsequent Steps for Cloud Native Professionals
- Calisti: A service mesh supervisor that helps you get hold of an end-to-end view of your total service community.
- Telescope: A cloud native utility troubleshooting device for streamlining fault detection and system well being.
- Panoptica: A safe utility cloud so as to add strong safety visibility and evaluation throughout your functions.
Every device is open source-based and enterprise-grade, designed that will help you along with your cloud native functions deployed to multi-cloud or hybrid-cloud platforms.
Wrap Up
We’re two days in, however we’re not achieved but with our KubeCon + CloudNativeCon Europe 2022 protection. Come again for updates and our ultimate ideas on Day 3 tomorrow!
KubeCon + CloudNativeCon Europe 2022 is the flagship convention of the Cloud Native Computing Basis, gathering collectively main open supply and cloud native communities to additional the schooling and development of cloud native computing. This 12 months, the convention is being held in Valencia, Spain from Could 16-20, 2022.
Need extra updates on KubeCon + CloudNativeCon Europe 2022 and all issues cloud? Try the Cloud Unfiltered podcast, accessible on Spotify, Apple Podcasts, and SoundCloud.
We’d love to listen to what you suppose. Ask a query or go away a remark under.
And keep linked with Cisco DevNet on social!
LinkedIn | Twitter @CiscoDevNet | Fb | Developer Video Channel
Share: