Virtual Event
November 17, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Lightning Talk [clear filter]
Tuesday, November 17

4:30pm EST

L7mp: A Multiprotocol Service Mesh for Legacy Applications - Gábor Rétvári, Budapest University of Technology and Economics (BME)
The service mesh is too cool to keep it HTTP-only! Despite the increasing use of HTTP as a common application transport protocol, there are tons of legacy non-HTTP applications that would greatly benefit from the traffic management and monitoring capabilities provided by a service mesh. Primary examples are anything that runs on top of UDP or SCTP, including telco apps, VPN, IoT, video-gaming, or DNS. Currently, these applications are left behind by the cloud-native community. Taking a real telco media-plane use case as demonstrator, this talk makes the case for l7mp, a joint industry-academy effort to build a service mesh prototype with first-class support for legacy applications. L7mp aspires to serve as an incubator project to experiment with radically new service mesh designs and features, including full multi-protocol support, programmable protocol L7 parsing, native stream-management, and kernel-based offload for sidecar proxy acceleration. 

avatar for Gábor Rétvári

Gábor Rétvári

Budapest University of Technology and Economics (BME)
Gábor Rétvári is an Associate Professor at BME, Hungary, and a Senior Researcher at Ericsson.  As an academic scholar he coauthored 70+ scientific papers, among them a recent paper on the intersection of software-defined networks (SDN) and service meshes. He is leading the joint... Read More →

Tuesday November 17, 2020 4:30pm - 4:40pm EST

4:40pm EST

Confident Canary Deployment to Production With Istio - Raju Dawadi, Oyster
The session covers covers the production use case of Oyster Financial on using Istio service mesh for handling traffic. The testing in non-production environment and rolling out to live users was not effective for fintech product where the usage is critical. Also, due to the inconsistent in third party, there was need to test traffic in live environment for internal user and that has to be for selective or all services.  The usage of Istio feature on routing traffic based on header as well as percentage rollout was used effectively which has made deployment to Prod0 seamless. Also measuring the performance as well as real use case test of newer version helped in providing a good end user experience for evolving fintech startup in Mexico.  But the management complexity rises when number of services increases and there are too may configs to be managed. Combination of helm helped a lot throughout the process.

avatar for Raju Dawadi

Raju Dawadi

Site Reliability Engineer, Oyster Financial
Raju, a Google Developer Expert(GDE) in Cloud Platform is a DevOps enthusiast and is currently diving into SRE(Site Reliability Engineering) along with building DevOps and Cloud Native community in Kathmandu, Nepal. He enjoys learning, implementing & sharing experiences over cloud... Read More →

Tuesday November 17, 2020 4:40pm - 4:50pm EST

4:50pm EST

Service Mesh Security in a Nutshell - Venil Noronha & Manish Chugtu, VMware, Inc.
Security is one of the greatest challenges in the cloud-native world today. Service meshes promise several benefits including better connectivity, and observability, and most importantly security. Securing a cloud-native service involves securing it at several levels i.e. at the perimeter (ingress/egress gateways), when accessing other services, when persisting data, when processing requests, etc., and using a service mesh one can address several of these issues in a consistent and maintainable manner.  In this talk, we will present some of the key patterns that one can use for securing cloud-native services when working with north-south and east-west traffic. We will talk about available TLS choices (passthrough, mTLS, etc.), AuthN/AuthZ constructs, JWT support, and extension mechanisms within Envoy/Istio that you can leverage for building customized policy frameworks. We will also discuss application security in the context of multi-cluster service mesh deployments. Come join us!

avatar for Manish Chugtu

Manish Chugtu

Enterprise Technologist, Strategy and Innovation, VMware
Manish is an innovative thought leader with 20+ years of experience in architecture, design and product development with extensive experience in architecting and developing highly scalable enterprise solutions. Currently as “Enterprise Technologist - Strategy, Community and Innovation... Read More →
avatar for Venil Noronha

Venil Noronha

Sr. Member of Technical Staff, VMware, Inc.
Venil Noronha is an engineer with the Tanzu Service Mesh team at VMware. He also contributes upstream to open source projects in the service mesh domain, like Istio and Envoy proxy. In the past, he has contributed to several open source projects including Kubernetes, Spring, and... Read More →

Tuesday November 17, 2020 4:50pm - 5:00pm EST
  • Timezone
  • Filter By Venue Virtual
  • Filter By Type
  • Break
  • General Session
  • Lightning Talk
  • Session Presentation
  • Sponsored Session