Virtual Event
November 17, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Session Presentation [clear filter]
Tuesday, November 17

10:15am EST

Service Mesh - The New Single Point of Failure - Mitch Connors, Google, Sabeen Syed, HashiCorp & Thomas Rampelberg, Buoyant
Interested in knowing why your favorite service mesh was implemented that way? Architecture decisions have real user impact. When building a service mesh, it is possible to fall into a trap of choosing implementation that is easier to build but makes it difficult to operate in the real world. While service meshes enable new levels of resiliency for users’ applications, they suffer from a chicken and egg problem: How do you build a resilient and scalable service mesh without having a service mesh to rely on?
Maintainers of Istio, Linkerd2 and Consul will walk through tradeoffs the projects have made during implementation and the impact on users. Topics will include:
  • Why it is important to verify environments before installation.
  • How to build a service mesh which can be safely upgraded.
  • What regular security updates mean for upgrades.
  • How to give users the same stability for config changes as they require for code changes
  • What to do when the mesh breaks.
  • Why the division of responsibility is important.

avatar for Sabeen Syed

Sabeen Syed

Senior Engineering Manager, HashiCorp
Sabeen Syed is a Senior Engineering Manager at HashiCorp, working on the Consul Service Mesh and Consul API Tooling teams. She enjoys cultivating and nourishing teams to enable taking products and processes from ideas to execution. She has spoken at a number of conferences and meetups... Read More →
avatar for Thomas Rampelberg

Thomas Rampelberg

Software Engineer, Buoyant
Thomas Rampelberg is a Software Engineer at Buoyant Inc. He has made a career of building infrastructure software that allows developers and operators to focus on what is important to them. He is a contributor to Linkerd and has been maintaining Kubernetes applications at scale and... Read More →
avatar for Mitch Connors

Mitch Connors

Software Engineer, Google
Mitch Connors is a Software Engineer at Google where he works on Istio. Over the past 15 years, Mitch has worked at F5 Networks, Amazon, an Industrial IoT startup, and State Farm Insurance, giving him a broad perspective on the needs of Enterprise Software Developers. This experience... Read More →

Tuesday November 17, 2020 10:15am - 11:00am EST

11:05am EST

Taking Service Mesh a Step Further with WebAssembly - Christian Posta, Solo.io
WebAssembly (WASM) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable target for compilation of high-level languages like C/C++/Rust, enabling deployment on the web for client and server applications. Wasm support in Envoy means that that opens up new possibilities in customizing service meshes built on Envoy with modules that modify the behavior of the sidecar proxy in any language. The possibilities are endless and in this talk we will explain: - The state of Wasm in Envoy and how it works - Demonstrate the developer experience in building, sharing, and deploying modules - Demonstrate a range of modules types and the kind of behavior it can customize in the sidecar proxy

avatar for Christian Posta

Christian Posta

Solo.io, Global Field CTO
Christian Posta (@christianposta) is Global Field CTO at Solo.io, and well known in the cloud-native community for being an author (Istio in Action, Manning, Microservices for Java Developers, O’Reilly 2016), blogger, speaker, open-source enthusiast and contributor to various open-source... Read More →

Tuesday November 17, 2020 11:05am - 11:50am EST

12:50pm EST

Istio Service Mesh Simplified Beyond a Single Cluster - Lin Sun, IBM & Sven Mawson, Google
We have made numerous improvements to the Istio project over the past year to simplify the experience for users and operators in a single cluster. This year we have been focusing on improving the experience beyond a single cluster, simplifying multicluster deployment by merging the replicated control plane and shared control plane patterns. Within this unified multicluster pattern, users can choose a control plane and network topology based on their business needs and requirements. We have also been simplifying Istio's usage beyond containers, making it easier for users to securely onboard VMs into the service mesh. In this talk, we will be demoing the new and improved experience for using Istio with multiple clusters and expanding the mesh to VMs.

avatar for Sven Mawson

Sven Mawson

Principal Software Engineer, Google
Sven is one of the founders of Istio, the open source Service Mesh, and he is a Principal Software Engineer at Google. He joined Google in 2006, and has spent the past 15+ years working on several generations of Google's API and Service Management platforms, beginning with the AtomPub-based... Read More →
avatar for Lin Sun

Lin Sun

Senior Technical Staff Member, IBM
Lin has been working on container and cloud-native since 2014 from Docker to Kubernetes to Service Mesh. She is currently an Istio maintainer, a member of the Istio steering committee and technical oversight committee. She is passionate about new technologies and loves to play with... Read More →

Tuesday November 17, 2020 12:50pm - 1:35pm EST

1:40pm EST

How the DoD Use Istio for End-to-End Encryption and Authentication - Zack Butcher, Tetrate & Jeff McCoy, Platform One
Security remains one of the primary drivers behind service mesh adoption today. We’ll describe why and how Platform One is using a service mesh - Istio - to provide both encryption in transit as well as end-user authentication via SSO for applications across the Department of Defense. We’ll dig into the practical challenges involved in deploying the Istio ecosystem’s authservice, which implements Envoy’s external auth API to provide SSO, and the design considerations that went into making the system incredibly simple for application teams running on Platform One to consume. Finally, we’ll briefly introduce an upcoming NIST IR covering the usage of a service mesh to provide authentication and authorization for applications.

avatar for Zack Butcher

Zack Butcher

Tetrate, Founding Engineer
Zack is a Founding Engineer at Tetrate and helps drive product today. He was one of the earliest engineers on the Istio project at Google, and currently sits as a community elected representative on the project's Steering Committee. He's written Istio: Up and Running as well as worked... Read More →
avatar for Jeff McCoy

Jeff McCoy

CTO, DoD Platform One

Tuesday November 17, 2020 1:40pm - 2:25pm EST

2:50pm EST

Service Mesh use cases for Telco and Edge - Kunal Shukla & Prajakta Joshi, Google
Service Mesh is a key paradigm for Telco, 5G and Edge. In this session, the speakers deep dive into how Service Mesh delivers technical and business value for use cases like: - Service Mesh for modern service ops for Telco - Service Mesh for managing heterogeneous environments with container and openstack/VM services - Service Mesh for 5G Core service based architecture - Telco Security - Consistent service management across multi-cloud and Edge - Extending the experience of Cloud to the Edge The speakers also describe some of the new capabilities that are needed in service mesh for these use cases and the road ahead.

avatar for Prajakta Joshi

Prajakta Joshi

Group PM, Cloud Networking, Telco and Edge, Google
Prajakta is Group PM in Google Cloud leading Cloud Networking, Telco and Edge. In this role, she manages a broad product portfolio spanning areas of Cloud Load Balancing, Content Delivery, modern application networking/service mesh, gRPC, Telco modernization, and 5G/4G Edge Computing... Read More →
avatar for Kunal Shukla

Kunal Shukla

Key Account Executive, Google
Kunal Shukla is the Key Account Executive at Google Cloud focusing in Telecommunication, Media , Entertainment and Gaming vertical for select strategic accounts. Kunal is responsible for sales, business and technology strategy for key customers across 5G/Edge, Telco/IT Cloud, AI/ML... Read More →

Tuesday November 17, 2020 2:50pm - 3:35pm EST

3:40pm EST

Multi(Control Plane/Network/Mesh)??: A Practical MultiCluster Deployment - Nicholas Nellis & Vikas Choudhary, Tetrate
While Working with several traditional customers spanning defense, finance, etc., we found that the service mesh multicluster models that exist today are completely unusable from an enterprise point of view. They are designed with the network administrator in mind, focusing on how to connect two clusters, and not on how developers across teams like to consume the services exposed by other teams. The multicluster models that app teams want, turned out to be dramatically simpler than the ones out there today. This talk discusses our experiences working with these teams, our learnings from how they built out an API-centric multicluster model and what we as a community of (mostly) infrastructure developers should do to better support the application teams

avatar for Nicholas Nellis

Nicholas Nellis

Software Engineer, Tetrate
I enjoy working on the latest and greatest cloud technology. Currently working to improve multi cluster application management using service mesh!
avatar for Vikas Choudhary

Vikas Choudhary

Software Engineer, Tetrate
Vikas has been contributing code in the virtualisation and cloud computing domain since 2013. SDN networking to OpenStack to Docker to Kubernetes to ServiceMesh.Currently he is focussed on Istio/Service Mesh to solve some hard problems in the application networking space.

Tuesday November 17, 2020 3:40pm - 4:25pm EST

5:35pm EST

Running Machine Learning Workloads on a Service Mesh
Data security is one of the key pillars to ensure successful operationalization of machine learning workloads. A service mesh can help build capabilities around mTLS, authorization checks combined with some other goodies to add security, resilience and observability to existing services and applications. JupyterHub is one of the most popular open source tools of choice for teams running machine learning environments. There has been a lot of demand in the community to add support for running JupyterHub with a service mesh on Kubernetes. This talk would cover the journey of adding Istio ServiceMesh support to JupyterHub, the roadblocks, the troubleshooting journey and how Istio makes operating and securing machine learning workloads easier despite the heterogeneous nature of tools that the data scientists use. This combined with network policies and other security best practices for running workloads on Kubernetes makes for a great operational and usability combo.

avatar for Harsimran Singh Maan

Harsimran Singh Maan

Engineer, Splunk

Tuesday November 17, 2020 5:35pm - 6:20pm EST
  • Timezone
  • Filter By Venue Virtual
  • Filter By Type
  • Break
  • General Session
  • Lightning Talk
  • Session Presentation
  • Sponsored Session