KubeCon + CloudNativeCon Europe 2022 is ongoing in Valencia, Spain! And we’re here with the latest buzz, keynote information, and Cloud Unfiltered interviews. Here’s what happened at Day 2 of the conference.
Quote of the Day
We think [centralized authorization] can be sexy. When you look at it as a really interesting distributed systems problem, it becomes sexy.
– Jimmy Zelinskie on Cloud Unfiltered
The theme that we keep hearing in keynotes and interviews is that we need to simplify the Kubernetes ecosystem. There are more vendors and options than ever before, but with those options comes complexity. At the same time, Kubernetes is becoming mainstream, and new adopters need simpler options to get them started with cloud native platforms safely and securely.
Speaking of security, another theme is shifting left. There are some gaps around security in the Kubernetes ecosystem, and these days attackers are becoming faster and more sophisticated. To respond to this, we not only need to educate ourselves in security best practices, but we need to implement those best practices in an automated fashion, as early in the dev cycle, in a way that scales with our organizations.
The keynotes today reinforced some of these themes. Here is a brief synopsis of each one.
Shane Lawrence (Staff Infrastructure Security Engineer at Spotify) spoke about securing the software supply chain. Consider the various vulnerabilities that exist every time we install a package or dependency. How do we measure the aggregate risk of our software dependencies? One way to help verify your supply chain is through the SBOM (Software Bill of Materials), composed of tools and standards such as CycloneDX, Trivy, and Cosign. Another framework tackling the software supply chain is SLSA (Supply-chain Levels for Software Artifacts).
Stephen Augustus (Head of Open Source at Cisco) gave a brief talk with shortcuts on how to get started with cloud native through SiG ContribEx (the Contributor Experience Special Interest Group for Kubernetes) and TAG ContribStrat (the CNCF TAG Contributor Strategy group). Moving on from learning to contributing, he said there are a multitude of ways to do so, including via the Open Source Software Security Mobilization Plan from the Open Source Security Foundation (OpenSSF).
Next up came the CNCF Technical Oversight Committee. Dave Zolotusky (Principal Engineer at Spotify) and Katie Gamanji (Senior Kubernetes Field Engineer at Apple) gave updates from the committee on landscape sustainability and cloud native growth.
From there, Ricardo Rocha (Computing Engineer at CERN) gave us insight into his experience at CERN implementing high-performance computing in a cloud native fashion. It was a fascinating overview of the CERN use case and how Kubernetes is used to address its specific needs for high-throughput computing.
Wrapping up the keynotes, Ben Hale (Senior Staff Engineer at VMware) spoke on the rise of PlatformOps to improve the developer experience through self-service infrastructure platforms, and Emily Fox (Security Engineer at Apple) gave us best practices for securing cloud native platforms.
Cloud Unfiltered Interviews
Cloud Unfiltered@KubeCon is keeping busy as well. We’ve got a slew of interviews covering shift left, the mainstreaming of Kubernetes, and the impact of community. Our recent conversations:
Jimmy Zelinskie (Authzed)
First, we talked with Jimmy Zelinskie (Co-Founder at Authzed) about a managed permissions service based on Google’s Zanzibar system. Beginning with his work at CoreOS and helping to define Kubernetes operators, Jimmy has been involved with the cloud native community from its early stages. Now, with Authzed,
Jimmy is seeking to centralize permissions into a service, reducing code duplication across services as well as allowing permission checking on resources in different applications. Listen to the full episode here.
Ariel Shuper (Cisco)
We chatted with Ariel Shupe (Cloud Applications Security Lead at Cisco) about how we need to shift left with security on our CI/CD pipelines. With containerization and microservices, you need more tools in your pipeline to validate security across your whole environment and in an automated fashion. Shifting left—and doing so with automation—allows you to ensure security while developing at scale. Episode link coming soon!
Neil CressWell (Poratainer)
We talked with Neil Cresswell (CEO at Portainer) about the mainstreaming of Kubernetes and the need for simpler onboarding solutions. Kubernetes used to be primarily the realm of early adopters, but more recently it has shifted toward mainstream adoption. These newer adopters need solutions that help them come into the Kubernetes world easily while also keeping their platforms secure. Listen to the full episode here.
Emilio Salvador (Google)
Emilio Salvador (Developer Relations at Google) came on the podcast to talk about the impact of community on developers and their needs. Developers and software development have changed over the years, and the community has become more important than ever. No longer is it just large corporations that push the technology envelope; open source communities are now the ones moving the industry forward, pushing companies to keep up. Listen to the full episode here.
Alex Ellis (OpenFaas)
We also talked with Alex Ellis (Founder of OpenFaaS) about creating software that solves problems for others and actually matters—while competing with large, cloud platform providers. Along the way, we also discussed developer marketing and what is new in OpenFaaS. Listen to the full episode here.
Next Steps for Cloud Native Pros
- Calisti: A service mesh manager that helps you obtain an end-to-end view of your entire service network.
- Telescope: A cloud native application troubleshooting tool for streamlining fault detection and system health.
- Panoptica: A secure application cloud to add robust security visibility and assessment across your applications.
Each tool is open source-based and enterprise-grade, designed to help you with your cloud native applications deployed to multi-cloud or hybrid-cloud platforms.
We’re two days in, but we’re not done yet with our KubeCon + CloudNativeCon Europe 2022 coverage. Come back for updates and our final thoughts on Day 3 tomorrow!
KubeCon + CloudNativeCon Europe 2022 is the flagship conference of the Cloud Native Computing Foundation, gathering together leading open source and cloud native communities to further the education and advancement of cloud native computing. This year, the conference is being held in Valencia, Spain from May 16-20, 2022.
We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!