Loading…
November 13–15, 2018 - Shanghai, China
Click Here For Information & Registration

To view the Chinese version of this schedule please go here.
请点击此处查看中文版本。

我们将为所有主题演讲和分组会议提供同声传译服务。
Simultaneous translation will be provided for all keynote and breakout sessions.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, November 12
 

15:00

Registration - Early Badge Pickup at JW Marriott Hotel
Monday November 12, 2018 15:00 - 19:00
JW Marriott Hotel Shanghai Changfeng Park Lobby 158 Da Du He Road, Putuo District, Shanghai 200062 China
 
Tuesday, November 13
 

08:00

Registration
Tuesday November 13, 2018 08:00 - 18:00
1F Foyer

09:00

Crafting Diverse Apps, Alibaba Cloud K8s Playground《Kubernetes动手实践课堂》(Additional registration required)
Registration Fee: Free

This workshop invites participants to practice, with the guides of container experts, we will as try using Alibaba Cloud container service and open source tools. This lab covers multi deployment strategies, serverless K8s, service mesh, containerized migration and deep learning open source tools. Welcome to our workshop!

P.S. : Please bring your computer while attending this workshop. And the whole workshop will be in Chinese Mandarin.

Agenda:
Morning Theme: Flexible and efficient management application via Kubernetes
09:00 – 09:40 Containerize and migrate applications, Testing Derrick an open source tools –  Mo Yuan, Alibaba cloud Senior Engineer
09:40 – 10:20 K8s multi deployment strategies – Yun Hao,  Alibaba cloud Senior Engineer
10:20 – 11:00 Flexible management tasks through serverless – Xi Heng,  Alibaba cloud Senior Engineer
11:00 – 11:40 CloudFoudry on K8s – Su Xianyang, SUSE Asia Pacific Senior Cloud Technology

ExpertAfternoon Theme: Container Diverse Practices: Microservices and Machine Learning
13:30-14:10 Microservices and service mesh,let’s play Istio – Alibaba Cloud Staff Engineer
14:10-14:40 Playing deep learning on K8s, Testing Arena, and open source tool – Che Yang, Alibaba cloud Senior Engineer
14:40-15:30 Best Practices for Security Threats and Container Security in a Container Environment –  Remington Tramel , NeuVector APAC Regional Director  & Yong Ge, Alibaba Cloud Staff Product Manager

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 09:00 - 15:30
302 A

09:00

Clear Linux Workshop with Intel (Additional registration required)
Date: Tuesday, Nov 13
Time: 9:00 AM – 4:00 PM
Registration Fee: Free

This workshop led by Intel will provide a technical in-depth view into the Clear Linux OS, with key concepts, architecture, and how Clear Linux is used in enterprise environments. The session will include running a Kubernetes on Clear Linux, as well as go through how to create your own custom Clear Linux OS.

Join us for a live interactive workshop where our experts will cover the following topics:
• Clear Linux OS Fundamentals and Architecture
• Enterprise use cases and application deployment demos
• Using Clear Linux OS tools to create a custom Clear Linux OS

Agenda:
9:00 AM – 10:00 AM:             Breakfast/Check-in
10:00 AM – 10:30 AM:          Clear Linux OS Overview - Key Concepts
10:30 AM – 11:30 AM:          Clear Linux Architecture Overview
11:30 AM - 12:30 PM:           Enterprise Use Cases and Application Deployment Demos
12:30 PM – 1:30 PM:             Lunch
01:30 PM – 4:00 PM:             Clear Linux - Creating Your Custom OS (Hands-on Lab)

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 09:00 - 16:00
2F Room 4

09:00

Cloud Foundry Day (Additional registration + fee required)
KubeCon + CloudNativeCon is the place for the cloud-native community, and Cloud Foundry is synonymous with cloud-native. From startups to the Fortune 500, Cloud Foundry is used by enterprises around the globe to automate, scale and manage cloud apps throughout their lifecycle. Cloud Foundry Day at KubeCon + CloudNativeCon China is an educational event designed for the best minds of the cloud-native world attending KubeCon + CloudNativeCon.

Learn more

Registration Fee: USD $15.00 / RMB ¥100

How to register: Pre-registration is required. Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 09:00 - 16:00
307 AB

09:00

Could Native Best Practices Day By CNBPA /Alauda (Additional registration required)
Registration Cost: Free

The “Could Native Best Practices Day” hosted by CNBPA and Alauda will meet with you on November 13. During that time, the forum will bring together leading software and hardware vendors, ISVs and solution providers in the field of cloud native technology, as well as container peripheral monitoring, operation and maintenance, network, security, big data, AI and other vendors to launch multi-dimensional enterprise cloud native solution display. For the enterprise to build a cloud-based native platform based on container technology in different industry scenarios, realize the process of automation development, testing, operation and maintenance integration and fully embrace the micro-service to provide path reference and comprehensive support.

Schedule:
AM
9:00 — 9:40
Keynote: Cloud Native Helps Enterprises to Continue with Innovation by Kai Chen, CTO, Alauda
9:40 — 11:30
Cloud Native Industry Solution Show by Cloud Native Industry Solution Vend

PM
14:00 — 16:00 Cloud Native Ecosystem Solution Show by Cloud Native Partner

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 09:00 - 16:00
3M1 AB

09:00

Kubernetes Training by Caicloud (Additional registration + fee required)
Registration fee: 800 RMB/ $115 USD

This advanced Kubernetes training course assumes that participants are already familiar with the following topics:
  • Familiar with the basics and operations of Linux
  • Familiar with the package installation method on Linux
  • Bring your own computer and Internet access
  • Pre-installed in advance VirtualBox Virtualization Manager
The main lecturer of this training:
  • Deng Deyuan, Caicloud Technology CTO, CNCF official certification Kubernetes training instructor, was a core member of the US Google Cluster Management Group, mainly involved in the development of cluster management system. As a core member, he participated in the development of the Google Open Source Project (Kubernetes) based on the container cluster, and used to be the top ten contributor and the most highly contributing Chinese in the world.
  • Du Ning, Caicloud Technology CGO, 16 years of IT, CT, DT industry experience, has held technical management positions in a number of multinational companies. He is a cloud computing expert who has received numerous international certifications such as IaaS, PaaS, deep learning, big data solutions, etc. He is renowned as training specialist in open source container industry in China.
The training will be conducted through instructor-led lectures, in the form oftraining in the offline+practical combat+Q & A interaction, which will enable participants to learn more about the following topics:
  • Kubernetes architecture and principles
  • Kubernetes workflow
  • Kubernetes core concept
  • Kubernetes scheduler scheduling policy
  • Kubernetes network analysis
  • Kubernetes storage model and practice
  • Kubernetes dynamic storage management and expansion
  • New features in Kubernetes : LocalVolume, impact on schedulers and limitations
  • New features in Kubernetes: CSI and CSI-based volume expansion
  • Kubernetes Problem Location: CSI component performance problem location and tuning
A complete cloud lab environment will be available, so the only requirement is a laptop with a modern version of Chrome or Firefox.

Tuesday November 13, 2018 09:00 - 16:00
2F Room 2

09:00

Kubernetes Workshop with VMware (Additional registration + fee required)
Registration Fee: RMB 100

This workshop led by VMware will provide a technical in-depth view into Kubernetes, with key concepts, architecture, and how Kubernetes is used in enterprise environments. The session will include running Kubernetes in enterprise use case scenarios and how enterprises can operationalize Kubernetes addressing day 1 and day 2 needs.

Join us for a live interactive workshop where our experts will cover the following topics:
  • Kubernetes Fundamentals and Architecture
  • Enterprise use cases and application deployment demos
  • Operationalizing Kubernetes for Day 1 and Day 2
  • Observability and Troubleshooting Kubernetes
  • Using a secure container registry (Project Harbor)
  • Kubernetes Networking and Service Mesh for inter-service communication
Agenda:
9:00 AM – 10:00 AM Breakfast/Check-in
10:00 AM – 11:00 AM Kubernetes Fundamentals and Architecture
11:00 AM – 12:00 PM Kubernetes Networking and Service Mesh
12:00 PM – 1:00 PM Lunch
1:00 PM – 2:00 PM Enterprise Use Cases and Application Deployment Demos
2:00 PM – 3:00 PM Secure Registry (Project Harbor)
3:00 PM – 4:00 PM Operationalizing Kubernetes: Monitoring and Logging

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 09:00 - 16:00
305 A

09:00

Tungsten Fabric Workshop (Additional registration required)
Tungsten Fabric Workshop at KubeCon China 2018 Call for Presentations
Tungsten Fabric, a Linux Foundation Networking Project, will host a full-day SDN workshop on November 13, 2018 (Tuesday), as an official Co-Located event of KubeCon + CloudNativeCon China.

Overview of the Tungsten Fabric Workshop

Open source software is shaping how organizations compete, and SDN networking technology is evolving to support that revolution. However, building an SDN/NFVi platform that supports different open source infrastructure and app development technologies is not easy. Tungsten Fabric, a Linux Foundation Networking project, is an open source SDN with a proven track record at scale in the demanding world of production carrier deployments.

Join us to learn about the project and how the community is preparing for some exciting edge computing use cases. The workshop will feature the announcement of the first Tungsten Fabric lab in China, the first Linux Foundation Certified Lab for Network Technology Innovation. Another highlight of the workshop will be have the lucky drawing to win new Apple iWatches, provided through the generosity of SDNLAB (www.sdnlab.com).

Innovation happens when the community combines its talents, so come and interact with the leading minds building this exciting project!

Agenda Intro
Break 10:40 – 10:55 (15 min)
Lunch (provided) 12:05 – 1:00 (55 min)
Network
Break 2:00 – 2:15 (15 min)
Kubernetes & Storage
How to Attend
The Tungsten Fabric Workshop is free of charge. However, everyone attending a co-located event must have a ticket to KubeCon + CloudNativeCon China 2018 (cost is estimated at $300). This provides access to the entire KubeCon China conference, and we encourage you to enjoy the exciting technology feast that the conference has to offer. After registering for the conference, you will have the opportunity to select and RSVP for the Tungsten Fabric Workshop. Two Apple iWatches are waiting for you.

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here

More Information

For more information, email Conferences@lists.tungsten.io

Tuesday November 13, 2018 09:00 - 16:00
302 B

09:30

Microsoft Serverless Day – Best Practices on Kubernetes (Additional registration required)
Registration Fee: Complimentary

Microsoft embraces open source and there is dramatic increasing of investment of OSS projects, which demonstrating Microsoft’s orientation as well as the attitude of open source.

Microsoft will hold an offline Serverless Day – Best Practices on Kubernetes on November 13, 2018. It will have many experts together to share with the latest technologies in the field of open source, cloud native, container and Kubernetes.

Agenda:
9:00- 9:30 - Check-In
9:30-10:15 - Opening – Kubernetes, AKS and Future of Kublets - Brendan Burns
10:15-11:00 - Opening – AKS and Toolings - Gabe Monroy
11:00-11:45 - Panel Discussion - Kubernetes Comunities
11:45-13:30 - Lunch with Experts
13:30-14:30 - AKS Walking through and latest updates - Saurya Das
14:30-15:50 - HOL: AKS and toolings - Nicole Hubbard
15:50-16:00 - Q&A - All speakers

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 09:30 - 16:00
305 B

10:00

Contributor Summit Doc Sprint (Additional registration required)
Contributor Summit will be having two community participation events: The Doc Translation Sprint and The New Contributor Workshop.

The Doc Translation Sprint is for Chinese-speakers who want to contribute to the documentation by making a complete Kubernetes manual available in Chinese. For this workshop, you must have a moderate proficiency in both English and Chinese. Pre-registration is recommended for this event.

For either workshop, you should also sign the Kubernetes CLA before attending. You may not attend both.

Registration Fee: Free

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 10:00 - 17:00
3M 3

10:00

Kubernetes New Contributor Summit (Additional registration required)
The New Contributor Workshop is for developers who want to get started contributing code to the project. To participate, you must be familiar with Kubernetes as a user, have used git before, have moderate proficiency in English, and have a serious interest in contributing. Pre-registration is required for this workshop, as we expect it to be full.

For either workshop, you should also sign the Kubernetes CLA before attending. You may not attend both.

IMPORTANT: For the New Contributor Workshop you will receive a confirmation email on November 1st. You must respond to this confirmation email, or you will lose your reservation to the workshop. This email will also contain further instructions on how to prepare. There will be a waiting list for both events, in case registrants fail to confirm.

Registration Fee: Free

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 10:00 - 17:00
3M 5

13:30

Service Mesh Enterprise Summit – Rancher Labs & Huawei (Additional registration required)
Registration Cost: Free

Activity Details:
Service Mesh is considered as one of the most popular technical trend after Kubernetes, and has become a buzzword in the container industry in the past year. Service mesh can dramatically simplify user experience and drive Kubernetes adoption to the next level in many large organizations, which is widely regarded as the best technical design of the new generation of micro-service architecture. Recently, the application and exploration of Service Mesh technology in domestic and foreign enterprises and technology fields are pretty hot. For most enterprises that use containers, Service Mesh is the missing piece in most container deployments.

KubeCon, organized by CNCF, is a worldwide top technology event in Kubernetes and container technology, and will be held in China for the first time this year, from November 14th to 15th. With the concept that “technology and products are good only when they can be adopted in production by enterprise”, Rancher Labs will jointly organize the KubeCon Pre-event with CNCF, and launch 2018 China Service Mesh Enterprise Summit on 13rd Nov.

By then, technology leaders and microservices architects from well-known companies such as Ping An Technology, SAIC Group, China Life Insurance, Huawei Technologies, CRRC Group, Trina Solar, Goldwind, Industrial Bank, Michelin, Zoomlion, Schneider Electric, and Guolian Life Insurance will share their experiences and insights in the next generation of service architecture and Service Mesh applications.

During this year’s summit,we will also set up China Service Mesh Enterprise Technology Alliance and Expert Committee. This summit will be held once a year in the future, as a forum and platform for Chinese enterprise Service Mesh users and technical experts to exchange experience and promote Service Mesh related technologies in China.

We sincerely invite technical experts and users from all over the country to come to the summit to bring your application practice, share your technical experience, make friends, learn from each other and promote it, and add bricks for the application of new technologies such as domestic containers and micro-services, contribute your wisdom and strength.

At the scene, there are more custom-made Polo shirts, custom backpacks and custom power supplies as commemorative gifts. I hope more friends will become part of our community.

Agenda: 

09:00-09:20 Opening Remarks by Xiaokang Qin, General Manager, Greater China, Rancher Labs
09:20-10:00 "How to make Service Mesh work for everyone" by Sheng Liang, Rancher Labs co-founder and CEO
10:00-10:30 "Huawei Istio: The Design of Enterprise Service Mesh Service" by Pu Fang, Huawei CloudBU Container Service Domain Product Director
10:30-11:00 “Winhong x Rancher Cloud Native Joint Solution Release Ceremony" by Jianming Chen, Winhong Senior Vice President
11:00-11:30 "Exploration and Practice of SAIC Motor Container Technology" by Hanshen Gong, SAIC Manager of Business Development Department
11:30-12:00 Panel: Industrial Internet and Smart Manufacturing in the Age of Cloud 2.0
 
13:30-13:55 "Service Mesh and Istio in the Cloud Native Application Layout" by Shannon Williams, Rancher Labs Co-founder and Vice President of Sales
13:55-14:20 "Isio-based Cloud Native Application Governance Practice" by Hewei Liu, Technical Director of Huawei CloudBU Container Service Domain
14:20-14:45 "Best Practices in Container Technology in New Energy Forecasting Products" by Li Zhang, Goldwind Technology Data Platform Architect
14:45-15:10 "How to get companies to use Istio on a large scale" by Rancher Labs Principal R&D Engineer Alena
15:10-15:35 "Design and Construction of Industrial Bank Container Cloud Platform" by Mingliang He, Industry Solution Expert
15:35-16:00 "Best Practices in the Field of Education Information Technology" by Haidong Han, Supwisdom Technology VP

How to register: Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 13:30 - 16:00
2F Room 1

16:30

Take the Wheel, Don’t Reinvent It! - Deploying Apps With Helm in 5 Minutes - Christopher Hanson, RX-M Enterprises, LLC
So you’ve deployed Kubernetes, now what? Time to deploy your applications! First things first, describe a Deployment to control your Pods--it is probably going to need a Secret or two and maybe a ConfigMap too! Now specify a Service to give it a VIP and introduce an Ingress to expose it! Saving some data? Propose a PVC! What about adding a Service Account or CRB? Lost in alliterations and acronyms? Helm is here to help!

This lighthearted session introduces Helm in an approachable way: revealing its architecture and nomenclature; introducing Charts, Chart components, and the official Charts repository for curated apps; as well as explaining Releases and Release upgrades. Information will be presented in a platform agnostic way to show attendees how to read, customize, and deploy an existing Chart to fit their needs, whether in the cloud, on a given platform or in their own datacenter.

Speakers
avatar for Christopher Hanson

Christopher Hanson

Senior Associate Consultant, RX-M Enterprises, LLC
Christopher is a consultant at RX-M, a leading cloud native consulting and training firm. Chris has written courseware and delivered training globally to hundreds of DevOps engineers at Fortune 100 companies on Kubernetes, Helm, Istio, containerd, Docker, OpenShift and other cloud... Read More →



Tuesday November 13, 2018 16:30 - 16:35
2F Room 3

16:35

From Enterprise Image Registry to Chart Repository - Tan Jiang, VMware
In the On-Prem enterprise environment, we've been packaging content into docker images and hosting them using docker registry for some time, now helm chart has become the choice of application package format on Kubernetes, it's time to explore what's the proper way to host Helm Charts.

Based on our experience extending a private docker image registry (Project Harbor) to a Helm Chart registry. We'll share some of the key issues we see in Helm Chart management in an enterprise, such as RBAC, signing, vulnerability scanning, and how we provide a integrated user experience in managing/inspecting Helm Charts with docker image management. We'll also discuss the challenges we are seeing in this journey, and the possible solutions.

Speakers
avatar for Tan Jiang

Tan Jiang

Staff Engineer, VMware
I'm a software engineer from VMware, who joined the company around the end of 2015. Currently working on a open source registry project called Harbor. I'm one of the founding member of this project. I have been giving speech in different meet-ups talking about docker image management... Read More →



Tuesday November 13, 2018 16:35 - 16:40
2F Room 3

16:40

Kubernetes Explained the Easy Way, Using Computer Games... - Steven Trescinski, Gluo
How do you explain some of the basic Kubernetes constructs (i.e. nodes, pods, rolling updates, image tags, deployments,...) together with their concrete use cases in a fun and memorable way to people that have never heard of Kubernetes before?

The above was the challenge I was faced with when preparing my talk titled "Orchestrating the Container Chaos" for a group of Belgian students. So I started looking for something that most engineering students can relate to...

I ended up modding a first-person shooting computer game to interact with the Kubernetes API to visualise some of the main Kubernetes constructs. During this talk I will explain the tools/technologies used and hopefully inspire others to think outside of the box when preparing for technical talks.

Screenshots:
https://drive.google.com/open?id=1dKeYuBJEnm9SmZjil4aAgVCtOs9D0lZT

Speakers
avatar for Steven Trescinski

Steven Trescinski

DevOps and Container Architect 运维开发和容器架构师, Gluo
DevOps minded open, Cloud focused Open Source enthusiast with an increasingly growing passion for Containers, Orchestrators, Microservices and Chaos Engineering. DevOps 人思想开明,聚焦云开源的爱好者不断热衷于容器化、调配、微服务和混沌工程。



Tuesday November 13, 2018 16:40 - 16:45
2F Room 3
  • Skill Level Any

16:45

Upgrading Stateful Sets in Constrained Environment - Kishore Yerrapragada, A10 Networks
The session will share the experiences we have had and lessons we learned in the process of upgrading micro service based platform with stateful sets in a resource constrained environment.

We have adopted Kubernetes as platform to host as well as distribute our management control plan that manages lots of high through put network software/hardware. We use the same platform to host SaaS as well as ship it on custom hardware to our on premise customers. While Kubernetes allows us to do rolling upgrades with out impacting the availability, we need to make sure our upgrades don't require extra resources as they run on fixed baremetal. These stateful sets include Cassandra, Elastic Search with out shared storage. The session will cover important hurdles in these environments and share some of the techniques we have used to over come those.

Speakers
KY

Kishore Yerrapragada

VP of Engineering 工程副总裁, A10 Networks
Speaker heads engineering for cloud division for A10 Networks. He owns the product and platform that powers A10 Networks SaaS business as well as management platform. Previous to this, he was part of Cloud.com team that built Apache CloudStack and was also responsible for designing... Read More →


Tuesday November 13, 2018 16:45 - 16:50
2F Room 3
  • Skill Level Any

16:50

All About Kubernetes Certification Programs - Christopher Hanson, RX-M Enterprises, LLC
This lightning talk aims to raise awareness about the Kubernetes certification programs: CKA, CKAD, KCSP and CKCP. The discussion will introduce what they are, how they differ from one another, and the value they provide for participating individuals/vendors as well as companies looking to engage a vetted service provider. Attendees will be exposed to resources that will assist them in understanding the paths to certification or conformance as well as the educational and community resources available to test takers for exam preparation.

Speakers
avatar for Christopher Hanson

Christopher Hanson

Senior Associate Consultant, RX-M Enterprises, LLC
Christopher is a consultant at RX-M, a leading cloud native consulting and training firm. Chris has written courseware and delivered training globally to hundreds of DevOps engineers at Fortune 100 companies on Kubernetes, Helm, Istio, containerd, Docker, OpenShift and other cloud... Read More →



Tuesday November 13, 2018 16:50 - 16:55
2F Room 3
  • Skill Level Any

17:00

How to Simplify Data Scientist’s Day in Huge Company Using Kubernetes - Igor Khapov, IBM
In this presentation, speaker shares his experience on creating Data Science Experience Local based on Kubernetes and how it can accelerate data analysis process. The presenter describes different ways of using docker and Kubernetes for data scientist’s everyday job. IBM uses a cluster environment for internal and external data science projects. We will review all requirements from analytic team to cluster environment to develop, test and manage data science models based on Jupyter, R and Zeppelin notebooks

Speakers
avatar for Igor Khapov

Igor Khapov

Head of virtualisation development department, IBM
Team manager and technical expert with more than 10 years of development experience. Blockchain evangelist. Speaker in multiple technical meetups and conferences. IBM Cloud advisor, Kubernetes and Docker expert. Mentor for multiple hackathons.



Tuesday November 13, 2018 17:00 - 17:05
2F Room 3

17:05

Kubernetes Love Machine Learning, Even on Private Cloud - Hui Luo, VMware
Kubernetes has established as a good platform for machine learning workloads by extending support of accelerators like GPU, all major public cloud provider are offering GPU enabled Kubernetes services, but public cloud is not the only option for users. There are ongoing efforts from the community to make running machine learning workloads with Kubernetes on private cloud as easy as on public cloud.

This talk is going to cover 3 major challenges that facing private cloud when enable GPU on Kubernetes. I will also demonstrate and discuss some of the projects that help to solve those challenges:
1) Private cloud usually needs to support a wider range of GPU types, in some case, to support heterogeneous GPU in one cluster
2) To support complex hardware topology like RDMA, NVLINK
3) GPU resource contention is usually very high when limited GPU resource shared by multiple teams

Speakers
avatar for Hui Luo

Hui Luo

Software Engineer, VMware
Software engineer at VMware cloud native application team.Active contributor to upstream kubernetes in area like device plugin.Contributor at vSphere cloud provider, cluster api vSphere.罗晖是来自VMware云原生应用组的软件工程师,他积极参与和贡献给kubernetes社区,并且是vSphere... Read More →



Tuesday November 13, 2018 17:05 - 17:10
2F Room 3

17:10

CI/CD Pipelines and Machine Learning - Jeremy Lewi, Google
This sessions will be part of the larger Kubeflow presentation. This will specifically cover how to use CI/CD pipelines to serve machine learning models on Kubernetes via Kubeflow.

Machine Learning requires a lot of training, experiments and retraining. It also requires a lot of data. Automating these can be difficult for many data scientists. Well now that we are able to make Machine Learning more cloud native via Kubeflow, allowing it to run on Kubernetes, we should now make use of the tooling that is available in a cloud native architecture. While most of my demo will involve WeaveWorks Flux, I will try to speak in general terms revolving around best practices in building a cloud native machine learning automation pipeline.

Speakers
avatar for Jeremy Lewi

Jeremy Lewi

Senior Software Developer, Google
Jeremy Lewi is a co-founder and lead engineer at Google for the Kubeflow project, an effort to help developers and enterprises deploy and use ML cloud-natively everywhere. He's been building on Kubernetes since its inception starting with Dataflow and then moving onto Cloud ML Engine... Read More →



Tuesday November 13, 2018 17:10 - 17:15
2F Room 3
  • Skill Level Any

17:15

Kubernetes CI/CD Practices at Meetup - Rui Chen, Meetup
The presentation would be like case-study style to introduce the Kubernetes practices @ Meetup around CI/CD.

The agenda of the presentation would be divided into:
* Current infrastructure status @ Meetup
* Configuration stack
* Deployment flow and process
* Challenges with managing things at scale
* Road ahead

Speakers
avatar for Rui Chen

Rui Chen

Sr Infrastructure Engineer, Meetup
I am currently working at Meetup as infrastructure engineer. While help maintaining the Kuberentes clusters built around AWS. I am advocating and implementing the solutions around CNCF projects. I am actively participating in NYC DevOps meetups and sharing the knowledge and experience... Read More →



Tuesday November 13, 2018 17:15 - 17:20
2F Room 3

17:20

Jidproxy: ContainerCI On Kubernetes - Feng Wang, JD.COM
Jidproxy is a tool developed by the engineers of JD.COM. It implements the function of compiling packages and building images through Jenkins and Kubernetes. Its main features are as follows:
1) Support jenkins master high availability
2) Expand and Reduce jenkins matster and slave dynamically
3) Compile from source code and build image with source code or code package
4) Storage the compile and build task metadata information to database

Speakers
avatar for Feng Wang

Feng Wang

Software Engineer 软件工程师, JD.COM
Kubernetes Engineer of JDOS Team of JD.COM. Joined JD.COM in 2013 and Develop CI/CD tool based on Kubernetes since 2016. 京东 JDOS 团队的 Kubernetes 工程师。2013 年加入京东,从 2016 年开始开发基于 Kubernetes 的 CI/CD 工具。



Tuesday November 13, 2018 17:20 - 17:25
2F Room 3

17:30

Canary Deployment With Prometheus - Andrey Markelov, Infobip
I want to share my success story about using Prometheus for canary deployment. Currently I work with Java micro-services and every micro-service is usually deployed to the production environment at least once a week. To prevent fatal errors for high-loaded applications we deploy our application to one node with reduced traffic and after verifying we deploy to all others. This approach is called "canary deployment" and for us it is based on Prometheus metrics. We compare the metrics from the deployed node with historical metrics of other nodes and make a decision about version stability. I will show how we accomplish it and how it works. Also I would like to go deep into implementation details: HA Proxy, health checks, Jenkins. The real metrics examples will be shown.

Speakers
avatar for Andrey Markelov

Andrey Markelov

Senior Software Engineer 高级软件工程师, Infobip
I am a Senior Software Engineer at platform department of Infobip. I have 11+ years experience in Java programming and DevOps in different areas: banking, telecommunications and mobile app development. Besides I am developer evangelist for Prometheus, Docker and Redis. In addition... Read More →



Tuesday November 13, 2018 17:30 - 17:35
2F Room 3

17:35

Effectively Extending Kubernetes Resources - Fan Zhang, VMware
In the real world, developing and maintaining Kubernetes CustomResourceDefinitions (CRD) and controllers are tedious, but add significant value for the Kubernetes cluster. Instead of building one from scratch, Kubebuilder aims to simplify API development by providing the cli tool and SDK, making it possible for the developer to focus on target purpose only, without having to care about how the Kubernetes resources work. In this talk, Fan Zhang will explore an effective approach to rapidly build and publish Kubernetes API by kubebuilder, and review how it is used in extending Kkubernetes resources in running cluster.

Speakers
avatar for Fan Zhang

Fan Zhang

Senior Software Engineer, VMware
Fan Zhang is a senior software engineer at VMware, where he works on both Kubernetes relating projects and enterprise products of VMware as cloud provider. As a Kubernetes/Kubernetes-SIG member, he actively contributes in kubernetes upstream, SIG projects, and other open source projects... Read More →



Tuesday November 13, 2018 17:35 - 17:40
2F Room 3

17:40

Kube-Liveboard: Make Your Cluster Visible - Xinkun Xu, JD.COM
Kube-liveboard is a visible tool which can provide more details of the cluster status by analyzing log data in real time and watching the resources from api. It can offer these:
- the number, the cost time, the source ip of the request group by namespaces, resources or request methed in apiserver.
- the cost time of each steps and the schedule result in kube-scheduler.
- the statistics of containers in different states at different times.
- the changes in the number of containers and nodes group by their states or namespaces.
- the cost time of each steps during the lifecyle of the pod.
With it, the administrators can understand the trend of cluster changes and the bottleneck of the performance. Also, the administrators can take advantage of the data to send alarms. The topic will show why it is developed and how it works.

Speakers
avatar for Xinkun Xu

Xinkun Xu

Senior Software Engineer 高级软件工程师, JD.COM
Senior engineer at JD.COM. Joined JD.COM in 2013 and started containerization in 2014. In 2016, began to work on the customization and operation of kubernetes. At present, focus on the customization and operation of large-scale kubernetes clusters, and the related work of scheduling... Read More →



Tuesday November 13, 2018 17:40 - 17:45
2F Room 3
  • Skill Level Any

17:45

Designing Kubernetes Clusters That Run on Embedded Devices - Daniele Polencic, learnk8s
Kubernetes is designed to run on data centres and in the cloud. After all, it is engineered to squeeze every last drop of efficiency from your servers. But does that mean that you can only use it on real servers? What about smaller computers such as routers? Can you create a Kubernetes cluster that is made of a collection of routers over a 5G network?
This talk explores the challenges of designing such cluster topology and what you should look for when you create a cluster with networking, memory and CPU constraints.

Speakers
avatar for Daniele Polencic

Daniele Polencic

Instructor, Learnk8s
Daniele is a technical consultant and instructor based in London and Singapore. Daniele is a certified Kubernetes administrator by the Linux Foundation. In the last decade, Daniele trained developers for companies in the e-commerce, finance and public sector.


full pdf

Tuesday November 13, 2018 17:45 - 17:50
2F Room 3
  • Skill Level Any

18:00

CNCF Harbor China Community Reception & Award Ceremony (Additional registration required)
Cloud Native Computing Foundation (CNCF) has accepted Harbor as a Sandbox-level hosted project on August 1 this year. It was the first CNCF project originally created in China and the first CNCF project of VMware. The Harbor project has taken root and grown up in China Community. We know that the success of Harbor is inseparable from the contribution and support from Chinese users!

时间
Time主题
Topic演讲嘉宾
Speaker18:00-19:00自助酒会 Reception任道远,VMware中国研发中心总经理
Alan Ren, General Manager of VMware China R&D
Dan Kohn, CNCF执行董事
Dan Kohn, CNCF Executive Director19:00-19:05欢迎致辞
Welcome Speech张海宁,Harbor项目创始人
Henry Zhang, Harbor Project Founder
任茂盛,VMware高级研发经理
Steven Ren, VMware Senior R&D Manager19:05-19:15Harbor路线图与治理模式
Roadmap and governance model of Harbor邹佳,VMware主任工程师
Steven Zou, VMware Staff Engineer I19:15-19:25新功能分享:DevOps支持
New Feature Sharing: DevOps support王岩,VMware资深工程师
Yan Wang, Senior Member of Technical Staff19:25-19:35Helm Chart仓库
Helm Chart Repository姜坦,VMware主任工程师
Daniel Jiang, VMware Staff II Engineer19:35-20:15Harbor社区用户案例分享
Harbor Community User Case SharingHarbor社区用户及合作伙伴
Harbor Community User & Partner20:15-20:30云原生社区历程
Journey of Cloud Native Community韩佳瑶,K8sMeetup中国社区创始人
Jiayao Han, K8sMeetup China Community Founder20:30-20:45Harbor贡献者心路历程分享
Harbor Contributors-My Story with Harbor尹文开,VMware高级工程师
Wenkai Yin, VMware Senior Engineer
陈德,才云科技资深工程师
De Chen, Caicloud Senior Engineer20:45-21:00Harbor社区颁奖典礼
Harbor Community Awards CeremonyHarbor中国社区
Harbor China Community21:00活动结束
Close
How to register: Pre-registration is required. Add this event to your existing KubeCon + CloudNativeCon China registration here.

Tuesday November 13, 2018 18:00 - 21:00
305 A

19:00

VIP Reception (VIP ticket holders or by invitation only)
For invited guests + VIP ticket holders only. 

Tuesday November 13, 2018 19:00 - 21:00
POP American Brasserie & Bar THREE ON THE BUND No. 3 Zhong Shan Dong Yi Road
 
Wednesday, November 14
 

07:00

Registration
Wednesday November 14, 2018 07:00 - 18:00
1F Foyer

08:00

Sponsor Showcase + Welcome Breakfast
Visit with sponsors, network with fellow attendees and enjoy coffee and pastries before the keynotes begin. The sponsor showcase will be closed during keynote presentations.

Wednesday November 14, 2018 08:00 - 09:00
1F

09:15

Keynote: Welcome Messages
Wednesday November 14, 2018 09:15 - 09:30
301
  • Skill Level Any

09:30

Opening Keynote: Cloud Native in China - Dan Kohn, Executive Director, Cloud Native Computing Foundation
Speakers
avatar for Dan Kohn

Dan Kohn

Executive Director, Cloud Native Computing Foundation
Dan is Executive Director of the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes and Prometheus. He also helped create the Linux Foundation's Core Infrastructure Initiative as an industry-wide response to the security vulnerabilities demonstrated by Heartbleed.He previously served as CTO of several startups, including Spreemo, a healthcare marketplace, and Shopbeam, a shoppable ads company. Earlier, he was a general partner at Skymoon Ventures, a seed-stage... Read More →



Wednesday November 14, 2018 09:30 - 09:40
301
  • Skill Level Any

09:40

Keynote: Harbor - Henry Zhang, Technical Director & Alan Ren, General Manager, R & D, VMware
Speakers
AR

Alan Ren

General Manager, VMware China R&D Center
Alan Ren serves as the General manager of VMware China R&D,taking in charge of the research and development of innovative projects, such as container management platform on Cloud Native, Kubernetes, Harbor, IoT, Blockchain, and Machine learning etc. He has also overseen the research... Read More →
avatar for (Haining Henry) Zhang

(Haining Henry) Zhang

Technical Director, VMware
Henry Zhang is the Chief Architect of China R&D, VMware. His primary role is to lead the development and incubation of projects on emerging technologies, including container, blockchain and AI. He was the founder of CNCF’s Project Harbor. Henry was the first evangelist in China... Read More →



Wednesday November 14, 2018 09:40 - 09:50
301

09:52

Keynote: Kubernetes and Other CNCF Projects Overview - Liz Rice, Technical Evangelist, Aqua Security & Janet Kuo, Software Engineer, Google
Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. Last year she was Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →



Wednesday November 14, 2018 09:52 - 10:12
301
  • Skill Level Any

10:14

Keynote: The Cloud Native Ecosystem in China - Tao Ma, Principal Engineer, Alibaba Cloud
Cloud native computing is growing fast these days, and many companies here in China are working on moving their infrastructure to a cloud-native one. In this talk, you will hear about stories about how several quite different companies' work with cloud native and how big improvement cloud-native computing has done to these companies and how cloud-native computing affects everyone's life here in China.

Speakers
TM

Tao Ma

Principal Software Engineer 首席软件工程师, Alibaba Cloud
Tao Ma had his first Linux box in the late 1990s. He played with Linux from then on and found his first job of C programming on Linux. He had his first commit in Linux kernel in 2007 and began his journey in Linux kernel development. Most of his contribution was related to file system... Read More →



Wednesday November 14, 2018 10:14 - 10:19
301
  • Skill Level Any

10:21

Keynote: Prometheus, Jaeger, and Envoy: The Observability for Today's Enterprises - Priyanka Sharma, Director of Cloud-Native Alliances, GitLab
What do Nike, DigitalOcean, Grafana and Red Hat have in common? They’ve all adopted multiple major open source observability projects over the last few years for DevOps. Priyanka Sharma explores the various projects leading the way (including Prometheus, Jaeger, and Envoy), explains how they fit together and offers a view of the future ecosystem. In addition to discussing the current movement, Priyanka shares best practices on how organizations build on and contribute to observability in open source, which will continue to strengthen the ecosystem.

Speakers
avatar for Priyanka Sharma

Priyanka Sharma

Director of Technical Evangelism, GitLab
Priyanka Sharma is the Director of Cloud-Native Alliances at GitLab Inc. She also serves on the board of the Cloud Native Computing Foundation (CNCF) and has deep expertise in DevOps and observability. A former entrepreneur with a passion for growing developer products through open... Read More →



Wednesday November 14, 2018 10:21 - 10:41
301
  • Skill Level Any

10:41

Keynote: Closing Remarks - Janet Kuo, Software Engineer, Google
Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →


Wednesday November 14, 2018 10:41 - 10:45
301
  • Skill Level Any

10:45

Coffee Break
Enjoy coffee & snacks in the Sponsor Showcase.

Wednesday November 14, 2018 10:45 - 11:05
1F

10:45

Jenkins X: CI/CD Solution of Modern Cloud Application Based on Kubernetes - Xiaojie Zhao, Alauda
In the context of the popularity of cloud-native technology, as the old continuous integration tool, Jenkins will develop, whether can continue to maintain the dominant position. Under the DevOps boom, what are the best practices of Kubernetes and Jenkins, represented by containerized orchestration technology? We use Jenkins X as an example to explore how to create DevOps products that meet our business needs, and thus maximize the efficiency and quality of software development.

Speakers
XZ

Xiaojie Zhao

Senior DevOps Engineer 灵雀云DevOps高级研发工程师, Alauda
Alauda senior DevOps engineer, the main maintainer of JenkinX Chinese site.Proficient in DevOps technology stack, CI/CD, K8S, Jenkins and other related R & D experience.灵雀云资深DevOps工程师,JenkinX中文站的主要维护者。精通DevOps技术栈,对CI/CD、K8S... Read More →


Wednesday November 14, 2018 10:45 - 11:05
Demo Theater, Sponsor Showcase
  • Skill Level Any

10:45

Sponsor Showcase
Visit with sponsors, network with fellow attendees and enjoy food & drinks in the Sponsor Showcase.

Wednesday November 14, 2018 10:45 - 17:00
1F

11:05

Migrating Enterprise Microservices From Cloud Foundry to Kubernetes – Tony Erwin & Jonathan Schweikhart, IBM
Historically, the forty microservices making up the IBM Cloud UI have been deployed as apps on Cloud Foundry (CF), an open source PaaS. But, recently, this enterprise microservice system has been migrated to run on Kubernetes to take advantage of improved orchestration, higher availability, and better performance. Tony Erwin & Jonathan Schweikhart will discuss their journey and provide insights into the advantages of Kube over CF. Even more importantly, they will describe approaches to solving new problems that took the place of old ones, such as: 1) adapting PaaS apps to run as containers on Kube, 2) enabling geo load balancing between the different platforms (to vet Kube before entirely replacing CF), 3) integrating tools like Prometheus into existing monitoring systems, and more! Their team's experiences will help you avoid pitfalls as you look to perform your own migrations to Kube!

Speakers
avatar for Tony Erwin

Tony Erwin

Senior Technical Staff Member 高级技术员, IBM
Tony Erwin is a Senior Technical Staff Member at IBM and the Lead Architect for the IBM Cloud UI. He has extensive full-stack experience developing UIs with a wide variety of client and server technologies. Current interests include cloud, Node.js/JavaScript, microservices, reliability... Read More →
JS

Jonathan Schweikhart

Advisory Software Engineer 咨询软件工程师, IBM
Jonathan Schweikhart is an Advisory Software Engineer at IBM and the DevOps lead for IBM Cloud UI. He has extensive experience with development practices, continuous delivery, automation, metrics, and monitoring. Current interests include Node.js/JavaScript, Kubernetes, and Prometheus.Jonathan... Read More →



Wednesday November 14, 2018 11:05 - 11:40
2F Room 2

11:05

Using Kubernetes for Handling Second Screen Experience of European TV Show - Jan-Erik Revsbech & Thomas Hector, Peytz & Co
Danish TV station TV 2 runs a nationwide, very popular entertainment show called “Fuld Plade”. The show is basically a bingo show, where the audience can participate in the bingo game live on their smartphones, tablets, or computers. The nature of live TV shows add a very interesting workload scenario where the application needs extremely high scalability. During the hour of the show, the load on the system increases by a factor of 100, and is therefore a very good case for highly scalable solutions.

The presentation will show how we at Peytz & Co solved the task of delivering this kind of solution, using GoLang deployed to a Kubernetes cluster, and how using Prometheus helped us gain valuable insight into the performance of the application.

Speakers
avatar for Thomas Hector

Thomas Hector

Head of Operations 运营经理, Peytz & Co
Thomas is Head of Operations at Peytz & Co and responsible for hosting all the customers applications. This includes everything from the architectural decision of designing the infrastructure to choosing which types of technologies to use in the specific case. Thomas has been managing... Read More →
avatar for Jan-Erik Revsbech

Jan-Erik Revsbech

CTO 首席技术官, Peytz & Co
Jan-Erik is a skilled and very experienced developer who, in addition to being CTO at Peytz & Co, is head of the department that develops specialized data-driven solutions at Peytz & Co. From 20 years of experience working with web-development, both at Peytz & Co and earlier as the... Read More →



Wednesday November 14, 2018 11:05 - 11:40
305 B
  • Skill Level Any

11:05

Kubernetes Native DevOps Practice - Lei Wang, TenxCloud
This topic will cover a new approach that we used to build DevOps solution on top of Kubernetes. We find it's quite easy to setup, use and maintain, it can also leverage lots of existing features from PaaS if we're building both. Here is the agenda:
1. Our DevOps Expectations - Easy to use/scale/extend; high availability; a superset, can integrate with existing CI/CD tools
2. Kubernetes capabilities and advantages to build DevOps solution - Pod/Job/CrontJob/InitContainer/Resource management/Scheduling
3. Architecture and features
 - CRD and operator design
 - Pipeline/Stage/Task/Task Template/Version Control/UI generation/Volume...
 - Logging, monitoring, autoscaling, high availability
 - Extensibility/Integration
 - CI/CD examples
4. Future plan - ChatOps/AIOps - Enterprise users are actively using this solution, bring consistent user experience and generate consistent system metrics, make DevOps easier.

Speakers
avatar for Lei Wang

Lei Wang

CTO 首席技术官, TenxCloud
Lei Wang, cofounder and CTO of TenxCloud, worked at IBM CDL for 7 years before created TenxCloud in 2014, gained rich experience on development and design of IBM mainframe、various middleware productions and IBM Bluemix. We started to use Kubernetes in Nov. 2014, the version 0.12... Read More →



Wednesday November 14, 2018 11:05 - 11:40
302 A

11:05

Deep Customized Kubernetes for Machine Learning in Tencent - Shengbo Song, Tencent
The Kubernetes and Tensorflow are playing an important role in machine learning, However, the original Kubernetes doesn't serve machine learning well, lacks of accurate GPU scheduling policy, GPU topology awareness and resource limitation etc. In this presentation, we will review recent events about machine learning in Kubernetes community, give us a overview of what changes have been made to Kubernetes to support machine learning in Tencent, the challenges it faces, and look forward to how to address the challenges.

Speakers
avatar for Shengbo Song

Shengbo Song

Software Engineer 软件工程师, Tencent
Shengbo Song has been working for 3 years at Tencent on making GPU applications easier to deploy and manage in data clusters. He focus on supporting GPU-accelerated frameworks in container orchestration systems such as Kubernetes. He holds an B.S in computer science from Harbin Institute... Read More →



Wednesday November 14, 2018 11:05 - 11:40
305 A

11:05

A Day in the Life of a Data Scientist. Conquer ML Lifecycle on Kubernetes - Rita Zhang & Brian Redmond, Microsoft
Ever wondered how machine learning models are built? Well, here’s your opportunity to come spend a day in the life of a data scientist. This will be a practical guide to the day-to-day lifecycle of a machine learning model. Dive end-to-end through code collaboration, dataset preparation, training and serving. We will cover how to utilize open source tools like Kubeflow and offer an in-depth view of how they operate and aide the machine learning development lifecycle. This session is for both data scientists and infrastructure/SRE teams alike helping bring the benefits of DevOps to AI and machine learning.

Speakers
avatar for Brian Redmond

Brian Redmond

Cloud Architect, Microsoft
I am a Cloud Architect on the Azure Global Black Belt team at Microsoft. I focus on containers, microservices, DevOps, and cloud native applications in the Azure cloud platform. I have been working in technology for over 20 years and have a mixed background from application development... Read More →
avatar for Rita Zhang

Rita Zhang

Principal Software Engineer 首席软件工程师, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco. She spends most of her days contributing to various open source projects as part of the Azure Cloud Native Compute engineering team. Rita is passionate about open source, running distributed workloads... Read More →



Wednesday November 14, 2018 11:05 - 11:40
2F Room 1

11:05

Intro: CNCF Interactive Landscape - Dan Kohn, Cloud Native Computing Foundation
The interactive landscape -- l.cncf.io -- allows you to filter and sort hundreds of cloud-native projects and products, and review details including GitHub stars, funding or market cap, first and last commits, contributor counts, headquarters location, and recent tweets. Engage in a small group to discuss how the landscape was built and what should change about it going forward.

Speakers
avatar for Dan Kohn

Dan Kohn

Executive Director, Cloud Native Computing Foundation
Dan is Executive Director of the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes and Prometheus. He also helped create the Linux Foundation's Core Infrastructure Initiative as an industry-wide response to the security vulnerabilities demonstrated by Heartbleed.He previously served as CTO of several startups, including Spreemo, a healthcare marketplace, and Shopbeam, a shoppable ads company. Earlier, he was a general partner at Skymoon Ventures, a seed-stage... Read More →


Wednesday November 14, 2018 11:05 - 11:40
3M 1
  • Skill Level Any

11:05

Intro: CNCF Storage WG - Xing Yang & Quinton Hoole, Huawei
The CNCF Storage Working Group collaborates to explore and understand
how different storage technologies are used in cloud-native
environments. Topics include block stores, file systems, object
stores, key-value stores and databases, amongst others. Different
architectural approaches (centralized, distributed, sharded etc) are
compared in terms of key attributes like availability, scalability,
performance, data consistency, durability, fault tolerance, ease of
development and operational complexity. We seek to align the
community on common understanding, terminology, classifications and
use cases.

In this intro session we'll provide an overview of the work currently
underway and on the roadmap. You'll get the meet the people leading
these efforts, and find out how best to get involved and contribute.
We also welcome any other input you might have related to cloud-native
storage.

Speakers
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President, Futurewei
https://www.linkedin.com/in/quintonhoole/YouTube me for previous presentations.CNCF TOC Member
avatar for Xing Yang

Xing Yang

Lead Architect, OpenSDS
Xing Yang is the Lead Architect of OpenSDS, an open source project under Linux Foundation. Xing is a contributor in Kubernetes and Container Storage Interface (CSI), co-lead of Volume Snapshot project in Kubernetes SIG-Storage, co-author of CNCF Storage Landscape white paper, and... Read More →



Wednesday November 14, 2018 11:05 - 11:40
2F Room 4
  • Skill Level Any

11:05

Intro: containerd - Derek McGowan, Docker & Mike Brown, IBM
Join containerd maintainers to learn about the design, project goals and history of containerd. We will cover the tools used for interacting with containerd, such as ctr and crictl. We’ll also show you how to monitor pods and containers using Prometheus and go over containerd’s plugin model to show how containerd was built to support new custom extensions. You’ll learn about Kubernetes’ Container Runtime Interface (CRI) and how to configure containerd’s CRI plugin to enable using containerd as the container runtime for Kubernetes. By the end you will understand how to get started using containerd as a developer, contributor, or system administrator for a wide variety of use cases.

Speakers
avatar for Mike Brown

Mike Brown

Containerd Maintainer, IBM
Open Source Software Engineer, Containerd, OCI, Kubernetes, container runtimes, IBMer, github.com/IBM/cap, Inventor, Coach, PC Gamer, and Proud Father.
avatar for Derek McGowan

Derek McGowan

Software Engineer, Docker



Wednesday November 14, 2018 11:05 - 11:40
307 B
  • Skill Level Any

11:05

Intro: Fluentd - Eduardo Silva & Masahiro Nakagawa, Treasure Data
Fluentd and its ecosystem logging projects are a fundamental and critical piece for observability in Cloud Native environments. On this introduction session, you will learn the basics of Logging, the pipeline applied to Kubernetes and overall features associated with filtering, buffering and log centralization/aggregation in general.

Speakers
MN

Masahiro Nakagawa

Principal Engineer, ARM Treasure Data
Fluentd maintainer
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, Arm / Treasure Data
Eduardo is a Principal Engineer at ARM / Treasure Data. He currently leads the efforts to make logging and data processing more friendly and scalable in Embedded and Containerized systems such as Kubernetes. Maintainer of Fluent Bit, a Fluentd open source sub-project.


Wednesday November 14, 2018 11:05 - 11:40
307 A
  • Skill Level Any

11:05

Intro: SIG Service Catalog - Doug Davis & Jonathan Berkhahn, IBM
This is an introduction to the Kubernetes Service Catalog project. Service Catalog lets you provision cloud services, regardless of where they are hosted, directly from the comfort of native Kubernetes tooling. This works across platforms because we follow the Open Service Broker API, an open standard to provision and manage cloud services. Learn how you can use Service Catalog to access third-party services from your Kubernetes applications. We will walk through provisioning a database directly through Kubernetes and and then connect to it from an application running on the cluster.

Speakers
JB

Jonathan Berkhahn

Open Source Contributor, IBM
Jonathan Berkhahn is an open source contributor working on behalf of IBM. He co-chairs SIG Service Catalog and is a Member of the Open Service Broker API working group. He also manages his own open source project Blockhead, an OSB broker for provision blockchain nodes for use by cloud... Read More →
avatar for Doug Davis

Doug Davis

STSM, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →



Wednesday November 14, 2018 11:05 - 11:40
3M 3
  • Skill Level Any

11:05

Kube-Arbitrator: A Batch System of Kubernetes - Da Ma, IBM & Ti Zhou
Kubernetes started as a general purpose orchestration framework with a focus on serving jobs. But as it gains popularity, users want to run BigData and AI frameworks on Kubernetes, such as Spark, TensorFlow, etc. When running these batch processing frameworks in a multitenant system like Kubernetes, advanced scheduling features, e.g. fair-share scheduling, gang scheduling, become more important. In 2017, we launched a project into incubation, named kube-arbitrator, to provide policy-based resource scheduling for BigData and AI frameworks to meet these advanced scheduling and resource sharing requirements.

In this presentation, we will describe how we're trying to do batch scheduling in Kubernetes, and our journey building these components out of core.


Speakers
avatar for Da Ma

Da Ma

Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader, Huawei
Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader. Jilin University master’s degree, majoring in grid computing and distributed system. After graduation, he focus on resource management, resource scheduling in distributed system. Kubernetes Maintainer,SIG-Scheduling联合负责人,kube-batch... Read More →
avatar for Ti Zhou

Ti Zhou

Architect, Baidu
Ti Zhou, Kubernetes member, currently serves as cloud software architect in Baidu Cloud, focusing on PaddlePaddle Deep Learning Framework and Baidu Cloud Container Engine, helps developers to deploy cloud-native machine learning on private and public cloud.


Wednesday November 14, 2018 11:05 - 11:40
2F Room 3
  • Skill Level Any

11:05

Handling Edge Cloud Network Using “KubeEdgeBus” - Yulin Sun & Weijin Xu, Huawei
Edge Cloud network is very different than a typical Data Center networking environment. For example, Edge compute nodes typically run behind NAT and all traffic goes through unreliable and low performance Internet environment. Kubernetes container network and Service Mesh are designed for datacenter environment and may not meet all the requirements of Edge Cloud environment.

This presentation will review “KubeEdgeBus” design proposal in support of multi-tenant Edge Cloud environment. “KubeEdgeBus” provides development experience for Edge Cloud similar to a typical Datacenter environment. “KubeEdgeBus” provides support for exposing HTTP service running at the Edge node as well as optimized routing for data traffic between edges running within the same private network and across networks.

The presentation will walk-through all of the above using a user case study.

Speakers
avatar for Yulin Sun

Yulin Sun

Principal Architect 首席架构师, Huawei
Yulin is currently a principal software architect in PaaS team of Huawei Cloud BU. He worked as primary architect for the Huawei Edge Cloud architecture and he also worked for Kubernetes performance optimization. Before that, he worked in Microsoft for 9 years. In Microsoft, he worked... Read More →
WX

Weijin Xu

Senior Architect, Huawei
Weijin is currently a senior software architect at PaaS team at Huawei Cloud BU. He worked on several early stage research projects among Microservices, FaaS (Function-as-a-Service), Kubernetes Federation and Edge Cloud in Huawei. Before that, he worked one year at Amazon on Fraud... Read More →


Wednesday November 14, 2018 11:05 - 11:40
302 B

11:05

Container Networking Untangling Services Meshes and SDNs - Gregory Elkinbard, GSE Software
Horizontally scalable applications need reliable and scalable networking, traffic routing to the correct instance and security policy enforcement. Traditionally SDNs have delivered these functions. However recently Service Meshes began to encroach on the tranditional SDN space.

This presentation will compare 3 services meshes Istio, Linkerd and Conduit vs a more traditional SDN such as OpenContrail in the Kubernetes cluster environment. We will go over the features of each one of these products and compare their Kubernetes integrations against each other.

Speakers
avatar for Gregory Elkinbard

Gregory Elkinbard

Community Director 社区总监, GSE Software
Gregory Elkinbard is Director of Community at Juniper, where he is responsible for creating a robust multi user community around Tungsten Fabric and integrating Tungsten Fabric with other community efforts such as OpenStack, OPNFV, ONAP and Kubernetes.Prior to Juniper Greg was Sr... Read More →



Wednesday November 14, 2018 11:05 - 11:40
3M 5
  • Skill Level Any

11:50

Containerizing Java Applications for Kubernetes With Jib - Qingyang Chen & Appu Goundan, Google
Containers are at the heart of many complex distributed systems. But, for Java developers, building containers is a common obstacle on the road to Kubernetes adoption. Traditionally, Dockerfiles define container builds imperatively, which can be cumbersome, error-prone, and slow. In this talk, we’ll introduce a container image builder called Jib. Jib is declarative - it packs a Java application into a container by inferring what it needs from your Maven or Gradle project. Jib is fast, builds containers reproducibly, and allows Java developers to use the build tools they are already familiar with.

We’ve released Jib as an open-source project and want to share how you too can leverage its capabilities to speed up your development process and orchestrate larger, more complex systems.

Speakers
avatar for Qingyang Chen

Qingyang Chen

Software Engineer 软件工程师, Google
Qingyang “Q” Chen is a software engineer at Google, where he works on tools to improve developer experience in the cloud. Previously, Q worked on a number of internet applications, including online multiplayer video games, databases, and web apps. Qingyang “Q” Chen 是谷歌的软件工程师,开发改善云开发者体验的工具。在加入谷歌之前,Q... Read More →
avatar for Appu Goundan

Appu Goundan

Software Engineer 软件工程师, Google
Appu is a programmer from Google - New York, he works on tooling for Java developers targeting the cloud. He would like container-based development to be fast and simple. He’ll also talk to you about home automation, basketball, surfing, and sourdough.Appu是来自Google... Read More →



Wednesday November 14, 2018 11:50 - 12:25
2F Room 2
  • Skill Level Any

11:50

When Distributed Database Meets Cloud - Lessons Learned - Yanqing Weng, Pivotal
Database as a Service is one of the most interesting and challenging domains in the cloud industry. We’re migrating distributed databases like Greenplum (traditional MPP database) and Apache HAWQ (Hadoop native SQL engine) to make it a reality.

This talk will be about the lessons we’ve learned - the best practices and pitfalls we’ve discovered during our journey which includes:

- How to containerized distributed database and what help could Kubernetes provide?
- How to redesign legacy architecture of distributed database to be cloud native?
- How to make smart scheduler for optimal resource utilization?
- How to distribute stateful workloads and improve performance by data locality?
- How to leverage Operator pattern to automate distributed database operation?
- How to integrate CNCF projects with distributed database to make it easy to use?

Speakers
avatar for Yanqing Weng

Yanqing Weng

Principal Software Engineer 首席软件工程师, Pivotal
Yanqing Weng is a Principal Software Engineer at Pivotal. He is Apache Committer and PMC member of Apache HAWQ project. His main interests are focused on distributed system, database kernel and cloud computing technical areas. 翁岩青,Pivotal... Read More →



Wednesday November 14, 2018 11:50 - 12:25
305 B
  • Skill Level Any

11:50

Testing Kubernetes CRDs - Christie Wilson, Google
Custom Resource Definitions (CRDs) open Kubernetes up for extensions in ways never before possible, but they can add new complications for testing.

Achieving good test coverage for distributed systems can be a challenge. With so many components and moving pieces, it can be hard for unit tests to catch everything, and system tests become more important.

So if you are relying on CRDs to implement your sweet new features, how can you write system tests for them?

Drawing on examples and experiences from testing Kubernetes itself we will see how you can write effective, stable tests for your CRDs, controllers and webhooks.

We’ll look at what Go libraries you can use, how you can combine them, what to avoid, and what tools you can use to make running these tests ints CI/CD a breeze.

Speakers
avatar for Christie Wilson

Christie Wilson

Software Engineer 软件工程师, Google
Christie Wilson is a software engineer at Google. Over the past ten years she has worked in the mobile, financial, and video game industries. Prior to working at Google, Christie led a team of software developers to build load testing tools for AAA video game titles, and founded the... Read More →



Wednesday November 14, 2018 11:50 - 12:25
302 A

11:50

Managing Edge Nodes With “KubeEdge” - Yulin Sun & Li Xing, Huawei
With the fast movement in the IOT, AI industry, companies are exploring ways to push computation and intelligence to the edge.

Edge cloud computing raises a number of unique challenges such as network connectivity, network performance and compute node capacity. Current Kubernetes platform is designed for typical data center environment and might not meet the edge scenarios completely.

This presentation will review the challenges along with Kubernetes limitations. It also reviews “KubeEdge” design proposal for addressing Kubernetes limitations. “KubeEdge” is an extension of Kubernetes platform for Edge Cloud environment. It supports features such as offline self-governor pod execution, low memory edge compute node, edge service access, registration and discovery (edge-to-datacenter-cloud and edge-to-edge).

The presentation will walk-through all of the above using a user case study.

Speakers
avatar for Yulin Sun

Yulin Sun

Principal Architect 首席架构师, Huawei
Yulin is currently a principal software architect in PaaS team of Huawei Cloud BU. He worked as primary architect for the Huawei Edge Cloud architecture and he also worked for Kubernetes performance optimization. Before that, he worked in Microsoft for 9 years. In Microsoft, he worked... Read More →
avatar for Cindy Xing

Cindy Xing

Senior Cloud Software Architect 高级云软件架构师, Futurewei
Cindy Xing currently works at Futurewei as a Senior Cloud Software Architect.She focuses on building public Cloud Service infrastructure.Her interest area includes Kubernetes, container, Windows and Edge technologies.Before Futurewei, Cindy worked as a Senior software engineer and... Read More →


Wednesday November 14, 2018 11:50 - 12:25
305 A

11:50

Serverless Kubernetes Boosts AI Business - Jian Huang, Huawei
Kubernetes is becoming more and more popular in IT systems including running the AI workloads. Currently, ML/DL Services of Huawei cloud are running over Kubernetes clusters.

In order to make the AI services focus on their business without caring the underlayer infrastructure like physical machines and GPU offering. We provide the serverless Kubernetes services(CCI) in order to meet their requirements. And serverless Kubernetes is very suitable for the users to run the short-time jobs.

In this session, we try to introduce the effort we have make on this area. Such as use kata container to protect the container's security so multi-tenant's workload can run on the same physical machine; support AI jobs with multiple devices like Nvidia GPU, InfiniBand; experience of running DL frameworks like tensorflow over Kubernetes in Huawei and so on.

Speakers
avatar for Jian Huang

Jian Huang

Architect, Huawei
I'm now working in Huawei since 2008 and start working on PaaS and container technoloy area since 2013. In the last five years, I'm wokring on the projects which are all related to container service, with a long time experience on opensource projects like kubernetes, docker. Currently... Read More →



Wednesday November 14, 2018 11:50 - 12:25
2F Room 1

11:50

Intro: Harbor - Henry Zhang & Jia Zou, VMware
As container technology becomes widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage container images. Project Harbor is an open source trusted cloud native registry project that stores, signs, and scans content, thus resolving common image management challenges. In this presentation, we will focus on the management of container images through Harbor. We will review and provide solutions to challenges faced by organizations, including RBAC (Role Based Access Control), vulnerability scanning, large scale image distribution, image replication and image provenance (notary). Real world use cases will be discussed in the session.

Speakers
avatar for (Haining Henry) Zhang

(Haining Henry) Zhang

Technical Director, VMware
Henry Zhang is the Chief Architect of China R&D, VMware. His primary role is to lead the development and incubation of projects on emerging technologies, including container, blockchain and AI. He was the founder of CNCF’s Project Harbor. Henry was the first evangelist in China... Read More →
avatar for Steven Zou

Steven Zou

Staff Engineer, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open source Project Harbor which is an enterprise-class container image registry as lead engineer and core maintainer. Moreover, he’s doing innovation and incubation of projects on Kubernetes... Read More →


Wednesday November 14, 2018 11:50 - 12:25
3M 1
  • Skill Level Any

11:50

Intro: Prometheus – Richard "RichiH" Hartmann, SpaceNet & Ben "SuperQ" Kochie, GitLab
Join Prometheus maintainers to learn about the design, project goals and history of Prometheus. We will cover basic concepts of Prometheus to enable you to get an understanding of what all the hype is about. We will start at what time series are and what makes them different, look at our non-hierarchical data structure, our exposition format, and tie it all together with our query language, PromQL? As the end, you will have a solid understanding of Prometheus, enabling you to start using it in production.

Speakers
avatar for Richard Hartmann

Richard Hartmann

Monitoring Lead, SpaceNet
Richard "RichiH" Hartmann is a technical architect at SpaceNet, leading both a new datacenter build and monitoring. By night, he is involved in several FLOSS projects, including Debian and Prometheus, and organizing related conferences, including FOSDEM, DENOG, and Chaos Communication... Read More →
avatar for Ben Kochie

Ben Kochie

Staff Developer, Monitor 开发人员、监管人员, GitLab



Wednesday November 14, 2018 11:50 - 12:25
2F Room 4
  • Skill Level Any

11:50

Intro: SIG Apps - Janet Kuo, Google
In this Kubernetes SIG Apps Intro session, you will learn about the areas of our focus, what we are working on currently, and how you can get involved. Veteran SIG Apps members will be on hand to help answer questions.

Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →



Wednesday November 14, 2018 11:50 - 12:25
307 A
  • Skill Level Any

11:50

Intro: SIG Cloud Provider - Andrew Sy Kim, DigitalOcean
The long term goal of SIG Cloud Provider is to promote a vendor neutral ecosystem for our community. New vendors providing support for Kubernetes should feel equally empowered to do so as any of today’s existing cloud providers. More importantly, SIG Cloud Provider is focused on ensuring a consistent and high-quality user experience across providers. The SIG acts as a central group for developing the Kubernetes project in a way that ensures all providers share common privileges and responsibilities. This Intro session will go over historical context, status, and direction of efforts currently underway. We will discuss documentation and code organization, and offer an opportunity for participants to offer feedback and ask questions. We will also cover the support for all cloud providers to submit test results to testgrid, the shared infrastructure for recording and visualizing test results. Finally, we will cover the next steps and roadmap for transition of in-tree cloud providers to external repositories.

Speakers
avatar for Andrew Sy Kim

Andrew Sy Kim

Software Engineer, DigitalOcean
Andrew is a Software Engineer at DigitalOcean and an active member of the Kubernetes community. He is one of the co-chairs of SIG Cloud Provider where he is currently working to extend and customize Kubernetes with a focus on multi-cloud portability and vendor neutrality. At DigitalOcean... Read More →



Wednesday November 14, 2018 11:50 - 12:25
3M 3
  • Skill Level Any

11:50

Music Matched to Different Ways to Scale in K8s, What Could Go Wrong? - Ria Bhatia, Microsoft
The other week someone asked "how do I over provision resources so I have them immediately when I need them?" and I sat there in awe because the community has already come up with a couple options on how to scale on-demand, so why are Kubernetes users still asking for this? That question is the inspiration for this talk. From the operations perspective, I'll discuss what it takes to build up the cluster autoscaler and horizontal pod autoscaler. The talk will incorporate experiments and tests that were run to come up with conclusions on how to appropriately tweak metrics so scaling is cost-effective and efficient. The truth is, most scaling within Kubernetes is metrics based so I'll also take a look at the ecosystem to see if there are other possible methods of scaling. The goal is to teach operation folks of Kubernetes on what it takes to effectively scale with help from some pop music.

Speakers
avatar for Ria Bhatia

Ria Bhatia

Program Manager, Microsoft
Ria Bhatia is a Program Manager for Azure within Microsoft. She's been working with the community on different ways to scale in Kubernetes. She actively maintains Virtual Kubelet and has spoken at multiple meetups and conferences, including LinuxCon in Shanghai. She's also helped... Read More →


Wednesday November 14, 2018 11:50 - 12:25
2F Room 3

11:50

Comprehensive Performance Benchmark on Various Well-Known CNI Plugins - Giri Kuncoro & Vijay Dhama, GO-JEK
This session provides comprehensive performance benchmark on various well-known Container Network Interface (CNI) Plugins. Over the past years, there have been plenty of CNI Plugins implemented within the community which comply with CNI specification, enabling standard communication between container runtimes and network resources. However, there appears to be lack of initiative to thoroughly comparing and understanding the performance of each CNI plugin, particularly in a container orchestration system. This research is motivated by a need to identify characteristics of a CNI plugin that might impact container network performance. The studies could inspire further improvement of a particular CNI plugin, and provide insights into it being more accurately selected that adhere with particular system.

Speakers
avatar for Vijay Dhama

Vijay Dhama

System Engineer, GO-JEK
Vijay is a Product Engineer at GO-JEK Infrastructure team. He has been anchoring GO-JEK infrastructure from the early days: driving infrastructure as code, observability across services and owning network architecture which have helped maintaining high reliability of GO-JEK services... Read More →
avatar for Giri Kuncoro

Giri Kuncoro

Senior Software Engineer, GOJEK
Giri works for GOJEK, one of the fastest growing unicorn in South East Asia. He is a Senior Software Engineer in Cloud Foundation team. He co-lead the internal Kubernetes project. Giri has been given talks in KubeCon Shanghai, DevopsDays India, and various local meetups in Indonesia... Read More →



Wednesday November 14, 2018 11:50 - 12:25
302 B

11:50

How HP Uses Istio to Manage Network Traffic - Xi He & Zhoujian Zhang, HP
We used Istio since 0.2.0 to manage network traffic for project FitStation, we had many on-hands experiences on how to use Istio more effectively. So this session will cover following content:
1. Brief introduction of Istio.
2. What functionalities of Istio we are using.
3. The problems we encountered while we were using Istio and how to fix.
4. Best practices on how to use Istio.

Speakers
avatar for Xi He

Xi He

Architect 架构师, HP
Name: Xi He Employer: HP Trading (Shanghai) Co., Ltd. Ongoing project: HP Fitstation (https://www.fitstation.com)Hexi is an architect in HP PS SW Engineer group. He is experienced in OS kernel, distributed system, cloud computing. In his current role, Hexi is focused on Istio customizaiton... Read More →
avatar for Zhoujian Zhang

Zhoujian Zhang

Software Engineer 软件工程师, HP
Name: Zhoujian, Zhang Employer: HP Trading (Shanghai) Co., Ltd. Ongoing project: HP Fitstation (https://www.fitstation.com) 姓名:Zhoujian,Zhang 公司:惠普贸易(上海)有限公司 从事项目:惠普 Fitstation(https://www.fitstation.com)



Wednesday November 14, 2018 11:50 - 12:25
3M 5
  • Skill Level Any

12:25

Lunch
Enjoy lunch in the Sponsor Showcase. Lunch is included with your conference registration.  

Wednesday November 14, 2018 12:25 - 13:55
1F

12:30

Flowkube: GPU Resource Management On JDOS - Liang Yongqing, JD.com
Flowkube is a service we developed to manage our GPU Resource. It contains:
1.      GPU machine management: install, driver,manage cordon, zone, label ,etc  
2.      Builtin CI system ,User don't need to build their own docker image
3.      Support our ContainerFS system: store training resource ,and training log
4.      TensorFlow training base on Kubeflow
5.      One-Click Serving After training
6.      A Realtime Gpu usage monitor
7.      A Billing system to account all the department ‘s usage

Speakers
avatar for Yongqing,Liang

Yongqing,Liang

Senior Software Engineer 高级工程师, JD.com



Wednesday November 14, 2018 12:30 - 12:50
Demo Theater, Sponsor Showcase
  • Skill Level Any

13:00

Container & AI Platform on Kubernetes: How Caicloud Help Enterprises to Embrace Digital and Intelligent Transformation - Qin Xiao, Caicloud
What are the top challenges that enterprises facing with Kubernetes ?
How to migrate microservices to Kubernetes with zero downtime?
What's the best practices for operationg production Kubernetes clusters?

Caicloud Compass integrates Kubernetes deeply to offer multi-cluster and multi-tenant resource management capabilities.

It helps reduce maintenance costs for enterprises by building a container platform with complete functions, easy-to-use interface and excellent performance.

Speakers
QX

Qin Xiao

VP of R&D 研发副总裁, Caicloud
After graduation from Tsinghua University in 2009 with master degree in computer science, Qin Xiao started his career as a software engineer in multiple enterprise-service and mobile-internet corporations (freewheel.tvqingting.fm). Qin Xiao joined Qiniu in 2015 as director of R&D and was in charge of product development of container PaaS and AI PaaS. Qin Xiao joined Caicloud as a technology partner in 2017, is now leading on-permise PaaS product, to help domestic enterprises build advanced PaaS and IT infrastructure and accelerate the p... Read More →



Wednesday November 14, 2018 13:00 - 13:20
Demo Theater, Sponsor Showcase
  • Skill Level Any

13:00

Meet the Maintainer: Vitess – Adrianna Tan, PlanetScale
Speakers
AT

Adrianna Tan

Sr Product Manager, PlanetScale
Adrianna is a a senior product manager at PlanetScale, and also the community manager of open source Vitess. Previously, she has spoken on diversity at various small tech meetups in Southeast Asia (where she is from). She founded several companies in Singapore, Malaysia and Indonesia... Read More →


Wednesday November 14, 2018 13:00 - 14:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

13:30

Container Portfolio at VMware - Dan Cheng, VMware
Join this quick session to get an overview of VMware's container solution portfolio across a variety of product lines, including VMware Pivotal Container Service and VMware Kubernetes Engine. Learn how to pick the right cloud-native infrastructure solutions for your organization—solutions that promote developer productivity and agility, while also delivering enterprise-grade security, visibility, management, and governance.

Speakers
avatar for Dan Cheng

Dan Cheng

Open Source Solution Architect 应用平台架构师, VMware
Dan Cheng is an application solution architect who works at VMware to help enterprise customers modernize their applications. Cheng believes most of the enterprise applications will transform to cloud native architecture.  Cheng has rich experience in infrastructure, middleware and... Read More →


Wednesday November 14, 2018 13:30 - 13:50
Demo Theater, Sponsor Showcase
  • Skill Level Any

13:55

Stop Hitting Yourself! - Michael Russell, Elastic
Software should be easy to use. It should also try to stop you from hitting yourself. A lot of modern successful software has easy to use defaults which makes getting started really simple. The problem is that the "getting started experience" often turns into "production" before the users or application are really ready for it. This talk covers the common mistakes that users run into when going into production with Kubernetes and proposes a potential solution for how we can prevent this from happening in the future. I will be covering resource limits/quotas, pod disruption budgets, affinity, upgrade strategies, readinessprobes, logging, monitoring and explain why you absolutely need them for any application before you can consider it truly production ready. I will also talk about why I believe software is like this and what I think we can do to make life better for everyone.

Speakers
avatar for Michael Russell

Michael Russell

Software Engineer, Infrastructure 软件工程师,基础设施, Elastic
Michael is an Australian Software Engineer in the infrastructure team at Elastic living in Utrecht in the Netherlands. He spends his days building everything a software company needs to make great software and everything else users need to be successful. He has a passion for building... Read More →



Wednesday November 14, 2018 13:55 - 14:30
2F Room 2
  • Skill Level Any

13:55

Securing the Perimeter - CFCR/CFAR Chain of Custody With CI/CD Pipelines - Keith Strini & Shaozhen Ding, Pivotal
Continuous integration (CI) systems automate the building of working code and Continuous Delivery (CD) is the movement of that working code into the hands of end users. These two concepts enable companies to move with effective velocity into new markets. However, because of the pervasive nature of building, testing, and delivering into production, even with immutable containers and a kubernetes secure by default posture, CI/CD pipelines could be used to severely compromise the entire software delivery process. Chain of Custody need to be established and enforced. In this talk we will cover several aspects of ensuring chain of custody, including transmission security, rotating developer keys, signed git commits, independently reproducible build verification, signed release artifacts and run time authority for immutable containers achieving secure an end-to-end chain into production.

Speakers
avatar for Shaozhen Ding

Shaozhen Ding

Principal Solutions Architect, Pivotal
Shaozhen Ding is Pivotal Cloud Foundry Platform Practice Lead at Pivotal Inc. specialized in Cloud Operations, Agile Development, Continuous Integrations and Deployments, and Cloud native architectures of applications. Shaozhen implemented the first Pivotal Cloud Foundry production... Read More →
avatar for Keith Strini

Keith Strini

Advisory Solutions Architect 咨询解决方案架构师, Pivotal
Keith Strini is the Advisory Solutions Architect for Pivotal, implementing Cloud Foundry solutions across a wide variety of customer environments. Keith recently presented at Cloud Foundry Summit - Frankfurt, CF Summit - Basel, and CF Summit - Boston. He was most recently selected... Read More →



Wednesday November 14, 2018 13:55 - 14:30
302 A

13:55

Kubebuilder: SDK for Extending Kubernetes - Fan Zhang, VMware Inc & Mengqi Yu, Google
Kubebuilder is a SDK for extending Kubernetes that enables rapid development of custom APIs with best practices out of the box. In this talk, attendees will learn about:

  • Key Kubernetes API extension points and their capabilities
  • An overview of Kubebuilder’s features and philosophy
  • Live demo of a workflow of building and publishing custom API/Operator using Kubebuilder

At the end of this talk, attendees should develop a good understanding of how to use Kubebuilder to automate their custom workflows on top of Kubernetes, for example, automating backup/restore of MySQL cluster.


Speakers
MY

Mengqi Yu

Software Engineer 软件工程师, Google
Mengqi has been working on the open source Kubernetes project and Google Kubernetes Engine (GKE) for more than 2 years. He is one of the maintainers of kubectl, kubebuilder and he is also one of the core contributor to the kustomize project.于梦琦已经在Google为开源Kubernetes... Read More →
avatar for Fan Zhang

Fan Zhang

Senior Software Engineer, VMware
Fan Zhang is a senior software engineer at VMware, where he works on both Kubernetes relating projects and enterprise products of VMware as cloud provider. As a Kubernetes/Kubernetes-SIG member, he actively contributes in kubernetes upstream, SIG projects, and other open source projects... Read More →



Wednesday November 14, 2018 13:55 - 14:30
305 A

13:55

A Year of Democratizing ML With Kubernetes & Kubeflow - David Aronchick & Fei Xue, Google
A year ago, we introduced the Kubeflow project to make end-to-end ML pipelines on Kubernetes composable, portable & scalable. Today, thanks to passionate contributors from all over the world, we have the most popular ML platform for Kubernetes.

At this Kubecon, we are announcing Kubeflow 1.0, graduating the project to generally available. In this talk, we will cover never before seen features: a web-based UI, simplified setup & sophisticated ML tooling including hyperparameter search and Google's TensorFlow Extended project.

Additionally, we will be demonstrating the newly integrated Pipelines project wiring together multi-cloud ML with continuous training and hosted services.

Thanks to Kubernetes native extensibility, we are able to bring ML to an entirely new audience, where as long as you can code, you can build complete end-to-end solutions.

Speakers
avatar for David Aronchick

David Aronchick

Program Manager, Microsoft
David leads Open Source Machine Learning Strategy at Azure. This means he spends most of his time helping humans to convince machines to be smarter. He is only moderately successful at this. Previously, David led product management for Kubernetes at Google, launched GKE, and co-founded... Read More →
FX

Fei Xue

Product Manager, Ant Financial
Fei Xue is currently a product manager at Ant Financial working on ML and data platform. Fei was an early member of the Kubeflow team at Google, an open source effort to help developers and enterprise develop and deploy cloud-native machine learning everywhere. Fei comes from a distributed... Read More →


Wednesday November 14, 2018 13:55 - 14:30
2F Room 1
  • Skill Level Any

13:55

Intro: CNCF Serverless WG / CloudEvents - Doug Davis, IBM & Cathy Zhang, Huawei
Provide an introduction to the CNCF Serverless Working Group, the CloudEvents specification and the new Workflow sub-group. More details later...

Speakers
avatar for Doug Davis

Doug Davis

STSM, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →
avatar for Cathy Zhang

Cathy Zhang

Principal Architect, Huawei
Cathy has over 15 years of software design and development experience. She is currently a chief architect at Huawei’s USA Cloud Computing Lab. Her expertise includes Serverless Cloud Platform, Network Service and Virtualization, SDN, OpenStack, etc.. She is a key member of the Serverless... Read More →



Wednesday November 14, 2018 13:55 - 14:30
3M 3
  • Skill Level Any

13:55

Intro: Kubernetes Policy WG - Zhipeng Huang & Hui Wang, Huawei
The introduction session of the Kubernetes Policy WG will focus on the progress update of the prirority PRs for the 2018 Fall Cycle.

Speakers
avatar for Zhipeng Huang

Zhipeng Huang

Principle Engineer, Huawei
Zhipeng Huang currently serve as open source operation manager for Huawei. Zhipeng have been involved with various major open source communities and is now the PTL of OpenStack Cyborg project, co-chair of OpenStack Public Cloud WG, and co-lead of the Kubernetes Policy WG.Zhipeng Huang... Read More →
avatar for Hui Wang

Hui Wang

Standard Engineer, Huawei
I’m a standard engineer who has been worked for Huawei over two years, focusing on new fields (AI, IoT, Industry Internet, Cloud) and open source technology research. Currently I work with OpenSDS team as PTL of OpenSDS Hotpot project, and I’m also an active contributor involved... Read More →


Wednesday November 14, 2018 13:55 - 14:30
307 B
  • Skill Level Any

13:55

Intro: Kubernetes SIG Multicluster - Quinton Hoole & Irfan Ur Rehman, Huawei
SIG-Multicluster is focused on solving common challenges related to the management of multiple Kubernetes clusters, and applications that exist therein. We are responsible for designing, discussing, implementing and maintaining API’s, tools and documentation related to multi-cluster administration and application management. This includes not only active automated approaches such as Cluster Federation, but also those that employ batch workflow-style continuous deployment systems like Spinnaker and others. Standalone building blocks for these and other similar systems (for example a cluster registry), and proposed changes to kubernetes core where appropriate are in scope. In this intro we will give you an overview of the projects we're currently actively working on, how best to get involved, and what our future plans look like.

Speakers
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President, Futurewei
https://www.linkedin.com/in/quintonhoole/YouTube me for previous presentations.CNCF TOC Member
IU

Irfan Ur Rehman

Senior Engineer, Huawei
Irfan is a senior engineer with Huawei Technologies and is currently associated with the cloud platforms team. In his current role he is part of the engineering group that works as a bridge between the kubernetes open source project and Huawei's adaptation of the same in its cloud... Read More →


Wednesday November 14, 2018 13:55 - 14:30
2F Room 4
  • Skill Level Any

13:55

Intro: Rook - Jared Watts, Upbound
In this talk, we will be introducing the Rook project to attendees of all levels and experience. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook turns storage software into self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. We will explore the benefits and use cases of Rook, and we will also walk through the architecture that the project is built on. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation (CNCF) in January 2018.

Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by "freeing the cloud" and is also a maintainer for the open source Rook project (https://rook.io/). Before Upbound, he worked on innovative storage projects at Quantum Corp. and... Read More →



Wednesday November 14, 2018 13:55 - 14:30
3M 1
  • Skill Level Any

13:55

Intro: SAFE (A Cloud Native Security Working Group) - Liz Rice, Aqua Security
“Cloud Native” is open source cloud computing for applications — a complete trusted toolkit for modern architectures (CNCF presentation). There are multiple proposed projects which address key parts of the problem of providing access controls and addressing safety concerns. Each of these adds value, yet for these technical solutions to be capable of working well together and manageable to operate they will need a minimal shared context of what defines a secure system architecture.

Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. Last year she was Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Wednesday November 14, 2018 13:55 - 14:30
307 A
  • Skill Level Any

13:55

Getting Started With Logging in Kubernetes - Eduardo Silva, Treasure Data
A good practice when deploying applications in Kubernetes is to set proper instrumentation to gather insights and solve general monitoring needs. Logging is a fundamental piece of the instrumentation cycle and is continually evolving to solve pains associated with unstructured formats, performance and monitoring.

In this presentation you will learn the concepts involved in log processing for containerized applications: unstructured/structured logs, log filtering with Lua Scripts, load balancing, scalability and the ability to customize the log processor behavior through declarative resource annotations in Kubernetes within others.

Speakers
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, Arm / Treasure Data
Eduardo is a Principal Engineer at ARM / Treasure Data. He currently leads the efforts to make logging and data processing more friendly and scalable in Embedded and Containerized systems such as Kubernetes. Maintainer of Fluent Bit, a Fluentd open source sub-project.


Wednesday November 14, 2018 13:55 - 14:30
302 B

13:55

Becoming an Expert of Diagnosing a Kubernetes Control Plane Problem - Wenjia Zhang & Joe Betz, Google
Debugging a kubernetes control plane can be a challenge with so many pieces in the puzzle. What and how is your kubernetes control plane doing? Are your kubernetes clusters happy? Can they be happier? If they are not happy, what went wrong? How can you tell? In this talk, Wenjia and Joe will walk you through a complete spectrum of metrics that you need to debug and tweak the performance of kubernetes control plane.

Speakers
avatar for Joe Betz

Joe Betz

Software Engineer, Google
Joe Betz the lead engineer for etcd at Google, and an etcd project maintainer, Joe is directly responsible for the health and stability of the GKE etcd fleet and leads improvements to etcd via open source contributions. He actively contributes to Kubernetes, with a focus on the etcd... Read More →
avatar for Wenjia Zhang

Wenjia Zhang

Software Engineer, Google
Wenjia Zhang is a Software Engineer on GKE team at Google. She is an active contributor for both Kubernetes and etcd open source projects.



Wednesday November 14, 2018 13:55 - 14:30
2F Room 3

13:55

Three Years of Lessons Running Potentially Malicious Code Inside Containers - Ben Hall, Katacoda
For the past three years, Katacoda has been providing an online learning and training environment for cloud-native technologies. The live environments for Docker, Kubernetes and other Cloud-Native technologies are accessible via the browser.

A side effect is that users can, and have, execute malicious code and attempted to hack the system from inside the container.

In this talk, Ben will share the lessons learned of building Katacoda and some of the interesting stories and security attempts from the past three years.

This talk will give insight into:
- Out of the box security with Docker and Kubernetes
- Docker and Linux security issues
- Monitoring for malicious activity
- What happens when it all goes wrong

In the end, attendees will learn different approaches they can take to secure their own systems and be prepared for potential attacks they might face.

Speakers
avatar for Ben Hall

Ben Hall

Founder, Katacoda
Ben is the founder of Katacoda (Katacoda.com), an interactive learning and training platform for software engineers. Katacoda specialises in enabling developers to understand Cloud-Native technologies including Docker, Kubernetes and OpenShift.Ben 是 Katacoda (Katacoda.com)的创始人,这是一家为软件工程师设计的交互式学习和培训平台。Katacoda... Read More →



Wednesday November 14, 2018 13:55 - 14:30
305 B

13:55

Navigating the Service Mesh Ecosystem - George Miranda, Buoyant, Inc., & Diogenes Rittori, Pivotal
Last year, KubeCon speakers called 2018 “the year of the service mesh.” Linkerd, Envoy, Istio, Conduit and others have emerged in this space and you may have heard of them. But what exactly do they do? Are they the same or different? What questions should you be asking to figure out what's right for you? Where do you get started and how?

In this talk, Christian (Red Hat, Istio) and George (Buoyant, Linkerd & Conduit) team up to present an objective look at how to navigate options in the service mesh ecosystem. They focus on helping you understand the differences between Linkerd, Envoy, Istio, Conduit, and other service mesh options. For each project highlighted, they cover its design philosophy and the problems for which they're best suited. You’ll get a clearer look at where you should get started in your evaluation journey and feel confident where and when to use a service mesh.

Speakers
GM

George Miranda

Director of Community 社区总监, Buoyant, Inc.
George Miranda is Director of Community for Buoyant (Linkerd, Conduit). He spent 15+ years in WebOps roles for a variety of startups and enterprises before switching to work with open-source software vendors. He believes in simplifying the ever-increasing complexity of running internet... Read More →
DR

Diogenes Rittori

Product Marketing Director, Pivotal


Wednesday November 14, 2018 13:55 - 14:30
3M 5
  • Skill Level Any

14:00

Zero to Hero: Get Your First K8S Application Running in 5 Minutes! - Peter Lees, SUSE
In this technical demonstration, Peter Lees, SUSE Chief Technologist and Director of Sales Engineering, Asia-Pacific & Japan, takes on the challenge of deploying an 11 node Kubernetes cluster, and then deploying an online shopping application, as well as logging and monitoring capabilities. Using SUSE CaaS Platform, he’ll show you how to get the job done quickly and easily.

Speakers
avatar for Peter Lees

Peter Lees

Chief Technologist and Director of Sales Engineering 亚太区首席技术专家, SUSE
Peter Lees is the chief technologist and director of sales engineering for SUSE in Asia-Pacific Japan, with the responsibility for developing awareness of SUSE products, technologies and capabilities throughout the APJ region.As a technologist with an extensive background in open... Read More →


Wednesday November 14, 2018 14:00 - 14:20
Demo Theater, Sponsor Showcase
  • Skill Level Any

14:00

Meet the Maintainer: Vitess – Adrianna Tan, PlanetScale
Speakers
AT

Adrianna Tan

Sr Product Manager, PlanetScale
Adrianna is a a senior product manager at PlanetScale, and also the community manager of open source Vitess. Previously, she has spoken on diversity at various small tech meetups in Southeast Asia (where she is from). She founded several companies in Singapore, Malaysia and Indonesia... Read More →


Wednesday November 14, 2018 14:00 - 15:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

14:40

Rust and Skaffold for Iterative Development on Kubernetes - Gastón Kleiman & Gilbert Song, Mesosphere
Iterative development requires to be able to quickly build/push/deploy. These tasks aren’t easy in a cloud-native environment, but automating them is worth the effort. Being able to see changes reflected as they are being done leads to a tremendous increase in developer velocity. In this talk we will show how automating building and pushing a service out to the a Kubernetes cluster remotely allows for quick iteration.

We will develop a REST service from scratch using Rust. The service will be deployed to Kubernetes, and continuous deployment will be achieved by using Skaffold.

This demonstration will be presented in steps, starting with a simple web server without persistence, then adding a DB to the Kubernetes deployment and using Diesel to connect with it. All the while Skaffold will be used to seamlessly watch our changes “show up” on the K8s cluster as we’re working.

Speakers
avatar for Gastón Kleiman

Gastón Kleiman

Staff Software Engineer, Mesosphere
Gastón Kleiman, Apache Mesos PMC/Committer, is a Staff Software Engineer at Mesosphere. He fell in love with distributed systems and infrastructure automation while contracting for Google, where he got to use Borg, MapReduce and other cool technology. That led him to work at Amazon... Read More →
avatar for Gilbert Song

Gilbert Song

Staff Software Engineer, Mesosphere
Gilbert Song, Apache Mesos PMC/Committer, is a Tech Lead at Mesosphere. He has been contributing to Mesos for years and mainly focuses on Mesos Containerization. He holds a Master’s degree in Computer Engineering from University of California, Santa Barbara. He is passionate about... Read More →



Wednesday November 14, 2018 14:40 - 15:15
2F Room 2
  • Skill Level Any

14:40

Kubernetes CICD Hacks with MicroK8s and Kubeflow - Land Lu & Zhang Lei Mao, Canonical
Kubernetes is a great platform for running and managing complex distributed systems. Leveraging continuous integration (CI), and making continuous integration easy for your community to consume, can enhance the quality of your awesome solution and reduce the friction for your developers and users.

This talk will show how to greatly simplify the process of adding CI to your project, and adding it as a native solution rather than an afterthought. You’ll take advantage of the following technologies to easily and repeatedly setup a local CI apparatus for your kubernetes based solution that can also scale to a company wide solution:

- microk8s (microk8s.io) - a simple, one line install of pure upstream kubernetes
- multipass - an open source and easy way to launch virtual appliances
- CI and CD tools - eg jenkins, spinnaker

We'll build and deploy Kubeflow (Machine Learning on Kubernetes)

Speakers
avatar for Land Lu

Land Lu

Director, BD & Sales, APAC, Canonical
Responsible for all Canonical company's Cloud & Linux server portfolios' evangelizing, business developing and selling in APAC region.
ZL

Zhang Lei Mao

solutions architect, Canonical
Canonical solutions architect



Wednesday November 14, 2018 14:40 - 15:15
302 A

14:40

Managing and Securing Blockchain Applications on Kubernetes - Haining Zhang & Yang Yu, Vmware
Many enterprises are looking at blockchain technology to solve their business problems. Because of the decentralization nature of blockchain, cloud platforms become an ideal place to run blockchain applications. Kubernetes is a ubiquitous cloud operating system that are available in most cloud providers. Running and operating a blockchain system on Kubernetes become an ideal choice for many users to reduce operational complexity.

In this talk, we will introduce and demo the approach to automating the deployment of Hyperledger Fabric, an open source blockchain framework, on Kubernetes. Furthermore, we will show how to leverage CNI plugin to set network policies based on Kubernetes’ namespace. This measure enhances security by isolating workload between different blockchain entities. Our work can serve as the foundation of enterprise Blockchain-as-a-Service (BaaS) based on Kubernetes.

Speakers
avatar for Yang Yu

Yang Yu

Software Engineer, VMware
Yang is a staff engineer of China R&D, VMware. She's working on Kubernetes CNI plugin, focusing on providing CNI plugin for VMware NSX transformers product. Before joining in the Kubernetes community, Yang worked for OpenStack open source project for 4 years. She was familiar with... Read More →
avatar for (Haining Henry) Zhang

(Haining Henry) Zhang

Technical Director, VMware
Henry Zhang is the Chief Architect of China R&D, VMware. His primary role is to lead the development and incubation of projects on emerging technologies, including container, blockchain and AI. He was the founder of CNCF’s Project Harbor. Henry was the first evangelist in China... Read More →


Wednesday November 14, 2018 14:40 - 15:15
305 A
  • Skill Level Any

14:40

“KubeGene” a Genome Sequencing Workflow Management Framework - Shenjun Tang, Huawei
In the recent years, exponential growth of genetic data makes it hard for researchers to do analysis on a traditional computers. In this presentation, Tangshengjun will provide an overview of “KubeGene” a bio-genetic management framework built on top of Kubernetes platform for managing TB/PB of data deployed across a cluster with hundreds of nodes.

“KubeGene” supports data-processing pipelines for Whole Genome Sequencing (WGS), Whole Exome Sequencing (WES), liquid biopsy, single cell sequencing and other sequencing scenarios with best practices, like Genome Analysis Toolkit (GATK), on the Kubernetes cluster. Furthermore, “KubeGene” can easily deploy a cluster-based data-science platform for data-mining based on the processed data. In conclusion, “KubeGene” provides users with full-stack, easy-to-use, scalable bio-genetic cloud computing solution.

Speakers
avatar for Shengjun Tang

Shengjun Tang

Senior Software Engineer 高级软件工程师, Huawei
Huawei Cloud architect, more than 10 years of work experience. At present, he is the technical leader of Huawei cloud application orchestration service and gene container field, leading cloud service catalog, application orchestration, and genetic container architecture design. He... Read More →



Wednesday November 14, 2018 14:40 - 15:15
2F Room 1

14:40

Intro: Falco - Jorge Salamero Sanz, Sysdig
Host intrusion detection (HID) has been around for some time. What if we rethought the problems HID solves in the context of Cloud Native platforms? What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, we’ll present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low-level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally, we will show how Falco can trigger functions to stop an abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security & incident response.

Speakers
avatar for Jorge Salamero Sanz

Jorge Salamero Sanz

Technical Marketing Manager, Sysdig
Jorge enjoys monitoring all the things, from his Docker containers and Kubernetes clusters to writing sensors plugins for DIY IoT projects with Raspberry PI and ESP8266. Currently he is part of the Sysdig team, and in the past was one of the promoters of HumanOps and a Debian developer... Read More →


Wednesday November 14, 2018 14:40 - 15:15
2F Room 4
  • Skill Level Any

14:40

Intro: Jaeger - Prithvi Raj Venkat Raj & Won Jun Jang, Uber
This session is an introduction to Jaeger and distributed tracing. We will do a short demo of the current Jaeger features, talk about the roadmap for the upcoming year, and finish with a Q&A. After this session the attendees should better understand how Jaeger fits in the observability space for cloud native applications. For more information on the project everybody is welcome to attend the Jaeger Deep Dive Session.

Speakers
avatar for Won Jun Jang

Won Jun Jang

Senior Software Engineer, Uber
Last he checked, Won is a software engineer working on distributed tracing and other observability related applications at Uber. Have questions about observability? Let's chat.
PR

Prithvi Raj

Software Engineer, Uber
All Things Tracing!



Wednesday November 14, 2018 14:40 - 15:15
3M 3
  • Skill Level Any

14:40

Intro: Open Policy Agent - Torin Sandall, Styra
OPA is designed and implemented to integrate with a wide range of services, frameworks, and protocols. Today there are integrations with a number of different projects like Kubernetes, Spring, and PAM as well as protocols like HTTP, gRPC, and Thrift. This session will introduce new users to OPA and explain how you can integrate OPA into your apps. The session will focus on the APIs that you need to use to offload policy decisions to OPA. During the session we will walk step-by-step through the process of integrating a sample app with OPA. The session will also cover best practices to follow when integrating with OPA. Attendees can expect to leave with a strong understanding of how to integrate with OPA. We will try to make the session as interactive as possible so that people can ask questions during the step-by-step walkthrough.

Speakers
avatar for Torin Sandall

Torin Sandall

Software Engineer, Styra
Torin Sandall is a co-founder of the Open Policy Agent (OPA) project. Torin has spent 10 years as a software engineer working on large-scale distributed systems projects. Torin is a frequent speaker at events like KubeCon, DockerCon, Velocity, and more. Prior to working on OPA, Torin... Read More →



Wednesday November 14, 2018 14:40 - 15:15
307 B
  • Skill Level Any

14:40

Intro: SIG Autoscaling - Marcin Wielgus & Maciej Pytel, Google
Come join members of SIG Autoscaling for a look at a "big picture" view of autoscaling in Kubernetes. We'll briefly discuss the different types of autoscaling (horizontal, vertical, and cluster), how they fit together, and where to use them.

Speakers
MP

Maciej Pytel

Software Engineer 软件工程师, Google
Maciej Pytel works on Kubernetes autoscaling at Google, focusing on Horizontal Pod Autoscaler and Cluster Autoscaler. Prior to Google, Maciej worked on multiple cloud orchestration projects (usually related to OpenStack) at Codilime.Maciej Pytel在Google的Kubernetes autoscaling上工作,专注于Horizontal... Read More →
avatar for Marcin Wielgus

Marcin Wielgus

Senior Software Engineer, Google
Marcin Wielgus is a Senior Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes more than 3 years ago... Read More →


Wednesday November 14, 2018 14:40 - 15:15
3M 1
  • Skill Level Any

14:40

Intro: SIG Release - Tim Pepper, VMware
This session on the Release Special Interest Group will give an introductory overview of the process of creating kubernetes releases, the team of community volunteers managing the release process, their roles and responsibilities, and how you can become involved.

Speakers
avatar for Tim Pepper

Tim Pepper

Open Source Engineer, VMware
Tim is a software engineer with over 20 years open source development experience. He is currently a member of VMware’s Open Source Technology Center acting as an open source developer advocate and contributing to upstream projects such as Kubernetes, where most recently he’s served... Read More →



Wednesday November 14, 2018 14:40 - 15:15
307 A
  • Skill Level Any

14:40

Navigating the Distributed Systems Execution Maze With OpenTracing - Ashlie Martinez & Ilya Kislenko, Kasten
As distributed systems have become commonplace, the need for organized, easy to parse debugging information from these systems has become a necessity. However, adding tracing in distributed systems presents unique challenges such as associating related trace information across processes and services, making minimally intrusive changes to add tracing infrastructure, and deciding when enough tracing has been added.

This talk discusses the adventures and resulting battlescars the engineers at Kasten obtained while adding OpenTracing and Jaeger to their Kubernetes system. By the end of this talk, listeners will know what results to expect from adding OpenTracing to Go projects, understand some of the gotchas associated with tracing, and learn some of the differences between tracing with services meshes only and using a tracing library.

Speakers
avatar for Ilya Kislenko

Ilya Kislenko

Software Engineer 软件工程师, Kasten
Automation is Ilya's passion. He believes that software should do everything and has been enabling that for the last 13 years. Starting with NVIDIA 3D gaming automation testing solution, into CyberSecurity Cloud with FireEye and Maginatics Cloud FS. He has worn many hats over these... Read More →
avatar for Ashlie Martinez

Ashlie Martinez

Software Engineer (Intern) 软件工程师(实习), Kasten
Ashlie completed her undergraduate degrees in Computer Science and Electrical Engineering at the University of Texas at Austin in 2018. While at the University of Texas at Austin, she led the CrashMonkey project, which focused on creating a test harness for checking file-system crash... Read More →



Wednesday November 14, 2018 14:40 - 15:15
302 B
  • Skill Level Any

14:40

Node Operator: Kubernetes Node Management Made Simple - Joe Chen, Ant Financial
A Kubernetes Node depends on many on-host softwares and configurations, including container runtime, network plugins, kubelet. The maintenance of these dependencies is tedious and error-prone. At Alibaba and Ant Financial, a typical cluster admin needs to maintain tens of thousands of Kubernetes' Nodes on average. We developed Node operator to make the task easy and less risky.
In this talk, we will share how we use Node Operator to maintain the software and configuration of the node. The declaritive API we designed allows the cluster admins to interactive with the node CRD resources to manage the life cycle of any Node. The Node Operator is also responsible for reacting to Nodes' status changes, and take recovery actions when needed. The Node Operator has an extensible design, which allows it to manage other on-host softwares that is not part of Kubernetes.

Speakers
avatar for Joe Chen

Joe Chen

Software Engineer, Ant Financial
Joe is a software engineer working in Ant Financial. Joe is now responsible for designing the Kubernetes cluster maintenance system, which maintenance tens of Kubernete clusters and tens of thousands of Kubernetes' Nodes automatically for Alibaba Group and Ant Financial. Joe 在蚂蚁金服担任软件工程师。Joe... Read More →



Wednesday November 14, 2018 14:40 - 15:15
2F Room 3
  • Skill Level Any

14:40

Turtles All the Way Down: Securely Managing Kubernetes Secrets With Secrets - Maya Kaczorowski & Alexandr Tcherniakhovski, Google
Secrets are the cornerstones of Kubernetes' security model; they are used both by Kubernetes itself (e.g., service accounts) and by users (e.g., API keys). In this talk, we will discuss users’ options for protecting secrets in Kubernetes.

We’ll start with an overview of how secrets are protected and mounted by default in Kubernetes. Then, we’ll cover improvements that have been made in recent releases, including secrets encryption (1.7), and KMS plugins (1.10 Alpha), and how these work with external providers like cloud KMS plugins and HashiCorp Vault. We’ll discuss the tradeoffs of these options based on your requirements. Lastly, we’ll demo how to use a KMS plugin with Kubernetes, and discuss planned improvements to the secrets system in Kubernetes.

You’ll leave with an understanding of your secret management options, and an idea of which one is best for your particular needs.

Speakers
avatar for Maya Kaczorowski

Maya Kaczorowski

Product Manager, Google
Maya is a Product Manager in Security & Privacy at Google, focused on container security, specifically container runtime security. She's published several blog posts on container security, and has talked on many security topics, including supply chain security, runtime security, secret... Read More →
avatar for Alexandr Tcherniakhovski

Alexandr Tcherniakhovski

Security Engineer, Google
Alex Tcherniakhovski Alex is a Security Engineer at Google, working on Kubernetes Engine Security team. Alex focuses on the encryption at rest features of Kubernetes. Alex also an owner of encryption of rest feature in Kubernetes. Before Google, Alex worked at Microsoft in various... Read More →



Wednesday November 14, 2018 14:40 - 15:15
305 B

14:40

Mesher: The Practice of a Production-Level Service Mesh - Xiaoliang Tian, Huawei
2018 is the year of service mesh, Mesher is an open source project of service mesh implementation. Mesher is flexible and open, it is able to run on any infrastructure or platform like kubernetes. By extending plugins, Mesher can be easily integrated with various protocols and backends including Prometheus, zipkin etc..

In this topic, Xiaoliang will share his practice about the implementation of a high performance service mesh, how developer use service mesh in their production environment and how Mesher and micro service framework use unified Istio control plane to connect to each other.

Speakers
avatar for Xiaoliang Tian

Xiaoliang Tian

Software Architect 软件架构师, Huawei
Xiaoliang Tian is a Software architect at Huawei, he currently works in Huawei cloud micro service team, as the leader of service mesh and Golang micro service framework solution. Xiaoliang has an experience about PaaS, DevOps and APM. He previously worked at Samsung as the lead... Read More →



Wednesday November 14, 2018 14:40 - 15:15
3M 5
  • Skill Level Any

15:00

Meet the Maintainer: Fluentd / Fluent Bit - Eduardo Silva, Treasure Data
Speakers
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, Arm / Treasure Data
Eduardo is a Principal Engineer at ARM / Treasure Data. He currently leads the efforts to make logging and data processing more friendly and scalable in Embedded and Containerized systems such as Kubernetes. Maintainer of Fluent Bit, a Fluentd open source sub-project.


Wednesday November 14, 2018 15:00 - 16:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

15:00

Meet the Maintainer: Rook - Jared Watts, Upbound
Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by "freeing the cloud" and is also a maintainer for the open source Rook project (https://rook.io/). Before Upbound, he worked on innovative storage projects at Quantum Corp. and... Read More →


Wednesday November 14, 2018 15:00 - 16:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

15:15

Coffee Break
Enjoy coffee & snacks in the Sponsor Showcase.

Wednesday November 14, 2018 15:15 - 15:35
1F

15:15

Keep K8S Simple and Fun - Wei Zhang, Alibaba
Kubernetes has been a most popular choice for enterprise container applications, but the self-deployment of Kubernetes clusters is still relatively complex. During this demo session, the Alibaba Cloud Container Services team will show you how to quickly deploy managed and serverless Kubernetes clusters on the cloud to simplify the operation, maintenance and management, and lead to a more agile deployment of the container application.

Speakers
avatar for Wei Zhang

Wei Zhang

Staff Software Engineer 主任软件工程师, Alibaba
Wei Zhang, Staff Engineer at Alibaba Cloud, technical leader for Serverless Kubernetes product, several years experiences on Linux kernel and Open source contributing, also have several conferences speaking experiences, includes LC3, LinuxCon Japan, and Taiwan Kubernetes Summit. Currently... Read More →



Wednesday November 14, 2018 15:15 - 15:35
Demo Theater, Sponsor Showcase
  • Skill Level Any

15:35

Rage Against the API-Machinery: Writing an Operator for Production - Tom Manville, Kasten & Ilya Kislenko, Kasten
An operator is a set of CustomResourceDefinitions (CRDs) that extends the Kubernetes API and a controller that handles the new API objects. Not only have the number of projects following the operator pattern exploded, but so have the number of ways to bootstrap an operator. The operator pattern is the basis for Kubernetes’ extensibility, but it is difficult to achieve the same robustness as in-tree APIs/controllers.
In this talk, the speakers will present what it takes to write a production-ready Operator based on their experience developing and running Kanister in production. They will compare popular operator kits, SDKs, and guides, presenting their trade-offs. Best practices for building, testing, and API versioning will also be covered. After the talk, the audience will feel comfortable developing a production-ready operator. Familiarity with CRDs is a suggested prerequisite.

Speakers
avatar for Ilya Kislenko

Ilya Kislenko

Software Engineer 软件工程师, Kasten
Automation is Ilya's passion. He believes that software should do everything and has been enabling that for the last 13 years. Starting with NVIDIA 3D gaming automation testing solution, into CyberSecurity Cloud with FireEye and Maginatics Cloud FS. He has worn many hats over these... Read More →
avatar for Tom Manville

Tom Manville

Software Engineer, Kasten
Tom graduated from the University of Michigan in 2011 and 2013 with a B.S.E. and M.S.E. in Computer Engineering where he researched low power computing and micro. After graduating, he joined Maginatics, a cloud based file system company which was acquired by EMC (now Dell EMC) late... Read More →



Wednesday November 14, 2018 15:35 - 16:10
2F Room 2

15:35

Compliance as Code - Lessons Learned From Regulated Organizations - Sergiu Bodiu, Standard Chartered
How can you use infrastructure as code to create frictionless on-boarding environment. Extend this framework to enable specific requirements based on the 1) type of products is offered and 2) country in which their products are sold. How do you create a secure cloud management layer for application teams without loss of productivity and agility?

Learn how to take the operations team on a journey of automation and how the organization looks like after hiring engineers to develop those capabilities following SRE model.

Migrating applications to Cloud services creates a model of shared responsibility between the customer and Cloud Service provider (CSP). CSP operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates.

Speakers
avatar for Sergiu Bodiu

Sergiu Bodiu

Cloud Architect 首席云架构师, Standard Chartered
Sergiu is passionate Cloud Architect within the Cloud Infrastructure Services @StandardChartered. Previously he was the Regional Platform Architect for APJ @Pivotal, where he was helping the region’s most strategic customers successfully implement technology, process and software... Read More →



Wednesday November 14, 2018 15:35 - 16:10
302 A

15:35

One-on-One Discussion: Quinton Hoole, Huawei & Chris Aniszczyk, CNCF
Technical Oversight Committee (TOC) member, Quinton Hoole, chats with CNCF COO, Chris Aniszczyk, about the Cloud Native Computing Foundation and its hosted projects.

Speakers
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO/COO, Linux Foundation (CNCF)
Chris brings more than 15 years experience as The Linux Foundation’s vice president of Developer Programs. His work is focused on working with developer community to advance open source projects at scale. Previously Chris served as Twitter’s head of open source, where he led a... Read More →
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President, Futurewei
https://www.linkedin.com/in/quintonhoole/YouTube me for previous presentations.CNCF TOC Member


Wednesday November 14, 2018 15:35 - 16:10
2F Room 4
  • Skill Level Any

15:35

Provisioning the Distributed Database TiDB on Kubernetes - Shuan Deng, PingCAP
I will give a short introduction for TiDB, and then how we manage this distributed database on Kubernetes. For SQL database, local SSD disk is preferred or required. I'll present how we extend Kubernetes to support local persistent volume for TiDB. And how we use the operator pattern for complicated stateful applications like distributed database.

Speakers
avatar for Shuan Deng

Shuan Deng

Cloud Engineer 云工程师, PingCAP
Shuan Deng is cloud engineer in PingCAP Company. He is the core developer of tidb-operator. He had a talk on CNUTCon 2017 in Shanghai. Shuan Deng 是 PingCAP 公司的云工程师。他是 tidb-operator 的核心开发者。曾出席上海 2017 年 CNUTCon 大会演讲。



Wednesday November 14, 2018 15:35 - 16:10
305 A
  • Skill Level Any

15:35

A Hybrid Container Cloud With Kubernetes and Hadoop YARN - Jian He & Bushuang Gao, Alibaba
Hadoop YARN is a resource management platform to run big data applications such as MapReduce, Spark and it is architecturally different from Kubernetes which well suits long running services. Many organizations keep both of them to fulfill different types of workloads. However, this approach will incur staggering ops and hardware cost.

Looking at the differences in the 2 types of workloads, is it possible to let them share a single cluster while keeping both resource management systems working in harmony? What are the requirements and what hurdles do we need to overcome?

In this talk we will present a framework developed by Alibaba, that can seamlessly run both Kubernetes and Hadoop in a single cluster with the ability of elastic resource sharing. In addition, we will also share lessons we learned in managing both workloads in production to support Alibaba massive commercial platform.

Speakers
BG

Bushuang Gao

Senior Software Engineer 高级软件工程师, Alibaba
Bushuang Gao is a Senior Engineer at Alibaba. He works in the container platform team and has extensive experience in Kubernetes and container area. Bushuang Gao 现任阿里巴巴高级工程师。他在容器平台团队工作,在 Kubernetes... Read More →
JH

Jian He

Staff Engineer, Alibaba
Jian He is a Staff Engineer at Alibaba where he works on a container infrastructures to support Alibaba massive workloads globally. Prior to that, he worked at Hortonworks Hadoop team, and primarily contributes to Hadoop YARN open source community where he has led many major features... Read More →



Wednesday November 14, 2018 15:35 - 16:10
2F Room 1

15:35

Intro: CoreDNS - Yong Tang, Infoblox
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. Often used as a part of the Kubernetes deployment, CoreDNS can serve as the cluster DNS for Kubernetes. With the unique plugin-based architecture, CoreDNS can also be used in many other places, either by functionalities provided out of the box, or by customized plugins. In this session, we will update CoreDNS' current state and the road map for the near future. The expected release of CoreDNS as the default DNS server for Kubernetes will be discussed heavily. We will also look into the integration with cloud vendors, for the extended and advanced usage of service discovery with CoreDNS.

Speakers
avatar for Yong Tang

Yong Tang

Director of Engineering, MobileIron
Yong Tang is the Director of Engineering at MobileIron working on cloud infrastructure. He contributes to different container and machine learning projects for the open source community. He is a maintainer of CoreDNS and Docker/Moby projects, and had multiple talks in KubeCon before... Read More →



Wednesday November 14, 2018 15:35 - 16:10
307 A
  • Skill Level Any

15:35

Intro: Helm - Taylor Thomas, Microsoft
This talk will explore how Helm, a package manager for Kubernetes, streamlines the on boarding and managing of applications running on Kubernetes. Kubernetes packages, called Charts, provide a way to deploy configurable, out-of-the-box applications, or package your own applications. In this demo-led session, we’ll show how you can use Helm to improve your deployment workflows, best practices for creating and configuring Kubernetes Charts, and lessons we’ve learned building Helm along the way. We'll also touch on what to expect in the next major version of Helm.

Speakers
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys hiking and camp... Read More →



Wednesday November 14, 2018 15:35 - 16:10
307 B
  • Skill Level Any

15:35

Intro: SIG IBMCloud - Sahdev Zala & Doug Davis, IBM
The presentation will cover an overview of the SIG-IBMCloud and highlights of the SIG activities. It will also provide an overview of how the SIG and IBMCloud contribute to the upstream work in various areas like scalability, networking, cloud registry, Helm and SIG App. We will also brief on near-term roadmap for the SIG. 

Speakers
avatar for Doug Davis

Doug Davis

STSM, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →
avatar for Sahdev Zala

Sahdev Zala

Senior Software Engineer, IBM
Sahdev P. Zala is a Senior Software Engineer in the IBM Digital Business Group Open Technology division. In his current role, Sahdev is focused on contributing to the Kubernetes and etcd upstream development. He is a member of Kubernetes and etcd-io github organization. He is also... Read More →



Wednesday November 14, 2018 15:35 - 16:10
3M 3
  • Skill Level Any

15:35

Intro: SIG Scheduling - Da Ma, IBM
In the past years, sig-scheduling incubated four projects to meet different scheduling scenario, e.g. batch workload, resource rebalance. We'd like to give an introduction for those incubator projects, so please join us for understanding of them. In this presentation, we'll give an introduction on its background, user case, tutorial and so on. We will also cover the feature interaction with kube-scheduler for better resource utilization. This session is most useful for cluster admins or those who want to start contributing to Kubernetes scheduler.

Speakers
avatar for Da Ma

Da Ma

Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader, Huawei
Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader. Jilin University master’s degree, majoring in grid computing and distributed system. After graduation, he focus on resource management, resource scheduling in distributed system. Kubernetes Maintainer,SIG-Scheduling联合负责人,kube-batch... Read More →


Wednesday November 14, 2018 15:35 - 16:10
3M 1
  • Skill Level Any

15:35

Seamless Integration - Take Kubernetes into your Existing Monitoring Stack - Shaojun Ding, IBM
Kubernetes has become a key scheduling and orchestration systems for containers and microservices nowadays. Along with this trend companies are willing to move their new workloads onto Kubernetes. However, for most of the companies they still have a lot of legacy systems which cannot be migrated to kubernetes. Typically, there are already well-established monitoring solutions for these legacy systems. So there comes a challenge that how you can make sure kubernetes can be integrated seamlessly with the existed monitoring stack. In this presentation I will walk you through how we integrate kubernetes with our existed monitoring system and shows some best practices for it: for example, how to have a central dashboard for viewing the whole system status, how to maintain a uniform alerting mechanism, etc. I will also show you how we introduce prometheus into our existed monitoring stacks.

Speakers
avatar for Shaojun Ding

Shaojun Ding

Software Engineer, IBM
Iris Ding works in IBM Open Technoloty team now and has rich experience about Open source development, middleware production development and cloud monitoring experience. Her current focus is Kubernetes, Service Mesh and Istio. She is also Apache CXF comitter and Istio Member. Iris... Read More →



Wednesday November 14, 2018 15:35 - 16:10
302 B
  • Skill Level Any

15:35

Configuring Your Kubernetes Cluster on the Next Level - Lucas Käldström, Independent

Are you tired of passing way too many flags to your Kubernetes components? Annoyed when flag defaults change or flags are suddenly removed?

There’s a better way around the corner, called ComponentConfig. Put your configuration in a file, tag it with `apiVersion` and `kind` like any other Kubernetes resource, and point your component to the file using the `--config` flag. As the general Kubernetes API machinery can be reused, version upgrades of the configuration are handled seamlessly.

This talk will dive into how ComponentConfig works, how you can adopt it for any (!) Go component, and how you can start configuring your Kubernetes clusters smoothly with this new approach.

By the end of this talk you should be able to:
 - Write your own Go program that adopts the ComponentConfig practice
 - Write ComponentConfig files for any Kubernetes component

Speakers
avatar for Lucas Käldström

Lucas Käldström

CNCF Ambassador, Independent
Lucas is a cloud native enthusiast that just graduated from High School. Lucas is serving the Kubernetes community in various lead positions, e.g. as a co-lead for SIG Cluster Lifecycle shepherding kubeadm from inception to GA, porting Kubernetes to multiple platforms and by being... Read More →



Wednesday November 14, 2018 15:35 - 16:10
2F Room 3

15:35

Securing the Deploy Pipeline - Felix Glaser, Shopify
Imagine taking arbitrary code, deploying it to production, and hoping everything is secure. When we don’t lock down our deployment pipelines and deploy arbitrary containers, we do exactly that. Join us to discover Shopify’s solution.

After a container is built, we run checks to determine its state: Is it free from vulnerabilities and outdated software? Does it originate from the correct deploy pipeline?

For every successful test, the container is signed and the signature stored in Grafeas.
During deploy time, the Kritis admission controller enforces the presence of the signatures.

Because the security state of a container can change, we log the metadata created during a container’s lifetime; if it becomes vulnerable, it can be recalled, fixed, and redeployed.

With Grafeas and Kritis, two new tools join Kubernetes, allowing everyone to prevent privilege escalation via code deployment.

Speakers
avatar for Felix Glaser

Felix Glaser

Senior Production Security Engineer ☁️ 生产安全工程师 ☁️, Shopify
Felix likes to climb, cycle, and code in Canada. The first two outside and the other one at Shopify, where he works on securing containers and their deployment into the cloud.



Wednesday November 14, 2018 15:35 - 16:10
305 B

15:35

Extending Istio - Develop a New Mixer Adapter for Your Monitoring Solution - Wen Tao Zhang & Yang Yang, IBM
With cloud native approach, microservice governance is becoming a more important and popular topic. Istio provides a complete solution for it by providing behavioral insights and operational control over the service mesh as a whole. Unlike relatively new concept of Istio, different kinds of mature monitoring systems may already exist and running for a long time in the environment, like NewRelic, logDNA, Sysdig. And how to use those massive amount of valuable data and integrate with existing system is a question worth thinking of.

This topic will introduce how to extend Istio by creating a mixer adapter, and take NewRelic metrics adapter as an example, to help you fully understand the mechanism underneath and best practice we learned during the process. And by the end, you will be able to build one of your own for any kinds of backends, for metrics, logging, quota or authorization.

Speakers
avatar for Yang Yang

Yang Yang

Advisory Software Engineer, IBM
Yang Yang is advisory software engineer in IBM. She's been working on monitoring for cloud platform over 4 years, and has a lot experience on large scale and dynamic environments. Besides cloud related, she is also very interested in front-end technologies. She had delivered the... Read More →
avatar for WenTao Zhang

WenTao Zhang

Advisory Software Engineer, IBM
Zhang WenTao is advisory software engineer in IBM. He is experienced in system/Cloud monitoring, DevOps, big data and kubernetes. He is interested in container orchestration in clusters, Service Mesh and AI. He had delivered the session "Extending Istio - Develop a New Mixer Adapter... Read More →



Wednesday November 14, 2018 15:35 - 16:10
3M 5
  • Skill Level Any

16:00

Meet the Maintainer: Jaeger – Won Jun Jang, Uber
Speakers
avatar for Won Jun Jang

Won Jun Jang

Senior Software Engineer, Uber
Last he checked, Won is a software engineer working on distributed tracing and other observability related applications at Uber. Have questions about observability? Let's chat.


Wednesday November 14, 2018 16:00 - 17:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

16:20

Protecting Stateful Workloads With CSI Snapshot - Xing Yang, Huawei & Jing Xu, Google
How do we make sure that data in a Kubernetes cluster is safe and reliable so that one can rest at ease at night?

Snapshot is a point-in-time copy of a volume. It is the basic building block of backup and restore, data migration, replication, and many other advanced applications built on top of it. Snapshot is a sought-after feature in Kubernetes and it is finally here to support CSI!

In this session, Jing and Xing will discuss about the snapshot support in Container Storage Interface (CSI), the standardized API design to represent snapshot objects in Kubernetes, and the controller to handle snapshot provisioning and binding. This talk will also cover restoring of volumes from snapshots, and how this can be applied to backup and restore, data migration, and many more advanced features to ensure data availability and integrity for stateful workloads in the Kubernetes environment.

Speakers
JX

Jing Xu

Software Engineer, Google
Jing Xu obtained her Ph.D. from Electrical and Computer Engineering Department, University of Florida in May 2011. After graduation, she had been a lecturer in School of Computer Science in Florida International University for about 4 years. She moved to Bay area in late 2014 and... Read More →
avatar for Xing Yang

Xing Yang

Lead Architect, OpenSDS
Xing Yang is the Lead Architect of OpenSDS, an open source project under Linux Foundation. Xing is a contributor in Kubernetes and Container Storage Interface (CSI), co-lead of Volume Snapshot project in Kubernetes SIG-Storage, co-author of CNCF Storage Landscape white paper, and... Read More →



Wednesday November 14, 2018 16:20 - 16:55
2F Room 2

16:20

Let Developers and Operators Focus on What They Know Best - Rafal Gajdulewicz & Julie Zhuying Li, Google
Kubernetes has steep learning curve for application developers and operators to learn new concepts to manage multiple tools and artifacts to build deployment pipelines. This problem is worsened by the dynamic and heterogeneous nature of cloud and hybrid environments, where components constantly get upgraded, scaled and destroyed.

In this talk we would like to demonstrate a workflow letting each role focus on what they do best by separating app and ops artifacts and versioning them in separate repositories. This separation allows CI/CD tools to effectively keep the desired and actual state in sync while simplifying complex processes required when delivering multiple applications. Finally, we will show how the OSS Cluster Registry can be used to manage deployment and experimentation when managing multiple Kubernetes clusters in different environments.

Speakers
RG

Rafal Gajdulewicz

Software Engineer, Google
Rafal is a Software Engineer at Google, working on UI for Google Kubernetes Engine. He has first-hand experience migrating existing software systems to cloud and is looking to make adoption of cloud simpler. Rafal 是谷歌的软件工程师,从事谷歌 Kubernetes Engine... Read More →
avatar for Julie Zhuying Li

Julie Zhuying Li

Interaction Designer 交互设计师, Google
Julie works as an Interaction Designer at Google focusing on user experience design for Google Kubernetes Engine. She strives to enable developers of all skill-levels to use Kubernetes by building intuitive experiences. Julie 是谷歌的交互设计师,负责谷歌 Kubernetes... Read More →



Wednesday November 14, 2018 16:20 - 16:55
302 A

16:20

Managing RBAC Cross Multiple Kubernetes Clusters - Alena Prokharchyk, Rancher Labs, Inc.
Having several Kubernetes clusters in the organization quickly became de facto. The need could be driven by geographical separation, where clusters are located in different regions; or logical when cluster is dedicated to a particular team or department. With that comes a new challenge for an administrator - managing users and their permissions in heterogeneous Kubernetes cloud.

During this session I want to share my team's experience building an open source authentication/authorization framework leveraging Kubernetes CRDs, that makes cross clusters auth and RBAC easy by having:

* Multiple clusters, but single authentication and authorization point
* Managing users RBAC permissions cross clusters, and automatic permission grant to the user
* Effective way of grouping cluster's resources into manageable subsets to make RBAC/PodSecurity/NetworkPolicy application easier.

Speakers
avatar for Alena Prokharchyk

Alena Prokharchyk

Senior Engineering Manager, Rancher Labs, Inc.
Alena is a Principal Software Engineer and Manager at Rancher Labs. For the last 10 years she's been working on building open source infrastructure services first for Virtual Machines, now for containers with main focus on Kubernetes.



Wednesday November 14, 2018 16:20 - 16:55
305 A
  • Skill Level Any

16:20

Benchmarking Machine Learning Workloads on Kubeflow - Xinyuan Huang, Cisco Systems, Inc. & Ce Gao, Caicloud
Benchmarking is an essential part in machine learning research and productization, that provides useful performance information from the perspectives of both models and systems. While Kubernetes and Kubeflow give us a great platform for ML workloads to run on, they do not automatically provide a straightforward way to perform benchmark tasks, especially for complex ML workloads based on distributed jobs. In this talk we present Kubebench, an open sourced benchmarking tool based on Kubeflow, that helps us better understand the performance signature of our ML workloads on Kubernetes through automated and consistent benchmarks. We also show how we can leverage other benchmarking efforts from academia and industry like MLPerf and Dawnbench.

Speakers
avatar for Ce Gao

Ce Gao

Engineer Intern 实习工程师, Caicloud
Ce Gao is an engineer intern in Caicloud and a maintainer of Kubeflow project focusing on distributed training and AutoML support on Kubernetes. He is currently pursuing the post-graduation degree with the School of Software, Shanghai Jiao Tong University, China. Ce Gao... Read More →
avatar for Xinyuan Huang

Xinyuan Huang

Sr. Software Engineer 高级软件工程师, Cisco Systems, Inc.
Xinyuan Huang is a Sr. Software Engineer at Cisco. He holds a Master's degree in Machine Learning. His interests include resource and performance optimizations in Cloud and AI systems, AI/ML platforms and applications, etc. He is an active member in the Kubeflow community where he... Read More →



Wednesday November 14, 2018 16:20 - 16:55
2F Room 1

16:20

Intro: CNCF Cross-Cloud CI - W. Watson, Vulk
The CNCF CI Working Group was asked to demonstrate best practices for integrating, testing, and deploying projects within the CNCF ecosystem across multiple cloud and bare metal providers. The Cross-Cloud CI project continually validates the interoperability of each CNCF project, for any commit on stable and head, running on Kubernetes clusters which are provisioned to all supported cloud providers. The results of each testing stage are published to the cncf.ci status dashboard. An Intro session will give an overview of the project, technologies used, a demo of the current status of the CI System and dashboard, and allow time for Q&A.

Speakers
avatar for W. Watson

W. Watson

Principal, CNCF Cross-Cloud CI & Vulk
Wavell Watson has been professionally developing software for 23 years.He has spent the numerous years studying game theory and other business expertise in pursuit of the perfect organizational structure for software co-operatives. He also founded the Austin Software Cooperatives... Read More →



Wednesday November 14, 2018 16:20 - 16:55
3M 1
  • Skill Level Any

16:20

Intro: CNCF K8s-Conformance WG - Zefeng Wang, Huawei & Aaron Crickenberger, Google
This presentation will cover topics such as high level overview of certification qualification criteria, self-testing process, conformance time-period and supported K8S versions etc. This talk will also cover an overview of what baseline conformance program is and how possible future “Profiles” may be layered on top of the baseline conformance criteria. This session will conclude with Q & A.

Speakers
avatar for Aaron Crickenberger

Aaron Crickenberger

Senior Test Engineer 高级测试工程师, Google
Aaron has been involved in open source since 2007, cloud since 2009, and Kubernetes since 2015. He was elected to the Kubernetes Steering Committee in 2017.He co-founded the Kubernetes Testing SIG, and actively contributes in the Architecture, Contributor Experience, Release, and... Read More →
avatar for Kevin Wang

Kevin Wang

Principal Engineer, Huawei
Zefeng(Kevin) Wang is a Principal Engineer of the PaaS Team at Huawei. Currently working on Kubernetes, KubeEdge and Huawei Cloud container products. He is the lead of Huawei Kubernetes & Cloud Native open source team and co-founder of KubeEdge project.



Wednesday November 14, 2018 16:20 - 16:55
3M 3
  • Skill Level Any

16:20

Intro: SIG Testing - Jessie Zhu & Sen Lu, Google
The intended audience for this SIG Testing Intro is new and existing contributors to the Kubernetes project, or developers who are interested in learning how prow can be used on their projects today. We will walk through the lifecycle of a PR submitted to kubernetes, and how it is implemented and automated with prow. This will include details about how prow reacts to github events, handles /commands from humans, checks for labels, etc. This will also include how prow kicks off jobs, how those jobs run in pods, what happens inside of the pods, and how results are generated and collected. Finally we will show a variety of tools and dashboards that can be used to show the state of a given PR, as well as testing for the project as a whole.

Speakers
avatar for Sen Lu

Sen Lu

Software Engineer 软件工程师, Google
Sen started to contribute to Kubernetes Project since 2016. Sen is mainly focus on Kubernetes Testing Infrastructure, i.e. Prow, Kubetest, Gubernator, Boskos, and Testgrid...Sen自2016年开始为Kubernetes项目做出贡献。Sen主要专注于Kubernetes测试基础设施,即Prow,Kubetest,Gubernator,Boskos和Testgrid... Read More →
JZ

Jessie Zhu

Software Engineer Manager, Tools and Infrastructure 软件工程师经理,工具和基础架构, Google
Jessie Zhu is a software engineer manager at Google working on engineering productivity for Knative and Google serverless products. Prior to Google, Jessie worked in Microsoft for 15 years building and leading teams of software developers to build tools and infrastructures (such as... Read More →



Wednesday November 14, 2018 16:20 - 16:55
307 A
  • Skill Level Any

16:20

Intro: SIG VMware - Fabio Rapposelli & Steve Wong, VMware
Join the SIG VMware introduction session to learn our mission, recent accomplishments and discuss future work. We will also focus on how new contributors can get involved in the SIG. Kubernetes has the concept of a Cloud Provider, which is a standardized module which allows Kubernetes to run on various platforms which might have different implementations of networking, storage, and node management. Kubernetes is in the process of moving to a new “out of tree” cloud manager architecture to allow cloud providers to have independent feature and patch release cycles. Learn how the vSphere cloud provider is evolving to meet this new model. This session will outline how to get started when you deploy Kubernetes on vSphere infrastructure, on-prem or in a public cloud. Material covered is applicable to kubeadm deployments, and when using Kubernetes distributions on vSphere infrastructure.

Speakers
avatar for Fabio Rapposelli

Fabio Rapposelli

Staff Software Engineer, VMware
Purveyor of all things open source, loves distributed systems and solving complex problems. Renaissance man and human Rube Goldberg machine, Fabio is responsible for many of the Open Source integrations between Vagrant, Docker and VMware. Frequent speaker at conferences such as dotGo... Read More →
avatar for Steven Wong

Steven Wong

Open Source Software Engineer, VMware
Steve Wong has been active in the Kubernetes and Apache Mesos communities since 2015. He is chair of the VMware SIG, and a co-organizer of the IoT and Edge Working Group on the Kubernetes project. He is a past speaker at KubeCon, MesosCon, Open Source Summit, SCALE, and meetups in... Read More →



Wednesday November 14, 2018 16:20 - 16:55
307 B
  • Skill Level Any

16:20

Production Cluster Monitoring and Remediation for High Reliability at eBay - Shijun Qian & YingKe Liu, eBay
eBay runs dozens of Kubernetes clusters across global data centers in different regions. Tens of thousands of nodes support eBay core services such as search and big data. Complex large cross-regional production clusters and the extremely high cluster stability required workloads make monitoring and remediation a huge challenge for us. Based on Prometheus federation, component assertions, metric exporters and our own monitoring tools, we built a series of clear dashboards, and then we implemented a complete cross-clusters remediation flow, incident management, and monitoring automation. In this talk, we hope to share our large-scale Kubernetes production clusters monitoring experience and future thoughts.

Speakers
YL

YingKe Liu

MTS1, Software Engineer/ 高级软件工程师, eBay
A senior software engineer in eBay, working in host-runtime sig which focuses on reliability of OS/kernel/docker. More than 10 years’ experience working in software development./负责ebay kubernetes集群节点的OS/Kernel/docker的可靠性方面的DevOps,10... Read More →
avatar for Shijun Qian

Shijun Qian

Software Engineer 软件工程师, eBay
Shijun (Daniel) Qian works on eBay's cloud team. He has a wide range of interests in many aspects of cloud native computing, mainly focused on monitoring, cluster health management, and networking.He is also an active open source contributor (github: @danielqsj):1. Sponsor and maintainer... Read More →



Wednesday November 14, 2018 16:20 - 16:55
302 B
  • Skill Level Any

16:20

Kubernetes VM Solutions for Multi-Tennant Applications - Guangxu Li & Yanqiang Miao, ZTE Corporation
Sometimes your app doesn't need a full-blown OpenStack implementation, but it's not quite ready for kubernetes to hold a full VM, either. Developers have launched several projects in the last year to meet these requirements. While there are many differences in technical details, at a high level these projects can be divided into two contrasting usage targets: Running traditional VM workloads alongside application container as part of a complex application and running application containers workloads with VM-level isolation for security. In this presentation, Guangxul Li and Yanqiang Miao will show how to run VM workloads on kubernetes with kubevirt,virtlet,rancherVM, and how to guarantee security containers with kata container, gvisor.

Speakers
avatar for Guangxu Li

Guangxu Li

Senior Software Engineer 高级软件工程师, ZTE Corporation
Guangxu Li is a kubernetes community contributor who most focus on kube scheduler components. In addition to contributing kubernetes community, Guangxuli also participates the runtime and VM solutions in kubernetes ecosystem. Guangxu Li works on ZTE Corporation a multinational telecommunications... Read More →
avatar for Yanqiang Miao

Yanqiang Miao

Software Engineer 软件工程师, ZTE Corporation
Yanqiang Miao is a software engineer works on ZTE Corporation. An open source project contributor, especially in kubernetes, containerd, kata-container community. He focuses on container technology, container Orchestration, etc. Member of the containerd and k8s communities.



Wednesday November 14, 2018 16:20 - 16:55
2F Room 3
  • Skill Level Any

16:20

Access Policies for Hybrid Cloud Environments - Ruiyi Wang, Google
A typical admin/developer today needs to deal with many access policy systems: K8s RBAC, Istio RBAC and ABAC, OPA, policies from cloud vendors including IAM, firewall rules, quota etc. Reasoning about access across these systems is getting more and more complex and difficult. We want to invite those who build access policies and those who use access policies to come together to discuss the vision of a secure, easy to use and consistent/coherent access management experience across infrastructure, services and applications. And more importantly: how do we get there?

Speakers
avatar for Ruiyi Wang

Ruiyi Wang

Group Product Manager 产品经理, Google
Rae is a Group Product Manager at Google and leads the product team for GCP config and policy management. Passionate about helping enterprise customers adopt Cloud and OSS tools, Rae has launched products in security, CI/CD, cost management and config management. She has spoken at... Read More →



Wednesday November 14, 2018 16:20 - 16:55
305 B

16:20

Modern Service Networking With Consul Connect, Envoy and Kubernetes - Nic Jackson, HashiCorp
A service mesh is necessary for organizations adopting microservices and dynamic cloud-based infrastructure. Traditional host-based network security must be replaced with modern service-based security to accommodate the highly dynamic nature of modern runtime environments.

In this talk, we will look at Connect a significant new feature in the open source Consul from HashiCorp. Connect provides secure service-to-service communication with automatic TLS encryption and identity-based authorization.

We will cover both the theory why a Service Mesh enhances your application security, and a deep dive on configuring and operating Connect and Envoy to secure your Kubernetes services.

Speakers
avatar for Nic Jackson

Nic Jackson

Schedule or People, HashiCorp
Nic Jackson is a developer advocate at HashiCorp and the author of “Building Microservices in Go” a book which examines the best patterns and practices for building microservices with the Go programming language. Additionally, Nic is writing “Vault in Action” with his co-author... Read More →



Wednesday November 14, 2018 16:20 - 16:55
3M 5

17:15

Keynote: Welcome Messages - Liz Rice, Technical Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. Last year she was Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Wednesday November 14, 2018 17:15 - 17:16
301
  • Skill Level Any

17:16

Keynote: Kubernetes Serverless Present and Serverless Future – Brendan Burns, Distinguished Engineer & Co-Founder of Kubernetes, Microsoft
Speakers
avatar for Brendan Burns

Brendan Burns

Distinguished Engineer, Microsoft
Brendan Burns is a co-founder of the Kubernetes open source project and a Distinguished Engineer at Microsoft Azure where he focuses on containers, Kubernetes and DevOps. He has a PhD in Computer Science from the University of Massachusetts and a BA in Computer Science and Studio... Read More →



Wednesday November 14, 2018 17:16 - 17:36
301
  • Skill Level Any

17:38

Keynote: Delivering Renewable Energy with Kubernetes – Wei Zhang, VP Technology, Goldwind Smart Energy & Sheng Liang, CEO, Rancher Labs
Goldwind (SEHK: 2208) is the 3rd largest wind turbine manufacturer in the world. We have deployed 28,500 wind turbines worldwide. Our wind turbines contribute to over 9040 megatons of CO2 reductions annually. Delivering renewable energy at this scale presents significant challenges to our IT operations team: Wind turbines need to be centrally monitored regardless of where they are installed in the world. On the other hand, weather data process and AI technologies must be deployed at the edge in order to predict power output for a cluster of turbines.

We will discuss how Goldwind uses Kubernetes and container technologies to solve these technical challenges. We will explain how Goldwind utilizes Kubernetes clusters both in central data centers and in edge locations. By deploying container technologies, we have achieved improved operational efficiency and 10x faster software iteration speed. We will also talk about some of the challenges we encountered in this on-going effort, in particular how to manage thousands of edge locations, each running independent Kubernetes clusters.

Speakers
avatar for Sheng

Sheng

CEO 首席执行官, Rancher Labs
Sheng Liang, co-founder and CEO of Rancher Labs. Sheng got his Doctor Degree in Computer Science at Yale University. He is the author of JNI, the core component of the Java language J2SE platform, and also led the design and development of JVM. Sheng is known as the Father of CloudStack... Read More →
avatar for Wei Zhang

Wei Zhang

VP Technology 技术副总裁, Goldwind Smart Energy
Wei Zhang is VP Technology and Deputy General Manager of Goldwind SmartEnergy. He is responsible for the strategic planning and development of alternativeenergy software and services. Previously Wei served as an architect at Xinjiang WindEnergy, where he developed the first-generation... Read More →



Wednesday November 14, 2018 17:38 - 17:58
301
  • Skill Level Any

18:00

Keynote: The Challenges of Funding Open Source Development: The Case for Open Governance and Enterprise Contributions - Todd Moore, Vice President of Open Technology, IBM
The beauty of open source is that it is developed in the open as a public collaboration between companies and individuals and then made freely available to download and use. It sounds perfect but at the end of the day, who really pays for open source to meet the demands of quality code contributions and best of breed maintenance? In his keynote, Todd Moore explores this provocative question making the rounds in developer circles today and makes the case for open governance and enterprise contributions as the way forward. Learn about the best practices of open governance as well as the crucial importance of enterprise contributions to open source to drive quality code, deliver on maintenance needs and minimize overall risk for the community. 

Speakers
avatar for Todd Moore

Todd Moore

Vice President, Open Technology, IBM
Todd Moore, IBM VP Open Technology, leads the IBM global team engaged in open communities that are fueling both innovation and new business models. Todd can be found engaged with communities and technologies that span Cloud Computing, AI, Quantum Computing, Blockchain, Mobile, IoT... Read More →



Wednesday November 14, 2018 18:00 - 18:05
301
  • Skill Level Any

18:05

Keynote: Closing Remarks - Liz Rice, Technical Evangelist, Aqua Security
Speakers
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. Last year she was Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →


Wednesday November 14, 2018 18:05 - 18:15
301
  • Skill Level Any

18:15

Sponsor Showcase + Welcome Reception
Join sponsors & fellow attendees at the Welcome Reception!  Experience live entertainment from local artists and enjoy food & drinks in the Sponsor Showcase.  Don't miss the Lucky Draw at 19:10!

Wednesday November 14, 2018 18:15 - 20:15
1F
 
Thursday, November 15
 

07:30

Registration
Thursday November 15, 2018 07:30 - 17:00
1F Foyer

08:00

Sponsor Showcase + Welcome Breakfast
Visit with sponsors, network with fellow attendees and enjoy coffee and pastries before the keynotes begin. The sponsor showcase will be closed during keynote presentations.

Thursday November 15, 2018 08:00 - 09:00
1F

09:15

Keynote: Welcome Messages
Thursday November 15, 2018 09:15 - 09:30
301
  • Skill Level Any

09:30

Keynote: A Tale of Using Kubeflow to Make the Electricity Smarter in China – Julia Han, COO & Xin Zhang, CEO, Caicloud
Artificial Intelligence (AI) has the potential to permeate and intertwine with every industry in our society; however, even though open-source AI frameworks such as TensorFlow have lowered the barrier to experiment new algorithms, without sufficient computing power all the advanced deep neural networks would grind to a halt.

Kubeflow aims to tailor Kubernetes to support data analytical workloads and to provide an elastic AI pipeline for model developers to improve their model development velocity, solve their devops chores, and build robust and efficient production training and serving systems.

We share a journey of using Kubeflow to empower engineers from State Grid of China, which exemplifies a traditional corporate, to develop OCR, vision, and time series prediction models, enabling practical innovation for their finance department and core business.

Speakers
avatar for Julia Han, Ph.D

Julia Han, Ph.D

COO 首席运营官, Caicloud
Julia is co-founder and COO at Caicloud that provides Kubernetes based toolings and K8s + ML platform for enterprises in production in China since 2015. As the very initial evangelist of Kubernetes in China, she has served as CNCF global ambassador and organized dozens of K8S meetups... Read More →
avatar for Xin Zhang

Xin Zhang

CEO 首席执行官, Caicloud
Xin is currently CEO and co-founder of Caicloud (https://caicloud.io), a startup that fosters Kubernetes community in China (https://kubeacademy.caicloud.io) and provides Kubernetes-based products and services for Chinese enterprises. His team has helped tens of well-known Chinese... Read More →



Thursday November 15, 2018 09:30 - 09:50
301
  • Skill Level Any

09:52

Keynote: Expanding to Verticals, How Kubernetes Accelerates Cloud-Native Movement in Various Industries – Zhenqin (Alan) LIAO, Director of PaaS Product Dept, Cloud Business Unit, Huawei
Since its open source in 2014, Kubernetes has gradually matured, stabilized, and been widely adopted by internet companies. Enterprises in various industries are starting to see the potential of Kubernetes, and are increasingly making investments in Kubernetes as well. This talk will discuss the momentum of Kubernetes adoption in Enterprise, and how it helps enterprises with their digital transformation.

Speakers
AL

Alan Liao

Director of PaaS Product Dept, Cloud Business Unit 华为云 PaaS 服务产品部部长, Huawei
Liao Zhenqin is the director of general manager of PaaS Produce Dept, Cloud Business Unit in Huawei Technologies Co., Ltd. He is responsible for R&D, competitiveness building, and business success in PaaS service products (containers, microservices, middleware, APM, blockchain, etc... Read More →



Thursday November 15, 2018 09:52 - 09:57
301
  • Skill Level Any

09:59

Keynote: Kubernetes as a Foundational Layer of Infrastructure – Vicki Cheung, Engineering Manager, Lyft
At a reasonably sized tech company these days, the infrastructure has to support a variety of use cases:

- Production Microservices
- Batch Workflows
- Machine learning training and deployment with GPUs
- Research & Development

Not to mention that certain use cases might need custom hardware, thus requiring multi / hybrid cloud. The challenge for our infrastructure team is to keep the overall systems complexity down, while providing an extensible, scalable platform. A year and a half ago, I talked about using Kubernetes for deep learning research at scale. Since then, the platform has matured at an incredible pace. In this talk, I will cover why Kubernetes is the platform of choice for Lyft, as well as challenges and surprises along the way, what use cases were most natural, and how we're migrating production traffic.

Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.Vicki 现为 Lyft... Read More →



Thursday November 15, 2018 09:59 - 10:19
301
  • Skill Level Any

10:21

Keynote: Cloud Native Best Practices In Tencent Architecture - Joezou, PaaS Product Center Director, Tencent Cloud
Tencent has been investing engineering effort in the field of containers and orchestration since 2009. Currently, hundreds of millions of containers are running daily to support WeChat, Mobile Tencent Analytics Platform, Mobile Game, and other products, and we have accumulated best practices experience in stateful applications, big data, and AI. Tencent is eager to contribute our expertise to help build the cloud native ecosystem in China with other CNCF members.

Speakers
J

Joezou

PaaS Product Center Director, Tencent Cloud
Joezou graduated into the software development industry in 2006. He joined Tencent in 2010, and was responsible for Tencent's internal high-performance, distributed communication framework and cache service design and development work, and then entered the cloud computing industry, led... Read More →



Thursday November 15, 2018 10:21 - 10:26
301
  • Skill Level Any

10:28

Keynote: Accelerating Genome Sequencing via Containers and Kubernetes – Chao Wang, CTO, X-Turing & Anni Lai, Head of Global Business Development, VP of Strategy & Business Development, Huawei & Governing Board Member, CNCF
Genome sequencing is figuring out the order of DNA nucleotides, or bases, in a genome – the order of As, Cs, Gs, and Ts that make up organism’s DNA. The human genome is made up of over 3 billion of genetic letters, thus genome sequencing projects tend to be large and the data processing processes are generally complex and require a variety of tools and software. The traditional HPC or VM based platform tends to fall short in a genome sequencing computation environment.
X-Turing, a leading biotechnology company in China who provides biotech related solutions and services to enterprises and customers such as doctors, scientists, dietitians, aestheticians, etc, overcame the challenges that traditional HPC and VM based platform faced in a genome sequencing environment by building an entire workflow and a full stack toolchain using containers and Kubernetes. X-Turing’s Kubernetes platform is a live system in production that offers 5000+ container-based applications, thousands of container instances servicing enterprise customers such as Beijing Genomics Institute, China National GeneBank, New China Life Insurance, and many top hospitals and universities in China. 
In this talk, we will discuss the challenges that X-Turing faced during their genome sequencing projects and how they were able to leverage modern technologies such as containers and Kubernetes to overcome challenges. We will also discuss the next phase of X-Turing’s IT modernization in order to further improve their IT efficiency and better serve their business needs. 

Speakers
avatar for Anni Lai

Anni Lai

Head of Global Business Development, VP of Strategy & Business Development, Huawei
Anni leads the Operations of Huawei’s Cloud Open Source Development Team responsible for OpenStack, Containers, Open Storage, AI/Deep Learning, and other Cloud-related open source projects. Anni currently sits on both OpenStack and CNCF Boards. In addition, Anni is part of Huawei’s... Read More →
avatar for Chao Wang

Chao Wang

CTO 首席技术官, X-Turing
Mr. Chao Wang is currently the CTO of X-Turing, a company for bioinformatics tools and big data platform for genomics. Mr. Wang has been working as a software engineer for 10+ years in many fields such as Linux, Cloud, Telecom NFV, Big Data, and AI. Now he spends all of his time to... Read More →



Thursday November 15, 2018 10:28 - 10:48
301
  • Skill Level Any

10:50

Keynote: End User Awards - Chris Aniszczyk, CTO/COO, Cloud Native Computing Foundation
Speakers
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO/COO, Linux Foundation (CNCF)
Chris brings more than 15 years experience as The Linux Foundation’s vice president of Developer Programs. His work is focused on working with developer community to advance open source projects at scale. Previously Chris served as Twitter’s head of open source, where he led a... Read More →



Thursday November 15, 2018 10:50 - 11:07
301
  • Skill Level Any

11:07

Keynote: Closing Remarks - Liz Rice, Technology Evangelist, Aqua Security & Janet Kuo, Software Engineer, Google
Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →
avatar for Liz Rice

Liz Rice

Technology Evangelist, Aqua Security
Liz Rice is the technology evangelist at container security specialists Aqua Security, where she works on container-related open source projects including kube-bench and kube-hunter. Last year she was Co-Chair of the CNCF’s KubeCon + CloudNativeCon events in Copenhagen, Shanghai... Read More →



Thursday November 15, 2018 11:07 - 11:10
301
  • Skill Level Any

11:10

Coffee Break
Enjoy coffee & snacks in the Sponsor Showcase.

Thursday November 15, 2018 11:10 - 11:30
1F

11:10

Sponsor Showcase
Visit with sponsors, network with fellow attendees and enjoy food & drinks in the Sponsor Showcase.

Thursday November 15, 2018 11:10 - 16:00
1F

11:15

Distributed Video Transcoding on Cloud - Yang Rong, Intel
Video transcoding is very important in Media on Cloud. The demo will show the distributed video transcoding on cloud, based on kubernetes. And we can make use of available CPU and GPU computing resources at the same time. It splits one video stream into several video segments. And then it distributes the transcoding task to different kubernetes pods, so that the transcoding tasks can be done simultaneously. The transcoded video segments will be concatenated together when all the transcoding jobs are finished. In one word, we transcode the stream in the cloud distributed, and can reduce the time to 1/N of the original transcoding time. (N is the number of kubernetes nodes) This shows the adding value of Cloud to Media domain. The cloud provide configurable and multiple nodes for one stream operation to save the time, and keep the efficiency.

Speakers
avatar for Yang Rong

Yang Rong

Senior Software Engineer 高级软件工程师, Intel
Rong is graduated from East China Normal University in 2007, with master degree. He joined Intel Opensource Technology Center in 2013 as graphics software engineer. He participated in Intel Open Source OpenCL driver development, was driver projects’ project’s maintainer. Now Rong... Read More →



Thursday November 15, 2018 11:15 - 11:35
Demo Theater, Sponsor Showcase
  • Skill Level Any

11:30

Kustomize: Template-Free Configuration Customization for Kubernetes - Jeffrey Regan, Google
Managing configuration in Kubernetes is a common task and usually quite challenging as the application scales up. Numerous tools have been developed, but seldom leverages the power of native Kubernetes APIs. Kustomize is a new tool for customizing manifests of Kubernetes application in a declarative way. In this talk, attendees will learn the basic concepts of Kustomize and workflows to customize a real world application like MySQL-Wordpress for different scenarios. Attendees will also learn the best practices for managing Kubernetes manifests.

Speakers
avatar for Jeffrey Regan

Jeffrey Regan

Software Engineer 软件工程师, Google
At Google Jeff worked on search, Google Play Games, Google Helpouts, Google satellite imagery, and most recently kubernetes. Jeff contributes to SIG-CLI sponsored projects - kustomize and kubectl.Jeff 是谷歌的软件工程师,从事谷歌 Kubernetes Engine。他是SIG-CLI赞助项目kubectl... Read More →



Thursday November 15, 2018 11:30 - 12:05
2F Room 2
  • Skill Level Any

11:30

.Net Framework to .Net Core Microservices With Windows and Linux Containers - Hongxi Ma, Cloud To Go Inc. Ltd.
Legacy .Net Framework applications still take significant roles in enterprise environment, most of them are monolithic apps based on .Net framework.  Survey shows quite a few companies  are interested in .Net Core microservice and container technologies.

However, There will be a lasting period when .Net framework and .Net Core co-exist and collaborate with each other. One of the challenges that most companies have to face is how to build a unified supporting infrastructure and platform that work for both generations.

In this presentation, Hongxi will demonstrate a real life case and introduce the solutions that include: 1.) Windows Server 2016 container environment and .Net Framework services implemented and managed with Kubernetes; 2.) .Net Core services running in Linux containers; 3.) some of the technological challenges in Windows Container deployment supported by Kubernetes.

Speakers
avatar for Hongxi Ma

Hongxi Ma

CTO 首席技术官, Cloud To Go Inc. Ltd.
Hongxi is a technical professional in cloud computing area with solution architecting and product development experiences for more than 10 years.   Hongxi’s earlier experience in Xen and virtualization was with Oracle as development team lead, later on he became a master for the... Read More →


Thursday November 15, 2018 11:30 - 12:05
305 B
  • Skill Level Any

11:30

Evolving Sigma: Adapting Kubernetes at Alibaba - Xiang Li, Alibaba
Sigma is a cluster management system we use at Alibaba for running online services. The typical container cluster It manages has tens of thousands of servers which is beyond the capability of current Kubernetes. It also manages legacy workloads which are not container based.

With the increasing popularity of Kuberenetes, we tried to integrate Kubernetes into our Sigma system. However, there are significant challenges in doing so. How do we extend Kubernetes to support different types of workloads? How do we scale Kubernetes to manage thousands of nodes? How do we keep Kubernetes API while integrating Kubernetes with our infrastructure layer?

This talk we will first provide an overview of Sigma. Then we will cover the solutions on how we extend, scale and integrate Kubernetes into Sigma at Alibaba. We will also share the lessons learned in the process.

Speakers
XL

Xiang Li

Senior Staff Engineer, Alibaba
Xiang is a Senior Staff Engineer of Alibaba. He works on Alibaba’s cluster management system and helps with Kubernetes adoption for the entire Alibaba group. Prior to Alibaba, Xiang led the Kubernetes upstream team at CoreOS. He is also the creator of etcd and Kubernetes operator... Read More →



Thursday November 15, 2018 11:30 - 12:05
305 A

11:30

Modern Data Science in a Cloud Native World - Samuel Kreter, Microsoft
We now live in 2018, where the meaning of Big Data keeps getting bigger. Yet, the tools most people are using with their data requires a huge amount of experience to understand and scale. We are also facing a time where it is necessary to track the flow of data for better understanding and compliance with GDPR.

I am going to walk through how to take advantage of Kuberentes and other Cloud Native technologies with the open source project Pachyderm to create data science pipelines that are easy to develop, test, deploy and scale. I will also cover how to use Data Versioning throughout the process to track data changes and understand exactly how your data is changing.


Talk Outline:
1. Introduce the basic concepts of Data Pipelines and Versioning.
2. Create and test a simple model.
4. Scale it up to a production sized workload and automatically have changes deployed in the pipeline.


Speakers
avatar for Samuel Kreter

Samuel Kreter

Software Engineer 软件工程师, Microsoft
Sam Kreter is a software engineer at Microsoft working on the Cloud Native Compute Team focused on Azure Container Instances. Previously, he worked with an SOS Venture incubator company out of Shanghai, China developing a Bitcoin transferring technology. He also worked as a research... Read More →



Thursday November 15, 2018 11:30 - 12:05
2F Room 1

11:30

Deep Dive: CNCF Storage WG - Xing Yang & Quinton Hoole, Huawei
The CNCF Storage Working Group has been exploring how different
storage technologies are used in cloud-native environments, and
has published a draft white paper on our findings.

In this deep dive session we'll present our work thus far, and host
detailed discussions and feedback covering topics including block stores, file
systems, object stores, key-value stores and databases, amongst
others. Common understandings of terminology, classifications and use
cases will be discussed. Different architectural approaches and
designs will be brainstormed and compared in terms of key attributes like
availability, scalability, performance, data consistency, durability,
fault tolerance, ease of development and operational complexity. We
seek to align the community on common understanding, terminology,
classifications and use cases.

Speakers
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President, Futurewei
https://www.linkedin.com/in/quintonhoole/YouTube me for previous presentations.CNCF TOC Member
avatar for Xing Yang

Xing Yang

Lead Architect, OpenSDS
Xing Yang is the Lead Architect of OpenSDS, an open source project under Linux Foundation. Xing is a contributor in Kubernetes and Container Storage Interface (CSI), co-lead of Volume Snapshot project in Kubernetes SIG-Storage, co-author of CNCF Storage Landscape white paper, and... Read More →



Thursday November 15, 2018 11:30 - 12:05
2F Room 4

11:30

Deep Dive: Fluent Bit - Eduardo Silva & Masahiro Nakagawa, Treasure Data
On this deep dive session for Fluentd and Fluent Bit projects, we will dig into the internals of a logging pipeline, performance optimizations and work together in the roadmap for 2019 based on community needs for their production environments. All Fluentd and Fluent Bit users are welcome.

Speakers
MN

Masahiro Nakagawa

Principal Engineer, ARM Treasure Data
Fluentd maintainer
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, Arm / Treasure Data
Eduardo is a Principal Engineer at ARM / Treasure Data. He currently leads the efforts to make logging and data processing more friendly and scalable in Embedded and Containerized systems such as Kubernetes. Maintainer of Fluent Bit, a Fluentd open source sub-project.


Thursday November 15, 2018 11:30 - 12:05
307 A

11:30

Deep Dive: SIG Autoscaling - Marcin Wielgus & Maciej Pytel, Google
Come join members of SIG autoscaling for a deep dive into recent developments on the cluster, horizontal and vertical pod autoscaler. See the autoscalers in actions, learn how they make decisions, and more.

Speakers
MP

Maciej Pytel

Software Engineer 软件工程师, Google
Maciej Pytel works on Kubernetes autoscaling at Google, focusing on Horizontal Pod Autoscaler and Cluster Autoscaler. Prior to Google, Maciej worked on multiple cloud orchestration projects (usually related to OpenStack) at Codilime.Maciej Pytel在Google的Kubernetes autoscaling上工作,专注于Horizontal... Read More →
avatar for Marcin Wielgus

Marcin Wielgus

Senior Software Engineer, Google
Marcin Wielgus is a Senior Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes more than 3 years ago... Read More →


Thursday November 15, 2018 11:30 - 12:05
3M 1

11:30

Deep Dive: SIG Service Catalog - Doug Davis & Jonathan Berkhahn, IBM
Join us for a deep dive into how the Kubernetes Service Catalog works under the covers. Starting with a quick overview of Service Catalog and some of the challenges we faced while bridging the different processing models between Kubernetes and the Open Service Broker API, we will then look at more advanced scenarios and new features from the perspective of cluster operators, application developers and helm chart authors. You’ll come away with a solid understanding of how Service Catalog works and recommended workflows and practices for using it. Finally we would love for anyone considering contributing to stop by and get an introduction to all the parts of Service Catalog, meet the maintainers and learn how to become a contributor!

Speakers
JB

Jonathan Berkhahn

Open Source Contributor, IBM
Jonathan Berkhahn is an open source contributor working on behalf of IBM. He co-chairs SIG Service Catalog and is a Member of the Open Service Broker API working group. He also manages his own open source project Blockhead, an OSB broker for provision blockchain nodes for use by cloud... Read More →
avatar for Doug Davis

Doug Davis

STSM, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →



Thursday November 15, 2018 11:30 - 12:05
3M 3

11:30

Intro: SIG PM (Kubernetes) - Ihor Dvoretskyi, Cloud Native Computing Foundation & Dustin Kirkland, Google
Program, project, and product management in open source software communities represents a significant challenge. Such positions traditionally rely on hierarchical structure to drive work from the executive tier down to the team level, whereas in OSS there is little or no accountability other than that gained through influence and commutative trust. SIG-PM of the Kubernetes community focuses on the aspects described above, and the current session will provide the intro overview of Kubernetes SIG-PM.

Speakers
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate, CNCF
Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation, focused on Kubernetes-related efforts in the open source community.Ihor is a co-founder and co-lead of the Kubernetes Product Management Special Interest Group (SIG-PM), focused on enhancing Kubernetes as... Read More →
avatar for Dustin Kirkland

Dustin Kirkland

Product Manager, Google


Thursday November 15, 2018 11:30 - 12:05
307 B
  • Skill Level Any

11:30

Safely Upgrading Kubernetes Clusters - Chao Xu & Yu Liao, Google
You need to upgrade your Kubernetes clusters to pick up security patches and new features. Are you intimidated? What could go wrong? There are many pitfalls, including but not limited to: API deprecation, mismatching addon versions, deprecated control-plane extensions, incorrect upgrade order, and upgrades in HA setup, etc. The other side of the coin is also worth exploring, if an upgrade goes wrong, how to safely downgrade. This talk gives you a deep dive on the pitfalls, suggests rule-of-thumb, and reviews community efforts on safer upgrades. Attendees will walk away with more confidence in upgrading their Kubernetes clusters.

Speakers
YL

Yu Liao

Staff Software Engineer 主任软件工程师, Google
Yu Liao has been working on developing and deploying kubernetes for over 3 years. He led the design and implementation of deploying large scale, highly available, high performing PaaS based on Kubernetes both on premise and in hybrid cloud. Yu Liao 从事 kubernetes... Read More →
avatar for Chao Xu

Chao Xu

Software engineer, Google
Chao Xu has been a member of Kubernetes SIG apimachinery for more than 4 years. He is one of the top contributors, owning the garbage collector, admission webhooks, etc. Recently, Chao has been focusing on safe Kubernetes upgrades/downgrades. At his free time, Chao is a good table... Read More →



Thursday November 15, 2018 11:30 - 12:05
2F Room 3

11:30

Who's Running My Pods? A Deep Dive into the K8s Container Runtime Interface - Phil Estes, IBM
Kubernetes is far and away the most popular project around container orchestration today. One little known fact to some is that Kubernetes itself has no code to run or manage Linux or Windows containers.

So, what code *is* running the containers within your Kubernetes pods? Since Kubernetes 1.5 a new API contract, the Container Runtime Interface (CRI), allows any container runtime to plug into the kubelet configuration and provide container runtime services for Kubernetes.

In this talk we'll look at the CRI options that exist today, and then deep dive into how the CNCF containerd project and it's CRI-implementing plugin work in concert with Kubernetes to run your pods. This will lead into a deep-dive at the command line, showing via live demos how Kubernetes, the CRI, and CRI-supporting runtimes like containerd work together to handle the container lifecycle operations.

Speakers
avatar for Phil Estes

Phil Estes

Distinguished Engineer & CTO, Container Architecture Strategy, IBM Cloud
Phil is a Distinguished Engineer in the office of the CTO for the IBM Cloud Platform, guiding IBM's architecture strategy around containers and Linux.Phil is a core contributor and maintainer on the Docker engine project where he has contributed key features like user namespace support... Read More →



Thursday November 15, 2018 11:30 - 12:05
302 B

11:30

Layers of Isolation in Kubernetes - Tim Allclair, Google
How much isolation can you reasonably expect between two applications in the same cluster? Should every application have its own namespace? Every service? Between containers, pods, nodes, namespaces, and even clusters, it can be hard to know how to architect a secure system, and what layers of isolation can be depended on.

In this talk we will start at the bottom and build up. You will learn which resources are isolated between two containers in the same pod, and which are not. From there we will explore what changes as the workloads are increasingly separated. You will see examples of real-world attacks, and how these attacks are mitigated at different layers of the stack. By the end, you will have a better understanding of how workloads can and should be separated for your own threat models.

Speakers
avatar for Tim Allclair

Tim Allclair

Software Engineer 软件工程师, Google
Tim Allclair joined the Kubernetes project with Google just after the 1.0 launch in 2015. He co-chairs sig-auth, is an active sig-node contributor, and a member of the Kubernetes Product Security Team (responsible for responding to vulnerabilities in Kubernetes). His most recent charter... Read More →



Thursday November 15, 2018 11:30 - 12:05
302 A
  • Skill Level Any

11:30

Serverless Performance on a Budget - Erwin van Eyk, Platform9
Serverless promises on-demand, optimal performance for a fixed cost. Yet, we see that the current serverless platforms do not always hold up this promise in practice; serverless applications can suffer from cold starts, platform overhead and unreliable performance.

In this talk we will investigate optimizations used in current FaaS platforms and research that helps to optimize the trade-off between cost and performance: function reuse, autoscaling, resource pooling, function locality, predictive scheduling, and autoscaling. Along the way we focus on how users can optimize the Fission FaaS platform to achieve specific goals around latency, throughput, resource utilization and cost.

Following this overview we take a look at the horizon; where lie the opportunities and challenges to make FaaS even faster?

Speakers
avatar for Erwin van Eyk

Erwin van Eyk

Software Engineer, Platform9
Erwin works at the intersection between industry and academia. As a software engineer at Platform9, he contributes to Fission: an open-source, Kubernetes-native, Serverless platform. At the same time, he is a researcher investigating “Function Scheduling and Composition in FaaS... Read More →



Thursday November 15, 2018 11:30 - 12:05
3M 5

12:15

From Containerized Application to Secure and Scaling With Kubernetes - Shikha Srivastava & Erica Brown, IBM
What does it really take to make sure your application is production ready?

With new privacy regulations being added, many aspects need to be taken into account when deciding when to deliver your final application is ready for production.

Can your application handle multiple users with different levels of access?

Can you extend your application to use existing authentication and authorization platforms?

Have you invested in using Mutual TLS for communication between components?

How do you manage the certificates and passwords used within your product?

Is CICD your friend or your enemy when it comes to delivering your product?

Have you considered the availability and scalability of the application?

Shikha and Erica will cover all aspects from start to finish on how to deliver production-ready code.

Speakers
avatar for Erica Brown

Erica Brown

Lead Software Engineer, IBM
I am a Lead Software Engineer at IBM. I have been in the industry for 12+ years. My journey started out as a software support technician. I branched out into being a developer about 5 years afterward. I wanted more of a challenge in writing new things and hopefully not creating... Read More →
avatar for Shikha Srivastava

Shikha Srivastava

Senior Technical Staff Member, IBM
Shikha is a Senior Technical Staff Member (STSM) & a Master Inventor at IBM. She is a lead architect at IBM Cloud Private where she brings her expertise in architecture, design, leadership towards collaboratively creating innovative pragmatic solutions that leads to enabling Hybrid... Read More →



Thursday November 15, 2018 12:15 - 12:50
2F Room 2
  • Skill Level Any

12:15

Istio in Production: Real Customers, Real Solutions - Craig Box, Google
What was so compelling about Istio that people would choose to run it in production at version 0.2 Alpha, just two months after it was released?

In this presentation attendees will learn:
- how different Kubernetes customers have been using it in production for over 12 months
- some of the use cases at Google which inspired Istio
- concrete next steps about how you can integrate Istio into your testing environment and start validating if it's useful for you

Speakers
avatar for Craig Box

Craig Box

Cloud Native Advocacy Lead 云原生支持主管, Google
Craig Box leads the Cloud Native (Kubernetes & Istio) advocacy team at Google Cloud. He has worked with customers and communities since the launch of Kubernetes in 2014, and has delivered talks on 6 continents, including a keynote at KubeCon EU. He is the co-host of the Kubernetes... Read More →


Thursday November 15, 2018 12:15 - 12:50
305 B
  • Skill Level Any

12:15

Operator Framework to Manage Production Grade Stateful Workloads in eBay - Xin Xu & Xinglang Wang, eBay
Containerize big data applications in production environment is a big challenge since these applications require human operational knowledge to correctly operate while protecting against data loss.
In eBay we inspire from the idea of CoreOs Operator pattern, and build a framework to make it easier and agile to manage the multi-component, GEO distributed stateful workloads on Kubernetes.
With this Operator Framework, users could get any applications they required in just one yaml file, databases or message queue or streaming processor. The framework leverage our self-designed workflow engine to deploy the applications across multiple Kubernetes clusters and manage the applications with in-depend components automatically. The management functions like self-healing, scaling, upgrading, configuring are provided to achieve production grade reliability and high availability.

Speakers
avatar for Xinglang Wang

Xinglang Wang

Principle MTS 首席工程师, eBay
Xinglang Wang is an architect in eBay Data platform, he is working on ebay next generation geo-distribute database, and his main focus is the distribution and control layer of the database. Before he is the architect of ebay real-time behaviour data pipeline, focus on real-time stream... Read More →
XX

Xin Xu

MTS1, eBay
Xin Xu is a member of eBay Data Infrastructure team. She is working on ebay next generation geo-distribute database, and also the stateful application management plaform on Kubernetes. Before this, she worked on building eBay near-realtime data platform on eBay private cloud. She... Read More →



Thursday November 15, 2018 12:15 - 12:50
305 A

12:15

Operating Deep Learning Pipelines Anywhere Using Kubeflow - Jörg Schad & Gilbert Song, Mesosphere
Kubeflow makes it very easy for data scientist to build their own data science pipeline with Jupyter Notebooks, TensorFlow, TensorBoard and Model serving. In this talk we will walk through building a production grade data science pipeline using Kubeflow and open source data, streaming and CI/CD automation tools.

Audience will learn about need for data preparation (which is frequently performed using Apache Spark or Apache Flink), data storage (using HDFS, Cassandra), automation via CI/CD (using Jenkins) and request streaming (using Apache Kafka).

In this talk we look at building and operate a complete deep learning pipeline around Kubeflow for multiple tenants and topics such as:

* Data Preparation/Cleansing (using Apache Spark)
* Data and Model Storage
* Model Serving
* Distributed Training
* Monitoring
* Automation using CI/CD
* Infrastructure Management across multiple tenants

Speakers
avatar for Jörg Schad

Jörg Schad

Head of Machine Learning, ArangoDB
Jörg Schad is Head of Machine Learning at ArangoDB. In a previous life, he worked on built machine learning pipelines in healthcare, distributed systems at Mesosphere, and in-memory databases, conducted research in the Hadoop and Cloud area. He’s a frequent speaker at meetups... Read More →
avatar for Gilbert Song

Gilbert Song

Staff Software Engineer, Mesosphere
Gilbert Song, Apache Mesos PMC/Committer, is a Tech Lead at Mesosphere. He has been contributing to Mesos for years and mainly focuses on Mesos Containerization. He holds a Master’s degree in Computer Engineering from University of California, Santa Barbara. He is passionate about... Read More →



Thursday November 15, 2018 12:15 - 12:50
2F Room 1

12:15

Deep Dive: Harbor - Daniel Jiang & Steven Zou, VMware
Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve the image management challenges. In this session, we will cover some advanced features of using Harbor, such as image replication with label filtering, image management in a cloud environment, unified management of Helm chart and container images, and highly-available deployments. Furthermore, the team would love to get feedback from users and contributors about current features and future roadmap.

Speakers
DZ

Daojun Zhang

Staff Software Engineer, VMware
Daojun works as Staff Software Engineer at VMware China R&D Center. He is one of the core contributors for open source project Harbor, an enterprise class Docker Registry server.
avatar for Steven Zou

Steven Zou

Staff Engineer, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open source Project Harbor which is an enterprise-class container image registry as lead engineer and core maintainer. Moreover, he’s doing innovation and incubation of projects on Kubernetes... Read More →


Thursday November 15, 2018 12:15 - 12:50
3M 1

12:15

Deep Dive: Prometheus – Richard "RichiH" Hartmann, SpaceNet & Ben "SuperQ" Kochie, GitLab
Join Prometheus maintainers for an open Q&A about all the nitty gritty details of what makes Prometheus tick. We won't give a programme in advance on purpose; instead, we encourage you to shape our time together by pre-filling our form https://goo.gl/forms/jjn4s0YIfMS2M7N63 or asking during the session.

Speakers
avatar for Richard Hartmann

Richard Hartmann

Monitoring Lead, SpaceNet
Richard "RichiH" Hartmann is a technical architect at SpaceNet, leading both a new datacenter build and monitoring. By night, he is involved in several FLOSS projects, including Debian and Prometheus, and organizing related conferences, including FOSDEM, DENOG, and Chaos Communication... Read More →
avatar for Ben Kochie

Ben Kochie

Staff Developer, Monitor 开发人员、监管人员, GitLab



Thursday November 15, 2018 12:15 - 12:50
2F Room 4

12:15

Deep Dive: SIG Apps - Janet Kuo, Google
SIG Apps is dedicated to all facets of designing, developing, and running applications on Kubernetes. This is a working session and the content will be driven by the interests of the attendees. Topics could involve the workload APIs, tool development, tool interoperability, or any other topic relevant to the space. This is your opportunity to let your ideas help shape the future direction of the community.

Speakers
avatar for Janet Kuo

Janet Kuo

Software Engineer, Google
Janet is a Software Engineer for Google Cloud. She joined the Kubernetes project before the 1.0 launch in 2015. She is the owner of Kubernetes workload APIs and an active SIG Apps contributor. She enjoys speaking at conferences and meetups about Kubernetes and has delivered talks... Read More →


Thursday November 15, 2018 12:15 - 12:50
307 A

12:15

Deep Dive: SIG Cloud Provider - Andrew Sy Kim, DigitalOcean
The long term goal of SIG Cloud Provider is to promote a vendor neutral ecosystem for our community. New vendors providing support for Kubernetes should feel equally empowered to do so as any of today’s existing cloud providers. More importantly, SIG Cloud Provider is focused on ensuring a consistent and high-quality user experience across providers. The SIG acts as a central group for developing the Kubernetes project in a way that ensures all providers share common privileges and responsibilities. As Kubernetes transitions from building all binaries necessary to create and run a Kubernetes cluster, to a new world in which Cloud Providers must supply some additional artifacts (Cloud Controller Manager, e.g.) to most effectively run, one area of concern is around how to manage the build and release process effectively. This deep dive session will be a working session to brainstorm how to manage this effectively. Questions for consideration include: - whether and how to include Cloud Provider e2e tests in the suite of release blocking tests for OSS Kubernetes - how to communicate to end users whether they need and how to obtain additional artifacts - how to manage optional addons and extensions in the validation of Kubernetes (e.g., CoreDNS on Kubernetes on N Cloud Providers), when those ecosystem projects evolve on their own release schedules. Session will begin with suggesting and voting on issues of highest level of interest and urgency, and then open discussion on 3 - 5 topics. Recommended for those working on ecosystem projects, those interested in build and release, and those currently working on Cloud Provider implementations.

Speakers
avatar for Andrew Sy Kim

Andrew Sy Kim

Software Engineer, DigitalOcean
Andrew is a Software Engineer at DigitalOcean and an active member of the Kubernetes community. He is one of the co-chairs of SIG Cloud Provider where he is currently working to extend and customize Kubernetes with a focus on multi-cloud portability and vendor neutrality. At DigitalOcean... Read More →



Thursday November 15, 2018 12:15 - 12:50
3M 3

12:15

Intro: SIG Cluster Lifecycle - Lucas Käldström, Independent; Di Xu, Ant Financial & Alexander Kanevskiy, Intel
Sig Cluster-Lifecycle Intro The Cluster Lifecycle SIG is the Special Interest Group that focuses on cluster deployments and upgrades. Our SIG is trying to improve user experiences on bootstrapping a minimum viable Kubernetes cluster that conforms to best practices. With our primarily installer tool, kubeadm, a streamlined installing and upgrading process can be well managed. We've recently introduced a new Kubernetes object, called Cluster API to bring declarative, Kubernetes-style APIs to cluster creation, configuration, and management. In this introduction session, we will present our SIG's mission statements, review recent updates, and discuss our roadmaps. Some new lifecycle projects are introduced as well. You are very welcome to join in and contribute to our SIG.

Speakers
avatar for Alexander Kanevskiy

Alexander Kanevskiy

Cloud Software Architect, Intel Corporation
Alexander is currently employed by Intel, Open Source Technology Center in Edge and Cloud Stacks team as Cloud Software Architect, focusing on various aspects in Kubernetes: Cluster Lifecycle and Cluster APIs, Device plugins for hardware accelerators, Resource management.Alexander... Read More →
avatar for Lucas Käldström

Lucas Käldström

CNCF Ambassador, Independent
Lucas is a cloud native enthusiast that just graduated from High School. Lucas is serving the Kubernetes community in various lead positions, e.g. as a co-lead for SIG Cluster Lifecycle shepherding kubeadm from inception to GA, porting Kubernetes to multiple platforms and by being... Read More →
avatar for Di Xu

Di Xu

Software Engineer 软件工程师, Ant Financial 蚂蚁金服
Di Xu is working at Ant Financial as a senior software engineer. He is a top50 code contributor and active reviewer in Kubernetes community. He has extensive experience in Kubernetes, Docker and Cloud Computing. He is passionate about open source projects and gets involved in... Read More →



Thursday November 15, 2018 12:15 - 12:50
307 B
  • Skill Level Any

12:15

Large-Scale K8s Cluster Operation and Management - Lv Jiangzhao, JD
JDOS(JD Datacenter Operation System) is the very large-scale container cluster system that running in JD's datacenters across the world. It was designed and developed based on Kubernetes. Today, almost all the JD's business has been deployed and running on JDOS. At present, the number of containers in JD's production environment has been millions. How to manage such large-scale clusters is a challenging issue for JDOS developers and operators. However, JD have only 2 full-time SREs to manage the clusters. This presentation will share some of the following experiences:
1.Node Component's detection and management;
2.Master Component's fault detection and failure recovery, especially for the etcd nodes;
3.How to significantly reduce apiserver requests, in order to build a much larger k8s cluster.

Speakers


Thursday November 15, 2018 12:15 - 12:50
2F Room 3
  • Skill Level Any

12:15

More Than Secure: Containerd + KataContainers as Kubernetes Runtime - Lei Zhang, Alibaba & Fupan Li, HyperHQ
Is your container secure? Are you satisfied with Linux namespaces as your security boundary? In this session, we would like to focus on the design and implementation of how to leverage hardware virtualization based runtime, specifically, the KataContainers, in the Kubernetes cluster by integrating with containerd. The session will demonstrate how we refactored KataContainers as a plugin of containerd, how this runtime plugin handle networking through CRI and solve low performance issue of hypervisor based container runtime with custom volume plugins. This session will introduce design and implementation of CRI as well, which has already triggered the second boom of container runtimes in Kubernetes community. Finally, we will explain why hypervisor runtime is not only about security: legacy applications and hard multi-tenancy, it's the world containerd + KataContainers is rock and roll.

Speakers
FL

Fupan Li

Software Engineer 软件工程师, HyperHQ
Fupan Li currently works at HyperHQ as an Engineer. He has been working at WindRiver in embedded Linux area for about 10 years, mainly focus on Linux Kernel and driver development on X86 architecture. He had involved WindRiver’s Linux development and release from 3.0 to 9.0. And... Read More →
avatar for Lei Zhang

Lei Zhang

Staff Engineer, Alibaba
Lei (Harry) Zhang, Staff Engineer of Alibaba. Lei is a co-maintainer of Kubernetes community, mainly focus on CRI, scheduling, resource mgmt and secure container runtime. Lei was once a member of KataContainers/Hyper team, and a Visiting Researcher at Microsoft Research (MSR). Lei... Read More →



Thursday November 15, 2018 12:15 - 12:50
302 B
  • Skill Level Any

12:15

Hardening Multi-Cloud Kubernetes Clusters as a Service – Dirk Marwinski, SAP SE & Alban Crequy, Kinvolk GmBH
SAP operates Kubernetes clusters at scale. We collaborate with partners to add new features and workloads across multiple cloud providers and on premise.
This activity presents us with the unique challenge to secure clusters for multiple tenants, while taking cloud provider’s security best practices into consideration. In this talk, we share our security journey that we undertook together with Kinvolk and present surprising findings such as information leakages and breaches. We will also show and discuss our hardening activities and countermeasures which we have implemented for operating Kubernetes at SAP.

This talk will be interesting to all conference participants operating Kubernetes. It will help them to think in different directions to identify possibly unknown attack vectors specific to their environment and how to mitigate them.

Speakers
avatar for Alban Crequy

Alban Crequy

CTO 首席技术官, Kinvolk
Originally from France, Alban currently lives in Berlin where he is a CTO & co-founder at Kinvolk. He is a contributor to rkt, a container runtime for Linux, Weave Scope, a container visualization & monitoring tool, and is actively working on BPF-related projects. Before falling into... Read More →
avatar for Dirk Marwinski

Dirk Marwinski

Software Architect, SAP SE
Dirk is software architect and as product owner in charge for multi-cloud Kubernetes security at SAP. Dirk has driven or has been involved in many infrastructure and cloud projects in the past two decades. Dirk is a regular speaker at events and technology conferences.Dirk... Read More →



Thursday November 15, 2018 12:15 - 12:50
302 A
  • Skill Level Any

12:15

Serverless Workflow: Key to Wide Serverless Adoption - Cathy Zhang, Huawei
Serverless platform allows developers to quickly build new applications without spending time on server resource provisioning, scaling, and life cycle management. These tasks are handled by the serverless platform.

To support portability of serverless applications across different serverless platforms, CNCF Serverless Work Group is working on a generic Application Workflow Specification. In this session, Cathy and Rachel will give an overview on the Application Workflow specification. They will show how the user can use the workflow primitives to describe different types of serverless application logic.

The goal of this presentation is to share our work in the Serverless WG and bring people together in the CNCF community to discuss and develop a comprehensive and generic serverless workflow descriptive model that can be used across all types of serverless applications and platforms.

Speakers
avatar for Cathy Zhang

Cathy Zhang

Principal Architect, Huawei
Cathy has over 15 years of software design and development experience. She is currently a chief architect at Huawei’s USA Cloud Computing Lab. Her expertise includes Serverless Cloud Platform, Network Service and Virtualization, SDN, OpenStack, etc.. She is a key member of the Serverless... Read More →


Thursday November 15, 2018 12:15 - 12:50
3M 5

12:45

Live Demo of Using KubeEdge and KubeGene - Jun Du & Shengjun Tang, Huawei
KubeEdge is an open source runtime for application management and communications with clouds deployed at the edges. KubeGene is the open source framework provisioning genomic sequencing capability. In this demo, we will demonstrate the installation and management of these two frameworks, and their usage to resolve real cases like picture recognition and genomic sequencing, respectively.

Speakers
avatar for Jun Du

Jun Du

Senior Software Engineer 高级软件工程师, Huawei
Jun Du is Senior Software Engineer at Huawei PaaS team, working on cloud computing, containers orchestration. He is a codebase approver, milestone maintainer, subproject owner and product manager of Kubernetes. The focus of his contributions has been on network and scheduling areas... Read More →
avatar for Shengjun Tang

Shengjun Tang

Senior Software Engineer 高级软件工程师, Huawei
Huawei Cloud architect, more than 10 years of work experience. At present, he is the technical leader of Huawei cloud application orchestration service and gene container field, leading cloud service catalog, application orchestration, and genetic container architecture design. He... Read More →


Thursday November 15, 2018 12:45 - 13:05
Demo Theater, Sponsor Showcase
  • Skill Level Any

12:50

Lunch
Enjoy lunch in the Sponsor Showcase. Lunch is included with your conference registration.  

Thursday November 15, 2018 12:50 - 14:20
1F

12:50

Women's Lunch (Pre-Registration Required to Attend)

Please RSVP here!

Women’s Lunch
Join other women attending KubeCon + CloudNativeCon China for conversation during lunch. Attendees will have an opportunity to get to know one another and network with other women in the tech industry from around the globe. Space is limited and registration is required.

Date: Tuesday, November 15
Time: 12:50 – 14:20
Location: Room 3M2, Shanghai Convention & Exhibition Center of International Sourcing

RSVP HERE

Thursday November 15, 2018 12:50 - 14:20
2F | North Entrance (back of hall)

13:00

Meet the Maintainer: Prometheus - Ben Kochie, GitLab & Richard Hartmann, SpaceNet AG
Speakers
avatar for Richard Hartmann

Richard Hartmann

Monitoring Lead, SpaceNet
Richard "RichiH" Hartmann is a technical architect at SpaceNet, leading both a new datacenter build and monitoring. By night, he is involved in several FLOSS projects, including Debian and Prometheus, and organizing related conferences, including FOSDEM, DENOG, and Chaos Communication... Read More →
avatar for Ben Kochie

Ben Kochie

Staff Developer, Monitor 开发人员、监管人员, GitLab


Thursday November 15, 2018 13:00 - 14:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

13:00

Envoy Community Hackathon
Thursday November 15, 2018 13:00 - 16:00
3M2

13:15

Tencent Big Data AI on K8S Best Practice - Junjie Chen & Shengbo Song, Tencent
Kubernetes As of Spark 2.3, Spark can run on clusters managed by Kubernetes. we will explore the best practices about running Spark SQL on Kubernetes upon Tencent cloud includes how to deploy Kubernetes against public cloud platform to maximize resource utilization and how to tune configurations of Spark to take advantage of Kubernetes resource manager to achieve the best performance.

Meanwhile, the Kubernetes and Tensorflow are playing an important role in machine learning, many companies have deployed the machine training programs on Kubernetes. However, the original Kubernetes doesn't serve machine learning well, lacks some features for GPU device. In this presentation, we will also talk about the enhancement have been made to Kubernetes in Tencent including GPU topology awareness and GPU elastic resource management.


Speakers
JC

Junjie Chen

Senior Software Engineer 高级软件工程师, Tencent
Chen, Junjie is working as Senior Software Engineer In Tencent Cloud. He has been working on big data and cloud area over several years and has rich experiences on SQL on Hadoop area. Currently, he is participating data warehouse project from Tencent Cloud. Chen Junjie... Read More →
avatar for Shengbo Song

Shengbo Song

Software Engineer 软件工程师, Tencent
Shengbo Song has been working for 3 years at Tencent on making GPU applications easier to deploy and manage in data clusters. He focus on supporting GPU-accelerated frameworks in container orchestration systems such as Kubernetes. He holds an B.S in computer science from Harbin Institute... Read More →


Thursday November 15, 2018 13:15 - 13:35
Demo Theater, Sponsor Showcase
  • Skill Level Any
  • Link to YouKu Video Recording Chen, Junjie is working as Senior Software Engineer In Tencent Cloud. He has been working on big data and cloud area over several years and has rich experiences on SQL on Hadoop area. Currently, he is participating data warehouse project from Tencent Cloud.<br /> <br /> Chen Junjie 现任腾讯云高级软件工程师。他在大数据和云服务领域工作多年,拥有丰富的 Hadoop SQL 经验。目前他参与了腾讯云发起的数据仓库项目。

13:45

Easy Way to Manage Kubernetes Clusters - Peng Jiang, Rancher Labs
| Installing Kubernetes cluster with different tools
l  Quota management
l  Node management
l  Workloads and service management
l  User management
l  Auditing Kubernetes
l  Build pipeline on Kubernetes
l  Application management in Kubernetes

Speakers
avatar for Peng Jiang

Peng Jiang

Technical Director of Rancher Labs in Greater China, Rancher Labs
Peng Jiang, Technical Director of Rancher Labs in Greater China. Former Microsoft Senior Technical Project Manager and Solution Specialist, Citrix's Chief Consultant. More than 10 years' work experience in unified communications, application delivery, virtualization, cloud computing... Read More →


Thursday November 15, 2018 13:45 - 14:05
Demo Theater, Sponsor Showcase
  • Skill Level Any

14:10

Cloud Native Application Management and Service Mesh Across Multi-Cloud - Liu Guang Ya, IBM
We will introduce and demo how does IBM Multicloud Manager help you to manage multiple Kubernetes clusters across private and public cloud, including visibility across multi-cloud infrastructures, application deployment across different clusters, service mesh across multiple clusters etc.

Speakers
avatar for Guang Ya Liu

Guang Ya Liu

Senior Technical Staff Member, IBM
Guang Ya Liu is a Senior Technical Staff Member (STSM) for IBM Cloud Private and is now focusing on cloud computing, container technology, and distributed computing. He is also a member of the IBM Academy of Technology. He used to be an OpenStack Magnum Core member from 2015 to 2017... Read More →



Thursday November 15, 2018 14:10 - 14:30
Demo Theater, Sponsor Showcase
  • Skill Level Any

14:20

Challenges and Solutions of Using Kubernetes for Blockchain Applications - Tong Li, IBM
Kubernetes easily allowed for users to scale up and down the resources used by their application, which makes it a good fit for both proof-of-concept and product ready usage. Blockchain applications require a lot of compute power and storage and introduce their own set of unique challenges when running in a containerized environment.
In this talk, Tong will provide a brief introduction to the Blockchain and Hyperledger Fabric technologies and then dive into how they can be successfully deployed and managed on more K8S cloud providers (e.g. IKS, GKE and AKS). Highlighting the challenges Blockchain poses for networking, storage and CPU resources, he will then discuss the solutions he developed for each and how you can leverage them yourselves - finally, touching on what possible features might be needed in the future to make K8S even more robust for these compute intensive applications.

Speakers
TL

Tong Li

Senior Software Engineer, IBM
Tong Li is a senior engineer at IBM. He has been a software architect, developer, deployer, operator, advocator and a consultant through his professional career. His main focuses in recent days have been cloud computing, social software and Blockchain technologies. He is very passionate... Read More →



Thursday November 15, 2018 14:20 - 14:55
2F Room 2
  • Skill Level Any

14:20

Running Vitess on Kubernetes at Massive Scale: JD.com Case Study - Jiten Vaidya, PlanetScale & Xin Lv, JD.com
Vitess was one of the first cloud-ready relational database systems. It served massive qps at Youtube on Borg - Google’s internal cloud orchestration software, and the precursor to Kubernetes. It has been 8 years since Vitess first served traffic at Youtube, and now many companies around the world depend on Vitess to serve production data at scale. Vitess is used on premise, in the cloud, on bare-metal or on orchestration frameworks like Kubernetes.

PlanetScale’s co-founder & CEO, Jiten Vaidya, will present the Vitess features that make it a natural for cloud orchestration environments such as Kubernetes.

Xin Lv from JD.com will present JD’s work on using and enhancing Vitess on JD's e-commerce platform. Specifically, he will show how JD uses Vitess to manage large volumes of complex transitional data to serve massive qps on one of the largest Kubernetes platforms in the world.



Speakers
avatar for Xin Lv

Xin Lv

Senior Architect of Technical Infrastructure Group 技术架构部资深架构师, JD.com
Xin Lv is a senior architect in the Technical Architecture Department of Jingdong Mall, and has extensive experience in R&D, application and integration in databases, big data and other related fields. He has led and developed a large number of products in the database and big data... Read More →
avatar for Jiten Vaidya

Jiten Vaidya

CEO, PlanetScale
Jiten Vaidya is co-founder and CEO at PlanetScale (http://planetscale.com), a company that supports Vitess (http://vitess.io). For most of his career, he worked as a backend infrastructure engineer and manager at companies such as Dropbox, YouTube and Google. It was at YouTube, where... Read More →



Thursday November 15, 2018 14:20 - 14:55
305 B
  • Skill Level Any

14:20

Cluster API Deep Dive With a Tencent Case Study - Feng Min, Google & Zhiguo Hong, Tencent
The Cluster API is a Kubernetes project to bring declarative, Kubernetes-style APIs to cluster management. It provides optional, additive functionality on top of core Kubernetes. It tries to address the fragmented infrastructure layers in the current stack.

In this joint talk, Feng Min will go over the state of infrastructure today, and see how cluster API fit into the picture. Feng will also look at the structure of cluster api for things like Machine Set/Machine Deployment, and check out how they can help out the common cluster operation like upgrade. As a case study, Zhiguo Hong will talk how tencent cloud support get integrated, and how cluster-api can be applied to manage k8s cluster in tencent cloud.

The audience will walk away with a clear understanding of cluster-api architecture, and how current cluster management can be transformed into cluster-api world.

Speakers
ZH

Zhiguo Hong

Architect 架构师, Tencent
ZhiguoHong is now the architect of PaaS division, Tencent Cloud. Before that, he has been associate priciple engineer in storage system at EMC. He also got rich experience in networking technology at Siemens and Nokia-Siemens-Networks. He used to be an active contributor to Linux... Read More →
avatar for Feng Min

Feng Min

Staff Software Engineer 主任软件工程师, Google
Feng works on Kubernetes in Google as a staff software engineer. Prior to k8s, Feng worked on core virtualization for Google Compute Engine. Before that, he was senior software engineer in Microsoft focusing on Kernel, File system and Storage. Feng earned a BS in Computational Math... Read More →



Thursday November 15, 2018 14:20 - 14:55
305 A

14:20

Kubeflow From the End User’s Perspective: The Good, The Bad, and The Ugly - Xin Zhang, Caicloud
Kubernetes has become the most popular open-source container orchestration platform for managing cloud-native workloads. Furthermore, given the ubiquitousness of Artificial Intelligence (AI), Kubeflow has risen as a new open-source project tailoring Kubernetes to optimize for Machine Learning (ML) stacks, solving the devops chores and performance bottleneck usually plaguing a production ML system.

Despite the promise, we (as a contributor to Kubeflow) have identified glitches of Kubeflow when being applied in the wild. We have surveyed 50+ real Kubeflow users (both system administrators and machine learning developers) from our enterprise customers. We will share how Kubeflow solves their pain-points, what pitfalls and disappointments they encountered in daily usage scenario, and how to evolve Kubeflow to be more practical and generally applicable.

Speakers
avatar for Xin Zhang

Xin Zhang

CEO 首席执行官, Caicloud
Xin is currently CEO and co-founder of Caicloud (https://caicloud.io), a startup that fosters Kubernetes community in China (https://kubeacademy.caicloud.io) and provides Kubernetes-based products and services for Chinese enterprises. His team has helped tens of well-known Chinese... Read More →


Thursday November 15, 2018 14:20 - 14:55
2F Room 1
  • Skill Level Any

14:20

Deep Dive: Jaeger - Prithvi Raj Venkat Raj & Won Jun Jang, Uber
This session is dedicated to an in-depth understanding of the Jaeger project. We will give a short demo of the recently added features, talk about various topics including the architecture, adaptive sampling, multi-tenancy, and configuration, and review the roadmap for the upcoming year. After this session the attendees should better understand the Jaeger architecture and be ready to make contributions to the project.

Speakers
avatar for Won Jun Jang

Won Jun Jang

Senior Software Engineer, Uber
Last he checked, Won is a software engineer working on distributed tracing and other observability related applications at Uber. Have questions about observability? Let's chat.
PR

Prithvi Raj

Software Engineer, Uber
All Things Tracing!



Thursday November 15, 2018 14:20 - 14:55
3M 3

14:20

Deep Dive: Kubernetes Policy WG - Torin Sandall, Styra & Da Ma, Zhipeng Huang, Huawei
The deep dive session of the Kubernetes Policy WG will consists of three sub-topics:
- kube-batch and the policy requirements, Da Ma
- Introduction of Azure Policy Controller, Torin Sandall
- Container Policy Interface Proposal, Zhipeng Huang

Speakers
avatar for Zhipeng Huang

Zhipeng Huang

Principle Engineer, Huawei
Zhipeng Huang currently serve as open source operation manager for Huawei. Zhipeng have been involved with various major open source communities and is now the PTL of OpenStack Cyborg project, co-chair of OpenStack Public Cloud WG, and co-lead of the Kubernetes Policy WG.Zhipeng Huang... Read More →
avatar for Da Ma

Da Ma

Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader, Huawei
Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader. Jilin University master’s degree, majoring in grid computing and distributed system. After graduation, he focus on resource management, resource scheduling in distributed system. Kubernetes Maintainer,SIG-Scheduling联合负责人,kube-batch... Read More →
avatar for Torin Sandall

Torin Sandall

Software Engineer, Styra
Torin Sandall is a co-founder of the Open Policy Agent (OPA) project. Torin has spent 10 years as a software engineer working on large-scale distributed systems projects. Torin is a frequent speaker at events like KubeCon, DockerCon, Velocity, and more. Prior to working on OPA, Torin... Read More →


Thursday November 15, 2018 14:20 - 14:55
307 B

14:20

Deep Dive: Kubernetes SIG Multicluster - Quinton Hoole & Irfan Ur Rehman, Huawei
Multi-cluster Federation Deep Dive: Multi-cluster Federation is an API and control plane that actively manages multiple Kubernetes clusters and applications in those clusters. Federation v1's API mirrored the Kubernetes API directly, using annotations to achieve necessary multi-cluster extensions. Federation v2.0, now in Alpha, has it's own Multi-cluster aware API, and a more and a more customizable control plane composed of lower level re-usable building blocks. In this deep dive, we will discuss the existing API and control plane architecture, and it's primary target use cases. But most of all we would like to solicit input on what other use potential cases exist, and what additions or amendments might be required to make Multicluster Federation even more generally useful for your real-world stuff.

Speakers
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President, Futurewei
https://www.linkedin.com/in/quintonhoole/YouTube me for previous presentations.CNCF TOC Member
IU

Irfan Ur Rehman

Senior Engineer, Huawei
Irfan is a senior engineer with Huawei Technologies and is currently associated with the cloud platforms team. In his current role he is part of the engineering group that works as a bridge between the kubernetes open source project and Huawei's adaptation of the same in its cloud... Read More →


Thursday November 15, 2018 14:20 - 14:55
2F Room 4

14:20

Deep Dive: Rook - Jared Watts, Upbound
In this talk, we will be taking a deep-dive through the architecture of the Rook project. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. We will learn about the various extension mechanisms of Kubernetes as well as patterns like controllers/operators, resource management, and rolling upgrades to understand how to build a fully automated storage solution for cloud-native environments. We’ll also dive into how operators are built and orchestration is performed for some specific storage solutions such as Ceph, CockroachDB, Minio and NFS. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.

Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by "freeing the cloud" and is also a maintainer for the open source Rook project (https://rook.io/). Before Upbound, he worked on innovative storage projects at Quantum Corp. and... Read More →



Thursday November 15, 2018 14:20 - 14:55
3M 1

14:20

Model and Operate Datacenter by Kubernetes at eBay - Xiaogang Xin & Tommy Mei, eBay
Kubernetes provides amazing model abstraction of your application. Kubernetes also runs a group of controllers that take care of routine tasks to ensure the desired state of the application matches the observed state. However, would you think Kubernetes can even model your datacenter in large scale and also operate the datacenter through controllers? This is true in eBay. We are facing large scale clusters running on tens of thousands machines. We want a central service, a unified interface to operate both infrastructure and application.
We are leveraging on Kubernetes CRD to model our infrastructure, such as, Rack, L2Domain, NetworkScope, Asset, Flavor, etc. And we also use Kubernetes CRD to model K8sCluster as well. In this talk, we will share how we model datacenter from 3 layers:
- Fleet management
- Configuration management
- K8S cluster management

Speakers
TM

Tommy Mei

Platform Reliability Engineering Manager, eBay
avatar for Xiaogang Xin

Xiaogang Xin

Cloud Engineering Manager 云工程师经理, eBay
Xiaogang Xin is the manager of eBay Cloud team. He has worked in infrastructure cloud area for many years, with deep understanding of Kubernetes and its enterprise-level transformation. He is currently responsible for large scale Kubernetes cluster DevOps at eBay which host complex... Read More →



Thursday November 15, 2018 14:20 - 14:55
2F Room 3

14:20

Deep Dive of Windows Containers on Kubernetes - Pengfei Ni, Microsoft
Kubernetes is becoming standard to build and manage cloud-native applications in production. And so is Windows server applications. Windows containers support has been advanced to beta since v1.9 and is keeping its steps towards GA.

This topic will present a deep dive of Windows container on Kubernetes, which includes

- the status of Windows containers on Kubernetes
- how Windows containers work, e.g. clustering, networking and storage
- known issues and mitigations
- the future of Windows containers

Speakers
avatar for Pengfei Ni

Pengfei Ni

Senior Software Engineer, Microsoft
Pengfei Ni is a senior software engineer at Microsoft Azure and maintainer of the kubernetes project. He has extensive experience in Cloud Computing, Kubernetes and Software Defined Networking (SDN). He has given presentations on KubeCon China 2018, ArchSummit 2018, LC3 2018, and... Read More →



Thursday November 15, 2018 14:20 - 14:55
302 B
  • Skill Level Any

14:20

Istio Certificate Management Through Vault - Lei Tang & Yonggang Liu, Google
In this talk, we present the design and implementation of a new Istio certificate management system that uses Vault to securely manage Istio certificates. First, we introduce the identity system in Istio and the current architecture of Istio certificate management system. Next, we present the architecture of the new Vault-based Istio identity system with the details of its authentication and authorization mechanisms for issuing Istio certificates. We will go through a detailed example flow from a pod in Istio requesting a certificate to Vault signing the certificate request. Lastly, we will make a demo of the new Istio certificate management system.

Speakers
avatar for Yonggang Liu

Yonggang Liu

Senior Software Engineer, Google
Dr. Oliver (Yonggang) Liu is a senior software engineer in Google. He is one of the early developers and core engineers of Istio. Oliver has 10 years of experience in research and development of distributed systems and service mesh. Oliver received his PhD degree from University of... Read More →
avatar for Lei Tang

Lei Tang

Software Engineer 软件工程师, Google
Dr. Lei Tang is a software engineer of Google. His current projects include cloud service mesh and cloud service platforms. He received his Ph.D. degree in Computer Science from Rice University. He was the recipient of the Best Paper Award of the 12th ACM International Symposium on... Read More →



Thursday November 15, 2018 14:20 - 14:55
302 A
  • Skill Level Any

14:20

Serverless Computing for E-Commerce Applications on JD Kubernetes Platform - Yuan Chen & Xin Tong, JD.com
Fibonacci is an enterprise level serverless computing service on JD.com’s e-commerce platform. It is built on top of OpenFaaS and includes significant enhancements and new features that make it suitable for large scale production use. Specifically, Fibonacci provides seamless integration into JD’s internal container cloud platform, the world’s largest Kubernetes production cluster. The new features include FaaS-optimized elastic scheduling, web control panel and GPU support. Fibonacci has been powering applications on JD Mall, such as intelligent product image processing, automated IT operations and chatbot, greatly simplifying the application development and deployment, and improving resource efficiency. We will present Fibonacci’s design and implementation, share our experience and lessons in developing and applying serverless computing to large scale e-commerce platforms.

Speakers
avatar for Yuan Chen

Yuan Chen

Principal Architect, JD.com
Yuan Chen is a Principal Architect at JD Silicon Valley R&D Center. He has 15+ years of research and industrial experience in the areas of large scale distributed systems, cloud computing and cluster management. His current work focuses on efficient resource management for cloud native... Read More →
avatar for Xin Tong

Xin Tong

Architect 架构师, JD.com
Xin Tong is an architect of the JD Mall Infrastructure Group at JD.com. He is currently leading the development of a serverless computing service for enterprise and e-commerce applications on JD’s Kubernetes platform. Xin began working in the IT industry in 2005 and worked as a... Read More →



Thursday November 15, 2018 14:20 - 14:55
3M 5

15:00

Meet the Maintainer: Prometheus - Ben Kochie, GitLab & Richard Hartmann, SpaceNet AG
Speakers
avatar for Richard Hartmann

Richard Hartmann

Monitoring Lead, SpaceNet
Richard "RichiH" Hartmann is a technical architect at SpaceNet, leading both a new datacenter build and monitoring. By night, he is involved in several FLOSS projects, including Debian and Prometheus, and organizing related conferences, including FOSDEM, DENOG, and Chaos Communication... Read More →
avatar for Ben Kochie

Ben Kochie

Staff Developer, Monitor 开发人员、监管人员, GitLab


Thursday November 15, 2018 15:00 - 16:00
Meet the Maintainer Lounge, Sponsor Showcase
  • Skill Level Any

15:05

Run Cluster Autoscaler on Your Own Cloud; or, Why Do We Need Cluster API? - Aleksandra Malinowska, Google
A Kubernetes cluster consists of a set of nodes. No matter where it is running, managing the workloads within it remains the same thanks to standard APIs. But what if you want to change the size of the cluster itself?

In the cloud, Cluster Autoscaler can automatically shrink or expand Kubernetes clusters. To do this, it needs to reach beyond the cluster and interact with the environment where it’s running. It has built-in support for several clouds, but what if you’re running on a different one?

In this talk, we’ll walk through making cluster autoscaling work for a new cloud environment. We’ll start with the critical subset of functionality required for basic support and continue with enabling optional features. At the end, we’ll take a look at the future, and see how Cluster API will change all of this.

Speakers
AM

Aleksandra Malinowska

Software Engineer, Google
Aleksandra Malinowska is a software engineer on Kubernetes autoscaling team at Google. She's a co-maintainer and contributor to Cluster Autoscaler. Aleksandra Malinowska 是谷歌 Kubernetes 自动扩展团队的软件工程师。她是 Cluster Autoscaler... Read More →


Thursday November 15, 2018 15:05 - 15:40
2F Room 2
  • Skill Level Any

15:05

PetroChina: Big Oil’s Information System on Cloud Native Technology – Hui Chi, PetroChina & Kai Chen, Alauda
As a world-class comprehensive energy company, PetroChina has chosen the industry leading technology platform from Kubernetes - not only to eliminate information isolation, but also to enhance interconnectivity and mining through info-connectivity.
 
How does  Kubernetes help PetroChina build the Cloud Native platform to achieve the following goals?
-Quickly iterate the intelligent Exploration Information System
-steadily standardize the management system
-standard workflows
-Visualization of the operation situation
-Intelligent failure analysis
-Automatic maintenance operation
-Digital quality assessment
 
The project scope concurs five major platform modules, including general purpose platform technology, software development and software operation (DevOps), microservice, middleware and data lake service. It's worth mentioning that, this is the largest container project to budget ever in China.

Speakers
avatar for Kai Chen

Kai Chen

CTO 首席技术官, Alauda
Kai has 15 years of experience with hyper-scale, enterprise-grade computing platform development. As its co-founder and CTO, Kai currently leads all engineering efforts at Alauda, which offers Enterprise Container-as-a-Service, and focuses on delivering DevOps best practices and Continuous... Read More →
HC

Hui Chi

CNPC Technical Director, PetroChina



Thursday November 15, 2018 15:05 - 15:40
305 B
  • Skill Level Any

15:05

Adventures in Conformance - Aaron Crickenberger, Google
What is Kubernetes, really? Documents may say one thing, but running code will always win. Our community thus defines what Kubernetes is via conformance tests that exercise functionality expected of any given Kubernetes cluster.

Last year the CNCF introduced the Certified Kubernetes Conformance Program that uses these tests to certify whether a given Kubernetes distribution or platform is behaving as expected. What have learned as over 60 vendors have certified their Kubernetes?

This talk will walk you through the progress we’ve made over the past year in improving the fidelity of conformance tests, and how they are integrated into both upstream and downstream development. The audience should leave this talk knowing what guarantees conformance tests provide, how they can use them, and how they can contribute.

Speakers
avatar for Aaron Crickenberger

Aaron Crickenberger

Senior Test Engineer 高级测试工程师, Google
Aaron has been involved in open source since 2007, cloud since 2009, and Kubernetes since 2015. He was elected to the Kubernetes Steering Committee in 2017.He co-founded the Kubernetes Testing SIG, and actively contributes in the Architecture, Contributor Experience, Release, and... Read More →



Thursday November 15, 2018 15:05 - 15:40
305 A

15:05

Machine Learning on Kubernetes Birds of a Feather - David Aronchick
A birds of a feather meeting discussing the best practices for getting machine learning solutions up and running, and managing them at scale. We will talk about the entire pipeline of machine learning, from data ingestion all the way to serving in production, and every step in between.

Speakers
avatar for David Aronchick

David Aronchick

Program Manager, Microsoft
David leads Open Source Machine Learning Strategy at Azure. This means he spends most of his time helping humans to convince machines to be smarter. He is only moderately successful at this. Previously, David led product management for Kubernetes at Google, launched GKE, and co-founded... Read More →


Thursday November 15, 2018 15:05 - 15:40
2F Room 1
  • Skill Level Any

15:05

Deep Dive: CNCF Serverless WG / CloudEvents - Doug Davis, IBM & Clemens Vasters, Microsoft
This will be a follow-on to the intro - be a bit more of an in-depth discussion and more of a future looking session. It will also include a longer Q&A session allowing the audience to dig deeper on the technical details. More info later....

Speakers
avatar for Doug Davis

Doug Davis

STSM, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →
avatar for Clemens Vasters

Clemens Vasters

Principal Architect, Azure Messaging, Microsoft
Clemens Vasters is Lead Architect in Microsoft’s Azure Messaging team that builds and operates a fleet of hyper-scale messaging services, including Event Grid, Service Bus, and Event Hubs. Clemens represents Microsoft in messaging standardization in OASIS (AMQP) and CNCF (CloudEvents... Read More →



Thursday November 15, 2018 15:05 - 15:40
3M 3

15:05

Deep Dive: containerd - Derek McGowan, Docker & Mike Brown, IBM
Come learn about the internals of containerd that make it extensible, efficient, and stable. We will discuss the gRPC APIs used to communicate with containerd, the smart client model, the pluggable runtime interface, and the provided components that enable pulling, unpacking, and running a container image. For container runtime providers, learn about the v2 runtime shim API and integrating your own runtime. For those with custom storage needs, learn about developing plugins to build your own snapshotter and content store. We will include examples from CRI, Docker, and Moby’s buildkit.

Speakers
avatar for Mike Brown

Mike Brown

Containerd Maintainer, IBM
Open Source Software Engineer, Containerd, OCI, Kubernetes, container runtimes, IBMer, github.com/IBM/cap, Inventor, Coach, PC Gamer, and Proud Father.
avatar for Derek McGowan

Derek McGowan

Software Engineer, Docker


Thursday November 15, 2018 15:05 - 15:40
3M 1

15:05

Deep Dive: Falco - Jorge Salamero Sanz, Sysdig
In any Cloud Native architecture, there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk, we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream. Finally, we will cover how to create additional event streams leveraging the generic implementation Falco provides. Attendees will gain a deep understanding of Falco’s architecture, and how it custom Falco for additional events sources. 

Speakers
avatar for Jorge Salamero Sanz

Jorge Salamero Sanz

Technical Marketing Manager, Sysdig
Jorge enjoys monitoring all the things, from his Docker containers and Kubernetes clusters to writing sensors plugins for DIY IoT projects with Raspberry PI and ESP8266. Currently he is part of the Sysdig team, and in the past was one of the promoters of HumanOps and a Debian developer... Read More →


Thursday November 15, 2018 15:05 - 15:40
2F Room 4

15:05

Deep Dive: gRPC - Yuxuan Li, Google
gRPC-Go is a native implementation of gRPC spec in Go language, with rich features and flexible APIs. To fully exploit the power of gRPC-Go and be able to debug issues, one needs knowledge about how gRPC-Go is designed, the various support it provides and the flexibility of customization it offers. This presentation will dive into the architecture of gRPC-Go, mainly the surface (gRPC) layer, transport layer, resolver component and balancer component. It will also include a brief introduction to key gRPC features such as binary logging, channelz (runtime debugging), service config and rpc retry along the way.

Speakers
avatar for Yuxuan Li

Yuxuan Li

Software Engineer, Google
Yuxuan Li is a Software Engineer at Google. She focuses on the development of gRPC-Go(https://github.com/grpc/grpc-go), which is an open-source RPC framework written natively in Go language.


Thursday November 15, 2018 15:05 - 15:40
307 B

15:05

Deep Dive: SIG Release - Tim Pepper, VMware
This session on the Release Special Interest Group will give a brief overview of the kubernetes release process and then shift focus to open discussion of portions of this process which give value to kubernetes vendors, distributors, and service providers, and portions of this process which could use enhancing to give better value. Input from the Chinese portion of our vendor ecosystem is especially sought.

Speakers
avatar for Tim Pepper

Tim Pepper

Open Source Engineer, VMware
Tim is a software engineer with over 20 years open source development experience. He is currently a member of VMware’s Open Source Technology Center acting as an open source developer advocate and contributing to upstream projects such as Kubernetes, where most recently he’s served... Read More →



Thursday November 15, 2018 15:05 - 15:40
307 A

15:05

Experiences From Running Istio in a K8s Production Environment - Line Moseng, Norwegian Labour and Welfare Administration & Johnny Horvi, NAV
The Norwegian Welfare Administration has gone from on-prem only Kubernestes clusters to also run production applications in the public cloud. On this journey, we have taken Istio into our open source platform.

In this presentation, we will talk about our experiences from running Istio in a multi-cloud production environment consisting of clusters on-premise and Google Kubernetes Engine. We will focus on how we use Istio to control the traffic between services, Mutual TLS, Istio RBAC, describe the challenges we have had on our way and how we solved them.

Speakers
JH

Johnny Horvi

Developer 研发员, NAV
Johnny is working as a developer for the Norwegian Labour and Welfare Administration, currently building their Kubernetes-based application platform. Previously he's held talks at JavaZone and local meetups. Johnny... Read More →
avatar for Line Moseng

Line Moseng

Developer 研发员, Norwegian Labour and Welfare Administration
Line is working for NAV - the Norwegian Welfare Administration, developing a Kubernetes based, open source platform, nais.io. She has been volunteering for the Norwegian initiative to teach kids programming (Lær Kidsa Koding) since 2013, where she is leading the #HourOfCode project... Read More →



Thursday November 15, 2018 15:05 - 15:40
2F Room 3

15:05

Understanding Windows Container Network in Kubernetes Using a Real Story - Cindy Xing, Huawei & Dinesh Kumar Govindasamy , Microsoft
For enterprise companies, there are tons of existing Windows application assets in their IT environment. Windows container technology is new and the kernel is quite different from Linux. Running Windows applications natively in a Kubernetes Windows container cluster is very challenging especially in the network area.

In this presentation, Cindy and Dinesh will do a deep dive into the Windows container network technology. They will compare Windows container network mechanisms with Linux ones and make visual analogies. Using a real world case study, a sample implementation of a Kubernetes Windows CNI plugin along with network troubleshooting tips will also be walked through.

Speakers
avatar for Dinesh Kumar

Dinesh Kumar

Principal Software Engineering Manager 首席软件工程师经理, Microsoft Corportation
Dinesh currently works as a Principal Engineering Manager @ Microsoft. He leads a development team that focusses on Windows Container networking for Kubernetes & Docker; and Software Defined Network stack for Windows server. Dinesh has 15 years of industry experience focusing on software... Read More →
avatar for Cindy Xing

Cindy Xing

Senior Cloud Software Architect 高级云软件架构师, Futurewei
Cindy Xing currently works at Futurewei as a Senior Cloud Software Architect.She focuses on building public Cloud Service infrastructure.Her interest area includes Kubernetes, container, Windows and Edge technologies.Before Futurewei, Cindy worked as a Senior software engineer and... Read More →



Thursday November 15, 2018 15:05 - 15:40
302 B

15:05

The State of Your Supply Chain - Andrew Martin, ControlPlane & Maya Kaczorowski, Google
Container security often focuses on runtime best-practices whilst neglecting the software shipped in the supply chain. Application or library vulnerabilities are a likely route to data exfiltration, and containers offer a new opportunity to mitigate this risk.

Treating containers as immutable artefacts allows us to "upgrade" images by rebuilding and shipping whole images, avoiding configuration drift and state inconsistencies. This makes it possible to constantly patch software, and to easily enforce what is deployed into our environments.

In this talk we detail an ideal software supply chain, describe the current state of the ecosystem, and dig into specific tools. Grafeas, Kritis, in-toto, Clair, Micro Scanner, TUF, and Notary are covered, and we demo how to identify a vulnerable image then automatically rebuild and redeploy it.

Speakers
avatar for Maya Kaczorowski

Maya Kaczorowski

Product Manager, Google
Maya is a Product Manager in Security & Privacy at Google, focused on container security, specifically container runtime security. She's published several blog posts on container security, and has talked on many security topics, including supply chain security, runtime security, secret... Read More →
avatar for Andrew Martin

Andrew Martin

Co-founder, Control Plane
Andrew has a strong security engineering ethos gained architecting and deploying high-traffic web applications. Proficient in systems development, testing, and operations, he is comfortable profiling and securing every tier of a bare metal or cloud native application, and has battle-hardened... Read More →



Thursday November 15, 2018 15:05 - 15:40
302 A

15:05

Botless: A Serverless Chatbot Framework - Scott Nichols, Google
Botless is a serverless powered, CloudEvents connected chatbot framework. This talk will introduce the chatbot framework and describe the methodology for building highly extensible application using emerging compute and eventing technologies that are cloud provider agnostic.

Speakers
avatar for Scott Nichols

Scott Nichols

Software Engineer 软件工程师, Google
Scott Nichols is a Googler focused on making it easy to create and understand portable event driven serverless workloads. This work is done through Knative Eventing and CloudEvents. Connect: https://github.com/n3wscott/ or @n3wscott



Thursday November 15, 2018 15:05 - 15:40
3M 5
  • Skill Level Any

15:40

Coffee Break
Enjoy coffee & snacks in the Sponsor Showcase.

Thursday November 15, 2018 15:40 - 16:00
1F

16:00

Running Blockchain as a Service on Kubernetes - Shan Yu, Alibaba Cloud
Blockchain is bringing innovations into many industries. At Alibaba, we believe Kubernetes is the ideal platform for running Blockchain-as-a-Service (BaaS) and managing blockchain applications.
In this topic, we will share architecture and design of Alibaba Cloud's Blockchain service, which is developed atop Kubernetes. We will dive into how Kubernetes support Hyperledger Fabric with resource orchestration, elastic scaling, and uniform foundation across public, private and hybrid cloud. Moreover, we will talk about production-proven solutions and tips for solving typical pain points of running Fabric on Kubernetes, like cross-VPC consortium network, chaincode container mgmt, storage sizing&mgmt, high availability, etc. At the end of the topic, a demo will be presented to show how easy to build up a cross-company digital asset business application network using BaaS of Alibaba Cloud.

Speakers
avatar for Shan Yu

Shan Yu

Lead, Alibaba Cloud Blockchain, Alibaba Cloud
Shan Yu is currently working as the leader of Alibaba Cloud Blockchain Team, responsible for BaaS, Blockchain Solutions and Blockchain Marketplace on Alibaba Cloud. Shan Yu had worked as Tech Lead of IBM MQ in China, and Tech Lead of Blockchain in IBM Emerging Technology Institute... Read More →



Thursday November 15, 2018 16:00 - 16:35
2F Room 2

16:00

From Mesos to Kubernetes - Yin Sun, Xiaomi Inc.
Our team use Mesos for three years. Now we choose Kubernetes instead of Mesos. There are some tips to help the others like us to use Kubernetes.

Nine topics for this speech: Background, Container Network, ELB, Login & Audit, Security, Monitor, Log, Stateful Service Package and The Future.

All of our architectures and solutions are designed as decoupling systems, so we can use the same way to adapt every orchestration system.

We slove the problem of network performance in our own way. We support kinds of packages, tools, plugins to help user to deploy jobs, and at the same time we support monitor and log collection.

So, how the parts of system work together? To help better the ecosystem, we will share what we meet and how we slove these problems.

Speakers
avatar for Yin Sun

Yin Sun

Architect 架构师, Xiaomi Inc.
employer: 2004 - 2007 engineer, employed by Inspur 2007 - 2013 Senior architect, employed by Baidu 2013 - Mentor architect, employed by Xiaomi previous speaking experience: QCon Beijing(2011) SACC Beijing(2012) GITC Beijing(2014) GITC Beijing(2016) MesosCon Asia(2017) TOP100 Summit(2017... Read More →


Thursday November 15, 2018 16:00 - 16:35
305 B
  • Skill Level Any

16:00

Kubernetes: Use it, Contribute to it, and Enjoy it! - Peter Zhao & Yuan Ji, ZTE Corporation
As is known to all, Kubernetes is a complicated system. It has so steep a learning curve that lots of new users have pain points to use it. In this presentation, Peter Zhao and Yuan Ji will show several ways to deploy a cluster easily. Already be familiar with Kubernetes and want to contribute to it? Come on! This presentation also shows how the community runs (including projects, SIGs, bots, CI, releases) and how to make your first contribution (PR workflows, testing, etc). This is almost Kubernetes the easiest way, just enjoy it!

For new users, they will get several simplest ways to deploy a Kubernetes cluster and understand how it works. For new contributors, they will learn how to join the community. Even for those who are already contributors, this presentation will tell them something of the community they might not know.

Speakers
avatar for Yuan Ji

Yuan Ji

Software Engineer 软件工程师, ZTE Corporation
Yuan Ji is a software engineer. He is experienced with Kubernetes. Yuan Ji 是软件工程师。对 Kubernetes 拥有丰富的经验。
avatar for Peter Zhao

Peter Zhao

Software Engineer 软件工程师, ZTE Corporation 中兴通讯
Peter Zhao is a software engineer. He's a member of the Kubernetes organization and its sig-cluster-lifecycle/sig-testing teams. He mainly works on Kubernetes project and focuses on kubeadm and networking areas. He also works on test-infra to enhance contributor experience on Kubernetes... Read More →



Thursday November 15, 2018 16:00 - 16:35
305 A

16:00

Discovering the Untold User Stories of Kubernetes With Applied Anthropology - Hippie Hacker & Indigo Phillips, ii.coop
Applying concepts of identity from indigenous cultures and societies around the world, we'll explore the unseen, yet interwoven patterns of real-world user journeys within the Kubernetes community.

If we listen closely, these valuable and inter-related stories can provide deep insight into how people interact with Kubernetes and beyond.

Integrating context and genealogy into our core software protocols, APIsnoop uses machine learning to produce actionable data driven analysis used to refine the definition of what it means to provide a Certified Kubernetes service.

Please join us as we learn something about our software ecosystem (and ourselves) by exploring definitions of individual and group identity from around the world, from Austin to Aotearoa, the Land of the Long White Cloud.

Speakers
avatar for Hippie Hacker

Hippie Hacker

Software Engineer, ii.coop
Hippie Hacker's unique approach to storytelling includes practical application of technology with a focus on humanity as a whole. He has a lifelong interest in the creation of vehicles of viral generosity. Though his travels started in an avocado green Volkswagen bus, they took him... Read More →
avatar for Indigo Phillips

Indigo Phillips

Software Developer/Development Advocate, ii.coop / Arataki Systems
Indigo hails from the northern part of New Zealand where her deep cultural heritage and connection to the land drive her passion for diversity and inclusion of Māori women and youth in the tech industry. Awarded a Te Uru Rangi Māori Scholarship into Enspiral Dev Academy, she's using... Read More →



Thursday November 15, 2018 16:00 - 16:35
2F Room 1
  • Skill Level Any

16:00

Deep Dive: CoreDNS - Yong Tang, Infoblox
CoreDNS is a DNS server written in Go. It can be used in a multitude of environments because of its flexibility. The flexibility is due to CoreDNS’ unique plugin-based architecture: if some functionality is not provided out of the box, you can add it by writing a plugin. In this deep dive session, we take a detailed look at the plugin system of CoreDNS. We walk through the code base and demo a simple plugin which sync up Kubernetes deployment with services outside of the Kubernetes cluster. This plugin showcases the ease of adding new functionalities to CoreDNS, which is very valuable for DevOps in a hybrid and complicated environment.

Speakers
avatar for Yong Tang

Yong Tang

Director of Engineering, MobileIron
Yong Tang is the Director of Engineering at MobileIron working on cloud infrastructure. He contributes to different container and machine learning projects for the open source community. He is a maintainer of CoreDNS and Docker/Moby projects, and had multiple talks in KubeCon before... Read More →



Thursday November 15, 2018 16:00 - 16:35
307 A

16:00

Deep Dive: Helm - Taylor Thomas, Microsoft
Join me for a deep dive into the internal workings of the upcoming Helm version 3! The goal is for all who attend to know exactly how the new code works and provide critical feedback to the maintainers. We will dig into and discuss the new architecture/functionality and explore each new part of the code. Along the way, we will stop for any discussions, questions, and concerns. Finally, we will discuss the migration and roadmap from Helm 2 to Helm 3. Come ready to see the exciting new changes and provide needed perspectives as we near the release of Helm 3.

Speakers
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys hiking and camp... Read More →



Thursday November 15, 2018 16:00 - 16:35
307 B

16:00

Deep Dive: SIG IBMCloud - Sahdev Zala & Guang Ya Liu, IBM
The presentation will cover an overview of the SIG-IBMCloud and highlights of the SIG activities. It will provide details of how the SIG and IBMCloud contribute to the upstream work in various areas like scalability, networking, cloud registry, Helm and SIG App. We will also provide updates on the cloud provider and near-term roadmap for the SIG.

Speakers
avatar for Guang Ya Liu

Guang Ya Liu

Senior Technical Staff Member, IBM
Guang Ya Liu is a Senior Technical Staff Member (STSM) for IBM Cloud Private and is now focusing on cloud computing, container technology, and distributed computing. He is also a member of the IBM Academy of Technology. He used to be an OpenStack Magnum Core member from 2015 to 2017... Read More →
avatar for Sahdev Zala

Sahdev Zala

Senior Software Engineer, IBM
Sahdev P. Zala is a Senior Software Engineer in the IBM Digital Business Group Open Technology division. In his current role, Sahdev is focused on contributing to the Kubernetes and etcd upstream development. He is a member of Kubernetes and etcd-io github organization. He is also... Read More →



Thursday November 15, 2018 16:00 - 16:35
3M 3

16:00

Deep Dive: SIG Scheduling - Da Ma, IBM
Please join us for in-depth understanding of Kubernetes Scheduler and its advanced features.In this presentation we talk about the internals of Kubernetes Scheduler and how it keeps track of the cluster resources in order to make scheduling decisions. We will cover the scheduling workflow and the life of a Pod during a scheduling cycle. Then we will talk about some of the advanced scheduling features that enable users to customize placement of their workloads in Kubernetes clusters to achieve higher reliability and/or better resource utilization.This session is most useful for cluster admins or those who want to start contributing to Kubernetes scheduler.

Speakers
avatar for Da Ma

Da Ma

Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader, Huawei
Kubernetes Maintainer, SIG-Scheduling Co-Leader, Volcano leader. Jilin University master’s degree, majoring in grid computing and distributed system. After graduation, he focus on resource management, resource scheduling in distributed system. Kubernetes Maintainer,SIG-Scheduling联合负责人,kube-batch... Read More →


Thursday November 15, 2018 16:00 - 16:35
3M 1

16:00

Spark on Kubernetes: Best Practice and Performance - Junjie Chen & Jerry Shao, Tencent
As of version 2.3, Spark can run on clusters managed by Kubernetes, the de facto automation framework for contained based applications which is a significant milestone for k8s to support big data services. In this talk, firstly we will introduce our work for offering spark service via Kubernetes deployment as public cloud services, like: Authorization and Logging, and multi-tenancy through namespace and quota management of Kubernetes, etc. Then we will share the best practices of performance tuning details while running Spark application, includes: tuning detailed configurations from Kubernetes and Spark for maximum resource utilization, integrating with zookeeper service to achieve high availability, etc. In prospective of performance, the TPC-DS workload is used to present performance impact brought by configurations change.

Speakers
JC

Junjie Chen

Senior Software Engineer 高级软件工程师, Tencent
Chen, Junjie is working as Senior Software Engineer In Tencent Cloud. He has been working on big data and cloud area over several years and has rich experiences on SQL on Hadoop area. Currently, he is participating data warehouse project from Tencent Cloud. Chen Junjie... Read More →
JS

Jerry Shao

Expert Engineer 专家工程师, Tencent 腾讯
Jerry Shao works as an expert engineer at Tencent Cloud, mainly focused on Spark area, especially Spark core, Spark on Yarn and Spark Streaming. He is an Apache Spark committer and Apache Livy PMC. Prior to Tencent, he was a Member of Technical Staff at Hortonworks working on open... Read More →



Thursday November 15, 2018 16:00 - 16:35
2F Room 3
  • Skill Level Any

16:00

A Cloud Native Networking Solution Based on Kube-router and VPP-DPDK - Hongjun Ni, Intel
For deployment of Cloud Native applications, high throughtput, minimal latency and high-availability are critical. Kube-router project provides such a solution, but it uses the Linux kernel's LVS/IPVS features to implement its K8s Services Proxy.
This presentation will introduce a turnkey solution based on VPP and DPDK for Cloud Natvie networking and Edge Computing, which shows high performance and keeps flexibility.
It includes below key elements:
1) Implement a user space k8s service proxy based on VPP and DPDK, including load balancer, DNAT and SNAT.
2) Implement L3 load balancer with ECMP and DSR (Direct Server Return).
3) Implement K8s Network Policies to use VPP's ACL feature, which ensure firewall rules to apply in the cluster.
4) Integrate kube-router with service proxy, load balancer and network policy based on VPP and DPDK.

Speakers
avatar for Hongjun Ni

Hongjun Ni

Senior Software Engineer, Intel
Hongjun Ni is focusing on high performance data plane and Cloud Native Networking. _x000D_ He is FD.io VPP Maintainer, Sweetcomb Project Lead, NSH_SFC Project Lead and Hc2vpp Committer. _x000D_ He has fourteen years' rich experience on Cloud Native, SmartNIC, Wireless, Wireline and... Read More →



Thursday November 15, 2018 16:00 - 16:35
302 B

16:00

Implementing Authorization - Torin Sandall, Styra
Whether you build software for enterprises, mobile, or internal microservices, security is important. Standards like SAML, OIDC, and SPIFFE help you solve identity and authentication, but for them authorization is out of scope. When you need to control "who can do what" in your app, you are on your own.

To solve authorization, you may be tempted to hardcode logic against SAML assertions, scopes, or X.509 certificate attributes. But, approaches like this lead to systems that are hard to understand and painful to maintain.

This talk shows how to leverage the Open Policy Agent (which is used by companies like Netflix and Chef) to build a powerful authorization system on top of industry-standard authentication protocols. The talk showcases how decoupling leads to authorization solutions that are easier to understand while enabling fine-grained control over the app.

Speakers
avatar for Torin Sandall

Torin Sandall

Software Engineer, Styra
Torin Sandall is a co-founder of the Open Policy Agent (OPA) project. Torin has spent 10 years as a software engineer working on large-scale distributed systems projects. Torin is a frequent speaker at events like KubeCon, DockerCon, Velocity, and more. Prior to working on OPA, Torin... Read More →



Thursday November 15, 2018 16:00 - 16:35
302 A

16:00

Serverless Kubernetes: Container in Cloud Native Way - Wei Zhang, Alibaba
Nowadays more and more users run containers on the cloud. However, running containers on cloud is far from ideal. It still requires significant efforts on cluster setup, configuration, and servers management. A new paradigm "Serverless Container" came out recently, which eliminates the need of managing cluster and servers, aiming to run containers on cloud more easily and agilely.

In this topic, we will present the landscape of serverless container ecosystem, and how we build the serverless container service at Alibaba Cloud, which is easy to scale and has a flexible resource model, also provides the native Kubernetes API. Users will learn how to deploy container, ingress, and service discovery in cloud native way. We will also unveil its innovative cloud scale architecture, and talk about how it helps our customers to focus only on the application rather than server management.

Speakers
avatar for Wei Zhang

Wei Zhang

Staff Software Engineer 主任软件工程师, Alibaba
Wei Zhang, Staff Engineer at Alibaba Cloud, technical leader for Serverless Kubernetes product, several years experiences on Linux kernel and Open source contributing, also have several conferences speaking experiences, includes LC3, LinuxCon Japan, and Taiwan Kubernetes Summit. Currently... Read More →


Thursday November 15, 2018 16:00 - 16:35
3M 5
  • Skill Level Any

16:45

Auto-Deployment of Ceph Cluster With Rook on Top of Kubernetes - Dennis Chen, Arm
Rook is an open source project hosted by CNCF to orchestrate the distributed storage system such as Ceph with cloud native primitives. In this presentation, Dennis will first introduce the overall design idea of the Rook and how it works, after that he will talk about how to deploy a Ceph cluster automatically with help of Rook and take use of it, including the volume provisioning and attachment, against a real workload on AArch64 server. At last, some new features(eg. CSI support), challenges and issues of this project will be discussed.

Speakers
avatar for Dennis Chen

Dennis Chen

Staff Software Engineer, Arm
Dennis Chen works as a staff software engineer in Arm focusing on data center software ecosystem based on AArch64 server. He was the speaker of SFO17, HKG18, CLK17, OpenInfra Days 2018, YVR18, Open Source Summit-Europe 2018. Dennis is also an active contributor in the open source... Read More →



Thursday November 15, 2018 16:45 - 17:20
2F Room 2

16:45

Kubernetes on Supporting 1 Million Bike-Taxi Drivers in Indonesia - Giri Kuncoro & Iqbal Farabi, GO-JEK
At GO-JEK, we build products to help 100 millions of Indonesians commute, shop, eat and pay, every month. With the pace of GO-JEK business that has been growing 6666x in 36 months, we need an infrastructure platform that could scale quickly and deliver products to customers faster. Three years ago, all of GO-JEK services ran in our baremetal machines in Jakarta. Today, they are running across multi-cloud: GCP, AWS, and on-premise datacenter. GO-JEK is in the process of migrating applications to containers, centered around Kubernetes. We chose Kubernetes because of its portability across cloud and dynamic scaling.

We will talk about the work that went into building Kubernetes custom resources for our workload deployment, custom controller, integration with Consul to discover external services, and how GO-JEK got to where it is today: processing 350 million internal API calls per second.

Speakers
avatar for Iqbal Farabi

Iqbal Farabi

System Engineer, GO-JEK
Iqbal is a teacher, developer, and now a system engineer at Gojek. Before joining Gojek, Iqbal worked for 8 years a Ruby developer and taught Ruby to fresh graduates on pro-bono basis in Indonesia. Now, at Gojek he works as part of Gojek Cloud Foundation team which focuses on developing... Read More →
avatar for Giri Kuncoro

Giri Kuncoro

Senior Software Engineer, GOJEK
Giri works for GOJEK, one of the fastest growing unicorn in South East Asia. He is a Senior Software Engineer in Cloud Foundation team. He co-lead the internal Kubernetes project. Giri has been given talks in KubeCon Shanghai, DevopsDays India, and various local meetups in Indonesia... Read More →



Thursday November 15, 2018 16:45 - 17:20
305 B

16:45

State of the UI: Leveraging Kubernetes Dashboard and Shaping its Future - Dan Romlein & Spencer Sugarman, Google
Over 60% of Kubernetes users take advantage of some sort of UI for Kubernetes. Some unique benefits of a UI over a CLI include: monitoring and troubleshooting, sharing information with less-technical stakeholders, and onboarding new users. In this talk, Spencer (UX Researcher) and Dan (UX Designer) will share research and best practices around what makes a successful Kubernetes UI, and offer recommendations on maximizing the value UIs can offer for your team. They’ll demo some of the updates included in the latest release of Dashboard, and present a future vision of Dashboard based on new research.

Speakers
avatar for Dan Romlein

Dan Romlein

UX Designer UX 设计师, Google
Dan is a UX designer at Google working on Kubernetes Engine and also an active contributor to the open source Dashboard UI. He’s been focused on designing UIs for Kubernetes for the past two years and is excited about making complex concepts clear and user-friendly. His past speaking... Read More →
SS

Spencer Sugarman

UX Researcher UX 研究员, Google
Spencer is a UX researcher at Google working on Kubernetes Engine, leading research on developer workflows and application management. Before joining Google, Spencer helped design interfaces for distributed machine and IoT platforms. Spencer 为谷歌 UX 研究员,负责 Kubernetes... Read More →



Thursday November 15, 2018 16:45 - 17:20
305 A

16:45

Apache Spark on Kubernetes: A Technical Deep Dive - Yinan Li, Google
Apache Spark is currently the most popular open-source large-scale data processing framework. Previously, users could run Spark applications on standalone, Yarn, and Mesos clusters. In the Spark 2.3.0 release, Kubernetes became a new scheduler backend for Spark. This new scheduler backend enables Spark applications to run natively on Kubernetes by leveraging the Kubernetes scheduler for scheduling and running Spark drivers and executors. In this talk, we will give a deep dive into the technical details of the Kubernetes scheduler backend and explore all the exciting new things that this native Kubernetes integration brings to Apache Spark. We will also go over the roadmap and features that the Kubernetes community has planned for the scheduler backend over the next several releases of Spark.

Speakers
YL

Yinan Li

Software Engineer, Google
Yinan Li is currently a Software Engineer at Google. He focuses on work that enables large-scale data processing on Kubernetes, including the Kubernetes scheduler backend for Apache Spark. Yinan is a co-chair of SIG big-data of Kubernetes. He is also an Apache Spark contributor and... Read More →



Thursday November 15, 2018 16:45 - 17:20
2F Room 1
  • Skill Level Any

16:45

Deep Dive: CNCF K8s-Conformance WG - Zefeng Wang, Huawei & Srinivas Brahmaroutu, IBM
For end-users, kubernetes conformance tests are recommended "first to run" against a new deployed kubernetes cluster, to check everything is fine. However, it's still not convenient for especially newbies to run in some closed environment or debug when some tests fail. This presentation will share experiences on running and debugging conformance tests, as well as ongoing sub-projects relevant to k8s conformance WG, etc.

Speakers
avatar for Srinivas R Brahmaroutu

Srinivas R Brahmaroutu

Software Engineer 软件工程师, IBM
Srinivas Brahmaroutu works as a Software Engineer at IBM Corp. He has many years of experience around IBM cloud offerings. He has worked on many strategic open source projects including Cloud Foundry, Docker and Mesos. Currently he works on Kubernetes contributing to test-infra and... Read More →
avatar for Kevin Wang

Kevin Wang

Principal Engineer, Huawei
Zefeng(Kevin) Wang is a Principal Engineer of the PaaS Team at Huawei. Currently working on Kubernetes, KubeEdge and Huawei Cloud container products. He is the lead of Huawei Kubernetes & Cloud Native open source team and co-founder of KubeEdge project.



Thursday November 15, 2018 16:45 - 17:20
3M 3

16:45

Deep Dive: SIG Cluster Lifecycle - Di Xu, Ant Financial & Alexander Kanevskiy, Intel
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have primarily focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and enhance kops, the easiest OSS way to get a production-grade Kubernetes cluster up and running in AWS. We have recently begun building a Cluster API to provide an abstraction of machines across different deployment environments along with a common control plane configuration. In this Deep dive session, we will review recent accomplishments, and discuss our future development plans, where you are very welcome to contribute to the discussion.

Speakers
avatar for Alexander Kanevskiy

Alexander Kanevskiy

Cloud Software Architect, Intel Corporation
Alexander is currently employed by Intel, Open Source Technology Center in Edge and Cloud Stacks team as Cloud Software Architect, focusing on various aspects in Kubernetes: Cluster Lifecycle and Cluster APIs, Device plugins for hardware accelerators, Resource management.Alexander... Read More →
avatar for Di Xu

Di Xu

Software Engineer 软件工程师, Ant Financial 蚂蚁金服
Di Xu is working at Ant Financial as a senior software engineer. He is a top50 code contributor and active reviewer in Kubernetes community. He has extensive experience in Kubernetes, Docker and Cloud Computing. He is passionate about open source projects and gets involved in... Read More →



Thursday November 15, 2018 16:45 - 17:20
307 A

16:45

Deep Dive: SIG VMware - Steve Wong & Hui Lou, VMware
Kubernetes allows using topology labels to affect the scheduler’s placement of pods. This is used to spread pods across availability zones, while still respecting resource access and availability concerns. When Kubernetes runs on vSphere, the hypervisor platform also supports an underlying tier of high availability and automated placement options, for both control plane and worker nodes. 2 levels of scheduling and resource management are active. Currently no automatic scheduling integration occurs, that is, Kubernetes is not aware of the underlying vSphere topology (sites, affinity groups, NUMA, etc.). This session will explain the options to gain better performance, resource optimization and availability through tuning of vSphere, and Kubernetes configuration and labeling. This is applicable to any K8s distribution running on the vSphere stack.

Speakers
avatar for Hui Luo

Hui Luo

Software Engineer, VMware
Software engineer at VMware cloud native application team.Active contributor to upstream kubernetes in area like device plugin.Contributor at vSphere cloud provider, cluster api vSphere.罗晖是来自VMware云原生应用组的软件工程师,他积极参与和贡献给kubernetes社区,并且是vSphere... Read More →
avatar for Steven Wong

Steven Wong

Open Source Software Engineer, VMware
Steve Wong has been active in the Kubernetes and Apache Mesos communities since 2015. He is chair of the VMware SIG, and a co-organizer of the IoT and Edge Working Group on the Kubernetes project. He is a past speaker at KubeCon, MesosCon, Open Source Summit, SCALE, and meetups in... Read More →



Thursday November 15, 2018 16:45 - 17:20
307 B

16:45

Linux Container in Windows 10 or Windows 2016 Deep Dive - Mark Peng, DaoCloud Shanghai
This topic describes the internals of running Linux containers with Hyper-V container technology on Windows. For those who have already deployed Windows, they can run both Windows and Linux containers on Windows.

Speakers
avatar for Peng aihua

Peng aihua

Hybrid Cloud Chief Advisor, DaoCloud
Peng Aihua focuses on the Windows container and Azure Stack. He is the first Microsoft MVP(Azure Stack) in China.In the spare time, he likes to read the history of the late Qing Dynasty.


Thursday November 15, 2018 16:45 - 17:20
2F Room 3

16:45

Network QoS Support for Kubernetes Applications - Jun Du, Huawei
Traffic shaping is one of the important aspects in network QoS and it's widely used in many scenarios where you want to control traffic. In Kubernetes, traffic shaping for applications will happen if bandwidth-related annotations have been added to the Pod's metadata. However, currently only kubenet supports applying basic traffic shaping during pod setup while kubelet doesn't support it when it runs in CNI network driver. As kubenet will be deprecated in the future, we need to make up for the missing part.

This presentation will show our implementation that adds a simple CNI plugin using the linux tc to create an ingress(include burst) and egress(include burst) rate limiters. We have already contributed the CNI plugin to CNI community and the integration work with Kubernetes leading by Kubernetes SIG Network is in progress.

Speakers
avatar for Jun Du

Jun Du

Senior Software Engineer 高级软件工程师, Huawei
Jun Du is Senior Software Engineer at Huawei PaaS team, working on cloud computing, containers orchestration. He is a codebase approver, milestone maintainer, subproject owner and product manager of Kubernetes. The focus of his contributions has been on network and scheduling areas... Read More →


Thursday November 15, 2018 16:45 - 17:20
302 B

16:45

Nabla Containers: A New Approach to Container Isolation - Brandon Lum & Ricardo Koller, IBM
Horizontal attacks are an important security concern for cloud providers and its tenants. Despite its many advantages, containers have not been accepted as isolated sandboxes, which is crucial for container-native clouds. The exposure of the syscall interface directly to untrusted workloads has greatly increased the number of exploits possible to the host.

We present Nabla containers, which uses library OS/unikernel techniques to avoid system calls and thereby reduce the attack surface on the host kernel. Using our OCI runtime, runnc (https://github.com/nabla-containers/runnc), we show the running of popular applcations: Node.js, python, redis, etc. permitting use of < 9 syscalls via seccomp. In this talk, we will discuss and demo how we have leveraged libOS ideas in a novel way and compare isolation and performance metrics against other technologies such as gvisor and Kata Containers.

Speakers
RK

Ricardo Koller

Research Scientist 科学研究员, IBM
Ricardo Koller is a systems researcher at the IBM T.J. Watson Research Center. He specializes on virtualization and OS kernels, and has been focusing on unikernels and container security. He previously worked on container and VM introspection, and previous to that, on virtual machines... Read More →
avatar for Brandon Lum

Brandon Lum

Software Engineer, IBM
Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). He enjoys tackling both technical and business challenges and has a side interest in organizational behavior and leadership. At IBM Research... Read More →



Thursday November 15, 2018 16:45 - 17:20
302 A

16:45

Smart Workload: Automated Routing, Scaling of K8s and Serverless Functions - Enlin Xu, Turbonomic
Developers have a dream that applications can run anywhere without modification. This begins with Kubernetes and extends to serverless, which promises developers to deploy and run functions without having to manage the infrastructure. To achieve this dream workload must be self-managed anywhere regardless of platform. How would you balance resources between serverless functions and other workloads co-existing in your k8s cluster? How do you scale functions without hitting resource constraints? Should you scale the cluster, or could you route workload to another less-loaded cluster? To find answers we have been running experiments to automate smart workload routing and scaling using Istio/Kong/Gloo over various platforms such as OpenWhisk, OpenFaaS and AWS Lambda. We will share what we have learned in assuring performance while allowing applications to run anywhere, on any cloud.

Speakers
avatar for Enlin Xu

Enlin Xu

Director of Advanced Engineering, Turbonomic
Enlin Xu is a proud graduate of Columbia University and has been a software engineer in Turbonomic since 2011. He is now Director of Advanced Engineering that leads the engineering effort for Cloud Native technology design and integration in Turbonomic. Before coming to US, Enlin... Read More →



Thursday November 15, 2018 16:45 - 17:20
3M 5