mesh pattern

Announcing KubeCrash — crash courses on cloud native tech

Catherine Paganini
Catherine Paganini Apr 6, 2022

Blog >

The new virtual event for KubeCon “timezone-left-behinds”

Are you a KubeCon nerd in the Americas who loves to attend KubeCon sessions but can’t go to Valencia this year? We have a consolation prize for you.

During KubeCon EU, we are launching KubeCrash, a new virtual event featuring live crash courses on cloud native tech — in your timezone. Join us to learn directly from the maintainers of CNCF and other open source projects.

About KubeCrash

Five open source companies have teamed up to bring you top-notch, KubeCon-grade crash courses on cloud native tech. No vendor pitches, just awesome content on projects such as Linkerd, cert-manager, CockroachDB, Pulumi, Polaris, and Goldilocks.

With Kubernetes becoming the new standard for cloud-hosted application development, DevOps teams are driving the technology choices for enterprise-grade cloud native tooling. Freely available open source solutions are often the primary source for these tooling decisions.

KubeCrash provides a half-day knowledge sharing and virtual learning environment for developers, reliability engineers, cloud security specialists, and platform engineers. Learn directly from the maintainers of some of the most popular open source projects in this series of focused talks and workshops.

The KubeCrash program

Come prepared for a schedule packed with great content and actionable insights directly from the teams that maintain some of the ecosystem’s most popular open source projects. The program will cover the latest learnings on the following:

  • Implementing scalable zero-trust
  • Scanning workloads for improved cloud native security
  • Using service mesh to ensure high availability across multi-cluster infrastructure
  • Delivering “serverless” for multi-cloud deployments.

Program overview

Using cert-manager to enable zero-trust identities for intra-pod communication — Jake Sanders, cert-manager maintainer

Modern cloud native architectures require the network to be considered untrustworthy. Because of this, internal workloads are rapidly driving the use of mTLS and private PKI.

This workshop from Jetstack will demonstrate how to use cert-manager to issue, manage and rotate mTLS certs, so users have strongly attested and verified Machine Identities between Kubernetes pods — all without the workload private keys leaving node memory!

This session is a precursor to implementing a service mesh solution, using cert-manager to establish zero trust environments, perhaps defined by trust domains, and enforcing security for pod to pod traffic.

Multi-cluster failover using Linkerd — Eliza Weisman, Linkerd maintainer

Failover across clusters is a great way to improve the overall uptime and reliability of Kubernetes applications. While whole-cluster failover can be accomplished at the global ingress layer, failing over individual services is a little more difficult.

During this session, Linkerd maintainer, Eliza Weisman, will walk you through how to use Linkerd — the CNCF graduated service mesh — to enable traffic failover for individual services across clusters.

Attendees will learn how to combine service mesh metrics, traffic shifting, and cross-cluster communication in a cohesive and automated way using pure open source, while preserving fundamental security guarantees such as mutual TLS.

Optimizing and Securing Kubernetes Workloads with Polaris and Goldilocks — Rachel Sweeney, Fairwinds and Andy Suderman, Polaris and Goldilocks maintainer

Learn how to scan your Kubernetes workloads to improve your resource utilization and security using open source tools, Polaris and Goldilocks. You will watch Andy Suderman, Director of R&D and Technology, and Rachel Sweeney, SRE at Fairwinds, as they show how to correctly configure your clusters based on Kubernetes’ best practices for security and efficiency.

Using Kubernetes to deliver a “serverless” service — Lisa-Marie Namphy and Jim Walker, Cockroach Labs

In this talk, Cockroach Labs team members will share how they leverage Kubernetes to deliver a “serverless” experience.

Serverless promises to change the way we consume software. It allows us to potentially pay only for what we use and help drive down operational costs by minimizing resource consumption. Architecting for serverless requires a unique look at app logic and how it is deployed — a combination of the logical and physical worlds. An architectural pattern has emerged where we can scale ephemeral compute separate from services that need to persist.

Multi-cloud, single deploy: cloud engineering with Kubernetes and Pulumi — Aaron Friel and Guinevere Saenger, Pulumi

Business constraints and customer requests often require you to stand up new Kubernetes environments across multiple cloud providers. This growing complexity in computing infrastructure will incur greater operational costs for organizations when coordinating across multiple teams.

Pulumi engineers Aaron Friel and Guinevere Saenger will demonstrate standing up Kubernetes clusters, deploying applications, and automating ops tasks by building a CLI using the Pulumi Automation API. These tools empower every engineer — from application developers to site reliability engineers — to be a cloud engineer.

Join us on May 17

If you’re staying in the Americas (or are up for a late-night session) this KubeCon, join us on Tuesday, May 17th starting at 9am PST / 10am CST/ 12pm EST. Enjoy a specifically curated set of sessions, each led by a project maintainer from projects covering modern cloud native security to improving the developer experience. Register today!