KubeCon + CloudNativeCon North America 2021, the flagship conference of the Cloud Native Computing Foundation (CNCF), took place in Los Angeles October 11–15, 2021. The event was the first in-person event in the last two years, providing the unique opportunity of bringing the community together. In addition, the schedule was packed with more than 200 sessions and 70 maintainer presentations, plus 12 cloud-native tracks.
We’ve collected the critical announcements, releases, and best practices from the keynotes and sessions of KubeCon 2021. But before that, some personal insights from the team of IOD experts and our “top 5” takeaways! Check them out!
IOD Experts’ Take
The cloud-native community continues to grow and provide innovative technologies to solve current and future challenges. Attending the KubeCon + CloudNativeCon North America 2021 in Los Angeles was an enriching experience, offering a comprehensive insight into the upcoming cloud-native trends and tools transforming the future tech landscape.
Our “top 5” takeaways from KubeCon were:
- Growing popularity of GitOps
- Adoption of eBPF
- Supply chain security
- Emergence of service mesh at scale
- Tools to increase the productivity of developers running multi-cluster workloads in Kubernetes
Organizations are leveraging the GitOps workflow as an operating model to manage the continuous deployment of their production applications running in Kubernetes. GitOps makes it incredibly easy to manage microservices at scale and works excellently with containers and service meshes. eBPF is a transformational technology that extends the operating system’s capabilities and lets you run custom code in the kernel. In addition, it’s a robust platform for cloud-native use cases like security, networking, and observability without needing any application or configuration changes.
Supply chain security is becoming critical for organizations operating in the cloud-native space. This means the need of the hour is to come together as a community to discuss the diverse supply chain threats, best practices, and mitigation techniques. Meanwhile, organizations are implementing service meshes to run hundreds of microservices at scale, so it’s beneficial to understand the complexity of the architecture and how companies are resolving the related challenges.
You can catch IOD Expert Samir Behara’s DZone KubeCon interview with Lachie Evenson, Principal Program Manager on Microsoft’s open-source Azure team, where they discuss the upcoming cloud-native trends.
Now, on to our coverage of KubeCon + CloudNativeCon North America 2021.
Day by Day
The first day began with an overview of the cloud-native community and the future of multi and hybrid clusters. Keynotes on the second day focused on observability and the developer experience. On the final day, the focus was on machine learning opportunities in Kubernetes and the upcoming Software Bill of Materials (SBOM).
In relation to this, check out IOD’s own blog articles for a deep dive on hybrid and multiclouds and automating machine learning workflows.
This Just In!
There were two important announcements from the conference that we don’t want you to miss:
- There’s a Kubernetes certificate now available: the Kubernetes and Cloud Native Associate (KCNA). This is an entry-level certificate for candidates interested in Kubernetes to demonstrate their foundational knowledge and skills. You can learn more about the certificate and exam details over at the Linux Foundation.
- SUSE announced new open-source tools for configuring, deploying, and managing VMs during the conference’s pre-event:
- Harvester: A hyperconverged infrastructure (HCI) solution based on Kubernetes to configure, deploy, and manage VMs inside Kubernetes.
- Kubewarden: A policy engine that integrates with Kubernetes using a webhook admission control mechanism.
- Rancher Desktop: An open-source desktop application for Mac and Windows that provides Kubernetes and container management.
We’ve collected all the key sessions for you to catch up on the latest news, releases, and best practices from the community.
Security in distributed applications is always tricky. It’s even more challenging when scaled to hundreds of servers in different data centers and cloud providers via Kubernetes.
In their talk, Kubernetes Exposed! Seven of Nine Hidden Secrets That Will Give You Pause, Ian Coldwater and Brad Geesaman revealed the unexpected gotchas and surprising behaviors of Kubernetes—an essential talk to watch before working on your Kubernetes threat model.
The second talk you need to watch is on the threat matrix released by Microsoft and its latest updates: Know Your Enemy: Mapping Security Risks Using Threat Matrix for Kubernetes. As a Kubernetes operator, defender, or SecOps engineer, this presentation will show you how to use the matrix to protect your Kubernetes workloads.
The third session we suggest for security experts is Insights into Unsecured Kubernetes in the Wild, where Jay Chen and Aviv Sasson (Palo Alto Networks) explained their work on misconfigured clusters and how they found 2,100 unsecured Kubernetes clusters with a total of 31,340 CPUs and 75,270 pods on the internet.
Kubernetes is a container management system, so the latest technological developments in containerization are crucial to its success. The first presentation we suggest you watch on containers is What’s New in CRI-O? by the team over at Red Hat. CRI-O has become popular recently as being the exclusive lightweight container runtime for Kubernetes, and this talk teaches you about the advantages of using a tailor-made container system in Kubernetes.
We also recommend the session about container registry platforms: Harbor – Enterprise Cloud Native Artifact Registry. You’ll learn all about the enterprise-level features of Harbor and the project’s community.
With the uptrend in IoT and edge computing, deploying applications to remote locations is now possible. As the leading container orchestration, it’s also inevitable to see solutions based on Kubernetes for edge computing. In the session Edge Computing Using K3s on Raspberry Pi by Jeff Spahr, you can see Raspberry Pi 4 in action with Kubernetes for edge computing.
The second talk we suggest in this field focuses on WebAssembly workloads: Kubernetes on Edge: Bringing Your Code to Constrained Places.
We recommend checking out both sessions, as edge computing will have a firm place in the future of Kubernetes.
Storage and Disaster Recovery
Disasters are inevitable—in nature and in the cloud. But you can survive disaster with a solid recovery plan.
Disaster recovery is another upcoming trend in Kubernetes, and we suggest making it a part of your future strategy. In the session, Disaster Recovery of Stateful Applications in a Multi-Cluster Environment by Red Hat, they present how to recover the state stored in your persistent volumes in the case of a disaster. In addition, they show you the features of a multi-cluster control plane and a one-click disaster recovery solution.
You can also check out our blog article Best Practices for Cloud Disaster Recovery in Microsoft Azure.
KubeCon + CloudNativeCon North America 2021 was the first in-person event after a long period of online-only conferences due to the epidemic—and it really revived the active community. There were many valuable presentations about the current status of Kubernetes and the future outlook. As Kubernetes becomes more popular and accepted in the industry, future trends will make it more secure, robust, and reliable against hackers, disasters, and naive users.