CodiLime’s crack team of specialists - Paweł Melon, Paweł Kopka and Piotr Skamruk - has returned from KubeCon, the Cloud Native Computing Foundation’s flagship conference, which took place on 20th - 23rd of May in Barcelona, Spain. The conference gathered people from the cloud native and open source communities. Without further ado, here are their fresh insights, hot off to the press.
Before the conference started, on May 20th, there was an entire series of pre-conference events. During one of them, Cloud Native Network Services Day, Paweł Kopka, Team Leader and Software Engineer at CodiLime, gave a talk: Opening a gate in the cloud for Zuul. Create a pipeline to test deployment on clouds. Paweł showed a pipeline created on the strength of numerous trials and failures. He went job by job through the entire deployment and testing on a public cloud. He also shared his own experience with keeping clouds clean, protecting from cost overruns and how to secure credentials and share them with CI system using Vault.
All the attendees seemed to agree that CI/CD methodology is among the most important things for the network software solutions development. Without it, progress in network development is impossible.
- Reperforming a Nobel Prize Discovery on Kubernetes - Ricardo Rocha, Computing Engineer & Lukas Heinrich, Physicist, CERN: By far the most interesting presentation during the conference, as the numerous tweets attendees sent out surely attests. During the presentation no less than 70 TB of data were processed and 25,000 jobs run on Kubernetes to boot. The result? Only a chart created in Jupyter Notebook proving that Higgs’ boson really exists.
- Writing kubectl Plugins for Everyone: Develop, Package & Distribute - Ahmet Alp Balkan, Google & Maciej Szulik, Red Hat: writing and adding plugins to kubectl is very simple thanks to krew, which has the fine distinction of simultaneously being a plugin and a mechanism to manage plugins. Krew makes it possible to install new plugins downloaded from GitHub’s repository. It is also easy to propose new plugins. The presentation was a live demo showing how to write a simple plugin, add it to GitHub and prepare a pull request (PR).
- Istio Multi-Cluster Service Mesh Patterns Explained - Daniel Berg & Ram Vennam, IBM: each client has a multi-cluster solution and wants to have an encrypted connection between pods. Istio, currently one of the most popular service mesh, provides just this ability. The presenters said that service mesh can be compared with SDN, because its basic assumptions - connect, secure, observe, control - are similar to SDN solutions.
- Using eBPF to Bring Kubernetes-Aware Security to the Linux Kernel - Dan Wendlandt, Isovalent: In this most fascinating presentation, Dan Wendlandt explained, historically and from the point of view of the Linux kernel, how eBPF was introduced. eBPF is a system that enables users to filter network communications, which can be filtered not only at the IP level, but also at the level of containers and processes. This is a great advantage over traditional filtering, which detects communication only at the level of the singular pod. eBFP makes it possible to determine if this is inid container, app container or sidecar.
- Deep Dive: Network Service Mesh (NSM) - Nikolay Nikolaev, VMware & Frederick Kautz, Doc.ai: an introduction to network service mesh, a method of creating communication between services, with a view to creating separate networks.
During the conference there were also a variety of SIG (Special Interest Group) meetings. One that was particularly interesting for us was Network Plumbing Working Group meetup, during which we discussed what can be done to connect, and do so dynamically, numerous network interfaces and IP configurations on them to a single pod in Kubernetes.
With nearly 8000 people attending, KubeCon 2019 was a huge event. KubeCon USA, slated for November 2019, will see up to 12,000. As for the most recent event, even though the temperature was 20-24 Celsius degrees, it seemed much hotter thanks to Barcelona’s Mediterranean climate. Definitely, the hot topic was a network service mesh. The size of the conference meant stretching our legs a lot to reach the far-flung presentations we really wanted to see. While that was exhausting, all the talk kept our eyes open and provided us a great opportunity to talk live and exchange views and opinions with those responsible for important cloud native projects and hear how they intend to develop them further. There were also providers of software and hardware solutions, with whom we exchanged opinions and learned from. Without a doubt, though, the keynote on Higgs’ boson stole the show.