12 Can’t-Miss KubeCon Sessions

With KubeCon 2023 a little over a week away, I’ve been eyeing the schedule to decide which sessions I don’t want to miss this year. Here they are in no particular order, categorized by security, service mesh, and miscellaneous.

Security Sessions

I am always curious about mental models and different frameworks people come up with to describe, explain, and understand different concepts, especially around security. In It’s Never Too Late for PKI Fundamentals: Building a Mental Model, Jackie Elliott will explain the fundamentals of PKI and how to think about it. This is one of the talks to attend to get a good foundation and understanding of concepts before diving into more complex security-related topics.

SPIRL is a new company that promises to democratize access to SPIFFE and workload identity and end the pain around secrets and access management. I am curious to hear from Eli Nesterov and how they plan to do that in his Back to the Future: Managing Trust in a Cloud-Native Environment session.

Continuing with the security theme – the Leveraging SPIRE for All Your Production Identity Needs talk falls under the practical and “real-world” application category. Being mostly from the “theoretical” side, I am always curious to learn how certain technologies are applied. Ryan and Chirag will discuss real-world examples of authentication workflows and discuss a practical solution using customized x509 certs.

Service Mesh Sessions

Many of the other sessions I picked are service mesh-related in some shape or form. The first session is Service Mesh Battle Scars: Tech, Timing, and Tradeoffs. This panel has participants including my very own colleague at, as well as Google, Microsoft, Isovalent, and Buoyant – it’s a great opportunity to hear maintainers talk about different topics around service meshes.

This next session is a must-go-to for anyone interested in contributing to Istio. Istio: Hands-on Development And Contribution Workshop will be a 90-minute session with Faseela K, Eric VanNorman, Lin Sun, and Steven Landow – all long-time Istio contributors/maintainers and overall Istio experts, in addition to serving on Istio TOC and the steering committee and being leads of various Istio work groups.

The next session, Istio: The Past, Present and Future of the Project and Community, will feature Louis Ryan and John Howard discussing the project, new features from recent releases, progress on the ambient mesh, Gateway API support, and more.

Another real-world, practical session I plan to attend is the Service Mesh Journey at DoorDash: The Good, the Bad, and the Ugly by Hochuen Wong. I look forward to hearing about best practices, how DoorDash maintains and manages a system with 10K pods, and the role service mesh plays.

This last session — Flavors of Certificates in Service Mesh: The Whys and Hows — falls between the security and Istio sessions. Faseela and Iris will talk about different types and flavors of certificates in Istio, where they exist, and how to utilize them better.

Miscellaneous Sessions

I picked three additional sessions that don’t fall under any specific category.

I haven’t done much work with controllers, so I am curious to hear from John Howard about his hands-on experience writing and maintaining controllers in Istio in the Building Better Controllers session.

Gateway API is the direction where north-south and east-west traffic management is going, so it’s great to hear that they’ll be GA by KubeCon. Gateway API: The Most Collaborative API in Kubernetes History Is GA could be a good introduction to anyone trying to learn about the Gateway API, where it is, and where it’s going.

AI has been extremely popular in the past year, and attending at least one AI-focused session is almost obligatory. Grifts Ahoy! Bracing for the AI Tide will talk about the risks and benefits of ChatGPT concerning Kubernetes and cloud computing environments.

Lastly, I must attend this session, as I am the presenter. In A Practical Guide to Understanding and Configuring Envoy Filters, I’ll give some tips about configuring Envoy using the EnvoyFilter resource in Istio.

I hope to see you soon at KubeCon + CloudNativeCon North America 2023! If you will be in Chicago from November 6 to 9, drop by our booth #D11 or request a meeting with our onsite team.