Kubecon Europe Hero Cityscape

KubeCon + CloudNativeCon Europe 2024

This conference brings together technology professionals, developers, and key stakeholders from the cloud-native community to discuss, share, and advance the development and use of cloud-native computing. This year we are thrilled to be a Platinum sponsor!

Solo.io is thrilled to be a Platinum sponsor of Kubecon+CloudNativeCon Europe 2024 in Paris,  France! Be sure to stop by and see us at booth E3, from March 19-22 in the Solutions Showcase to learn from and connect with the team here at Solo.io.

We can’t wait to see you there!

We are a Diamond sponsor of Cilium + eBPF Day

March 19, 2024 – Paris, France

Join Solo.io at Cilium + eBPF Day to explore how the Cilium open-source project revolutionizes cloud networking, security, and observability. Discover the power of CNIs and eBPF in Kubernetes and beyond, and learn from real-world applications transforming the cloud native landscape.  Check out our Keynote at 10:30 CET titled Evolving Cilium with Insights from Kubernetes delivered by our very own Idit Levine.

Check out one of our sessions!

Tue
Mar 19th
12:30 am
Cilium + eBPF Day

Supercharge Kubernetes Networking with Cilium and IPv6

Daneyon Hansen
Session Info

Get ready for an in-depth journey into IPv6 networking with Cilium! In this session, we dive deep into the powerful IPv6 capabilities of Cilium to supercharge your Kubernetes applications. Join us to uncover the extensive range of IPv6 features that Cilium brings to Kubernetes environments. From ultra-high throughput powered by BIG TCP to transition mechanisms such as NAT46/64, you'll see firsthand how Cilium elevates the IPv6 networking game in Kubernetes. Whether you're a seasoned Kubernetes pro or just getting started, this session promises valuable insights into harnessing the full potential of Cilium for IPv6 workloads.

Tue
Mar 19th
9:20 am
Istio Day

Empowering Istio Ambient with Any Kubernetes CNIs

Benjamin Leggett & Yuval Kohavi
Session Info

One of the primary challenges of Istio's ambient mesh is its limited support for CNIs (Container Network Interfaces). Additionally, none of the Kubernetes network policies can be enforced while pods are included in the ambient mesh. This presentation introduces an innovative approach, currently in the process of being upstreamed (expected to be merged before IstioDay EU), to the Istio community. The proposed solution involves redirecting traffic from the pod to Ztunnel within the pod's network namespace. We will delve into how this approach seamlessly operates between Istio-CNI, Ztunnel, and application pods in the ambient mesh, all without requiring any restart of application pods during enrollment into the ambient mesh. We’ll also discuss potential improvements and tradeoffs in the scope of threat model, system resource, network policy and bypassability.

Tue
Mar 19th
10:40 am
Observability Day

Lightning Talk: A Practical Guide on How to Monitor and Compare Service Mesh Infrastructure Costs

Lin Sun
Session Info

Sidecar-less functionality has emerged as an alternative approach in service mesh architectures, addressing concerns related to costs and complexity associated with sidecars. Istio Ambient provides the flexibility of choosing between sidecars and sidecar-less. What about the service mesh resource usage and cost associated with either option? In this talk, Lin will discuss how to use Prometheus, node-exporter, Grafana and custom Grafana dashboard to observe the service mesh costs with both sidecar and sidecar-less options for workloads running in Kubernetes. Through interactive live demo, this talk aims to offer practical guidance and insights to help users to observe service mesh overhead and costs.

Tue
Mar 19th
11:40 am
Istio Day

Panel: Ask Me Anything About Istio Service Mesh

Lin Sun & Louis Ryan with Eric Van Norman, IBM; John Howard, Google; Mitch Connors, Aviatrix;
Session Info

Istio ambient reached alpha as part of Istio 1.18, and the Istio community is diligently working towards driving Ambient to beta. The introduction of Ambient aims to simplify workload operations and reduce infrastructure costs. Whether you are currently using Istio or considering its adoption, you may be pondering whether to continue with sidecars once Ambient reaches production-ready status. In this panel discussion, esteemed members of the Istio Technical Oversight Committee (TOC) from Google, IBM, Solo, and Aviatrix will share their valuable insights on Istio, including ambient, and the future of Istio. Join us for a live interactive session, where our panel of experts will address your most challenging inquiries related to Istio! Initial seeding questions: - What are the current technical hurdles around Istio? - When is ambient mesh recommended for production? - How is GAMMA shaping the future of Istio? - Will ambient mesh be compatible with existing CNIs (Cilium, Calico etc)?

Wed
Mar 20th
5:25 pm
Main Conference

Panel: Savoir Faire: Cloud Native Technical Leadership with Arun Gupta, Nikhita Raghunath, Emily Fox, Nancy Chauhan

Lin Sun
Session Info

Like baking a loaf of Pain Poilâne, technical leadership requires a balance of ingredients and continued practice and refinement of skills to create valuable and positive change. Renowned Parisian baker Lionel Poilâne believed the process is the most important aspect of vision. Cloud native technical leadership isn't any different, it is the exemplification of cloud native values in the communications, decisions, and commitment we make to the ecosystem. As individuals, we are responsible for our “loaves” or work from start to finish. But what does it mean? How can we create a recipe for other technologists to replicate those contributions to our projects and community successes? In this Panel, Technical Leaders across the cloud native ecosystem will share their experiences, insights, and methods to provide accessible explanations on being cloud native technical leaders across an international, diverse community of cloud native technologists.

Wed
Mar 20th
6:00 pm
Main Conference

Poster session: Serve CAKES for Your Developers: Introducing the Cloud Native CAKES Stack for Zero Trust! with Davanum Srinivas.

Lin Sun
Session Info

Who can resist the allure of cakes? In this session, Lin and Dims (maintainers from Istio and Kubernetes) will unveil the CAKES stack—a zero trust composition using five widely adopted CNCF graduated projects: - Cilium (C): An innovative CNI based on evolutionary eBPF. - Istio Ambient ( A): The most deployed service mesh in production with the new sidecar-less data plane choice. Kubernetes (K): The de facto platform for managing containerized workloads and services - Envoy (E): A high-performance proxy for API gateways. - Spire (S): A production-ready SPIFFE implementation to attest workload identities. They will delve into the technical requirements for establishing an effective zero trust architecture and showcase through live demo how the combining of these projects results in a powerful, open, and extensible platform, enabling developers to secure their cloud native applications with zero trust principle while ensuring consistency and reliability.

Thu
Mar 21st
11:00 am
Main Conference

CNCF TAG Network: Projects, Technology & Landscape with Lee Calcote

Lin Sun
Session Info

This talk will introduce the CNCF TAG Network and discuss how the TAG operates, how we work with CNCF network projects, and the work we have done to build guidance and write white papers for the ecosystem. During this session we will cover an overview of network projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Network White Paper, Performance and Benchmarking white paper etc. Join us to find out how to contribute and participate in the CNCF network community and discover practical guidance on how to use cloud native networks in your environments.

Fri
Mar 22nd
11:00 am
Main Conference

Simpler Than Making a Fraisier Cake: Building, Running, and Observing Your First EBPF Program

Lin Sun / Denis Jannot / Kristian Györkös
Session Info

Have you ever tried extending a fraisier cake with additional layers or decorations after it's baked? It's not an easy task. However, with Extended Berkeley Packet Filter (eBPF), extending the Linux Kernel can be simpler than making or extending a fraisier cake. eBPF empowers developers to extend and customize the Linux kernel efficiently, allowing them to build high-performing and feature-rich functions tailored to their business needs. Are you keen on a hands-on tutorial for eBPF to gain a better understanding of how it fits into the cloud-native ecosystem? In this tutorial, we'll delve into the fundamentals of eBPF. We'll guide you through building and running your first eBPF program from scratch. Subsequently, you'll learn how to effortlessly share your eBPF program and run it in your Kubernetes cluster. Finally, we'll explore observing your eBPF programs running in Kubernetes and visualizing your metrics in Prometheus.

Fri
Mar 22nd
2:55 pm
Main Conference

Comparing Sidecar-Less Service Mesh from Cilium and Istio - Christian Posta, Solo.io

Christian Posta
Session Info

Service mesh is a powerful pattern for implementing strong zero-trust networking practices, introducing better network observability, and allowing for more fine-grained traffic control. Up until now, the sidecar pattern was used to implement service-mesh capability but as the technology matures, a new pattern has emerged: sidecarless service mesh. Two prominent open-source networking projects, Cilium and Istio, have implemented a sidecar-free approach to service mesh but they both make interesting design decisions and tradeoffs. In this talk we review the architecture of both, focusing on the pros and cons of implementations such as mutual authentication, ingress, and observability.

Fri
Mar 22nd
4:00 pm
Main Conference

Next-Level Security: Implementing MTLS in Istio Multi-Cluster Environments Using SPIRE - Eduardo Bonilla Rodriguez & Samuel Veloso, Solo.io

Eduardo Bonilla / Samu Veloso
Session Info

In an era where secure communication in multi-cluster environments is paramount, this talk explores the implementation of mutual TLS (mTLS) using Istio and SPIRE. We'll begin by outlining the security challenges in multi-cluster setups and the role of mTLS in addressing these issues. The session will then focus on the integration of Istio service mesh for managing microservices, and SPIRE for identity issuance and attestation, demonstrating how these technologies can be harnessed to enhance security. Highlights include: - The Essentials of mTLS and Istio's Security Features: Understanding their roles in multi-cluster security. - SPIRE Integration with Istio: Practical steps for implementation in a multi-cluster environment. This talk is designed for cloud architects, DevOps professionals, and security enthusiasts seeking to deepen their knowledge of securing Kubernetes multi-cluster environments.

Solo.io Featured Speakers

We are thrilled that so many Soloists will be speaking this year in Paris! Be sure to check out their sessions or stop by our Booth to connect with them.

Headshot of Louis Ryan
Louis Ryan

Chief Technology Officer

Headshot of Lin Sun
Lin Sun

Director of Open-Source

Headshot of Yuval Kohavi
Yuval Kohavi

Chief Architect

Headshot of Christian Posta
Christian Posta

VP, Global Field CTO

Headshot of Benjamin Leggett
Benjamin Leggett

OSS Software Engineer

Headshot of Denis Jannot
Denis Jannot

Director of Field Engineering

Headshot of Daneyon Hansen
Daneyon Hansen

Principal Software Engineer

Headshot of Eduardo Bonilla
Eduardo Bonilla

Senior Customer Success Engineer

Headshot of Samu Veloso
Samu Veloso

Software Engineer

Headshot of Kristian Györkös
Kristian Györkös

Vice President, Alliances and Partnerships

Meet with us a Kubecon + CloudNativeCon Europe

The Solo.io team of experts and engineers will be available for a demo and to discuss how the Gloo portfolio can enable your application networking use cases for Kubernetes, API Gateway and Service Mesh.

We Are Hiring!

We believe that great architecture is the key to successful software development. And we make this possible by building great teams. If you are passionate about cloud native technologies like containers, Kubernetes, Istio, Envoy Proxy, GraphQL, eBPF, serverless functions, and more, then Solo.io is the place for you!

Solo is growing rapidly and we’re hiring for a number of positions. Be sure to check out the Careers page on our website, or chat with us in person!