KubeCon + CloudNativeCon Europe 2024
This conference brings together technology professionals, developers, and key stakeholders from the cloud-native community to discuss, share, and advance the development and use of cloud-native computing. This year we are thrilled to be a Platinum sponsor!
We are a Diamond sponsor of Cilium + eBPF Day
March 19, 2024 – Paris, France
Join Solo.io at Cilium + eBPF Day to explore how the Cilium open-source project revolutionizes cloud networking, security, and observability. Discover the power of CNIs and eBPF in Kubernetes and beyond, and learn from real-world applications transforming the cloud native landscape. Check out our Keynote at 10:30 CET titled Evolving Cilium with Insights from Kubernetes delivered by our very own Idit Levine.
Check out one of our sessions!
Supercharge Kubernetes Networking with Cilium and IPv6
Get ready for an in-depth journey into IPv6 networking with Cilium! In this session, we dive deep into the powerful IPv6 capabilities of Cilium to supercharge your Kubernetes applications. Join us to uncover the extensive range of IPv6 features that Cilium brings to Kubernetes environments. From ultra-high throughput powered by BIG TCP to transition mechanisms such as NAT46/64, you'll see firsthand how Cilium elevates the IPv6 networking game in Kubernetes. Whether you're a seasoned Kubernetes pro or just getting started, this session promises valuable insights into harnessing the full potential of Cilium for IPv6 workloads.
Empowering Istio Ambient with Any Kubernetes CNIs
One of the primary challenges of Istio's ambient mesh is its limited support for CNIs (Container Network Interfaces). Additionally, none of the Kubernetes network policies can be enforced while pods are included in the ambient mesh. This presentation introduces an innovative approach, currently in the process of being upstreamed (expected to be merged before IstioDay EU), to the Istio community. The proposed solution involves redirecting traffic from the pod to Ztunnel within the pod's network namespace. We will delve into how this approach seamlessly operates between Istio-CNI, Ztunnel, and application pods in the ambient mesh, all without requiring any restart of application pods during enrollment into the ambient mesh. We’ll also discuss potential improvements and tradeoffs in the scope of threat model, system resource, network policy and bypassability.
Lightning Talk: A Practical Guide on How to Monitor and Compare Service Mesh Infrastructure Costs
Sidecar-less functionality has emerged as an alternative approach in service mesh architectures, addressing concerns related to costs and complexity associated with sidecars. Istio Ambient provides the flexibility of choosing between sidecars and sidecar-less. What about the service mesh resource usage and cost associated with either option? In this talk, Lin will discuss how to use Prometheus, node-exporter, Grafana and custom Grafana dashboard to observe the service mesh costs with both sidecar and sidecar-less options for workloads running in Kubernetes. Through interactive live demo, this talk aims to offer practical guidance and insights to help users to observe service mesh overhead and costs.
Panel: Ask Me Anything About Istio Service Mesh
Istio ambient reached alpha as part of Istio 1.18, and the Istio community is diligently working towards driving Ambient to beta. The introduction of Ambient aims to simplify workload operations and reduce infrastructure costs. Whether you are currently using Istio or considering its adoption, you may be pondering whether to continue with sidecars once Ambient reaches production-ready status. In this panel discussion, esteemed members of the Istio Technical Oversight Committee (TOC) from Google, IBM, Solo, and Aviatrix will share their valuable insights on Istio, including ambient, and the future of Istio. Join us for a live interactive session, where our panel of experts will address your most challenging inquiries related to Istio! Initial seeding questions: - What are the current technical hurdles around Istio? - When is ambient mesh recommended for production? - How is GAMMA shaping the future of Istio? - Will ambient mesh be compatible with existing CNIs (Cilium, Calico etc)?
Panel: Savoir Faire: Cloud Native Technical Leadership with Arun Gupta, Nikhita Raghunath, Emily Fox, Nancy Chauhan
Like baking a loaf of Pain Poilâne, technical leadership requires a balance of ingredients and continued practice and refinement of skills to create valuable and positive change. Renowned Parisian baker Lionel Poilâne believed the process is the most important aspect of vision. Cloud native technical leadership isn't any different, it is the exemplification of cloud native values in the communications, decisions, and commitment we make to the ecosystem. As individuals, we are responsible for our “loaves” or work from start to finish. But what does it mean? How can we create a recipe for other technologists to replicate those contributions to our projects and community successes? In this Panel, Technical Leaders across the cloud native ecosystem will share their experiences, insights, and methods to provide accessible explanations on being cloud native technical leaders across an international, diverse community of cloud native technologists.
Poster session: Serve CAKES for Your Developers: Introducing the Cloud Native CAKES Stack for Zero Trust! with Davanum Srinivas.
Who can resist the allure of cakes? In this session, Lin and Dims (maintainers from Istio and Kubernetes) will unveil the CAKES stack—a zero trust composition using five widely adopted CNCF graduated projects: - Cilium (C): An innovative CNI based on evolutionary eBPF. - Istio Ambient ( A): The most deployed service mesh in production with the new sidecar-less data plane choice. Kubernetes (K): The de facto platform for managing containerized workloads and services - Envoy (E): A high-performance proxy for API gateways. - Spire (S): A production-ready SPIFFE implementation to attest workload identities. They will delve into the technical requirements for establishing an effective zero trust architecture and showcase through live demo how the combining of these projects results in a powerful, open, and extensible platform, enabling developers to secure their cloud native applications with zero trust principle while ensuring consistency and reliability.
CNCF TAG Network: Projects, Technology & Landscape with Lee Calcote
This talk will introduce the CNCF TAG Network and discuss how the TAG operates, how we work with CNCF network projects, and the work we have done to build guidance and write white papers for the ecosystem. During this session we will cover an overview of network projects in the CNCF, including the broader ecosystem, as well as projects that are currently being reviewed. We will also share updates of our latest work including the CNCF Network White Paper, Performance and Benchmarking white paper etc. Join us to find out how to contribute and participate in the CNCF network community and discover practical guidance on how to use cloud native networks in your environments.
Simpler Than Making a Fraisier Cake: Building, Running, and Observing Your First EBPF Program
Have you ever tried extending a fraisier cake with additional layers or decorations after it's baked? It's not an easy task. However, with Extended Berkeley Packet Filter (eBPF), extending the Linux Kernel can be simpler than making or extending a fraisier cake. eBPF empowers developers to extend and customize the Linux kernel efficiently, allowing them to build high-performing and feature-rich functions tailored to their business needs. Are you keen on a hands-on tutorial for eBPF to gain a better understanding of how it fits into the cloud-native ecosystem? In this tutorial, we'll delve into the fundamentals of eBPF. We'll guide you through building and running your first eBPF program from scratch. Subsequently, you'll learn how to effortlessly share your eBPF program and run it in your Kubernetes cluster. Finally, we'll explore observing your eBPF programs running in Kubernetes and visualizing your metrics in Prometheus.
Comparing Sidecar-Less Service Mesh from Cilium and Istio - Christian Posta, Solo.io
Service mesh is a powerful pattern for implementing strong zero-trust networking practices, introducing better network observability, and allowing for more fine-grained traffic control. Up until now, the sidecar pattern was used to implement service-mesh capability but as the technology matures, a new pattern has emerged: sidecarless service mesh. Two prominent open-source networking projects, Cilium and Istio, have implemented a sidecar-free approach to service mesh but they both make interesting design decisions and tradeoffs. In this talk we review the architecture of both, focusing on the pros and cons of implementations such as mutual authentication, ingress, and observability.
Next-Level Security: Implementing MTLS in Istio Multi-Cluster Environments Using SPIRE - Eduardo Bonilla Rodriguez & Samuel Veloso, Solo.io
In an era where secure communication in multi-cluster environments is paramount, this talk explores the implementation of mutual TLS (mTLS) using Istio and SPIRE. We'll begin by outlining the security challenges in multi-cluster setups and the role of mTLS in addressing these issues. The session will then focus on the integration of Istio service mesh for managing microservices, and SPIRE for identity issuance and attestation, demonstrating how these technologies can be harnessed to enhance security. Highlights include: - The Essentials of mTLS and Istio's Security Features: Understanding their roles in multi-cluster security. - SPIRE Integration with Istio: Practical steps for implementation in a multi-cluster environment. This talk is designed for cloud architects, DevOps professionals, and security enthusiasts seeking to deepen their knowledge of securing Kubernetes multi-cluster environments.
Solo.io Featured Speakers
We are thrilled that so many Soloists will be speaking this year in Paris! Be sure to check out their sessions or stop by our Booth to connect with them.
Chief Technology Officer
Director of Open-Source
VP, Global Field CTO
OSS Software Engineer
Director of Field Engineering
Principal Software Engineer
Senior Customer Success Engineer
Vice President, Alliances and Partnerships
We Are Hiring!
We believe that great architecture is the key to successful software development. And we make this possible by building great teams. If you are passionate about cloud native technologies like containers, Kubernetes, Istio, Envoy Proxy, GraphQL, eBPF, serverless functions, and more, then Solo.io is the place for you!
Solo is growing rapidly and we’re hiring for a number of positions. Be sure to check out the Careers page on our website, or chat with us in person!