Solo.io is excited to be participating at KubeCon + CloudNativeCon Europe 2023. At this year’s event, we are thrilled to be a Gold sponsor!

Be sure to stop by and see us during KubeCon from April 18-21 at the RAI Convention Center in Amsterdam to learn from and connect with the team here at Solo.io.  Drop by our Booth #G9 to chat with us, get a demo, and pick up some swag!

We also are proud to be participating in several co-located events throughout the week, including hosting Application Networking Day with Istio, Ambient, eBPF, and Cilium on April 17. 

We hope to see you there!

Kubecon EU Banner 1

Request a Meeting

The Solo.io team of experts and engineers will be available for a demo and discuss how the Gloo portfolio can enable your application networking use cases for Kubernetes, API Gateway and Service Mesh.


April 17

9:00am - 5:30pm

Amstel Boathouse


Application Networking Day

Speakers | Schedule published soon!

Join us at this off-site co-located event to learn about what’s new with open source application networking technologies including Istio, Ambient, Cilium and eBPF, and how to use them together to better power your applications.  This event includes one full day of technical sessions presented by end users and industry leaders from across the cloud native ecosystem concurrent with live, hands-on workshops so you can try out the technologies as you learn.

April 18


Kubernetes on Edge Day

Sharpen That Edge! How A Service Mesh Enhances EdgeComputeOps

Speakers | Marino Wijay & Kevin Dorosh

Sometimes you go all in on the cloud; sometimes you need to sharpen that Edge a bit.

When pursuing Edge Computing, the largest considerations for adoption are:
– Ease of deployment
– Zero-trust security posture
– Resource allocation and consumption
– Telemetry and Observability
– Latency and application response times
– Resilience and reliability

Large enterprises in heavily regulated industries or the public sector must adopt practices like a zero-trust security posture both inside and at the edge of its application networks. They must simultaneously be able to determine application performance through telemetry, and mitigate issues. They need to ensure the resilience & reliability of the edge in the face of catastrophe, like a cluster or region failure.

What’s the right approach to meeting these conditions?

Enter Ambient Mesh, the perfect vehicle for meeting these challenges!

This talk dives into how Ambient Mesh offers a revolutionary data-plane architecture for Edge Computing. Ambient Mesh can configure both perimeter and internal proxies to deploy an enhanced security posture while slashing operational complexity and enabling incremental mesh adoption, all while reducing cost and computational overhead at the Edge.

April 18

13:45 - 14:10

Amsterdam RAI


Is Istio Ambient Mesh Secure?

Speakers | Christian Posta, Solo.io & John Howard, Google

Service-to-service security is the number one reason why platform engineers leverage a service mesh. When we worked on the initial implementations of Istio Ambient Mesh, a sidecarless data plane for Istio, security was a very top concern: we could not regress or make the mesh less secure from what we already get with a sidecar architecture. When we introduced Istio Ambient mesh back in the fall of 2022, we believe we made the right architecture decisions to preserve the powerful zero-trust properties of an Istio service mesh. In this talk we dig into the security posture of Istio Ambient Mesh sidecarless data plane and understand how we do mTLS, workload identity, and establish good security boundaries between an infrastructure and application world.

April 18

16:50 - 16:55

Amsterdam RAI

Argo Con

Lightning Talk: Operate Sidecar and Sidecar-Less Applications with Istio and ArgoCD Rollouts

Speakers | Lin Sun, Solo.io

Istio ambient mesh introduces a new sidecar-less data plane mode designed for simplified operations, broader application compatibility, and reduced infrastructure cost. Sidecars and sidecar-less can co-exist with Istio ambient mesh. Lin, who is a founding member of Istio, will present how to integrate Argo Rollouts with applications running either Istio sidecar or without sidecar for traffic shaping. She will demonstrate using ArgoCD and Istio’s networking resource(VirtualService) to gradually increment the weights to slowly send traffic to a new version of your application automatically. While incrementing, she will show ArgoCD can monitor the prometheus metrics provided by Istio to ensure that the new version is performing adequately. If the metrics do not match the defined success criteria, Argo Rollouts automatically rolls back the version. She will show the power of ArgoCD rollout with applications running sidecars and sidecar-less with live demo.

April 18

14:45 - 15:00

Amsterdam RAI


2023 Roadmap Update

Speakers | Lin Sun, Solo.io & Louis Ryan

April 19

11:00 - 12:30

Elicium Building | Elicium Ballroom 1 + 2


Tutorial: Measure Twice, Cut Once: Dive Into Network Foundations the Right Way!

Speakers | Marino Wijay & Jason Skrzypek, Solo.io

Networking is the foundation of distributed computing, especially in cloud-native ecosystems. Your awareness of how data moves between applications is critical for understanding their performance, security, and efficiency. As many microservices are built and deployed onto container systems like Kubernetes, it’s key to understand where traffic goes, how to communicate with your applications, how to decipher network protocols, and the various transactions that could be present. CoreDNS, Envoy, Istio, CNI, and Cilium and cloud-native networking tools offer many advantages, but in failure conditions, they require a deep understanding of the Linux networking stack. This workshop will prepare you to navigate networks and develop expertise in the networking technologies found throughout KubeCon + CloudNativeCon. Taking this workshop will help you to answer the questions: – What does a packet look like? – How does it flow into your microservices? – How do you track network communications? – Why do you need DNS? – How does a service mesh enhance your microservices network? – What does the shift away from IPtables toward eBPF mean for network performance?

April 19

11:55 - 12:30 CEST

Auditorium Center | G106-107

Kubecon + CloudNativeCon

Grow Your Own Community! Lessons Learned from Running Kubernetes Community Days Across Europe

Speakers | Alessandro Vozza, Solo.io with Matt Jarvis, Snyk; Annalisa Gennaro, Spark Fabrik; Max Korbacher, Liquid Reply; Paula Kennedy, Syntasso

Kubernetes Community Days are community organized events that gather adopters and technologists from open source and cloud native communities to learn, collaborate, and network to further advancement in Kubernetes. They also are a lot of fun and a great way to meet new people and build community. Organizing KCDs is highly rewarding, but can also be a big undertaking, with lots of potential challenges and pitfalls. In this panel discussion, organizers from some of the biggest Kubernetes Community Days in Europe will come together to share their experiences and best practices for how to get going, along with dos and don’ts for organizing community events. We’ll talk about building your team, ensuring diversity, managing logistics, raising sponsorship, handling finances and more. If you’re new to community organizing or a seasoned veteran, you’ll be sure to gain some insights into how you can organize better events !

April 19

16:30 - 17:05 CEST

Hall 7 | Room B

Kubecon + CloudNativeCon

Operate Multi-Tenancy Service Mesh with ArgoCD in Production

Speakers | Lin Sun, Solo.io & Faseela K, Ericsson Software Technology

Service meshes offer a breadth of benefits from securing to adding reliability to gaining visibility into your applications. However, as you start to scale your environment and start onboarding different teams or applications into the mesh you run into challenges of tenant isolation in terms of configuration management, resource consumption and security. What is the difference between soft multi-tenancy and hard multi-tenancy? Which one fits best for you? In this session, Faseela and Lin who both are maintainers of Istio will present how to achieve soft multi-tenancy and hard multi-tenancy with Istio service mesh and roll it out to your teams or applications with ArgoCD in production along with live demos.

April 20

14:30 - 15:05 CEST

Hall 7 | Room B

Kubecon + CloudNativeCon

Ephemeral Clusters as a Service with ClusterAPI and GitOps

Speakers | Alessandro Vozza, Solo.io & Joaquin Rodriguez, Microsoft

GitOps has seen widespread adoption in the last few years due to the clear advantages over traditional CI/CD tools. However, with adoption comes the growing pains of scale: running and managing multiple clusters across different cloud providers represents a major hurdle for organizations wanting to adopt Kubernetes as a standard deployment platform. In particular, observability and security at scale are two thorny aspects that need to be addressed; we will demonstrate how it’s possible to tame the complexity of such scaled infrastructure via open-source tools, such as ClusterAPI, ArgoCD and Prometheus+Thanos to provide control and visibility over an arbitrary number of clusters. We will show a sample, created after our collective experience at large scale customers, which can automate the deployment of hundreds of clusters and applications automatically and securely, and collect metrics from all the ephemeral clusters along the way.

April 20

16:30 - 17:05 CEST

Forum Center | E103-104

Kubecon + CloudNativeCon

Future of Istio - Sidecar, Sidecarless or Both?

Speakers | Neeraj Poddar, Solo.io

Join the maintainers of Istio to learn about the current ongoing efforts and future roadmap of Istio as we continue to make Istio more performant and secure by providing new deployment options with the Ambient architecture.

April 21

14:55 - 15:30 CEST

Hall 7 | Room A


Developing a Mental Model of Istio: From Kubernetes to Sidecars to Ambient

Speakers | Aaron Birkland & Nina Polshakova, solo.io

This talk will explore the mental leap from understanding basic Kubernetes abstractions, to understanding how Istio enhances or extends these abstractions with its own. When working with Istio, its sidecar model influences one’s mental model in subtle ways that become more overt over time. It takes two to tango, and Istio’s API are implemented across two interacting sidecars. You get a sense of what happens in “client side” sidecars (like routing decisions), or “server side” sidecars (like authorization policies), and all of a sudden the world starts to make sense. Istio Ambient mesh moves away from the sidecar model, and offers flexibility of when and where to place proxies, at the cost of having to make such decisions. While Istio Ambient Mesh supports the same Istio API primitives, when and where policies are implemented under the hood is completely different. The sidecar tango has evolved into the waypoint waltz, and suddenly your existing mental model gets turned upside down. There’s always an “aha” moment (or maybe even a mind-blowing experience) when a new mental model starts to make sense and everything is good again. We’d like to share our experience getting there with Istio Ambient Mesh, and put you on the path to achieving something similar!

April 21

16:55 - 17:30 CEST

Hall 7 | Room A


Future of Service Mesh - Sidecar or Sidecarless or Proxyless?

Speakers | Idit Levine & Yuval Kohavi, Solo.io; Keith Mattix II, Microsoft; Eric Van Norman, IBM; John Howard, Google

As service mesh APIs become standards for operators and developers per the GAMMA initiative, there are still various different architecture choices to run service meshes, whether it is sidecar or sidecarless or even proxyless. What about proxies, Envoy C++ based proxy or Rust based proxy? What are the design considerations when choosing one architecture over another? This panel brings experts from Google, IBM, Solo and XX to share their perspectives on sidecar, sidecarless and proxyless for future of service meshes and what you should consider when deciding which architecture is the right choice for your organization. Initial seeding questions: – We all understand sidecar architecture for service mesh, can you explain what sidecarless service mesh is? – Are people interested in a non-sidecar approach for service mesh? Why? – Does proxyless mean eBPF without proxy? – What about L7 processing – which architecture should we use?

Just for Fun

Solo Card

Thursday April 20, 2023

Meet the Authors


Booth G9

Ambient2023 02 10 At 2.20.03 PM

Meet the Authors

Get your signed copy of Istio Ambient Explained and meet the authors, Christian Posta and Lin Sun, live at our booth!

We Are Hiring!

We believe that great architecture is the key to successful software development. And we make this possible by building great teams. If you are passionate about cloud native technologies like containers, Kubernetes, Istio, Envoy Proxy, GraphQL, eBPF, serverless functions, and more, then Solo.io is the place for you!

Solo is growing rapidly and we’re hiring for a number of positions. Be sure to check out the Careers page on our website, or chat with us in person!