Introduction

You’re probably wondering why we’ve set the title as ‘One Apprentice’s First KubeCon’. For those of you who don’t know, LiveWyer have added some apprentices aboard their ship, one of them being me, Lorenzo. In this blog post I will cover a handful of beginner talks that I found interesting on day 1 and 2, and then another one of our apprentices, Karimah, will cover more talks in part 2. Having just completed our GCSEs and having never gone to a conference before, we are undoubtedly excited for what we are going to see.

In this blog post, I will be covering some of the talks that I watched, that I found interesting, at least through the eye of a newbie.

How Not to Start With K8s | Christian Heckelman, Dynatrace

Conference Recording

As someone who is just getting started with Kubernetes, my eyes naturally gravitated toward this talk about about how to NOT start Kubernetes, going through the best practices of starting your own Kubernetes cluster. There were tips on what not to do (and what you should do) on both the infrastructure and operations side as well as the development and deployments side.

They covered some good points on starting a Kubernetes cluster, such as not installing from scratch, documenting everything, keeping the documentation and the install very simple, backing up the instance regularly and to automate all tasks that need to be run regularly.

This tied in quite well with the work we have been carrying out recently around researching DevOps practices within our apprenticeship. It was interesting to see real life examples of this within the world of Kubernetes.


A Safari of K8s and its Natural Habitat | Noah Abrahams, StormForge

Conference Recording

The talk was presented by Sir David Attenborough (aka Noah Abrahams) to describe key Kubernetes terms such as services, teams and so on by using safari analogies such as animals, herds and habitats. The removal of the full technical names makes it easier for people who are not that familiar with Kubernetes to try to understand how it works and how everything communicates.

He relates many of the larger animals in this talk, as bigger, more mainstream pieces of processes that happen within Kubernetes, for example, he refers to nodes as bison and developers as lions.

Overall, I thought that the talk was well presented and that the analogies wihin it were well picked.

Movie Night 101: How to Power Video Streaming With K8s and WebRTC | Rachel Sheikh, Twitter

Conference Recording

Hosted by Rachel Sheikh, this talk was more oriented around web services like Netflix, Amazon and Discovery Plus and focused on how to power video streaming with Kubernetes. The talk walked us through the difficulties of streaming services around the world, and how Kubernetes can help with playback syncing. The talk also describes how WebRTC works, which is a technology used within web applications to display an audio/video stream from a source.

They also spoke about load balancing in Kubernetes which is more efficient and is a better tool for video streaming as a result. Its exciting to see how Kubernetes can deal with higher loads more efficiently!

Ssh its a Secret: Managing Your Secrets in a GitOps Way | Jake Wernette and Josh Kayani, IBM

Conference Recording

This talk was primarily focused on implementing GitOps practices for secrets in Kubernetes, showcasing that you can adopt the ArgoCD plugin to simplify secret management. A secret is an object containing a small amount of sensitive data like a password, token or key.

The talk explains how the ArgoCD plugin can be used to receive secrets from secret management tools and inject them into a Kubernetes YAML file.


Fine Grained User Authorization For K8s With OPA and LDAP | Cagri Cetin and Quentin Long, Yelp Inc.

Conference Recording

This talk went through user authorisation for Kubernetes with OPA and LDAP.

They went through the disadvantages of not having user authorisation and then went on to the advantages of having user authorisation for Kubernetes. Here are a couple of examples of them:

Disadvantages to allowing sudo for every user:

  • Everyone has access to run sudo, this could cause accountability issues.
  • The reliability of the instance could be damaged if misconfigurations are made as a result of everyone having sudo access.
  • Increases security and compliance risks.

Advantages to allowing sudo for every user:

  • Everyone has access to run kubectl command, which requires sudo to run even the basic of commands

Disadvantages to having authorisation layer:

  • Developers have to manually go in and add new users to individual groups and give them access to certain features individually.

Advantages to having authorisation layer:

  • Less accountability, more reliability, and more compliant with security policies.
  • Admins can enforce different access roles for different user types.

How Event Driven Autoscaling in K8s Can Combat Climate Change | Annie Talvasto and Adi Polak, Microsoft

Conference Recording

I was surprised to find out in this talk that the software industry adds the same amount of emissions each year (if not more) than the airline industry! No doubt that the pandemic has also contributed to an increase in compute power, with more people working from home and staying indoors using their electronic devices.

The speakers run through a number of CNCF open source projects that aid with their 3 step plan of observability, optimisation and governance. They mention projects such as KEDA which only autoscales when it is triggered by a specific event, thus only using up compute resources that are required when a specific threshold is met. They mention other projects too that aid with carbon emission optimisation such as Prometheus for monitoring, Helm for application management and Flux for container workflow.

The speakers also cover how software companies can assess their environmental impact and summarise that their vision is a world where technology companies can inspect the green aspects of their software. They envision a tool that connects carbon emission optimisation to observability metrics. I think this type of innovation is an exciting start to creating software that can identify areas where code could be optimised to improve performance, reduce costs and help do our bit to protect the environment.


And That’s a Wrap For Day 1!

KubeCon was very interesting and I enjoyed seeing all the new innovations that were discussed in the various conferences I watched.

As I had not heard much about Kubernetes before the conference, there were definitely some talks that were out of scope, but there were lots of talks which provided real life examples of Kubernetes and some talks which provided good general best practices and good habits before we sail off on our Kubernetes Journey.

Need help running Kubernetes?

Get in touch and see how we can help you.

Contact Us