Loading…
or to bookmark your favorites and sync them to your phone or calendar.
strong>Advanced [clear filter]
arrow_back View All Dates
Tuesday, November 12
 

10:40am MST

Building a Cutting-Edge Kubernetes Internal Developer Platform at NVIDIA - Carlos Santana, AWS & Feng Zhou, NVIDIA
Tuesday November 12, 2024 10:40am - 11:05am MST
NVIDIA has embarked on an innovative journey to streamline their Kubernetes operations by leveraging the power of Python CDK, GitOps, and various cutting-edge tools. In this session, we will explore why NVIDIA chose Python CDK as their Infrastructure as Code (IaC) tool for creating EKS clusters We will examine the implementation of a GitOps mechanism for EKS Fleet Management using ArgoCD ApplicationSets, known as the GitOps-Bridge for Addons. Learn how NVIDIA is onboarding application teams through GitOps, managing Tenant/Namespace ArgoCD Projects, and utilizing Helm Charts for application delivery and centralizing application Helm Charts. The talk will cover the integration of External Secret Operator (ESO) with Vault for secrets management, and how teams are onboarded with GitOps for secure secret management. Additionally, we'll discuss NVIDIA's ongoing experiments with GitOps for AWS Infrastructure using Crossplane, and their future plans to implement Backstage.
Speakers
avatar for Carlos Santana

Carlos Santana

Sr. Kubernetes Specialist SA, AWS
Senior Specialist Solutions Architect at AWS leading Container solutions in the Worldwide Application Modernization GTM team. He is experienced in distributed application architecture, emerging technologies, open source, serverless, gitops, devops. He is a contributor to CNCF projects... Read More →
avatar for Feng Zhou

Feng Zhou

Sr Staff Engineer, Nvidia Corp
Dr Feng Zhou has over 25 years experience in IT industry working with a broad range of technologies in infrastructure and cloud computing. His latest journey is helping Nvidia to manage network and AI application deployment in cloud environments including AWS/Azure and other clouds... Read More →
Tuesday November 12, 2024 10:40am - 11:05am MST
Salt Palace | Level 2 | 251 AD
  ArgoCon, Software Delivery

11:15am MST

Breaking the 1.5MB Barrier: Running Large Metaflow Flows with Argo for AI/ML Workloads - Saurabh Garg, Outerbounds
Tuesday November 12, 2024 11:15am - 11:40am MST
Managing large-scale batch workflows efficiently is critical for AI/ML workloads. Data preparation for training or fine tuning models can involve a large number of steps. These make for excellent Argo workflows. But Argo faces the etcd limitation of the 1.5MB object size. This limitation restricts the ability of Argo to run truly large-scale workflows. This talk will delve into the intricacies of this limitation and its impact on AI/ML workflows. We will illustrate with examples how this has been a non-deterministic and frustrating bottleneck for users. To address this challenge, Argo introduced a feature that circumvents the etcd object size restriction. By offloading the bulk of the workflow status to an RDBMS and only storing the reference in etcd, Argo maintains its scaling capabilities still adhering to Kubernetes' limitations. This talk will provide a comprehensive guide on configuring and utilizing the Argo offloading feature in AWS using Aurora Postgres RDS and EKS.
Speakers
avatar for Saurabh Garg

Saurabh Garg

Senior Software Engineer, Outerbounds, Inc.
Tuesday November 12, 2024 11:15am - 11:40am MST
Salt Palace | Level 2 | 254 B
  ArgoCon, Data Processing

11:15am MST

Enhancing Compliance and Safety with Argo CD Ephemeral Access - Leonardo Luz Almeida & Vijay Agrawal, Intuit
Tuesday November 12, 2024 11:15am - 11:40am MST
The Argo CD UI is renowned for its powerful capabilities, but granting users full-time control over applications in production environments can present significant risks. Direct mutations from the UI can disrupt GitOps practices and induce state drift, making issues difficult to debug. In this talk, we will delve into the challenges posed by Argo CD UI's powerful features and how we are addressing them to ensure safer and more compliant operations at scale. We will introduce a new Argo CD extension that enables ephemeral UI access, aimed at reducing risk, improving change management tracking, and minimizing Mean Time to Recovery (MTTR). This extension also enables integration with various compliance requirements, such as change request creation. Join us to learn how to effectively manage Argo CD UI capabilities while enhancing safety and compliance.
Speakers
avatar for Leonardo Luz Almeida

Leonardo Luz Almeida

Staff Software Developer, Intuit
Leo is a staff member of the core Argo team at Intuit responsible for improving and operating Argo CD and Argo Rollouts in the company. He is an active Argo maintainer sharing his time between open-source and internal development. Leo is passionate about native cloud applications... Read More →
avatar for Vijay Agrawal

Vijay Agrawal

Group Engineering Manager, Intuit
Vijay Agrawal is a Group Engineering Manager responsible for continuous integration and continuous deployment (CI/CD) across all of Intuit's flagship products, including QuickBooks, TurboTax, and Mint. Vijay has been an engineering leader in several successful startups and enterprises... Read More →
Tuesday November 12, 2024 11:15am - 11:40am MST
Salt Palace | Level 2 | 251 AD
  ArgoCon, Software Delivery

11:15am MST

Reinventing Seccomp for Fun and Profiles - Ben Hirschberg, ARMO & Dor Serero, Microsoft
Tuesday November 12, 2024 11:15am - 11:40am MST
Seccomp has long been a critical security feature in the Linux kernel, as a powerful tool for access control. With the emergence of eBPF, the landscape of kernel security has started evolving rapidly. It offers opportunities for improving and extending security policies. In this talk we will show how to achieve some of seccomp's capabilities and extend them using eBPF and KRSI in security use cases. The talk will give an overview of Seccomp in general and in Kubernetes, focus on its importance in securing containerized workloads. We will review applicable eBPF capabilities, showing how it changes the way we can inspect and filter syscalls at runtime. We will introduce KRSI and LSM, showing how they can enhance kernel security. The session will end with a demo of our PoC that leverages eBPF and KRSI to create a modern alternative to seccomp. Illustrating a real-world option, will provide attendees with practical knowledge on how to reinvent Seccomp for enhanced security.
Speakers
avatar for Ben Hirschberg

Ben Hirschberg

CTO, ARMO
Ben is a veteran cybersecurity and DevOps professional, as well as computer science lecturer. Today, he is CTO and co-founder at ARMO, with a vision of making end-to-end Kubernetes security simple for everyone, and a core maintainer of the open source Kubescape project. He teaches... Read More →
avatar for Dor Serero

Dor Serero

Principal Software Engineer, Microsoft
Dor Serero is a Principal Software Engineer at Microsoft. Dor is passionate about distributed systems and security. Outside of work, you can find Dor spending time with his wife and two daughters or holding a video game controller.
Tuesday November 12, 2024 11:15am - 11:40am MST
Salt Palace | Level 1 | Grand Ballroom B
  Cilium + eBPF Day, Use Cases

12:40pm MST

⚡ Lightning Talk: Optimizing Latency in Argo Workflow Submissions - Greg Pomykala, Splunk
Tuesday November 12, 2024 12:40pm - 12:50pm MST
This presentation addresses the high latency issues during workflow submissions via Argo Workflows UI and Argo Workflows SDK, focusing on the integration between client applications and Argo Workflows. It explores the inefficiencies caused by the lack of WorkflowTemplate caching and offers solutions to mitigate latency, enhance performance, and reduce load on the Kubernetes API server. Attendees will learn practical optimization strategies to significantly improve workflow submission times and overall system responsiveness.
Speakers
avatar for Greg Pomykala

Greg Pomykala

Principal Software Engineer, Splunk
Seasoned .NET engineer.Go convert.Technical leader.Curious tinkerer.Proud husband and father
Tuesday November 12, 2024 12:40pm - 12:50pm MST
Salt Palace | Level 2 | 251 AD
  ArgoCon, Scalability

1:35pm MST

Fireside Chat with Kelsey Hightower - Start-Up Resilience in a Post-ZIRP World - Kelsey Hightower & Megan Reynolds, Vertex Ventures
Tuesday November 12, 2024 1:35pm - 1:50pm MST
Join tech industry veteran Kelsey Hightower and Vertex Ventures' Megan Reynolds for an insightful discussion on navigating the challenges of building resilient start-ups in today's economic climate. As we move away from the era of zero interest rate policies (ZIRP), entrepreneurs face new hurdles in funding, growth, and sustainability.
Kelsey and Megan will explore:
  • Adapting business models for tighter capital markets
  • Strategies for efficient growth and extending runway
  • Building a culture of resilience and adaptability
  • Opportunities emerging in the post-ZIRP landscape
This fireside chat offers valuable insights for founders, investors, and anyone interested in the evolving start-up ecosystem.
Speakers
avatar for Kelsey Hightower

Kelsey Hightower

Retired Distinguished Engineer, Author, Advisor, and Open Source Contributor
Kelsey Hightower has worn every hat possible throughout his career in tech, and enjoys leadership roles focused on making things happen and shipping software. Kelsey is a strong open source advocate focused on building simple tools that make people smile. When he is not slinging Go... Read More →
avatar for Megan Reynolds

Megan Reynolds

Vertex Ventures
Tuesday November 12, 2024 1:35pm - 1:50pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A

1:40pm MST

Untangling the Threads: Understanding Argo Workflows with Workflow Tracing - Alan Clucas, Pipekit Inc. & Jason Meridth, GitHub
Tuesday November 12, 2024 1:40pm - 2:05pm MST
Having strong observability is key to understanding the inner workings of your workflows.

This talk dives deep into how observability empowers you to efficiently understand your workflows. We'll explore how to answer critical questions about your running workflows, including:
- What's the current state of my workflow?
- Are there any bottlenecks or resource constraints?
- How long are specific steps taking to execute?

We'll demonstrate practical techniques, including:
- Adding custom traces for tailored insights
- Leveraging built-in default metrics for immediate visibility
- Converting traces to metrics for observability of critical paths

Get a sneak peek at the upcoming Workflow Traceability feature! We'll showcase its ability to provide a granular view of your workflow execution, allowing you to pinpoint issues with laser focus. Learn how you can add your own spans into the overall workflow trace.
Speakers
avatar for Alan Clucas

Alan Clucas

Staff Software Engineer, Pipekit Inc
Alan Clucas is a Staff Software Engineer at Pipekit, who maitains Argo Workflows. His background is in software development, and from this has come a love of open source. In his spare time he works on Crumbhole, a collection of Open Source GitOps tools using the Argo Project as a... Read More →
avatar for JM (Jason Meridth)

JM (Jason Meridth)

Senior Software Engineer, GitHub
Jason is a continually learning and accomplished software developer with experience in multiple software design life cycles, frameworks, languages, automation and orchestration technologies. He has experience in both start-up and enterprise environments. He believes in automation... Read More →
Tuesday November 12, 2024 1:40pm - 2:05pm MST
Salt Palace | Level 2 | 251 AD
  ArgoCon, Observability

2:05pm MST

How to Use XDP and eBPF to Accelerate IPSec Throughput by 400% - Ryan Drew, Isovalent, now part of Cisco
Tuesday November 12, 2024 2:05pm - 2:30pm MST
The techniques used to increase IPSec network performance are often kept as secrets because they act as a competitive advantage and a lucrative product offering. This talk transparently presents a technique for massively boosting IPSec performance that is simple to implement (less than 200 lines of C), and based entirely on open-source work. An early Proof of Concept (POC) implementation showed an increase in p99 throughput by 412%! This talk will take a deep-dive into how it all works, covering: the implementation, the pros and cons of the design, and an analysis of benchmark results. As transparent encryption becomes more crucial for securing data in transit, we hope this talk will enable users required to use IPSec for compliance or infrastructure reasons to learn how to speed up their network without having to compromise their security.
Speakers
avatar for Ryan Drew

Ryan Drew

Software Developer, Isovalent, now part of Cisco
Ryan Drew is a Performance and Scale engineer at Isovalent, based out of the United States in Colorado. He has a passion for learning and building amazing technologies and collaborating with his colleagues to help make a positive impact.
Tuesday November 12, 2024 2:05pm - 2:30pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Cilium + eBPF Day, Cilium Architecture

2:45pm MST

Secure ArgoCD Multi-Cluster Management Across Clouds Without Static Tokens - Marc Boorshtein, Tremolo Security, Inc.
Tuesday November 12, 2024 2:45pm - 3:10pm MST
ArgoCD has the capability to manage more then one cluster, the question is how to securely connect to those remote clusters? This session will explore how to securely connect your remote clusters, regardless of if they're cloud managed or on-prem, using ArgoCD's own native Kubernetes identity through a token exchange to get an identity for that remote cluster. We'll start with the challenge of connecting to remote clusters securely, detail how token exchange works, then walk through updating the ArgoCD container with custom tools, creating Secrets to represent remote clusters, and ApplicationSets to generate the Application without any static tokens. The session will demo management of cloud hosted clusters, on-prem clusters, and clusters that support Kubernetes' beta of AuthenticationConfiguration in 1.30. By the end of this session you'll see where the configuration points are in ArgoCD to secure your GitOps infrastructure without relying on a single cloud provider's IAM.
Speakers
avatar for Marc Boorshtein

Marc Boorshtein

CTO, Tremolo Security, Inc.
Marc is the CTO of Tremolo Security, building open source identity and DevOps solutions in use by US civilian federal agencies, large financial services institutions, and local governments. Prior to starting Tremolo Security, Marc spent over a decade building identity infrastructure... Read More →
Tuesday November 12, 2024 2:45pm - 3:10pm MST
Salt Palace | Level 2 | 254 B
  ArgoCon, Software Delivery

2:55pm MST

Docker's Journey from Open Source Darling to a Thriving Enterprise Business - Scott Johnston, Docker
Tuesday November 12, 2024 2:55pm - 3:25pm MST
Join Scott Johnston, CEO of Docker, as he charts the remarkable evolution of Docker from an open-source phenomenon to a successful enterprise-focused company. This presentation will cover:
  • Docker's origins and its impact on the developer ecosystem
  • Key challenges in transitioning from open source to a sustainable business model
  • Strategies for balancing community engagement with commercial interests
  • Lessons learned in pivoting towards enterprise customers
  • Docker's current position in the market and future vision
Gain valuable insights into the complexities of building a business around open source technology and the strategic decisions that shaped Docker's transformation. This session is ideal for tech leaders, entrepreneurs, and anyone interested in the intersection of open source and commercial software.
Speakers
avatar for Scott Johnston

Scott Johnston

CEO, Docker
Scott Johnston Deckhand, Docker, Inc.Twitter, LinkedInScott Johnston is the CEO of Docker, the company at the heart of the open-source Docker project and the global container ecosystem that's revolutionizing how modern apps are built, shared, tested, and run. Scott's journey at Docker began in 2014 as the first product manager, and he l... Read More →
Tuesday November 12, 2024 2:55pm - 3:25pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A

3:20pm MST

Innovating at Scale: Building and Managing Modern Developer Platform in U.S. Bank - Poonam Garg & Carrie Pommier, U.S. Bank
Tuesday November 12, 2024 3:20pm - 3:45pm MST
In the rapidly evolving financial services landscape, the ability to innovate at scale is crucial for maintaining a competitive edge and meeting customer expectations. This talk delves into the strategic, product and technical aspects of creating and managing developer platforms aka shield platform in U.S. Bank that drives innovation, enhance efficiency, and support scalable growth to achieve business goals such as cloud migration , digital transformation etc. The Shield Platform (an internal development platform) is a set of curated services to mitigate common challenges involved with building software. It does this by providing a series of frameworks, integrations, and automations to deliver applications and infrastructure to the cloud. Each service provided within the platform supplies its own controls and guardrails in accordance to security and compliance best practices. We will walk through our journey to build secure & reliable internal developer platform.
Speakers
avatar for Poonam Garg

Poonam Garg

Vice President, U.S. Bank
Poonam Garg ,an engineering leader and women in technology advocate working as Vice President at U.S Bank.Poonam has spearheaded cultural transformation around DevOps at U.S Bank through an agile and collaborative approach ("change mindset") to software development. Poonam lead technical... Read More →
avatar for Carrie Pommier

Carrie Pommier

Product Group Manager, Vice President, U.S. Bank
Carrie Pommier is a Product Management executive at U.S. Bank, leading a Developer Experience & Tools team, targeting 10,000+ internal engineering team members. A key content collaborator, Carrie champions the Product Model being implemented within U.S. Bank's multi-year, $500MM modernization... Read More →
Tuesday November 12, 2024 3:20pm - 3:45pm MST
Salt Palace | Level 1 | Grand Ballroom G

3:35pm MST

Reimagining OSS Licensing and Commercialization with Fair Source - Adam Jacob, System Initiative
Tuesday November 12, 2024 3:35pm - 4:05pm MST
Join Adam Jacobs, founder of System Initiative, as he explores an innovative approach to open source software (OSS) licensing and monetization. This session will dive into:
  • The limitations of traditional OSS licensing models
  • Introduction to Fair Source licensing and its principles
  • Balancing open collaboration with sustainable commercialization
  • Potential impacts on developer communities and business models
  • Real-world applications and case studies of Fair Source in action
Learn how Fair Source licensing aims to create a middle ground between fully open and proprietary software, potentially reshaping the OSS landscape. This presentation is essential for developers, project maintainers, business leaders, and anyone interested in the future of open source sustainability.
Speakers
avatar for Adam Jacob

Adam Jacob

CEO and Co-Founder, System Initiative
Tuesday November 12, 2024 3:35pm - 4:05pm MST
Hyatt Regency | Level 2 | Salt Lake Ballroom A

4:30pm MST

So You Want to Write Memory with eBPF? - Nikola Grcevski, Grafana Labs & Mike Dame, Odigos
Tuesday November 12, 2024 4:30pm - 4:55pm MST
A lot of eBPF programs fall into the category of observing the Linux system, i.e the kernel, system libraries or user-space programs. For the purpose of observing the system, we mostly rely on reading memory with eBPF, either kernel or user-space memory. However, sometimes various eBPF use cases require writing memory, for example propagating W3C context for various application protocols. This talk focuses on our journey to implement W3C trace context propagation with eBPF at various levels of the protocol stack. We explore what memory write eBPF APIs are available to us today, along with their implications to system security, stability, required permissions and implementation difficulty. We’ll present two working solutions with their pros and cons, a lot of dead ends, as well as explore what a new approach might look like by leveraging the “BPF arena” feature in kernel 6.9.
Speakers
avatar for Mike Dame

Mike Dame

Senior Software Engineer, Odigos
Software engineer working on OpenTelemetry and Kubernetes
avatar for Nikola Grcevski

Nikola Grcevski

Nikola Grcevski, Grafana Labs
Nikola Grcevski has worked as a software engineer for more than 20 years, mostly in the field of compilers, managed runtimes and performance optimization. Most recently he's working on low level application instrumentation with eBPF at Grafana Labs.
Tuesday November 12, 2024 4:30pm - 4:55pm MST
Salt Palace | Level 1 | Grand Ballroom B
  Cilium + eBPF Day, eBPF Internals
 

Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
  • AppDeveloperCon
  • ArgoCon
  • BackstageCon
  • Breaks
  • Cilium + eBPF Day
  • Cloud Native + Kubernetes AI Day
  • Cloud Native StartupFest
  • Cloud Native University
  • Data on Kubernetes Day
  • EnvoyCon
  • Istio Day
  • Kubernetes on Edge Day
  • Observability Day
  • OpenFeature Summit
  • OpenTofu Day
  • Platform Engineering Day
  • Registration
  • WasmCon