Containers

Save the date: Container Day x KubeCon

The AWS Kubernetes team is back for the next installment of Container Day x KubeCon, a full day of sessions on Amazon EKS and Kubernetes at AWS. In this live and virtual Twitch event, the AWS Kubernetes team, hosted by developer advocates Justin Garrison and Jesse Butler, will be covering new launches, demoing products and features, and answering your questions.

Container Day is taking place on October 12th, 8:00 AM – 4:00 PM (PDT) before KubeCon North America. If you are attending KubeCon, check out the “KubeCon sessions we’re excited about” section!

Register now!

Agenda (subject to change)

08:00 AM – 08:30 AM  Keynote with Bob Wise, GM of Kubernetes
08:30 AM – 9:15 AM  Amazon EKS Security Roundtable
9:15 AM – 9:45 AM  Amazon EKS Roadmap and Vision
9:45 AM – 10:30 AM  Amazon EKS Anywhere Deep Dive
10:30 AM – 11:00 AM  Connect your Kubernetes clusters running anywhere to Amazon EKS
11:00 AM – 11:15 AM  Break
11:15 AM – 11:45 AM  cdk8s Project Update
11:45 AM – 12:15 PM  ACK Project Update
12:15 PM – 1:00 PM  Partner Panel: Hybrid Applications
1:00 PM – 1:15 PM  Break
1:15 PM – 1:45 PM  Cluster autoscaling with Karpenter
1:45 PM – 2:15 PM  Bottlerocket Update
2:15 PM – 2:45 PM  To be announced
2:45 PM – 3:15 PM  Running applications in multiple Kubernetes clusters
3:15 PM – 3:45 PM  Enabling observability with OpenTelemetry
3:45 PM – END  Closing remarks

KubeCon sessions we’re excited about

TAG Observability Update
Matt Young, Everquote, and Alolita Sharma, Amazon

This session is our usual mix of 101, updates, and a deep dive on what we do and how. We will give you an overview of what we did, what we are doing, and what we plan to do. Most importantly, we will talk about how you can get involved. If you care about collaboration in the cloud-native observability space, this is the place to be. We are historically heavy on the project and vendor member side, so end users in particular are encouraged to join and tell us what you want and need. We look forward to finally see all folx in person again!
Learn more

Panel Discussion: OpenGitOps and the GitOps Working Group
Cornelia Davis, Amazon; Dan Garfield, Codefresh; Christian Hernandez, Red Hat; Chris Sanders, Microsoft; and Leonardo Murillo, Weaveworks

Hundreds of organizations today are leveraging GitOps to successfully run and manage complex software systems, benefitting from its inherent modern development best practices as well as the tools that implement its responsive continuous deployments. GitOps adoption has seen dozens of companies innovate to offer solutions, and inspired several open source projects including Argo and Flux, both CNCF projects. With innovation accelerating and the number of stakeholders increasing, the time has come for a clear, vendor-neutral definition of GitOps. Inspired by increased interest and informed by years of working toward solutions, a CNCF GitOps Working Group was formed in 2020 to discover and standardize the definition of GitOps and its principles. This group will also focus on interoperability between tools, conformance, and certification. Join us for a panel discussion with members from several of the founding organizations to learn about GitOps, OpenGitOps, and future work.
Learn more

The Hitchhiker’s Guide to Kubernetes Vulnerabilities
Robert Clark and Micah Hausler, Amazon

The earth is gone. You’re the only one left. Was Kubernetes to blame? Is prior performance a strong indicator of future behavior? Is Kubernetes on a positive security trajectory? Have community efforts improved security? The speakers will present research that examines security problems throughout the entire history of the Kubernetes project. They explore patterns and trends in the data. They show a taxonomy for classifying k8s vulnerabilities; including analysis of root causes and contributing factors. They dive into each issue, examining metrics like time from commit-to-discovery, time-to-resolution, detection of similar events etc. They look to patterns of previous behavior to help the audience predict future performance. They interview leaders in the community and overlay historical security data with efforts to improve security. They show the impact SIGs, WGs, Audits, etc had on k8s security and suggest how the security posture of k8s might evolve in the future.
Learn more

Cloud Provider Extraction: What We’ve Done, Where We Are and What’s Left!
Walter Fender, Google; Steven Wong, VMWare; and Nick Turner, Amazon

Cloud Provider code allows Kubernetes to run on top of different platforms. Originally, support for all variations was built directly into a K8s release. This brought bloat – a running cluster used only a subset of the code within the release. Also, any cloud specific bug fix or enhancement demanded a new full K8s release as a carrier. This will be a status report on removing the cloud provider code from the main Kubernetes repository. Significant early milestones were recently achieved: the API Server no longer needs the cloud provider library; SSHTunnels have been deleted. For each in-tree cloud provider, we will report on efforts, accomplishments, and roadmap for getting “out-of-tree”. We’ll also discuss the plans to handle the speed bumps that are left – including interesting topics like multi-repo e2e testing and removing the cluster directory.
Learn more

containerd Introduction and Deep Dive
Phil Estes, Amazon; Maksym Pavlenko & Derek McGowan, Apple; and Mike Brown, IBM

Join containerd maintainers for an introduction and deep dive into the latest updates on containerd. This last year has seen tremendous growth in both project usage and contribution. From end user CLI to low level runtime implementations, there have been exciting developments and proposals toward making containerd more stable and shaping the next generation of container use cases. The maintainers will go over internal changes to containerd which help make the core project interfaces cleaner and easier to integrate with from different components and plugins. For Kubernetes use cases, we will cover related changes happening in containerd including updates in the CRI implementation. Finally, the maintainers will cover exciting new features and sub-projects such as nerdctl, lazy-pulling (stargz), shim plugability, and more.
Learn more

Correlating Signals in Opentelemetry: Benefits, Stories, and the Road Ahead
Morgan McLean, Splunk, and Jaana Dogan, Amazon

OpenTelemetry is used across the industry to capture distributed traces, however this is just a sliver of the value that the project provides. OpenTelemetry also gathers metrics (launched earlier this year) and logs (beta) from your applications and infrastructure, allowing you to capture all telemetry through a single pipeline and powerful analysis in whatever tools you choose! In this session we will discuss: – How OpenTelemetry correlates these signals, which allows your investigations to jump flow seamlessly between all of your services and underlying infrastructure – The deep functionality that OpenTelemetry provides for metrics and logs, including metric formats and aggregations, tailing logs from flat files, and the a high-performance strongly-typed logging pipeline for new applications – Real stories about how large well-known organizations use OpenTelemetry and the improvements that they’ve gained – What’s next for OpenTelemetry: new data sources, signals, and more
Learn more

Kubernetes SIG CLI: Intro and Updates
Eddie Zaneski, Amazon Web Services; Katrina Verey, Apple; and Sean Sullivan, Google

SIG CLI is the special interest group for the command line tooling of the Kubernetes project. The SIG maintains kubectl, kustomize, and related libraries. In this session the SIG CLI leads will provide an introduction to the SIG and an overview of how to contribute including how kubectl is built and tested. They will share the work that’s been done the past year and discuss several current and future Kubernetes Enhancement Proposals (KEPs). The session will conclude with open discussion and Q&A.
Learn more

Cortex: Intro and Production Tips
Bryan Boreham, Grafana Labs and Alvin Lin, Amazon Web Services

Cortex is a time-series data store based on Prometheus. Cortex adds: – Scalability: run across dozens of servers to handle millions of samples per second. – Availability: if one server fails then work will be redirected to others. – Multi-tenancy: store data from different groups or customers, segregated so a user from one tenant cannot see data from another. – Durability: use cloud stores (such as S3) to reduce the chance of data loss. This session will provide an overview of Cortex, an update on recent news from the project, and a run-through of top 5 tips for running Cortex in production.
Learn more