October 12, 2021
Los Angeles, California + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 - Los Angeles, CA + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change through Monday, September 13 due to schedule changes that will be made as speakers finalize whether speaking in person or virtually.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

End User Talks Around GitOps Implementations [clear filter]
Tuesday, October 12

9:20am PDT

A Multi-Cluster, Multi-Cloud Infrastructure with GitOps at CERN - Ricardo Rocha, CERN
CERN relies on a large distributed infrastructure to store and analyze the multiple petabytes of data coming out of its experiments every year.  In the last few years two important trends have been changing the way we manage our infrastructure: kubernetes and cloud native technologies on the deployment side, and public clouds as a potentially cost effective way to get additional capacity to cover for workloads spikes and accessing resources that are scarce on premises, such as GPUs and other accelerators. This has made efficient management of multiple clusters even more relevant.  This talk will describe how we've been evolving our deployments to rely on GitOps and tools like Flux and ArgoCD to centralize and standardize our highly distributed infrastructure. It will cover the three main layers of our deployments: the "underlay" infrastructure, and how with a bit of yaml and tools like crossplane we manage our on-premises clusters and those across multiple regions of the different public cloud providers; the "base services", including monitoring and central aggregation with Prometheus, OPA policies, cost calculation, etc; and finally our end user services.  A quick demo will show how clusters can be added and removed with a couple lines in a matter of minutes.

avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a Computing Engineer in the CERN cloud team focusing on containerized deployments, networking and more recently machine learning platforms. He has pushed for several years the internal effort to transition services and workloads to use cloud native technologies, as well... Read More →

Tuesday October 12, 2021 9:20am - 9:50am PDT
Petree Hall C + Online Los Angeles Convention Center - 1201 S. Figueroa Street, Los Angeles, CA 90015

11:10am PDT

GitOps Cloud Resource Management - Brett Weaver, Intuit
In this talk, you will learn about how Intuit is extending the support for GitOps to manage Cloud Resources. You will learn about Argo CloudOps, the open source project we developed to integrate Terraform and CDK using Argo Workflows to provide GitOps automation to manage our cloud resources. We discuss how this has provided greater security, automation and allowed us to extend Git as the source of truth for our cloud resource configuration.

avatar for Brett Weaver

Brett Weaver

Distinguished Engineer, Intuit
Engineer @ Intuit

Tuesday October 12, 2021 11:10am - 11:20am PDT
Petree Hall C + Online Los Angeles Convention Center - 1201 S. Figueroa Street, Los Angeles, CA 90015

12:45pm PDT

Managing Apps Dependencies and Kubernetes Versions with Kraan and Flux - Adrian Vacaru, Fidelity Investments
The Fidelity platform team supports internal users on different Kubernetes versions and gives cluster admins from different business units permissions across EKS, AKS, and on-prem (with Rancher). Their OSS Kraan project helps create this seamless experience in a highly regulated industry by using Kubernetes and CNCF Flux.    This talk covers Fidelity’s enterprise use case and how users can use Kraan to provide modular and reusable components across different Kubernetes clusters. Platform teams can spin up K8s clusters and install application “layers” using Kraan. Eg. an “IoT layer” comes with Prometheus, Grafana and InfluxDB for storing data from IoT sensors. Cluster admins don’t have to deal with complex deployment/upgrade logic because the kraan-controller, helm-controller and source-controller take care of that. Kraan also has a versioned layer dependency system that simplifies dependency management between addons. Add-ons can be certified and mapped to different Kubernetes versions.    Other possible Titles:  - GitOps in a Highly Regulated Industry - How To Solve Complex Apps Dependencies on Kubernetes - Kraan - The systemd for Kubernetes - How To Make GitOps Work for You - Layering Addons on Top of Kubernetes 

avatar for Adrian Vacaru

Adrian Vacaru

Software Engineer, Fidelity Investments
I'm a Software Engineer in the Public Cloud Platform team at Fidelity Investments, enabling our BU partners to safely and securely adopt cloud at scale.

Tuesday October 12, 2021 12:45pm - 1:15pm PDT
Petree Hall C + Online Los Angeles Convention Center - 1201 S. Figueroa Street, Los Angeles, CA 90015

3:50pm PDT

Secure Your GitOps - How to Implement a Robust Security Strategy - Todd Ekenstam, Intuit
Access control and security are especially crucial for managing the deployment of applications and infrastructure. Traditional security processes that rely on human operational knowledge will struggle to scale and meet the needs of enterprises utilizing automated build and release infrastructure. The GitOps methodology can improve the integrity and security of your application deployments while at the same time exposing new attack vectors that must be secured.

This talk will cover the following topics:
- Improving security with GitOps
- Implementing access control in GitOps
- Multi-tenant cluster and namespace management for GitOps
- Configuring access limitations for critical GitOps components
- Common security model patterns and best practices

This talk will teach you how to securely implement a GitOps methodology to deploy applications and cluster components to Kubernetes. You will also learn strategies to securely manage multi-tenant clusters and common security model patterns and best practices.

avatar for Todd Ekenstam

Todd Ekenstam

Principal Software Engineer, Intuit
Todd Ekenstam is a Principal Engineer at Intuit building a platform for secure, multi-tenant Kubernetes infrastructure supporting applications serving Intuit's ~50 million customers. Todd has worked on various large-scale distributed systems projects during his 25+ year career, ranging... Read More →

Tuesday October 12, 2021 3:50pm - 4:20pm PDT
Petree Hall C + Online Los Angeles Convention Center - 1201 S. Figueroa Street, Los Angeles, CA 90015
  • Timezone
  • Filter By Venue Los Angeles, California, USA
  • Filter By Type
  • Convincing Larger Organizations to Adopt GitOps
  • End User Talks Around GitOps Implementations
  • How to Implement Advanced Deployments
  • Keynote
  • Lightning Talk
  • Networking + Break
  • Use of Open Source Tooling to Achieve GitOps
  • War stories of how GitOps helped and Where Systems Broke Down
  • Talk Type

Filter sessions
Apply filters to sessions.