Shanghai, China
June 24–26, 2019
Click here for more information and registration

Simultaneous translation will be provided for all keynote and breakout sessions.

To view the Chinese version of this schedule please go here.

Venue + Sponsor Showcase Map
场馆 + 赞助商展示区地图

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

KC+CNC - Customizing + Extending Kubernetes [clear filter]
Tuesday, June 25


To Crd, or Not to Crd, That is the Question - Ed King & Sam Gunaratne, Pivotal
One of Kubernetes’ most promising features is the ability to extend it’s API via use of Custom Resource Definitions (“CRDs”). As such, it comes as no surprise that CRDs have recently seen a big rise in popularity. But what exactly makes CRDs so great? And, more importantly, when should you be thinking about using them?

Whilst Kubernetes Operators are often cited as a main use case for CRDs, their use is evolving into something much more exciting. Now, not only are developers extending the API with customizations for their Kubernetes clusters, but we are starting to see them making use of CRDs to build their applications!

This is something that both Sam and Ed have been thinking about for a while now. In this talk they present their learnings by discussing the relative merits and drawbacks of a CRD-based approach to application development compared to more traditional approaches.

avatar for Ed King

Ed King

Software Engineer, Pivotal
Ed is an engineer at Pivotal. He has spent the past few years working with Cloud Foundry and Kubernetes, with a strong focus on container runtimes. He is a regular speaker at various conferences including KubeCon Europe and Cloud Foundry Summit.
avatar for Sam Gunaratne

Sam Gunaratne

Software Engineer, Pivotal
Sam is the anchor for the Pivotal Cloud Foundry Services API team, working on bringing the power of the Open Service Broker API to the Cloud Foundry platform, enabling developers to create multi-platform, multi-cloud services.

Tuesday June 25, 2019 11:00 - 11:35


Auto Operation of Hundreds of K8s Clusters in Yahoo Japan Corporation - Cheng Chen & Hiroki Katsuta, Yahoo Japan Corporation
Multi-tenancy in Kubernetes is actively being developed. However, single-tenancy is still the most practical way to ensure security and workload isolation between organizations. Yahoo Japan Corporation is the biggest internet company in Japan, which develops and maintains hundreds of applications. Currently, we are running the most Kubernetes clusters in Japan. Different service teams, such as the payment system and e-commerce system, are using our clusters in order to serve 130 million Japanese users.

In this session, we will present the motivation and procedures of building Kubernetes-as-a-Service in an on-premise environment, includes:
・Learning from our experience in production, such as upgrading clusters with zero downtime.
・Extend Kubernetes using features such as CRDs and Webhook
・Experience of managing hundreds of clusters in an on-premise environment with a handful of members

avatar for Cheng Chen / 成臣

Cheng Chen / 成臣

Site Reliability Engineer, SBI BITS
Chen was a Site Reliability Engineer at Platform Development Division of Yahoo Japan Corporation. He has extensive experience in building distributed and cloud systems. Currently, his main responsibility is maintaining multi-tenant Kubernetes clusters and supporting Kubernetes user... Read More →
avatar for Hiroki Katsuta

Hiroki Katsuta

Site Reliability Engineer, Yahoo Japan Corporation
Hiroki Katsuta is a Site Reliability Engineer in Yahoo Japan Corporation. He operated and developed IoT service, local security system and Yahoo Japan Corporation's user database system. Now, he operates Yahoo Japan Corporation’s Kubernetes as a Service system and manages over 400... Read More →

Tuesday June 25, 2019 11:45 - 12:20


Extending Kubernetes Scheduler for Multi-Cluster and Multi-Cloud Workloads - Illya Chekrygin, Upbound
Kubernetes did a great job implementing a rich and flexible scheduler for Pods. Today we are extending Pod scheduling for Multi-Cluster environments, expanding and optimizing it even further for non-Kubernetes workloads and resources.

At this talk, we will explore options and possibilities when it comes to scheduling Kubernetes Pods across multiple clusters. In addition, we will examine the benefits, pitfalls, and future for extending the Kubernetes scheduler to Multi-Cloud managed resources and workloads beyond traditional Kubernetes Deployments and Stateful Sets.

avatar for Illya Chekrygin

Illya Chekrygin

Founding Engineer, Upbound
Illya is a Founding Engineer at Upbound where he is working on advancing cloud-native computing by "freeing the cloud". He is also a maintainer of the open source Crossplane (https://crossplane.io) project. Prior to Upbound, Illya had been leading Kubernetes adoption at HBO and Z... Read More →

Tuesday June 25, 2019 13:35 - 14:10


Extending Kubernetes with Storage Transformers - Andrew Lytvynov, Google
Storage Transformers are invoked by the kube-apiserver just before Kubernetes resources are written/read to/from etcd. Thus, allowing developers a final chance to apply changes to resources before they are committed to disk.

In this demo heavy session, we will review the architecture of storage transformers and outline the appropriate scenarios for using them as an extensibility point.

avatar for Andrew Lytvynov

Andrew Lytvynov

Software Engineer, Google
Andrew Lytvynov Andrew is a Software Engineer on the Google Kubernetes Engine Security team. Andrew worked on TPM-based Node bootstrap in GKE and maintains github.com/google/go-tpm - a Go library for interacting with TPM devices. Prior to GKE Andrew worked on monitoring the production... Read More →

Tuesday June 25, 2019 14:20 - 14:55


CodeReady Containers; Simplified Deployment and Cluster API for Desktops - Gerard Braad, Red Hat
With the introduction of OpenShift 4.0, a new method of installation targeting cloud providers was introduced. For CodeReady Containers we provide a simplified method to enable this installation for desktop hypervisors, like kvm, xhyve/hyperkit and Hyper-V on respectively Linux, macOS, and Windows. I will talk about the lessons learned with the previous approaches used to enable desktop deployments, like minikube and minishift and how we improve on this and how we enable the Cluster API to target desktop virtualization. Using the Cluster API it will be possible to scale out and add additional nodes to the cluster, and in our case, you will be able to add nodes to desktop hypervisors.

avatar for Gerard Braad

Gerard Braad

Principal Software Engineer, Red Hat
Gerard is an expert when it comes to utilizing Open Source technologies. At Red Hat he is involved in the DevTools division and works on tools to simplify and enable developers to build container-based applications. Always worked in a position of teaching and engaging people. Currently... Read More →

Tuesday June 25, 2019 15:05 - 15:40


Network Bandwidth-Aware Kubernetes Cluster - Yifeng Xiao & Yang Yu, VMware
Currently Kubernetes scheduler only considers cpu and memory but with network bandwidth oversubscription widely exists in the data centers, bandwidth contention is a big problem for bandwidth sensitive applications. With Kubernetes commonly deployed in a virtualized infrastructure like vSphere or OpenStack, network information at Kubernetes worker node level is not enough. If we want to guarantee those special applications won't get blocked anywhere in a cluster, we need to reserve network bandwidth for worker nodes in the whole cluster and use that information in the algorithm of scheduler. In this proposal we will not only demonstrate an approach to extend the default Kubernetes scheduler to an external service to make better placement on network resources, but also introduce a method to ensure ongoing network bandwidth for critical applications.

avatar for Yang Yu

Yang Yu

Software Engineer, VMware
Yang is a staff engineer of China R&D, VMware. She's working on Kubernetes CNI plugin, focusing on providing CNI plugin for VMware NSX transformers product. Before joining in the Kubernetes community, Yang worked for OpenStack open source project for 4 years. She was familiar with... Read More →
avatar for Yifeng Xiao

Yifeng Xiao

Software Engineer, VMware
Yifeng Xiao is a software engineer at VMware. He specializes in cloud computing and Big Data. He is working on scalability and performance of VMware PKS. Before that, he also worked on open source project VMware Integrated Container, VMware Integrated OpenStack and VMware Big Data... Read More →

Tuesday June 25, 2019 16:00 - 16:35


Debugging Kubernetes Controllers from IDE - Surendhar Ravichandran, F5 Networks
This talk covers different patterns that a kubernetes developer can use to debug a custom controller. To some extent, the same methods can be used by application developers to debug their code. Ranging from docker, minikube, to a full blow production cluster, this talk will showcase how to make minimal changes to your existing workflow and create controllers with debug support. Solutions to overcome networking difficulties between development environment and controller will also be addressed.

avatar for Surendhar Ravichandran

Surendhar Ravichandran

Senior Software Engineer, F5 Networks
Surendhar Ravichandran is working as a Sr. Software Engineer with F5 Networks. He is at present leading Kubernetes controller for BigIP devices (github.com/F5Networks/K8s-bigip-ctlr). He is in the cloud native landscape since 2015 and cloud technologies since 2012. His open source... Read More →

Tuesday June 25, 2019 16:45 - 17:20


No More Chaos: Audit and Inspect Kubernetes at Scale - 陈杰, 阿里云 & 马金晶, 蚂蚁金服(杭州)网络技术有限公司
Accuracy in fault detection and efficiency of issue analysis are important for availability and stability of Kubernetes clusters.While there are huge number of resources, events, and metrics in Kubernetes. In our cluster, we noticed Kubernetes generates thousands of metrics data per second which makes it challenging to figure out the root cause from this ocean of data, not to mention analysis,data visualizion and alarms.In this talk, we will share experince and practices of auditing and inspecting Kubernetes at web scale. We'll firstly talk about the how we design data metrics to reflect the stability of Kubernetes and how we consume these metrics and set out streaming alarm.We will use real cases to demo how we aggregate and analyze these metrics data.Finally,we will share the practices in Alibaba of building a automiatic system for real-time data inspection and analysis for Kubernetes.

avatar for 陈杰


技术专家, 阿里云
2011年加入阿里,早期参与阿里搜索引擎统一运维平台的建设以及负责一淘搜索引擎的运维;2013年参与搜索调度平台的创建和建设;2015年开始推动搜索的容器化以及pouch化,2016... Read More →
avatar for 马金晶


高级开发工程师, 蚂蚁金服
目前就职于蚂蚁金服 - 世界上最有价值的独角兽公司,2017年开始参与阿里 Sigma 容器调度平台的研发,参与并见证了阿里巴巴、蚂蚁金服将大规模集群从 Sigma 迁移至 Kubernetes 的潮流,在后 Kubernetes... Read More →

Tuesday June 25, 2019 17:30 - 18:05


Proxy Service: A New Network Traffic Abstraction in Kubernetes - Walter Fender & Yongkun Gui, Google
Kubernetes master-to-cluster communication doesn’t get as much attention as the opposite direction, yet many critical features (kubectl proxy, logs, exec, …) rely on it to function. In order to support secure communications from Kube API Server running on the control network to nodes running on a cluster network, SSH Tunnels were developed. This technology complicates the API Server in a manner which is neither extensible nor popular. The new proposed gRPC based proxy service abstracts this complexity away from the API Server, while providing a greater degree of extensibility. In this talk, we will see how SSH tunnels are implemented right now, what the new proxy service looks like, and how it opens the door to future extensions for use cases like auditing and multi-network support.


Walter Fender

Software Engineer, Google
Graduated from U.C. Berkeley. Working at Google and on Kubernetes API Machinery for two years.

Yongkun Gui

Software Engineer, Google
Working at Google and on Kubernetes Networking for over a year.

Tuesday June 25, 2019 18:15 - 18:50
Wednesday, June 26


IngressRoute: A Path Towards a Better Ingress Object for Kubernetes - David Cheney, VMware
The limitations of the Kubernetes Ingress object have been papered over with annotations by the community for several years. Contour, the Ingress controller my team are building, introduced a new CRD which addresses the limitations of the incumbent Ingress object and unlocks the ability for teams and operators to utilise modern web application deployment practices in multi team and multi tenant Kubernetes clusters.

In this talk I’ll explain, from the point of view of an Ingress controller implementor, the limitations of the ingress object, and how our IngressRoute CRD addresses the current shortcomings while making it possible for multiple teams to collaborate and delegate responsibility in multi tenant scenarios.

A slide deck from an earlier version of this talk is available here: https://dave.cheney.net/paste/ingress-is-dead-long-live-ingressroute.pdf

avatar for David Cheney

David Cheney

Staff Engineer, VMware
David is an open source contributor and project member for the Go programming language. David is a well-respected voice within the tech community, speaking on a variety of topics such as software design, performance, and the Go programming language. David is currently a member of... Read More →

Wednesday June 26, 2019 11:20 - 11:55


NFD and My Adventure in the Cloud Native Project Jungle - Markus Lehtonen, Intel
At its core, Kubernetes has a somewhat limited understanding of system details during operation. Node Feature Discovery (NFD) is an add-on that increases Kubernetes platform awareness by detecting and advertising the hardware and software capabilities of the underlying system. This information can be used to facilitate intelligent scheduling of workloads in a Kubernetes cluster. This talk introduces NFD and its role in Kubernetes. It covers the technical details of NFD, including how the node capabilities are advertised and how they can be utilized in workload placement. The presentation also covers my journey in the Kubernetes community and assuming maintainership of the NFD project. The journey passes through collaboration with third parties, both internal and external.

avatar for Markus Lehtonen

Markus Lehtonen

Cloud Software Engineer, Intel Corporation
Markus has over a decade of professional work experience on software development in various roles and software projects from tiny embedded devices up to cloud environments. For the past decade he has worked in different open source projects, such as Meego, Tizen and OpenEmbedded/Yocto... Read More →

Wednesday June 26, 2019 12:05 - 12:40