GC #02 - The Pre-Kubecon Special

Show notes

Giant Conversations Episode #02 and date

KubeCon is approaching quickly and we can't wait to represent 22+ deep.

Hosted by:

News from #swarmalicious

  • VMWare is still a talking point with posts on license increase from $8m to $100m and Glassdoor reviews stating: “CEO admits he has no hobbies outside of work. Stock price only thing that matters.” But there are also more balanced views
  • New CNCF contribution view (seems to only count code contributions and is limited to Kubernetes project) Marcus is in the lead at Giant Swarm (with over 121 contributions to 12 repositories) and with Jose behind him with 102 contributions to 11 repositories.
  • Cloudflare open sources Pingora which is written in Rust, fully async and multithreaded, and their framework for building HTTP proxy services. Lots of info for the tech minded through the link, but the framework includes client and server, and lots of utility library and they area actively working with the Internet Security Research Group Project Prossimo to make the most critical infrastructure secure.
  • Alex Richardson update on Weaveworks and Flux As discussed last week, Weaveworks hit bad times, but the good news is that most of their team has already found new jobs, which is a testament to how talented they are. Now, Alexis is talking about transitioning Weaveworks from a company to more of a community focused around their open source projects, especially Flux. and Gitlab has emphasized their continued support of FluxCD. These tools just need to get into the hands of big companies that can use it to make money in another way.
  • Akin to SBOM, Trivy Adds KBOM Vulnerability Scanning to K8s KBOM stands for Kubernetes Bill of Materials, so a Software Bill of Materials, just specifically for Kubernetes. I'll talk about it next week with Zach.

Main topic

Rejekts

Rejekts is 17th to 18th of March. Schedule is packed and Tickets start at Free and and at Free. Marcus and Lukasz are talking.

KubeCon

  • Kubecon — taking place between March 19th and March 22nd, in Paris at the Paris Expo Porte de Versailles

  • Metro Station Line 12 from the Trainstation to Porte de Versailles gets you there.

  • Closest Train Station: Paris Montparnasse Train Station (Gare Montparnasse) | Distance from venue: 3.9 km; | Drive Time: 15 minutes by car; | Public Transportation: 24 minutes by Metro + walking.

  • Kubecon Opens around 8 every day. Check the schedule.

  • There is a great FAQ on the site.

  • Travel by bike: you can use the Paris public bike-sharing system: Velib. Paris has a public bike-sharing system, Vélib’ that allows residents and visitors to rent bicycles for short trips around the city. You can find more information on the official website: Vélib

  • 21 Swarmies attending the conference

  • We’ll be at Booth K11 — the easier way to find us is to simply look for the booth with the cool, colorful graphics saying “Smarter Platform Engineering — creating environments for growth”

  • Swag at the booth? We’ll have cool t-shirts in different colors; cool stickers and raffle prizes that Tommy can talk about

  • How are our colleagues getting there? About half of the people are travelling by plane, another half travelling by train; Timo is coming by car

  • Accommodation: most of the Swarmies are staying in a hotel close to the venue: Oceania Paris Porte De Versailles; the Swarmies attending Cloud Native Rejekts prior to KubeCon, are staying in an AirBnB in in Malakoff (a suburbe in the south-west of Paris)

  • KubeCon parties has it's own website: Our Swarmies are also planning to check out some of the parties — here are the parties with the coolest names, happening during the event: KubeTrain Party, organised by the Cloud Native community; taking place at the Fitzroy restaurant; Kuberoke Spring Party, — a karaoke night taking place at KaraFun Bar; House of Kube — the tagline for this party says: “Where platform engineering meets Berlin techno. Your golden ticket to the darkroom of DevOps.” - taking place at a secret location that will be announced soon.

  • What to do in Paris

  • For our American Guests, service compris in restaurants means that tip is included but you can still tip of course. But it is then really a tip not a payment. :) There is a Five Guys somewhere ;)

  • Colleague Xavier has mentioned some cool Speakeasy's and Bars in Paris.

  • Food TIPS from Xavier. Avoid resteraunts with large menus or pictures of food!

  • La Felicita: Big food court with lots of different restaurant types, very cool industrial vibe

  • Chez Pietro: Recommended by parisian friends as amazing pizza place

  • Peruvian restaurant Amazonas – 5 mins walk from the exhibition center

  • Italian restaurant: Via del Gusto – 10 mins walk from the venue

  • Korean restaurant: Les Petites Dalles 15 mins walk from the venue

  • If you want to have a cup of coffee on the Champs Elysee, do so, but it is 50-100% more expensive than elsewhere, obviously.

  • Sightseeing:

  • You can take a Hop on Hop Off Bus at several locations call Big Bus Tours

  • You can take a boat ride on the Seine starting at the Eiffel Tower, for example River Seine Cruises which takes an hour.

  • Getting up the Eiffel Tower. You can walk, elevators are normally booked fully weeks in advance. But you can have a drink half way up. You might want to pre-book

  • You can go to Centre de Pompidou which people tell us is actually worth it :)

  • Xavier says Catacombes are cool but Oliver adds last time he went it was booked for over 2 weeks. So book in advance. There is no line for skipping in.

Bug of Week (from our Retrospectives)

Another recent one was with a customer that got a new management cluster because they needed it fully private from the public one before. We migrated the Workload Clusters with clusterctl, an upstream projects, a CLI to start clusters through CAPI but you can also move clusters. It worked well. But days later, when a new node joined the workload cluster, the encryption key (that K8s uses to encrypt secrets) that it used to get to (old) secrets didn't work. The reason is that clusterctl expect you to move the old encryption key to the new management cluster so that when the new workload cluster starts, the master gets that key and can still distribute further to new nodes but all the encryption aligns. As we did not move the encryption key to the management cluster, all old nodes were fine as they could get to the secrets that are still in etcd (encrypted with the old one) but the new node got a totally diferent secret information.

Added notes

Kubernetes LAN Party. A CTF designed to challenge your Kubernetes hacking skills through a series of critical network vulnerabilities and misconfigurations.

New comment

Your name or nickname, will be shown publicly
At least 10 characters long
By submitting your comment you agree that the content of the field "Name or nickname" will be stored and shown publicly next to your comment. Using your real name is optional.