Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Hybrid + Multi-Cloud - KubeCon [clear filter]
Thursday, December 7


Building a Cluster Management API using Kubicorn [A] - Robert Bailey, Google & Kris Nova, Heptio
Kris Nova (Heptio) and Robert Bailey (Google) join forces and begin the difficult task of looking into the future of the infrastructure layer of Kubernetes. We start the talk with a brief summary of the state of infrastructure today and explain the differences between “infrastructure as code” and “infrastructure as software”. We look at how the lack of definition in the most fundamental layer of the stack has fragmented our community and caused problems with adoption of Kubernetes.

We propose a new way of representing infrastructure (the cluster API) for the Kubernetes community and take a deep dive into its implementation in kubicorn. We look at the structure of the cluster API and share valuable insight on how we took lessons from other areas of Kubernetes to form what it is today. Furthermore we look at the power of having a declarative approach to infrastructure as we start to treat the infrastructure layer the same as the application layer.

The audience will walk away with a clear understanding of the infrastructure layer, as well as a new way of thinking about the infrastructure in the future via the cluster API.

avatar for Robert Bailey

Robert Bailey

Staff Software Engineer, Google
Robert is part of Google's Cloud Gaming team working on open source gaming infrastructure projects founded by Google such as Agones and Open Match. He was previously a lead for the Cluster Lifecycle SIG, worked on Kubernetes for more than 4 years, and was one of the founding members... Read More →
avatar for Kris Nóva

Kris Nóva

Chief Open Source Advocate, Sysdig
Kris Nova, Chief Open Source Advocate at Sysdig, focuses on security, intrusion detection, and the Linux kernel with Kubernetes and eBPF. As an active advocate for open source, Nova is an ambassador for the CNCF and the creator of kubicorn, a successful Kubernetes infrastructure management... Read More →

Thursday December 7, 2017 11:10am - 11:45am
Meeting Room 8ABC, Level 3


Managing and Running Multiple Kubernetes Clusters in Hybrid Setups [I] - Sebastian Scheele, Loodse & Simon Pearce, SysEleven
As hosting provider, SysEleven, runs and manages multiple Kubernetes clusters for various customers on different platforms. In this talk, we will give you a breakdown on how we run one single Google-like container engine for various clouds and also for bare metal. Moreover, we show how we provide high-availability clusters by running Kubernetes on Kubernetes.

avatar for Simon Pearce

Simon Pearce

System Architect, SysEleven
Simon Pearce is a System Architect at SysEleven in Berlin Germany since 2013. He has over 15 years of experience in the web hosting industry. With a focus on building distributed systems on public and private clouds. He is responsible for the kubernetes service team at SysEleven... Read More →
avatar for Sebastian Scheele

Sebastian Scheele

CEO, Loodse
Sebastian Scheele is the CEO and co-founder of Loodse. Loodse is an enterprise software platform company that enables enterprises and service providers to deliver automated multi-cloud operations. Loodse Kubermatic, an enterprise Kubernetes management platform, automates thousands... Read More →

Thursday December 7, 2017 11:55am - 12:30pm
Meeting Room 8ABC, Level 3


Hybrid-Cloud, HIPAA Compliant Enterprise with Kubernetes - Steve Sloka, Heptio
This talk will outline how UPMC Enterprises utilizes Kubernetes on-premises and in a public cloud (AWS). We’ll see how a large enterprise balances SaaS offerings vs Kubernetes hosted services. We will walk through our approach to meet HIPAA compliance and how our deployments and underlying infrastructure changed to meet those requirements.

We'll also look at the Elasticsearch Operator which is an example of how we implement stateful applications. The operator ensures encryption at rest, in transit and provides a managed cloud offering inside Kubernetes. Also, we’ll look at how we implement Kong, an API Gateway in combination with Kubernetes Network Policies to ensure applications are limited to what they can access as well as how security is implemented outside of code.

Healthcare systems have a history of being large and complex, but Kubernetes has allowed UPMC Enterprises to be more agile and bring startup innovations to the enterprise.

avatar for Steve Sloka

Steve Sloka

Sr. Member of Technical Staff, VMware
Steve Sloka is a Sr. Systems Software Engineer from Pittsburgh, PA currently working at Heptio dealing with all things Cloud, Containers, and Kubernetes. At UPMC Enterprises he managed the open source initiative and has been working with k8s since early 2015.

Thursday December 7, 2017 2:00pm - 2:35pm
Meeting Room 8ABC, Level 3


Kuberneters in Hybrid Environments Using Cloud Interconnect [A] - Marc Chisinevski, F5 Networks
Solutions to enable customers to apply consistent traffic management and security policies regardless of whether their applications are running on-premises, in a Public Cloud or in a managed Kubernetes environment.

The demos (please below) use Equinix as the cloud interconnection; however, the solution would work very similarly with other colo/interconnect providers.
The demos are using Google Container Engine but this would work very similarly in AWS, Azure and Oracle Baremetal Cloud.

How it works
The F5 Container Connector configures the F5 BIG-IPs to expose applications in a Kubernetes cluster as virtual servers, serving North-South traffic.

F5 Container Connector (http://clouddocs.f5.com/containers/v1/kubernetes/)
running in Google Container Engine (GKE).

F5 BIG-IPs running in Equinix and doing IPSec VPN to Google Cloud Platform (using Google Compute Engine VPN gateway).
The F5 BIG-IP routes traffic to the container networks via the IPSec tunnel.

avatar for Marc Chisinevski

Marc Chisinevski

Solution Architect (worldwide), F5 Networks

Thursday December 7, 2017 2:45pm - 3:20pm
Meeting Room 8ABC, Level 3


Multi-Cluster Ops in a Hybrid World [A] - Vitaliy Zinchenko & Kire Filipovski, Oracle
The reality of multiple Kubernetes deployments typically leaves you with varied cluster profiles, deployed on a mix of on-prem and public cloud environments. Production ops for large distributed systems is hard enough in a single environment, but becomes even more complex with hybrid conditions.

In this talk, we’ll dissect how to leverage federation for Kubernetes governance across capacity management, micro service dependencies, infrastructure upgrades, versioning, and security, as well as, global high availability, continuity, and resiliency, in a hybrid environment.


Kire Filipovski

Kire Filipovski works as a Cloud Architect at Oracle leading design and implementation of a distributed containerized application management system. Previously Kire worked as a Distinguished Cloud Architect at Walmart where he designed computing platforms that transformed the world's... Read More →

Vitaliy Zinchenko

Cloud Architect, Oracle
Vitaliy Zinchenko is Oracle’s Cloud Architect working on the design and implementation of a Global Application System for Oracle Cloud customers. Prior to joining Oracle, Vitaliy was with Walmart Labs as a Principal System Engineer, where he implemented a cloud based application... Read More →

Thursday December 7, 2017 3:50pm - 4:25pm
Meeting Room 8ABC, Level 3


The Architecture of a Multi-Cloud Environment with Kubernetes [I] - Brian Redbeard, CoreOS
Kubernetes is an orchestration platform that enables running distributed systems, which are designed with the philosophy of spreading wide to best prepare for outages. This is achieved by deploying your cloud applications at least across multiple hosts, and at best across multiple cloud vendors. Getting Kubernetes configured to run across multiple cloud environments, including on-premises, hybrid deployments, is a tricky undertaking. Hybrid deployments are a feature many organizations want to implement for a variety of reasons, including security over their data, reliability, and more.

Brian Redbeard, chief architect at CoreOS, will discuss the importance of using open source tools to prevent cloud vendors from locking their users into their walled gardens, and will explore the challenges of making Tectonic, CoreOS’s Kubernetes implementation, able to run on multiple cloud platforms.


Brian Redbeard

Chief Architect, CoreOS
Brian Harrington, also known as Redbeard, is chief architect at CoreOS. He is developer, hacker, and technical writer in the areas of open-source development and systems administration. His time spent in both defensive and offensive computing have combined with his readings of classical... Read More →

Thursday December 7, 2017 4:35pm - 5:10pm
Ballroom A, Level 1