A recap: KubeCon + CloudNativeCon Europe 2024

By Ryan Gough + Majid Attar April 23, 2024

Community post originally published on Medium by Ryan Gough and Majid Attar

This year, we (JYSK tech) took to Paris to attend KubeCon + CloudNativeCon Europe 2024. After three days of talks, networking and workshops. We put together a small list of observations that carry us forward into the Cloud Native realm. JYSK is a CNCF End User member, which means we are able to observe the community and contribute to shaping the cloud native technologies that are at the core of our operational infrastructure. Our team was particularly impressed with the evolution of the Kubernetes ecosystem, reflecting a maturation that goes beyond mere container orchestration.

There are 184 products, and Kubernetes is only a small part of CNCF. The CNCF has trained over 300k people in Kubernetes certification, and investment targeting “day 2” training, i.e. no longer in Kubernetes but in the tools associated with elements like open telemetry, security etc. is being looked at.

The spotlight is now on the community members who are involved in training. Community contributed content is key, and should be endorsed.
– theCUBE with Christophe Sauthier and Chris Aniszczyk

JYSK’s engagement with the community doesn’t stop at using the technologies but extends to active participation in the dialogue that drives innovation. This collaborative spirit is what truly defines the ethos of the CNCF, ensuring that the needs and perspectives of end users like us can help steer the future direction of cloud native projects. Looking ahead, we’re excited to implement some of the cutting-edge practices we’ve learned and to contribute our own experiences back into the CNCF community.

Topics we found interesting:

In-tree cloud providers are gone!
AI of course is gaining traction, but challenges are being seen from an operational standpoint.
Less attention toward the “DevOps” and Platform engineering mindset. It’s obvious now that the industry has adapted.
Multi-cluster, hybrid topologies.
Blowing things up is good — doing it properly is even better with Chaos Engineering (thanks to Lego)
Impressive community and focus on inclusivity.

Kubernetes Is FINALLY Removing in-Tree Cloud Providers

After years of development and collaboration from many contributors, the Kubernetes project is finally removing in-tree cloud providers. This is a major milestone for Kubernetes, as all components are now fully independent of cloud providers.

If you operate Kubernetes on AWS, Azure, GCE, OpenStack, or vSphere you may be affected. As of Kubernetes version 1.30, only users on GCE would be affected

The elephant in the room — Artificial Intelligence at scale

Unless you have been living under a rock the past year, it’s not surprising that the efforts of ChatGPT and other areas have boosted AI. KubeCon hosted an impressive mix of AI talks; was it too much? From my point of view, no — it simply shows just how much AI is paving new ways of thinking about IT. This year, for me at least was interesting to see a lot of focus on operational state. How AI can be scaled sensibly for workloads which require it. GPUs have become indispensable for handling intensive computations. However, integrating GPU acceleration within Kubernetes environments presents hurdles like resource management and complex configurations.

Companies and communities are paving the way to enable features like resource-sharing, advanced scheduling and accelerator configurations. By overcoming these challenges, Kubernetes is set to become a leading platform for AI/ML workloads, akin to Linux’s role in modern datacenters.

From DevOps to Platform Engineering: A Crucial Transition?

In recent times, the buzz around the transformation from DevOps to Platform Engineering has been undeniable. Amidst a sea (read.. chaos) of discussions and hundreds of articles debating the evolution of this discipline, one thing stands resoundingly clear: Platform Engineering is far from being a fleeting trend or an obscure topic. It has emerged as the new standard for scaling, managing, and facilitating innovation in today’s ever growing and complex IT landscape. As we delve into realms like FinOps, sustainable computing, and just-in-time deployments, the importance of rethinking our approach to system management becomes super important.

Now, more than ever, it is crucial to embrace Platform Engineering as a means to harness the full potential of modern technologies and methodologies.

During the conference, I was particularly drawn to the sessions hosted by CERN, focusing on their utilization of Keycloak for Single Sign-On (SSO) across their platforms. Their reasoning for selecting Keycloak was clear, but the standout aspect was their implementation approach. They successfully crafted a solution that not only serves the entire organization but has also become integral to their research endeavors. This mirrors a broader trend observed among leading entities like Bloomberg and various teams in the Norwegian public sector. These groups are exemplifying the essence of Platform Engineering by conducting meaningful research to pinpoint precisely what their “customers” require. Such an approach is crucial for establishing relevance and gaining traction in today’s competitive landscape

It’s becoming evidently clear that Platform Engineering is evolving into a distinct discipline, one that shouldn’t be adopted without careful consideration.

This wave of change is powerful, but navigating it requires a clear vision and a well-thought-out strategy, rather than blindly following the trend.

Embracing Multi-Cluster, Hybrid Environments

Gone are the days when we have a couple of beloved clusters that we would manage with utmost care, treating them almost like pets. Today’s reality is vastly different. We operate a diverse array of clusters across various environments — be it on multiple hyperscalers, private cloud setups in both large and small data centers, or at compact edge locations. Thus the answer to the question “Where do your Kubernetes nodes run?” in today’s tech is becoming a straightforward “Well, we’re hybrid” — they run wherever is cheap, and/or closest to the customer.

This shift signifies that clusters no longer require the pampered, individualized attention they once did. The focus is now on navigating through the complex, sometimes bewildering landscape of multi-cluster environments. However, Initiatives are underway to bring some order to this chaos, with efforts like the ClusterInventoryAPI (though I’ve heard the name might be up for debate) aiming to establish common standards.

Technologies such as ClusterAPI are becoming staples for scaling and managing operations seamlessly. And then there’s the marvel of launching production-ready, mini clusters like Talos from SideroLabs. It’s a testament to the resilience of Kubernetes and its minimal requirements for rapid deployment. Remember the times we’d spend hours setting up a cluster, then celebrate each upgrade? While nostalgically fun, those days are behind us.

Now, if an upgrade stumbles, the approach is ruthlessly efficient: terminate the cluster and start anew.

This evolution begs the question: Is the very notion of “upgrading” becoming obsolete? Shouldn’t we just rollout an additional multi-cluster setup and shift our workloads? The answer to that question truly depends on the type of setup one has, either way in this day and age, it’s certainly a viable option.

Chaos Engineering

This has been a love/hate relationship of mine for some time. The idea of wanting to do this is great, but actually doing it — can be daunting. I’m an ops guy, I love being able to keep my “customers” happy and have no interruptions.

The guys at Lego gave a very motivating talk on this, and I was happy to hear that given the correct methods, and with good planning. This can be a continual process. Starting off small, and reaping benefits very quickly. I’ve heard it more and more throughout the conference, and in small talk. This if not a hot topic, is definitely something I feel the need to investigate.

Talk: Keeping the Bricks Flowing: The LEGO Group’s Approach to Platform Engineering for Manufacturing

Community and Inclusivity

From child friendly sessions, to hard-of-hearing breakouts. I was very impressed to see just how much work and effort has been put into making this happen. These concepts felt very much at home — an integral part of the conference. I even tried to take part in learning sign language!

There are concepts which help newcomers to submit code, no-code and learn the ropes of how to engage. I myself made my first commit to a Kubernetes SIG project a few months before KubeCon and was impressed in just how helpful the maintainers were in guiding through tricky parts of making sure the code was aligned with the project and documented correctly. I’m not a “hard hitter” when it comes to development, I use it to automate, tooling etc. — but it felt empowering. Although I like development, I’ll stick to my day job, ops is the future! You heard it from me first. 😉

At KubeCon this year, everywhere I turned, faces were lit up with smiles. Breaking away from my colleagues allowed us to explore more tracks independently, with plans to regroup later. The opportunity to engage and network with new, like-minded individuals was exhilarating. Yet, what stood out to me this time around was the remarkable presence of the Nordic community. It felt like a reunion; I recognized many familiar faces, and the warm greetings exchanged were a testament to the growth within then Cloud Native Nordic community.

This experience was a heartfelt reminder of how connected and vibrant our community has become!

Finally, many people who I did speak to, when sitting waiting for a talk, or standing in line at the coffee tables were first time attendees. Many of them not knowing much about Kubernetes or the Cloud Native landscape but were more than interested in hearing about how other companies experiences, and even I learnt something from talking to these groups of people. We can learn something from every corner.

Keynote: Keynote Panel Discussion: Unity in Diversity

Other relevant talks we found interesting:

From CNI Zero to CNI Hero: The Hands on tutorial

The “K8s CNI from Zero to Hero” talk by Doug and Tomo was a journey into the world of Container Network Interfaces (CNI). Starting from scratch, we gained a comprehensive insight into the world of CNIs.

After the talk, we were left with a deeper understanding of the CNI’s inner workings but also with the understanding to solve issues and introduce new functionalities to our clusters. For those who intrested in the talk, the accompanying Git repository and demo video offer an opportunity to catch up and delve deeper into the world of Kubernetes CNI.

Video & GIT : https://github.com/dougbtv/cni-hero-hands-on
Talk: Tutorial: From CNI Zero to CNI Hero: A Kubernetes Networking Tutorial Using CNI

Is Your Image Really Distroless? — Laurent Goderre, Docker

Laurent Goderre’s talk “Is Your Image Really Distroless?” delves into the intricacies of crafting minimalist Docker images using multi-stage builds and the concept of distroless containers. The talk highlights the significance of multi-stage builds in Docker, emphasizing the separation of build-time dependencies from run-time dependencies.

Many applications necessitate additional tooling, such as shells, to configure the runtime environment effectively. Goderre proposes the use of init containers to address this challenge. By separating the logic required for configuring the runtime environment from the environment itself, developers can create images devoid of shells or scripting capabilities, thus enhancing container security.

Why Kubernetes Is Inappropriate for Platforms, and How to Make It Better

The current trend sees the ecosystem constructing platforms on Kubernetes, starting with a “hub cluster” and integrating various tools for GitOps, application descriptions, and infrastructure management. However, as these platforms evolve, they quickly encounter the inherent constraints of Kubernetes as a framework.

In this talk, three key dimensions were highlighted to enhance Kubernetes for platform engineering, workspace hierarchy, cross-workspace API exports and cluster mounting.

KCP, described as a Kubernetes-like control plane, is introduced as a solution catering to these dimensions. It enables the management of multiple independent, isolated “clusters” known as workspaces, allowing API service providers to offer centrally managed APIs while ensuring easy consumption for users within their respective workspaces. This approach is positioned as a building block for SaaS service providers and enterprise IT departments seeking to offer Kubernetes-native APIs to isolated tenants.

Video: https://www.youtube.com/watch?v=7op_r9R0fCo
Project: https://github.com/kcp-dev/kcp

Projects to look out for:

KCL: Constraint-based Record & Functional Language

KCL was the second project from in the top 10 CNCF Projects by Number of End User Commits indicating the most active projects in the Cloud Native Computing Foundation (CNCF) ecosystem based on user contribution.

KCL is an open-source, constraint-based record and functional language that enhances the writing of complex configurations, including those for cloud-native scenarios. With its advanced programming language technology and practices, KCL is dedicated to promoting better modularity, scalability, and stability for configurations. It enables simpler logic writing and offers ease of automation APIs and integration with homegrown systems.

Project: https://github.com/kcl-lang/kcl

Vitess

Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding.

By encapsulating shard-routing logic, Vitess allows application code and database queries to remain agnostic to the distribution of data onto multiple shards. With Vitess, you can even split and merge shards as your needs grow, with an atomic cutover step that takes only a few seconds.

Vitess has been a core component of YouTube’s database infrastructure since 2011, and has grown to encompass tens of thousands of MySQL nodes. Vitess was born at YouTube in 2010, and joined the CNCF in February 2018.

Some features of Vitess include online schema changes, one of the oldest MySQL problems with blocking of schemas have been addressed with Vitess see docs — Other noteable features include scalability, performance, connection pooling, manageability, and more!

Project: vitess.io
Talk: Vitess: Introduction, New Features and the Vinted User Story

ClusterInventory API

The ClusterInventory API provides a reliable, consistent, and automated approach for any multi-cluster application (framework, toolset) to discover available clusters and take actions accordingly, in a way similar to service discovery works in a microservice architecture. Through the inventory, the application can query for a list of clusters to access, or watch for an ever-flowing stream of cluster lifecycle events which the application can act upon timely, such as auto-scaling, upgrades, failures, and connectivity issues.

Project: https://github.com/kubernetes-sigs/cluster-inventory-api

KCP

kcp can be a building block for SaaS service providers who need a massively multi-tenant platform to offer services to a large number of fully isolated tenants using Kubernetes-native APIs. The goal is to be useful to cloud providers as well as enterprise IT departments offering APIs within their company.

Project: https://github.com/kcp-dev/kcp

Mint Toolkit

Mint Toolkit, formerly DockerSlim. Mint allows developers to inspect, optimize and debug their containers using its xray, lint, build, debug, run, images, merge, registry, vulnerability (and other) commands. It simplifies and improves your developer experience building, customizing and using containers. It makes your containers better, smaller and more secure while providing advanced visibility and improved usability working with the original and minified containers.

Project: https://github.com/mintoolkit/mint

Talos

Talos is a modern OS for running Kubernetes: secure, immutable, and minimal. Talos is fully open source, production-ready, and supported by the people at Sidero Labs All system management is done via an API — there is no shell or interactive console. Benefits include:

Security: Talos reduces your attack surface: It’s minimal, hardened, and immutable. All API access is secured with mutual TLS (mTLS) authentication.
Predictability: Talos eliminates configuration drift, reduces unknown factors by employing immutable infrastructure ideology, and delivers atomic updates.
Evolvability: Talos simplifies your architecture, increases your agility, and always delivers current stable Kubernetes and Linux versions.

Project: https://github.com/siderolabs/talos

All KubeCon + CloudNativeCon 2024 Talks

CNCF was pretty fast at getting pretty much the entire even out on YouTube, they have provided a nice playlist with everything.

Final Remarks

The above is not by any means the entire round-up of KubeCon + CloudNativeCon 2024, only our views — there are hundreds more talks, workshops and sessions at the event. If you are interested, I urge you to attend. Keep an open mind, and plan. I’ve found it’s also refreshing to pick some talks at random, perhaps ones which do not 100% relate to your current interests and or position, ideas can come from any corner!

See you at the next KubeCon, and if you cannot hold until then — there is always Kubernetes Community Days in Denmark this year! Stay tuned or visit https://kcddenmark.dk/ !!!

Hong Kong