KubeCon 2018 Europe - 7 Key Takeaways

Anticipating the future of the Cloud Native world

Kubernetes and Cloud Native tools have awesome potential and an exciting future. But what exactly can we expect from this technology? Praqma’s cloud experts, including Sami Alajrami, went to KubeCon 2018 to report back all the latest.

KubeCon+CloudNativeCon is the biggest event in Europe for Kubernetes and the Cloud Native ecosystem. Three full days of announcements from all the major cloud providers, customer use cases, experience reports, and CNCF projects updates meant there was a lot of cloud news to digest. In this post, I try to make sense of it all with my list of key takeaways.

1/ GitOps is coming!

In one of the keynotes, CNCF COO, Alexis Richardson, presented the CNCF 2020 vision. While the current focus is on Security, Storage and Interfaces, the next couple of years will see a rise of “GitOps” as a new way of working that abstracts all infrastructure/cluster plumbing from the developers point of view to a “Git Push” command.


2/ Make your apps Kube Native

Deploying and managing your applications in Kubernetes has been made easy with the concept of Operators. Operators are installed as pods in your cluster and define and use Custom Resource Definitions (CRDs) to implement application management logic. This makes your applications Kube Native To make building operators easier, CoreOS introduced the “Operator Framework” which brings a SDK for developers and Kubernetes runtime tools to accelerate operators development.

3/ Security: better safe than sorry!

Security is one of the areas that has had lots of CNCF attention in the past year. This resulted in projects like: SPIFFE/SPIRE, Notary/TUF and Open Policy Agent joining the CNCF. Several talks at this year’s KubeCon focused on securing Kubernetes clusters and the applications running in them. Some of the top ones included: controlling user privileges inside containers, container images scanning, making sure the cluster defaults are secure/changed to be secure, and following the best security practice recommended by the Center for Internet Security (CIS) Kubernetes guide.

4/ Improve Service-to-Service communication with a service mesh

The emergence of Kubernetes has led to an acceleration in the transition from monolithic applications to microservices. This trend has also witnessed increased granularity and decoupling of services which make up modern, cloud native applications. For an application comprising of hundreds or thousands of services, and can scale on demand or under load, service-to-service communication is a notable challenge. The logic for how services should communicate is typically baked into application code.

A service mesh provides a dedicated layer for service-to-service communication which is decoupled from the application code. Linkerd (an incubating level CNCF project) and Istio (an open-source Google project) are two promising implementations that were presented at KubeCon 2018.

Kelsey Hightower

5/ Multi-Clusters without a federation API is a real thing

As the number of Kubernetes clusters grows, multicluster becomes a requirement for many organizations. One approach is to have a federation API federating all other clusters’ API servers. But this API becomes a single point of failure. As a result, “Cluster Registry” emerged to maintain a list of clusters and associated metadata. CoreOS built on top of this project to offer “Tectonic Multi-cluster Registry” which syncs the cluster registry in each cluster and supports operating on applications across clusters. It’s also worth noting that Federation V2 is in the works by the Kubernetes Multicluster Special Interest Group.

6/ Functions everywhere

Serverless has been a hot trend for the past couple of years and now apps are being architected as functions. Austen Collins from Serverless predicts) that the future will have functions everywhere. Functions will work across clouds and even on premise. To enable interoperability across multiple clouds, events (which trigger functions) need to be standardized. “CloudEvents” is a specification for describing events in a standard way.

7/ Plan for Day 2

Adopting Kubernetes requires many changes to your culture and engineering approaches. Craig Tracey, who works as a Solutions Engineer at Heptio, shared his experiences on managing Kubernetes Day 2 and beyond. This is a great talk for anyone thinking of deploying Kubernetes in any form of environment. There’s a lot of takeaways and hard-won experiences about tackling availability, authentication, authorization, and much more. Be sure to take notes!

If you have missed the conference, you can watch all the talks on Youtube.

Praqma team at KubeCon The Praqma team at KubeCon’s social event in Tivoli

Author: Sami Alajrami

Read more about Sami