KubeCon US 2018 Experiences

JFrog at KubeCon

Kubernetes is now very, very boring” or at least that is what Janet Kuo proclaimed in her keynote. She clearly meant that Kubernetes is now a stable platform and a lot of companies are running their day-to-day operations on it.  I certainly wouldn’t use “boring” to describe KubeCon + CloudNativeCon 2018 US in Seattle. As a new “Frog” I got the amazing opportunity to go to the conference and simply learn about all sorts of new, and some more “boring” technology.

Day 1

The keynote on day one started off noting the incredible popularity of Kubernetes. The Kubernetes website had so many unique visitors that it was more popular than the website of the Seattle Seahawks and Manchester United (it was still less popular than Starbucks, though). The other thing I loved was the story of Phippy (the giraffe that represents a simple PHP app, trying to find a home in a cloud-native world), which was brilliantly read by Matt Buchner and Karen Chu. During their talk, they included a peek behind-the-scenes showing off some of the early sketches and wireframes. The highlight of the talk was Phippy being donated to the CNCF and stuffed animals being available in their store.

As with every conference nowadays, there were tons of amazing sessions so I had to choose which ones to attend and which ones I’d be okay with seeing on YouTube. I’ve spent a lifetime in DevOps, so when I saw the session on brains being broken by migrating Jenkins to Kubernetes, I knew I had to attend that one. It was a good session, with some great takeaways on attached storage, performance, and Tetris. Another great session I got to attend was “A Basic Kubernetes Debugging Kit” where Joe Thompson discussed using quite familiar tools, like jq and curl, to debug the operations of a Kubernetes cluster.

Luckily I had some time to stop by the Sponsor Showcase where I got to talk to some of the sponsors. Some of the demos and conversations I really liked were Iguazio, with their serverless platform on Kubernetes and Rookout which focuses on debugging live services. From the big Cloud vendors, I decided to stop by the Microsoft Azure booth and see what kind of solutions they offer for package management. From what I could gather, and the demos I got, it only supports container images and Helm charts.

My next stop on the show floor was the GitLab booth to hear about their new feature to deploy apps to serverless platforms. My eye totally caught the slideshow at their booth which showed the “complexity of modern pipeline tooling” with a bunch of different tools that they claim are difficult to integrate. Seeing JFrog Artifactory up there surprised me quite a lot! I asked if the slideshow showed the tools that can be replaced with GitLab and if they can replace an enterprise-grade artifact repository at the ‘Package’ phase of the pipeline on their slide. The GitLab team said the slides illustrated the complexity of the DevOps world we live in. They quickly added it is by no means a list of functionality or a roadmap! GitLab has a “basic Docker registry” but, according to their staff, their solution “won’t be replacing Artifactory anytime soon.” Kudos for the honesty!

The closing keynote by Julia Evans was really cool. She talked about how reliability and security are the major challenges she faced at Stripe and how even the biggest companies can be unsure of how certain tools work.

Day 2

On day two there were really good keynotes as well, with Liz Rice, Kubecon co-chair, even performing a live coding demo to show how incredibly important security within a Kubernetes cluster is. “Just run this YAML for me” isn’t something that you should ever do in production, likely also not in any other environment for that matter, and she made it clear that having proper rules and policies on what goes into production is crucial. This is also where tools like JFrog Xray come in and help you with exactly that. When you, like most attendees, run your workloads in Kubernetes you definitely want to take a look at our open source KubeXray project which we launched there.

Not too long ago I read an article that Chick-fil-A runs a Kubernetes cluster in every restaurant in their chain. I was pretty excited to hear that they chose to do a session on that during KubeCon and to hear about their architecture that processes one box of nuggets every 25 seconds (at least during peak hour).

Today, my trip to the Sponsor Showcase brought me past Ballerina, where I got to see a bit about the new language they built, New Relic, who had a great demo on application performance management, and Heptio, the company that just joined VMware to see some more Kubernetes in action.

Day 3

The keynote by Kelsey Hightower was quite surprising! Saying that Kubernetes isn’t THE platform, but the platform on which platforms are built and the ease with which he took a Fortran microservice to a serverless environment was cool. However, the demo I liked best has to be the CLI he built that played music as it was processing commands. I’ll talk to our dev team for the JFrog CLI to see if we can do something similar.

As for sessions, I want to shout out to Kris Nova, Developer Advocate at VMWare, with a pretty awesome session titled “You can’t have a cluster[bleep] without a cluster” in which she talked about the issues everyone faced building clusters, but no one dares to talk about. Problems like secret management, upgrades in APIs, and logging. With more and more companies building a Kubernetes offering, I really wanted to know how the OpenShift team pushes the limits of their own products when it comes to scaling. The team delivered a wonderful talk on testing every release on a cluster with 2000 nodes and on tuning Kubernetes on multiple levels.

Wrapping it up

At the end of the day, I think that companies have an amazing journey ahead of them as they decide if and where to move their apps. With so many talks on security, CI/CD, massive numbers of microservices, and operations I think that companies will evaluate Cloud-Native DevOps along five major criteria:

  1. Automation
  2. Security
  3. Flexibility/Universality
  4. Scalability
  5. Reliability
Companies will evaluate Cloud-Native DevOps along five major criteria: Automation, Security, Flexibility/Universality, Scalability, and Reliability. Click To Tweet

Even though I only recently joined the JFrog team, I’m very happy to say that we’re doing everything we can to make sure our products and services meet all those criteria and even more!