Thoughts on KubeCon 2022
Introduction
I was fortunate to attend KubeCon + CloudNativeCon Europe 2022 from the 16th to the 20th of May in Valencia, Spain. It was an intense week of conferences and meetings with like-minded companies and communities.
The main reason for me to attend KubeCon was to see how other companies were approaching the problems we also face and to have a view into the future, those technologies breaking into the mainstream.
Some of them have been around for a while already but are not widely adopted whilst others are pretty new.
The Kubernetes community is broad enough that anyone attending will probably come out with a different view depending on work and interests but this is my take-home:
OpenTelemetry
At Digitalis we have been recently looking at OpenTelemetry for some of the software development we do and deploy into Kubernetes. I was pleasantly surprised to see a large number of talks on the matter.
It makes complete sense that as Kubernetes matures as a production platform telemetry and observability come up to the front row.
Service Mesh
Service Mesh has been around for a long while. I used Istio when it was still in beta. My impression at KubeCon was that Istio has started falling out of favour and replaced by linkerd, though I may be a little bit biased here as I prefer the latter.
There are very good reasons to use a Service Mesh:
- mTLS: we work a lot with banks and financial institutions and being able to encrypt all traffic without having to modify the applications and deal with SSL certs is very welcome.
- Observability: linked to the previous point on OpenTelemetry, this is going from a should to a must for many organizations.
But Service Mesh has some drawbacks, such as increased latency and complexity. Two alternatives shown at KubeCon would probably be very good alternatives for many:
- Calico presented its in-cluster pod traffic encryption. It has been around for some time and I had the chance to use it very successfully. Essentially it uses WireGuard to encrypt traffic between nodes. Calico already offers plenty of observability at the network level through their Calico Cloud and Enterprise products which would work wonders with OpenTelemetry. It certainly is a good choice, with or without istio/linkerd.
- Cilium made a surprising talk about their aim to support Service Mesh at the CNI level. It is a very interesting idea with many challenges. I hope they can pull it off.
eBPF
eBPF was all over the schedule. It is an exciting technology that suits a Kubernetes environment very well for security and observability tasks.
GitOps
It is by no means a new technology but it seems that it’s now fully adopted by many organizations. ArgoCD appears to be the favourite closely followed by Flux (shameless plug, either will work wonders with vals-operator).
There are some other contenders but unfortunately, these two received most of the attention.
InfluxData gave an interesting talk on how they caused an outage by missing a config mistake in a pull request which caused ArgoCD to destroy a cluster 😮
Just a word of caution, don’t go on setting up GitOps before you properly read the docs (or ask us to do it for you!)
Kubernetes Operators
Many operators were on display at KubeCon, some interesting some not so much. DataStax showcased their K8ssandra operator for DSE/Cassandra and there were quite a few talks on operators. It does seem it has become a well-established technology that many companies are adopting to extend their deployments.
My favourite one is still Strimzi, featured in a great talk by the guys at Fastly.
Rancher & Neuvector
I have always liked Rancher. I think it’s an excellent product and I was excited when I heard SUSE was buying Neuvector, another great tool. SUSE’s stand at KubeCon was demonstrating the recently announced release of Neuvector and its integration with Rancher 2.6.5. Needless to say, I upgraded my dev environment as soon as I got to the hotel to check it out. Excellent product!
Data On Kubernetes
Sponsored by the DoK community, there were several good talks on moving data applications to Kubernetes. For some time companies have been fearful of deploying the most critical applications (databases, Kafka, etc) to Kubernetes but it seems the wind is changing and this is becoming more common.
I talked to the guys from EDB who have announced their Postgres controller was becoming Open Source 🎆 and DataStax with their k8ssandra operator.
Cost Management
Slightly more boring subject for techies but important nevertheless. Many companies embraced cloud providers without a second thought and now they’re finding out they’re quite expensive.
Recently I was talking to a friend who mentioned their AWS services were four times more expensive than their existing data centre… food for thought.
Hence a few talks and stands were dedicated to controlling costs.
Conclusion
A week is a long time, but not long enough for the amount of information dished out at KubeCon. I’ll need more time to digest it properly but these are some of the highlights for me.
