KubeCon + CloudNativeCon is the premier event that focuses on cloud-native technologies and Kubernetes. This year’s European edition took place in person and was completely sold out, with 10,000 attendees. Datadog joined the event as a platinum sponsor, and several of our engineers delivered talks on various topics, ranging from etcd to image signing and verification. In this post, we’ll share more details on these talks, along with our takeaways from the event.
During CilumCon, two Datadog engineers, Hemanth Malla and Guillaume Fournier, shared how they investigated an incident that involved an eBPF program in our production Kubernetes clusters. Datadog is a heavy user of Cilium, with thousands of Kubernetes nodes running the networking solution on major public clouds.
Observability Day was a colocated event that focused on OpenTelemetry, OpenMetrics, and other telemetry open standards. One of the key takeaways of the event was the focus on integration across observability projects in the CNCF landscape. Both Fluent Bit and Prometheus have worked on integrating better with OpenTelemetry. Prometheus and OpenTelemetry also showcased their work on native histograms that provides better compression and accuracy when observing distributions. Correlation across telemetry signals was another important topic of discussion.
As a platinum sponsor of this year’s conference, Datadog hosted a booth and gave live demos of our end-to-end Kubernetes monitoring solution, which enables you to correlate metrics, distributed traces, and logs from your nodes and container infrastructure, all the way up to your frontend.
Datadog also participated in several talks:
- Laurent Bernaille joined Marcel Zięba from Isovalent to discuss key considerations for scaling Kubernetes without overwhelming etcd, a critical piece of the Kubernetes control plane.
- Ethan Lowman shared how Datadog takes a unique approach to image signing and verification, which allows us to reduce the risk of supply chain attacks.
- Christophe Tafani-Dereeper joined Diego Comas from Sourcegraph to provide an overview of how malicious attackers can use Kubernetes-related misconfigurations to attack the rest of your public cloud resources.
- Rory McCune joined a panel to explain, in a fun way, how image scanners work—and how attackers may trick them to get a passing result for a vulnerable image.
- Tabitha Sable joined the SIG Security Update, where the Special Interest Group shared what they have been working on over the past six months to continue making Kubernetes secure.
Aside from the sessions we participated in, KubeCon + CloudNativeCon Europe also offered many other sessions that gave us the opportunity to learn about the latest innovations in the space. These sessions also provide insight into various challenges and concerns that are top of mind for Kubernetes users when adopting cloud-native technologies.
In the rest of this blog post, we will share some of the main topics that were covered in this year’s conference.
As Kubernetes and the rest of the CNCF ecosystem enter the realm of big enterprises and governments, security-related topics are becoming very popular at KubeCon + CloudNativeCon. This year, more than 40 talks were tagged as “Security + Identity.” Supply chain security and compliance, secrets management, and least privilege containers were some of the themes in this track.
Today’s economic outlook and environmental concerns are driving companies to be more conscious about compute waste. There were several talks related to different Kubernetes autoscaling solutions, including one about autoscaling stateful workloads and another about running the Cluster Autoscaler in production. There were also more specific talks on reducing energy consumption in data centers, carbon-aware scaling, and platform efficiency.
After a couple of years of fewer service mesh-related talks, we noticed a resurgence of interest in this topic this year, driven mostly by the breakthrough of sidecarless service meshes. Several projects are betting on removing sidecar proxies from the mesh, including Istio, with its ambient mesh solution, and Cilium and Linkerd, with their eBPF-based solutions.
The cloud-native ecosystem continues its pace of growth, as more and bigger enterprises have a stake in its success and long-term sustainability. As a heavy Kubernetes user and vendor, Datadog looks forward to continuing to participate in the CNCF and its events, and we are committed to building the best monitoring and security solution for your Kubernetes clusters.