Starting a new job can be daunting.
Attending your first KubeCon is certainly overwhelming.
Starting a new job at a fast-paced startup, at KubeCon, while your suitcase has gone missing between Paris and Valencia was… memorable.
When I decided to join Isovalent, I thought it would be extremely convenient to have my first day coinciding with the eBPF day at KubeCon. After all, it would give me the opportunity to meet a majority of my new teammates and hear directly from Cilium users, eBPF developers and Cilium contributors .
That was based on the assumption that travelling from the UK to Spain would be straight-forward – I was clearly wrong. But I learned something during my treacherous journey: AirFrance gives you a generous emergency pack when they lose your luggage.
That’s why I spent my first day at KubeCon wearing AirFrance undergarments.
Outside the questionable fashion choices, I hope I didn’t make a bad impression on my new colleagues. I asked many questions and they were patiently answered. As eBPF became a hot topic and service mesh architectures were being debated, I tried to take it all in.
eBPF day was very well-attended. I particularly enjoyed Thomas’s roadmap presentation and hearing how IKEA is using Cilium was fascinating.
I recognize that eBPF remains a difficult technology to cover: end-users want to know what’s so special about it and what they should care. Technology vendors want to showcase how their technology uses eBPF to achieve a particular technical outcome while eBPF developers want to discuss some of the very complex aspects around eBPF programming.
Thankfully, the sessions are now online and I can rewatch them a more times to grasp the presentations that went slightly over my head. What resonates most with me is the actual eBPF use cases and the most commonly discussed one at KubeCon was the sidecar-less service mesh deployment. The panel at the Service Mesh Day was a fun session and is definitely worth a watch.
What I took away from it is that the intention of the Cilium team isn’t to reinvent the wheel: Envoy is a great proxy and we might as well use it. It’s where and when we use it that matters – having a sidecar proxy per pod doesn’t feel like the most efficient and intuitive architecture, especially at scale.
I didn’t get to attend many more sessions during the week: as a veteran of many tech conferences, I just know that I tend to learn more by chatting to folks at a booth, on the conference floor or after the conference closes for the day. It was great to greet many former colleagues, customers and Twitter acquaintances who were, like me, amongst the 65% of first-time KubeCon attendees.
The sessions I did attend were excellent.
Liz performed her usual wonders on stage for her “A Guided Tour to Cilium Service Mesh” session – she’s great at articulating complex topics in simple terms to a packed audience, seemingly without any nerves.
I also really liked “Better Bandwidth Management” with Cilium, where Daniel Borkmann and Christopher Luciano discussed a Cilium feature I hadn’t had the chance to look into.
They presented and demoed a feature (BRR) that provides a modern alternative to the standard TCP Congestion Control protocol and a fact I particularly liked about the session is that implementing this technology (originally created by Google researchers) would not have been possible without eBPF.
It shows that eBPF is not just a fancy buzzword – it can be used to provide massive gains in bandwidth performances.
From talking with many folks who came to our stall for the book signings, I came away from KubeCon with the feeling that Kubernetes adoption is still all over the map.
I talked to as many users who were just beginning their cloud native journey as those who were experiencing issues only advanced users would see (around topics such as governance, scale, performance and migration).
Overall, I thought the CNCF did a solid job of offering a conference that catered to the bleeding edge adopters and to the enterprise customers who might be coming into Kubernetes reluctantly. As someone who studied in Valencia for 18 months, I was delighted that folks could discover one of my favourite cities in Europe:
As a former network engineer, the other observation I made from the conference was that it must be extremely complex for platform engineers to build a networking stack for Kubernetes.
Users have to work out how to connect their pods and provide them with IP addresses (decide on a CNI), they have to provide east-west (decide on a service mesh) and north-west traffic capabilities (decide on ingress, egress and load-balancing technologies), they have to understand how best to secure workloads (with network policies) and guarantee confidentiality and integrity of data in transit (mTLS, IPSec/WireGuard, etc…).
And finally, they have to work out how on Earth they are going to operate and monitor the whole thing.
Evidently, I hope that Cilium will address most, if not all, requirements.
The last think I came away with from Valencia is half a kilo of Iberico ham and my AirFrance underwear (I had become attached to it, especially after 5 days wearing it)*.
I would absolutely recommend KubeCon as a conference to attend but perhaps don’t intentionally start a new job there at the same time. And pack some spare clothes in your carry-on bag (just in case….).
Thanks for reading.
*I kid – my case did arrive (eventually)
nicovibert.com 