Onward and upward with cloud native: Highlights from KubeCon EU 2022 

Over 7,000 cloud native enthusiasts gathered in-person in Valencia, Spain last week for KubeCon EU (with 10,000+ joining virtually). Not only was this the first in-person KubeCon EU since 2019, but it was also the first KubeCon back at full capacity since the start of the pandemic. This year’s conference theme was “Onward and Upward: Grow with Cloud Native,” and the growth and excitement around the participating cloud native solutions was palpable – including 65% of all attendees being new to KubeCon!

Chronosphere did not sponsor this year, but had two employees – Gibbs Cullen, Product Marketing Manager, and Chris Ward, Technical Writer – on site to attend sessions and observe the latest in cloud native. Gibbs also co-led a FluentCon workshop with Anurag Gupta from Calyptia on “Getting started with Fluent Bit and Metrics with Prometheus.”

The below highlights some of the events, as well as recaps the main themes seen by Gibbs and Chris throughout the week:

• Kubernetes grows with the cloud
• Focus on security
• Observability everywhere
• Service meshes on rise
• New CNCF certification programs
• Increased developer productivity

KubeCon was never soley about Kubernetes, and officially has the secondary name “Cloud Native Con.” However, with Kubernetes now one of the largest ever community-led open source projects, there’s a lot to talk about. The CNCF landscape has now become so large and hard to evaluate that a new Cartografos Working Group emerged to help newcomers and more experienced end-users navigate the maturity and usefulness of projects for their use case(s).

According to the CNCF’s 2021 Cloud Native Survey, 96% of organizations are using or evaluating Kubernetes. This growth in adoption, however, has been coupled with increasing costs for many users. As a result, this year’s event presented a variety of sessions on solutions for simplifying and/or automating Kubernetes in an effort to make the technology more accessible for the greater cloud native community.

There was a dedicated track to customizing and extending the use of Kubernetes with sessions including “Kubernetes is Your Platform: Design Patterns For Extensible Controllers” by SUSE and VMware, “Build Your Own Cluster API Provider the Easy Way” by VMware and Weaveworks, and “Implementing Anti-patterns: Kubernetes Cross-namespace Resource Ownership” by Red Hat.

Security continues to be a top priority for cloud native technologies and end-users, especially after a big year of outages. So naturally this was a theme across the sessions with a dedicated track and topics like “The Hitchhiker’s Guide to Pod Security” by Microsoft, “How Attackers Use Exposed Prometheus Server to Exploit Kubernetes Clusters” by Sysdig, and “Three Surprising K8s Networking “Features” and How to Defend Against Them” by ControlPlane.

A recurring theme within security was increasing peace of mind in automated developer workflows. With greater levels of abstraction, and relinquishing a lot of control and responsibility to third party CI/CD tools, developers can quickly lose sight of what is happening. This can lead to a variety of impacts from using improperly licensed dependencies to inadvertently introducing malicious code into an application.

Software supply chain issues are not unique to Kubernetes, but with many developers trusting container images they have little knowledge of, it can become problematic. KubeCon saw an increased call for large open source projects and proprietary software teams to produce “software bills of materials” so users can clearly audit third party dependencies. Kubernetes currently doesn’t support container signing, but third parties are stepping in to fill those gaps.

In addition, many of this year’s top sponsors, such as Synk, Teleport, and Sysdig, focused their messaging on providing container or cloud native security. The CNCF Security TAG also released a refreshed version of their Cloud Native Security Whitepaper during the event.

Standing room only for Prometheus

As published in the CNCF’s 2021 Cloud Native Survey, the use of Prometheus in production has reached 65%, an increase of 43% year-over-year. This was evident at KubeCon EU with almost every Prometheus related session at full (and often over) capacity, including “Prometheus Intro and Deep Dive” by Prometheus maintainers and “Alerting in the Prometheus Ecosystem: The Past, Present and Future” by Grafana Labs.

Prometheus Day, a KubeCon co-located event, was hosted on Tuesday, May 17th by sponsors Promscale, Sysdig, and Red Hat. The day was well attended with a strong line up of sessions from vendors and end-users of the community. Sessions covered a range of topics from beginner to advanced levels – including “Prometheus instrumentation: the Practical Way” by Couchbase and “Fleeting Metrics: Monitoring Short-lived or Serverless Jobs with Prometheus” by Red Hat. All talk recordings can be found on the CNCF’s Prometheus Day YoutTube playlist.

OpenTelemetry announces GA for metrics

OpenTelemtry (or OTel) has been quickly increasing in adoption, and is now the second most active CNCF project behind Kubernetes. There was even an OTel Day, a co-located event dedicated to OTel, leading up to the conference.

Dotan Horovits from Logz.io gave a talk titled, “OpenTelemetry: The Vision, Reality and How to Get Started,” which provided a great overview of the project along with some exciting new updates. OTel for traces is already generally available (GA) and stable, but the release candidate for metrics was announced during KubeCon, with GA expected in a matter of weeks. Dotan also announced that OTel for logs is still in an experimental phase with GA expected by the end of 2022.

The CNCF conducted a micro survey at the end of 2021 to learn how organizations are adopting service meshes. With more and more organizations migrating to cloud native architectures, the challenges with maintaining a highly performant and available technology stack have increased. As a result, many organizations have turned to service meshes to create a dedicated communication layer between applications or services. In fact, of the survey respondents, 70% run a service mesh in production or development, and 19% are in evaluation mode.

Service meshes had a decided talk track, including sessions on how to address the challenges around a lack of understanding and experience across engineering organizations. For example, “Simplifying Service Mesh Operations with Flux and Flagger” from Google and Weaveworks and “Service Mesh at Scale: How Xbox Cloud Gaming Secures 22k Pods with Linkerd” from Microsoft.

The CNCF expanded their certification program to include two new programs and test suites for evaluating cloud native tools. First is a new program and test suite aimed at Telecommunication operators.

Second, and of most interest to Chronosphere and our users, is a new Prometheus Associate Program. This follows last year’s announcement of the Prometheus Conformance Program. Both efforts were created in an effort to ensure more and more Prometheus users are knowledgeable of and using the solution in full compliance with CNCF standards.

As Kubernetes and cloud native computing become increasingly complex, productivity gains are becoming harder to find. The increasing number of components and moving parts also makes it harder for Kubernetes newcomers to get started. These complexities, coupled with companies working hard to retain developers, have led to increasing discussions on (internal) developer experience and productivity. This varies from large companies who create their own custom “platform” tools and teams to projects and companies such as Backstage, Humanitec, and Garden. The developer platform discussion has even grown to its own event, PlatformCon.

Chronosphere is excited to be a gold level sponsor for KubeCon NA in Detroit this October. Make sure to follow up on LinkedInand Twitter for updates closer to the event. We hope to see you there – either in-person or virtually!

Chronosphere is the only observability platform that puts you back in control by taming rampant data growth and cloud-native complexity, delivering increased business confidence. Built from the ground-up for cloud-native scale and complexity, we provide our customers with industry leading reliability and SLAs. If interested in learning more, visit chronosphere.io or request a product demo.