Stockholm Cloud Native Community Group – May 2023 Meetup
We're thrilled to announce the return of the Stockholm Cloud Native Community Group Meetup on May 25th at Microsoft Reactor, with a focus on networking, observability and security. Join us for an evening of informative discussions and networking opportunities, starting at 5:15 PM when doors open.
In our first talk Federico Hernandez and Simone Sciarrati from Meltwater will share learning on migrating from Amazon VPC CNI to Cilium in Kubernetes,
Second talk will be delivered by Stephane Karagulmez, Senior Solution Architect at Isovalent, and he will share insights and practical examples on how to adopt network policies in highly secure environments.
As an in-person event, we won't be broadcasting online or recording. Thanks to our sponsor, Isovalent, we'll provide snacks and drinks during the event. Microsoft Reactor is kindly providing the venue. We can't wait to see you there!
-
5:15 PM CEST
Doors Open
in-personFind a seat, grab some coffee, and sweets.
-
5:30 PM CEST
Intro by the organizers
in-person -
5:35 PM CEST
Swapping the wheels of a running car - migrate from Amazon VPC CNI to Cilium in Kubernetes | Federico Hernandez and Simone Sciarrati, Meltwater
in-personIn this talk Federico Hernandez and Simone Sciarrati will dive into how they performed the migration of the networking component for Meltwater’s production Kubernetes clusters - from the AWS VPC CNI plugin to Cilium.
Their team develops a platform on top of Kubernetes that serves 40+ teams, running 3000+ deployments and 10000+ pods utilising more than 8000 cores and 18TB memory, powering a large part of the Meltwater product.
During this presentation Federico and Simone will:
- discuss the reasons behind the decision to migrate to Cilium
- go into the details of the live migration, the challenges we faced before, during and after (yes, not everything went A-OK)
- talk about the tooling they created to test the migration process and ensure the migration would be seamless
-
6:15 PM CEST
Short break
in-personWe take a short break to stretch our legs and recharge energy levels.
-
6:30 PM CEST
Adopting Network Policies in Highly Secure Environments | Stephane Karagulmez, Isovalent
in-personIn distributed computing, everything goes over the network, but only some things should be public - especially in highly secured environments like financial services or telecommunications. Unfortunately, Kubernetes networking is open by default, and it is up to you to adopt network policies to secure it.
Drawing from years of experience implementing network policies in complex regulated environments, we will introduce the fundamentals of Cilium Network Policies and the basics of application-aware and Identity-based Security. With these building blocks in place, we will compare a default-allow with a default-deny policy and how a risk-based approach helps you focus on securing the most sensitive workloads first. We will then discuss various exposure types and strategies for securing your workloads.
Applying this theoretical knowledge to the real world, we will explore how observability tools Cilium, Hubble, and Grafana provide you with Network Policy superpowers, like showing how corresponding ingress and egress connections are visualized, enabling you to configure the right Network Policies using the Network Policy editor. Finally, we will discuss how Network Policy Guardrails allows you to maintain control while granting teams self-service management of Network Policies.
Combining theory and practice, the audience will walk away knowing how to secure their network effectively and efficiently, even for highly sensitive workloads.
-
7:15 PM CEST
Networking
in-personTime for networking, snacks, and a couple of drinks.
