• Envoy Proxy is Your Gateway to Service Mesh

    Online event

    A slight change in schedule for October - Join us virtually on the 3rd Wednesday of the month, October 21st for a guide to Envoy from Lawrence Gadban of solo.io!

    Kubernetes and Service Mesh are patterns in building new applications that decouple dependencies between the application code, infrastructure and how the services should communicate. With microservices, the network becomes critical for a properly functioning application teams need to consider both North / South traffic (incoming requests from end users to the cluster) and East / West (intra cluster) communication between the services. In this talk we'll dig into the role of Envoy as the modern data plane for north/south and east/west traffic, their integration points, the respective control planes, and areas of extensibility.

    The session will be broadcast on the Orchestructure YouTube channel. Keep an eye out for the session URL.

  • Enabling GitOps with the GitLab Kubernetes Agent

    Online event

    For this event, we have Nicholas Klick back for a third time!

    Nick will uncover the GitLab Kubernetes Agent which is an active in-cluster component for solving any GitLab to Kubernetes integration task.

    The Agent empowers operators to manage GitOps style Kubernetes deployments into private networks, behind a firewall or NAT, with the goal of building easier and more secure Kubernetes-based applications.
    Come learn all about this new alpha feature directly from the GitLab team working on it!

    This will be a Virtual Event! We'll update the event with the Youtube stream link well before we're slated to start. Thanks to our Sponsors StockX and Palo Alto Networks for the support to enable us to continue putting on these events!

  • Helm 3 with Matt Farina

    Online event

    Our local Helm expert Matt Farina is back to give us the update in the world of Helm, which has been transitioning from Helm 2 to Helm 3. Since we know many of you love and use Helm we thought it'd be best to have Matt give us some best practices on some of these major topics:

    - Helm 3 vs Helm 2
    - General migration steps
    - New patterns of CD with Helm 3
    - Community Charts (helm/charts repo) with Helm 3
    - Near-term and long-term things are coming down the pipe!
    - Competitors and new patterns that have arrived

    Matt is a software engineer working on the Cloud Native Computing Team at Samsung SDS where he focuses on cloud native applications. He is an author, speaker, and regular contributor to open source. Matt has been developing software for over 25 years. He is currently a maintainer of Helm and co-chair of Kubernetes SIG Apps.

  • Securing Kubernetes and API workloads using Open Policy Agent

    Online event

    > Live Stream Link: https://youtu.be/bl6MSrDg_i4

    Open Policy Agent (a CNCF project) provides a unified toolset and framework for policy across the cloud native stack. With OPA you can use declarative and context aware policy, decouple it from the code to release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance.

    In this meetup, you will learn about OPA, the use cases of OPA and how to use OPA as an admission controller in your Kubernetes clusters.

    For example, by deploying OPA as an admission controller you can ensure:
    A few examples of what you can ensure with OPA:
    * Whether images are pulled from a specific corporate image registry
    * All resources are labeled according to your organization's guidelines,
    * All Pods specify resource requests and limits.
    * Prevent conflicting Ingress objects from being created.

    Additionally, Rajesh is planning a special giveaway for those tuned in sometime throughout his presentation!

    Our speaker, Rajesh Jain, is a Cloud Engineer @ Palo Alto Networks. Prior to Palo, he was at Aporeto (acquired by Palo), and Pivotal. Rajesh has worked on various cloud platforms including Kubernetes, Cloud foundry, AWS, GCP and Azure. He has presented before at Kubernetes and DevOps focused meetups and conferences.

    > This is a Virtual Event being streamed live on Youtube! Watch here: https://youtu.be/bl6MSrDg_i4

  • The Four Stooges Deep-Dive K3s

    Online event

    Stuck in Quarantine with only your laptop? What if you could easily spin up a free cluster right in your lap, instead of burning a hole in your cloud spend? We're thinking the same thing! Your friendly stir-crazy Orchestructure board members are going to deep-dive into one such solution named K3s.

    K3s is lightweight Kubernetes from Rancher Labs. Easy to install, half the memory, and all in a binary of less than 50mb. Marketed as a fully compliant Kubernetes Distribution, K3s is geared for IoT and Edge platforms where speed and thin installation is necessary.

    Please join us for our first ever Virtual event, streamed on Youtube, geared for everyone, and meant to be the most fun you'll have on a Wednesday night.

    Be sure to hop in our Slack channel, #orchestructure in the MadeinA2 Slack (http://madeina2.com/slack) network to participate by asking questions, making suggestions, and trolling.

    Stream Link: https://youtu.be/f0CA0nka1Oo

  • Introduction to gRPC with Richard Belleville from Google

    gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It's also incredibly applicable in distributed computing to connect devices, mobile applications and browsers to backend services.

    In this talk, we will design, build, and test a simple gRPC service from scratch using the Go programming language. We'll then deploy it to Google Kubernetes Engine (GKE) and observe!

    Food will be provided by the CNCF! Everyone is welcome so feel free to bring friends or co-workers! The speaker is remote and a recording will be released shortly after the event.

  • Falco - Container Native Runtime Security

    Alfa Jango

    Join us January 29 at Alfa Jango with Marky Jackson from Sysdig! Learn about Falco, a new Host Intrusion Detection system made for Cloud Native Platforms (not to mention its a CNCF project!).

    What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, Marky will present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security, auditing & incident response.

    Food to be provided by the CNCF

    Hope to see you at the first meeting in 2020!

  • Brewing Enough Coffee! Scaling Kubernetes at Palantir


    Jared Ledvina, a Cloud Operations Engineer at Palantir, and has spent the last year helping grow their infrastructure from 12,000 to over 20,000 EC2 instances. In this talk, he'll discuss managing over 50 ephemeral production Kubernetes clusters, future plans to support Azure, and how Palantir engineers could have avoided multiple production outages.

    If possible, please checkout the following before hand:

    Introducing Rubix: Kubernetes at Palantir - https://medium.com/palantir/introducing-rubix-kubernetes-at-palantir-ab0ce16ea42e

    Spark scheduling in Kubernetes - https://medium.com/palantir/spark-scheduling-in-kubernetes-4976333235f3

    If there are any topic's or question's you'd like answered please reach out to @jaredl on the MadeInA2 Slack! (#orchestructure channel!)
    You can also catch him on Twitter: https://twitter.com/geekatcomputers and Github: https://github.com/jaredledvina

  • Welcome to 1.16: All Hail the Breadsticks


    ** Our Falco speaker unfortunately had to cancel at the last minute. Instead, read below for the freshest event details!

    Join the Orchestructure members who participated in the latest Kubernetes release as they give a whirlwind tour around major changes in this new version, 1.16. API deprecation, scalability enhancements, and the latest KEPs are some of the major topics with this release. In addition, they'll give insight into the community and intense release process for a project of this magnitude!

    We'll be featuring refreshments from Pizza House, including many many breadsticks! We apologize for the last minute change and hope to see you there!

    *Official k8s Release Page: https://kubernetes.io/blog/2019/09/18/kubernetes-1-16-release-announcement/