Cody Chen's Favorite Talks
Wasm has emerged as a secure, portable, lightweight, and high-performance runtime sandbox for cloud-native workloads such as microservices and serverless functions. We will show how familiar container tools can be used to develop and share Wasm applications.
Today, there is a large ecosystem of battle-tested tools to create, manage, and deploy Linux container apps in both dev and prod environments. Developers want to use the same tools to manage their Wasm applications to reduce the learning curve and operational risks. More importantly, using the same tools would allow Wasm containers to run side by side with Linux containers. That enables the architectural flexibility to run some workloads (eg lightweight, stateless, transactional, scalable) in Wasm containers, and other workloads (eg long running, heavyweight) in Linux containers.
In this talk, I will cover how to create, publish, share and deploy real-world Wasm applications using Docker Desktop, Podman, containerd, and various flavors of Kubernetes. The examples will feature mixed container types to showcase how Wasm containers work side by side with existing Linux container apps.
講者
WasmEdge
Hung-Ying is a pioneer in compiler optimization and virtual machine design. He is a prolific open source contributor, participating in many open-source projects, including WasmEdge, crun, solidity, and SOLL. Hung-Ying is also an active speaker and teacher. He is designing and teaching Solidity online courses in Taiwanese Mandarin.
在微服務架構下,client side 的應用程式可能由數十個不同的服務組合起來,在處理外部請求時,每個服務都必須考慮驗證授權、Cache、Rate Limiting…等機制,每個服務使用的程式語言與實作的方式不盡相同,容易造成開發及管理成本的上升。
此時若導入 API Gateway 的模式,由 API Gateway 統一負責處理請求的各項細節,服務本身就可以專注在業務邏輯的開發,管理者也能透過 API Gateway,輕鬆管理和監控系統上 API 運行的情況。
本次分享以 Kong API Gateway 為例,將示範如何使用 Kong API Gateway 管理 API 並為 API 服務加上驗證授權、Cache、Rate Limiting等機制,並分享Kong不同架構方式及其適用的情境
講者
RyanWang
往 SRE 前進的後端工程師
A Comprehensive Guide to API Gateways, Kubernetes Gateways, and Service Meshes
There is still a lot of confusion about API gateways, Kubernetes gateways, and service meshes. A lot of this is because:
In this talk, I will try to explain these technologies and share how they fundamentally differ and cater to different use cases.
講者
Navendu Pottekkat
Navendu Pottekkat is a maintainer of Apache APISIX and other open source projects. He helps new contributors to open source by mentoring through the Google Summer of Code and Linux Foundation Mentorship Program. Navendu writes and talks about the cloud native ecosystem and his experience in contributing to, building, scaling, and maintaining open source projects.
數位發展部積極發展並導入零信任、雲原生、容器化、DevOps等技術,會說明到數位部暨掛牌以來如何將服務轉移到雲端並導入Kubernetes。由於政府單位較少採用容器技術,數位部拋磚引玉,希望給各機關提供容器使用的參考,並探討如何解決相關稽核問題等。
講者
周詳
數位發展部資訊處解決方案架構師,畢業於交通大學資訊科學與工程研究所。
Kubernetes is one of powerful tools for container orchestration. In fact, it is really a matter of scheduling to manage container. Thus sometimes we should test and demonstrate what we thought to deploy properly working before we deploy in the product.
However, mostly resource is limited to test it.
Therefore, KWOK
(Kubernetes WithOut Kubelet) is really helpful to deploy & schedule purpose.
{https://github.com/kubernetes-sigs/kwok}
And furthermore if you could save the resource, it could archive for Environmental Sustainability
(https://github.com/cncf/tag-env-sustainability) as well!!!
So why don't you start from today? :)
講者
Hoon Jo
Since his experience as a system/network IT vendor, he has been providing Tech Advisor and Container Architecture Design for all projects related to Kubernetes in the Megazone GCP Cloud team. He is also an admin of the Facebook 'IT Infrastructure Engineers Group' and an open source contributor.
He likes to share his knowledge, so he has written lectures for Ansible and Kubernetes on Inflearn/Udemy, and he thinks it is important to document his knowledge, so he has written books (『Practical Programming in Python for System/Network Administrators』, 『Elegantly Answerable』), 『Kubernetes/Docker for Building Container Infrastructure Environments』 (Gilbut), and contributed articles to IT magazines. He is also a CNCF Ambassador
and NAVER CLOUD PLATFORM Ambassador, contributing to the spread of the Kubernetes ecosystem.
淺談Kubernetes Controller與CRD的一些設計思考思路,並且使用一個簡單設計的Network Controller來做為範例
講者
黃宇強 Date Huang
Date Huang is the maintainer of DozenCloud Project, ARM64 VPS Project, and EZIO Project, bare-metal server massive deployment solution.
Speaking Experience: OpenStack Day Taiwan 2016-2017, Open Source Summit North America 2017, ISC High Performance Project Poster 2018, Hong Kong Open Source Conference 2019, OSC Tokyo 2019, COScon '19, TWNOG 4.0, COSCUP 2021
In this talk, we will be discussing the importance of securing your Kubernetes cluster and how you can do it using the powerful tool, "m9sweeper." As the adoption of Kubernetes continues to grow, it has become more critical to prioritize the security of your cluster.
"M9sweeper" is an open-source security tool that is designed to detect and identify vulnerabilities and misconfigurations in your Kubernetes deployment. It offers a comprehensive set of checks that cover a broad range of security aspects, including network policies, access control, encryption, and pod security.
It has the potential of centralized monitoring of popular Kubernetes security tools Trivy, Gatekeeper, KubeSec, Kube-Hunter, Kube-bench, and Falco.
講者
Koteswara Rao Vellanki
I'm an experienced DevOps Engineer at UST with over 4 years of experience in the IT industry. Prior to joining UST, I worked with HCL Technologies and Agathsya Technologies. I completed my Master's degree in Computer Applications from Acharya Nagarjuna University, where I graduated with distinction. I have reasonable knowledge and expertise in DevOps tools, including containerization and orchestration technologies, and has a passion for solving complex problems to optimize business outcomes. I'm highly motivated, a quick learner, and always willing to go above and beyond to ensure successful project delivery.
隨著公司越來越多地採用 Kubernetes作為營運平台,為了減少部署工作量而導入了 ArgoCD。 在引入期間最主要挑戰是讓 DevOps 團隊進行統一營運和管理同時在合規性和安全性背景下進行分散權限管理。 講者將談及如何設置和擴展 ArgoCD 以滿足這些要求。
講者
Tony Yip
DevSecOps Engineer from Hong Kong, with lots of experience of different cloud native platform and tools
深入介紹開源專案Atmosphere 一套我們(Vexxhost)部屬在跨國公有雲與數十個私有雲的部屬方案 並分享為什麼我們需要開發這套部屬工具以及對我們目前使用狀況進行分析 也會展示demo務求讓各位看個仔細仔細再仔細
講者
Rico Lin
Cloud OpenStack Engineer @ Vexxhost
本次分享機會探討如何以 Grafana 以及其生態系下的各開源專案如 mimir, loki, tempo, promtail, agent 等打造一個兼容 metrics/logging/tracing 三面向的監控平台。 此外也會分享其架構並且與常見的解決方案,如 Prometheus, Jaeger, Opentelemetry, ELK 等進行比較來理解使用 Grafana 全家餐的好處
講者
HungWei Chiu
HungWei is a co-founder of SDNDS-TW and CNTUG, two local communities in Taiwan. SDNDS-TW specializes in SDN and networking topics, while CNTUG focuses on Cloud Native approaches. Additionally, HungWei is dedicated to sharing his knowledge and experience through blog posts and speaking engagements at various conferences and meetups. Some of the events he has participated in include COSCUP 2022, COSCUP 2018 x openSUSE, Asia GNOME.Asia, Open Source Networking Days Taiwan, and GDG DevFest Taipei 2018.
建置私有雲的 Kubernetes,需要解決的就是監控問題,本議程將會講解怎麼組合 Prometheus + Grafana,除此之外,還有帶你理解常用的 CRDs,打造出屬於你的監控報表。
講者
梯口 tico88612
哈囉,我叫做梯口,目前在花蓮讀碩士寫論文,但同時也在工作,自從大四實習踏入 IT/SRE 領域後,持續研究任何 Cloud Native 的新技術、DevOps 的思維,喜歡分享自己所看到的人事物。