Priyanka Sharma
Schedule

09:00-09:10

Opening Keynote

Updating

09:10-09:20

Opening Keynote

Updating

09:20-09:40

Harbor – An Enterpriser Cloud Native Mirror Warehouse 下载PPT

Harbor is an enterprise open source mirror warehouse that can store, sign and scan the content of cloud native products. Harbor project is the first CNCF open source project in China, especially welcomed by Chinese users. According to recent statistics, 47% of users in China use Harbor in production systems. After Harbor graduated from CNCF in June 2020, many remarkable functions have been added, such as mirror agent, online garbage collection, enhancement of robot account, P2P prewarming, performance data collection interface, IPv6 support, etc. Recently, Harbor Operator 1.0 has been released, which greatly improves the usability of Harbor on Kubernetes platform. The main purpose of this speech is to introduce the new functions that Harbor users are most concerned about and the future development direction.

09:40-10:00

KubeEdge: Architecture Management Practice of Massive Edge Nodes and Devices 下载PPT

As the only incubated edge computing project under CNCF, KubeEdge has been widely used in Internet, industry, energy, parks, transportation and other industries.
 As the only incubated edge computing project under CNCF, KubeEdge has been widely used in Internet, industry, energy, parks, transportation and other industries.
 This sharing will introduce how KubeEdge can realize cloud-edge collaboration in a low-quality network environment, and realize stable support and management of massive edge nodes and devices.

10:00-10:20

ChaosBlade's Past, Present and Future 下载PPT

Alibaba's open source chaos engineering project ChaosBlade has entered CNCF Sandbox, become the first chaos engineering platform project to support the whole lifecycle of cloud native, aiming to help enterprises solve the problem of high availability in the process of cloud native through chaos engineering. This sharing focuses on the positioning of ChaosBlade, introduces the development history and future planning of the project, and shares the commercialization exploration based on this project.

10:20-10:40

SODA: Building an Ecosystem of Data and Storage 下载PPT

SODA Foundation mission is to foster an ecosystem of open source data management and storage software for data autonomy. In this talk, we will introduce the Open Data Framework project and how it simplifies Kubernetes data and storage management. We will also share how you can contribute to SODA, as well as how your project can join the SODA ecosystem

10:40-11:00

Principle and Practice of Chaos Mesh -- a Cloud Native Chaos Engineering Platform 下载PPT

As we all know, distributed system is very complex, faults are everywhere. So, how to survive in this complex world of distributed systems, especially today, when cloud native architecture can be seen everywhere, has been an actual challenge. And now a good answer is chaos engineering. This speech mainly talks about the technical details of Chaos Mesh, a chaos engineering platform under the cloud native architecture, and various designs and tradeoffs in chaos engineering platform building. It shows the mutual promotion between cloud native architecture and chaos engineering, achieving the effect of 1 + 1 > 2.

11:00-11:20

Original security needs to be upgraded before embracing cloud native 下载PPT

Cloud native technology has brought a series of benefits to enterprises, such as cloud infrastructure, Internet core technology, application data and intelligence. With the practice and promotion of cloud native technology, more and more cloud-based enterprises enjoy the dividends brought by cloud native technology. But under the cloud native architecture, Microservices, containers and cloud native components have spawned many new security problems, whole traditional security means cannot be involved. Traditional security protection, endpoints, networks and boundaries are relatively clear at all levels. However, in the cloud environment, these boundaries become very blurred. More importantly, traditional security tools are not cloud native and cannot match the demands of cloud native for flexibility, lightweight, high efficiency, scalability nor cannot be started and stopped at any time. As a result, the efficiency of security protection cannot keep up with the speed of application iteration, and security defense cannot start and stop at any time with the dynamic expansion of services. Therefore, the key requirements of cloud native environment for security construction in management and deployment have changed:
 -Cloud native security needs to cover the depth and breadth of cloud native environment horizontally and vertically from multiple dimensions such as infrastructure layer security, application layer security and data layer security; -Security must be lightweight, continuous and embedded in all aspects of deployment tools to ensure "inspection and control points"; -Security needs to be adapted to the configuration complexity brought by cloud applications, and needs to be automated like applications.

11:20-12:00

Round Table Discussion: Open Source Success Shall Be Led By Enterprise Open Source Office (OSPO)

Updating

13:30-13:50

Viewing the Development Trends of Cloud Native Application Workload from OpenKruise 下载PPT

Cloud native application workloads are well known from Kubernetes native workloads (Deployment, StatefulSet), but on the other hand, we also see that from small and medium-sized start-ups to large Internet companies, the more large-scale application scenarios are, the more these native workloads cannot meet complex business deployment demands. Therefore, many companies have developed their own custom workload suitable for their own scenarios, but among them, only AliCloud’s open-sourced OpenKruise has become a CNCF Sandbox Project, which is truly mature in many aspects such as generalization, comprehensiveness and stability. In this sharing, we will start with Kubernetes native workloads to introduce the responsibilities and implementation basis of cloud native application workload, and then analyze the real demands for application workload in ultra-large-scale business scenarios, how OpenKruise meets these demands, and the development trends under the subsequent open source ecosystem.

13:50-14:10

Karmada: An Open Source Multi-Cloud Native Container Arrangement Platform 下载PPT

Cloud native has become a general trend, but for enterprise customers, for the sake of data sovereignty and security privacy, enterprise customers will consider using multi-cloud hybrid environments to conduct business. However, the differences in infrastructure capabilities and security architectures of different cloud environments will lead to a serious separation of enterprise IT architecture and operation system, increasing the complexity of multi-cloud hybrid implementation and increasing operation costs. This sharing will introduce the development process, typical stages and representative technologies of cloud native multi-cloud & multi-cluster technology, and share how Karmada, the next generation open source multi-cloud container orchestration engine for cloud native, supports seamless migration of applications from single cluster to multi-cluster through native API.

14:10-14:30

Application Practice of Knative Eventing System 下载PPT

Knative Eventing is a standardized event platform on open source Kubernetes, which provides a set of mechanisms to manage cloud computing event publishing and subscription, and provides event-based service triggers for Serverless platforms. Knative Eventing provides composable primitives to implement binding between event producers and event consumers. This sharing first introduces the overall architecture and underlaying implementation of the Knative Eventing system; Secondly, the event transmission mechanism in Eventing system is introduced. Finally, the application practice of Eventing system in mobile cloud function calculation is introduced.

14:30-14:50

Everything You Need to Know About Security Technology of Cloud Native Service Grid 下载PPT

Service Grid is the hottest technology in the cloud native era after Docker and Kubernetes. It has a great tendency to replace the traditional microservice framework and reconstruct the microservice development mode. Istio is currently the most advanced technology and is also the service grid technology most adopted by Chinese developers. Istio mainly provides rich service governance, security and observability in a non-intrusive way. Service governance and observability may be discussed more in various early technical conferences. This speech mainly focuses on how Istio can help developers build zero-trust network security. The contents mainly cover: automatic encryption of inter-service communication, issuance of certificates, automatic rotation, and authentication related functions.

14:50-15:10

Evolution and Practice of Volcano – A Cloud Native Batch Computing Platform 下载PPT

Volcano is the first container batch computing project based on Kubernetes under CNCF. It provides a set of perfect working mechanisms to solve the scheduling and resource management of high-performance computing services such as AI, Big Data, scientific computing and rendering in cloud native environment. This speech mainly shares Volcano's technological evolution roadmap and typical use cases.

15:10-15:30

How does Vipshop improve the utilization rate of cluster resources based on Volcano in AI training scenarios 下载PPT

Vipshop’s AI platform supports a complete set of processes and systems of algorithm models from development, training to launch. Its core work includes large-scale distributed model training and model inference optimization. It supports various machine learning and deep learning scenarios such as recommendation, search, advertisement, image and NLP in business to achieve the overall goal of algorithm-driven company performance. This sharing will introduce how Vipshop’s AI platform that relies on Volcano can solve scheduling problems in the training process of TensorFlow model based on K8S: including Gang Scheduling, resource queue management and other practices, and has achieved a good goal of improving resource utilization rate on the whole. In addition, it will also share that Vipshop will use VPA (Vertical Pod Autoscaler) on K8S to dynamically control the use of container resources, that is, to ensure the availability of physical machines and realize the improvement of the overall resource utilization rate under the condition of CPU resources oversold.

15:30-15:50

Use Tekton + ArgoCD to create cloud native GitSecOps 下载PPT

GitOps is based on declarative systems (such as Kubernetes) and GitHub (or SCM tools such as GitLab) as a single trusted source, which largely solves the deployment of cloud native applications. However, how to handle the storage of sensitive information on GitHub, how to handle the connection of CI/CD, and how to embed other security contents into GitOps are a series of problems to promote GitOps. This speech will share tekton + kustize + sops + ArgoCD to find a practical path for GitSecOps.

15:50-16:10

Application of WebAssembly in Cloud Native Era 下载PPT

The founder of Docker once said on Twitter that if WebAssembly and WASI were born in 2008, there would be no need to create Docker. WebAssembly is the future of Cloud Computing. It has been three years since this tweet, with the introduction of WASI and the emergence of more and more WASM Runtimes, WebAssembly has made remarkable progress in the development of cloud native field. In this lecture, we will profile several examples of WebAssembly runtime computing at the edge to answer whether WebAssembly can replace Docker in some specific scenarios.

16:10-16:30

Security Dilemma and Countermeasures of K8S in Production Environment 下载PPT

K8S has become a de facto standard and is widely used in production environments. However, due to the problems of underlying technologies and usage methods, enterprises are facing some difficulties in using K8S in the production environment. This speech will base on the experience in the production environment to share you the K8S security dilemma and countermeasures.

16:30-16:50

eBPF Practice in MEGVII PaaS Platform 下载PPT

eBPF has been regarded as a revolutionary technology of Linux in recent years, which has gradually attracted people's attention and application, and has brought many new possibilities to cloud native scenarios. This sharing will introduce the practice of eBPF in the process of MEGVII PaaS platform construction.
©开源中国(OSChina.NET) 深圳市奥思网络科技有限公司版权所有 粤ICP备12009483号

扫码进群跟大咖交流

Register Now