Loading…
In-person
1-4 April 2025
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in British Summer Time (BST) (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
or to bookmark your favorites and sync them to your phone or calendar.
Type: Connectivity clear filter
Wednesday, April 2
 

15:15 BST

The Great Sidecar Debate - William Morgan, Buoyant
Wednesday April 2, 2025 15:15 - 15:45 BST
Level 0 | ICC Capital Hall | Room 1
Sidecars, long the defining characteristic of the service mesh, are now the subject of its latest debate. While Kubernetes itself has recently added native support for sidecar containers, for service meshes, the question remains: does this architecture still hold water? Or, in the world of ambient and eBPF, are sidecars an antiquated approach already surpassed?

In this session, we'll take a pragmatic and engineering-focused approach to the debate. Every engineering choice is ultimately a tradeoff, so what are the tradeoffs at play here? Are there situations where sidecars provide value vs alternatives? Situations in which they suffer by comparison? We'll evaluate the practical considerations for service meshes: resource consumption, operational considerations (e.g. blast radius), security considerations (e.g. threat models), and more, and attempt to paint a comprehensive and unbiased picture of the pros and cons between approaches.
Speakers
avatar for William Morgan

William Morgan

CEO, Buoyant
William is the co-founder and CEO of Buoyant, the creator of the open source service mesh project Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, where he helped move Twitter from a failing monolithic Ruby on Rails app to a highly distributed, fault-tolerant... Read More →
Wednesday April 2, 2025 15:15 - 15:45 BST
Level 0 | ICC Capital Hall | Room 1
  Connectivity

16:15 BST

Taming the Traffic: Selecting the Perfect Gateway Implementation for You - Spencer Hance, Google; Arko Dasgupta, Tetrate; Christine Kim, Isovalent at Cisco; Kate Osborn, NGINX/F5; Mike Morris, Microsoft
Wednesday April 2, 2025 16:15 - 16:45 BST
Level 0 | ICC Capital Hall | Room 1
The Kubernetes Gateway API has emerged as the next-generation standard for managing ingress traffic, promising greater flexibility and expressiveness than traditional Ingress resources. But with a growing ecosystem of almost 30 implementations, choosing the right one for your specific needs can feel overwhelming. This panel discussion brings together 5 experts at the forefront of Gateway API development to help you navigate this evolving landscape. Each panelist is actively involved in implementing the Gateway API and contributing to the OSS project itself. Together, the panelists represent all the different categories of implementations you might be considering - including service mesh.

This session will provide a comprehensive overview of the key considerations when selecting a Gateway API implementation. We will discuss things like API conformance, scalability, performance, integrations, installation, management, and much more!
Speakers
avatar for Kate Osborn

Kate Osborn

Senior Software Engineer, NGINX/F5
Maintainer of NGINX Gateway Fabric. Kubernetes fanatic since 2018.
avatar for Spencer Hance

Spencer Hance

Software Engineer, Google
Spencer Hance is a Software Engineer focused on Kubernetes Networking at Google. He is currently a tech lead for Gateway API on GKE (Google Kubernetes Engine) and was previously a tech lead for Ingress API on GKE. Spencer has been at Google since 2019 and is based in San Francisc... Read More →
avatar for Arko Dasgupta

Arko Dasgupta

Software Engineer, Tetrate
Software Engineer at Tetrate spending most of his time building & debugging networking features with Envoy Gateway, Envoy Proxy and Gateway API.
avatar for Mike Morris

Mike Morris

Senior Product Manager, Microsoft
Mike is a product manager at Microsoft working on upstream open source projects with a focus on Istio service mesh, and a Gateway API for service mesh co-lead. He is interested in building healthy, sustainable communities and scalable distributed systems, and working collaboratively... Read More →
avatar for Christine Kim

Christine Kim

OSS Dev Experience, Isovalent at Cisco
Christine Kim focuses on developer experience at Isovalent, where she dabbles in the world of Kubernetes and Service Meshes.
Wednesday April 2, 2025 16:15 - 16:45 BST
Level 0 | ICC Capital Hall | Room 1
  Connectivity

17:00 BST

Uncharted Waters: Dynamic Resource Allocation for Networking - Miguel Duarte Barroso, Red Hat & Lionel Jouin, Ericsson Software Technology
Wednesday April 2, 2025 17:00 - 17:30 BST
Level 0 | ICC Capital Hall | Room 1
In last year’s naval engagement, the multi-network fleet launched a bold assault on Kubernetes SIG-Network’s defenses, led by the flagship proposal, the USS Pod Spec Modification. But under heavy fire from SIG-Network’s coastal batteries, the mission was repelled, leaving both sides to regroup and rethink their strategies.

Now, as the fog of war clears, the fleet has charted a new course. Instead of another frontal assault on the Pod spec stronghold, the focus shifts to the versatile and Kubernetes-native waters of Dynamic Resource Allocation (DRA). This tactical pivot could outflank SIG-Network’s defenses, introducing the DRA CNI Driver and a new era for Kubernetes networking.

Join us to explore how DRA reshapes networking in Kubernetes, what it means for your clusters, and how you can help steer this upstream effort. From strategy to implementation, we’ll unpack what’s next in the ongoing naval battle of Kubernetes networking.
Speakers
avatar for Miguel Duarte Barroso

Miguel Duarte Barroso

Principal Software Engineer, Red Hat
Miguel is a Principal Software Engineer for Openshift Virtualization at Red Hat.His main interests are SDN / NFV, functional programming, containers, and virtualization.Miguel is a member of the Network Plumbing Working Group, a maintainer of several CNI plugins (whereabouts, macvtap... Read More →
avatar for Lionel Joiun

Lionel Joiun

Software Engineer, Ericsson Software Technology
Lionel Jouin is a Software Engineer at Ericsson Software Technology, based in Stockholm, Sweden. He actively contributes to Kubernetes with a focus on bringing native support for secondary networks and its ecosystem including services and policies…. His contributions span SIG Network... Read More →
Wednesday April 2, 2025 17:00 - 17:30 BST
Level 0 | ICC Capital Hall | Room 1
  Connectivity

17:45 BST

Making the Leap: What Gateway API Needs To Support Ingress-NGINX Users - Rob Scott, Google & James Strong, Isovalent at Cisco
Wednesday April 2, 2025 17:45 - 18:15 BST
Level 0 | ICC Capital Hall | Room 1
Ingress-NGINX has been the cornerstone of Kubernetes Ingress for years. As the maintainers transition to a new Gateway API-focused implementation, we face a critical question - how can we provide a seamless migration to Gateway API? What about the Ingress-NGINX features that Gateway API doesn’t support yet? To ensure a smooth transition to Gateway API, the ecosystem must address these gaps - and your input is essential.

In this talk, Rob and James will explore the critical challenges of migrating from Ingress to Gateway. They’ll highlight commonly used Ingress-NGINX features that are not yet supported in Gateway API and discuss how the community can drive the evolution of Gateway API to meet the needs of Ingress-NGINX users.

This session will provide insights into what’s needed to make Gateway API a true successor for Ingress-NGINX users, focusing on collaboration and feedback. Join us in shaping the future of ingress networking in Kubernetes.
Speakers
avatar for James Strong

James Strong

solution architect, isovalent at cisco
James has been working in the cloud for 7 years. He helped build a private cloud at GE Appliances and developed and supported REST API's in AWS on docker. Recently he has passed the CNCF's CKA exam and helps companies migrate their applications to Kubernetes.
avatar for Rob Scott

Rob Scott

Staff Software Engineer, Google
Rob is an open source enthusiast currently working on Kubernetes Networking at Google. He's been a maintainer of Gateway API since the very early days of the project and led the development of other Kubernetes networking APIs like EndpointSlices.
Wednesday April 2, 2025 17:45 - 18:15 BST
Level 0 | ICC Capital Hall | Room 1
  Connectivity
 
Thursday, April 3
 

11:00 BST

Debugging Envoy Tunnels: A Deep Dive - Carlos Sanchez & Alexandra Stoica, Adobe
Thursday April 3, 2025 11:00 - 11:30 BST
Level 1 | Hall Entrance N10 | Room E
Envoy is a powerful proxy for modern microservices architectures that can securely connect services using encryption and mutual authentication with certificates. However, when Envoy tunnels don't work as expected, troubleshooting can become a complex and time-consuming task.

At Adobe, we use Envoy to connect pods running in Kubernetes with customer-dedicated infrastructure, such as on-premise services and databases. This setup allows different pods to have their own dedicated egress IP, or to connect from pods to multiple customer on-premise services using VPN. This relies heavily on Envoy tunnels and mTLS, and we've encountered numerous situations where things can and do go wrong.

Join us as we challenge you through a series of interactive demos to solve various cases of tunnel failures. Are you ready to crack the case and become an Envoy troubleshooting expert?
Speakers
avatar for Carlos Sanchez

Carlos Sanchez

Principal Scientist, Adobe
Carlos Sanchez is a Principal Scientist at Adobe Experience Manager, specializing in software automation, from build tools to Continuous Delivery and Progressive Delivery. Involved in Open Source for over 20 years, he is the author of the Jenkins Kubernetes plugin and a member of... Read More →
avatar for Alexandra Stoica

Alexandra Stoica

Site Reliability Engineer, Adobe
Alexandra Stoica is a Site Reliability Engineer at Adobe, specializing in cloud infrastructure, automation, and continuous delivery. With extensive experience in building and maintaining Kubernetes Operators, Alexandra has developed tools to automate networking infrastructure provisioning... Read More →
Thursday April 3, 2025 11:00 - 11:30 BST
Level 1 | Hall Entrance N10 | Room E
  Connectivity

11:45 BST

Journey at the New York Times: Is Sidecar-Less Service Mesh Disappearing Into Infrastructure? - Lin Sun, Solo.io & Ahmed Bebars, The New York Times
Thursday April 3, 2025 11:45 - 12:15 BST
Level 1 | Hall Entrance N10 | Room E
At The New York Times, we manage a multi-tenant Kubernetes architecture across diverse regions, leveraging projects like Istio, OPA, and Karpenter. With Istio ambient mode now generally available, we’re exploring whether it’s time to eliminate sidecars in our production environment and allow the service mesh to integrate seamlessly into our infrastructure for multiple teams.

In this talk, we’ll take you through our journey of collaborating with the Istio and cloud-native community to build a sidecar-less architecture from scratch, utilizing the broader cloud-native stack we already have. We’ll share the technical challenges we encountered, practical tips for adopting Istio ambient mode, and the tangible benefits we’ve realized along the way. Join us to discover how we’re reshaping our cloud-native architecture for simplicity and efficiency.

Speakers
avatar for Ahmed Bebars

Ahmed Bebars

Principal Engineer, The New York Times
As a Principal Engineer on the Developer Platforms mission at The New York Times, I specialize in Cloud Infrastructure technologies, focusing on developing robust and scalable Kubernetes-based solutions. My primary focus is crafting a secure runtime environment that empowers service... Read More →
avatar for Lin Sun

Lin Sun

CNCF TOC member and Head of Open-Source, solo.io
Lin is the Head of Open Source at Solo.io, and a CNCF TOC member and ambassador. She has worked on the Istio service mesh since the beginning of the project in 2017 and serves on the Istio Steering Committee and Technical Oversight Committee. Previously, she was a Senior Technical... Read More →
Thursday April 3, 2025 11:45 - 12:15 BST
Level 1 | Hall Entrance N10 | Room E
  Connectivity
  • Content Experience Level Any

14:15 BST

How We Moved Spotify To a Proxyless gRPC Service Mesh - Erik Lindblad & Erica Manno, Spotify
Thursday April 3, 2025 14:15 - 14:45 BST
Level 1 | Hall Entrance N10 | Room E
This talk tells the story of how Spotify transitioned its service network from a decade old DNS based service discovery to a modern service mesh built on the xDS API’s from the Envoy project. The talk covers the research and design considerations for this new system, and how it draws full advantage of native support in gRPC for both xDS and proxyless load balancing to support Spotify’s scale (2 million kubernetes pods) without the performance impact of traditional service mesh setups. The audience will learn how this setup was used to build three important mesh capabilities at Spotify: dynamic traffic splitting, a service call graph and zone aware routing.

This is a case study, so the talk will also cover operational considerations like safe rollouts using fast fallback mechanisms, and how to use gRPC’s custom load balancer support to do a centrally managed rollout that’s transparent to teams using your platform.
Speakers
avatar for Erik Lindblad

Erik Lindblad

Staff Engineer, Spotify
Erik works as a Staff Engineer in Spotify's Infrastructure department since 2018, and at Spotify since 2013. He has led work on several major infrastructure projects, like global load balancing, service mesh and cloud cost performance.
avatar for Erica Manno

Erica Manno

Senior Software Engineer, Spotify
I am Senior Software Engineer at Spotify based out of Italy, working in Core Infrastructure. I am passionate about distributed systems, reliability at scale and solving infrastructure-related challenges. Prior to Spotify, I worked at Verisign as a tech lead building the registry for... Read More →
Thursday April 3, 2025 14:15 - 14:45 BST
Level 1 | Hall Entrance N10 | Room E
  Connectivity

15:00 BST

Encryption, Identities, and Everything in Between; Building Secure Kubernetes Networks - Lior Lieberman, Google & Igor Velichkovich, Stealth Startup
Thursday April 3, 2025 15:00 - 15:30 BST
Level 1 | Hall Entrance N10 | Room E
As the scale of your clusters grows, so does the complexity of securing your networks. The stakes are high: inadequate encryption or identity management solutions can leave clusters vulnerable to a range of security risks.

In this session, Lior and Igor will explore the landscape of network encryption, AuthN and AuthZ solutions grounded in the principles of defense-in-depth and least privilege. Starting with the current projects in the ecosystem, they’ll highlight the principles and design requirements essential for building resilient, secure networks. The session will then dive into real-world scenarios where you’ll learn security strategies at scale. Finally, they’ll highlight how the community can work together to standardize and simplify encryption and identity management, making security more accessible and robust for all users.

Join us! We’d also love your feedback to help drive the future of Kubernetes network security.
Speakers
avatar for Igor Velichkovich

Igor Velichkovich

Software Engineering Lead, Stealth Startup
Igor is an engineering lead at a stealth startup focused on accelerated infrastructure and high performance compute. He has worked with sig-api-machinery (CEL) and continues work with various projects of kubernetes-sigs used in accelerated infrastructure environments.
avatar for Lior Lieberman

Lior Lieberman

Site Reliability Engineer, Google
Lior is site reliability engineer at Google working on Google Compute Engine and Cloud Service Mesh. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.
Thursday April 3, 2025 15:00 - 15:30 BST
Level 1 | Hall Entrance N10 | Room E
  Connectivity
 
Friday, April 4
 

15:15 BST

Using eBPF for Non-invasive, Performant, Instant Network Monitoring - Mario Macías & Marc Tudurí, Grafana
Friday April 4, 2025 15:15 - 15:45 BST
Level 0 | ICC Auditorium
Traditionally, monitoring your network connections required from devices being able to export the flows data. With the rise of software-defined networks, the responsibility of providing observability capabilities relied on the SDN providers or on software-based packet analyzers that often have a noticeable impact on the cluster’s performance.

eBPF is presented as an efficient, non-invasive mechanism to observe different layers of clusters’ network, from L3 to L7, and automatically extract relevant information without having to redeploy neither the network infrastructure nor applications.

Our talk explains the Grafana journey to provide plug and play network and services observability: how we connect to different layers of your services infrastructure to provide from how network packets flow through your system to the details of the L7 service/client requests and responses, and how the low-level network information is matched with Kubernetes metadata for improved user data navigation.
Speakers
avatar for Mario Macías

Mario Macías

Staff Software Engineer, Grafana
I love programming since I was 12 years old. I’m a software engineer with 20 years of experience. During that time, I’ve been a scientific researcher, Ph.D student, university teacher, backend developer, and book writer. During the last 7 years I've focused on monitoring and observability... Read More →
avatar for Marc Tudurí

Marc Tudurí

Senior Software Engineer, Grafana
Marc Tuduri is Prometheus contributor, OpenTelemetry member and Software Engineer at Grafana.
Friday April 4, 2025 15:15 - 15:45 BST
Level 0 | ICC Auditorium
  Connectivity
  • Content Experience Level Any
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Monday, March 31
Tuesday, April 1
Wednesday, April 2
Thursday, April 3
Friday, April 4
Bafta | Ray Dolby Room
Civo Tech Junction
Crowne Plaza London Docklands
Level 0 | ICC Auditorium
Level 0 | ICC Capital Hall | Room 1
Level 0 | ICC Capital Hall | Room 2
Level 1 | Hall Entrance N10 | Room E
Level 1 | Hall Entrance N10 | Room F
Level 1 | Hall Entrance N10 | Room G
Level 1 | Hall Entrance N10 | Room H
Level 1 | Hall Entrance N11
Level 1 | Hall Entrance S10 | Room A
Level 1 | Hall Entrance S10 | Room B
Level 1 | Hall Entrance S10 | Room C
Level 1 | Hall Entrance S10 | Room D
Level 1 | Hall Entrance S5
Level 1 | Hall Entrances S8 - S9, N8 - N9
Level 2 | South Gallery | Room 11 - 12
Level 3 | ICC Capital Suite 1
Level 3 | ICC Capital Suite 10-12
Level 3 | ICC Capital Suite 14-16
Level 3 | ICC Capital Suite 17
Level 3 | ICC Capital Suite 7-9
Platinum Suite | Level 3
Platinum Suite | Level 3 | Room 1-2
Platinum Suite | Level 3 | Room 3-4
The Steel Yard
  • 🚨 Contribfest
  • 🪧 Poster Sessions
  • AI + ML
  • Application Development
  • Breaks
  • ⚡ Lightning Talks
  • Cloud Native Experience
  • Cloud Native Novice
  • CNCF-hosted Co-located Events
  • Connectivity
  • Data Processing + Storage
  • Emerging + Advanced
  • Experiences
  • Keynote Sessions
  • Maintainer Track
  • Observability
  • Operations + Performance
  • Platform Engineering
  • Project Opportunities
  • Registration
  • Security
  • Solutions Showcase
  • Sponsor-hosted Co-located Event
  • Tutorials
  • Content Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate