Latest entries

Containing the Container: Developer Experience vs Strict Security Posture - Brian Bagdzinski & Sharat Nellutla, Verizon

Verizon IT we manages multiple multi-tenant Kubernetes clusters across on-prem and multiple clouds hosting hundreds of applications. Containers, Kubernetes, and cloud-native are central pillars: both for application modernization strategy, and for our north star architecture. This discussiion is about evolving the developer experience in this space, despite the security constraints, leveraging open source tooling such as Skaffold, Harbor, Kaniko, and Jib.

Links


Only Slightly Bent: Uber’s Kubernetes Migration Journey for Microservices - Yunpeng Liu, Uber

Uber started using docker containers at scale in 2015, and has gone through a few generations of cluster management and service discovery technologies. In early 2019, Uber started working on migration from Mesos to Kubernetes to support secure service mesh and machine learning workloads.
This talk highlights the following: 
- Overview of Uber Compute Infra
- API server benchmark and tweaks
- Custom controller and scheduler logic
- CRI: resource, health check, logging, isolation
- SPIRE and service discovery setup at Uber

Links


Using FoundationDB and the FDB Record Layer to Build CloudKit - Scott Gray, Apple

This talk is about the features of FoundationDB and the Record Layer that help build CloudKit, Apple’s cloud storage system for structured data. Scott Gray, a software engineer at Apple focuses on three key areas where FoundationDB and the Record Layer have unlocked large benefits for CloudKit. First, FoundationDB’s arbitrary multi-key ACID transactions have allowed implement advanced secondary indexing at scale, including our recently-developed transactional full-text search system. 

Links


NuGraph: GraphDB as a Cloud Service Built Upon JanusGraph and FoundationDB - Jun Li & Hieu Nguyen, eBay

Ebay has built a GraphDB cloud service called NuGraph, which is based on JanusGraph. FoundationDB is chosen as the JanusGraph’s storage plugin, because of its high-performance and distributed transaction support. Jun Li and Hieu Nguyen from eBay present the GraphDB architecture, and focus on how they deploy and manage FoundationDB in Kubernetes, how they improve JansGraph query performance in a cross-data center environment, how they bulk load the graph into FoundationDB with its transactional support, and how they secure the 3-tier cloud service with limited security support from FoundationDB.

Links


Service Mesh in Kubernetes: It’s Not That Easy - Lita Cho & Tom Wanielista, Lyft

As Lyft migrated its applications to Kubernetes, assumptions baked into the networking layer were tested. This talk discusses how Lyft used Envoy’s xDS protocol to design their own flexible service mesh and handle new challenges from a multi-cluster architecture such as:
- Routing across multiple Kubernetes clusters
- Handling Deployments
- Rapid scale-in and scale-out
- Service Discovery
- Active/Passive Health Checking
- Readiness in the service mesh

This talk will also go over changes that were made in the Envoy codebase to make this work.

Links


Evolution of Envoy as a Dynamic Redis Proxy - Nicolas Flacco & Henry Yang, Lyft | Mitch Sulaski, Workday

This talk highlights the the evolution of Redis support in Envoy.  Initially Envoy redis proxy only supported sharding to clusters of independent Redis nodes. Recent developments have enabled support for the open source Redis Cluster protocol as well as some unique features such as multicluster routing, flexible load balancing options, and traffic shadowing.

As the usage of Redis expanded different usage patterns emerged, requiring different availability, durability and consistency trade-offs. Henry Yang from Lyft and Mitch Sulaski from Workday discuss how the Envoy redis proxy was extended to support these new requirements in large scale environment(10+ Millions rps) at Lyft and Workday.
 

Links