The O’Reilly Velocity Conference is focused on enabling organizations with the information they need to adopt cloud native practices and technology for their business. This year, Velocity took place June 10–13 in sunny, perhaps too sunny (the thermometer outside read 103°F at one point), San Jose, California. Around three thousand attendees braved the heat to learn more about the changing cloud landscape. There were countless interesting and engaging talks. I have chosen to highlight a few that resonated most with me.
One interesting keynote was Lachlan Evenson and Bridget Kromhout’s “Community projects inform enterprise products.” This talk discussed the creation of Gatekeeper, a policy controller for Kubernetes. During the development process, the team at Microsoft recognized the tool they were making could benefit the wider Kubernetes user base, which lead them to develop it in the open rather than behind closed, proprietary doors. It was encouraging to see the continued commitment to open source from an enterprise software giant like Microsoft.
I found two other keynotes to be especially interesting based on my past work on observability and Site Reliability Engineering. Yaniv Aknin’s “The SRE I aspire to be” and Liz Fong-Jones’s “Cultivating production excellence” both explored tips for a successful SRE organization. Yaniv’s talk focused on the importance of quantifying the significance of risk by its frequency and impact to the business. Service Level Objectives will not be perfect from the outset and should be iterated upon. He also reviewed the limitations of certain reliability measurements: Mean Time to Repair and Mean Time to Failure is based on a fungible definition of what it means to fail and the 9’s approach (e.g. 99.99% availability) comes with the challenge of how to accurately aggregate data into business-credible metrics.
Liz Fong-Jones’s talk emphasized the importance of using an error budget to determine the acceptable level of risk and unreliability to a company. While 100% system reliability is ideal, any and all changes to the system, including new features, come with risk and avoiding risk can stymie innovation. There was a lot of consistency between the best practices and insights shared in each talk. Both emphasized the importance of multiple business units, in and outside of IT, agreeing upon the approach and key indicators including Service Level Agreements.
One of the most interesting talks I went to during the event was Liz Rice’s “Lessons from hacking Kubernetes with kube-hunter.” This talk was centered around kube-hunter, an open source penetration testing tool for Kubernetes. Kube-hunter is used to find open ports and make REST API requests against those ports. Liz provided great examples of how to take advantage of the vulnerabilities found through the tool, including by means of a misappropriated service account token. The talk also provided great reminders about best practices to implement when configuring a cluster, especially about the importance of Role Based Access Controls (RBAC). One other aspect of the talk I appreciated was the review of Kubernetes API calls being made under the covers by kube-hunter. I spend so much of my time using
kubectl, the Kubernetes command-line utility, that I often forget about how powerful it can be to curl your cluster via the API.
In addition to talks, I spent most of my time speaking to people about the Oracle Cloud and its role in the cloud native space. While some of the conversations started as fundamentally as, “I didn’t know Oracle had a cloud, could you tell me about it?” others lead to deeper discussions about how to migrate legacy workloads to the cloud and update them to take advantage of this new paradigm. Many of the attendees that I spoke with also had questions about the recently announced partnership between Oracle and Microsoft, in which their respective cloud offerings will be connected over a direct network connection. I was lucky enough to have the opportunity to deliver a talk about open source tools for providing observability to Kubernetes environments at the Oracle booth.
One highlight of the conference came in the form of the team at SolarWinds seeing their PaperTrail log management solution used in an Fn Project demo running at the Oracle booth. The team was excited to see their product in action at another vendor’s booth. I spoke to Sachin Pikle, the creator of the demo, about his choice of using PaperTrail and he mentioned that the Fn Project makes use of Syslog and because PaperTrail supports Syslog and is very easy to get started with (in a few clicks), it was a natural choice for the demo.
During this year’s Velocity conference, attendees were able to see a variety of great cloud native talks. Velocity provided more evidence of the maturation of the cloud native space and the importance of solving real-world operational challenges, including observability, security, and also how to lead distributed teams. It is clear that we are past the “why” and onto the “how” of adopting cloud native approach. If you would like to learn more about cloud native technologies, check out cloudnative.oracle.com and join our mailing list.