Cloud Native Policy Management with Nirmata: A Reflection of KubeCon NA 2023

Cloud Native Policy Management with Nirmata: A Reflection of KubeCon NA 2023

63d7a379 0358 4077 aaeb 997ffafacd2b

Shuting Zhao presenting Kyverno at the CNCF Keynote

KubeCon NA 2023: A Brief Overview

The Cloud Native Computing Foundation’s flagship conference KubeCon, known for its extensive schedule of talks, workshops, and networking opportunities, brought together thousands of developers, practitioners, and enthusiasts to discuss the latest trends, share insights, and foster collaboration within the cloud-native community. 

This year, it gathered adopters and technologists from the leading open source and cloud native communities in Chicago, Illinois from November 6-9, 2023, and it managed to generate quite a buzz. 

Nirmata at KubeCon NA 2023

Nirmata is a leading provider of comprehensive policy-based security and automation for Kubernetes and our team had a significant presence at KubeCon NA 2023. We had an opportunity to present six sessions, one Kyverno workshop, and two booths where event participants learnt more about our offerings and discussed their use cases. We enjoyed discussion on various topics ranging from Kyverno use-cases to Nirmata features with the visitors.

Add a heading (22)

IMG 1656

Team Nirmata at KubeCon NA 2023

Platform Engineering – A Prominent Theme

While several topics were covered during Kubecon, one couldn’t help but notice the large number of sessions and conversations revolving around “Platform Engineering.” This topic is especially relevant for us as Kyverno as well as our solutions are heavily adopted by Platform Engineers.

Kyverno Updates

This has been another great year of key milestones for Kyverno that includes over 4.6k stars on GitHub, over 2.63 billion downloads, and release 1.11 with several new features and additional functionalities. The growth of Kyverno has been evident with an expanding list of early adopters, and then moving on to the production environment.

Recently, a few new vulnerabilities for Kubernetes Nginx Ingress controllers had made their way across industry channels. Boris Kurktchiev explained how you can use the power of Kyverno to create simple, easy to read and understand policy to completely mitigate the effects of these CVEs. More details here

This KubeCon was also a perfect opportunity to announce Kyverno for any JSON payload. More details here

If you are curious to know more about Kyverno, you can check out this interesting blog regarding its evolution. 

Additionally, here are some useful links to learn more about Kyverno:

 

For the complete details on Kubernetes policy and governance, please feel free to grab a free copy of our latest ebook –Securing Kubernetes using Policy-as-code.

Nirmata Sessions and Workshops

Here is a sneak peek at our team’s sessions and workshops during the event. 

Our CEO, Jim Bugwadia was a part of this panel session where members of the CNCF Policy Working Group discussed why Kubernetes requires policy management. 

Policy Based Kubernetes Governance, Risk, and Compliance

Image from iOS (2)

CNCF PWG Panel Discussion

Watch the video:

 

Ritesh Patel and David Murphy introduced the BACK stack, a composable IDP using four widely adopted CNCF projects: Backstage, Argo CD, Crossplane, and Kyverno. 

Introducing the BACK Stack!

1699566264773

BACK Stack Discussion

Watch the video.

 

There was discussion about multi-tenancy, where along with other panel members, Ritesh Patel shared his thoughts on how multi-tenancy can save costs and drive efficiency for the Kubernetes clusters. 

IMG 4678

Multitenancy

 

This maintainer session on Kyverno gave an overview of Kyverno, the Kubernetes-native policy engine currently in incubation, along with recent updates in the latest version and a sneak peek of future versions. With Kyverno, policies are written as standard YAML and no programming language or knowledge is required.

Kyverno: Overview and What’s New

IMG 4854

Kyverno Overview

Watch the video:

 

 

Crossplane and Kyverno deliver comprehensive automation, enabling the effortless creation of resilient, secure, and operationally efficient production environments. This talk by Dolis Sharma explored the seamless integration of Crossplane and Kyverno, showcasing their combined capabilities in automating cluster creation, resource configuration, compliance enforcement, add-on deployment, and security checks.

Automate Production-Ready Cluster Using Crossplane Compositions and Kyverno 

 

1699564002216

Comprehensive Automation with Crossplane and Kyverno

 

Watch the video

 

Anusha Hegde and Kiran Mova shared their experiences of building cloud-native communities, startup (mis)adventures, and monetising with CNCF projects.

Code, Chaos, and Cash: (Mis)Adventures in Open-Source Wonderland 

F baZjeWUAAki X

Building Cloud Native Communities

Watch the video:

Additionally, there was a session on compliance and policy automation for open source projects  – the what and how to expose policy configurations, enforce desired states and trace actual states to policy reports and compliance artifacts. The session was led by experienced policy practitioners who are implementing policy and compliance architectures in real world enterprise and government systems using Kubernetes and CNCF open source tools. 

Kubernetes Contributors Summit

 

There was also an in-person project working session on Kyverno where the maintainers of Kyverno talked about how to get started, best practices, and advanced topics in this hands-on interactive workshop. The Kyverno team started with an introduction, and then dived into advanced topics. 

Kyverno Workshop 

Key Takeaways from KubeCon NA 2023

  • Networking Opportunities: KubeCon NA is renowned for its networking opportunities, and our team had the chance to connect with several industry leaders and Kubernetes experts with the potential to yield valuable partnerships and collaborations in the future.
  • Insightful Sessions: KubeCon featured a wide array of sessions and talks, covering everything from best practices and real-world case studies to the latest developments in Kubernetes and cloud-native technologies. Our team had the opportunity to attend several valuable sessions that helped broaden their perspectives on Kubernetes management.
  • Showcasing Innovations: At KubeCon NA, we had an opportunity to showcase our Kubernetes management platform, demonstrating its capabilities and how it can address the challenges faced by modern enterprises.
  • Community Engagement: One of the most exciting parts during the event was that we could engage with the huge Kubernetes community members and participate in discussions. Several enthusiasts shared their experiences, real time use cases, and learned from other community members.
  • Emerging Trends: The conference provided valuable insights into the emerging trends in the Kubernetes and cloud-native space. Hence we got the opportunity to get a deeper understanding of how technologies like Kubernetes, security, and governance are evolving. We could also see the change in dynamics from “WHY” to “HOW” for the governance, and this will help us shape our product roadmap and better serve our partners and customers.

So what’s next for you?

If you want to get involved, there are several options depending on where you are on your  Kubernetes policy and governance journey.

  • To start with, you can download this free ebook  Securing Kubernetes using Policy-as-code.
  • We also host Nirmata Office Hours for Kyverno, an interactive session and livestream hosted by the team at Nirmata, the creators of Kyverno, where we discuss all things Kubernetes policy and governance! Office hours occur on the second Thursday of every month at 10am EST / 7am PST. Join the Google group to receive a calendar invite with meeting details. Watch the previous sessions.
  • Join the conversation on Kyverno Slack. Over 2400 Kyverno community members join to ask questions and share best practices with over 75% of the channel members participating in the conversation! Or, why not try to complete free Kyverno certification.
  • Reach out to us– We would be delighted to get on the phone with you to discuss where you are in your Kubernetes policy and governance journey and how Kyverno or Nirmata Policy Manager for Kubernetes (built on Kyverno) can help you meet your security goals.

And, next for us…

Conclusion

KubeCon NA 2023 was a resounding success for Nirmata as our team had the opportunity to connect with industry leaders, gain insights from experts, engage with the Kubernetes community, and showcase our product offerings. With our comprehensive platform and deep expertise in Kubernetes security, governance, and compliance, Nirmata is ready to help organizations of all sizes and industries unlock the full potential of cloud-native technologies and drive business growth in the years to come.

 

#PolicyMatters

Team Nirmata at KubeCon EU 2024: Modern Security for Modern Apps
Nirmata at KubeCon NA 2023
No Comments

Sorry, the comment form is closed at this time.