June 17th, 2023 | Mumbai
Kubernetes
Community
Days Mumbai
Join us at Kubernetes Community Days in Mumbai to experience the power of a diverse community coming together to learn & share knowledge on cloud native.
Get Your Ticket

KCD Mumbai will be an in-person event packed with Kubernetes and Cloud Native talks and workshops, and ending with a party. This will be the first edition of Kubernetes Community Days in Mumbai. We are an inclusive, and open community of engineers, developers, professionals, and anyone in the Cloud Native ecosystem.
Location and Date

Mumbai
KCD Mumbai will be held in Mumbai. With over 350 attendees, this will be one of the largest events for cloud-native in Mumbai with a focus on open source and community.
We will provide the safest possible hybrid event and follow all the government and CNCF guidelines.
Date: June 17th, 2023
Organizers
Saiyam Pathak
Director of Technical Evangelism
Civo

Rohit Ghumare
Developer Advocate
Solo.io

Divya Mohan
Senior Technical Evangelist
SUSE

Shivay Lamba
MEILISEARCH
Sponsor us
KCD is a community-organized event and would not be possible without our partners. If you're interested in becoming a sponsor, contact us at contact@kcdmumbai.com.
Sponsorship ProspectusSponsors
Thank you to our sponsors for their invaluable support and commitment to the community.
If you're interested in becoming a sponsor, contact us at contact@kcdmumbai.com.
PLATINUM
GOLD


SILVER
Community





Agenda
June 17
03:30 AM -- 03:50 AM
Opening remarks
MainIn Person03:50 AM -- 04:15 AM
Kubernetes - The Universal Control Plane
Kubernetes is emerging as one of the best control planes in the context of modern applications and infrastructure. The powerful scheduler, which was originally designed to deal with the placement of pods on appropriate nodes, is quite extensible. It can solve many of the problems that exist in traditional distributed systems. This session explores how Kubernetes is transforming into a universal control plane for orchestrating diverse workloads based on containers, virtual machines, the public cloud, and WASM.
MainIn Person
Janakiram & Associates
04:15 AM -- 04:35 AM
What is Cloud Native WebAssembly?
Serverless applications are gaining momentum. Developers like the simplicity of writing a serverless function. And with WebAssembly as an underlying technology, it is fast and easy to build WebAssembly serverless apps. In this talk, Rajat and Matt introduce Spin, an open source tool for rapidly building serverless functions in WebAssembly. We’ll start by talking about WebAssembly itself and why a technology that was good for the browser is great for the cloud. Then we will look at how Spin works. To illustrate this, we’ll talk about the `goodfirstissue` bot and demo how with minimal changes, we are able to run this bot as serverless app using Spin
MainIn Person
CEO
Fermyon
04:35 AM -- 04:55 AM
Tea + networking
BreaksIn Person04:55 AM -- 05:25 AM
Blockchain goes Kubernetes
This session will provide an overview of what it takes for companies to run public blockchain nodes on Kubernetes. We will begin with an introduction to blockchain nodes (servers), what they are, and a brief description of how they work, including the differences between each blockchain. Once the basics are covered, we will discuss the challenges of running a node blockchain on a server. Next, we will explore how to leverage k8s to solve some of the challenges of hosting nodes. This will include describing how to deploy nodes on k8s using statefulsets, updating blockchains, and accessing blockchain data using k8s services. Finally, we will cover how to monitor nodes using Prometheus.
Stage 1In Person
Scale3Labs
04:55 AM -- 05:25 AM
How & Why Does The Work of OpenSSF Impact You
Open Source Software is in use by a large number of organizations for whom security and compliance is paramount. Examples of these are governments, banks, financial institutions, etc. These large organizations are raising questions about the integrity of software artifacts and establish provenance at each stage. Recent evidence of which can be found here: [1] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf [2] https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ Many projects are positioned to provide some answers using Software Bill Of Materials (SBOMs) and implementing initiatives such as SLSA.dev, However there is massive inconsistency across the organizations' repositories, working groups (and other administrative entities). Secure Open Source Supply Chains are paramount to those involved in creating and distributing open source software. Those engineers, engineering managers, and program managers who are responsible for delivering software that is or consumes open source software are under increasing scrutiny to establish provenance of their software artifacts. This talk will demonstrate the impact of the work OpenSSF is doing ― especially for open source foundations, by sharing details about how we are embracing best practices prescribed by OpenSSF. The talk will also contain some ideas about how we intend to further securing our open source ecosystem.
Stage 2In Person
Chief Evangelist
Cloud Foundry Foundation
04:55 AM -- 05:25 AM
Istio Service Mesh - Day 0 to Day 2 Operations
Microservices can be complicated and difficult to manage, and a service mesh is a popular solution for many of those complexities. You will be given a quick fly-over of what challenges service mesh solves, service mesh architecture, and various service mesh projects in the ecosystem. This workshop explains how to get started with Istio by incrementally adopting Istio and observing the benefits that Istio service mesh brings to you. We will explore various functions and benefits that Istio provides to your organization. Some of the topics that we will cover in this workshop include: - Install Istio - Secure services with Istio Ingress Gateway - Add services to the mesh - Secure inter-service communication with Istio - Control traffic This workshop also includes a certification option. This credential, offered by Solo.io with Credly, certifies that you possess introductory skills. At the completion of the workshop, you will be able to take an assessment and a score 80% or higher earns the certification
WorkshopIn Person
Developer Advocate at
solo.io

Solo Ambassador, DevOps Engineer
Nimblebox
05:25 AM -- 05:55 AM
Getting Hands-On with the New Kubernetes Gateway API
Why do you need another API to handle external traffic when you have the stable Kubernetes Ingress API and dozens of implementations? What problems of the Ingress API does the new Gateway API solve? Does this mean the end of the Ingress API? In this short talk, Navendu will answer these questions by exploring how Gateway APIs evolved and solved the shortcomings of the Ingress API with hands-on examples. Attendees will learn about the new Gateway API and how they can implement feature-rich, extensible, vendor-neutral gateways to their Kubernetes clusters.
Stage 2In Person
Developer Advocate
API7.ai
05:25 AM -- 05:55 AM
Platinum Sponsor Session: Top 5 Things to Know Running OpenTelemetry on Kubernetes
OpenTelemetry (OTel) is a vendor-neutral, open-source observability framework and one of the fastest-growing open-source projects in the CNCF space. Adoption for OpenTelemetry is on the rise. In this session, we will cover the rise of OpenTelemetry, its core concepts, and different components such as Instrumentation, Collector, Operator, and more. We will also discuss distributed tracing and deployment options on Kubernetes. The goal is to provide you with the knowledge necessary to understand OpenTelemetry, its prerequisite requirements, and its technological maturity.
Stage 1In Person
Senior Developer Relations Engineer
New Relic
05:55 AM -- 06:25 AM
Demystifying Gitops with ArgoCD
GitOps is a modern approach to managing application deployments. In this session, the speaker will provide an overview of GitOps and explore how ArgoCD, a popular GitOps tool, fits into the ecosystem. The speaker will also dive into the key features and architecture of ArgoCD, and demonstrate how it can be used to deploy applications to Kubernetes. By the end of the session, attendees will have a solid understanding of GitOps principles and how ArgoCD can be used to manage Kubernetes deployments.
Stage 1In Person
Developer
SAP Labs
05:55 AM -- 06:25 AM
Finding Imposter Among Us: Container Edition
Much like the game Among Us, Bad faith actors can sneak into our spaceship aka containerized workloads anytime. It now comes to the crew members to guess and eliminate the threat. Similarly even if we secure our supply chain, there will always be threat actors that can attack at runtime. It is not a matter of if but when. There's a need to enforce security at runtime to contain damages when it happens. Containers are not black boxes, there's a need to understand the entities that run inside them. Just sand-boxing around them isn't enough, we need to profile our entities inside our containers, profile them and enforce zero trust rules. But achieving zero trust is non trivial especially with the highly dynamic nature of modern containerized workloads. This session will be about understanding the entities inside our containers, trying to identify assets that are exposed to entities inside containers, explore our crew members eBPF, Seccomp and LSMs who will help us identify and quarantine breaches at runtime minimizing our attack surface in the process.
Stage 2In Person
Accuknox
06:25 AM -- 06:55 AM
Autoscaling Kubernetes Workloads Based On Metrics
Tired of scaling your Kubernetes workloads manually? Tired of overprovisioning resources that lead to unnecessary costs? Tired of underprovisioning resources that lead to degraded application performance? Join Rakshit in his talk in which he will briefly explain how we can use metrics to autoscale our Kubernetes workloads with the help of HorizontalPodAutoscaler. Join him on a ride to learn about the history, the different types of scaling techniques, and finally go through a live demo of scraping metrics from Prometheus using the Keptn Lifecycle Toolkit and scaling the workloads using HorizontalPodAutoscalar. Being an active contributor for Keptn, He will briefly explain how the Keptn Metrics Operator enables us to have a single entry point for the metrics data, regardless of the source of metrics and helps us in autoscaling our workloads. Get to learn about the challenges faced while scaling workloads manually. Get to learn about the benefits of using metrics to autoscale Kubernetes workloads without having to fear unessential costs and poor application performance. Get hands-on experience using the Keptn Lifecycle Toolkit to scrape metrics from any metric provider and then use it to autoscale your Kubernetes workloads.
Stage 2In Person
Punjab Engineering College
06:25 AM -- 06:55 AM
Sponsored session: A tale of two distributed systems through the lens of a developer
Developers continue to be one of the most valuable resources of a company. The tools they use need to align with modern cloud native development practices while helping them be as productive and efficient as possible. In this session, we’ll go over a practical demonstration of building a scalable cloud-native stack with Kubernetes and YugabyteDB (a distributed SQL) and talk about how these two distributed systems can assist you in creating distributed apps quickly from scratch using a scaffolding accelerator.
Stage 1In Person
Field Solution Engineer
Yugabyte
07:00 AM -- 08:00 AM
Lunch
BreaksIn Person08:00 AM -- 09:30 AM
Platinum Sponsor Workshop: Getting Started with Kubernetes Observability
In this workshop, we will use a sample Kubernetes template to create multiple microservices comprising an e-commerce shopfront where shoppers can buy unique socks. We will explore various aspects, such as metrics, events, logs, and traces. This will give you better insights into Kubernetes and important Observability concepts.
WorkshopIn Person
Senior Developer Relations Engineer
New Relic
08:00 AM -- 08:15 AM
Sponsored Lightning Talk: Monitor Kubernetes cluster with Elastic
Bring logs, metrics, and traces from your Kubernetes cluster and the workloads running on it into a single, unified solution. Elastic observability gives better visibility on your kubernetes ecosystem where you can monitor your pods, services, workload etc. Use a centrally managed Elastic Agent to gain visibility into your Kubernetes deployments on EKS, AKS, GKE or self-managed clusters.
Stage 2In Person
Sr. Developer Advocate
Elastic
08:00 AM -- 08:30 AM
TBA
Stage 1In Person08:15 AM -- 08:30 AM
Securing Kubernetes with m9sweeper
In this talk, we will be discussing the importance of securing your Kubernetes cluster and how you can do it using the powerful tool, "m9sweeper." As the adoption of Kubernetes continues to grow, it has become more critical to prioritize the security of your cluster. "M9sweeper" is an open-source security tool that is designed to detect and identify vulnerabilities and misconfigurations in your Kubernetes deployment. It offers a comprehensive set of checks that cover a broad range of security aspects, including network policies, access control, encryption, and pod security. We will also highlight some of the key benefits of using this tool, including the ability to automate security checks, improve compliance, and increase the overall resilience of your cluster.
Stage 2In Person
UST
08:30 AM -- 08:45 AM
Open Policy Agent: Evaluating Policy at Client side using WASM
In modern distributed systems, security and policy enforcement are critical components that ensure the system operates securely and as intended. Kubernetes has built-in policy enforcement capabilities using Kubernetes Network Policies and Kubernetes Admission Controllers, but these are limited to server-side enforcement. What about client-side policy enforcement? Open Policy Agent (OPA), an open-source project that allows to evaluate policies at client-side using WebAssembly (WASM). With OPA and WASM, we can define, test, and enforce policies at the client-side, ensuring that all requests to a Kubernetes cluster are evaluated against policies before being sent to the server-side. In this talk, I'll cover: - An overview of Open Policy Agent (OPA) and how it works. - How to use OPA to define policies using the Rego policy language. - How to use WASM to evaluate policies at client-side. - Real-world use cases of client-side policy enforcement with OPA and WASM in Kubernetes. - Best practices and considerations for using OPA and WASM for client-side policy enforcement. - Demo with some interesting use cases of OPA client side policy evaluation in Kubernetes.
Stage 1In Person
Senior Software Engineer
Optimizely
08:30 AM -- 08:45 AM
Supply chain security for dummies
As per the reports of many security research and analysis firms, the number of supply chain security attacks is on the rise and is expected to increase even further in the near future. Supply chain security is even more critical when it comes to a Kubernetes & cloud-native landscape where a large number of tools, and applications from different vendors and community comes together which significantly increases the sources of potential supply chain attacks. In this session, I will provide a quick introduction to supply chain security, what risks we face at various stages (code, build, deploy etc) of the supply chain, what kinds of supply chain attacks we have seen in the recent past and what common step an organization can take to ensure its supply chain is robust and less prone to attacks. I will also discuss the cultural changes an organization should make to ensure effective collaboration between owners of different supply chain stages of a product and will also touch upon the Supply Chain Levels for Software Artifacts (SLSA).
Stage 2In Person
Consultant
Kubermatic
08:45 AM -- 09:15 AM
Application-aware backups of Kubernetes applications
Cloud-native applications comprise various components including data services, storage systems, and related Kubernetes objects. Each component requires its own data protection tools, strategy, and domain expertise. A robust solution aligned with business requirements often involves complex workflows. What if there was a way to coordinate the implementation of these workflows while optimizing how backups are moved into storage? During this talk, Amruta will demonstrate how two open-source tools, Kanister and Kopia, work together to optimize backup and recovery for Kubernetes applications. 2. Benefits to the Ecosystem Robust and scalable backup and recovery workflows are among the key operational concerns that teams need to address. But their complexity inhibits developers from running databases in Kubernetes, despite the rising support for stateful applications in the environment. Kanister not only enables backup and restore of databases in Kubernetes, it allows developers and operators to perform application-specific data management tasks by defining a set of Kubernetes custom resources. Using Kanister and Kopia together, developers can create encrypted, compressed and deduplicated point-in-time snapshots from the streamed database backup and upload them to the cloud object store.
Stage 2In Person
Kasten By Veeam
08:45 AM -- 09:15 AM
Kubernetes for Machine Learning: Managing and Scaling AI Workloads
Kubernetes and Machine Learning is an intersection that enables creating applications harnessing the power of Data. This talk I will explore the intersection of Kubernetes and machine learning and discuss best practices for managing and scaling AI workloads. Along with diving into End to end ML lifecycle using Kubeflow, dive into specific use cases for Kubernetes in machine learning, highlight challenges and solutions, and explore advanced features such as horizontal and vertical scaling, pod affinity and anti-affinity, and specialized resource types like GPUs and TPUs.
Stage 1In Person
09:15 AM -- 09:30 AM
First Principles of Observability Systems
As Kubernetes and microservice adoption has gone mainstream, a slew of observability solutions have been born, and picking an observability system is hard. A couple of questions you might find yourself asking are: - “Is the ingestion rate fast enough?” - “How long can the system retain data?” - “Are the query speeds good enough?” - “How easy is it to scale horizontally?” Benchmarking systems may or may not always give you the right answer for a variety of reasons- it’s easier to take a decision based on understanding the first principles. All of the observability pillars(metrics, logs, traces, profiling) share a common set of problems, we’ll look at how various open-source projects have tackled those problems and evaluate their solutions. Hopefully, by end of the talk, it can help you make a decision on an observability system or maybe inspire you to build your own.
Stage 1In Person
09:15 AM -- 09:30 AM
Sponsored Lightning Talk
Stage 2In Person09:30 AM -- 11:00 AM
Introduction to WebAssembly
Join us for an immersive workshop on Cloud Native WebAssembly and discover the future of application development! In today's rapidly evolving digital landscape, agility, scalability, and portability are crucial for building modern applications. Cloud Native WebAssembly (Wasm) has emerged as a game-changing technology that combines the benefits of containerization, microservices, and the lightweight, high-performance nature of WebAssembly. During this hands-on workshop, our expert instructors will guide you through the fundamental concepts of Cloud Native WebAssembly and demonstrate how it revolutionizes the way we develop, deploy, and manage applications in the cloud. Whether you're a developer, architect, or DevOps professional, this workshop offers valuable insights and practical knowledge to enhance your skill set.
WorkshopIn Person
CEO
Fermyon

Director of Technical Evangelism
Civo

SUSE
Senior Technical Evangelist

WASMEdge Ambassador
09:30 AM -- 10:00 AM
Run PostgreSQL:The Kubernetes way
CloudNativePG is an open source operator designed to manage PostgreSQL workloads on any supported Kubernetes cluster running in private, public, hybrid, or multi-cloud environments. CloudNativePG adheres to DevOps principles and concepts such as declarative configuration and immutable infrastructure. It defines a new Kubernetes resource called Cluster representing a PostgreSQL cluster made up of a single primary and an optional number of replicas that co-exist in a chosen Kubernetes namespace for High Availability and offloading of read-only queries. Applications that reside in the same Kubernetes cluster can access the PostgreSQL database using a service which is solely managed by the operator, without having to worry about changes of the primary role following a failover or a switchover. Applications that reside outside the Kubernetes cluster, need to configure a Service or Ingress object to expose the Postgres via TCP. Web applications can take advantage of the native connection pooler based on PgBouncer. We will cover Day 0 to Day 2 Operations and How data on Kubernetes is more important these days. Talk will cover about Day 0: Planning Day 1: Setup and validate. Day2 : Day2 operations Like Restore and Scaling.
Stage 1In Person
EDB
09:30 AM -- 10:00 AM
Incremental Backups in Kubernetes: Where We Stand and What is Missing
As Kubernetes adoption matures, a recent CNCF.io study showed that stateful workloads have grown to over 40% of deployments. Operating persistence and storage on a cluster for the stateful applications in Kubernetes has always been challenging, especially when it comes to backup and disaster recovery. The traditional backup strategies are not sufficient considering the dynamic nature of containers and distributed architecture. In this talk, Prasad will talk about different strategies used to protect Kubernetes stateful application data and compare their pros and cons. We will also throw light on the missing piece in Kubernetes architecture to perform incremental backups i.e. changed block tracking. And ongoing efforts by Data Protection Working Group to add the changed block tracking capability to Kubernetes with KEP-3314 to make the backups more efficient and quicker.
Stage 2In Person
Kasten by Veeam
10:00 AM -- 10:15 AM
How to Not-Mess-Up Production
Deploying applications from localhost to production can be a daunting task. There are a million ways to break it and give the on-call team a new topic for the engineering blog. Seemingly small things (chmod) can cause big impacts (crash the server beyond recovery). In this talk, Wilfred shares his experiences of production mess-ups Here’s what Wilfred has in store for you: Discover how running "chmod root" during a business meeting led to a server crash beyond recovery and an awkward conversation with the boss. Learn why you should never ever run "select *", unless you have all day to wait for the results to come in. Find out what happens when you accidentally make your secrets public, and how to avoid doing so in the future. Explore the joys of "chmod /usr" and the broken sudo nightmares that follow. Get practical tips on how to avoid production mistakes, and how to handle them when they happen. This talk will take into consideration a practical deployment scenario of deploying a backend system on a VM with a database(crash this and data gone) and walk you over what you want to do, what you'll do, what problems you'll face, and how it can mess up production. You'll learn why production is stringent the way it is and the importance of mechanisms like IAM, RBAC, ABAC, MFA. The final take will be on what to do when you or someone along you messes up something in production. Join in to learn from Wilfred’s experiences of making on localhost and breaking on production.
Stage 1In Person
LFX'23 @ CNCF - Harbor
CNCF
10:00 AM -- 10:15 AM
Sponsored Lightning talk
Stage 2In Person10:15 AM -- 11:00 AM
Booth crawl
Booth crawlIn Person11:00 AM -- 11:20 AM
Tea + networking
BreaksIn Person11:20 AM -- 11:35 AM
Sponsored keynote: Can AI handle the complexity of Kubernetes and cloud-native environments?
MainIn Person
Head of Developer Relations APJ at New Relic - Advocacy | Platform | Ecosystem
New Relic
11:35 AM -- 12:05 PM
No YAML!
Did you know that you can write Kubernetes deployments without using any YAML? No way, you say? After all, we were taught that YAML is the only way to write Kubernetes manifests. Well, my friend, what if I tell you that there are alternatives? What if I tell you, that you can write your Kubernetes manifests in a programming language you're already familiar with? In this talk, I will demonstrate several alternatives to YAML for writing your Kubernetes deployments
MainIn Person
Customer Experience Architect
Pulumi
12:05 PM -- 12:30 PM