The Kubernetes Current Blog

The Straight Stroop from KubeCon EU 2023, Amsterdam

The Rafay team had the opportunity to attend CNCF’s KubeCon Europe 2023 in Amsterdam in full force last week. As a sponsor, we spent time with 1000’s of attendees helping them understand Rafay’s Kubernetes Operations Platform. As a maintainer of the Paralus project for Secure Access to Kubernetes clusters, we also met with many active and prospective users of this open-source project.

Thanks to everyone that made the time to stop by and speak with us. Even with the crazy amount of activity, certain trends were obvious and apparent. In this blog, we have captured the top 5 trends we observed.  

1. User Engagement 

A few weeks before the event, CNCF announced that the event was completely sold out for in-person attendance. More than 9,000 attendees eventually attended in person and many more virtually. CNCF also announced that ~58% of the attendees were attending KubeCon for the very “first time”. 

No wonder the show floor and the sessions were jam-packed this year. Everyone was here to learn and interact with others in this community. This level of engagement is a sign of health and the level of innovation happening in the Kubernetes ecosystem. In a nutshell, if you are not involved with Kubernetes, we think you are missing out big time!

2. Developer Self Service 

This event is no longer about just folks in DevOps, Ops and SRE type roles. Making Kubernetes accessible to developers has become critical to the adoption and success of projects. No wonder, the level of interest in the Backstage project seems to be extremely high because it provides a standardized pathway for organizations to set up Internal Development Portals (IDP). 

Everybody we spoke with was very interested in learning about and seeing a demo of “Rafay’s Plugins for Backstage” powering foundational use cases like “cluster as a service”, “namespace as a service” and “environment as a service”. 

Rafay Plugins for Backstage

3. Rise of eBPF

The disruptive and transformative potential of eBPF is obvious and apparent to everybody now. The Cilium project seems to be the de facto leader in this category and we believe it will transform both security and networking. 

Recognizing the potential early, Rafay jumped on the Cilium project in early 2022. We started by providing a turnkey integration with Cilium as a “secondary/overlay” CNI. With the click of a button (or one line in a declarative YAML spec), Rafay will automatically deploy Cilium on managed clusters and implement the specified policy for security and compliance. Our customers use Rafay’s Network Policy Manager extensively to have visibility into “what is talking to what and when?” and “enforce network policies” on their Kubernetes clusters. 

Network Policy

We believe the Cilium project is maturing quickly and customers can start using it as a primary CNI as well. Rafay has also worked tirelessly to provide turnkey support for Cilium as the primary CNI as well. We currently have turnkey support for Cilium as the primary CNI for

  1. Upstream Kubernetes for bare metal and virtualized environments
  2. EKS Anywhere for Bare Metal environments. 

We plan to bring support for Cilium as the primary CNI for the cloud distributions (EKS, AKS and GKE) in alignment with the cloud provider’s plans. 

Cilium as Primary CNI

4. GitOps

GitOps seems to have graduated and matured to become the preferred pattern i.e. using Git as the source of truth for deployments and operations. For application GitOps, users have both OSS (ArgoCD and FluxCD) and commercial options (Akuity, Codefresh, etc). 

Coincidentally, one of the hottest features in the Rafay platform seems to be “Infra GitOps” specifically for lifecycle management of Amazon EKS and Azure AKS clusters. We see customers seem to prefer the way Rafay has married “GitOps” with “ClickOps”. 

ClickOps to GitOps

The sheer convenience of using ClickOps with Rafay automatically generating the IaC and writing the IaC to the configured Git repo. We live in the world of Generative AI and nobody wants to spend weeks writing IaC by hand anymore. 

Write Back to Git

Preventing infrastructure drift by ensuring that changes made via the console (e.g. scale node group/pool or add node group/pool) are automatically written back to the configured Git repo in IaC format.

5. Model Entire Operating Environments

The top requested demo at our booth was for Rafay’s Environment Manager. As the adoption of Kubernetes goes mainstream, it is clear for users that their clusters live in a larger ecosystem that comprise non-Kubernetes resources (e.g. AWS RDS managed database, etc). A platform team’s charter is much more than just Kubernetes and they want to provide their developers with self-service experiences by creating “templates” to create entire operating environments. 

It was interesting to see that nearly 100% of our conversations with attendees revolved around how they could model and manage the lifecycle of entire operating environments using Rafay’s Environment Manager. Here is a screenshot from our demo with Environment Manager provisioning AWS ElastiCache, a fully managed Redis as a service that can be used by a Kubernetes resident containerized application.  

Rafay Environment Manager

Dag Amsterdam, Hello Chicago

We are definitely going to miss the stroopwafels and bitterballens in Amsterdam. We hope to see you at the next KubeCon scheduled for 6-9 November 2023 in windy Chicago.


Trusted by leading companies