 Hi, this is Thomas and I'm bringing you the Cilium updates. Cilium is best known as a CNI, but there is also Cilium Service Mesh, Hubble and Tetragon. Recently, we have released Cilium 114 with many exciting new features, including effortless mutual authentication, multi-pool, IPAM, many BGP enhancements and a ton of exciting new Hubble and Tetragon features. The most exciting feature overall is effortless mutual authentication. So far you could easily encrypt all the traffic in your cluster, we have now added mutual authentication on top of that. Enable a single helm flag to add a full spiffy spire stack managed by Cilium and then add two lines to your net or policy YAML to simply require mutual authentication for your services. If this is interesting to you, feel free to stop by the Cilium booth for a demo. See you there and have a great KubeCon. Hey folks, welcome to our crowd project update for this KubeCon.na. We are finally a CNCF-creditated project, so a huge shout out to everyone who supported us achieving that goal. We also released Gwaii 128, which means we now have support for names based 6 store policies, we can run representative workloads and we also have a new Lockheed configuration feature. It also features image pinning for a more fine-grained garbage collection within the KubeNet. There are many other enhancements included, for example in relation to C-groups B2. You're looking forward to 1.39, so check out our maintainer track session at this KubeCon and if you want to get in touch with us, grab our maintainers, feel free to reach out to us by using Slack or GitHub and scan those QR codes. Hi, here are some updates from the Envoy project. Envoy Proxy now has a good link network filter that allows for a layer of 4 extensions. The CEL support's been added for common matches and locks, it has now improved load shedding under resource pressure, support for custom load balancing extensions, custom cookie settings and support for connected UDP and open tracing has now been fully replaced by open telemetry. Envoy Lobos made further improvements to the binary footprint size and has better streaming response handling and has improved support for the XDS APIs. Last but not least, Envoy Gateway continued to add features such as exposing data update telemetry and multi-cluster Kubernetes support using service import as a backndriff. As we gear up to go GS1, this is a great time to try it out and give us feedback. Hello, KubeCon from Wajah here. SCD is now a special interest group of Kubernetes. We're making the contract between SCD and API machinery more explicit and also improving the consistency and reliability of the codebase. Thanks to all the XCD contributors, we have a lot of exciting updates. You can now run SCD on ARM64 with confidence as we have tier one support for this platform. SCD is more reliable than ever thanks to the many improvements we have made to the automated robustness tests. And recently, the SCD team has updated the roadmap for the next two minor releases. If you want to know more about any of those, please follow the link and join us at the talk, kiosk and country fest right here at the KubeCon, as well as the ongoing mentorship program. Hope you enjoy the KubeCon. 20 to 30% more logs every year. And now this is happening in metrics and traces. Moving and processing data at this scale presents a significant challenge. My name is Eduardo Silva. I'm one of the creators of Fluembit, a high-performance telemetry agent for logs, metrics and traces. Fluembit has been deployed more than 10 billion times. So on behalf of the project, I want to thank you all, our community for your support. In the news today, we're announcing Fluembit 2.2, which introduce exciting new features like Kubernetes events, Windows metrics collection, processors for data manipulation, full compatibility with Prometheus and OpenTelemetry, processing for application logs to OpenTelemetry schema, plus compatibility with OpenTelemetry and OpenSearch dashboards. Please stop by the Fluembult and grab your Fluembit T-shirt. Thank you. Hey, KubeCon, I'm Kingdon. I'm Sanskar, a maintainer of Flux and Flago. And I'm Pinky. You'll recognize us hanging around the conference, so come chat. In June, we celebrated GitHub's GA release, and now we're thrilled to announce the Helm Controller GA milestone. Flux is now horizontally scalable through Sharding. We're continuing to work on OSI repository and make it a solid alternative to Git repository, so you can use teachers like OIDC keyless flows and secure provenance for release. Another exciting update we have is the conclusion of our partnership with Google season of docs. Thanks to this collaboration, our documentation has undergone a massive overhaul. Now the docs are more user friendly and accessible than ever. With Helm Controller GA now, we have drip detection support and many great performance improvements, see up to 50% performance improvements in CPU and memory consumption. So what's next? Well, all of the Flux APIs have to go GA. This journey of innovation wouldn't be possible without the CNCF and our dedicated community. So if you see us around KubeCon, come over, share your experiences and let's talk Flux. Hello, KubeCon. My name is Julien Vasilev and I'm the Harbor Community Lead. Harbor is the cloud-native registry of choice for many organizations in their CI CD or in the internal development platforms, storing, scanning and signing container images and OCI artifacts. In August, release two nine, we added a new CV viewer called the Harbor Security Hub, which gives you a better perspective of your vulnerabilities in your instance. We also added a banner, which you can customize to notify your users about possible maintenance. In December, we're going to release two 10 and the new exciting feature is adding S-Bombs support. You can create, consume and analyze S-Bombs within your Harbor. If you want to chat with us, join us at the Pavilion area and don't forget to attend our maintainers' track. If you want to know how you can join our community, scan the QR code now. Thank you very much and see you soon. Hi, my name is Andrew Block, a core maintainer on the Helm project. And today I'm here to share with you some of the exciting initiatives that are ongoing within the Helm community. Helm continues to be a fundamental component of any Kubernetes environment as a fee package manager for Kubernetes. Over the course of the last nine months, there have been a number of exciting updates within the Helm project. First, the project welcomed two new maintainers. Ian Zink was elected as a new triage maintainer and Joe Julian, a longtime triage maintainer, was elected as a full project maintainer. Each of these individuals will help steer the ship in the right direction. As for the project itself, thanks to contributions from the community, Helm celebrated two minor releases, full of enhancements, and a series of past releases. Now, we'd love to get you involved in the project. And there are so many ways to do so. Either collaborate with us in the community and the Helm GitHub organization, chat with us on Kubernetes Slack, or discover a new charter tube on Artifact Hub. The choice is yours. Whichever path you choose, we look forward to welcoming your collaboration. Hello, KubeCon, it's Mitch from the Istio project. At last year's conference, we had exciting news to share, as Istio had joined the CNCF as its third most active project. And this year, the news gets better and better, as Istio has been moved from incubating to graduated status, meaning that it's ready for production adoption across the industry. And that's our user base, grows and grows, that's exactly what we're seeing. Last year also saw the launch of our new ambient mode, which simplifies onboarding, day two operations, and improves resource utilization across your Istio mesh. So with all of that development, what's missing in the project today? Well, it's you all, of course. So, whether you're a new user looking to get started with Istio, a veteran user looking to share your wisdom and insight, or a potential contributor looking for how you can help, there's something for you at Istio.io. Snap the link next to me, and we look forward to seeing you there. My name's Jonah Cowell, and I'm here to tell you what's new with Yeager since we last got together. We've added more support for open telemetry, making it native to the project, including the protocol itself. We've also updated the backend and hot rod and demo applications to use open telemetry, making everything aligned with the project. We've enhanced service performance monitoring, supporting open telemetry span metrics connector. We've also added new UI enhancements, including critical path visualization in-page search and batch download of traces. There's also new data sources supported on the backend, including OpenSearch 2.0 and many unofficial ones. There's also new ones coming, so stay tuned with the project, come and attend our session, join us on Slack and participate as much as you can. We all appreciate it. Have a great rest of the conference and thanks for your time. Hi, I'm Zbik Rubarik, CTO at CaliFi and CalMaintainer. Kera tries to make Kubernetes event-driven auto-scaling as simple as possible. You can auto-scale applications based on various metrics, not just resources consumption. You can scale to zero and much more. I'm thrilled to announce that Kera is now a CNCF-graduated project. I would like to thank our community and CNCF to make this great milestone happen. We are constantly improving core, performance, and security of Kera. We are also extending our monitoring and observability stack. We expose Prometheus metrics, we are adding support for cloud events and OpenTelemetry Zoom. We work on many features I would like to highlight, formula-based evaluation of metric values through the scaling decision. This is a great feature. So, join our community, contribute. We have BWIC Limitings on Tuesdays, we have video discussions, and we have also a Slack channel. See you at KubeCon. Hi, everybody, my name's William Morgan. I'm one of the creators of Linkerdee, the world's lightest, fastest, and simplest service mesh. We are gathered here today at KubeCon 2023, Chicago, with your Linkerdee project update. Hundreds of Linkerdee maintainers here in attendance. So please come find us at the Project Pavilion. We're on the booth floor. We'd love to talk to you. Two big, exciting updates from Linkerdee land. The first is Linkerdee 2.14, which adds the ability to do direct pod-to-pod, multi-cluster communication for clusters on a shared, flat network. Very exciting. The second is Linkerdee 2.15, which adds mesh expansion. The ability for Linkerdee to add applications running on VMs or outside of the cluster into the mesh and provide the same security, reliability, and observability guarantees that Linkerdee provides through all applications running inside your Kubernetes cluster. Thank you very much. Linkerdee forever, and please enjoy the conference. Open is the general purpose policy engine that unifies policy enforcement across the stack, including Kubernetes. Here are the updates since last KubeCon. You can now better handle undefined values and functions with the familiar default keyword. Updates to Rego's built-in functions make it even more expressive. Cloud users of OCI bundles will benefit from the native AWS and GCP authentication support. OpenTest can now also catch faulty policy logic using JSON schemas. Finally, there are lots of performance improvements under the hood too. For gatekeeper updates, new in 3.13, with the new Alpha PubSub feature, you can subscribe to PubSub service to consume auto violations. Expension template feature to validate workload resources like deployments is now beta. New experimental Kubernetes native validation feature, you can write cell-based rules in your constraint template similar to Kubernetes validating emission policy. For the external data feature now supports caching of responses from external data providers. Observability statistics for emission audit and Gator CLI are now available. Come and join the community on Slack or GitHub. Hi, I'm Travis Nielsen, work maintainer here to talk about storage for Kubernetes. Work provides three types of storage for your applications. Block, shared file system and object all on a single platform. Work operator deploys Seth, which is enterprise storage and has been in production for many years. Work has a graduated project with the CNCF for the past three years and we're happy to foster this open community and open source. As far as project updates, Work has a kubectl plugin under active development which is really improving the troubleshooting experience and also we have support recently for Seth Reef, the latest version of the data plane and also container object storage interface for bucket provisioning. A lot going on, check out our website at rook.io for more information. Join our Rook Slack for any questions and hope to see you here at kubectl. I will be on the Rook booth in the project pavilion and also see you at the Rook maintainers talk. Thanks. Hey everybody, my name's Evan Gillman and I'm a maintainer on this Biffing Inspire projects. Just wanted to share a couple quick updates I see today. The first one that comes to mind is a brand new plugin we have inspired called the Credential Composer that allows you to customize certificates and tokens that Spire gives back to you. I'm also really excited about a bunch of work that we did this year in a new Helm chart, a developer tool and just generally a whole bunch of work around making Spiffy easier to use and faster to get up and running. And finally, I'm also really excited about a bunch of ongoing work we have around authenticated call chains, using Spire, tested data and authorization decisions, even interop with OAuth and Spiffy. We've been doing this work in the Spiffy community over the last one-plus year and I've recently started collaborating with the IETF which I'm also very excited about. I'd love to see you at some of those conversations. Have a good day. Tough is specification for secure software, distribution and updating. It has a wide range of applications. In the Sixer project, we are relying on the update framework to secure and deliver the trust route to our client. Based on tough metadata files stored in a Git repository called Authentication Repository and target files validated using these metadata files that have securely updates Git repositories which store legal code. We're proud to say that we're using tough, a version of it with multiple repositories called Optane to secure the delivery of our remote configurations which is a new product for remotely configuring the behavior of data doc components. We'd like to announce two new implementations of tough. Tough on CI is a new repository implementation that operates on a continuous integration platform. RS Tough simplifies adoption of tough by encapsulating the design of a repository integration. You can find our specification and several implementations on GitHub. Join us on the tough channel of the CNCF Slack to get involved in the tough community. Hello, this is Ray Pate from PinCab. Excited to provide you with a quick update from the TyKB project. TyKB is a distributed transactional key value database that was originally created by PinCab before we made a decision to donate the entire project to the CNCF. We have four exciting updates that we want to provide you with. I mean, one is the introduction of partition graph KV. Second is the implementation of resource control. And third is the support for multiple service mode with enhancements to our placement driver. And last but not least is the great reduction in tail latency with new log features. We look forward to meeting many of you in person this week. Come see us at the PinCab booth or at the maintainer track. Thank you. My name is Deepthi Sigredi and I'm a maintainer and project lead for Wittes, which is a graduated project. Wittes is a cloud native distributed, horizontally scalable database that is built around my SQL. Wittes is being run by many large web applications like Slack, GitHub, and JD.com. In the past one year, we have shipped three GA releases of Wittes, 12 patch releases, and we have revamped the documentation. We have also passed a security audit. We've just announced the general availability of Wittes Release 18. We will have a maintainer talk at the conference and I invite you to join us there to learn more about Wittes. If you would like to join our community, please feel free to join our Slack or GitHub.