 Hi, I'm Liz Rice from the Cillium project which sets the standard for cloud-native networking and security. We've just released 1.15 which brings lots of new features such as gateway API support for routing traffic into your cluster, session authentication for BGP, lots of improvements to Hubble to help you debug network problems, a new provider for installing with Terraform or OpenTofu, and lots of scalability improvements. Cillium cluster mesh can now support over 500 clusters. Cillium Tetragon raises the bar for runtime security providing observability and enforcement at incredibly low overhead. So scan the QR code now to find out about all of the Cillium activities this week and to sign up for the brand new Cillium Certified Associate exam. Have a wonderful KubeCon. Hello everyone, my name is Clemens, I work for Microsoft and I'm on the CNCF Cloud Events project. On behalf of all of us in the Cloud Events project I would like to extend our huge thank you to the entire CNCF community for supporting us in the graduation of the Cloud Events project. Our journey doesn't stop here but unlike other projects we're going to take a very measured pace because it's Cloud Events is a set of conventions for interoperability and our job as a project is now to keep that foundation stable for everybody who builds on it and while we're still adding extensions. We invite you to adopt Cloud Events in your projects and we will promise you that we're going to keep that foundation stable and to be very conservative about substantial changes. There's an area where we are iterating very rapidly and that is X registry. After we were done with the core spec we were thinking about how to register event things and event sources and out of that we evolved a universal registry coming from the Cloud Events Schema Registry API that now can handle endpoints and message definitions and schemas and many more. Thank you for supporting us and we wish you great conference. Hello Darren, this is Katarina from the Anway Proxy project and today we're going to present you updates from the Anway Proxy and its fellow projects Anway Mobile and Anway Gateway. Let's start with the exciting updates for the Anway Proxy project. We have added HTTP basic auth extension. We have switched to a new connect type for H2 connections which greatly improves security. Apart from that we have added a new protobuf hashing algorithm which reduces config parsing time on startup by 10 to 25 percent. It's now possible to drop a certain percentage of traffic from Anway in the new drop overloads API. And now let's go over to the exciting updates for the Anway Mobile project. Anway Mobile binary size is now substantially smaller. We have added XDS support for Anway Mobile Android and iOS libraries. LPN selection H3 happy eyeballs explicit flow control and platform certificate validation are all getting production generis of both Android and iOS. And now let's go over to the exciting updates for the Anway Gateway project. The projects now support OpenID connect authentication, basic auth, H3 proxy protocol and the most exciting news the project is targeting V1.0 release in March 2024. Thank you and have a great QubeCon. Hi I'm Mike Coleman from the Falco project and I'm here with a very exciting update. We are now an officially graduated CNCF project and we could not be more excited. We want to take a moment and thank everybody who helped Falco to fly including our users contributors maintainers and of course the CNCF. We also want to pause and recognize the considerable contributions of Chris Nova. Nova's work on Falco was foundational and we would not be here today without her contributions and for that we are forever grateful. We know the project going forward will be different without her but we are committed to upholding the values and principles that she instilled. So what does the future hold for Falco? We're looking for deeper integrations across a wide variety of developer touchpoints. We want more detections, richer signals, deeper integrations with things like version control systems and cloud logging. If you'd like to help with that come and find us in the Project Pavilion where you can talk with Falco contributors and maintainers. Well that's all. Have a great QubeCon and I hope to see you around. Hi QubeCon. If your goal is to implement full observability but first you have to deal with collection of logs, metrics and traces and profiling and you care about processing capabilities, this announcement is for you. My name is Eduardo Silva, the creator of FluentBit, a high performance telemetry agent. With FluentBit you can solve data collection and processing by also integrating data from Prometheus Open Telemetry and EVPF tools. Today we're announcing FluentBit version 3 which comes with exciting new features like high performance, new support for HTTP version 2, GRPC, remote write, extended processor for logs, metrics and traces and new metrics collectors for macOS and Windows. Thanks to our community, FluentBit has been deployed more than 13 billion times. A heartfelt thank you for your support and don't forget to visit the FluentBoot for a special gift, your very own FluentBit t-shirt. See you there. Here's the Flux project update. The Flux team loves improving our Github's tools for continuous and progressive delivery. Because Flux is used at scale by major clouds and enterprises, security and performance are really important to us. Recently we completed our second security audit and the big news there is that there are no CVEs. Thanks to the CNCF, the open source technology improvement fund and trail of bits for keeping Flux safe. Scan the QR code for the blog post and full report. In December we cut our first generally available release, Flux 2.2.0. As of this recording we're at version 2.2.3. We have overhauled the Helm controller reconciliation model. It is more declarative, efficient and reliable and the benchmarks are looking really good. We've also improved the observability stack, sharding across controller replicas and so much more. We're here in Paris, so swing by the Flux booth, say hi, and check out our QR code for our full list of talks and activities. Hi QubeCon, my name is Zulin Vasilev and I'm the Harbor Community Lead. In December we released Harbor 210. We started working on the S-Bomb integration. We also added a new interface with setting up robot accounts to allow them full access so you can implement all your infrastructure needs. We also added the GDPR compliant audit logs. In Harbor T11 we're gonna wrap up the S-Bomb integration so you can bundle up your generated S-Bomb with your OCI artifact. The major update here is the upcoming distribution release version 3. Just keep an eye on that. As every other open source project we need your help, if you want to contribute to Harbor, regardless if you individual contributor organization scan the QR code and join our upcoming community meetings. And don't forget to attend our maintainers track to learn more about the project and to hear about our roadmap. During QubeCon you can find us in the afternoon at the project pavilion area. Just stop by and say hi. Thank you very much and have a great conference. Istio, the world's most popular service mesh, is now even better with ambient mode which will be in beta in our upcoming release. Ambient uses a lightweight shared node proxy as a secure overlay to provide mutual TLS, metrics, and layer 4 authorization policies and integrates with optional per workload layer 7 proxies for traffic routing. By removing sidecars from the data plane we decouple the lifecycle of Istio from the deployment of your application. And what's more memory overhead and CPU usage is reduced by over 90% in many cases. We remain committed to sidecar deployments and we've reduced the size of our sidecar image by 25% saving 5 megabytes of RAM per sidecar. Istio has 55 active maintainers across 15 different companies. In the past 12 months there were 10 companies making over 1000 contributions with no single vendor exceeding 25%. To learn more about Istio, visit our kubecon kiosk, check out our contributors' booths or go to istio.io to see how you can get started or get involved. Hi, I'm Sbenegro Balig, CTO at Calify and KEDA Maintainer. With KEDA, you can auto scale applications or schedule Kubernetes jobs based on various metrics or external services. You can scale to zero and much more. Last couple of months we spent improving our authentication story. So we have a solid support for all major cloud providers. We also extended our monitoring stack. Right now, we exposed previous metrics, open telemetry, and newly cloud events. We are constantly working on improving core and performance of KEDA. We also worked hard on KEDA internals and scanning mechanics. And for the future, we are considering various options, predictive autoscaling, scanning out storage, or maybe different sort of resources. If you have ideas, opinions, or input, please reach out. We have community meetups every two weeks. We have a select channel. So please join our community and enjoy kubecon. Hi everybody, this is William Morgan, one of the creators of LinkerD, the world's lightest, fastest and most secure service mesh here today with your kubecon 2024 Paris project update. Joined by my friend, Linky. Hi, Linky. All right, two exciting announcements for you from the world of LinkerD. The first is a release of LinkerD 2.15, which adds mesh expansion. That's the ability for LinkerD to take your off cluster applications running on legacy VMs or elsewhere and connect them into the mesh, establishing communication that is secure, reliable, and observable, and totally transparent to the pods within your Kubernetes cluster. That's a really big step for LinkerD. The second announcement is the upcoming LinkerD 2.16 release. Are we going to be using LinkerD's rust based micro proxy technology to build ingress, to build egress control, or to build something else entirely? You're going to have to find out by coming to talk to us at the LinkerD project pavilion. We'd love to say hi and tell you all about it. Thanks. That's it for Team LinkerD. Enjoy the conference and remember, LinkerD forever. Open Policy Agent is the general purpose policy engine that unifies policy enforcement across the stack. This year, we plan to release Opa V1, which notably includes some changes to the Rego syntax. The new syntax is available in pre-V1 releases of Opa today, and you can use the OpaFormat command with the new Rego V1 flag to update your existing policy files to be V1 ready. Also, use the OpaCheck command with the same flag in your build pipelines to make sure the policy files remain V1 ready in the run-up to the release. Read more about Opa V1 today on the Opa website. This is Alex, and I'm excited to tell you all I've been working on. First, we continue to make improvements to the validation and mission policy support. We've also made a number of usability enhancements to the Gator CLI, external data provider cache, and expansion templates features. We've also addressed some corner cases such as namespace exclusion for the audit from cache feature, and we've introduced a new API that will help with replicating data for referential policies. Finally, we've migrated our observability SDK to open telemetry from openCensus. Come enjoy the community on GitHub and Slack. Hi, I'm Travis Nielsen, Rook maintainer with IBM. Rook provides storage for Kubernetes. It does this with a three-in-one solution where you get block, shared file system, and object all in a single cluster. This means you could have a read-write once or read-write many volume as well as an S3 endpoint all in the same solution. Rook is an operator that manages the data layer, whereas Seth provides that enterprise storage solution that's been running in production for many years. Rook is a graduated project. It's all open source, and we've always tried to do the right thing for the community. So since the last KubeCon, we've had a number of updates, including multis networking improvements, DR solutions for SFRBD and SFFS, as well as new features for our KubeCuddle plugin, and a number of other engineering improvements. Rook 1.14 will be coming out soon. Hope you'll try it out. Check out our website at rook.io or come see us in the project pavilion in the Rook booth as well as come to the Rook maintainers talk. Hope to see you there. Thanks. Hello, everyone. VTES is a cloud-native, distributed, and horizontally scalable database. It is built around my SQL and has been adopted by many in production, like Slack, GitHub, or Vinted. Since the last KubeCon, the VTES team has dedicated significant efforts to integrate foreign key support. Now, VTES supports foreign key-managed mode for unshaded key spaces, enabling users to leverage foreign keys alongside other VTES features such as Vreplication. Additionally, we have now introduced native support for point-in-time recovery and made comprehensive improvements to both query compatibility and automated recovery. Thank you for listening. We hope to see you and chat with you in the hallway. In the meantime, you can always learn more about VTES by coming to our maintainer talk. And if you want to join your community, you can scan the query code. Thank you and have a great KubeCon. Hello, this is Xin from SIG storage. Let me tell you about our SIG. Saad and myself are co-chairs, Michelle and Yang are tech leads. SIG storage ensures that persistent volumes or F-mode volumes are available for your applications running in the Kubernetes cluster. We have some exciting updates for you. Rewrite one's pod PV access mode is now GA. This ensures that only one pod can ride to the water at a time. It can be very useful for stable workloads that require single rider access to storage. No expense secret is now GA. This enables warning expansion on the node where the underlying storage system requires the credentials to be passed in. We have a brand new feature, warning attributes class. In addition to resize, now you can also modify other attributes such as eye ops throughput after the warning is provisioned. Come to our KubeCon session to learn more. Thank you.