 Cloud Native Friends, Kubernetes family, welcome to the Cloud Native Circus. With that said, let's dive right into an ocean of entertainment. I will be your ringmaster or your host, Jeffrey Sika. I work at Red Hat. I am at GFE pretty much everywhere on the internet, and I am also a cloud native jester for this talk, not an ambassador. I work in the Kubernetes community in various capacities, and I happen to be and am well known for being a Goose enthusiast. I'm sure many of you were curious what the heck this talk was going to be about. Also at this point, I think it's expected that any talk I do will have some geese in it, so I may as well just lean into it. So first I want to discuss and talk about what Untitled Goose Game is and how it got into our community. Then I want to talk about why Honk CTL, one of the projects that I'm known for, became so popular. Then I want to discuss the idea of a cloud native computing fugue versus cloud native computing camaraderie and fun. And when I say cloud native fugue, I mean that this tech has a way of getting our eyes to glaze over at times. It's not easy at face value, it's an onion. There are lots of layers and the more you peel back, the more likely you'll cry. And lastly, I want to end with why we need to have more fun in cloud native computing. For those of you that already know what Untitled Goose Game is, talk to the goose. For those that don't, let me explain. In Untitled Goose Game, you play as a goose. You are given a somewhat malicious to-do list and the goal is to complete items on the to-do list. This type of game format is somewhat like a sandbox style game, except the sandbox is small and you are a very naughty goose. So much of what the goose does involves terrorizing this town, but there's another angle to it. The goose constantly maneuvers and manipulates the environment to circumvent rules, boundaries, and other limitations trying to keep the goose in check. It's no surprise that this goose was adopted into many tech circles, especially security, as an avatar of chaos. Now with that out of the way, I want to talk about convergent evolution. It's the idea that, given similar environments, things will evolve in similar ways to overcome or optimize their lives. G-fee, I hear you ask. Why did you just jump from explaining a video game to starting a biology lesson? Well, did I say convergent evolution? I meant convergent meme-illusion. The idea here is, because friends on the internet have similar six senses of humor and have exposure to very similar information streams, memes and fun ideas often come about at the same time from different people. As an aside, I wanted to joke and say meme-illusion, but I figured they would just not accept the talk and fill the slot with someone else, but I still need to just toss that one in there. Hollywood has this problem all the time. They're called twin movies, no relation to Twin Peaks. Note this involves similar movies that are released in close proximity to one another that started production at almost the same time. In true on-brand fashion for this talk, a great example are two of the best video game to Hollywood adaptations. The Witcher has nothing on Christopher Lambert as Raiden in Mortal Kombat. So, let's bring this all together and talk about last year's KubeCon NA 2019. As I've mentioned, I do various things around the Kubernetes community, one of which at the time was helping organize the contributor summit. My best friend Bob Killen, who's widely known in the community, got to talking with me one morning about doing a goose-themed scavenger hunt that spiraled wildly out of control as it does with he and I, and it turned into a contest to make a brown paper bag honk. We had our own untitled goose game to-do list with various challenges, the simplest of which was honk at Bob or Jeff. The bag had a Bluetooth speaker which would honk based on tweets or slack messages, and people had to figure out what triggered the bag to honk and trigger it in front of us to be eligible for either a patch or one of the prized geese. We thought this was hilarious and good clean fun, and everyone else seemed to enjoy it, and throughout KubeCon, Bob and I frequently got honked at. Little did we know, the patron saint of honkernetties, our varionean cold water, planned on delivering one of the best keynotes, or goose notes? Yeah, it doesn't matter. It was fantastic. It laid out how we should always consider the perspective of an attacker and how untitled goose game is a great analog to thinking about security from the eyes of a malcontent. It is seriously excellent. If you haven't seen it, please go watch it. The progressive honking, the constant element of fun, jokes, and aha moments that untitled goose game brought us at KubeCon ultimately cemented it in our community's culture for the foreseeable future. We are all geese in the machine. It is in our nature to have fun. Yes, everyone's idea of fun is different, but our natural state is to seek out fun. And it is that drive and creativity that, no matter the circumstance, allows us to turn the most complicated or boring at face value tasks into fulfilling and enjoyable moments. Cloud computing, cloud native computing, it's not easy for many. It's complex. There are progressively more and more layers, and if you talk to someone outside of the know, it can be intimidating. I want to showcase some of our community's more memorable instances of fun and what better way to start off than breadsticks. During his leading of the 116 release, another cloud native ambassador, Lockie, became known as a breadstick aficionado and general Olive Garden enthusiast. It was an endless barrage of Olive Garden memes, gift cards, photos, trips to the restaurant, all culminating into the Kubernetes 116 logo. For those of you that didn't know, yes, Kubernetes 116 was indeed powered by and advocated for unlimited breadsticks for all. So prominent is this meme that to this day, Lockie is synonymous with breadsticks to some. Brandon, you weren't that far off. Another creative way of having community-based fun I've seen recently is Cards Against Containers, a play on Cards Against Humanity. In the game, one player draws a card containing a phrase with one or more blank words. The rest of the players must try to make the first player laugh as much as possible, given their hand. For example, if I had the card blank, makes my job exciting. And someone played dumpster fire, I'd laugh heartily and likely pick that card as the winner. It's quite a simple format and endless amounts of fun. During the 2018 Seattle CubeCon, the community decided on Twitter, it's not CubeCon, it's CubeCon! With Google's Borg being a Kubernetes distant uncle, and other various Star Trek references in Kubernetes, the project itself, this was an incredibly on-brand joke. And of course, the meme was made manifest with stickers. It has definitely stuck around in the community because a full year after Seattle, people are still screaming it out at dinner. Goose stickers weren't the only thing that happened at last year's contributor summit for Kubernetes. The lead of that summit, Paris Pittman, bestowed upon her mighty crew of captain's hats, embroidered with the person's GitHub handle on it. It was a wonderful gesture, mine is on my bookshelf behind me. And it also helped throughout the summit as people looked for anyone wearing these hats for help. Mission accomplished, and it was totally on-brand with everything in Kubernetes being nautical themed. And with many of us being engineers and open source developers, of course there will be some technical nerdy fun in the form of slash commands. Throughout the Kubernetes repos and even on Twitter, you can slash honk, slash pony, slash woof, even slash meow to your heart's content. There's nothing quite like seeing some progress on that complicated pull request and deciding to celebrate on its impending approval with a big ol' picture of a cat. Finally, let's talk about something a little different. Let's talk about Doom. Wait, what? I'm a sucker for hard transitions in this talk, but hopefully I've gained your trust enough to allow me to bring this back around. Doom is an iconic video game, and one of the original first person shooters. So what does slaying demons on Mars have to do with Kubernetes? Well, someone with as sick a sense of humor as I have, thought it'd be a fun idea to take Doom and make it into the most violent chaos engineering tool ever. It's impractical, but you can't argue that it doesn't sound fun. And again, though its practicality is limited, the fact that someone plumbed this all the way through and it was probably driven by their need for a fun project, and it's these types of projects that most certainly teach lessons along the way, like fun drives innovation. These weren't just a showcase of silly things, by the way. But our communities would not be the same without them. In fact, I'd like to argue that each of these, in its own right, benefited the communities in more than one way. This is one of my favorite pictures. It's a shot from the 2019 North America Kubernetes Contributor Summit, the same one with all the hats and the honks. This isn't just a community. This is a group of close-knit, welcoming, and loving friends. And so some may think that these are just inside jokes, or you'd have to have been there. That's simply not true, and in fact it's the opposite. Each of these examples made the community more accessible than it was before. By embracing the breadsticks, Locky made the release team feel more fun and inviting to many that were outside and on the fence about applying to be a shadow for the 116 release team. People on that 116 release are to this day heavily involved in SIG release, and they feel a strong connection to the community. Cards Against Containers? Besides being a fantastic marketing, it takes the simple yet fun format of Cards Against Humanity and injects that cloud-native flair into it. It's another activity that, whenever in-person events resume, strangers can sit down and play and immediately feel connected with one another. You wouldn't think that a hashtag on Twitter would really have a wild impact, but I know for a fact it did. The thread started small and wound up so big multiple threads had to start because the limit of people on a reply was hit on Twitter. Anyone could hop onto that thread, toss out a pun or a Star Trek Kubernetes joke, and bam, welcome to the community. And I said that it had an impact. I know of several current contributors that really integrated into the community with this thread being the catalyst, one of which even wound up overnighting those stickers for KubeCon. Valerie, I love you, thank you for that. I have one on my laptop. So how do bots have such a large impact? Well, automation in the Kubernetes community is almost a meme, and contributing to the project, unfortunately, doesn't have a very low bar to entry. Part of that has to do with the many different slash commands we use within GitHub. A simple slash woof or slash pony, yay, is a gateway to people seeing and understanding that automation. Oh, and you want to write your own proud plugin? Well, let me show you this lovely and simple example that posts a Goose picture when you type slash Goose, or slash honk. All of this comes right back to honk CTL. A Goose themed security capture the flag or CTF based around Kubernetes and fun and silly objectives. It evolved quickly in a short amount of time, going from one night of hacking with the Twitter API to the next night, Alex Ellis installing inlets onto my poor laptop and finding my IP address and asking what the weather was in my state, and actually a little bit more narrow than that. That made me belly laugh, but only after I shut down the server and rebooted my router, because that was a little scary, but fun. We iterated fast. I involved Bob as I do with any of my crazy ideas, and we both had a lot of fun doing it. We let anyone and everyone join in to try and break Kubernetes, jailbreak out of our game even, and just enjoy themselves in a Kubernetes sandbox with no real rules. Some of the honk CTL games were multiplayer with everyone interacting with the same cluster. There were instances where we would actually have one or two good actors trying to lock down the cluster to prevent bad actors from doing anything or breaking the cluster. It was fantastic. The later ones removed a certain element of that chaos and provisioned many clusters for each participant, and with that the game grew. At the last challenge we ran into, it was quite literally untitled Goose Game, but in Kubernetes. Through various pivoting through RBAC and service accounts, players had to make their way through several levels or namespaces to eventually find a hidden bell. Many played, but the dream team of Sig Honk, comprised of Ian, Brad Geesman, and Duffy Cooley, were the first to complete it, and several others finishing shortly after. For the record, Bob was the genius behind that last challenge, and you can play it locally by installing KIND and running the manifest through the Honk CTL repo. I will be demoing this in a bit. But this all comes to, just like all the other examples I talked about with Community Fun, Honk CTL wasn't just silly fun or an inside joke. It was a way to make Kubernetes security more accessible and be used as both a sandbox and a teaching tool. When you can take a complex topic or a subject with a high bar for entry and make it extremely easy to explore and break things without any repercussions, people's curiosity will take over. I remember as a kid, I was lucky enough to have a computer growing up, but my parents were always extremely worried about breaking it just by clicking the wrong thing, and I feel like if they had had more of a sandbox or a controlled environment where they could explore without any repercussions, technology wouldn't have been so difficult for them to adopt. So if you can give someone like that sandbox or just that little bit of structure or a goal to strive towards, it'll help them learn and they won't really realize how much they're learning. So with that, I want to go over the last Honk CTL challenge. What does one of these games look like? Well, let's spin it up and see how it looks. First off, this assumes you have Golang Docker and Git installed. I will not be going over those, but we will go from there. So that includes installing kubectl and kind, and then let's just dive right in. All right. So first, we are going to get the latest version of kubectl. These instructions are on the Kubernetes website and if you Google install kubectl, you will get that just fine. I'm pretty much just going to copy and paste these. So we've downloaded the binary. Next, we want to make sure that we can execute it. And then last, we need to move it so it's in our path. Now, if we do a kubectl version, we see that we are using 193, which should be the latest. And I don't have any existing server configured, so we're good there. Next, let's go and get the latest version of kind, which as of this presentation is version 0.9. And then if we run a kind version, we see that we now have version 0.9. Though I'm not going to go over this, I will say for daily driving with kubectl and interacting with Kubernetes clusters, and especially when you are doing the existing challenge I'm going to show, the KCTX or kubectl context and KNS or kubectl namespace plugins are invaluable because you can do KNS and it'll list all the namespaces. You can also do KCTX and list all of your contexts. Very, very helpful. They are already installed, but I'm not going to go over them. I just wanted to shout them out. So next, what I said was we need to go and get the public version of the Hong CTL repo. So we'll just go and get cloned that. This is a public repo with all of the previous challenges and notes and the solution if you get stuck or you just kind of want to skip the fun and see the end goal. Next, we need to go into the challenges directory, find the March challenge, and then the next thing we do is we create a cluster using kind. We specify a config in the challenge because we need to enable some alpha features in order to lock down the cluster the way we needed to for this challenge. Do a little dance, watch cube up, keep cuddle tonight. That's all I had. But once this is up, we need to apply, there are three different folders full of manifests and we need to apply them in order. So that's why it's manifest 0, manifest, or sorry, manifest 01, manifest 02, and manifest 03. Sweet. So if we do, we see that we have a server version and a client version and if we do a cube cuddle, get nodes, we should see Hong CTL control plane, excellent. So next what we'll do is like I said, we will keep cuddle apply all of those manifests. PSPs were the alpha feature that we needed to enable, by the way, and then keep cuddle apply, manifest 03. Beautiful. The last step to start the challenge is to run a script that is also in the repo called goose.sh. What this is going to do is it is going to essentially, when you create a kind cluster, you automatically get cluster admin on that cluster. This will change all of the contexts that are needed and you will wind up in a garden as a goose. That's why it's called goose.sh. So once all of that has happened, to verify that everything is good, do cube cuddle, get nodes. You should be forbidden from getting nodes. In fact, you can see that you are now the service account of goose and you are in a garden. And if you get cube cuddle, get pods. No resources are found in the garden namespace. So that is how you start the last challenge. You can do this on your own locally, as I've shown, but I do want to give people a little bit of a hint on where to start, because as I explained with Untitled Goose Game, you have a to-do list. And if you look in this challenge, there are to-dos. And if you look at the to-dos, there happen to be some to-dos that you need to follow. So let's review what it took to get to this point so you can play around. Verify that you have cube cuddle in kind installed, clone down the repo, and then these instructions are also in the repo, just doing three cube cuddle applies, and then running the Goose script. To give someone a sandbox a game where they have to learn how to pivot through different RBAC rules, that's not a low bar to entry, I think. So that's that. There we go. Yeah, so it seems like this honk thing is here to stay. Many have and continue to rally behind it. A full year later, we're still flocking behind the banner of a Goose. I, for one, am extremely excited for Sig Honk's panel. I highly suggest everyone attend who can. I know they're keynoting, and I believe, yep, I am before them, so please go watch them and give them some love. And speaking of Sig Honk, 2020 has been a wild ride for many, myself included. Between virtual burnout and silly things like con talks, it's been tough to line things up for the next challenge. And the next challenge was a rather interactive attack and defend challenge involving Sig Honk. It hasn't gotten scheduled yet. What I can say, we've all talked. We want to make it happen this year. It won't disappoint. We just need to, you know, get life to slow down, hopefully. So with all of that said, let's brainstorm another game. Let's think about a game that's been skyrocketing in popularity for the last couple of months. It's a low bar to entry. The rules are simple, but it has unlimited potential and fun. It's something that we could build our next challenge or teaching tool or it's Among Us. I'm gonna make a game based on Among Us now. Among Us, for those of you that don't know, is a game much like Mafia or Werewolf. In the game, you and a team of others must run around and try to complete tasks on a map. Everyone is given a different task list, some overlap, and while people are doing tasks, no one is allowed to talk. However, Among You may be one or two evil imposters whose sole mission it is to sow mayhem and eliminate all the other crew members. In the game, the imposters win if the number of alive imposters becomes equal to the number of alive crew members. The crewmates win if they can complete all their tasks or if they eliminate all the imposters. The crew can send people out the airlock by voting them off the island, so to speak. During these crew meetings, people can talk, argue, debate, or stay silent. It's all about tactics and sussing out who's not doing tasks. It is a hilariously fun game, and I would be happy to play with anyone who thinks, yep, I can betray my friends and lie to their face. So, how can we turn Among Us into a cloud-native-fueled game? Well, let's think about what if you had to keep a workload alive by identifying malicious or misconfigured components running inside your cluster. The idea would involve things like adding disruption budgets or identifying workloads that could ooma node. This isn't multiplayer, but it becomes a fantastic tool for people new to Kubernetes applications and fault tolerance to learn common patterns and best practices while having some fun. Instead of Among Us, it's Disrupt Us, a wacky game of intrigue and workload management. So, you see all these copy pastas on Twitter lately with, like, fill in the blank after typing this phrase. And then I look at this one. I can't even imagine what many people would finish this with. Cloud-native computing is complex. Unachievable? Boring? I want to change that. Cloud-native computing is fun. Yes, it can be complex, but we can make it fun. Instead of a steep learning curve, we can build a ramp together. All I want to do is have fun with all of my friends, all of you, and the more fun we have together, the closer we become and the further we can go. So, what can we build together? What silly, crazy, fun ideas do you have? Please tell me, and let's have some fun. Thank you. Thank you for listening to me rant and talk about games and cloud-native stuff. Thank you for participating in Honk CTL and other goosey things in the community. Just thank you, because without you, I wouldn't be having as much fun as I have. I will be around on the Internet pretty much ad nauseam. I should be around after this talk. When this talk is broadcast, feel free to reach out to me, even if you want to just throw an idea my way. Please, let's have some fun together. And thank you.