I am excited to attend KubeCon 2025 London for the first time and my experience is awesome. I will be sharing some of my experiences, but first, let us start from day 0.
I came into Excel London to pick up my badge in a section of Excel London called S5. Getting the badge is quite easy, input your email on the tablet, and the printer will print out your badge.
The badge has different levels of access, and it determines the sessions you can access and the ones you can not access. My badge did not grant me access to all the sessions, but I shall talk about the sessions I attended.
First on my list was the EKS Auto mode session which was a workshop that took place at a different location from the main venue of the event. It took me a while to walk there, roughly twenty-five minutes from the main event.
I found out before going to the event that my old friend, who used to live in Nigeria, now in AWS, Olawale Olaleye is one of those taking the session. I got to the venue, got registered and in another ten minutes, the session started.
The session was a deep dive 2-hour workshop on the features of Amazon EKS Automode. It started with a brief introduction to EKS Automode, explaining its capabilities, scalability features, and how it improves the management of applications running in the Amazon Managed Kubernetes cluster. Then the workshop started proper. I spent time going through the workshop, which was a practical session that involved using an EKS Cluster with the Automode activate. It uses CRDs to manage components the cluster needs to run. The amazing part for me was how a simple deployment created all the required components for it. From an empty cluster with no worker nodes to a NodePool being created, a node within the pool and the application are scheduled and deployed to the Node. The orchestration of Nodes was managed by Karpenter running within the cluster.
The major operations that stood out for me during my workshop are:
- Topology spread of workloads in Amazon EKS, making the pods Zone-aware and ensuring they are deployed across availability zones.
- How Karpenter responds to changes in real-time and adjusts workloads from 0 worker nodes to X, which is determined by the workloads that are deployed.
- How HPA (Horizontal Pod Autoscaler) works in tandem with Karpenter to ensure optimal resources are allocated to workloads deployed.
- Migration of Workloads from EKS Fargate, Managed Node Group, and Unmanageable Node Groups to Karpenter.
- Configuring different NodePools for different unique purposes using Karpenter.
After the 2-hour workshop. I was tired because I was reading, understanding, and following the practice steps that were shared. Then I headed for the lighting talks which was one the exciting parts of the day for me. Lighting talks are short sessions of roughly 5- 10 minutes where open-source project maintainers in the CNCF ecosystem are allowed to introduce their projects, talk about new features in the works, and an opportunity to invite contributors to the different projects. Each session was short and succinct. The following are some of the projects that I took note of:
Copacetic is an open-source tool designed to patch container images without requiring access to the source code or Dockerfiles. It enables security teams and developers to apply patches to vulnerable dependencies inside containerized applications without rebuilding the entire image. By analyzing and modifying container layers, Copacetic helps organizations quickly address security vulnerabilities while maintaining operational efficiency. This approach is particularly useful for securing third-party or legacy images where rebuilding is not feasible.
Kanister is an open-source framework designed to simplify data protection and management for Kubernetes applications. It provides a customizable and extensible way to define and execute backup, restore, and disaster recovery workflows tailored to specific application needs. By leveraging Kubernetes-native constructs, Kanister enables automated, application-aware data management across various storage backends. This makes it particularly useful for stateful applications running in Kubernetes, ensuring data resilience and operational continuity with minimal manual intervention.
Falco is an open-source, cloud-native security tool that provides real-time runtime security across hosts, containers, Kubernetes, and cloud environments. By leveraging extended Berkeley Packet Filter (eBPF) technology, Falco monitors system calls and other data sources to detect abnormal behavior, potential security threats, and compliance violations. It uses customizable rules to analyze events and can send alerts to various platforms, including Slack, email, and SIEM systems like Splunk. Falco integrates seamlessly with Kubernetes and can monitor cloud services such as AWS CloudTrail, GitHub, and Okta through its plugin system. As a graduated project under the Cloud Native Computing Foundation (CNCF), Falco is widely adopted for its efficiency, scalability, and ability to provide deep visibility into cloud-native environments.
LitmusChaos is an open-source chaos engineering platform designed to help teams proactively identify and mitigate weaknesses in cloud-native infrastructures and applications. By orchestrating controlled chaos experiments, LitmusChaos enables developers and site reliability engineers (SREs) to assess system resilience under various failure scenarios. The platform offers a comprehensive suite of features, including a centralized management interface for creating, scheduling, and monitoring chaos workflows, as well as a diverse library of predefined experiments available through its ChaosHub. Additionally, LitmusChaos supports the integration of custom experiments, allowing users to tailor tests to their specific environments. By systematically introducing faults and observing system behavior, organizations can enhance their applications’ reliability and ensure robust performance in production environments.
Kubescape is an open-source Kubernetes security platform that delivers comprehensive protection throughout the development and deployment lifecycle. It enables developers to detect misconfigurations early by scanning manifest files at submission, supports continuous runtime monitoring for deployed applications, and integrates seamlessly with popular IDEs like VSCode and Lens, as well as CI/CD pipelines such as GitHub and GitLab. Kubescape assesses active Kubernetes clusters for vulnerabilities and ensures compliance with multiple security frameworks, including NSA-CISA Kubernetes Hardening Guidance, MITRE ATT&CK®, SOC 2, and CIS Benchmarks. Additionally, it validates YAML files and Helm charts for correct configurations, promoting a proactive approach to security.
Kepler (Kubernetes-based Efficient Power Level Exporter) is an open-source Prometheus exporter designed to monitor and estimate the energy consumption of containerized workloads in Kubernetes environments. By utilizing eBPF (extended Berkeley Packet Filter), Kepler probes CPU performance counters and Linux kernel tracepoints to collect detailed system metrics. These metrics, combined with data from sysfs, are processed through machine learning models to estimate the energy usage of individual pods. This enables users to gain insights into the power consumption of their applications, facilitating more energy-efficient operations within cloud-native infrastructures.
Volcano is an open-source, cloud-native batch scheduling system designed to enhance Kubernetes’ capabilities for managing compute-intensive workloads such as machine learning, deep learning, big data processing, and high-performance computing (HPC) applications. It offers advanced scheduling features, including gang scheduling, fair-share policies, bin packing, and support for heterogeneous devices like GPUs and NPUs, thereby optimizing resource utilization and improving job performance. Volcano integrates seamlessly with popular computing frameworks such as TensorFlow, Spark, PyTorch, Ray, and Flink, providing unified job scheduling across diverse workloads. Additionally, it supports multi-cluster scheduling, hierarchical queue management for fine-grained resource control, and dynamic descheduling to maintain system stability. By extending Kubernetes’ native scheduling capabilities, Volcano enables the efficient and scalable execution of complex batch jobs in cloud environments.
OpenTelemetry has introduced semantic conventions tailored for Continuous Integration and Continuous Deployment (CI/CD) systems, aiming to standardize the collection and analysis of telemetry data across diverse CI/CD tools. These conventions define a common set of attributes for various aspects of CI/CD pipelines, including pipeline names (cicd.pipeline.name), run identifiers (cicd.pipeline.run.id), task names (cicd.pipeline.task.name), and results (cicd.pipeline.result). By adopting these standardized attributes, organizations can achieve consistent observability into their CI/CD processes, facilitating the identification of bottlenecks, monitoring of pipeline health, and enhancement of deployment efficiency. This initiative addresses the challenges posed by the fragmented nature of CI/CD tools, promoting interoperability and comprehensive monitoring across different platforms.
Many other projects were highlighted, but these are the few I took note of during the lighting talk sessions.
Conclusion
In all day 1 of KubeCon2025 was an opportunity to learn about improvements in existing technology and fresh ways of using popular technologies. It was also a great opportunity to meet and connect with industry leaders in the Cloudnative space and learn from them. The conference is still on for the next three days. I cannot wait to see what comes up next.
