Hi!

KubeCon + CloudNativeCon North America 2024 in Salt Lake City was an incredible gathering of the cloud-native community. This year, three key trends stood out: WebAssembly (WASM), Platform Engineering, and Security. Here’s a day-by-day recap of my experience, culminating in reflections on the most significant themes shaping the future of Kubernetes and cloud-native development.

Sunday & Monday: Cloud Native Rejekts

Before the main event, I had the honor of speaking at Cloud Native Rejekts with Mathieu Benoit. Our session, Platform Engineering Loves Security: Shift Down to Your Platform, Not Left to Your Developers, explored the intersection of platform engineering and security. We discussed how embedding security within platforms can free developers to focus on innovation without compromising compliance.

Watch the session here: Platform Engineering Loves Security: Shift Down to Your Platform, not Left to Your Developers!

Rejekts set the stage perfectly, with many experimental ideas and deep community discussions.

Must-Watch Sessions

• Ten years of Kubernetes: Building the future by Lachlan Evenson
• Abstracting Kubernetes: How Intuit is Migrating Services to a Simplified, Abstracted Paved Road by Shail Shah and Avni Sharma
• From Fragile to Resilient: Using Admission Policies to Strengthen Kubernetesby Marcus Noble
• The Untold Story of Unikernels and WASM by Ram Iyengar
• Secure-by-Default Cloud Native Applications by Jed Salazar and Jason Hall
• Virtual Machines, Containers, and WebAssembly Face-off by Jiaxiau (Joe) Zhou and Danilo Chiarlone (with a demo of Microsoft Hyperlight)

Tuesday: Microsoft AKS Pre-Day

Tuesday was all about the AKS Pre-Day, hosted by Microsoft. The sessions delivered an in-depth look at the Azure Kubernetes Service (AKS) roadmap, featuring advanced scaling strategies, seamless CI/CD integrations, and innovative security enhancements. Beyond the technical insights, the day highlighted Microsoft’s dedication to creating a Kubernetes platform that prioritizes developer experience and operational excellence. It also provided a fantastic opportunity to connect with fellow Microsoft MVPs, exchange ideas, and foster a stronger sense of community within the ecosystem.

Wednesday–Friday: KubeCon + CloudNativeCon NA 2024

Trend 1: WebAssembly (WASM) Rising

WASM was one of the most discussed topics, emphasizing its potential to revolutionize how workloads are run in Kubernetes environments.

• Session Highlight: Multi-Tier Security in WasmCloud by Bailey Townsend. This session showcased how WASM enables lightweight, secure, and portable applications, offering new ways to scale and secure workloads.
• WASM’s ability to provide isolation and reduced resource consumption positions it as a key technology for the future.

Trend 2: Platform Engineering Evolution

Platform engineering emerged as a linchpin for organizations striving to empower developers while maintaining operational excellence.

• Session Highlight: How Google Built a New Cloud on Top of Kubernetes by Jie Yu and Prashanth Venugopal. Their approach to creating developer-centric platforms redefined scalability while preserving agility.
• Session Highlight: Crossing the Chasm: The Journey of The New York Times IDP from Conception to Early Major by Andrew McFarlane and Prachi Mishra. Explore how The New York Times transformed its internal developer platform to bridge gaps in scalability and user adoption, enabling seamless innovation and collaboration.
• Session Highlight: Innovating at Scale: Building and Managing a Modern Developer Platform at U.S. Bank by Poonam Garg and Carrie Pommier. Discover how U.S. Bank revolutionized its developer platform to drive innovation at scale, balancing robust governance with developer agility for sustained growth.
• Platform engineering also underscored the importance of Shift Down, an approach we explored in our Rejekts session, where security becomes a seamless part of the platform’s DNA.

Trend 3: Security Takes Center Stage

Security remained a top priority at KubeCon NA 2024, with a strong focus on automation, proactive measures, and practical solutions for real-world challenges. The conversation highlighted the need to embed security seamlessly into Kubernetes workflows to protect workloads without stifling innovation.

• Session Highlight: eBPF for Creating Least Privileged Policies by Natalia Reka Ivanko and John Fastabend. This session offered a comprehensive look at leveraging eBPF to dynamically enforce least-privilege policies, showcasing its potential to enhance runtime security.
• Session Highlight: Why Perfect Compliance Is the Enemy of Good Kubernetes Security by Michele Chubirka, Google. This insightful talk emphasized balancing security best practices with operational realities, underscoring that striving for “perfect compliance” can sometimes hinder overall security effectiveness.
• Session Highlight: Working Together to Improve Security Visibility in Kubernetes by Rita Zhang and Jeremy Rickard. The session explored collaborative strategies for improving observability and addressing blind spots in Kubernetes environments.

Other notable mentions included:

• Falco Talon, a new initiative aimed at responding to security events with real-time precision.
• The partnership between Adobe and Autodesk, which demonstrated how to secure CI/CD pipelines effectively, ensuring that development velocity doesn’t come at the cost of security.

This year’s sessions reinforced the importance of adopting tools and strategies that make Kubernetes security not just robust but also manageable and scalable for teams of all sizes.

Must-Watch Sessions

Here are a few other standout sessions:

• Share the Ride: Robust Multi-Tenancy in Kubernetes at Uber by Sashank Appireddy & Apoorva Jindal.
• AI for Policy and Policy for AI! by Ronald Petty, Poonam Lamba, Andy Suderman, Boris Kurktchiev and Jimmy Ray.
• Elevate Your Kubernetes Policy Game with Kyverno! by Clément Breteche.
• TUF: Secure Distribution Beyond Software by Marina Moore.
• Copa: Project Copacetic — Directly Patch Container Image Vulnerabilities by Ashna Mehrotra
• Using Notary Project to Ensure Authenticity and Integrity of Artifacts by Toddy Mladenov and Tjark Rasche

Final Thoughts

KubeCon NA 2024 showcased the incredible maturity and innovation of the cloud-native community. The rise of WASM, the growing influence of platform engineering, and the unwavering focus on security point to an exciting future where collaboration, creativity, and cutting-edge technology drive the ecosystem forward.

Looking ahead, I’m excited to see how these trends evolve and shape the next wave of cloud-native advancements. Mark your calendars for KubeCon + CloudNativeCon Europe 2025 in London this April — let’s continue the conversation and innovation there!

Maxime.