The document summarizes several presentations from KubeCon US 2021 and RookCon 2021. Key topics included the evolution of Twitter's edge network architecture using Envoy, running dedicated infrastructure for customers in a multitenant Kubernetes environment at Adobe, challenges of adopting Envoy at Tinder, and various sessions on storage solutions like Rook, database deployments on Kubernetes, and networking with Multus and eBPF.

1. KubeCon US 2021
Recap

3. The Evolution of Twitter's Edge - Ryland Degnan, Twitter
● Edge Proxy Use-case
● Pre-2014 edge POPs were dumb
○ No TLS termination
○ Most time spent in establishing connections
● Twitter Streaming Aggregator (TSA) Client - 2014
○ Created by Matt Klein, L7 rev proxy with TLS termination
○ Custom and hard to maintain
● Replaced TSA with Envoy in 2019/20
○ Extended Envoy with Twitter TLS Terminator (T3) OSS
○ Handle bot attack on un-authenticated endpoints
○ TLS1.3 - 38% faster

6. Dedicated Infrastructure in a Multitenant World - Carlos Sanchez, Adobe
● Running Adobe Experience Manager on K8s
● Customers needed dedicated infra
○ Egress IPs
○ Private Connections
○ End to End mTLS
● Architecture
○ Envoy sidecars connected to
○ Dedicated Envoy VMs in VNETs
○ Private Connection to the workloads

8. The Trials and Success of Adopting Envoy at Tinder -
● Issues with conventional networking
○ 4000 nodes per cluster
○ Flannel couldn’t keep up
● Adopted for extensive features
○ Efficiency Improvements
○ Retries
○ Circuit Breakers
○ Timeouts
○ Observability / Tracing
● Challenges
○ Getting the config down
○ Mesh life-cycle issues

9. eBPFCon 2021
● A Beginner's Guide to eBPF Programming for Networking - Liz Rice,
Isovalent
● Using BPF Iterators to Gain Insight into Kubernetes - Alban Crequy
● LSM BPF Change Everything - Leonardo Di Donato, Elastic & KP Singh,
Google
● The Cross-Platform Future of eBPF- Dave Thaler, Microsoft
● eBPF & Cillium at Sky- Sebastian Duff & Anthony Comtois, Sky
● Portable BPF with CO:RE - Grant Seltzer Richman, Aqua Security (Tracee)

11. Capacity Scheduling for Elastic Resource Sharing in Kubernetes -
Qingcan Wang, Alibaba & Yuan Chen, Apple
● Problem
○ Resource Quotas are based on admission control
○ Which causes low cluster utilization
● Dynamic Resource Sharing
○ Elastic quotas
○ Fair Sharing
○ Hierarchical resource quotas

12. What Kind of CPU is it Anyways? Airbnb's Journey to Heterogeneous
Clusters - David Morrison & Evan Sheng, Airbnb
● Initially had environment based clusters with single
node types
● Eventually created further clusters per instance type
in each environment
● Using cluster-proportional autoscaler
● Cluster-auto-scaling issues
● Created node-type aware a
Cluster-auto-scaling plugin

14. OpenTelemetry Collector Deployment Patterns - Juraci Paixão Kröhling,
Red Hat
● OpenTelemetry Collector
○ Basic 1 and 2 (sdk - external collector)
○ Normalizer (jaeger client + prom endpoint)
○ On Kubernetes (side car / daemonset)
○ Load Balancer (supports forwarding)
○ Multi-cluster (end cluster to central cluster)
○ Multi-tenant (forward to multiple dbs/jaeger)

16. Data Science for Infrastructure: Observe, Understand, Automate - Zain
Asgar & Natalie Serrino, New Relic
● Pixie
○ CNCF Sandbox
○ Acquired by NewRelic
○ Built with eBPF

17. Reliable Enterprise Storage on Kubernetes
● Rook: Enterprise Storage for Kubernetes - Travis Nielsen, Red Hat
○ In: how to trust a storage platform?
○ Out: what about operations expertise?
● Rook: Intro and Ceph Deep Dive - Travis Nielsen, Sebastien Han & Blaine
Gardner, Red Hat; Satoru Takeuchi, Cybozu, Inc

18. Storage and Networking: Rook on Multus
● Storage and Networking: Rook on Multus - Sébastien Han & Rohan Gupta,
Red Hat

19. DR of Stateful Applications in a Multi-Cluster Environment
● Disaster Recovery of Stateful Applications in a Multi-Cluster Environment -
Orit Wasserman & Shyamsundar Ranganathan, Red Hat

20. Trailmix
● CNCF Storage TAG - Alex Chircop, StorageOS & Raffaele Spazzoli, RedHat
○ CNCF Landscape Storage Projects Lifecycle
○ Rook/Ceph, Vitess, etcd, TiKV
○ Performance and Benchmarking
○ BCDR
● Kubernetes SIG Storage Introduction and Update - Xing Yang, VMware &
Michelle Au, Google
○ CSI is very mature; iterative improvements
● RabbitMQ on Kubernetes Deep Dive - David Ansari, VMware
● A New Generation of NATS - Matthias Hanel & Jean-Noël Moyne, Synadia
● How to put a Database in Kubernetes - Jeffrey Carpenter, DataStax

21. Sessions
● Rook: Enterprise Storage for Kubernetes - Travis Nielsen, Red Hat
● Cloud Native Storage: Storage TAG Intro, Projects, Landscape & Technology - Alex Chircop,
StorageOS & Raffaele Spazzoli, RedHat
● Disaster Recovery of Stateful Applications in a Multi-Cluster Environment - Orit Wasserman &
Shyamsundar Ranganathan, Red Hat
● RabbitMQ on Kubernetes Deep Dive - David Ansari, VMware
● Rook: Intro and Ceph Deep Dive - Travis Nielsen, Sebastien Han & Blaine Gardner, Red Hat; Satoru
Takeuchi, Cybozu, Inc
● Storage and Networking: Rook on Multus - Sébastien Han & Rohan Gupta, Red Hat
● How to put a Database in Kubernetes - Jeffrey Carpenter, DataStax
● Taking Your Database Beyond the Border of a Single Kubernetes Cluster - Christopher Bradford,
DataStax & Ty Morton, Google
● A New Generation of NATS - Matthias Hanel & Jean-Noël Moyne, Synadia
● Kubernetes SIG Storage Introduction and Update - Xing Yang, VMware & Michelle Au, Google