Open Source Summit North America 2025

Open Source Summit North America 2025

June 23 - 25, 2025
Denver, Colorado
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Mountain Daylight Time (UTC/GMT -6). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

11:20am MDT

Building Trust in ML: Mapping the Model Lifecycle for ML Integrity and Transparency - Marcela Melara, Intel Labs

Monday June 23, 2025 11:20am - 12:00pm MDT

Bluebird Ballroom 2F

Open machine learning (ML) models and datasets are rapidly becoming central to building AI applications. While this trend accelerates innovation and democratizes AI, it exposes applications to security risks like data poisoning and supply chain attacks. Threats like malicious backdoors hidden in pre-trained ML models hosted on major hubs like Hugging Face emphasize the wide reach compromises can have. So, how do we build trust in the ML lifecycle?
This talk presents Atlas, a framework that combines open specifications for data and software supply chain provenance like Coalition for Content Provenance and Authenticity (C2PA) and Supply-chain Levels for Software Artifacts (SLSA) with the integrity features of transparency logs and trusted hardware to run attestable ML pipelines. First, we motivate the need to safeguard all layers of the ML lifecycle. We describe and demonstrate how Atlas’s three core mechanisms enable verification: (1) cryptographic artifact authentication, (2) hardware-based attestation of ML systems, and (3) provenance tracking across ML pipelines. Our Atlas demo integrates several open-source tools to build an end-to-end ML lifecycle transparency system.

Speakers

Marcela Melara

Research Scientist, Intel Labs

Marcela Melara is a research scientist in the Security and Privacy Research group at Intel Labs. Her current work focuses on developing solutions for high-integrity software and AI supply chains. She leads a number of internal, academic and open-source projects on supply chain and... Read More →

Monday June 23, 2025 11:20am - 12:00pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Intermediate

11:20am MDT

The Power of Consolidation: A Unified Stack for Business Intelligence, Security, and Observability - Josh Lee, Altinity, Inc. & Mya Jaye, C8 Labs

Monday June 23, 2025 11:20am - 12:00pm MDT

Bluebird Ballroom 2G

Imagine you’re responding to a production incident, and you’re trying to answer simple questions about it. How many systems do you need to consult when assessing the impact of events at your company? Do you manage different technology stacks for observability, security, and business intelligence?

What if we told you, you could create a unified stack capable of serving all stakeholders simultaneously? In this talk, Mya and Josh explore how open source technologies like ClickHouse, OpenTelemetry, and Grafana enable complex business use cases using modern tooling and practices.

Regardless of your function, you will leave with a deeper understanding of how consolidating these concerns into a unified stack reduces technical complexity and provides a common language for everyone to use - from engineers building new features and product managers evaluating their success, to operators keeping the lights on and C suite’s birds-eye view of the company.

Whether you’re working with a data lake, or more of a data pond, we offer practical architectures and solutions to streamline your operations and bring your stakeholders together, all while using fewer resources.

Speakers

Mya Jaye

Founder, C8 Labs

A brilliant, talented, self-taught, ambivert who loves attending and speaking at conferences. I love tinkering with small board computers like raspberry pis.☕ If you see me around, don't hesitate to come say hi!🏒 Hockey player since I was 7💻 Programming since I was 14... Read More →

Josh Lee

Open Source Developer Advocate, Altinity, Inc.

Whether it’s operators or observability, agile or accessibility, my expertise shines because I’m passionate about all of it. I’ve been building software for more than a decade and I love sharing experiences via public speaking. I’m currently a Developer Advocate for Altinity... Read More →

Monday June 23, 2025 11:20am - 12:00pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

1:30pm MDT

Gopher Meets Crab: A Rust Journey in Cloud Native - Phil Estes, AWS

Monday June 23, 2025 1:30pm - 2:10pm MDT

Bluebird Ballroom 2G

If you've been around the container and cloud native ecosystem for any length of time, you know most major components are written in Go: from Docker to runc and from Kubernetes to etcd! This means that many of the common constructs, for example the OCI specs, or Kubernetes API resources, are easy to use from other Go programs, but not quite as easy when you step outside of the Go ecosystem.

In this talk we'll dive into the experience of trying to use containers from a Rust-written client and delve into existing work from early adopters of Rust. There are quite a few crates that help us along the way, providing some level of parity for Rust developers in the cloud native ecosystem. There are still complexities and hurdles as well, and we'll share our experience navigating this as a long-time Go programmer and Rust newbie.

Attendees will take away some quick tips as well as gotchas for working in the container and cloud native ecosystem as a Rust developer and, who knows, maybe soon the Gopher and the Crab will be the best of friends.

Speakers

Phil Estes

Principal Engineer, Core Container Technology, AWS

Phil is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS. Phil is an active contributor and maintainer for the CNCF containerd runtime project, and participates in the Open Container... Read More →

Monday June 23, 2025 1:30pm - 2:10pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Beginner

1:30pm MDT

Mainframes Aren’t Dead, They’re Just Running Kubernetes Now - Josephine Pfeiffer, Red Hat

Monday June 23, 2025 1:30pm - 2:10pm MDT

Bluebird Ballroom 2F

Mainframes have been declared dead more times than JavaScript frameworks have been invented—but here they are, still running the backbone of global finance, government, and enterprise computing. And now? They’re running Kubernetes too.

This talk dives into the why and how of running Kubernetes on mainframes, from containerization on z/OS to networking, workload orchestration, and real-world use cases. We’ll break down the challenges, the benefits, and whether this is a clever hack or a genuinely viable approach for modern infrastructure. If you think mainframes are relics, think again—because they’re running microservices now.

Speakers

Josephine Pfeiffer

Senior Cloud Native Consultant, Red Hat

Josephine is a consultant specializing in developer productivity and infrastructure. She has worked for enterprises, SMEs, and startups in roles spanning platform engineering, DevOps, Site Reliability Engineering, and technology management.She is an active open-source contributor... Read More →

Monday June 23, 2025 1:30pm - 2:10pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Intermediate

2:25pm MDT

EdgeLake: Extending the Cloud To the Edge – an LF Edge Project - Moshe Shadmon, AnyLog

Monday June 23, 2025 2:25pm - 3:05pm MDT

Bluebird Ballroom 2G

As data volumes grow and real-time processing becomes essential, traditional cloud architectures face limitations in cost, latency, and security. The traditional approach moves all edge data to where the queries are executed—in the cloud—leading to inefficiencies and high costs. EdgeLake (https://lfedge.org/projects/edgelake/), an LF Edge project, takes the opposite approach by bringing queries to the source data at the edge, enabling decentralized data management and local AI/ML processing.

In this talk, we’ll explore how EdgeLake eliminates cloud dependencies, optimizes data infrastructure, and reduces operational costs while ensuring real-time decision-making at the edge. We’ll discuss key use cases (and show a live demo) across industrial automation, smart cities, energy, and telecom, demonstrating how organizations can leverage EdgeLake to unlock the full potential of edge computing.

Join us to learn how EdgeLake is reshaping the future of distributed data architectures and making edge intelligence more accessible.

Speakers

Moshe Shadmon

CEO, AnyLog

Moshe Shadmon, CEO at Anylog. AnyLog’s Virtual Edge Data Network is a Plug & Play software, deployed at the edge, allowing real-time insight without centralizing the data. AnyLog enables deployment of applications and AI at the distributed edge. Prior to AnyLog, Moshe was the CEO... Read More →

Monday June 23, 2025 2:25pm - 3:05pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

2:25pm MDT

Through the Looking Glass: Leveraging Overton Window Concepts To Redefine Infrastructure as Code - Ben Somogyi, Lockheed Martin

Monday June 23, 2025 2:25pm - 3:05pm MDT

Bluebird Ballroom 2F

The Overton window, a concept originating in politics, refers to the range of policies that are considered acceptable to a broad and diverse audience. In this session, we will share our experiences and recommendations on how to successfully adapt to shifting "Overton Windows", as they pertain to mainstreaming our platform to support a wide range of customer requirements while minimizing non-recurring engineering expenses. At Lockheed Martin, we have developed a modular open system that incorporates Secure Supply Chain and Cloud Native standards, enabling us to rapidly deliver capabilities to customers in highly regulated and diverse environments, while navigating the complexities of evolving requirements and priorities.

Speakers

Ben Somogyi

Senior Staff DevSecOps Engineer, Lockheed Martin

Versatile, hands-on technical leader and software developer who is building cloud native solutions for Lockheed Martin and its customers.

Monday June 23, 2025 2:25pm - 3:05pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Intermediate

3:35pm MDT

A Brief History of Kubernetes Fleet Controllers & Essential Features - Mickael Alliel, Komodor

Monday June 23, 2025 3:35pm - 4:15pm MDT

Bluebird Ballroom 2G

Managing a few Kubernetes clusters may be feasible, but scaling up to hundreds or thousands introduces unique challenges. At a 100:1 cluster to engineer ratio, standardization, observability, security, and access control become pressing issues. This is when DevOps must shift from "infrastructure engineers" to "platform engineering," where infrastructure needs are fully automated and self-service.

As K8s adoption grows in large organizations, demand for "massive multi-cluster fleet management" support has intensified. This talk examines essential features for Kubernetes fleet controllers, offering a fast-paced review of five open-source tools: Clusternet, Karmada, Crossplane, ClusterAPI, and Rancher. Each tool's unique strengths in provisioning, management, and application support will be covered, showing how each addresses multi-cluster management challenges.

This approach will provide a replicable framework to evaluate & choose the right tools based on specific organizational needs.

Speakers

Mickael Alliel

Backend Tech Lead, Komodor

Mickael is a self-taught developer turned DevOps, passionate about automation, innovation, and creative problem-solving. Mickael enjoys challenging himself and experimenting with new technologies and methodologies. Currently, he is working on developing the next-gen K8s troubleshooting... Read More →

Monday June 23, 2025 3:35pm - 4:15pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

3:35pm MDT

Toward Usable Open-source Remote Attestation for Cloud and Edge - Lily Sturmann & Michael Peters, Red Hat

Monday June 23, 2025 3:35pm - 4:15pm MDT

Bluebird Ballroom 2F

The ability to quickly observe and respond to security threats on remote machines is critically important for business and infrastructure, yet gaps still exist when applying cryptographic attestation solutions in real-world scenarios. Accessible policy generation, clear ways to understand attestation results, and methods for handling system updates need to be available to make remote attestation feasible. Adapting attestation best practices and tools to environments like edge and IoT, with vast scale requirements and limited network connectivity, can pose challenges as well.

Using the speakers’ experience working on open source projects Keylime (remote attestation) and flightctl (edge management), the session will walk through design considerations and challenges in bringing these tools together to monitor remote fleets of edge, IoT, and cloud-based systems at key points in the devices’ lifecycles. Further, the session will discuss remaining open problems as well as some potential solutions working toward the goal of usable, clear, and accurate attestation of remote systems.

Speakers

Lily Sturmann

Principal Software Engineer, Red Hat

Lily is a principal software engineer at Red Hat in the Office of the CTO in Emerging Technologies. She has primarily worked remote attestation, confidential computing, and software supply chain security. Her favorite language is Rust.

Michael Peters

Red Hat, Red Hat

Michael Peters is a Principal Engineer in Emerging Technologies in Red Hat's Office of the CTO. He is a senior systems engineer and programmer with an emphasis on DevOps, Security, and Operability and is one of the current maintainers of the Keylime project. His experience in both... Read More →

Monday June 23, 2025 3:35pm - 4:15pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Advanced

4:30pm MDT

Effortless Secure and Control Traffic Using Kubernetes Gateway API for Ingress, Egress and Mesh Traf - Lin Sun, solo.io

Monday June 23, 2025 4:30pm - 5:10pm MDT

Bluebird Ballroom 2F

How do you secure and control traffic for your north-south (ingress/egress) and east-west (service-to-service) traffic within your Kubernetes cluster? Do you have a unified approach for debugging, observability, and operational consistency across all traffic types?
With the growing maturity of the Kubernetes Gateway API, it’s now easier than ever to manage traffic in all directions with a unified and consistent approach. The Gateway API allows you to control and secure traffic flow without requiring application restarts, offering a seamless way to manage both ingress and egress traffic, as well as service mesh (east-west) communication.
This demo-driven session will showcase how to use the Kubernetes Gateway API to control traffic for both north-south and east-west directions. Leveraging Istio Ambient Mesh, Kgateway, and HTTP metrics, we’ll dynamically monitor application health, progressively roll out new versions, and control external API calls to optimize costs.

Speakers

Lin Sun

Head of Open-Source, solo.io

Lin is the Head of Open Source at Solo.io, and a CNCF TOC member and ambassador. She has worked on the Istio service mesh since the beginning of the project in 2017 and serves on the Istio Steering Committee and Technical Oversight Committee. Previously, she was a Senior Technical... Read More →

Monday June 23, 2025 4:30pm - 5:10pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Beginner

4:30pm MDT

Harnessing Observability for 5G Performance: eBPF and OpenTelemetry Innovations - Fatih E. Nar & Jamie Parker, Red Hat

Monday June 23, 2025 4:30pm - 5:10pm MDT

Bluebird Ballroom 2G

This session explores the integration of eBPF and OpenTelemetry (OTel) for achieving unparalleled observability and performance in 5G networks. By leveraging the K8s Operator framework, we demonstrate the Kubernetes-native deployment of advanced observability tools, including the bpfman stack for managing eBPF programs and the OpenTelemetry Operator for scalable telemetry pipelines. Participants will gain actionable insights into optimizing 5G Cloud Native Network Functions (CNFs) through precise observability, robust performance metrics, and real-time diagnostics, while ensuring security and multi-tenancy.

Speakers

Fatih E. Nar

Distinguished Architect, Red Hat

Fatih E. NAR brings extensive experience and influence to Linux, OpenStack, and Kubernetes ecosystems. His contributions drive progressive development and foster a robust TME community. With a background at Google, Verizon Wireless, Canonical Ubuntu, and Ericsson, Fatih's diverse... Read More →

Jamie Parker

Principal Product Manager, Red Hat

Jamie Parker is a Product Manager at Red Hat who specializes in Observability, particularly in the Logging and OpenStack areas. At Red Hat, Jamie works with organizations and customers to learn about their needs within the ever changing Observability landscape, and based on their... Read More →

Monday June 23, 2025 4:30pm - 5:10pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

11:00am MDT

Bring the Power of Wireshark To Syscalls and Logs With Stratoshark - Gerald Combs, Sysdig, Wireshark Foundation

Tuesday June 24, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2F

Stratoshark is a powerful system call and log analyzer built on Wireshark's ubiquitous exploration, drill-down, and analysis capabilities. It is enriched with data sources from the libraries of the open source detection engine Falco, the standard for cloud-native threat detection. Stratoshark enables deep analysis and troubleshooting across Linux servers, Kubernetes clusters, and any system that generates Linux system calls or real-time log events. But fear not, Stratoshark maintains Wireshark’s classic, intuitive interface.

In this talk, Gerald Combs, the creator of Wireshark and co-creator of Stratoshark, will provide an update on the project since its announcement in January and showcase a live demo of Stratoshark, including how it extends the familiar Wireshark user experience to system calls and AWS audit events. Learn how Stratoshark builds on a legacy of open source innovation to broaden and modernize Wireshark’s range of use cases into cloud-native computing.

Speakers

Gerald Combs

Director of Open Source Projects, Sysdig, Wireshark Foundation

Gerald has the great fortune of working with fantastic open source teams as part of Wireshark's leadership and at Sysdig.

Tuesday June 24, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Intermediate

11:00am MDT

Towards Confidential AI for the Masses! - Julian Stephen & Michael Le, IBM

Tuesday June 24, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2G

Confidential AI leveraging GPUs can bring AI to the masses without sacrificing the privacy of end users. Individual open source technologies already exist to configure, deploy, and manage confidential TEEs. However, clobbering a multitude of components into a coherent, secure, and efficient solution is challenging with many pitfalls. For example, depending on use cases and involved parties (cloud/model/service owners), attestation and key management methodology can vary drastically. In addition, for TEEs with confidential GPUs, complexity extends to increased load times, affecting services that serve multiple models.

This talk will go through key components and design decisions needed to enable confidential AI. Specifically: i) implications of different trust models on the solution and (ii) performance tradeoff considerations. To concretize the discussion, we will present a detailed end-to-end 'how to', for deploying an inference service on Nvidia H100 GPUs and AMD-based TEE with a focus on protecting the model and the user input. The audience will be able to appreciate why there can be no one size fit all confidential AI solution and understand what design works for them.

Speakers

Julian James Stephen

Research Scientist, IBM

Julian Stephen is a research scientist in the security group at IBM T. J. Watson Research Center, NY. He is interested in building systems and models that solve real world problems without compromising security and privacy of data. He received his Ph.D. in Computer Science from... Read More →

Michael Le

Security Researcher, IBM

Michael is currently a research staff member at the IBM T. J. Watson Research Center. His general research interest is in systems security with a focus on containers, virtualization, operating systems, and confidential computing. He enjoys long hacks in the kernel.

Tuesday June 24, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

11:55am MDT

Cross-cloud App Splitting With WebAssembly Components - Matt Butcher, Fermyon

Tuesday June 24, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2G

Take one single application compiled to WebAssembly and split it into pieces at deployment time. Run these pieces in different Kubernetes deployments, different clouds, or even split across edge and cloud.

This code-forward talk will show how to write an application using Wasm components and a combination of Rust and TypeScript. We'll show how to use the CNCF project Spin for developing apps, and then use Kubernetes, Helm, SpinKube, and other open source tools to deploy this application in multiple locations.

Conceptually, we'll tie this new development pattern to microservice architecture and distributed systems to show how WebAssembly's Component Model is paving the way for a new class of application.

Speakers

Matt Butcher

CEO, Fermyon

Matt Butcher (CEO) is a founder of Fermyon. He is one of the original creators of Helm, Brigade, CNAB, OAM, Glide, and Krustlet. He has written or co-written many books, including "Learning Helm" and "Go in Practice." He is a co-creator of the "Illustrated Children’s Guide to Kubernetes... Read More →

Tuesday June 24, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

11:55am MDT

Mock Me If You Can: Using Mocks in Container Applications for Integration Testing - John Coyne, Discover Financial Services

Tuesday June 24, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2F

Automated testing needs to offer fast, reliable feedback so that defects can be quickly identified and resolved. In this session, I'll talk about how to use the open-source service virtualization framework, Wiremock, as a sidecar container to mock out the dependent services of an application running in a container platform. This can be used in Narrow Integration testing of an application as part of a CI/CD pipeline to ensure maximum code coverage along with stability of the test suite.

I'll walk attendees through a demo of practical use and share some best practices I've learned when setting up a Wiremock container for testing. Attendees will leave with a better understanding of Wiremock and tips for how to use it in their own testing scenarios.

Speakers

John Coyne

Distinguished Engineer of Application Engineering, Discover Financial Services

John is a Distinguished Engineer of Application Engineering at Discover Financial Services with over 20 years of experience building Java applications. His current interests include Observability, CI/CD automation, Kubernetes, and good API design. Outside of work, John enjoys spending... Read More →

Tuesday June 24, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Intermediate

11:55am MDT

Sponsored Session: Following the Golden Image Road: Best Practices and Pitfalls - Natalie Somersall, Chainguard

Tuesday June 24, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3H

The rise and increased prevalence of software supply chain attacks, the strengthened security requirements of compliance frameworks, and the speed and complexity of automated software development and build processes have all driven the need for open source standardization, often called Golden Image or Base Image programs.

But while DevOps and security teams recognize how critical open source standardization is, few feel comfortable tackling a large and fragmented challenge like open source software delivery, especially across diverse and disparate developer needs.

Join Chainguard’s Natalie Somersall to learn about best practices and common pitfalls that you
should be on the lookout for when taking on a golden image program.

Audience members will walk away with a clear understanding of the right change management milestones to keep in mind, the critical implementation criteria, and the most compelling use cases to make developers more productive and deliver secure open source software from the
start.

Speakers

Natalie Somersall

Principal Field Engineer, Public Sector, Chainguard

Natalie is a principal solutions engineer at Chainguard serving the public sector market. She spent years designing, building, and leading complex systems in regulated environments at a major systems integrator, but has also taken her career in many other directions - including detours... Read More →

Tuesday June 24, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3H

Cloud + Containers

2:10pm MDT

Let’s Farm Out Our Image Builds! - Urvashi Mohnani, Red Hat

Tuesday June 24, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2G

As the fast-paced AI-driven landscape of computing continues to diversify, the importance of multi-arch container images cannot be overstated. Applications are no longer confined to data centers but extend across multiple platforms, devices, and appliances.

Wouldn’t it be great if we could build images for every architecture from just one machine? It would be even more amazing if we could do that without the slowness of emulation! This is where Podman farm comes in. Podman farm is a new feature that allows you to 'farm' out builds to groups of machines you have access to, enabling you to easily build multi-architecture images with a single command. In this talk, we will highlight the challenges of multi-architecture builds and demonstrate how Podman farm addresses them, keeping performance and usability in mind.

Container images that run seamlessly across different architectures ensure consistency, reduce complexity, and accelerate the development cycle. This session will empower attendees to develop on one architecture and deploy confidently on another.

Speakers

Urvashi Mohnani

Principal Software Engineer, Red Hat

Urvashi Mohnani is a Principal Software Engineer on the OpenShift Container Tools team at Red Hat. She has spent the last few years contributing to and maintainer open source container tools projects including podman, buidlah, cri-o, and skopeo. She is a co-organizer of DevConf.US... Read More →

Tuesday June 24, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Beginner

2:10pm MDT

Whoops! I Accidentally Leaked My Cloud Keys - Eve Martin-Jones & Hayden Blauzvern, Google

Tuesday June 24, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2F

Leaked credentials aren't a new problem, but the primacy and complexity of Cloud environments means that leaked credentials are more likely than ever to be your problem. Not only that, but recent research has shown that it may only be a matter of seconds between a leak and an exploit. As the systems for developing, building, publishing and deploying applications become more sophisticated, the types of leaks developers need to guard against also change.

In this talk, we will present new research by the Google Open Source Security Team into when and how developers leak credentials in modern software applications. We'll discuss some of the common ways leaks occur for developers of open source artifacts like containers and software packages. We'll also provide practical insights into scalable credential scanning and ecosystem-level protections for developers and organizations who want to keep their credentials secure to help when every second counts.

Speakers

Eve Martin-Jones

Senior Software Engineer, Google

Eve is an engineer working on open source software security at Google. She lives in Australia, with her cat Mochi, who is surprisingly proficient at JavaScript. Between D&D campaigns, she can be found deciphering the Cargo dependency-resolution algorithm bug-for-bug, advocating for... Read More →

Hayden Blauzvern

Technical Lead Manager, Google

Hayden Blauzvern is a technical lead manager on Google’s Open Source Security Team, focused on making open-source software more secure through code signing and applied transparency. Hayden is a maintainer and the community chair on the Sigstore project.

Tuesday June 24, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Any

3:05pm MDT

Apache Gravitino: A Multi-regional, Geo-distributed Meta Datalake - Justin Mclean, Datastrato

Tuesday June 24, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2F

Managing metadata can be complex and time-consuming, but Apache Gravitino offers the ultimate solution. It provides a single source of truth for multi-regional data with geo-distributed architecture support. This allows you to store and manage your data in one place, accessible from anywhere globally. With unified data and AI asset management, you get centralized security and data access management, making data protection easier. Gravitino helps you focus more on your data by simplifying tasks and offering these benefits:
- Secure and centralized metadata storage and management
- Anytime, anywhere data access
- Streamlined data management with an easy-to-use UI
Gravitino is the ideal solution for simplifying metadata management processes.

Speakers

Justin Mclean

Community Manager, Datastrato

Justin Mclean is a highly experienced professional with over 30 years in web application development, education, and community work, and is an active contributor to open source software. Justin is a renowned speaker at conferences worldwide and currently serves as the Community Manager... Read More →

Tuesday June 24, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Beginner

3:05pm MDT

Noisy Neighbor Detection: A New OSS Collector - Jonathan Perry, Unvariance

Tuesday June 24, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2G

Why do some requests take so much longer than others? A major contributor, memory-related contention between containers, was shown to increase latency by 4-13x. It can be triggered by garbage collection, and existing observability cannot even detect it! Current collectors just show high CPU utilization, and the standard mitigation is to scale out and run at low utilization: expensive, and does not solve the response time problem.

We set out to build a new detector, but found that measuring every few seconds (current practice for collectors) is inadequate. Servers quickly jump between intense resource competition and under-utilization, so averaging over seconds does not show any contention. We needed measurements at millisecond frequency.

This session first examines real-world patterns that trigger interference and surveys methods for detecting memory interference, including findings from Google, Alibaba, and Meta's production environments. We'll then discuss the design of the OSS collector, and how it combines CPU performance counters, eBPF and high-resolution timers to identify noisy neighbors. We close with future directions and opportunities to get involved.

Speakers

Jonathan Perry

CEO, Unvariance

Jonathan Perry is a maintainer of the OpenTelemetry eBPF network collector and CEO of Unvariance, which develops tools to detect and mitigate noisy neighbors. At MIT, he built systems to enhance efficiency and reduce response times by mitigating network contention. Jonathan previously... Read More →

Tuesday June 24, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

4:20pm MDT

Intuit Journey To Unified Observability at Scale: Challenges, Benefits and Lessons Learned - Kalyan Kolachala & Ashwini Dulam, Intuit

Tuesday June 24, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2F

At Intuit we have ~320 Kubernetes clusters running with ~8000 services and ~40 addons in a cluster which generate ~2 billion active time series metrics, 10 million Trace spans/sec and ~ 1.2PB of log data ingested (peak) in a single day. This talk focuses on Intuit’s journey from standalone, siloed, proprietary solutions for logs, metrics and traces to a unified observability solution. This is made possible with a data management architecture that enables seamless navigation and correlation between different observability pillars, usage of AI/ML techniques to quickly detect and isolate problems, UX that brings all the elements of data discovery with an interactive experience and high level features like golden signals, RUM (real user monitoring) and FCI (failed customer interactions). All of this leading to significantly lower MTTD and MTTI. We also discuss the challenges, choices, trade offs, benefits and lessons learned during this journey.

Speakers

Kalyan Kolachala

Director, Development and site head, Intuit

Kalyan is a senior engineering leader with experience in delivering world class, enterprise products and platforms involving SaaS, Kubernetes, Cloud, big data, AI/ML, IoT and observability. At the current job at Intuit and previously at Hitachi Vantara, he has been responsible for... Read More →

Ashwini Dulam

Principal Engineer, Intuit

Ashwini is a Principal Software Engineer for the Intuit Observability and Analytics team in Bangalore, India. One of Ashwini’s current day-to-day focus areas is on the various challenges in building scalable, data and AIOps solutions for solving problems in the observability domain... Read More →

Tuesday June 24, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2F

Cloud + Containers

Audience Experience Level Intermediate

4:20pm MDT

Unveiling Arm Confidential Computing Architecture Software Stack - Kevin Zhao, Linaro

Tuesday June 24, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2G

As confidential virtual machines become mainstream in confidential computing, the Arm Confidential Computing Architecture (CCA) was introduced as a key innovation of Arm v9 in 2021. Linaro has been deeply involved in integrating CCA into open-source projects over the past years.
In this presentation, we'll share the progress of our open-source enablement efforts. This includes the current status of fundamental software support and the next-stage plan for projects such as TF - A, Kernel, and Qemu. We'll also talk about container runtime adoption in Kata containers and Confidential containers. For instance, we'll detail the work on supporting CCA in Kata container runtimes with Qemu backend, like in kata-deploy. The support for guest-components and Trustee in Confidential containers will be covered too.
Remote attestation is another crucial aspect that can't be overlooked. To reduce solution fragmentation in open-source projects for production, Arm and Linaro are collaborating on an end-to-end experimental attestation platform using Veraison project components. We'll present a case study from the Confidential Containers project to show the practical adoption of these technologies.

Speakers

Kevin Zhao

Senior Tech Lead, Linaro

Kevin Zhao is currently the tech lead at Linaro Data Center Group. He has been working on Arm server ecosystem for more than 8 years, including the open source IAAS solutions, distribute storage and confidential computing. Now, he is actively working on Arm Confidential Computing... Read More →

Tuesday June 24, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Beginner

11:00am MDT

The 5 OSS Observability Resource Killers: What You Don't Know Can Cost You! - Amir Jakoby, Sawmills

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2G

Our cloud native world has become more than just tooling, it's an entire ecosystem with many add-ons, complementary tools, when it comes to K8s CRDs, and services that provide its powerful capabilities and infinite scale...but at what cost?

In this talk, we'll share first of its kind research that will highlight the 5 most common OSS cloud native tools killing your observability costs. We'll start by exploring how different observability tools structure pricing, the complexities that compound cost calculation, and especially which OSS tools in your stack are the most resource-intensive services.

You'll discover how you can know whether it's KEDA or Karpenter, ArgoCD or Kyverno ballooning budgets. But don't panic! We'll wrap up with good practices for configuring popular tools to be more economical, so you can leverage the powerful K8s ecosystem without breaking the bank.

Speakers

Amir Jakoby

CTO & Co-Founder, Sawmills

Amir Jakoby is a seasoned technology executive with over 18 years of experience in software engineering, leadership, & product innovation. He currently serves as Co-Founder and CTO of Sawmills.ai. Previously, as VP of Engineering at New Relic, Amir led a global team of 85 engineers... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

11:55am MDT

FoundationDB, the Black Knight - Peter Boros, Tigris Data

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2G

Monty Python’s Black Knight is the opponent that couldn’t lose. Even after all of his limbs were cut off, he offered a draw: “it’s just a scratch.”

FoundationDB (FDB) is a distributed transactional key-value store that is very difficult to defeat just like the Black Knight. Open-sourced in 2018 after an acquisition by Apple, FDB was designed to be a common layer: almost all databases have a backing key-value store. Many have built on top of it including Snowflake, Adobe, & Datadog.

FDB got it right: transactions, distributed by default, and extreme reliability. Kyle Kingsbury (aphyr) the author of Jepsen series on distributed systems correctness, said: "haven't tested foundation in part because their testing appears to be waaaay more rigorous than mine."

We demo a live FDB cluster and try to disrupt its operations. Our attempts are informed by real world experience supporting a metadata service for billions of objects globally.

When we finally succeed, we show how backups and disaster recovery resurrect FDB. We’ll learn about highly resilient design patterns and operations. We have battle scars, and want to help others!

Speakers

Peter Boros

Founding Engineer, Tigris Data

Peter is a founding engineer at Tigris Data. He has been using and working with open source software from early 2000s. Peter's first and foremost professional interest is performance tuning and large scale automation. Before rejoining Tigris Data, Peter worked on large scale MySQL... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

2:10pm MDT

Traefik V4: What We’re Cooking for You - Nicolas Mengin & Emile Vauge, Traefik Labs

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2G

Traefik is one of the most popular open-source projects in the world, with over 3 billion downloads and a top 15 spot on DockerHub. As a powerful Ingress and Gateway Controller, Traefik simplifies exposing, securing, and managing services and APIs dynamically and at scale—whether in simple setups or complex cloud-native environments.

Just one year after the release of Traefik v3, we're already taking things to the next level! In this session, Emile Vauge (Traefik Creator) and Nicolas Mengin (Traefik Maintainer) will unveil the exciting new features coming in Traefik v4, including:
- A new plugin system for even greater extensibility
- Pre-routing operations to optimize traffic handling
- Enhanced TLS certificate management for better security and automation
- Improved configuration management for a smoother experience
- … and much more!

Join us to get a sneak peek at what’s next for Traefik and see how these innovations will make your cloud-native journey even easier.

Speakers

Nicolas Mengin

Head of Development, Traefik Labs

Developer and DevOps - Maintainer of Traefik. Head of Development at Traefik Labs, the company behind Traefik, the popular cloud-native Gateway Controller, and Traefik Hub, a comprehensive API Management solution for Kubernetes. Responsible for overseeing the implementation of... Read More →

Emile Vauge

CTO, Traefik Labs

Emile is a Developer. He created Traefik in 2015 and is now the CTO of Traefik Labs, the company sponsoring the open source project.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

3:05pm MDT

How To Put Swift in a Box: Container Images From Scratch With Swift Container Plugin - Euan Harris, Apple, Inc.

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2G

Containers have changed how we build and run services. The days of FTPing a binary up to a server are gone, because our platforms expect to run containers. We build container images at every stage of development, whenever we want to test our services, and when we deploy them.

If container images are what we need, could our development tools help us build them? Yes, they can! In this talk, we'll take a container image apart, see what makes it tick, then put it back together again from first principles - all using Swift!

Swift is a high performance, memory-safe language which is ideal for server-side development. We will:

* download a container image, take it apart by hand and explore what’s inside;
* cross-compile a Swift service effortlessly to different Linux distributions, on x86 or ARM, statically or dynamically linked, from development environments on macOS or Linux;
* use Swift's pluggable build system to produce container images efficiently and automatically for every build;
* test the image.

Containers are a universal building block of modern services. Even if you're not yet using Swift, these ideas and principles also underpin your current build and deployment workflow.

Speakers

Euan Harris

Software Engineer, Apple, Inc.

Euan builds cloud services and infrastructure using Swift at Apple. He enjoys working with containers, virtual machines, networks and interesting programming languages. Previously, Euan helped maintain Docker Swarm's overlay networking and HTTP ingress, and contributed to XenServer's... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

4:20pm MDT

Beyond Parent-Child: Enhancing Context Propagation With Span Links in Complex Distributed Systems - Haardik Dharma, NYU & Ekansh Gupta, SigNoz

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2G

Context propagation is the cornerstone of observability in distributed systems, but traditional approaches often falter in non-linear workflows like message queues, event-driven architectures, state transitions, or shared resources. Span links powered by OpenTelemetry, bridge this gap by enabling connections between spans across unrelated execution contexts.

This session explores a practical use case where span links augment context propagation in an event-driven microservices system. We'll demonstrate how to track a single user's transaction across services that communicate asynchronously. Using tools like OpenTelemetry and compatible backends, we'll show how span links resolve visibility challenges, uncover hidden latencies, and maintain trace continuity even when the standard parent-child relationships break.

Speakers

Haardik Dharma

Developer, NYU

Haardik is passionate about building scalable backend systems with real-world impact. With extensive experience in cloud services, Kubernetes, and backend development, he has developed solutions that improve efficiency and reduce costs. Currently pursuing a Master’s in Computer... Read More →

Ekansh Gupta

Software Engineer, SigNoz

Ekansh is a Software Development Engineer, with active involvement in various open-source and cloud native communities for upwards two years now. He was previously an SDE Intern at SteamLabs. He is also a speaker for a couple of talks at PyCon, KubeCon and MozFests. Ekansh is a Google... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Any