Sorry, you need to enable JavaScript to visit this website.
Home / Intel in Cloud Native / Events / 2021 / KubeCon + CloudNativeCon Europe Virtual 2021

KubeCon + CloudNativeCon Europe Virtual 2021
May 04, 2021 to May 07, 2021

The Cloud Native Computing Foundation’s flagship conference gathers adopters and technologists from leading open source and cloud native communities virtually from May 4 – 7, 2021. Join containerd, CoreDNS, Envoy, etcd, Fluentd, Harbor, Helm, Jaeger, Kubernetes, Open Policy Agent, Prometheus, Rook, TiKV, TUF, Vitess, Argo, Buildpacks, CloudEvents, CNI, Contour, Cortex, CRI-O, Dragonfly, Falco, gRPC, KubeEdge, Linkerd, NATS, Notary, OpenTracing, Operator Framework, SPIFFE, SPIRE, and Thanos as the community gathers for four days to further the education and advancement of cloud native computing.


Why is Intel here?

With more than 15,000 software engineers, Intel is committed to furthering open cloud innovation. We are in a unique position to bring together key industry players to address the complexity of building for diverse architectures and workloads and enable faster deployments of new innovations at cloud scale. Software is a key technology pillar for Intel to fully realize the advancements in architecture, process, memory, interconnect and security. 

We are continuing to shape the development of Kubernetes by addressing the limitations for low-latency workloads, defining the architecture and requirements for accelerator device plugins, and enabling new features in networking applications. 

Our goal at this event is to raise awareness of Intel’s contributions to open source projects, and to demonstrate the benefits of Intel® architecture across device, edge, and cloud. 

  • Bring awareness and promote the innovative open source projects that Intel contributes to and optimizes for Intel architecture. 

  • Show users new ways to use Intel accelerators in cloud services that provide better performance or enhanced security. 

  • By helping Kubernetes and other open source projects fully leverage platform capabilities, Intel can drive innovation to support rapidly changing demands. 


Intel sessions


Trust No One: Bringing Confidential Computing to Containers

May 7 (Friday), 11:50 - 12:25 CEST


Samuel Ortiz, Intel

Eric Ernst, Apple


Today’s containers run in wildly heterogeneous environments. When deployed on multi-tenant clouds, they can span across nodes, regions, and multiple Cloud Service Providers (CSPs) while sharing CSP-owned resources between tenants. In such hostile environments, protecting containers data and code requires full trust on the CSP stack. Confidential computing leverages emerging hardware technologies to build Trusted Execution Environments (TEE) that protect cloud code and data at rest, in transit and in use, allowing tenants to trust no one but themselves. In this presentation, we will describe cloud native gaps for supporting confidential computing through memory encryption, authenticated launch and application attestability. Attendees will learn how secure container runtimes like Kata can close those gaps and leave with a proposed software architecture to bring confidential computing to cloud native workloads.

Maximizing Workload's Performance with Smarter Runtimes

May 7 (Friday), 12:40 - 13:15 CEST


Krisztian Litkey, Intel 

Alexander Kanevskiy, Intel



Mitigating noisy neighbours in the world of containers is not an easy task. There are several solutions exists and many of those have own limitations. This presentation will be focusing on exploring new ways of innovations for container runtimes that helps get maximum performance and resource utilisation without modifications of the workloads. In this talk we are planning to briefly cover existing extension points for containerd and CRI-O, talk about new ideas from NRI proposal, as well as covering evolution of dynamic resource usage optimisations in our project CRI-Resource-Manager. We want to share our experience on dealing with heterogenous CPU resources, multi-tiered Memory, Caches, Memory Bandwidth and Block I/O usage. We want to demonstrate how using various metrics and hints provided by Linux kernel can lead to improvements of workload performance and dynamic hardware resource utilisation optimisations.

K8s Labels Everywhere! Decluttering with Node Profile Discovery

May 7 (Friday), 13:45 - 14:20 CEST


Conor Nolan, Intel

Dave Cremins, Intel



A recent CNCF community survey showed that 57% of respondents have 100+ machines in their fleet and 17% have more than 5000 machines (including VM, bare metal etc.). When managing such broad and diverse clusters, variations in node capabilities and features are inevitable. So how exactly are individual features tracked on a node-by-node basis? Node Feature Discovery (NFD) is commonly used for basic feature discovery and labelling across a Kubernetes cluster. This talk, however, introduces a new component: Node Profile Discovery (NPD). NPD provides an extra layer of abstraction from NFD, alleviating the burden of managing individual features. NPD is designed to work in conjunction with NFD, aggregating individual features into higher level profiles and applying these profiles to suitable nodes. This talk will show how NPD can make life easier for application developers and sys-admins alike.