Marcus’s upcoming schedule

Cloud Native Rejekts

Kubernetes Pods may be the smallest deployable units in your clusters, but they hold hidden complexities that even seasoned users can overlook. If you think you know everything about Pods — think again!

This talk is designed to take you on a deep dive into the world of all things Pods, covering both the familiar and the obscure.

Starting with a quick overview of the basic architecture, we’ll then move into more nuanced territory — exploring topics like Pod readiness probes, lifecycle hooks, runtime classes, and the multitude of different container types that can be used. We’ll also discuss common misconceptions, gotchas that can trip you up in production, and offer some best practices suggestions along the way.

By the end of this session, you’ll have a deeper understanding and appreciation of Pods and the knowledge to leverage them expertly in your Kubernetes clusters.

30 March 2025

KCD Budapest

Dynamic admission controllers have long played a pivotal role in enhancing the robustness and adaptability of clusters. For instance, ValidatingWebhookConfiguration empowers users to implement finely-tuned access controls beyond the capabilities of RBAC and MutatingWebhookConfiguration provides advanced defaulting logic for all resource. However, this often comes at a price – the ease with which they can be misconfigured, potentially leading to cluster disruption and downtime.

Historically, we’ve accepted this fragility as an inevitable trade-off for greater control over our clusters. But that ends now!

Enter CEL-based, in-process Admission Policies!

In this talk we’ll look at what makes ValidatingAdmissionPolicies and MutatingAdmissionPolicies a safer choice, we will dive into the features & limitations and draw comparisons with their webhook-based alternatives, highlighting problems they solve. Finally, we’ll walkthrough how you can leveraging them today and look at the future.

24 April 2025