Warning - this is a large amount of text highlighting general strategy for my time at this conference. What I deem as valuable may not work for others with separate strategies. See the TLDR of each day if interested in the general overview.
KubeCon has wrapped up and with it I can definitively say that it was the most productive and impactful event in all of my previous KubeCon attendances. I went into this event with a strategy - which included observations and exploration as well as targeted tasks.
First and foremost - I ensured that I more than fulfilled my role in the CNCF as both an Ambassador as well as Technical Lead for the Security Technical Advisory Group (with a change of jackets to-boot). Engaging with other ambassadors (welcoming the new wave) and educating others about how to both apply and think tactically about the application process (willing to explain if interested). As an STAG representative - I had the pleasure of hosting the STAG Kiosk in the project pavilion and answering everyone’s questions while encouraging involvement.
Otherwise my primary strategy went into effect - meeting with all the people I wanted to connect with in-person as well as networking with new people and vendors to “be curious” and understand where and how to apply a new wave of technologies present.
Day 0
TLDR; Public Sector Knowledge share + OSS Strategy
Prior to the official kickoff of KubeCon - Co-located events are in full swing with a focus on specific areas of focus. While there were events I was interested in attending - more so was an invitation from TestifySec to join a Public Sector Event. As public sector is something that I thoroughly believe is one of my fundamental missions, I was ready to participate and engage. Turns out I had more than a few friends present and learned much from others who focus on the public sector missions and problems that we need to collectively solve.
This was followed with catching a few lightening talks before some of my pre-planning went into effect - having the ability to deliver a few Lula demos to those thinking about the automated governance problem space. Real-time feedback and iteration on what works well and what still needs refinement was and is an invaluable process.
Finally closed out the evening by getting some dedicated time to review potential opportunities to collaborate in the OSCAL ecosystem. Brainstorming new ideas that can take recommendations and standards to new heights in a machine-readable execution. (more to follow here)
Day 1
TLDR; Networking + Booth/Kiosk Engagement
With the official first day of KubeCon kicking-off - we embrace the chaos of a long day. Getting the day started with some cardio and weights before hitting the Ambassador breakfast and photo. Seeing the amount of ambassadors present was amazing. A group of people dedicated to being involved with the cloud native community in some way. I was privileged to walk away from breakfast having met some new friends.
Keynotes kicked off with Patent Trolls being a topic first and foremost - an area of discussion that needs to be highlighted so that those impacted know there are entities present to help defend you and your organizations from these attacks.
Then the day really got started - the day was filled with connecting and networking from start to finish. Getting in-person time to provide demonstrations of Lula and the power of Automated Governance while connecting lines and opening new ideas to areas of integration between Lula and other data sources as well as tools.
Spent some time getting to talk to people at the Defense Unicorns booth. Providing explanations of how the company operates, our mission to serve the Department of Defense, and how my sustainably staff Open Source projects that align to the company vision and mission.
The evening wrapped up with staffing the STAG Kiosk in the project pavilion and engaging with the community to spread the word for how the STAG provides thought leadership and opportunities to the community to get involved and help make the CNCF project ecosystem more secure.
Day 2
TLDR; Marine pathways to Tech - Future Collaboration (In-Toto) - Planning and Hard discussions
The true value of this event for me was definitely meeting with people to look at broader problems in real-time and begin to dissect where to take actionable next steps.
I was able to start the day connecting with a fellow Marine who works in tech and public sector. I do believe there is a shared appreciation for how to serve the Public Sector more effectively while continuing to challenge barriers that largely succumb to this ecosystem. Sharing stories as well as ideas for where to improve the underlying baseline for how collaboration occurs - as well as opportunities to collaborate on common problem sets.
Much as the previous day - tracking down people who can provide insights - meeting with interested parties in Lula and providing demos. The attestation ecosystem and Lula look to have many possibilities for where to take the intersection of Automated Governance (more to explore). I have more learning to do here - but the security control assessment process and what happens to that evidence and output feels ripe for attestations - but the reverse could also be true - where attestation are evaluated for assessments. This creates an almost many-to-many potential for attestations and OSCAL - which will be interesting to develop.
The STAG leadership (Tech Leads and Chair) had a chance to sit down and discuss everything from how we might grow the community - barriers preventing people from returning to participate and hard discussions of areas that need significant work -> From the TOC on down. I do believe it is important to challenge assumptions and we did just that - looking at the state of Open Source engagement falling over the last year as a result of economic pressures - and thinking about how we can respond to bring in new contributors when sorely needed.
Day 3
TLDR; Process - Iterate - ideate
As the week was beginning to wrap up - it was time to approach the last day with direct intent to figure out what information is still needed or ambiguous. I reflected the night prior and made some issues where applicable in order to follow up with maintainers on the previous day and clarify intent and direction. The synchronous time in-person can not be understated as valuable to velocity when attempting to drill into meaningful direction of near-term intent.
That is exactly what this day included - a list of people to follow up with and ensure previous days discussions were decomposed well and we all knew what actions were needed next.
Summary
I cannot stress the importance and value that comes with synchronous time with people. Time to dedicate focus on abstract objectives and challenge each others assumptions. I easily walked away from this event having more of an understanding of how to enable velocity of my current OSS objectives, that would have been harder to come by otherwise.
You’ll note I discuss presentations very little in this dissection. I attended a few talks in support of the presenters and their time and effort dedicated to being on stage. That said, with all presentations now being available on Youtube - I opt to maximizing my time face-to-face with people over times sitting in presentations.
Overall I would rate this as my most successful KubeCon to-date.