Lucas Käldström
Kubernetes contributor, CNCF Ambassador
Running the Kubernetes meetups in Finland
Generic control planes and authorization at Upbound
- Cedar Policy joins the CNCF! 🚀 The cloud native community can now rely on a fast, safe, expressive, analyzable and formally verified authorization library when implementing access control🔓 This is a game-changer for implementing ACLs both safely & quickly aws.amazon.com/blogs/openso...
- This feels very similar to when I first saw Kubernetes more than 10 years ago. A project with the potential to transform an entire industry, with creators that have been facing these problems for a long time, and with already many prior iterations experience is drawn from.
- I gave a quote for the launch blog post as follows: “What I appreciate the most about Cedar is the deep knowledge that is encoded into why it works the way it works… the careful balance between expressiveness and analyzability.”
- Want to know how it could be used in the Kubernetes ecosystem? Check out github.com/upbound/kube... on Github and my talks on the Cedar at Speakerdeck: speakerdeck.com/luxas
- Reposted by Lucas KäldströmTrust in open source communities: figuring out where humans connect (not just companies and tools.) Whom do we trust? Trust requires context and judgement.💯 @sarahnovotny.com #KCDRomandie
- It was super fun visiting KCD Suisse Romande and CERN, and talking about Kubernetes Access Control! 😁 Thanks Ricardo Rocha and team for organizing and @bridgetkromhout.bsky.social for the pictures 🙌
- Much interesting work in conditional authorization for Kubernetes as explained by @luxas.dev. Check out the KEP: github.com/kubernetes/e... #KCDRomandie
- Reposted by Lucas Käldström🚀Crossplane is now a CNCF Graduated Project! 🎓 From an idea at @upbound.io to a global community shaping platform engineering. 💜 3,000+ contribs. 450+ orgs. 100M+ downloads 🔗 www.cncf.io/announcement... #CNCF #Crossplane #Kubernetes #PlatformEngineering
- Super excited to be speaking at KubeCon Atlanta about recent Kubernetes access control developments with @micahhausler.com 🥳🚀
- Very excited to be speaking with @luxas.dev at KubeCon in Atlanta this November! We'll be speaking on how you can better secure Kubernetes, and what the future of K8s authorization looks like sched.co/27FdC
- I'm super excited to organize KCD Helsinki today, with my fellow co-organizers 🔥 📈 300+ attendees from 14 countries gathering at the OP Headquarters 🤩 34 talks across 3 tracks from Finnish and international experts 💡 13+ hours of Kubernetes content Let's go! See you there 🚀
- #KCDHelsinki is on! Looking forward to a really interesting day 🙌 @luxas.dev and @annietalvasto.bsky.social kicking of the morning sessions!
- Reposted by Lucas KäldströmStanding room only at the @crossplane.io v2 session #kubecon
- Reposted by Lucas KäldströmLearning about the history of CEL in Kubernetes. Did you know it was first introduced 10 releases ago!? 🤯 We are fans of CEL in Kubernetes mainly thanks to them making Validating and MutatingAdmissionPolicies possible to avoid those risky webhooks in our clusters! #KubeCon #MaintainersSummit
- Thanks @gregchase.bsky.social for this detailed thread about our talk! 🙌🤩
- Next up: End-to-End Message Authenticity in Cloud-Native Systems #cloudnativerejekts
- Reposted by Lucas KäldströmIf you’re at @rejekts.io in London, I’m speaking in an hour with @luxas.dev at 3:10pm on End to End message integrity in Cloud Native systems! cfp.cloud-native.rejekts.io/cloud-native...
- Super excited to be speaking at Cloud Native Rejekts 💯 We'll talk about "End to End Message Authenticity in Cloud Native Systems" with @micahhausler.com now 🙌 We'll cover how one can use the HTTP Message Signatures RFC 🔒
- Reposted by Lucas Käldström🎉Happy New Year, folks! 📜It's notifications day for those who've submitted to KubeCon. Hence, CFP for #Rejekts2025 London is now open! ♻️Recycle your rejekted KubeCon talks and submit by January 27, 00:00 GMT (final deadline): tinyurl.com/2bsjpupp 🫰🏾Best of luck!!
- Reposted by Lucas KäldströmDidn’t get accepted to #KubeCon? Fear not! Last chance to submit to Cloud Native Day Oslo is today 🚀 It is going to be legendary! sessionize.com/cloud-native...
- Reposted by Lucas KäldströmKubernetes apparently made it into an NCIS episode - DURING KubeCon. I guess theres any clear indicator that K8s has hit peek adoption, its that it gets used as techno-jargon to explain things in TV 🤣 Thanks @thisisnotapril.bsky.social for the find. youtu.be/AzrHurE_PSI
- Reposted by Lucas KäldströmSURPRISE The CFP for KubeCon EU is open for 3 MORE HOURS 😲 Closes at 11:59AM EST!!! GOOOOOO SUBMIT!!!! sessionize.com/kubecon-clou...
- Awesome work from Marek and @madhavjivrajani.bsky.social making the k8s API server cache more efficient! 🔥😍 And I heard more improvements are coming! 📈
- Reposted by Lucas KäldströmA great complement to @_surbaniak's and my talk about API evolution: Nick Young about the things to avoid with CRDs. Must watch when building CRDs. youtube.com/watch?v=k8prMXQtfqY
- Reposted by Lucas KäldströmSecond talk is up: The Missing Talk About API Versioning & Evolution by @_surbaniak and me youtube.com/watch?v=pHRQpqCEvU8
- Reposted by Lucas KäldströmIf you could make everyone understand one truth, what would it be? I'll go first: Very few things in life are zero sum. We are all better off if we find ways for everyone to win instead of thinking that for us to win someone has to lose.
- Reposted by Lucas Käldström[This post could not be retrieved]
- Reposted by Lucas KäldströmYET another bluesky list of k8s folks, this time it's those who directly work in (and members of) various community github orgs. bsky.app/profile/did:... If you are one, add a bluesky url in your github profile and poke me to re-run my script. cc @kubernetes.dev @kubernetes.io #kubecon
- Reposted by Lucas KäldströmSpotted backstage #kubecon
- Reposted by Lucas KäldströmI’m very proud to share that I received “Lift and Shift” award from @cncf.bsky.social, along with my colleague @koksay.bsky.social and some very awesome folks from @kubernetes.io SIG K8s Infra! 🤩 We did some outstanding job, and huge thanks to CNCF for recognizing our work ✨💖
- Reposted by Lucas KäldströmI have the pleasure of speaking about on everything authorization and Kubernetes today at 4:30 in Room 151G
- Reposted by Lucas KäldströmNice Cedar shoutouts in an excellent talk on Kubernetes authorization by @jimmy.zelinskie.com and @luxask.bsky.social!
- Reposted by Lucas KäldströmAbout to watch @jimmy.zelinskie.com and @luxask.bsky.social talk about expanding k8s access control!
- @sttts.social and Mangirdas Judeikis dive deep into Generic Control Planes and kcp, showing what is the future of control planes are, with live demos 🔥🚀
- Reposted by Lucas Käldström
- Reposted by Lucas Käldström(Resurrecting a thread i posted elsewhere!) "I want to contribute to Kubernetes, how do i get started?" First step join kubernetes slack at slack.k8s.io (Join at least #kubernetes-dev) Second step browse the contributor oriented resources at k8s.dev @kubernetes.dev @kubernetes.io #kubecon
- Reposted by Lucas KäldströmIt's happening again! Tomorrow night, 8-11pm here in SLC crepes, Mario kart, and great people (of course boba as well) Bring your friends :) sig-boba.github.io #kubecon
- Reposted by Lucas KäldströmAs you may know Kubernetes API as a suite of tests for conformance to ensure that the developer experience is consistent across Kubernetes distributions. For the longest time we had tech debt in the sense that we did not cover the entire API fully. We have been tracking this for a while!
- Reposted by Lucas KäldströmQuite a lot of discussion around @bsky.app here at #KubeCon, and consensus that it was @kelseyhightower.com 's clear exit from the other place that was the tipping point for the cloud native community coming over here en masse. Thank you Kelsey for your leadership in this and so many other ways.
- @justingarrison.com on what Kubernetes could learn from other orchestrators Favorite quote "Docker Swarm felt like magic. But I don't ship magic to production"
- With shoutout to Sarah Novotny and similar community builders for building such a strong Kubernetes community 🙌
- Let's go! #CloudNativeRejekts
- Reposted by Lucas KäldströmDinner with some amazing folks!!
- Super excited to speak @jimmy.zelinskie.com about "Expanding the Capabilities of Kubernetes Access Control" 🔐 - principles of authorization in distributed systems and cloud infrastructure -ReBAC, CEL, Cedar k8s integrations 🚀 Can we get to a "docker" moment of authz patterns? 👉 sched.co/1i7m9
- Reposted by Lucas KäldströmA fun mini-launch this week: we added Kubernetes authorization examples to the Cedar policy playground! Go try it out! www.cedarpolicy.com/en/playground
- Reposted by Lucas Käldström👋🏼 Good to see you on this side. Welcome to Bluesky. I’ve put together a short starter pack of community members who post technical topics about Kubernetes. Hope you enjoy. go.bsky.app/MHYb3B9at://did:plc:6n3khpmbhb42dwtnf5sjfapg/app.bsky.graph.starterpack/3l7tozhy6s42f
