FOSDEM 2020

B3 Init

Jonas Linde <jonas.linde@b3.se>

Day 1

2020-02-01

img/fosdem.png

How Containers and Kubernetes re-defined GNU/Linux

Cloud computing with vertical lock-in is undermining software freedom
But Docker and Kubernetes is changing the way we deliver software
Docker for packaging
Kubernetes for orchestration
Kubernetes Operators for full service delivery

img/kubernetes.png

Fixing the Kubernetes clusterfuck

Falco - Wireshark for kernel packages
Built on top on IPF
Can monitor and prevent malicious behaviour
Demo - privilege escalation in Kubernetes

img/falco.png

Google vs Oracle

US Supreme Court case about Java2 SE in Android
Google took a bunch of declarations
- there is only one way to do this so copyright can’t cover that
- it’s fair use
Oracle
- the API is a creative literary work
- fair use is not allowed to displace market shares
Google won twice in district court and lost twice in appellate court
Supreme Court Final decision in June

img/google-oracle.png

Day 2

2020-02-01

img/fosdem.png

Identity box

Public key ≈ identity but not enough
A decentralized ID resolver must be built on a decentralized network
A decentralized network need static nodes
Identity Box is a small device that can be such a node
It can also handle one or more Self-sovereign ID:s

img/idbox.png

SCION

People often try to solve internet on top of internet
Routing is hard
SCION has decentralized routing
The end host defines the path
It can coexist with IP
Scalability, Control and Isolation on next-generati On Networks

img/scion.png

CfgMgmtCamp

2020-02-03 – 04
aka Days 5 – 7
@HoGent - Hogeschool Gent

img/cfgmgmtcamp.png

The Configuration Complexity Clock

Scripts
Config Values
Rules Engine
DSL
GOTO 1

[The Configuration Complexity Clock]

Pulumi

Orchestrating Cloud infrastructure is complex
Using YAML doesn’t make it less so
Programming languages are better at handling complexity
Pulumi is a cross cloud infrastructure as code tool
It supports Node and Python
and .NET and Go in beta

img/pulumi.png

Nomad

Container orchestration without the K8s complexity
Only cluster management and scheduling
Add other components as needed
- service discovery
- monitoring
- secrets management
- …
By HashiCorp

See you there next time!

FOSDEM: 2021-01-30 – 31
CfgMgmtCamp: 2020-02-01 – 03

[206 Partial Content]