BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Pentabarf//Schedule 0.3//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-WR-CALDESC;VALUE=TEXT:Containers devroom X-WR-CALNAME;VALUE=TEXT:Containers devroom X-WR-TIMEZONE;VALUE=TEXT:Europe/Brussels BEGIN:VEVENT METHOD:PUBLISH UID:12837@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T100000 DTEND:20220206T103000 SUMMARY:Boot2container: An initramfs for reproducible infrastructures DESCRIPTION:
Fed up with managing your host OS for your docker environment? Try booting your containers directly from a light-weight initramfs! Flash a USB pendrive with the kernel and initramfs, or netboot it locally or from the internet, configure it from the kernel command line. Bonus: It also supports syncing volumes with S3-compatible cloud storages, making provisioning and back-ups a breeze!
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_boot2container/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Martin Roukala":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12558@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T103500 DTEND:20220206T110500 SUMMARY:Debugging in containers DESCRIPTION:A user reports a bug. Its hardware/kernel/data specific. Is it fixed already? How do we get a debug container to the user to use and get meaningful results back?
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_debugging/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Daniel Black":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12618@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T111000 DTEND:20220206T113000 SUMMARY:Devfile file format DESCRIPTION:Red Hat, AWS and JetBrains are working on the Devfile specification. A file format to define container-based development environments. Software development acceleration is the ultimate goal.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_devfile/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Mario Loriedo":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12522@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T113500 DTEND:20220206T120500 SUMMARY:Distributed Storage in the Cloud DESCRIPTION:Cloud brought many innovations - one of them is inexpensive, scalable and sometimes secure Distributed Storage options. In this presentation we will talk about distributed storage Options modern clouds offers ranging from elastic block devices and object storage to sophisticated transactional data stores. We will discuss the benefits and new architecture options such distibuted storage systems enable as well as the challenges pitfals you need to be aware about.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_distributed_storage/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Peter Zaitsev":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12798@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T121000 DTEND:20220206T122000 SUMMARY:Extending Kubernetes with WebAssembly DESCRIPTION:WebAssembly is a portable binary instruction format that was originally created with the browser as the main execution runtime. However, during the last years, WebAssembly is finding its way also outside of the browser because of the many benefits it provides like portability, security and flexibility. We think WebAssembly can be leveraged by Kubernetes in many ways. This short session will focus on how WebAssembly can be used to write Kubernetes admission policies. We will show an open source Kubernetes Dynamic admission controller that uses policies written in WebAssembly to validate and mutate the requests made against the Kubernetes API server.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_k8s_webassembly/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Rafael Fernández López":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12474@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T122500 DTEND:20220206T125500 SUMMARY:Freedom Means That Kubernetes Needs To Disappear DESCRIPTION:We can enable developers to manage everything yet still be in complete control of the aspects they care about.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_k8s_disappear/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Viktor Farcic":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12465@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T130000 DTEND:20220206T133000 SUMMARY:Harbor - The Container Registry DESCRIPTION:Harbor - The Container Registry 101Harbor is an open source registry that secures artefacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted.Harbor, a CNCF Graduated project, delivers compliance, performance, and interoperability to help you consistently and securely manage artefacts across cloud native compute platforms like Kubernetes and Docker.
In this talk:
* Quick project overview and status, what added value can have to your infrastructure.* Demo install and few use-cases* Community walk through - how community works, what meetings we have, how you can participate, what projects we are working on* Getting engaged with the project! - getting stared with contributing - code, docs - 10 min
Running an up-to-date and fully patched cluster is a key element in operational security. But keeping your cluster’s OS up to date can be challenging for ops/maintenance, sometimes imposing significant effort just to keep the lights on while at the same time keep the workloads functioning. This talk will briefly introduce the atomic OS update mechanism in Flatcar Container Linux - a minimal Linux distribution optimised for running containers at scale - before elaborating on common patterns we recommend and employ to make updating nodes and clusters a low-risk and automatable endeavor.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_flatcar_autoupdate/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Thilo Fromm":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12555@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T141000 DTEND:20220206T144000 SUMMARY:A cloud native Kubernetes Global Balancer DESCRIPTION:k8gb is DNS based global service load balancer that can interconnect multiple Kubernetes clusters into one resilient system. Join this talk to learn how it can handle a failover scenario when pods in one cluster go down and second cluster in different location saves the situation.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_k8gb_balancer/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Jiří Kremser":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12806@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T144500 DTEND:20220206T150500 SUMMARY:P2P Container Image Distribution on IPFS With Containerd and Nerdctl DESCRIPTION:nerdctl is a Docker-compatible CLI of containerd, developed as a subproject of containerd. nerdctl recently added support of P2P image distribution on IPFS. This enables to share container images among hosts without hosting or relying on the registry.
In this session, Kohei, one of the maintainers of nerdctl, will introduce IPFS-based P2P image distribution with containerd and nerdctl. This session will also show the combination of IPFS-based distribution with the existing image distribution techniques, focusing on lazy pulling (eStargz) and image encryption (OCIcrypt). The status of integration work with other tools including Kubernetes will also be shared.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_ipfs_image/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Kohei Tokunaga":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12730@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T151000 DTEND:20220206T153000 SUMMARY:Redpak: Ultra light weight container for embedded systems DESCRIPTION:Choosen by the French Government in the Big Cyber Challenge, Redpak is the new embedded container engine to run programs under heavy ressource constraints within microseconds.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_redpak/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Clément BENIER":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12501@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T153500 DTEND:20220206T160500 SUMMARY:Solutions for running MySQL in Kubernetes DESCRIPTION:There are several good MySQL-based Operators in the open-source world, made by Oracle, Presslabs, PlanetScale(Vitess), and Percona. Each of them has its unique architecture inside to guaranty minimal downtime and data loss during failover.Orchestration of MySQL on Kubernetes is a no way a straightforward process. Let's do deep dive into how Operators are working inside and what solution should be used in each particular case.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_k8s_mysql/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Mykola Marzhan":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12654@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T161000 DTEND:20220206T163000 SUMMARY:Userland TCP/IP stack for external container connectivity DESCRIPTION:CodeReady Containers runs an OpenShift cluster on a laptop or workstation using virtualization.
Recent developments have made it possible to skip running the OpenShift runtime, and to use it for the sole purpose of running containers with podman when using macOS or Windows. This talk will focus on one specific part of CodeReady Containers, which is its userland TCP/IP stack based on gVisor. We will explore why this was needed, and how the container -> VM -> host connectivity is achieved.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_userlan_tcpip/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Christophe Fergeau":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12485@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T163500 DTEND:20220206T164500 SUMMARY:What made your container fat? DESCRIPTION:Keeping the size of of your containers small is more important than ever, especially when distributing container images for others to build upon them. However, once multiple container layers get involved, even the data collection aspect becomes challenging and most existing tools do not primarily focus on visualization.
We will present a simple tool that we created for this: it is a simple web app that produces sunburst graphs for each layer of a container image and can thereby aid you in finding out where the size bloat comes from. Go and grab it from https://github.com/dcermak/container-layer-sizes and give it a spin yourself!
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_fat_layers/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Dan Čermák":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12855@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T165000 DTEND:20220206T171000 SUMMARY:An easy and elegant way to manage and build your notebook images DESCRIPTION:Crane is a minimalist open-source image builder, and aims to provide a dead-simple image building experience for your notebook with a beautiful user interface, which could work with your existing ML pipeline and increase productivity for data scientists.
Instead of building an end-to-end solution for MLOps, Crane focuses on one piece of the puzzle and provides a friendly solution to a problem we encountered daily. Building a container, dealing with registries, and keeping track of what you’ve already built, are tedious tasks, but they’re things you need to do often. Let’s build a tool for it and save time for data scientists, then they can focus on the real problems to solve.
When it comes to building a container image, there are lots of gaps to fill. In this talk, we’re going to share why we build Crane, how could it help data scientists, why we choose to build Crane with the community, and what’s the possibilities Crane has to boost productivity for data scientists.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_notebook_images/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Kuan Lin Huang":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12797@FOSDEM22@fosdem.org TZID:Europe-Brussels DTSTART:20220206T171500 DTEND:20220206T174500 SUMMARY:From Singularity to Apptainer DESCRIPTION:Singularity, an open-source containerization platform built for high performance computing use cases and utilized by HPC sites all over the world, was recently moved into the Linux Foundation and renamed to "Apptainer." This presentation will focus on exploring what this change means for Apptainer, including what the current state of the project is, what the priorities for the project in the near-term are, and what the roadmap for the future of the project looks like.
CLASS:PUBLIC STATUS:CONFIRMED CATEGORIES:Containers URL:https:/fosdem.org/2022/schedule/2022/schedule/event/container_singularity_apptainer/ LOCATION:D.containers ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Forrest Burt":invalid:nomail END:VEVENT END:VCALENDAR