►
From YouTube: KCD UK 2021 | Day #1 Track #1
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
C
E
Good
morning,
hopefully
we
are
live.
Is
this
thing
on
somebody?
Tell
us
please,
because
we
can't
see
it
welcome
folks,
I
can't
believe
we've
actually
done
it
paula.
We
are
here,
welcome
to
kubernetes
community
days,
uk
2021,
unfortunately
we're
not
in
person.
It
would
have
been
fantastic
to
to
be
together
and
bring
together
all
the
communities
in
the
uk,
but
that
was
not
to
be
so
we're
kind
of
virtual,
along
with
a
couple
of
in
part
in
person
watch
parties.
E
I
am
in
sunny
manchester
at
the
manchester
watch
party,
so
you
can
come
to
work
life
here
in
manchester
and
join
us.
We
get
going
with
today's
schedule,
there's
some
thank
yous
and
things
that
we
need
to
run
through.
So
if
you
could
give
me
the
next
slide,
please
paula!
So
thank
you
to
all
our
speakers.
E
We're
going
to
see
some
fantastic
talks
over
the
next
couple
of
days.
I'm
not
going
to
name
them
all
at
this
point,
but
they're
all
great
I've.
I've
personally
read
all
of
these
abstracts.
They
look
fantastic.
So
next
slide,
please
paula!
So
big!
Thank
you
to
our
sponsors
and
without
sponsors.
None
of
these
community
events
could
be
possible,
we'll
be
giving
some
more
information
about
the
sponsors
later,
but
thank
you
to
tram
shed
for
our
technical
stuff.
E
Thank
you
to
snake
control,
plane
jet
stack,
cystic
and
storage
os
next
slide.
Please
thank
you
also
to
our
workshop
providers.
Jet
stack
control,
plane,
souza
solo,
dot,
io
container
solutions
and
sneak
some
fantastic
stuff.
There
that's
gonna,
be
presented
all
free,
so
please
support
our
sponsors
and
go
and
check
those
workshops
out.
I
should
have
done.
Oh
thank
you
also
to
our
watch
party
sponsors
tramshed
for
the
watch
party
in
cardiff
and
soft
iron,
who
are
sponsoring
the
work
the
watch
party
here
in
manchester.
E
So
I
guess
before
we
go
any
further,
I
should
probably
do
some
quick
introductions
which
I
completely
forgot
to
start
with.
So
for
those
of
you
who
don't
know
me,
I'm
matt
jarvis,
I'm
director
of
developer
relations
at
sneak
and
I'm
joined
by
my
fantastic
co-organizer,
paula
kennedy
this
morning,
and
I
think
it's
over
to
you
for
this
next
bit
right,
paula,
oh.
C
Thank
you
so
just
to
introduce
myself
thanks
matt,
my
name
is
paula
kennedy.
I
am
ceo
of
a
startup
called
cintaso
and
I
am
so
excited
to
be
part
of
this
community
and
to
have
worked
with
my
co-organizers.
To
put
this
event
on,
we've
got
a
couple
of
more
thank
yous,
just
a
shout
out
to
our
charity
partners
who
you'll
be
hearing
a
bit
more
from
later
today,
they'll
each
be
doing
a
talk
to
tell
us
about
what
their
their
work
is,
and
so
before
we
kick
off,
I've
got
just
some
housekeeping
activities.
C
So,
first
of
all
just
a
reminder:
we
are
governed
by
the
linux
foundation
code
of
conduct.
So
even
though
this
is
a
virtual
event,
it's
still
important
that
we
follow
the
code
of
conduct
and
that
we
are
kind
to
each
other.
If
there
are
any
issues
at
all
that
you
see
or
that
you
experience
personally,
please
feel
free
to
contact
the
organizers.
You
can
message
us
at
hello
at
kcduk.io
or
via
slack.
C
Just
a
reminder
of
the
fantastic
organizing
team
that
we
have,
you
can
see
all
of
our
names
here,
we're
all
in
slack
and
if
you
email
that
hello
dot,
io
email
address,
the
email
will
come
to
all
of
us
and
if
there
are
any
code
of
conduct
issues,
we
will
take
them
very
seriously
to
join
the
conversation.
Please
join
us
on
the
cncf
work.
Slack
workspace.
C
If
you
haven't
already
joined
the
joining
instructions,
are
here
on
the
screen.
You
just
need
to
go
to
slack.cncf.io
and
then
you
can
join
the
slack
workspace
and
find
us.
We
have
a
few
channels
set
up.
We
have
the
kcd
uk
one
for
general
conversation,
so
you
can
introduce
yourselves,
have
network,
have
some
conversations
and
then
we
have
two
specific
track
channels
for
asking
questions
to
each
of
the
speakers.
So
we
have
a
track
one
and
a
track.
Two.
Our
speakers
will
be
in
those
slack
channels,
so
they
should
be
able
to
answer
questions
directly.
C
C
Finally,
we
have
some
amazing
cool
swag
to
give
away.
So,
if
you
haven't
yet
registered,
you
can
sign
up
at
kcduk.io
and
get
some
cool
swag
we're
on
twitter,
so
our
twitter
handle
is
kcd.
Uk
underscore
io.
Our
hashtag
is
ktduk.
I
feel
like
I'm
going
to
be
saying:
kcd
uk
quite
a
lot
over
the
next
couple
of
days,
and
obviously
we
have
our
youtube
channel
where
you'll
be
able
to
see
each
of
the
talks
stream
separately
and
the
way
that
this
event
is
working
with
our
tram
shed.
C
C
F
H
Thank
you
so
much
matt
and
thank
you
so
much
paula,
hi.
Everyone
welcome
to
kubernetes
community
days,
uk
I'm
cheryl
hung
and
honestly.
I
am
more
excited
about
this
talk
than
probably
any
I've
given
in
the
last
year,
and
the
reason
for
that
is
that
it's
been
a
long
time
since
I've
spoken
completely
freely,
I'm
no
longer
at
cncf
and
I'm
not
speaking
on
behalf
of
apple
either,
who
I
joined
last
week.
So
today
I
am
just
cheryl
speaking
purely
on
behalf
of
cheryl.
H
I
don't
even
have
any
slides.
So
I'm
just
going
to
talk
straight
to
you.
First
of
all,
today,
I'm
not
going
to
talk
to
you
about
why
you
should
go
cloud
native
or
anything
like
that
for
one
thing
since
you're
here
I
assume
you
already
know
about
cloud
native.
H
So
I
have
three
messages:
here's
the
three
messages
that
I
learned
number
one
after
cncf,
you
could
be
number
two
failure.
Is
an
option.
Number
three
treat
your
career
like
a
portfolio
the
first
one.
This
first
story
comes
from
when
I
was
interviewing
to
join
cncf-
and
I
was
sitting
here
in
my
kitchen
waiting
for
my
telephone
interview
feeling
a
bit
nervous.
You
know
butterflies
in
the
stomach,
watching
the
minutes
count
down
until
the
phone
rang.
So
I
pick
up-
and
I
say
hi
this
is
cheryl
and
this
voice
booms
back
at
me.
H
Hi
cheryl,
I'm
dan
khan
executive
director
at
cncf
and
after
you
leave
cncf,
you
could
be
executive
director
of
your
own
foundation
or
you
could
found
your
own
company
or
you
could
go
into
vc
and
I
was
like
oh
hold
on
wait,
wait
a
second!
I
wait.
I
thought
I
was
supposed
to
be
persuading
you
that
I
would
be
good
enough
to
do
this
job.
I've
never
been
to
a
job
interview
where
the
first
thing
that
they,
the
interviewer
said,
is
after
you're
done
with
this
job,
but
working
with
dan.
H
I
realized
that
is
exactly
how
he
thought
all
of
the
time
he
was
never
about.
Are
you
good
enough
to
do
this
thing
today?
He
always
thought.
How
could
I
set
you
up
in
the
future
so
that
in
the
future,
you'll
have
even
more
opportunities
to
do
those
things
that
you
want
and
to
do
the
things
that
you
can't
do
now
and
I
try
and
take
that
and
apply
that
to
all
of
my
interactions
when
you
have
some
success.
H
Think
about
how
you
can
share
and
how
you
can
pass
on
those
opportunities
and
especially
to
underrepresented
groups
as
a
minority
in
tech,
I'm
suspicious
towards
organizations
who
proclaim
how
diverse
and
inclusive
they
are
and
what's
made.
The
biggest
difference
to
my
career
is
individuals
who
say
I'm
going
to
take
a
chance
on
you,
because
I
believe
you're
capable
of
doing
something,
even
if
you've
never
done
it
before,
and
I
feel
very
privileged
to
be
able
to
do
that,
for
others.
H
The
opposite
mindset,
and
probably
the
worst
managerial
advice
I
ever
received,
is
as
a
manager
just
push
work
onto
other
people.
You
know,
in
other
words,
managing
people.
It's
just
about
pushing
work,
getting
rid
of
work.
You
don't
want
to
do
yourself
forcing
other
people
to
do
it.
It
creates
a
lot
of
resentment
and
it
particularly
doesn't
work
in
open
source
where
people
don't
report
to
you
so
instead
think
about
how
do
I
set
you
up?
How
can
I
set
you
up
for
the
future?
H
If
you
think,
resources
are
scarce
and
finite
and
failure
is
not
an
option,
then
you'll
never
do
anything
unless
it
directly
ties
back
to
your
own
goals,
and
then
you
only
do
those
things
as
cheaply
as
you
possibly
can.
Instead,
a
mindset
of
abundance
says
you
can
always
find
something
to
share.
Share
your
advice.
Share
your
experience.
H
This
brings
me
to
my
third
story.
The
third
story
is
treat
your
career
like
a
portfolio.
This
is
a
few
years
down
the
line.
I
was
becoming
more
established
within
the
open
source
community.
I
was
receiving
more
outside
invitations
for
paid
speaking
engagements
and
to
advise
startups,
and
I
asked
chris
anchor
who's
the
cto
of
cncf.
H
H
H
Number
three
treat
your
career
like
a
portfolio
diversify
meet
lots
of
people
outside
your
current
team
or
your
organization,
so
you
can
discover
those
hidden
opportunities
and
since
you're
already
at
kubernetes
community
days
uk.
This
is
the
perfect
time
to
try
those
three
things
out.
Think
about
what
advice
or
opportunities
you
can
share
reach
out
on
slack
to
the
people
that
you
don't
know
or
reach
out
to
me.
I'm
on
twitter
or
shower
and
get
over
that
fear
of
embarrassment,
because
failure
is
an
option.
H
E
Thank
you,
cheryl.
That
was
fantastic.
I
I
think
that's
a
brilliant
choice
and
you
know
really
thought-provoking.
Have
you
actually
started
your
new
job
yet.
E
Awesome
brilliant!
Well,
I
mean
it's
a
big
loss
to
to
the
cncf
community,
but
good
luck
to
you
in
all
of
your
future
endeavors.
You
know
it's
been
an
absolute
pleasure
working
around
events
and
things
with
you
over
the
last
few
years.
H
Likewise,
and
one
of
the
things
that
I
really
value
about
community
is
people
are
people,
you
know
just
because
I'm
going
to
a
different
company
doesn't
mean
that
I'm
disappearing
forever,
so
I've
loved
working
with
this
community
and
I
fully
intend
to
keep
working
with
it.
As
long
as
I
possibly
can.
E
Great
stuff-
well,
hopefully,
you're
not
too
busy
today
to
hang
around
and
catch
some
of
the
fantastic
speakers.
We've
got
coming
up
and
thank
you
again
for
for
joining
us
and
for
opening
the
show.
So
I
guess
without
further
ado,
we'll
hopefully
move
on
paula.
Do
we
know
what's
happening
with
our
technical
issues
at
the
minute,
or
are
we
going
to
come
back
to
that
and
explain
a
bit
later.
C
Yeah
apologies
folks.
We
had
some
slight
technical
difficulties,
but
we
are
frantically
in
the
background
trying
to
update
the
twitter
page
and
the
kcd
uk
dot
io
website
so
that
you've
got
the
up-to-date
youtube
link.
Although
I
guess,
if
you're
hearing
me,
you
must
already
have
the
link.
So
that's
kind
of.
E
E
C
Not
just
whilst
we're
waiting
for
our
next
speaker,
why
don't
I
do
a
quick
readout
for
sneak
who's,
one
of
our
diamond
sponsors.
So
just
a
quick
bit
information
about
sneak.
They
are
a
cloud
native
application
security
leader.
They
enable
2.2
million
developers
to
build
securely
with
a
vision
to
empower
every
modern
developer
in
the
world
to
develop
fast
and
stay.
Secure.
C
Only
sneak
provides
a
platform
to
secure
all
of
the
critical
components
of
today's
cloud
native
application
development,
including
the
code
open
source,
libraries,
container
infrastructure
and
infrastructure
as
code
sneaks
developer.
First
approach
enables
technology
driven
companies
to
scale
security
in
today's
fast-paced,
digitally
transforming
world
sneak's
security
platform
is
powered
by
its
industry-leading
proprietary
vulnerability
database
maintained
by
the
expert
sneak
security
research
team
that
also
powers
security,
solutions
from
strategic
partners
such
as
atlassian,
datadog,
docker,
ibm
cloud,
rapid7,
red
hat
and
trend
micro.
E
Excellent,
thank
you
for
that
paula
and
sneak
also
pay
my
salary.
Yes,
so
clearly
I
am
horribly
biased,
but
and
that
that's
a
that's
a
really
good
timing
as
well,
because
our
our
next
speaker
is
is
I'm
sure,
familiar
to
to
many
of
you
in
the
in
the
community,
certainly
familiar
to
me
as
I
work
with
him
every
day,
and
so
let's
bring
gareth
rushgrove
onto
the
stage.
E
Hi
everyone
hi
gareth,
hey
good
morning.
Thank
you.
We've
come
to
you
a
little
bit
early,
but
you
know
as
unsurprisingly,
all
the
things
have
fallen
over
this
morning
already,
but
hopefully
we're
getting
back
on
track
now.
E
Right
so
shall
we
give
gareth
the
floor.
I
Yeah,
okay,
so
good
to
meet
everyone
I'll
jump
in.
I
will
jump
into
slides
shortly,
but
just
to
say
hi,
I'm
gareth,
ruskarov
vp
of
products
at
sneak,
also
sort
of-
I
guess
like
well,
I
say
occasional,
but
it's
far
too
much
time
spent
hacking
on
open
source
projects
for
a
good,
while
now
probably
most
recently
with
contest
and
open
policy
agent,
but
around
the
kubernetes
community
and
docker
community
and
public
community
and
a
bunch
of
others.
I
Fantastic,
so
welcome
everyone,
I'm
going
to
talk
about
software
bill
of
materials
for
cognitive
applications,
but
don't
worry
if
you
don't
know
what
software
builder
materials
is
I'll
do
a
bit
of
an
introduction.
There
isn't
a
super
deep
dive,
talk,
we're
not
going
to
see
loads
of
demos
and
examples
and
get
into
the
weeds
of
this.
I
really
want
to
just
put
this
in
people's
heads.
Get
people
started
thinking
about
this
space.
Tell
you
about
a
bunch
of
the
interesting
things
that
are
happening
and
maybe
give
you
some
homework.
I
If
this
is
of
interest
to
you,
as
mentioned,
I'm
a
gal
struck,
a
vp
of
product
speak
and
a
whole
bunch
of
other
things
when
I'm
not
doing
that,
including
curating.
The
devops
weekly
email
newsletter.
I
I
Okay,
so
what
is
a
software
bill
of
materials
this?
This
might
be
something
that
you've
come
across
before
it
might
be
something
that
you
never
come
across
at
all,
but
I
don't
think
it's
something
that
will
be
fundamentally
unfamiliar
and
when
you
sort
of
work
out
what
it
is,
but
here's
a
description
that
I
think
sort
of
encap
and
it
sums
it
up
really,
it's
a
complete,
formally
structured
list
of
components,
libraries
and
modules
that
are
required
to
build
a
given
piece
of
software
and
that
and
the
supply
chain
relationships
between
them.
I
I
But
why
is
this
interesting?
Why
is
this
something
that
maybe
isn't
just
part
of
how
we
work
already
and
why
is
it
interesting
now
in
particular,
there
are
a
number
of
different
use
cases
for
like
having
a
list
of
all
the
software
in
all
your
software,
and
I
think
these
three
sort
of
sum
it
up
to
a
degree
like
you've
got
sort
of
intellectual
property
management
problems
and
that
might
be
compliance,
oriented
that
might
be
export
rules
and
that
might
be
open
source
license
issues.
I
Probably
the
one.
That's
bubbling
up
more
and
more
recently
is
software
supply
chain
security
that
we're
much
more
conscious
today
than
maybe
when
a
lot
of
the
technology
we
use
was
built
and
designed
that
there
are
risks
inherent
in
how
we
build
software
and
open
source
is
undeniably
good
at
many
different
things,
but
it
absolutely
means
that
the
number
of
contributors
to
the
piece
of
software
that
you're
producing
is
a
lot
greater
than
you
can
probably
reasonably
fathom
you're
getting
software
from
lots
of
places.
I
It's
coming
through
various
different
tools,
build
systems,
source
control
systems,
a
compromise
at
any
one
of
those
points
potentially
opens
you
up
to
an
issue
yourself
and
we're
seeing
more
of
those
attacks.
We're
seeing
attacks
on
the
sort
of
like
package
management
infrastructure,
we're
seeing
attacks
on
source
code
management
systems
and
so
understanding
what
goes
into
your
software
is
the
first
step,
arguably
to
being
able
to
maybe
reduce
the
risk,
maybe
manage
some
of
those
vulnerabilities
and
understand
them.
I
End
of
life
like
when,
when
is,
is
something
in
your
chain
actually
no
longer
maintained,
and
there
are
also
just
requirements
around
high
assurance
systems,
like
not,
everyone
is
going
to
be
working
in
a
sort
of
high
security,
high
threat
environment,
but
at
some
point
those
environments
were
very
niche.
They
were
very
much
in
the
sort
of
government
military
industrial
sort
of
complex.
I
Today,
that's
less
true
and
what
is
critical
infrastructure
is
a
good
academic
debate,
but
it's
becoming
broader
than
taking
down
like
the
internet
and
mobile
phone
signals,
like
those
things,
are
life
impacting
at
this
point
in
a
way
that
maybe
they
weren't
20
years
ago,
so
software
supply
chain
security.
I
I
think
there
are
multiple
aspects
to
it,
but
fundamentally
understanding
what
is
in
the
software
we're
shipping,
I
think,
is
part
of
it.
And
last
but
not
least,
I
think
there
are
a
number
of
interesting
use
cases
just
on
asset
management
and
that
title
I'm
not
sure
about,
because
it
sounds
boring,
and
I
don't
think
it
is.
I
think
there's
all
sorts
of
interesting
use
cases
that
if
we
knew
what
software
we
were
running,
we
could
actually
like
come
up
with
and
solve
just
research
around
usability
and
usage
is
interesting
process
improvements.
I
Why
is
this
organization
using
103
different
versions
of
open
ssl
is
probably
a
good
question,
but
not
when
we're
even
capable
of
knowing
the
answer
to
the
number
of
things
we're
using
today
in
lots
of
cases
so
search
and
visibility
built
on
top
of
good
software
build
materials
infrastructure,
I
think,
is
in
the
future,
but
I
think
powerful
for
a
number
of
different
problems.
I
But
why?
Now
because
this
doesn't
feel
like
a
sort
of
a
problem
that
is
brand
new
and
yes,
maybe
the
security
stuff
is
more
in
the
news
today,
it's
more
powerful
today.
There
are
more
threats
today,
but
this
doesn't
feel
like
something
that
someone
has
just
invented
and
it's
not
the
conversations
about
software
build
materials
date
back
and
probably
from
the
start
of
really
software
being
composed
of
multiple
parts.
I
I
There
have
been
conversations
in
like
sort
of
strange
corners
of
fosdem
about
licensed
compliance
that
I
hang
around
with
they've
been
standards,
bodies
or
people
very
close
to
governments
that
scale
problems.
The
good
news
is
a
lot
of
that.
Work
has
laid
the
groundwork
for
us
to
actually
be
a
lot
further
forward
now
than
we
might
otherwise
be,
and
what's
really
lighting
a
fire.
I
I
think,
under
a
lot
of
those
conversations
and
taking
them
from
being
maybe
a
more
academic,
slightly
standard
geeky
type
place,
I'm
happy
in
to
something
that
I
think
is
going
to
become
a
lot
more
mainstream
over
the
next
12
to
18
months,
and
that
was
an
executive
order
by
the
biden
administration
back
in
may,
and
this
mandates
not
just
a
load
of
sort
of
work
on
actually
finishing
a
bunch
of
this
standards,
work
and
publishing
guidance
and
recommendations
from
the
u.s
government,
but
it
mandates
adoption
of
those
by
u.s
government
entities.
I
Now
that
you
might
think
is
I
well
we're
not
in
the
u.s
you're,
not
selling
to
the
u.s.
Who
cares
the
supply
chain
impact
of
that,
given
the
number
of
companies
that
are
and
who
are
selling
into
the
us
are
selling
into
the
uss
supply
chain
is
actually
huge.
So
I
think
the
impact
of
this
will
take
time
but
will
be
felt
everywhere.
I
I
I
think
you
will
see
adoption
of
this
in
some
cases,
probably
too
quickly
and
other
cases
not
fast
enough,
but
there's
a
lot
of
history
and
background
that
if
you
are
interested
in
the
sort
of
anthropology
and
there's
all
history
here,
definitely
worth
digging
into
shout
out
to
the
ntia
in
the
us,
national
telecommunications
and
information
administration.
I
Probably
not
a
government
agency
you're
super
well
familiar
with.
They
don't
have
exciting
tv
programs
following
their
agents
around.
As
far
as
I
know,
but
they've
been
doing
some
really
good
work,
which
was
very
much
focused
on
like
a
multi-stakeholder
process.
They
weren't
trying
to
make
decisions.
They
weren't
trying
to
mandate.
They
were
trying
to
bring
often
quite
opinionated
people
who
disagreed
violently
together
over
several
years,
really
to
sort
of
work
out
some
of
the
consistent
items
of
what
we,
what
everyone
cared
about,
rather
than
what
some
people
cared
about.
I
There's
also
a
lot
of
work
going
on,
and
I
think
some
of
this
has
been
going
on
at
the
same
time,
but
a
lot
of
it
was,
I
think,
probably
accelerated
the
dates
sort
of
add
up
in
around
sort
of
frameworks
that
we
can
adopt
to
apply
some
of
the
the
sort
of
standards
that
are
emerging
like
these
are
good
starting
points.
I
Oh,
what's
have
the
software
component
work
more
recently,
microsoft
with
skim
and
the
cncf
themselves
have
published
a
really
good
document
as
part
of
the
security
work,
so
software
supply
chain
best
practices.
All
of
these
are
interesting
to
look
at
that.
They
solve
different
problems.
Different,
like
sort
of
some
of
them
are
very
recent.
Some
of
them
are
a
bit
more
mature.
I
I
I
touched
on
something
there
as
well,
which
was
a
bit
more
detailed,
a
bit
more
on
the
technology
side
that
there
are
emerging
standards
here
to
help
us
reason
about
like
technically
okay.
What
is
a
software
build
material
because
it's
fine
to
say
it's
a
list
of
software,
but
you
can
go
well
like
okay,
here's
a
spreadsheet,
here's
another
spreadsheet!
Here's
a
word
document!
Here's
a
pdf
here
is
a
text
file.
Here's
a
csv
file.
All
of
those
are
software
builder
materials.
I
They
are
all
lists
of
the
software,
but
not
only
are
all
of
those
in
different
file
formats,
they're,
probably
all
in
different,
like
naming
conventions
and
version
formats,
and
they
include
different
bits
of
information
and
there's
like
it's
fine,
if
you
want,
if
you
think
this
is
a
tick
box
exercise,
that's
probably
fine,
and
someone
gives
you
one.
You
take
a
box
and
say:
yes:
we've
got
software
materials.
Job
done,
move
on
you're,
never
going
to
consume
it.
No
one's
ever
going
to
use
it.
That
sounds
like
a
waste
of
time.
I
What
we
need
there
to
make
this
work
are
interoperable
standards.
We
need
ultimately
producers
and
consumers
to
agree
on
what
we
mean
technically
about
our
water
supply.
Bill
materials
is,
and
this
is
the
important
work
that
has
been
going
on.
I
think
for
a
while,
and
now
suddenly
is
meeting
user
demand
and
user
need,
and
there
are,
I
would
say,
really
two
clear
standards
that
are
probably
both
going
to
be
to
some
extent
widely
adopted,
at
least
to
start
with.
I
One
is
cyclone
dx,
which
was
actually
originally
sort
of
not
directly
spun
out,
but
as
a
result
of
work
that
went
on
the
dependency
check
project
from
owasp
and
actually
now
the
cyclone
dx
project,
which
was
spun
out
separately
and
has
been
a
community
effort
very
much
open
source
centric
has
actually
now
just
become
a
first
class
or
what
project,
and
so
I
think,
having
that
banner
will
help
it
grow
and
there's
lots
to
like
about
the
how
they're,
publishing
schemas
and
how
the
interaction
works.
I
Turn
up
and
pull
request
issues
very
much:
a
sort
of
open
source,
centric
sort
of
development
model,
spdx
that
you
might
have
come
across
for
its
list
of
economical
list
of
license
identifiers,
but
actually
the
sbdx
project
is
broader
than
that.
It's
about
software
package
data
exchange,
it's
been
standardizing
in
on
software,
build
materials
bits
for
a
long
time.
There
is
a
stable
spec
and
it's
actually
just
been
going
through.
Basically
iso
certification.
I
So
there's
nicer
standards
around
this
now
the
new
sddx3
bit
as
well
solves
some
of
the
more.
I
think
supply
chain,
oriented
problems
and
it's
looking
quite
promising,
but
it's
still
early,
so
there's
a
bunch
of
history,
and
so
some
of
the
people
involved
might
say
these
are
not
emerging.
These
are
in
common
usage.
I
I
think
they
are
in
specific
places,
but
not
broadly.
These
are
not
embedded
everywhere
and
I
think
that's
what
we
probably
need
to
see
just
to
really
get
the
benefits
and
see
software
dog
materials
become
a
thing
that
actually
everyone
talks
about,
or
at
least
doesn't
talk
about
that
maybe
users
and
benefits
even
without
knowing
about
it.
I
There
are
commonalities
between
these
two,
which
is
good,
and
there
are
already
tools
that
allow
some
interop
you
could
get
into
arguments
about.
Why
are
there
two,
rather
than
one
there's
an
x-killer?
You
see
a
xkcd
joke
about
that
somewhere,
but
there
are,
but
there
are
common
elements
and
other
standards
could
emerge
here
that
address
the
same
set
of
common
elements
and
again,
I
think,
will
happen
as
an
interrupt
sort
of
conversation
already,
but
these
are
the
sorts
of
things
that
you're
talking
about.
Okay.
I
I
What
software
does
this
relate
to
you'll
know
from
whatever
package
management
tool
chain
you're
using
there
are
the
dependencies
you
include,
and
there
are
the
transitive
dependencies
that
come
along
for
the
ride
and
maybe
transitive
distractions
and
transit
into
transitions
of
transitions
and,
like
there's
a
long
chain
there,
that
the
relationship
is
is
just
as
important
as
the
individual
bits
of
software
themselves
and
who
created
it,
and
when-
and
these
are
the
sort
of
core
tenets,
I
think
core
elements
of
the
software
villain
materials
like
you
can
go
beyond
this.
I
What
other
information
is
there
about
this
software
that
might
be
useful
to
the
consumer
and
and
again
for
both
the
cyclone,
dx
and
sdx?
There
are
schemas
that
describe
this
in
jason
and
there
are
some
protoboss
schemers
around
there
are
xml
schemas
around.
This
is
actually
arguably
quite
good
for
something
like
xml,
where
there's
a
lot
more
richness
to
the
schema
declarations,
which
is
a
strange
thing
for
me
to
be
saying.
I
So
I
think
there
are
three
things
about
software
building
materials
that
are
worth
sort
of
thinking
about
when
you
sort
of
start
considering
like
how
they
might
play
in
a
software
stack
the
first
one
that
everyone
goes
to,
and
I
think
too
many
people
stop
at
is.
I
need
to
generate
them
and
then
success
and
the
first
bit
is
you
probably
do
need
to
generate.
Then
the
second
one
is
not
true.
It's
not
the
end.
This
is
very
much
the
star.
There
are
tools
emerging
here,
both
from
within
the
cyclone
and
spdx
camps.
I
There's
a
good
set
of
cyclone
dx
plug-ins
for
different
package
managers.
The
maven
one
actually
is
particularly
particularly
rich
and
there's
a
long
tail
and
a
maturity
problem
there
which
I'll
come
back
to,
and
there
are
other
tools
as
well
that
have
been
doing
this
for
a
while
or
a
newer
that
are
also
starting
to
be
able
to,
as
normally
as
well
as
generate
things
in
their
own
proprietary
formats,
also
output,
things
in
standard
formats.
That's
how
standards
become
the
de
facto.
I
They
end
up
being
used
by
multiple
tools
that
previously
just
output,
proprietary
formats
and
I
think
you'll
see
this
crop
up
as
an
implementation
detail
of
lots
of
tooling
and
then
get
exposed
as
a
first-class
interface.
So
there
is
work
going
on
here
and
I'll
come
back
to
some
of
the.
I
think
where
this
needs
to
go
from
where
it
is
today
there,
but
certainly
if
you
want
to
get
started
today,
there
are
probably
some
tools
that
will
help
you
generate
response.
I
How
do
you
store
them
like,
if
you
think
of
all
the
software
that
you're
producing
and
all
the
versions
of
software
you're
producing
and
all
their
dependencies,
not
just
in
terms
of
like
the
package
management
sort
of
libraries
you're
bundling
in,
but
maybe
container
dependencies,
maybe
service
dependencies
like
and
the
whole
chain
of
that?
It's
huge
like
where'd,
you
store
them
and
how
do
you
keep
them
up
to
date?
And
how
do
you
know
what
the
latest
versions
are?
All
those
problems
become
the
next
problem
to
solve.
I
Once
you
move
past
okay,
I
can
generate
them
great.
What
do
I
do?
This
is
much
earlier,
though
there
are
a
bunch
of
things
going
on
here
that
I
think
are
interesting,
and
this
is
actually
an
area
of
a
lot
of
innovation
happening.
I
would
say
around
the
sort
of
cloud
native
communities
and
like
the
bom
repo
server
is
a
good
example
from
the
cyclone
dx
folks.
I
don't
think
it's
specific
to
cyclone,
but
actually
it
might
be.
I
I
played
around
with
this
a
little
bit.
It's
really
a
web
server
that
gives
you
an
api
for
accessing
this.
That's
accidentally
s
bombs,
a
side
note
there
is,
I
think,
maybe
a
little
bit
like
the
work
that
led
like
led
from
docker
to
the
oci
specifications
as
well
as
the
s-bomb
specs.
We
probably
need
specs
that
describe
access.
I
You've
got
in
the
container
world.
You've
got
the
registry
specification
that
describes
all
of
that.
How
do
we
access
install
these
things
and
you've
got
the
image
spec
that
describes
the
actual
thing.
I've
not
seen
much
movement
there.
I
think
it
would
be
good
to
see
like
specifications
extracted
out
of
some
of
the
implementations
and
some
standards
submerged
there
as
well,
but
that's
maybe
getting
ahead
of
ourselves
because
realistically,
there's
not
a
great
solution
for
starring
today.
I
Everyone
ends
up
a
bit
hand,
rolling
something
interesting
things
here,
actually
shout
out
to
dan
laurenk
who's
working
on
the
six
star
and
project
he's
been
doing
some
work
around
looking
at.
How
do
we
use
oci
registries
to
store
these
s-bombs,
because
why
can't
I
store
it
like
if
I've
got
a
container
image?
Can
I
start
the
s-bomb
with
the
container
image?
I
Well
actually
with
the
artifact
spec
in
oci?
Now,
yes,
you
can,
and
you
can
even
sign
those
things
together
with
something
like
cosine,
so
there's
some
good
early
signs
of
like
the
tooling
here,
and
I
think
this
is
from
a
storage
layer
perspective.
A
really
interesting
idea
like
what,
if
we
just
said,
like
s-bombs
they're,
just
next
to
the
thing
that
they
are
representing
in
a
container
world
or
using
an
oci
registry
as
a
distribution
mechanism.
That's
a
really
powerful
idea.
I
think,
but
a
lot
of
work
to
do
here.
I
This
is
a
problem
you've
run
into,
and
I
think
you
should
not
focus
too
much
on
generating
there'll
be
a
lot
of
work.
There
you'll
find
something
you
get
started.
This
is
like
if
to
make
value,
I
think
this
is
part
of
it.
You
need
to
be
able
to
star
and
then
access
and
retrieve,
because
at
the
end
of
the
day,
that's
not
the
point
either.
The
point
is
to
consume
like
okay,
you've
got
all
the
best
bombs.
What
are
you
going
to
do
with
them?
What
value
do
you
get
from
doing
so?
I
Yes,
you've
now
spun
up
some
infrastructure
you're,
now
storing
something
you've
got
new
steps
in
your
pipeline,
generating
all
this
stuff.
Do
you
just
end
up
with
bits
on
discs
that
never
get
used?
That
is
a
reasonable
fear.
That
is
something
that
some
people
in
the
broader
security
community
are
saying.
S-Bombs
are
a
bad
idea,
because
we
don't.
This
is
not
going
to
happen.
I
I'm
not
hopeful,
I'm
generally,
the
hopeful
person
like.
I
think
this
absolutely
can
happen,
but
we
need
to
have
people
thinking
about
focusing
on
it
and
building
things
and
demonstrating
examples.
There
are
really
strong
use
cases
here,
which
I
think
helps
and
checking
for
licenses
checking
for
vulnerabilities
again.
Actually
I
I
work
at.
I
think
this
is
what
we
do.
We
generate
an
s-form
and
we
check
for
licenses
and
vulnerability
issues,
but
that's
generally
been
coupled
it's
generally
been
an
implementation
detail.
I
Suddenly
both
are
independently
valuable
and
I
think
that's
an
interesting
like
sort
of
decomposition
that
we'll
see
more
broadly
around.
Like
some
of
these
spaces,
I
mentioned
I'm
a
I
created
contest,
I'm
a
contributor
to
the
open
policy
agent
project
when
I
get
time,
there's
lots
of
interesting
things
here
around
enforcing
policy,
and
you
can
think
of
an
s
bomb
as
a
really
rich
document.
I
Well,
I
can
now
write
policies
against
that
using
rego.
I
can
what,
if
I
want
to,
I
don't
know,
prohibit
packages
from
github
or
I
want
to
say
no
to
specific
licensed
npm
packages.
That's
just
a
policy
decision.
I
can
encode
that,
in
regard
I
can,
I
can
put
all
of
my
slams
through
it
and
I
can
surface
the
violations,
so
I
think
there's
lots
of
like
we
have
the
low
level
components
there
actually
fairly
straightforward
to
build
singular
demos.
On
top
of
that.
What
does
that
look
like
at
scale?
I
think,
is
interesting.
I
So
you
can
like
this
is
a
chicken
and
egg
problem.
No,
no
one
really
has
a
large
storage
of
s-bombs
in
a
in
a
standardized
sort
of
accessible
format
to
build
these
things
on
top
of,
but
it's
coming.
We
need
to
do
all
these
things.
I
sort
of
feel
we'll
probably
need
to
do
them
all
in
parallel
to
see
the
value
if
we
focus
just
on
generation
and
then
on
storage,
we'll
be
so
far
along
that
we
won't
have
value
and
it
collapsed.
I
I
mentioned
some
other
things.
I
think
search
here
is
a
really
interesting
case.
Imagine
just
the
ability
to
really
sort
of
quickly
seamlessly
ask
questions
of
your
organization's
software
supply
chain
like
like
how
many
versions
of
this
library
are.
We
using
you
sort
of
get
this
in
some
places.
Out
of
some
tools,
but
this
is
a
way
of
doing
it
in
a
decoupled
and
I
think
more
open
way.
I
think
there's
a
lot
of
interesting
potential
to
build
on
top
of
those
types
of
interfaces.
I
So
the
last
thing
is
really
okay.
If
you
think
this
is
interesting,
then
I
mentioned
the
sort
of
framework
documents
and
the
sort
of
some
of
the
introduction
documents
earlier.
They're.
Definitely
a
good
start
to
go
a
bit
deeper
if
you're,
like
already
okay,
I
buy
this,
I
want
to
get
hacking.
I
want
to
get
involved.
I
think
this
is
an
area
where
there's
a
huge
potential
to
do
so,
and
I
think
there
are
three
areas
that
are
interesting.
I
One
is
client
libraries
and
I
think
for
this
to
work.
We
don't
need
a
tool
over
here
that
generates
an
s-bom.
We
need
this
to
just
be
built
into
like
how
go
does
packaging,
how
cargo
works,
how
mpn
works,
how
maven
works
like
we
need
first
class
I
like
plugins,
is
part
of
it
like
it
has
to
be
upstream,
in
my
view,
for
this
to
be
something
that
really
has
an
industry-wide
effect.
I
I
I
The
other
thing
is
client
libraries,
the
work
on
spdx,
the
spec
is
again
like
there
are
experts
involved
there
and
I
think
the
spec
is
coming
along
for
our
sdx3
exists
for
two
cyclone
dx,
similarly
has
been
evolving
really
quickly
and
there
are
some
like
the
that
actually
has
like
really
good
gist,
schemas
and
protocol
schemas
and
the
xsd
definitions.
I
But
actually,
if
you
go
use
any
of
these
things,
you
need
to
be
someone
who
goes
like
great
jason
schema.
I
love
json
schema,
oh
fantastic
xsd.
I
know
this
backwards.
We
don't
have
good
like
higher
level
libraries
in
nearly
any
languages.
At
the
moment
we
don't
have
tight
definitions,
we
don't
have
classes,
we
don't
have
things
that
really
lower
the
barrier
temperature.
Using
these
tools,
it's
schemers.
I
I
have
a
strange
history
of
doing
weird
things
with
schemers.
Even
I
don't
really
want.
I
want
the
client,
client
libraries.
I
want
the
higher
level
tools
to
add
things.
So,
if
you're,
a
low
level,
client
library
person,
I
think
there's
a
bunch
of
things
you
can
get
involved
in
and
last
but
not
least,
I
mentioned
that
this
sort
of
we
need
tools
to
consume
s-bombs
and
yes,
there
aren't
many
out
there
yet
but
get
building
some
to
see
what
might
be
valuable.
What's
an
interesting
use
case,
what
do
people
hook
onto?
I
I
think
these
are
great
opportunities
for
small
focus
projects
or
combining
project
x
with
s
bombs
to
see
if
something
valuable
comes
out.
The
other
side,
I
think,
actually
we'll
see
an
explosion
of
talks
and
little
projects
over
the
next
year,
or
so
that
do
just
this.
I
think
that
will
be
a
good
sign.
Not
all
of
them
will
be
right,
not
all
of
them
will
work.
I
So
with
that
I'd
like
to
say
thank
you
for
listening
and
again,
hopefully
this
is
interesting
sort
of
space
to
get
some
people
involved.
It's
a
good
mix
between
the
sort
of
standards
becoming
real
world
things.
E
Fantastic,
thank
you
gareth.
That's
super
interesting,
I'm
really
interested
in
in
in
the
whole
s-bomb
world.
You
know
I
spent
a
lot
of
time
around
the
embedded
space
and
I
I
kind
of
feel
like
some
of
those
ideas
that,
from
the
embedded
space
have
sort
of
moved
over
into
the
mainstream.
Now
you
know
it's
particularly
around
traceability.
If
we
look
at
I'm
thinking
of
things
like
base
rock
linux
and
stuff
like
that,
that
you
know
we're
all
about
which
particular
git
commit,
you
could
trace
every
single
software
back
into
yeah.
I.
I
Think
they're
like
the
embedded
space
is
like
is
often
being
it's
hardware,
people
and
hardware
people
have
to
deal
with
this
already
because
they're,
like
the
costs
and
economics
and
the
industry
as
a
whole,
is
generally
supply
chain
is
a
thing.
Software
has
not
been
the
case
and
I
think
we're
realizing
in
hindsight.
It
sort
of
has
to
be.
E
I
think
we
had
one
question
from
the
audience
for
you,
which
I
will
just.
Oh
I've
got
a
couple
actually,
so
the
first
one
was
was
steve.
Murray
asked:
how
is
this
different
from
a
cmdb.
I
Good
question,
I
think
so
I
I
think,
there's
a
difference
between
configuration
and
the
sort
of
the
what
goes
into
something
I
think
like
that.
Difference
is
a
bit
subtle,
but
I
think
one
is
about
input.
One
is
that
what
went
into
the
creation
of
this
and
the
other
is
invariably
about
sort
of
much
more
focused
on?
I
What's
like
the
the
actual
thing
that's
running
so
again,
I
think
sometimes
cmdbs
have
been
stretched
or
actually
have
some
of
these
properties,
but
one
of
the
things
I
think
as
well
with
cmdb
is-
and
some
of
us
have
the
similar
problems
here.
Like
do
people
use
the
rich
data
in
a
cmdb
like
the
problem
with
cmdb.
I
That,
in
my
view,
is
never
the
theory,
and
I
built
some
similar
sorts
of
things
that
I
would
like
on
top
of
the
puppet
cmd
puppetdb
back
when
I
was
a
user
and
that
puppet,
but
how
many
people
actually
have
a
really
successful
cmdb
story?
There
is
absolutely
the
same
risk
around
s-bombs.
I
think
s-bombs
need
to
be
embedded
in
software
development
and
cmdbs
never
were
yeah.
It's
a
good
rabbit
hole
to
jump
down
that.
I
won't
do
do
now,
good
question.
E
Great
awesome,
so
I
know
we
have
one
more
question
in
the
in
the
track.
One
slack
channel,
perhaps
gareth,
might
hang
out
in
there
for
a
second
afterwards
yeah,
I
will
jump
over.
There
sure
got
a
question
for
you,
but
so
over
to
you
paula,
to
introduce
our
next
speaker.
C
Thanks
matt
thanks
gareth
for
that
great
talk,
so
we're
delighted
to
announce
our
next
speaker.
We
have
dr
katie
chong
talking
about
using
data
to
save
the
world
so
over
to
you,
katie.
D
D
Okay
and
so
hopefully,
you'll
be
able
to
see
my
presentation
has
that
worked
yep,
yep,
okay
right
so
so.
Thank
you
very
much
for
inviting
me
along.
I
have
to
blame
my
best
mate
chris
crans
for
this,
so
he
roped
me
in
to
come
and
talk
to
you
today
about
climate
change.
So
I
work
at
aston
university,
which
is
in
birmingham.
I
work
there
as
a
lecturer
and
as
a
researcher
and
I'm
going
to
talk
to
you
today
a
little
bit
about
how
we
use
data
to
try
and
save
the
world.
D
Hopefully,
okay,
let's
here
we
go
so
about
me,
I'm
a
chemical
engineer.
Most
people
don't
really
know
what
a
chemical
engineer
does
so
to
try
and
explain
it.
It's
chemical
engineers
basically
work
out
how
to
make
stuff,
so
we
take
things
from
raw
material,
so
water
foods
that
kind
of
things
and
we
work
out
how
to
make
useful
products
from
them
in
a
safe
and
cost
effective
way.
D
So
if
there's
anything
that
comes
into
your
home,
like
water,
energy,
food,
anything
that's
made
out
of
chemicals,
normally
a
chemical
engineer
has
had
something
to
do
with
that.
We
kind
of
like
large-scale
plumbers.
I
think
that's
a
good
way
to
describe
it,
so
we
work
out
how
to
to
make
things
flow,
make
things
move
around
and
large-scale
operations,
and
because
of
this
we
use
a
lot
of
maths.
So
whenever
we're
doing
our
calculations
to
work
out
the
size
of
equipment
or
whether
something's
actually
going
to
work.
D
Looking
at
the
chemistry,
for
example,
we
use
a
lot
of
equations
and
maths
to
do
that
so,
as
well
as
being
a
lecturer
aston,
I'm
also
a
researcher
and
director
of
this
place.
So
this
is
the
energy
and
bioproducts
research
institute
at
aston
university
and
here
we're
very
much
focused
on
climate
change
and
all
of
the
solutions
to
climate
change.
So
there's
loads
of
really
clever
researchers
that
work
within
this
building
to
try
and
find
those
solutions
to
help
us
save
our
planet.
D
D
So
what
do
we
do?
What
do
I
do?
So?
My
research
is
all
around
finding
ways
to
try
and
save
the
planet.
So
you've
probably
heard
about
all
the
doom
and
gloom
around
climate
change.
What
is
going
on
with
our
world?
There
was
the
recent
ipbc
report
which,
unless
you
were
hiding
under
a
rock,
you
would
have
heard
about
about
how
it's
a
red
alert
from
our
climate
and
our
planet.
D
So
there
is
no
planet
b
and
all
of
the
work
that
we
do
as
researchers
is
about
carbon,
so
what's
been
happening,
is
that
we've
been
using
fossil
fuels
for
about
100
or
so
years
now,
and
as
we
release
that
carbon,
it
goes
up
into
our
atmosphere
and
it's
acting
like
a
blanket
which
is
keeping
us
keeping
our
con
our
world
really
warm
and
causing
all
sorts
of
issues.
So
whatever
we're
trying
to
do
as
researchers,
it's
all
about
the
carbon,
so
every
single
atom
of
carbon
matters.
D
So
if
we
can
save
a
kilogram
of
carbon,
do
by
doing
something
small
that
does
make
a
difference.
So
a
kilogram
of
carbon
dioxide
fills
up
17
standard
party
balloons,
so
every
kilo
of
carbon
dioxide
that
you
can
save
will
save
those
17
balloons
of
carbon
dioxide
and
every
every
one
of
those
kilos
does
make
a
difference.
So
we've
been
doing
lots
of
research
to
work
out
the
impact
of
our
activities
on
trying
to
reduce
that
amount
of
carbon,
and
we
know
the
reasons
why
this
is
what
we're
seeing.
D
So
this
is
in
the
past
couple
of
months.
This
was
flooding
in
belgium
and
germany,
so
this
is
what
is
happening
because
of
climate
change,
so
as
well
as
floods
we're
having
droughts.
So
this
is
in
california,
and
the
main
reason
why
I
do
it
is
to
save
these
guys.
So
whenever
I
start
getting
demotivated
about
the
the
state
of
things,
I
think
about
the
lonely,
polar
bear
on
his
melting
iceberg,
and
that
motivates
me
to
to
carry
on.
D
So
that's
why
I'm
doing
it
is
to
try
and
save
mr
polar
bear
on
his
iceberg
right.
So,
when
we're
doing
our
research
when
we're
all
the
clever
climate
change,
researchers
are
doing
stuff.
D
So
whenever
we
do
an
experiment
like
that,
we
collect
loads
and
loads
of
information.
So
it's
a
huge
amount
of
information,
and
this
is
just
a
small
snippet,
so
we
collect
loads
and
loads
and
loads
of
data
points.
Thousands
of
data
points
from
each
of
those
experiments,
so
we
get
the
the
raw
data.
So
it's
part
of
our
job
then
to
interpret
that
data.
So
this
one
here
is
just
the
result
from
a
single
experiment,
so
we
can
track
along
what's
happening,
so
we
can
really
understand
what's
going
on
so
then
we
take
that
data.
D
We
interpret
those
results
and
then
we
come
up
with
some
useful
results.
So
then
we
have
to
decide
okay.
So
how
are
we
going
to
use
that?
We've
got
the
result
of
our
our
data,
how
we
actually
going
to
use
it,
what
we're
going
to
use
it
for
so
as
chemical
engineers
as
climate
change,
researchers,
we
use
that
data
for
a
lot
of
different
things.
D
So,
first
of
all,
we
use
it
for
engineering
design,
so
we
need
to
work
out
whether
the
things
that
we've
done
in
the
lab
are
actually
going
to
work
in
the
real
life
at
large
scale.
So
we
use
all
of
those
numbers
to
look
at
whether
we
can
make
that
bigger,
whether
it's
going
to
make
people
money,
because
no
company
is
ever
going
to
invest
in
a
process
if
it's
not
going
to
make
them
money,
so
we
use
it
to
calculate
costs
and
that's
something
that
I
do
in
particular.
D
So
I
do
something
called
techno-economic
analysis,
which
means
I
do
the
engineering
design,
then
I'll
work
out
how
much
it's
going
to
cost
to
try
and
help
companies.
Businesses.
Policymakers
understand
whether
this
solution
to
climate
change
is
still
going
to
make
the
money
as
well
as
well
as
saving
the
planet.
D
Another
thing
that
we
do,
of
course,
is
the
environmental
performance,
so
as
part
of
this
work,
we
can
use
all
of
that
data,
then
to
say:
okay,
is
this
better
or
worse
than
what
we
were
doing
before
so
we're
using
it
as
evidence
to
support
our
research,
so
we
can
decide
which
direction
to
go
and
the
most
important
reason
the
most
important
use
of
all
of
this
data
is
for
us
to
share
our
knowledge.
So,
as
a
lecturer,
I
share
all
these
results
to
all
of
my
students
as
a
researcher.
D
We
share
it
with
between
each
other
and
we
write
journals.
We
do
talks
like
this.
We
go
to
conferences,
we
talk
to
policy
makers,
so
it's
about
sharing
that
knowledge.
There's
no
point
in
us
collecting
all
of
this
information.
If
we're
not
going
to
share
it
and
open
research
is
a
huge
thing
in
academia,
so
all
of
our
work
is
is
funded
publicly
funded.
So
we
get
all
of
the
money
to
do
our
research
from
the
government
from
the
european
commission
and
that's
your
money,
that's
the
taxpayers
money.
D
So
we
have
to
make
sure
that
all
of
this
information
is
available
for
you
guys
if
you
ever
want
to
look
at
it,
so
we
do
have
to
make
all
of
our
our
data
available.
So
there
are
various
repositories
for
that
and
various
ways
that
we
do
that.
So
if
you
are
ever
interested
in
a
research
project,
then
you
should
be
able
to
get
your
hands
on
that
data,
to
make
sure
we're
spending
your
money
wisely
and
to
see
what
the
the
final
results
look
like.
So
open
research
is
really
key
to
good
research.
D
So
then,
how
do
we
use
that
then
to
save
the
world?
Hopefully
we're
trying
our
best
here
the
results
that
we
get
from
all
of
these
experiments.
All
of
that
research
that
is
funded
by
taxpayers
by
you
guys
the
results
of
that
then
help
inform
they
help
inform
other
researchers
so
that
we
can
tell
each
other
any
avenues
that
look
good,
any
that
don't
look
so
good.
So
it's
to
try
and
direct
our
research,
so
we
we
spend
all
of
our
attention
looking
at
the
stuff
that
is
worth
investigating.
D
Really
importantly,
we
use
it
to
talk
to
the
government
and
policy
makers
because
without
them
buying
into
what
we're
doing
nothing's
going
to
change
so
until
the
government
and
policymakers
actually
force
people
to
do
stuff,
nothing,
nothing
really
changes.
So
we
use
it
as
evidence
to
those
guys
as
well,
and
sometimes
they
listen.
Sometimes
they
don't.
Unfortunately,
we
use
it
to
talk
to
industry
so
that
industry
can
understand
how
best
to
make
their
processes
more
sustainable,
which
are
the
ones
that
they
can
do
while
still
making
money.
D
So
we
give
them
lots
of
information
about
how
their
equipment
is
going
to
behave,
how
much
energy
it's
going
to
need
that
kind
of
thing,
and
most
of
all
now
people
are
interested
in
okay,
so
how
much
carbon
is
that
going
to
emit?
No
one
wants
to
be
releasing
carbon
anymore,
which
is
great
and
then
the
public.
D
This
is
something
that
I'm
particularly
passionate
about
is
is
is
informing
people
about
all
of
these
things
that
is
going
on
to
try
and
help
save
the
planet
and
the
more
we
speak
about
it,
the
better
it
is
so
keep
talking
about
it.
We
can
see
the
power
of
talking
about
climate
change
just
by
looking
at
people
like
greta
who,
just
by
talking
about
it,
has
had
all
of
the
the
schools
protests.
D
If
you
look
at
david
attenborough,
he
is
just
one
man
talking
about
it
and
the
power
of
that
person,
so
using
these
results
help
inform
all
of
those
people
as
well.
So
hopefully
all
of
that
data
that
we're
collecting
all
of
that
research
that
we're
doing
is
helping
us
to
find
solutions
to
climate
change.
So
all
of
those
numbers
are
helping
us
to
to
help
find
those
solutions.
D
So
a
little
that's
a
little
quick
introduction,
but
if
anyone
wants
to
ask
me
any
more
questions
about
climate
change,
what
we
do
on
bioenergy
biomass
any
of
that
stuff,
then
please
drop
me
a
line,
and
you
can
also
find
me
on
twitter
as
well.
So
thank
you
very
much
for
listening
to
me
waffling
on
this
morning.
C
That
was
fantastic.
Thank
you.
So
much
katie
welcome
one
quick
question
from
from
me
actually
for
folks
who
may
be
inspired
by
that
and
want
to
do
their
own
part
like
what
are
the
things
that
we
could
do
ourselves
is.
That
is
there
ways
we
can
contribute
join
shout.
Is
there
any
strong
recommendation?
You'd
say
like
this
is
the
one
thing
that
you
should
go
out
and
do.
D
Well,
there's
loads
of
little
things
that
you
can
do
it's
about
making
making
more
sustainable
choices.
So,
for
example,
don't
put
your
heating
on
put
a
jumper
on
just
try
not
to
buy
so
much
stuff,
because
whenever
you
buy
something
that
you've
got
to
think
about
all
the
carbon
that's
gone
into
into
making
it
all
of
the
emissions
that
go
into
making
it
as
well
as
the
transport
and
all
of
that
kind
of
thing
consider
reducing
the
amount
of
meat
you
eat.
D
I'm
not
saying
that
you
do
have
to
go
vegan,
but
that's
the
extreme
end,
but
you
can't
just
by
reducing
the
amount
of
of
carbon
that
you
emit.
It's
just
about
making
sensible
and
sustainable
choices.
D
And
if
you
want
to
get
involved,
then
you
can
just
keep
an
eye
out
for
the
local
events
that
are
happening.
So
I'm
part
of
a
big
project
called
supergen
bioenergy
and
we
do
lots
of
projects
that
the
public
can
get
involved
with.
So
we've
got
one
running
that
will
be
running
soon
and
it's
to
talk
to
school
kids.
So
we're
getting
the
view
of
school
kids
from
around
the
world
on
what
they
think
about
climate
change.
D
A
massive
event-
that's
coming
up
this
year
is
cop,
so
cop
26
is
where
all
of
the
countries
from
around
the
world
get
together
to
talk
about
climate
this
year,
it's
in
glasgow,
so
there
are
loads
of
events
happening
around
that
lots
of
public
events
as
well.
So
look
for
cop26
and
you
should
be
able
to
find
lots
of
things
going
on
around
cop
that
you
can
get
involved
with
and
joining
so
yeah
it's
about
making
it.
So
we
just
need
to
make
sure
that
we
keep
talking
about.
C
Fantastic
well,
thank
you
so
much.
I
realize
this
may
not
be
the
normal
audience
that
you
speak
to,
so
we're
really
grateful
that
you
could
join
us
thanks
for
chris
asking
you
to
join,
it's
been
brilliant.
So
that's
the
talk
from
katie.
C
If
anyone
has
any
questions
for
feel
free
to
add
them
into
our
slack
channel
the
track
one
slack
channel-
and
we
have
our
next
speaker-
lined
up
and
ready
to
go
so
I'm
very
excited
to
be
able
to
introduce
salman,
iqbal
and
he'll
be
talking
about
community
kubernetes
days,
which
is
quite
interesting
because
I
read
the
title
and
I
was
like:
is
it
not
at
community
days
but
anyway,
fantastic?
Thank
you
for
being
here,
sir
man
I'll
hand
over
to
you.
Thank.
J
You
very
much,
can
you
hear
me?
Okay,
is
everything
just
give
me
a
thumbs
up?
Everything's
good?
Well,
thank
you
all
very
much
for
having
me.
I
am
very
excited
to
be
part
of
kubernetes
community
days.
I
think
the
title
of
the
talk
I
I
changed
this
slide
it's
community
over
technology-
and
you
know-
we've
heard
cheryl
talk
about
this
morning
about
how
important
the
community
has
been.
I
think
I
just
want
to
extend
a
couple
of
things.
J
J
Things
do
change,
but
the
only
thing
that's
constant
is
the
people
around.
You
is
a
community.
So
what
we
in
this
talk
I'll
take
a
few
minutes
to
talk
about
how
you
can
join
an
existing
community
or
how
you
can
build
the
one
that
you
have
or
how
you
can
start
your
own
I'll
just
quickly.
Introduce
myself
before
I
introduce
myself
I'd
just
like
to
give
a
big
thanks
to
all
of
the
kcd
uk
organizers.
J
You've
all
done
an
amazing
job,
good
job,
putting
this
together,
especially
paula,
chasing
me
up
for
all
this
stuff.
So
I
apologize
for
being
so
slow,
but
really
amazing.
J
It's
a
great
conference
and
it's
not
an
easy
feat,
trying
to
put
an
event
like
this
together,
getting
all
the
speakers
together
and
putting
on
the
workshop-
and
you
know
growing
our
community,
which
is
what
this
talk
is
all
about.
So
thank
you
to
all
the
organizers
on
here.
My
name
is
salmonic
ball.
I
work
as
an
emma
lops
engineer
for
a
company
called
app
here,
we're
a
cloud
consultancy
company
check
them
out
app
here,
dot
io.
J
I
also
work
as
a
kubernetes
instructor
for
learn
k-8s
and
the
thing
that
I'm
most
proud
of
are
probably
quite
a
few
things
that
we
achieved,
but
one
of
the
things
that
I'm
most
proud
of
is
to
be
part
of
the
cloud
native
wales,
the
cloud
native
community
that
we've
started
here
in
worlds
with
louis
denim
perry
and
a
lot
more
people
and
allied
as
well.
J
You
can
find
me
on
twitter
at
seoul
management
if
you
have
any
questions
about
anything
about
mlaps
or
kubernetes,
or
if
you
would
like
to
help
with
you.
If
you
like
help
with
the
community,
please
drop
me
a
message
on
at
twitter
on
soulmanikpal,
so
I
can
I'll.
I
can
start
with
this
comment
saying
tech
can
be
confusing
and
I'm
sure
you've
all
seen
this
a
landscape
for
cloud
native
technologies.
If
you
haven't,
you
can
head
over
to
l.c
ncf
dot
io
to
have
a
look.
J
It
shows
a
number
of
projects
and
cloud
native
solutions
for
all
sorts
of
areas,
like
databases,
orchestration
tools,
container
runtimes
registries
and
so
on
and
so
forth.
This
is
intended
to
show
a
well-traveled
path
of
technologies
that
can
be
used
when
implementing
your
solution.
However,
it
is
quite
confusing
if
you
look
at
it.
J
How
do
you
know
which
solution
to
pick
for
the
thing
you
that
you're
solving
problem
for,
for
example,
if
you
have
to
pick
a
storage
solution
to
implement
for
your
project,
which
one
would
you
choose,
the
one
that's
got
the
most
stars
on
github
or
the
one
that
has
the
most
funding?
How
do
you
know
which
solution
to
pick
narrow
down
based
on
the
requirements
that
you
have?
Maybe
there's
a
handful
of
solutions
that
you
know
you
can
do
you
can
implement
yourself
and
trial
them
out?
J
What,
if
the
solution
that
you
picked
today
becomes
obsolete
in
a
few
months
or
years?
What
do
you
do
then?
Do
you
start
again
on
your
own
to
try
and
figure
out?
What's
the
best
thing
to
do,
solution
to
pick
again,
technology
keeps
changing,
as
we
all
know
keeps
changing
all
the
time
we
get
new
projects.
We
get
new
frameworks,
we
get.
We
have
to
look
at
new
products
that
keep
getting
announced
at
a
rapid
pace.
This
can
all
be
very
daunting.
J
Wouldn't
it
be
good
if
we
can
talk
to
the
people
around
us
and
I'm
sure
a
lot
of
people
are
ready
to
do
that,
see
how
they're
trying
to
solve
a
challenge.
You'd
be
surprised
at
how
many
people
in
different
organizations,
different
walk-up
walks
of
life,
different
backgrounds
of
are
facing
similar
challenges.
J
As
you
are,
or
as
your
organizations.
You
can
talk
to
people
around
you
in
your
own
company,
in
your
own
city,
in
the
meetups
and
learn
from
them.
You
can
reach
out
to
them
in
any
channels
that
are
available
to
you,
because
the
people
in
your
community,
as
I
said,
are
constant
and
this
technology
will
keep
changing.
But
I
know
that
I
can
always
go
back
to
the
community
that
I
have
people
and
reach
out
to
them
and
ask
any
questions.
J
If
I
have
any
challenges
I
reach
out
to
the
people
we've
it
created
together,
we've
got.
We
got
together
in
cloud
native
worlds,
community
a
lot
of
people
on
this
call,
matt
and
paula
and
in
in
other
communities
as
long
as
the
community
is
there,
and
it
is
inclusive
and
welcoming
to
everyone
where
everyone
can
feel
safe
being
part
of
it,
and
everyone
adheres
to
a
code
of
conduct.
J
That's
been
set
out
and
you
know
they
feel
they
can
ask
for
help
without
any
hesitation.
You'll
see
that
individuals
in
their
community
will
learn
not
just
about
the
technology,
but
also
about
themselves
and
the
people
around
them
and
grow
as
people
as
person
anytime.
I
have
a
problem
they
have
to
solve.
I
reach
out
to
the
people.
I've
met
through
various
communities
and
asked
them
for
help
and
guidance.
J
F
J
Should
you
go
around
looking
for
a
community
to
join?
Of
course,
you
can
always
head
over
to
meetup.com
and
search
for
community
of
that
you're
interested
in
maybe
in
your
local
area.
Maybe
the
maybe
the
area
that
you
are
interested
in.
You
can
even
search
internationally.
Most
events
currently
are
happening
remotely,
so
we'll
be
great
to
be
a
part
of
them.
J
You
know
you
can
reach
out
to
people
all
over
the
world
and
at
cloud
native
worlds
we
encourage
new
joiners
to
message
us
and
let
us
know
if
it's
their
first
time,
so
we
can
so
we
can
welcome
them
properly
and
introduce
them
to
people
in
the
community.
J
If
you
like
any
specific
open
source
projects,
they
most
likely
have
some
slack
or
discord
channels.
Kubernetes
has
a
number
of
these
communities
that
you
can
join
in
and
introduce
yourself.
You
can
go
and
help
people
out
and
you
can
ask
for
help
as
long
as
you're
kind,
and
you
can
also
follow
people
on
twitter.
I
follow
a
lot
of
people.
I
look
up
to
on
twitter
and
they're,
always
mentioning
some
of
the
some
of
the
some
of
the
the
events
that
are
happening.
That
I
can.
I
can
join,
for
example,
casey.
J
The
uk
that's
happening,
that's
how
I
found
her
from
the
people.
I
already
know
so.
There's
many
ways
that
you
can
find
a
community
that
you
can
join
and
be
a
part
of
how
about
if
you'd
like.
If
you
want
to
start
the
community
that
you
thought
didn't
exist,
how
would
you
go
around
doing
that?
It
can
be
in
person
or
it
can
be
virtual.
J
You
know
I'll
speak
from
experience,
lewis,
den
and
perry
and
myself.
We
started
cloud
native
wales
in
january,
2018,
we've
done
over
25
meetups
in
person
and
virtually,
and
I
think
I
can
handle
my
heart.
The
best
thing
that
could
happen
to
any
of
us
was
cloud
native
worlds.
Community
I've
been
working
in
technology
for
about
nine
years
now,
but
I
can
say
that's
the
best
thing:
that's
happened
because
the
amount
of
people
I've
met
and
I
worked
with
there's
so
many
people.
J
I
look
up
to
have
worked
with
in
in
in
the
past,
and
currently
it
would
never
have
happened
if
it
wasn't
for
the
community
that
had
joined
and
we
grew.
We
get
so
much
support
from
other
cloud
native
communities
when
we
started
and
the
cloud
native
competing
foundation
there's
so
many
people
who
helped
us.
Like
you
know,
we
can't
really
thank
many
people.
All
the
people
is
cheryl
who
helped
us
when
we
started
matt
and
so
many
more.
J
J
These
are
all,
and
that's
the
ones
that
that
I'm
putting
up-
and
these
are
the
people-
there's
quite
a
few
people
in
here-
that
we
used
to
look
up
to
and
we
got
to
meet
them
and
learn
from
them
and
grow
our
knowledge
and
learn
from
the
best
basically,
and
that
would
have
never
been
possible
if
we
never
did
cloud
native
wales.
So
what
I'm
trying
to
say
is
join
a
community
if
there,
if
one
doesn't
exist,
start
your
own.
J
How
would
you
start
your
own
community
if
you,
if
you
wanted
to-
and
I
think
it
boils
down
to
a
very
simple
thing
which
is
helping
others?
If
you
help
others,
others
will
definitely
help
you.
You
can
join
other
similar
communities
and
help
out
there.
You
know
anything
that
need.
Maybe
you
can
help
in
organizing
events.
Maybe
you
can
help
solve
someone's
problem.
If
they
have
a
question,
maybe
you
can?
Maybe
you
can
answer
them?
J
J
If
there's
someone
you
like
you'd
like
to
speak
at
your,
you
can
do
a
live
stream.
If
you
wanted
to
on
youtube
or
you
can
do
it
in
person,
you
can
reach
out
to
them
and
politely
request.
If
they
can
speak
at
your
event,
you
can
do
the
event
remotely
as
well
or
if
you
want
to
do
it
in
person.
Hopefully
we
will
get
to
the
in-person
stuff.
J
Quite
soon
you
can
reach
out
to
companies
in
your
cities
and
that's
what
we
did
and
asked
if
they
can
sponsor
for
you
to
hire
a
venue
or
pay
for
food.
Sometimes
people
learn
best,
and
this
is
what
we
found
is
by
doing
things.
Some
things
hands-on.
You
can
host
your
own
hackathons
and
do
your
own
workshops,
something
that
you
might
know
very
well
is
going
to
be
new
to
somebody
else.
If
you
think
oh
docker
is
you
know
it's
quite
basic,
everybody
knows
docker,
but
it
might
not.
J
It
is
new
to
a
lot
of
people,
so
you
can
hold
your
own
workshop
and
others
can
join
in.
You
can
do
it
remotely
or
you
can
do
it
in
person,
and
this
is
the
bit
that
we
thought
works
out
quite
well.
We
could
do
giveaways,
you
could
do
giveaways
by
asking
for
tickets
from
other
conferences,
and
this
is
what
we've
done
in
the
past.
If
I've
spoken
at
a
conference,
while
lewis
has
spoken
at
a
conference,
we
ask
for
tickets
to
give
away
to
our
attendees,
because
tickets
for
conferences
are
quite
expensive.
J
You
can
ask
for
swag
to
be
given
away
like
we
usually
used
to
go
to
the
conferences
and
get
swag
from
from
the
stands
and
give
away
at
the
meetups,
and
people
do
usually
like
that.
But
I
think
the
best
thing
you
can
do
is
have
joint
meetups
as
well.
There
are
going
to
be
meetups
in
your
in
your
area
or
within
your
country
or
within
your
continent,
that
you
can.
You
can
do
joint
meetups
with,
for
example,
it's
kcd
uk.
J
A
lot
of
communities
came
together
to
do
this
conference,
I'm
not
so
I've
just
written
down
a
few
birmingham,
edinburgh,
london
manchester
wales,
a
lot
of
cloud
native
communities
and
people
came
together
to
put
on
a
great
conference,
so
community
you
know
is
it
is
at
the
heart
of
what
we're
trying
to
achieve
and
there
are
benefits
you
might
say.
Okay,
it's
all
good.
I
can
help
others
out
what
is
in
it
for
me
and
there's
tons
of
benefits,
and
I
can
only
speak
speak
from
my
experiences
in
terms
of
career
progression.
J
I
never
thought
I'll
be
able
to
do
the
jobs
that
I'm
doing
nowadays
or
meet
the
people
that
I
am
meeting
nowadays
or
learn
things
that
I'm
learning
nowadays
or
you
know.
I've
worked
at
a
number
of
places
now
worked
at
app
here,
learn
k-8s
and
that
would
never
never
have
happened.
So
there
are
benefits
to
yourself
too,
and
I
think
one
thing
of
remind
for
the
organizers
or,
if
you're
joining
committee
a
starting
committee,
this
one
simple
thing
that
we've
found
is
that
is
that
makes
it
very
successful.
J
It's
just
to
be
kind.
The
people
around
you,
the
people
who
are
joining
wherever
it
is
just
to
be
kind
treat
people
like
you
like
you,
wanted
to
be
treated,
I'm
going
to
end
up
end
on
one
last
bit.
Is
you
know
this
this
code
from
benjamin
franklin,
but
building
a
community
and
culture
of
respect
and
working
collaboratory
collaboratively
is
the
way
forward.
Continual
learning
always
ensures
that
you
know
we're
growing
together
and
listening
and
hearing
and
being
empathetic
to
the
people
around.
You
is
the
way
you
deliver.
J
The
best
solution
and
community
is
all
about
bringing
everyone
together
on
a
journey,
so
technology
that
exists
today
is
not
going
to
be
here
tomorrow,
but
tomorrow
the
people
around
you
will
still
be
around
and
you
can
ask
them
and
you
can
lean
on
them
and
you
can
help
them
grow
and
move
forward,
and
with
that
I
thank
you.
If
you
have
any
questions
about
anything,
if
you'd
like
any,
if
you
like
any
help
with
your
community,
please
reach
out
to
me:
that's
so
manik
bar
we
are.
J
J
That
was
a
useful
talk.
That's
all
from
me.
C
Fantastic,
thank
you
so
much
simon.
I
honestly
feel
like
you
were
just
reading
my
mind,
some
of
those
things
you
said
I
just
wholeheartedly
agree
with,
and
I
know
it's
not
to
be
underestimated.
The
amount
of
work
to
put
on
a
meet-up
or
to
put
on
an
event,
but
everything
you
talked
about
how
rewarding
it
is,
is
just
it
rings.
So
true
for
me,
I
just
wondered
if
you
had
any
funny
stories
or
things
that
have
ever
gone
wrong
with
a
meet
up.
I
know.
K
C
I
mean
we've
had
some
technical
issues
this
morning
here
with
our
events
and
youtube
links,
and
it's
funny
how,
even
when
you
plan
every
single
thing,
something
always
happens.
Something
goes
wrong.
I
just
wondered
if
you
could
share
any
any
little
mix-up.
That's
ever
happened
to
you
or,
like
you
know,
the
worst
crazy
thing
that
happened.
J
Yeah,
I
think,
there's
always
when,
when,
when
you're
organizing
an
event
something
happens,
I
think
one
of
the
first
virtual
meetups
we
were
doing
lewis
and
I
put
a
link
to.
I
can't
remember:
I
think
it
was
a
google
meet
yeah.
It
was
a
google
meet,
so
we
put
out
a
google
me,
so
anybody
could
join
in
and
start
typing
whatever
they'd
like
to
type.
So
somebody
just
got
the
link
from
somewhere,
I'm
not
sure
where,
because
I
think
it
was
on
twitter
and
they
started
just
spamming.
The
tweet.
J
So
we
just
have
to
like
block
them
and
try
and
sort
that
out.
I
do
know
you.
Luckily
it's
never
happened.
The
cloud
native
wales,
but
at
other
meet
up
that
you're
doing
a
joint
one.
A
heckler
turned
up
because
they
didn't
agree
with
some
cryptocurrency
stuff.
So
but
you
know
that
that
got
dealt
with
quite
quite
swiftly.
So
you
know
these
things
do
happen,
but
yeah.
I
think
you
just
have
to
improvise
and
react.
When
that
happens,
I
think
yeah
anything
that's
happened
to
you.
C
I
think
I
mean,
like
you,
said
many
many
things
could
go
wrong.
I
think
the
the
most
challenging
story
that
happened
to
me
was
running
an
event
where,
on
stage
one
of
our
speakers
collapsed
and
he
was
fine.
He
was
completely
fine,
but
it
was
just
a
reaction
to
stress
somebody
heckled
him
and
he
wasn't
quite
ready
for
it.
So
he
collapsed
on
the
floor
and
people
thought
it
was
funny
and
they
were
laughing.
They
thought
he
was
joking,
but
no,
he
was
out
cold.
F
C
It
was
like
it
was
quite
a
stressful
moment,
but
he
was
fine
and
he
got.
C
J
C
L
Yeah,
thank
you.
I'm.
As
someone
said,
I
think
we
all
come
from
different
backgrounds.
I
I
look
after
I
live
just
outside
birmingham.
I
run
a
couple
of
meetups
in
birmingham,
including
recently
getting
involved
with
the
cloud
native
birmingham
crew
and
it's
just
been
a
yeah
just
to
re
repeat
what
some
of
the
things
we
said
before.
It's
been
a
pleasure
working
with
paula
josh.
You
know
matt
the
whole
team.
L
Really
I
want
to
list
off
everyone
yeah,
and
I
guess
that
to
some
of
the
points
we
just
talked
about
there,
I
think
sometimes
the
hecklers
at
the
at
the
meetups,
don't
realize
that
we
don't
get
paid
to
do
this.
You
know
we're
we're
not
there
as
there
are
sponsors,
but
we
don't
most
of
us
don't
work
for
the
sponsors.
We
usually
look
to
separate
ourselves
from
this
and
I
think
the
hecklers
think
we're
there
for
some
sort
of
commercial
or
financial
benefit,
but
actually
we
love
meeting
people.
L
You
know
we
love
helping
other
people
out
some
of
the
best
things
for
me
running.
The
meetups
is
seeing
that
dawn
of
kind
of
understanding.
When
you
explain
something
and
people
like
oh
yeah,
now
I
get
that
and
it's
just
brilliant
and
seeing
people
again
seeing
people
get
jobs
and
networking.
Through
these
events,
it's
fantastic,
seeing
people
kind
of
grow
in
part
because
of
the
communities
absolutely.
C
So
folks,
we
are
at
coffee
break
time.
Thank
goodness.
I
don't
know
about
you,
but
I
am
definitely
ready
for
coffee,
so
we
will
take
a
quick
break
and
then
we'll
be
starting
back
again
at
11
40..
This
is
where
we
split
into
two
tracks,
so
we
have
posted
the
links
on
to
twitter,
but
there
was
a
track
one
and
a
track.
Two
youtube
streams.
So
please
join
us
back
again
at
11
40,
and
we
will
see
you
soon.
M
M
All
right,
hello
and
welcome
back
I'm
here
with
my
co-organizer
chris,
and
I
would
like
to
welcome
you
to
the
first,
the
first
track
of
talks
for
today.
M
First
up
before
we
get
on
to
our
first
speaker,
I
just
want
to
remind
everyone
to
join
us
joining
another
conversation
over
at
slack,
so
that
is
slack.cncf.io
and
if
you're
listening
today
and
you
haven't
registered,
and
you
want
to
get
your
hands
on
some
swag
head
over
to
kcduk.io
and
you
can
register
there
it's
not
too
late
and
with
all
that
out
the
way
I'd
like
to
hand
over
to
our
first
speaker
for
this
track.
His
name
is
joseph
irving.
M
Joseph
is
a
member
of
the
team
over
at
rvu,
and
today
he's
going
to
be.
Let
me
double
check
talking
about
multi-cluster
networking
with
psyllium
and
friends.
So,
let's
hand
over
to
joseph.
G
Oh
hello,
everyone
nice
day,
nice
to
be
here.
Let
me
just
share
my
screen:
okay,
okay,
I
should
should
be
visible
for
you
all.
I
believe
cool
yeah,
hi
yeah,
I'm
joseph.
G
I
work
over
a
rvu
if
you're
not
familiar
with
rvu,
it's
kind
of
a
collection
of
leading
comparison
services
across
the
europe,
so
we've
got
like
usewitch.com
confused
in
the
uk
and
then
we've
got
brands
like
tour
in
spain
and
leloncs
in
france,
all
of
which
you
know,
compare
energy
broadband,
those
kind
of
things
yeah,
and
today
I'm
going
to
be
talking
about
our
journey
through
the
realms
of
multi-cluster
networking,
an
area
which
has
a
lot
of
options
in
it,
and
still,
I
wouldn't
say
a
clearly
defined
like
path
of
what
most
people
should
do.
G
Necessarily
so
far,
I
at
least
share
with
you
what
we've
done
and
what's
worked
for
us
or
what
hasn't
worked
for
us
in
some
cases,
yep.
So
even
a
bit
of
context,
I
work
in
a
team
known
as
airship.
We
provide
a
platform
for
the
developers
that
work
at
rvu.
We
build
out
common
infrastructure,
common
tooling.
That
kind
of
thing
to
take
away.
The
management
from
from
teams,
so
they
can
focus
on.
Actually
you
know
developing
websites
and
stuff,
not
worrying
about
machines
or
patching
or
how?
G
How
am
I
going
to
get
metrics,
how
many
logs
etc?
That's
kind
of
our
job?
To
do
that,
however,
things
weren't,
always
this
way
back
in
the
older
days
of
rvu,
all
the
teams
used
to
run
their
own
infrastructure
themselves,
which
was
a
mix
of
all
sorts
primarily
running
in
aws,
but
you
know
some
would
just
be
standard.
Ec2
machines
might
be
like
ecs
clusters,
some
people
were
using
puppy,
ansible
to
provision
machines,
etc.
It
was
up
to
the
individual
teams
and
we
decided
as
an
organization.
G
It
would
be
more
valuable
if
we
consolidated
on
one
platform
instead
of
having
all
these
teams
managing
themselves,
which
is
where
my
team
was
formed
so
slowly
over
time
we
moved
everyone
over
to
a
set
of
kubernetes
clusters
as
kind
of
base
infrastructure,
but
when
this
happened,
this
created
a
slightly
new
dynamic
that
was
new
to
the
company
of
we're
now
all
running
on
the
shared
infrastructure,
and
we
don't
necessarily
have
control
over
it
and
what
happens
when?
Inevitably,
you
know
that
infrastructure
breaks
right.
G
That
was
a
big
worry
of
what
happens
if
a
cube
now
is
clustered
goes
down
yeah.
We
have
multiple
kubernetes
clusters,
but
you
know
how.
G
N
G
Going
down
so
we
needed
a
way
to
root
traffic
between
the
clusters
in
an
event
of
a
failure,
especially
for
our
most
important
apps
that
make
the
most
money
on
our
websites.
So
we
needed
something
to
sit
in
front
of
kubernetes.
To
do
this.
For
us
and
one
of
the
first
things
we
found
while
looking
around,
was
a
project
called
envoy.
This
is
a
project
by
lyft,
it's
a
cncf
graduated
project
and
it
does
all
the
kind
of
things
you'd
expect
from
a
modern
proxy.
G
It's
lightweight
it
can
do
health
checks,
retries,
load,
balancing,
etc.
One
of
the
things
we
were
particularly
interested
in
was
its
ability
to
do
dynamic
configuration,
so
it
has
a
api
which
you
typically
communicate
with
by
grpc,
and
you
can
use
this
to
like
load
the
config
into
it
in
a
very
dynamic
fashion.
G
So
so
these
all
seem
like
good,
good,
good
attributes
for
a
proxy
to
solve
this
problem
for
us,
so
our
first
pass
and
what
it's
look
like
looks
roughly
like
this,
so
we
had
a
envoy
cluster.
It's
like
a
cluster.
G
So
if,
if
one
of
the
clusters
was
down
it,
could
it
could
read
the
traffic
to
a
cluster
that
is
still
healthy,
so
this
gave
some
some
benefit
straight
away.
However,
the
main
downside
we
had
of
this
cell
was
that
it
was
the
envoy
configuration
was
static.
It.
G
Static,
it
was
a
giant
yaml
file
that
we
had
full
of
envoy
configuration,
which
I
don't
know
if
you've
looked
at,
is
not
the
the
most
attractive
to
write
yourself.
But
you
know
if
a
developer
wanted
to
add
a
new
service
or
if
they
wanted
to
change
what
cluster
their
service
was
running
in
or
say
it's
now
running
in
free
clusters
or
whatever
they
had
to
you
know,
raise
the
pr
we
had
to
redeploy
the
infrastructure
and
whatnot,
so
it
wasn't
the
most
easy
thing
to
do
so.
G
We
thought
there
must
be
a
better
solution
to
this.
We
alluded
to
earlier,
there's
a
dynamic
configuration,
but
how?
How
do
we
get
this
configuration
and
we
we
looked
at
the
ingress
object
that
already
exists
in
the
cluster
as
a
source
of
inspiration.
So
on
the
left
we
have
ingress
resources,
kind
of
standard
generic
one,
it's
an
ingress.
G
It
has
a
host
and
a
port
and
the
status
which
is
normally
added
by
your
cloud
provider,
whatever's
doing
ingress
behind
the
scenes,
which
includes
the
kind
of
address
of
what
things
should
hit
the
english
on.
G
And
if
you
look
on
the
right,
we
have
a
small
snippet
of
a
much
larger
envoy
configuration
and
you'll
find
there's
a
lot
of
there's
a
crossover
right
there
there's
some
some
things
that
you
need
are
clearly
the
same
in
both
like,
for
example,
all
one
we
really
need
to
know
about
is
what
host
names
do
I
need
to
look
for
and
where
should
I
be
forwarding
this
traffic
to,
which
is
like,
in
our
case
as
a
winning
address,
is
going
to
be
some
aws
load
balancers,
which
are
seeing
in
front
of
our
clusters,
so
we
saw
we
had
the
information
already
in
the
clusters
envoy
just
needed
that
information.
G
So
how
do
we
give
it
to
it
and
that's
where
we
build
our
own
thing
as
it
didn't
seem
to
be
anything
that
did
this
for
us,
so
we
built
a
tool.
It's
called
a
dressel
after
the
north
tree
of
life
that
connects
the
many
realms.
We
have
a
north
naming
convention.
Please
look
up
norse
mythology
if
you
want
to
work
here,
but
we
built
this
there's
a
open
source
on
github.
G
If
you
want
to
peruse
it
your
own
ledger,
it's
just
built
and
go,
and
it
acts
as
a
kind
of
mix
of
a
controller
and
it's
a
mix
of
like
a
kubernetes
controller
and
an
envoy
control
plane.
So
what
it
does
is
it
goes
and
watches
various
kubernetes
clusters
for
ingress
resources
and
based
off
these
ingress
resources.
It
translates
that
into
envoy
configuration
and
sends
over
to
our
envoy
cluster.
So,
for
example,
if
you
have
an
ingress
in
one
cluster,
you
guys
will
pick
that
up
and
configure
one
void
to
do
that.
G
So
this
was
a
nice
and
easy
way
to
allow
people
to
come,
get
the
benefits
of
envoy
without
really
needing
to
even
know
about
it,
because
from
all
a
developer's
perspective,
is
they
just
create
an
ingress
object
in
one
cluster?
They
create
another
cluster
envoy.
Does
their
asteroid
or
gets
configured
for
them?
They
don't
need
to
worry
about
that
detail.
They
just
use
ingress,
which
is
a
fairly
common
standard
objects
that
everyone's
familiar.
A
G
And
yeah,
and
it
gave
us
the
advantage
of
yeah
if
the
cluster
goes
down.
For
example,
it
will,
as
alluded
to
it,
will
read
the
traffic
to
the
ones
that
are
working
based
off
health
checks
and
whatnot.
This
was
a
good,
a
good
like
first
start
some
reliability.
I
guess
for
our
clusters,
especially
in
the
early
days
of
using
kubernetes.
This
was
more
more
frequent
than
I
wanted,
but
what
we
realized
we
had
done
here
was
we
had
accidentally
created
some
kind
of
service
mesh,
see
it.
G
It
soon
became
apparent
to
our
developers
that,
instead
of
going
between
clusters
going
through
envoy,
was
a
very
efficient
or
easy
way
to
connect
to
our
internal
services
so
that
they
could
talk
to
each
other,
and
this
started
to
become
a
de
facto
way
of
kind
of
cross-cluster.
Communication
was
to
go
through
envoy,
because
you
know
it
always.
It
always
knows
where
the
service
is,
and
it
will
always
root
you
to
where
it's
healthy.
G
So
this
is
a
kind
of
like
slightly
zoomed
out
detailed
look
of
what
this
might
look
like
if
we
view
a
request.
So
if
you
first
look
at
the
black
line
here,
this
is
like
a
standard-
let's
say
user
request
from
a
website.
You
know
it
goes
through
to
envoy.
You
hit
some
load
balancers,
it's
a
node,
it's
like
proxy
to
an
ingress,
pod
or
something
and
then
finally
ends
up
in
an
actual.
You
know
application
pod,
that's
serving
the
website
or
something.
G
Then
this
pod
wants
to
go
talk
to
some
other
downstream
service
in
our
like
micro
service
architecture,
and
it
does
the
same
thing
all
over
again
and
would
have
gone
and
yeah
the
same
loop
and
who
knows
this
pod
may
want
to
talk
to
some
other
micro
service,
and
you
know
this
loop
can
repeat
quite
a
few
times
so
there's
some
obvious
downsides
to
this
well,
one
of
which
is
we're
adding
quite
an
extra.
F
G
Biggest
legacy
in
the
world,
but
once
you
add
up
quite
a
lot
of
these
hops,
they
can
become
significant
enough
to
be
a
problem,
and
it's
also
one
of
the
other
key
things.
It's
losing
something
you're
losing
identity.
By
doing
this,
by
going
out
of
a
cluster,
then
back
into
a
cluster,
it's
hard
to
distinguish
whether
this
is
kind
of
like
service
to
service
traffic,
whether
it's.
G
That's
this
load
of
network
traffic.
So
if
you
want
to
use
things
like
kubernetes
network
policies,
things
like
that,
it
all
becomes
a
lot
more
difficult,
so
yeah,
so
with
the
advantage
of
it
being
easy
to
use
and
envoy
was
also
doing
a
lot
of
the
hard
work
for
you,
but
the
disadvantage
of
we
were
getting
this
extra
latency
and
this
lack
of
identity,
which
which
we
could
be,
could
make
life
very
difficult
for
us.
So
before
we
probably
need
a
better
solution
for
this.
G
This
wasn't
the
original
intent
of
our
thing
and
the
the
obvious
place
we
looked
to
was
some
kind
of
service
mesh
right
that
service
mesh
can
do
this
kind
of
stuff.
So
we
started
a
journey
of
exploring
a
variety
of
the
service
meshes
so
we're
out
and
about
at
the
time,
with
a
few
key
features
that
we
were
interested
in
the
primary
one.
As
is
the
topic
of
this
talk
with
molly
cluster
services.
You
know
it
had
to
be
able
to
do
across
cluster.
G
K
G
This
allows
you
to
you
can
do
stuff
like
it
can
simplify
networking.
You
can
do
things
like
you
know.
We
actually
like
bbc
flow
logs
on
your
pods,
or
things
like
this,
that
it
can
make
life
easier
and
third
and
bottom
and
in
some
ways
the
most
important
was
it
had
to
be
easy
to
add
to
our
existing
stack.
We
didn't
want
to
have
to
rethink
how
we
did
everything
to
be
able
to
use
this.
This
was
a
fairly
small
feature
we
wanted.
G
We
didn't
want
that,
to
you
know:
change
application
code,
for
example.
To
take
advantage
of
this
feature,
especially
the
current
way,
was
so
easy.
How
would
we
convince
people
to
use
it
if
the
new
way
was
much
more
difficult?
So
we
went
out.
We
we
reviewed
a
load
of
service,
meshes,
I'm
not
going
to
like
pick
on
all
of
them
by
names
or
anything.
So,
but
we,
we
reviewed
a
load
of
them
and
we
found
some
common
problems
across
across
the
ones
we
did.
Look
at
a
big
one
was
didn't
support.
G
Multicluster,
especially
when
we
looked
at
this
number.
They
just
didn't
support
it,
so
that
was
that
that
was
a
non-starter
second
was
a
few
of
them
were
quite
quite
complicated
and
had
quite
a
lot
of
additional
features
we
weren't
interested
in.
They
were
doing
a
lot,
whereas
we
needed
a
fairly
specific
thing
and
the
added
overhead
of
operating
these
services
didn't
seem
worth
it
compared
to
what
we
were
actually
after
and
and
the
third
one
was
often
they.
G
K
G
Some
of
these
might
be
slightly
different
in
present
day
as
this
was
a
little
while
ago,
but
I
think
a
lot
of
these
cases
are
still
somewhat
true.
G
F
G
Which
is
you
have
your
standard
pod?
You
have
your
application
containers
in
the
zed
pod
and
you
this
was.
We
have
a
sidecar
container
that
runs
alongside
this,
that
does
all
the
networking
stuff,
so
he
often
might
terminate
tls
it
does
the
service
discovery
etc.
G
But
there
were
a
few
key
problems
with
this
that
that
stopped
us
from
progressing
much
further,
one
of
which
is
they
didn't
work
in
the
init
phase.
If
you
have
init
containers,
they
wouldn't
be
able
to
use
a
sidecar
container
and
there's
often
complications
around
the
startup
shutdown
of
your
body.
Let's
say
you
know
your
application
containers
start
before
your
sidecar
containers
you,
you
might
have
some
strange
network
shenanigans
going
on.
G
We,
we
lose
quality,
front
jobs,
cluster
in
our
clusters,
and
we
we
found
that
they
would
forever
forever
hang
because
the
side
cars
wouldn't
know
to
terminate
when
the
job
was
finished.
Now
these
are
all
generic
problems
to
side
cars.
A
lot
of
service
measures
that
use
this
kind
of
approach
have-
and
I
know
over
the
years-
have
been
more
and
more
workarounds
to
to
fix
some
of
these
problems,
but
they
do
cause
complications
and
don't
work
in
every
scenario.
So
we
found
this
to
be
slightly
undesirable
at
the
time.
G
So
after
looking
for
all
of
these,
we
found
a
new
project
that
we
were
familiar
with.
That
seemed
to
fix
a
lot
of
our
things
and
that
was
cilium,
so
cilia,
developed
primarily
by
a
team
called
eye
surveillance,
currently
is
in
the
process
of
becoming
a
cncf
project.
I'm
still
in
voting,
I
believe
so.
I
won't
preempt
the
result
but
yeah.
It
should
be
a
sincere
incubator
project
soon,
hopefully-
and
that's
some
key
things-
we
liked
a
lot
one-
was
it
ran
as
a
demon
set?
G
It's
not
it's,
not
a
traditional
service
mess
it's
more
of
a
cni.
I
would
describe
it
as,
but
it
runs
as
a
demon
set
on
all
your
nodes,
so
it
doesn't
need
to.
It
doesn't
need
to
go
into
the.
K
G
Pods
of
your
applications,
it's
just
running
on
each
node.
It
supported
real
eyepiece.
It
does
that
using
aws
elastic
network
interfaces
in
eddy
respectively.
That
does
also
support
them
in
other
clouds.
I'll
talk
about
that,
I
say
has
a
feature
called
cluster
mesh,
which
was
the
you
know.
The
main
thing
we
wanted
it's.
The
custom
is
a
way
of
networking
between
kubernetes
clusters
using
psyllium
and
some
well,
maybe
just
a
cool
thing,
but
it
also
does
everything
using
a
technology
called
ebpf.
G
Now
I'm
not
an
expert
on
ebpf,
so
I
am
not
going
to
spend
much
time
talking
about
how
it
works
in
this
presentation.
So
there
is
a
presentation.
G
About
that
yeah
by
by
josh,
and
I
believe.
F
G
Please
use
that
if
you
want
to
know
more
about
evpf,
but
it's
a
very
cool
new
networking
technology,
which
wright
rules
directly
to
the
kernel
instead
of
like
ip
tables,
which
is
that
quite
the.
G
A
stuff
would
have
done
it
in
the
past
and
last
and
probably
most
importantly,
was
it
didn't,
require
any
application
changes
to
use
any
of
these
features
we
could
deploy.
K
G
G
Starting
off
with
ip
allocation,
so
how
does
it
give
our
pods
real
ips
and
it
does
it
in
a
fairly
elegant
way,
similar
by
the
way
to
the
aws
vpcc,
if
you're
familiar
with?
Yes,
it's
illusion,
but
effectively
cilium
just
allocates
real
ips
from
your
cider
to
an.
G
Interface
on
your
on
your
node:
if,
if
you
get
a
pod,
it
will
just
you
know,
give
the
pod
an
ip
and
then
allocate
that
to
your
elastic
network
interface
at
the
same
time.
So
it's
all
a
real
aws
ip
that
you
can
use
in
your
clusters.
That
was
straight
away.
Nice.
G
Application
but
yeah
this
is
how
tyler
does
it
specifically,
but
more
interesting,
perhaps
was
how
it
handles
services.
So
on
the
left
here,
we've
got
a
kubernetes,
node
and
and
psyllium's
running
on
it
and
on
the
right
here
we've
got
just
a
standard
kind
of.
F
G
Service
in
kubernetes,
where
you
have
a
name
and
you
have
like
a
cluster
ips,
a
pretty
standard
way
of
doing
a
service
in
queue,
and
you
have
two
parts
that
are
associated
with
that
service.
They
match
your
selectors,
etc
and
then
what
psyllium
does
behind
the
scenes?
It's
slightly
simplified.
But
what
it's
doing
is
it's
writing
some
bpf
rules
which
associate
that
cluster
ip,
which
is
just
a
virtual,
fake
ip
with
those
pod
types,
and
it's
writing
them
into
the
kernel,
in
which
case
the
two
pods
shown
here
similar.
G
Proxy
does
with
ip
tables
and
that's
how
this
works
for
standard
service.
Simple,
not
not
much,
nothing
too
crazy
here,
but
what
you
can
then
do
with
cilia
is
you
can
expand
this
to
cover
multiple
clusters?
So
if
I
have
the
same
service
in
cluster,
a
let's
say,
and
then
the
cloud
service
again
in
cluster
b
and
psyllium
will
realize
it's
the
same
service
in
both
clusters
and
we'll
just
compile
the
rules
to
forward
to
any
of
the
ips,
regardless
of
what
cluster
they're
in.
G
So
you
just
get
this
list
of
rules.
If
it
can,
it
can
hear
any
of
these
so
whether
it
be
in
clustering
or
cluster
b.
You
know
it's
available
to
you.
Also.
This
is
working
off
of
a
service.
You
know
if
the
pods
aren't
ready
or
not.
They
won't
come
up
as
ready,
endpoints
and
wouldn't
be
added
to
this
list.
So
that's
a
nice
bonus
of
that
yeah,
and
this
is
very
simple
because
it
means
you're,
not
there's.
No
there's
no
complicated
shenanigans
going
on
from
the
app's
perspective.
G
It
just
hits
the
service
as
it
would
normally,
and
it
now
has
just
more
options
of
where
to
go.
It
can
now
go
to
a
different
cluster
as
long
as
that
ip
address,
you
know
it
is
rootable
and
well
not
to
that
part.
They
will
just
go
there.
We're
just
talking
pod
ips
to
photo
piece
there,
which
all
just
real
ips
in
that
case
and.
G
On-
and
this
is
what's
the
best
part
about
psyllium
is
this-
is
a
normal
service
definition
kubernetes
and
the
only
thing
that's
different
about
this
service,
which
is
the
psyllium
service
that
can
go
across
cluster.
Is
this
annotation
here
we
used
to
add
an
annotation
of
a
psyllium
global
service
trip,
and
this
was
enabled
for
your
service.
You
do
that
and
you
need
to
ensure
that
the
service
is
deployed
in
any
cluster
which
you
want
to
access
the
service
from
as
well.
You.
F
G
G
G
There's
no
there's
no
going
around
in
and
out
et
cetera,
is
actually
just
taking
one
iphone
you're
directed
to
what
I
another
ip
address,
and
it
does
it
all
kind
of
without
even
needing
to
know,
what's
going
on
so
that
that
was.
That
was
how
we
solved
that
problem
and
as
well.
Not
only
are
we
avoiding
this,
you
know
latency
ad,
for
example
by.
K
G
We're
now
doing
it
from
pod
to
pod
and
psyllium
is
aware
of
what
pods
are
talking
to
what
pots
yeah.
We
are
still
maintaining
all
the
pod
identity
in
this
scenario.
So
if
we
want
to
apply
security,
security
rules
find
like
network
policy
and
stuff
it
all
works,
we
can
use
our
pods
labels,
services
etc.
For
this
to
work,
which
is
which
is
nice
if
you're,
if
you
need
to
do
that
kind
of
thing
now,
we
found
once
we'd
done
this.
It
was.
G
It
started
to
become
very
easy
to
like
link
an
arbitrary
number
of
kubernetes
clusters
together
as
well,
we're
primarily
in
aws,
so
something
we
took
advantage
of
which
we
hadn't
used
before
was
aws,
is
a
transit
gateway
feature
for
those
not
familiar.
Transit
gateway
effectively
allows
you
to
simplify
peering
connections
between
between
vpcs
significantly,
whereas
in
a
traditional
aws
setup
you
might
have
had
to
peer
all
your
clusters
together
in
this
kind
of
complicated
web
of
peering
connections
with
transit
gateway.
G
You
just
add
that
to
each
vpc
and
then
the
you
know
it
works
like
a
hub
and
spoke
in
the
network.
Traffic
can
just
flow
from
one
cluster
to
another
cluster
and
vice
versa.
As
long
as
the
root
tables
security
group
rules
etc,
correct.
This
should
just
work.
So
if
we
wanted
to
create
a
new
cluster
and
add
it
to
the
mesh,
we
just
you
know
spin
it
up,
attach
it
to
the
transit
gateway
and
tell
him
about
it,
and
then
the
networking
just
just
works.
G
So
this
was
this
was
nice
and
then
easy
much
much
preferable
to
connections.
If
you
have
done
a
lot
of
those
in
the
past
and
we
found
this
works
quite
easily
as
well
between
different
clouds.
So
we
also
have
some
stuff
running
in
google
cloud.
Primarily
some
of
our
data
stuff
runs
in
gcp
and
gt.
G
We
do
a
lot
of
stuff
with
bigquery
and
whatnot,
so
we
do
have
some
clusters
over
there
and
just
by
connecting
the
two
clouds
together,
which
in
our
case
we
just
connected
them
via
a
vpn
to
our
transit
gateway
and
using
a
trend
of
vp.
On
the
gcp
side,
we
could
easily
share
network
connectivity
between
them
in
a
secure
fashion
and
psyllium.
Again,
just
just
works.
G
You
know
we
have
celium
deployed
on
our
gk
clusters,
it
also
uses
native
ip
addresses
and
then
our
gk
clusters
and
allows
you
to
hit
services
in
our
eks
clusters
just
as
easily.
F
G
Any
difference
what
cloud
you're
in
as
far
as
this
is
concerned,
so
yeah,
so
you
can
use
this
term,
it's
an
arbitrary
number
of
clouds,
so
it
works
very
nicely
and
easily
so
yeah.
That
was
that
was
kind
of
our
general
networking
step
that
we
we've
done
with
psyllium.
Only
downsides
to
this
approach
is,
is
one
question,
though,
and
the
first
one
we
hear
quite
quickly.
G
I
guess
was
that
it
does
use
ebpf
as
its
primary
way
of
doing
stuff
and
when
things
go
wrong
with
ebpf,
it
can
be
tough,
especially
for
someone
like
me
to
debug.
What's
going
on
compared
to
the
more
like
vanilla
ways
that
traditional
service
meshes
do
it,
you
might
need
to
learn
some
new
skills
to
debug
some
of
these
issues.
I
will
well,
I
must
say
it
was
more
when
we
were
starting
than
we
did
here.
We
don't
really
have
issues
with
saloon.
G
And
there
was
also
the
psyllium
community
are
like
amazing,
like
if
you
go
on
the
psyllium
slack
and
say
to
them
my
thing
doesn't
work.
They
will
spend
way
more
time
than
I.
I
would
have
thought
trying
to
help
you
debug
it.
I've
spent
many
hours
literally
hours
with
them,
sending
them
diva
blogs
and
things.
G
Was
more
about
like
the
kind
of
missing
link,
I
guess
is
still
around
like
with
our
old
setup.
We
went
through
envoy
and
we
got
all
the
benefits
of
like
health
checks
and
we
tries-
and
you
know
it's
doing-
it's
load,
balancing
and
whatnot,
and
by
going
pod
to
pod,
you
do
lose
a
bit
of
that
right,
you're,
just
doing
simple
basic
kind
of
like
round
robin
style
load
balancing,
but
there's
no
there's
no
redries
or
anything
built
into
psyllium.
It's
just
it's
just
doing
ip.
G
So
you
know
your
apps
will
need
to
implement
some
kind
of
retry
logic
or
stuff
like
that.
If
you
need
it
that
that
is
a
downside
of
this
approach,
though.
G
G
Support
police
out
of
the
box
yeah
some
like
future
of
this
is
a
is
a
well
we've.
We
have
basically
only
just
scratched
the
surface
of
what
psyllium
can
do.
It's
it
does
a
lot
of
stuff
they're
always
going
to
be
adding
new
features
to
it
and
it
can
completely
replace.
Remember
please
replace
q
proxy
these
days,
which
we
will
it
can.
Has
this
amazing
graphical
ui
called
hubble
which
can
show
you
all
sorts
of
nice
networking
data
visualizations.
What's
going
on
in
your
clusters?
G
There's
my
ipsec
using
psyllium
now
exists
so
yeah
we've.
We
barely
even
started
to
take
full
advantage
of
all
the
stuff.
It's
it's
delivering,
which
is
I'm
pretty
pretty
exciting,
and
just
I
thought,
even
though
it
can
be
ran
with
other
service
measures
as
well.
For
example,
if
you
want
to
use
a
like
kind
of
like
sidecar
approach,
service
mesh
syllium
works,
just
fine
with
that
yeah
there's
no
problem
working
in
tandem
with
these
things.
In
fact,
it
has.
G
A
problem,
if
you
do
further
down
the
line,
if
we
do
decide,
we
need
something
more
traditional,
but
I
know
if
we
want
to
do
something
like
a
tls.
G
Setup
or
if
we're
trying
to
do
retries
genetically,
maybe.
G
K
G
This
problem,
as
I
said,
I
still
think
it's
a
very
open
question
of
how
to
easily
mesh
together
different
clusters,
so
this
is
this
was
one
example
of
it.
There's
many
of
us
and
I
look
forward
to
when
someone
does
settle
on
what's
the
best
one
yeah,
but
for
now
it's
worked
for
us.
Thank
you.
M
Thank
you
so
much
joseph
that
was,
it
was
brilliant.
We
do
have
one
question
if
you
don't
mind
answering
that
over
in
the
slack
channel,
if
you'd
like
to
answer
it
now,
I
can,
I
can
say
it
out
loud
or
you
can
pop
open
over
there
too,
make.
G
I've,
you
might
say
originally,
we
used
it
with
the
edus
vpcc
and
I,
as
that
was
the
only
way
of
doing
it
so
which
we
chain
it
with
the
it
used
to
be
chain
so
yeah
and
the
vpcc,
and
I
would
do
the
uni
allocation
and
then
cillian
would
do
the
rest.
But
these
days
it
can
be
used
as
a
complete
replacement,
which
is
where
we're
using
it
in
our
newer
clusters.
M
All
right:
well,
that's
all
we
had
thank
you
again
for
your
time
and
I'm
sure
that
if
there
are
any
other
questions
that
pop
up
they'll
be
in
that
slack
channel,
so
thanks
again
for
that.
L
M
Amazing
and
on
on
that
note,
I'm
going
to
hand
over
to
chris
to
introduce
our
next
speaker.
L
Thanks
thanks
josh
and
it's
you
know
great
to
introduce
ewing.
Although
he's
his
talk,
I
think
he's
been
designed
to
give
me
a
tongue
twister,
so
I'm
gonna
try
and
call
this
out,
so
it's
ppp8s
pine
phone
pocket
and,
most
importantly,
pub
ready,
kate's
lab
environment
for
the
full-time
kubernetes
ckx
student.
It
sounds
like
a
fascinating
talk,
so
I'm
very
much
looking
forward
to
it
so
over
to
you.
O
Great
I'll
try
and
get
my
screen
shared
and
we'll
see
how
we
go.
O
L
And
whenever
there's
technology
involved,
there's
always
going
to
be
challenges
so
just
waiting
for
you
and
to
come
back,
don't
forget
to
join
us
over
on
slack
again
a
shout
out
to
some
of
our
workshop
sponsors
to
have
a
look
on
kcduk.io.
L
There
are
a
number
of
workshops
running
through
this
week
from
some
of
our
workshop
sponsors.
There
are
some
I'm
just
trying
to
see
if
I
can
find
a
link
to
them
all
which
I'm
not
gonna,
be
able
to
do.
Of
course,.
L
Workshops
run
by
jet
stack
by
control,
plane
by
souza
solo,
io,
container
solutions
and
snick,
some
really
good
ones.
These
aren't
sales
pictures.
These
are
one.
These
are.
These
are
workshops
kind
of
designed
to
help.
You
learn
something
new
kind
of
get
get
hands-on
with
this
stuff.
Some
of
them
are,
you
know,
just
a
couple
hours
investment
and
you
need
access
to
some
free
cool
kit,
and
some
people
can
help
you
out
with
that.
So
I
love.
L
I
love
a
good,
hands-on
workshop,
so
go
and
check
those
out
or
reach
out
reach
out
to
any
of
us
on
twitter,
if
you've
or
wherever
to
if
you've
got
any
questions
about
stuff.
L
Just
while
we're
also
still
waiting
for
you
and
to
come
back,
there
are
some
watch
parties
going
on.
I
I
know
that
they're
going
on
at
the
moment,
so
hi
folks
in
manchester
also
there's
a
couple
of
social
events.
Attached
to
these,
we've
got
the
pub
quiz
later
on
being
hosted
out
of
cardiff,
which
will
be,
which
is
promises
to
be
lots
and
lots
of
fun.
So
please
do
stick
around
for
the
pub
quiz
later
on
today.
L
I
think
there's
a
couple
of
social
events
happening
around
some
some
of
the
different
meetup
locations.
So
if
you're
already
connected
to
the
meetups
in
on
meetup.com
they'll,
be
they'll,
be
talking
about
what
they're
doing,
where
they're
doing
it
and
how
to
get
how
to
get
joined
I'll,
be
heading
into
centre
of
birmingham,
which
is
a
novelty
for
me,
because
I
don't
think
I've
traveled
for
a
while,
so
I'll
be
heading
into
central
birmingham
to
to
have
a
look
into
that
someone's
asking
to
post
the
workshop
links.
L
M
I
guess
again
we'd
like
to
shout
out
our
sponsors
real
quick
again,
while
we
wait
for
you
and
come
back,
our
tech
sponsor
today
that
is
helping
us
with
the
live
stream,
is
tramshed
tech
and
we've
also
got
sneak
control,
plane
jet
stack,
systig
and
storage
os,
who
have
all
been
instrumental
in
making
this
day
possible.
So
thank
you
again.
L
Yeah,
absolutely
we
wouldn't
be
able
to
do
the
sort
of
things
without
without
without
those
supporters,
so
please
do
give
them
a
bit
of
love
and
attention,
especially
the
tram
tram
shed
folks,
because
without
this
we
wouldn't
be
live.
So
are
you
getting
on
you
and
great
to
see
you
back?
You
managed
to
sort
of
problem.
O
All
right
so
apologies
for
the
tongue,
twister
that
wasn't
quite
the
the
intent
of
the
title,
though
it's
good
to
get
some
added
bonuses
along
the
way
right.
So
what
I'm
going
to
talk
about
today
is
some
experiences
I
had
basically
going
through
cka
ck
ad
exams
and
also
trying
to
be
a
bit
more
mobile,
a
bit
more
portable
with
how
how
I
do
that
not
being
chained
to
the
to
the
desk
or
to
a
laptop
somewhere.
O
And
a
topic
or
a
question
that
often
comes
up
fairly
promptly
after
suggesting
this
is
a
this
question
or
a
variation
of
it
right.
So
I
thought
about
it.
I
went
back
and
looked
at
sort
of
how
how
I
got
here-
and
it's
probably
worth
taking
us
through
a
bit
of
a
history
of
what's
going
on
so
like
many
many
things,
this
all
started
as
a
rather
stupid
discussion
over
beers
as
a
works,
drink
somewhere
or
whatever
back
in
2020
q1,
not
that
long
afterwards.
O
We
have
this
this
small
pandemic,
that
a
few
of
us
are
familiar
with
breaks
out
and
that
eventually
leads
into
me
having
my
first,
my
first
staycation.
So
I
got
all
the
buzzwords
so
my
first
covid
staycation
and
I
ended
up
using
that
that
week
for
really
my
own
sanity
I'd.
I
pretty
much
had
enough
of
covid
and
lockdowns
around
q3
last
year
and
so
spent
a
week
having
a
look
at
how
to
get
kubernetes
running
on
top
of
android
on
a
on
a
stock
phone.
O
I'm
not
going
to
go
into
much
of
that
today.
If
people
are
interested
to
to
search
for
it,
there's
a
presentation
somewhere
else
on
youtube.
I
think
it's
london
infrastructures
code
channel,
if
you
search
for
the
k8s
on
android
and
or
my
name,
there's
probably
going
to
going
to
bring
that
up,
and
so
I
got
to
got
to
present
that,
and
one
of
the
questions
that
came
out
of
that
session
was
what
would
it
take
to
run
kubernetes
natively
on
a
phone,
and
you
know
that
was
a
that
was
an
interesting
one.
O
I
sort
of
took
that
away
churned
it
over
in
the
back
of
my
head
and
didn't
really
think
too
much
about
it.
For
a
while
and
then
became
aware
of
this
thing
called
the
pine
phone,
or
I
guess,
pine
64,
and
particularly
the
pine
phone,
which
is
a
mobile
phone
running
linux.
O
So
I
got
one
of
those
delivered
and
not
too
long
after
I
got
that
delivered.
We
find
ourselves,
at
least
in
london,
I
think
most
of
the
uk
back
in
lockdown
through
january,
and
so
after
various
sort
of
lab
explorations,
some
of
those
with
the
pine
phone
and
some
of
them
not.
O
I
managed
to
I
managed
to
get
through
the
cka
and
ckad
exams,
so
I
guess
a
selling
point
for
this
talk
is
you
you
might
learn
something
possibly
that
will
help
you
with
that.
Certainly
I'll
give
you
a
novel
way
to
do
it
a
bit
later
through
the
year,
because
I
started
to
get
interested
in
now:
sort
of
linux
running
natively
on
phones.
I
ended
up
with
a
oneplus
6t
q,
q2
and
q3.
There
were
sort
of
various
various
continuances
of
of
this
sort
of
exploration
and
obviously
in
q3.
O
Another
question
I
get
is:
why
am
I
hating
on
raspberry
pi?
What's
so
wrong
about
raspberry
pi
and
the
honest
answer
is:
there's
nothing
wrong
with
raspberry
pi
right
I
mean
the
portability
is
perhaps
not
quite
as
good
as
having
a
mobile
phone,
but
there's
a
lot
of
great
things
about
about
raspberry
pi.
You
know
if
you
really
want
to
take
one,
a
raspberry
pi
to
a
pub
plug
it
into
a
usb
power
board.
You
can
do
that.
I
think
the
really
the
main
reason
for
me
not
exploring
that
much
more
was.
O
An
example
here
is
a
twitter
link
to
somebody
who's
sort
of
come
up
with
a
a
k-8,
raspberry,
pi
set
of
nodes
and
a
cluster
that
sort
of
you
can
take
anywhere,
maybe
not
something
I
want
to
put
on
the
bar
with
my
pints,
but
you
know
there's
already
prior
art
here
and,
and
so
I
just
decided,
look
let's,
let's
not
go
competing
with
people
that
are
doing
really
cool
stuff,
let's
go
and
try
and
look
at
something
a
little
bit
interesting,
a
little
bit
different.
O
Another
question
is:
why
not
k3s
this?
This
comes
up
quite
a
bit,
obviously
kfrees
being
a
lighter,
lighter
version
of
kubernetes,
but
again
the
way,
at
least
in
my
mind
that
I've
justified
some
of
the
time
I've
spent
on
this
is
being
exam
prep
and
so
really
again,
that's
why
my
focus
has
been
around
k-8s
and
and
linux.
O
So
moving
on
to
these
these
devices
pine
what
so,
it's
probably
fairly
well
known,
sort
of
out
there
now,
but
back
when
I
first
sort
of
caught
on
to
it.
I
was
having
to
explain
this
a
lot
more.
It's
basically
a
give
or
take
200
usd
mobile
phone
that
runs
linux,
natively
fairly
small
sort
of
I
guess,
ram
footprints
or
capability
and
depending
on
which
version
you
get
fairly
small
sort
of
built-in
storage
as
well.
O
Sd
cards
mean
that
you
can
expand
that
and
whichever
version
of
the
pine
phone
you
get
today,
you
can
expand
sort
of
your
storage.
With
with
that
for
what
I've
been
working
with.
I
guess
if
somebody
is
inspired
after
seeing
this
and
thinks
gee,
I
want
to
go
out
and
play
with
this
look
at
this
stuff.
O
Another
piece
of
hardware
that
came
along
in
the
day
or
along
the
days
was
the
the
oneplus
6t
so
having
sort
of
explored
a
bit
around
pine
phone
and
started
to
look
at
what
was
what
was
possible.
The
mobium
projects
which
we'll
come
onto
shortly,
announced
in
in
collaboration
with
some
of
the
is
it
the
one
mark
os?
Basically,
there
was
a
working
kernel
that
meant
you
could
you
could
boot
boots
or
linux
on
the
oneplus
6t
and
the
nice
thing
about
this
device.
O
Is
you
know
the
pine
phone
is
really
great.
It's
a
really
nice
sort
of
device
and
projects
to
play
with,
but
the
oneplus
is
newer
hardware.
So
it's
a
newer
system
on
a
chip.
It's
got
a
bit
more
ram.
It's
got
a
bit
more
storage
built
in
downsides
of
no
sd
card,
but
you
know
there's
enough
to
there's
enough
to
play
around
and
experiment
with
another
sort
of
small
downside.
O
I
guess
is
that,
depending
on,
depending
on
your
familiarity
with
building
android
and
getting
that
onto
devices,
there's
a
bit
more
to
sort
of
mentally,
manage
and
understand
in
terms
of
the
build
process.
For
that.
O
So
the
lab:
what
does
what
does
this?
This
lab
look
like
to
give
you
a
bit
of
a
it's,
a
nicer
nicer
sort
of
presentation
to
do
face-to-face
and
be
able
to
have
people
sort
of
come
and
say:
okay?
Well,
let's,
let's
look
at
this
look
at
how
this
works,
but
just
to
give
you
a
bit
of
a
taster
for
it
really
we're
talking
about
free
phones
that
top
phone
there,
as
it
says,
is:
there's
nothing
special
about
that
samsung
device!
It's
a
pure
stock,
android
device.
O
The
only
thing
it's
really
doing
is
providing
an
internet
gateway
and
and
a
wi-fi
network
for
the
for
the
other
phones
to
connect
to-
and
I
went
that
way,
mostly
just
for
sort
of
interchangeability
and
portability.
It's
trying
to
make
this
trying
to
make
this
modular
trying
to
make
it
something
that's
easy
to
to
not
be
carrying
lots
of
stuff
around
and
then
the
other
two
devices
on
here
are
just
the
oneplus
that
we
spoke
about
and
also
the
pine
fan.
O
As
I
think
we
spoke
about
before,
and
so
at
the
moment,
pine
have
decided
that
they're
shipping,
all
pyramid
phones
with
with
manjaro
and
manjaro's
arch-based
now
k8,
has
been
packaged.
I
went
back
and
checked.
It
looks
like
sort
of
mid-december
k8.
It's
got
package
for
manjaro,
but
what
I
was
seeing
when
studying
and
certainly
trying
to
do,
exam
prep
was
that
really
a
lot
of
the
other
materials
are
debian
based,
and
so
I
was
trying
to
align
myself
with
with
what
was
going
to
work
well
for
the
exam.
O
Also,
you
know
looking
at
getting
mobian
running
and
seeing
what
that
meant.
You
know,
but
what
did
it
really
mean
to
run
some
flavor
of
debian
on
the
phone?
Did
it
really
work?
Was
it
real?
That
was
where
I
was
sort
of
interested
in
looking
so
again,
depending
on
what
folks
want
to
do.
O
There
are
easier
paths
to
probably
achieve
some
other
things
from
from
an
exam,
prep
or
even
just
a
study,
even
just
a
toy
perspective,
but
this
is
this
is
the
path
I
went
and
why
and
again,
as
we
said
after
I
sort
of
started
down
this
path,
the
the
oneplus
was
supported
by
postmarket
os
and
and
as
a
result
of
that
mobile
as
well,
and
these
days,
like
I
said,
pretty
much
all
of
the
distros
are
available
in
some
shape
or
form.
O
Obviously,
if
you
start
to
change
or
install
operating
systems
on
phones,
you're,
you're,
getting
into
flashing
the
onboard
emmc
or
an
sd
card,
where
the
phone
supports
it.
Just
a
few
notes
here
about
how
I
went
about
that.
O
I've
typically
left
the
the
stock
operating
system,
or
at
least
I've
intended
to
leave
the
stock
operating
system
in
place
on
the
device
and
and
then
sort
of
flash,
an
image
that
I
want
to
experiment
with
or
work
with
onto
the
sd
card.
The
theory
that
at
least
coming
into
this
was
that
it
would
be
a
completely
self-sufficient
device
that
could
you
know
you
could
run
linux,
do
everything
you
needed
to
flash
different
operating
systems
and
so
that
that's
another
reason.
I
went
down
that
road.
O
How
you
set
yours
up
if
you
chose
to
go,
that
way
is
really.
I
guess
comes
down
to
how
much
of
a
how
much
of
a
toy
is
the
device
you
sort
of
use
for
it.
Do
you
really
care
about
performance
because,
let's
face
it,
you
could
possibly
sort
of
tune
tune
this
setup,
but
that's
not
really.
The
performance
isn't
really
a
major
factor
that
I've
considered
as
I've
been
working
with
this.
O
For
my
needs
and
again
how
useful
is
it
to
be
able
to
rewrite
the
sd
card
without
needing
either
a
another
computer
or
that's
a
linux
mac
windows?
Whatever
machine
you
know,
can
you
can
you
self-serve
yourself
out
of
things
using
just
the
just
the
phone,
or
do
you
actually
still
need
a
pc
at
some
stage
in
the
life
cycle.
O
And
I
guess
to
summarize
some
of
the
gotchas,
so
these
are
armed
devices
right,
so
any
any
sort
of
challenges
you
that
you
face
anywhere
on
arm.
If
you
face,
if
you
face
someone,
I'm
somewhere
else,
you're
gonna
face
them
here,
just
a
again
a
novelty
one,
because
it
was
something
I
was
kicking.
The
tires
on
things
like
doing
an
eks
distro
build,
isn't
possible
at
the
moment,
or
at
least
wasn't
possible
a
few
months
back
using
purely
arm.
O
You've
got
to
basically
build
some
of
that
stuff
on
on
intel
and
then
move
it
across
resource
constraints.
Again,
particularly
the
pine
phone
I
mean,
neither
phone
is
a
super
computer,
but
particularly
the
pine
phone
has
sort
of.
I
guess
an
older
system
on
a
chip.
So
it's
a
reasonably
old
processor
or
a
set
of
processor
cores
and
ram
is
particularly
constrained.
O
I
guess
some
sort
of
free
gig
on
the
on
the
on
the
higher
spec
pine
phone
is,
is
the
limit
of
where
you're
going
to
go
as
we
sort
of
move
into
the
mobian
or
the
operating
system
side
of
things.
O
Mobian's
got
a
few
quirks
at
the
moment
where
there
are
certain
things
they
do
with
their
kernel,
which
means
if
you
want
to
run
docker,
for
example,
and
in
fact,
if
you
want
to
get
cni's
running
properly
or
at
all,
you
end
up
having
to
recompile
the
kernel
for
for
various
either
kernel
flags
that
aren't
in
there
or
in
the
case
of
the
the
cni's.
And
this
was
an
interesting
learning
for
me.
O
I
hadn't
stumbled
across
anywhere
else,
but
if
you're
building
custom
kernels
make
sure
you
you've
got
the
naming
the
naming
standards
correct,
because
it
seems
at
least
the
two
cni's
that
I
tried
are
expecting
a
certain
standard
and
then
just
won't
run
if
they,
if
they
find
a
kernel
of
a
different
naming
and
then
the
biggest
one.
I
guess
as
well
is
that
you
know
it's
it's
amusing,
to
build
a
linux
kernel
on
a
on
a
mobile
phone.
O
It's
amusing
as
long
as
you
can
put
the
device
down,
walk
away
and
ignore
it
because,
let's
say
it
takes
a
number
of
hours
and
so
particularly
where
I've
been
working
with
the
the
oneplus
I've.
For
the
most
part.
I
have
I've
sort
of
cheated
right
and
cross-compiled,
because
I
just
wanted
to
get
stuff
done
in
a
relatively
timely
manner,
particularly
as
you're
exploring
and
sort
of
finding.
You
need
to
rebuild
kernels
a
few
times
because
of
various
settings.
It
starts
to
get
a
little
bit
tedious
and
another
another.
O
This
this
device
can
run
quite
hot
if
you,
if
you
leave
it
compiling
for
a
while,
and
I
have
actually-
I
have
actually
picked
it
up
and
thought
do
I
do.
I
really
want
to
walk
away
and
leave
that
somewhere
and
with
the
the
temperature
it's
getting
to
do.
I
have
I
have.
I
got
the
right
insurance
for
my
house
at
this
point,
or
do
I
want
to
do
something
else,
so
it's
definitely
something
if
only
from
a
safety
point
of
view,
to
just
keep
in
mind.
O
So
just
coming
back
into
pine
phone
and
some
of
the
things
in
case
folks
are
thinking
and
looking
at
this
one
of
the
things
I
went
into
this
thinking
was,
you
know:
can
I
make
this
a
daily
driver
it'd
be
really
nice
to
have
a
native
linux
device,
no
no
sort
of
third
party
things
on
there,
no
sort
of
google
play,
or
things
like
that.
Can
I
run
just
a
pure
linux
device
and
and
personally
I've
reached
the
conclusion
that
not
yet
it's
a
really
really
great
project.
O
O
But
personally,
there's
just
a
few
and
they're
quite
small
sort
of
things
that
that
I
think
you
know
it
could
be,
can
be
ignored
depending
on
what
you're
doing
with
it,
but
from
a
daily
driving
point
of
view
and
just
sort
of
silly
little.
Things
like
the
usb
connector
isn't
isn't
the
the
greatest
the
greatest
solution
that
the
port
tends
to
for
most
of
the
either
cables
or
docks
that
I've
got
doesn't
connect
very
well
charging
the
battery
doesn't
work
very
well
when
you're
docked.
O
So
for
the
purposes
of
I
guess
sitting
in
the
pub.
That's
not
too
big
a
deal
right.
If
you're
you
take
the
device
out,
you
use
it,
and
then
you
charge
it
when
you're
back
home.
But
if
you
try
to
do
anything
sort
of
with
the
convergence
mode,
then
that's
yeah,
you
start
to
run
into
sort
of
annoyances.
O
And
lastly,
just
as
a
simple
thing,
you
know
one
of
one
of
the
ways
I
have
used.
These
devices
is
to
sit,
go
and
sit
somewhere.
I've
got
a
spare,
I
don't
know
anywhere
between
five
and
35
minutes,
where
I'm
somewhere
away
from
my
computer
or
away
from
my
desk.
I
want
to
just
go
and
explore
something
read
up
about
something
experiment
with
it.
Some
of
my
experiences
with
web
browsers
on
pine
phone
has
just
been
a
little
bit
less
than
I've
managed
to
sort
of
work
around.
O
My
sort
of
overarching
theory
is
that
if
you
want,
if
you're
familiar
with
linux,
you'd
like
a
you'd
like
a
linux
device,
particularly
with
with
kubernetes
to
to
experiment
with
I'd,
probably
go
down
the
path
for
the
pine
phone,
just
because
there's
a
few
less
moving
parts
when
getting
things
set
up,
getting
things
built
if
you're
fully
familiar
with
sort
of,
I
guess
android
development
and
by
android
development.
O
I
guess
I'm
talking
about
android
operating
system,
development
and
evolution,
and
you
know
you're
you're,
happily,
flashing
phones
as
as,
and
when
then
probably
these
things
don't
matter
for
me.
Coming
to
this
as
a
you
know,
the
real
purposes
I
want
to
study,
I
want
to
learn.
I
want
to
learn:
kubernetes,
internals
or
better
learn,
kubernetes
internals
and
things
like
that.
The
sort
of
barrier
to
entry
on
pine
phone
was
was
a
bit
a
bit
lower.
O
I
felt
and
yeah
I
mean
theoretically,
you
you
could
use,
you
could
use
the
pine
phone
as
the
as
your
only
device
and
you
know,
run
run
your
kubernetes
cluster
connect
it
to
a
screen
if
you
really
wanted
to
or
and
sort
of
browse
what
your,
what
you're
reading,
what
you're
studying
that
sort
of
thing
on
one
device.
O
So,
are
we
pub
ready,
I'm
not
going
to
do
a
demo
today
I
was
I
was
intending
to,
but
we're
here
where
we
are
so
what
I've
got
is
just
like
it's
a
bit
of
a
bit
of
a
teaser
for
you
around
yeah
around
getting
this
getting
this
working,
as
you
see
on
the
left,
getting
getting
docker
working
with
the
necessary
prerequisites
so
that
we
can
then
get
some
interesting
that
the
the
previous
presenter
was
talking
about
psyllium
as
well.
O
So
if
you,
if
you
want
us
an
environment,
to
practice
your
psyllium
configs
on
then
definitely
this
is
something
that
you
could
at
least
at
least
experiment
with.
O
And
that's
all
I'm
going
to
run
through
today.
I
thought
because
I'm
not
doing
a
demo.
The
best
thing
to
do
is
really
sort
of
whizz
through
here
share
share
some
of
the
highlights
or
highlights
and
learnings
that
I've
had
along
the
way
and
yeah.
I've
just
opened
things
up
to
answer
questions
as
to
if
people
are
interested,
they'd
like
to
know
more
and
and
yeah
go
from
there.
L
So,
if
anyone's
thanks
like
that,
you
and
that's
what
that's
awesome,
that's
really
interesting
project.
If
there's
anyone's
got
any
questions
feel
free
to
either
ask
in
in
youtube
I'm
pointing
at
my
screen,
which
I
know
you
can't
see
youtube
over
there
slack
over.
There
feel
free
to
ask
a
question:
either
location.
If
we
don't
get
chance
to
get
to
it,
live
now,
I'm
sure
you
and
I'll
be
around
later
on
either
on
slack
or
on
twitter
or
whatever
yeah.
I
mean
that's
fascinating.
L
I
guess
a
question
for
me:
were
you
using
you
know
bluetooth
devices
to
help
with
that,
or
were
you
using
the
little
screen
to
do
all
your
keyboard
inputs
and
and
so
on?.
O
So,
generally
speaking,
I've
not
used
any
bluetooth
devices
at
all.
However,
the
the
I
guess,
one
of
the
key
points
about
the
convergence
model
of
the
pine
phone
is
that
it
comes
with
a
dock,
which
means
you
can
connect
a
as
it
happens.
A
raspberry
pi
keyboard
and
a
raspberry
pi
mouse,
and
you
know
you've
then
got
the
choice
of.
Is
your
eyesight
good
enough
and
you
want
to
use
that
tiny
little
screen,
or
are
you
actually
just
going
to
connect
it
up
to
a
real
real
screen?
O
Where
you
can
see
what's
going
on
and
get
things
done?
I
think
for
me,
a
lot
of
the
usage
has
been.
I.
I
typically
find
myself
with
a
little
bit
of
downtime
when
I
suddenly
think
what
about
x
and
it's
really
nice
to
just
go.
Oh
I've
got
this
thing
in
my
pocket
and
I
can
I
cannot
go
and
look
at
the
manual.
O
I
can
go
and
execute
the
command,
and
you
know
within
certain
boundaries
it
will
run
one
and
it
will
tell
me
what
the
output
was
and
why
I
got
it
wrong
and
that's
really
that's.
When
I've
put
up
with
the
the
little
keyboard,
because
yeah
I
mean
that's
fun
right,
it's
a
nice
novelty,
it's
quite
amusing,
but
the
second
or
third
minute
of
that
gets
a
little
bit
frustrating
as
you
go
along
sure.
L
O
Yeah,
so
I
mean,
interestingly,
the
convergence
mode
and
there's,
if
folks
want
to
go
and
look
at
it,
there's
various
sort
of
articles
about
why
it
is
the
way
it
is,
but
the
convergence
mode
prevents
fast
charging.
So
it's
actually,
if
you're
using
the
dock,
that's
when
the
battery
drain
starts
to
happen,
and
it
you
know,
depending
on
what
you're
doing
you
can
mostly
keep
sort
of
a
steady
state
of
battery,
but
I
think
the
challenge
for
most
people,
at
least
for
me,
is
when
you're
with
your
dock
somewhere.
O
You
expect
if
it's
charging,
because
you
expect
it
to
then
walk
away
and
work,
and
when
you
get
a
different
experience,
it's
just
a
bit.
Yeah
you've
got
to
factor
that
in
if
you
were
doing
a
lot
with
it
as
a
as
a
sort
of
a
novelty
devoid
a
novelty
and
something
you
use
remotely
and
don't
necessarily
sit
and
use
docs
it
work.
It
charges
perfectly
fine
and
works
really
well.
L
Cool
awesome.
Thank
you
very
much
for
that.
I
know
we're
we're
about
ten
minutes
early,
but
but
on
the
flip
side
tonight
we
get
to
get
to
lunch,
so
we're
breaking
for
lunch
now
for
just
over
an
hour,
so
we'll
be
back
at
1
50
when
we're
gonna
hear
from
stemettes
from
florian
from
stemettes.
Please
do
come
join
that
because
statements
is
a
fantastic
charity,
doing
a
lot
of
work
for
for
underrepresented,
individual
individuals
in
our
community
and
wider.
L
So
it's
not
just
technology,
it's
also
science
and
and
so
on,
maths
and
and
others
what
stem
stands
for.
So
please
do
come
back
for
track.
One
we'll
be
doing
the
the
talk
from
stemettes
will
be
track
one
and
then
we'll
split
again
at
two
o'clock
for
track
one
and
track
two
we'll
be
talking
we'll
hear
from
andrew
martin
talking
about
who
who's
afraid
of
the
big
bad
supply
chain
and
on
track
two.
We
talk
we're
talking
a
guide
to
evaluating
dependency
updates
to
kubernetes.
M
Yeah,
so
the
slack
address,
just
as
a
reminder
for
everyone
is
a
slack.cncf.io
and
again,
if
you
are
interested
in
attending
any
of
the
workshops
coming
up
the
rest
of
the
week
head
over
to
workshops.kcduk.io.
C
C
C
C
We
want
to
give
back
to
charities
that
are
in
in
our
community,
and
what
we've
tried
to
do
is
this
time
is
actually
offer
a
chance
for
those
charities
to
give
us
some
information
about
what
they
do.
So
I'm
really
really
excited
to
be
able
to
introduce
florian
she's
going
to
talk
about
stemettes
and
the
work
that
she
does
with
that
charity.
So
I
cannot
wait
to
hear.
Thank
you
so
much
for
joining
us.
N
So
my
name
is
florian
vidynya,
I'm
a
manufacturing
engineer
by
background
and
have
been
a
stemettes
alumni
for
about
eight
years
now,
they've
been
struggling
to
get
rid
of
me
since
2013.,
but
yeah
I've
participated
in
a
number
of
their
programs
over
the
years,
outbox
incubator,
a
couple
of
others
and
have
also
been
very
privileged
to
speak
to
their
wide
network
of
young
women
that
they
engage.
So
the
first
question
is:
who
are
stemettes?
N
N
She
is
the
youngest
girl
to
ever
pass
her
a-level
in
computing
and,
while
speaking
at
a
tech
conference,
she
discovered
she
was
part
of
the
shrinking
women
in
stem
minority,
and
so
her
new
year's
resolution
was
to
change
the
social
norms
around
technical
women
through
the
stemettes
project.
I
really
admire
her.
N
I
think
she's
an
eminent
thought
leader
in
the
space,
a
real
advocate
for
change
and
has
created
an
organization
that
lives
up
this
value
day
to
day
and
just
a
quick
plug
if
you
haven't
already
anne
marie,
was
on
channel
4's
countdown
last
week
as
part
of
their
black
to
front
programming.
So
if
you
haven't
had
a
watch,
I
encourage
you
to
do
so
this
afternoon.
N
So
we
work
to
inspire
support
and
motivate
young
women
between
5
and
25
into
stem
fields,
and
one
of
the
key
parts
of
our
work
is
that
our
programs
are
free
to
attend,
fun-filled
and
always
food-filled,
and
we
operate
across
uk
and
ireland
and
and
we
recognize
that
there
are
multiple
ways
to
enter
these
sectors
and
so
engage
with
industry,
academia
and
entrepreneurship,
influencing
teachers,
parents,
peers
and
communities.
N
So
what
we
do
can
be
broken
down
into
three
layers
and
we
kind
of
work
to
to
build
a
number
of
interventions
for
our
target
audiences,
since
we
work
with
such
a
broad
range
and
such
a
wide
age
group
and
and
we
try
to
help,
develop
the
young
person's
journey
and
and
help
them
to
start.
N
The
bottom
lanes
right
at
the
top,
we
measure
all
our
impact
through
the
annual
report,
which
can
be
found
on
stemettesfutures.org,
but
the
the
first
part
is
really
around
inspirational
content,
so
aggregated
across
social
media
and
our
various
platforms.
We
work
to
engage
with
young
people
and
build
that
strong
social
following
and
these
are
generally
through.
Our
social
media
stem
sign,
newsletters
and
our
closed
social
network
and
that's
available
24
hours
globally
to
all
and
then,
as
you
rise
to
sort
to
the
middle.
N
We
build
this
impactful
events,
which
are
shorter
term
interventions
between
three
hours
to
a
week
and
that's
where
we
connect
young
people
with
their
peers
in
really
relaxed
environments
and
those
usually
take
the
form
of
panels.
Hackathons
and
future
summits,
which
are
a
larger
scale,
conferences
and
then
at
the
very
top,
is
how
we
build
intersectional
cohorts
and
we
think
about
creating
longer
term
interventions.
And
that
can
go
from
a
week
to
a
year.
N
And
this
is
how
we
try
to
create
that
continuous
pipeline
of
engagement
with
stem
skills
and
with
the
sector
from
sort
of
16
onwards.
And
this
is
through
our
mentoring,
certification,
academies
and
our
stem
clubs,
and
three
things
I
really
want
to
to
signpost
is
that
those
partnerships
across
three
areas
really
aims
to
create
engagement
with
young
women
from
five
all
the
way
up
to
25..
In
our
2021
report,
we
found
that
75
of
our
alumni
have
gone
into
stem
careers
by
the
age
of
26
and
we
really
focus
on
intersectionality.
N
So
21
of
those
who
engage
in
our
programs
were
eligible
for
free
school
meals,
which
is
how
we
tried
to
track
low
income
backgrounds
and
48
of
the
young
women
we
engage
with
were
from
underrepresented,
ethnic
backgrounds,
and
I
think
that
shows
how
we
we
understand
that
the
women
looking
to
get
into
the
stem
sectors
are
not
a
homogeneous
group
and
we're
aiming
to
track
their
progress.
N
So
I
thought
I
might
bring
it
back
to
the
people
and
and
who
are
these
young
women
and
what
do
they
end
up
doing
going
forward?
And
I
always
really
love
talking
about
these
three
examples:
jess
and
aj.
I
know
personally
and
both
fantastic
women,
so
jess
she
said
stemettes
in
three
words
is
empowering
motivating
and
strong.
N
She
attended
our
events
as
a
team
and
she's
now
building
a
successful
stem
career
and
serves
as
a
role
model
and
speaker
on
our
program,
so
she's
now
part
of
our
youth
panel
and
what
I
find
really
amazing.
She
never
really
talks
about
this,
but
I
think
she
should
shout
out
from
the
rooftops
is
at
21
she's,
the
youngest
agile
scrum
master
in
the
world,
and
I
think
that's
fantastic,
and
then
we've
got
a
coding
event
attendee,
who,
on
her
13th
birthday,
the
only
place
she
wanted
to
be.
N
Is
that
a
stemettes
hackathon,
which
I
think
is
awesome.
So
she
said
today
is
my
13th
birthday
and
I'm
spending
it
exactly
where
I
want
to
be
at
the
stomach
hackathon,
and
I
think
that
that
says
enough
and
aj.
I
met
eight
years
ago
when
we
were
both
working
together
in
the
outbox
incubator.
She's
attended
hundreds
of
our
events
volunteered
hundreds
of
hours
of
time
and
has
helped
to
run
with
our
workshops
and
he's
now
working
with
one
of
our
partners
hosting
events,
and
she
started
that
fif
she's.
Sorry.
N
She
started
at
15
and
and
has
now
come
full
circle,
and
these
are
just
a
small
sample
of
the
multitude
of
women
that
you
come
across
throughout
the
stemettes
network
and
who
develop
relationships
with
each
other
throughout
the
forums
that
we
create,
but
also
advocate
for
themselves.
Around
are
looking
to
engage
with
each
other
and
to
create
that
sort
of
community
of
women
who
are
hoping
to
change
the
sector
going
forward.
N
And
I
think
this
is
really
key,
because
we
know
historically,
that
women
are
less
likely
to
pursue
stem
careers
if
they
have
a
lack
of
role,
models
and
peer
groups,
and
I
think
creating
that
is,
is
extreme
key
factor.
And
I
just
love
the
fact
that
cements
have
created
and
facilitated
a
community.
That
is
entirely
self-directed.
And
you
can
see
that
on
the
zine.
N
And
you
can
see
that
on
the
the
closed
social
media
network
and
so
having
reached
50
000
young
people,
we're
looking
to
grow,
that
future
generation
of
innovators
and
we're
continuing
in
our
work
and
we'll
continue
to
do
so
so
just
to
end
is
kind
of
how
can
you
join
us
on
our
mission?
N
N
Futures
is
a
charity,
so
if
you
can
donate
also
volunteer
as
an
individual
with
inspirational,
operational
or
fundraising
support,
I
think
it's
really
key
that
we
build
role
models
for
from
people
who
are
already
in
the
sector,
and
so
we
always
look
for
people
who
are
in
stem
who
are
willing
to
engage
with
young
people
and
follow
us
on
social
media
at
stemettes
like
retweet,
and
engage,
have
a
look
at
what
we
get
up
to
and
subscribe
to
our
newsletter,
which
is
where
we
often
put
all
the
information
about
upcoming
events
and
kind
of
future
partnerships.
N
So
thank
you
for
having
me
really
great
to
have
a
bit
of
a
platform,
but
please
do
feel
free
to
contact
us
and
looking
forward
to
seeing
what
the
rest
of
the
day
brings.
C
That
was
fantastic.
Thank
you
so
much
I
I
it's
a
topic
that
I
am
very
passionate
about
and
there's
so
many
I
have
so
many
questions
that
I
would
like
to
ask
like.
I
would
personally
like
to
join
in,
so
thank
you
for
that
information.
At
the
end,
I
will
definitely
try
and
figure
out
how
I
can
participate.
I
also
have
a
ten-year-old
daughter
who
is
quite
into
minecraft
and
roblox,
which
I'm
trying
to
encourage,
because
she
loves
trying
to
play
games
and
write
her
own
games
and
so
she's
quite
into
that.
C
C
So
after
that
fantastic
start
to
the
afternoon,
I
am
really
excited
to
announce
our
next
speaker,
so
we
have
got
andrew
martin
presenting
next
and
he
will
be
speaking
about
who's
afraid
of
the
big
bad
supply
chain.
So
andy,
I
will
hand
over
to
you.
P
P
I
am
from
control
plane
and
thanks
to
the
team
that
have
helped
and
supported
with
this
talk,
various
bits
of
flagrant
self-promotion,
while
I'm
here
sans
sec,
584,
attacking
and
defending
containers
and
kubernetes
is,
is
our
leading
course
for
sans
lots
of
red
and
blue
team
exercises.
In
there.
Some
author
and
coursework
for
o'reilly
lots
of
training
I'd
be
remiss
not
to
mention
my
excellent
co-author,
mr
michael
hassenblas,
who
has
assisted
and
co-authored
this
hacking
kubernetes
book
with
me
as
well.
P
P
But
today
we
are
going
to
talk
supply
chain,
the
great
expansive
and
ominous
supply
chain
that
I'm
sure
you've
heard
lots
about.
It
will
be
a
hot
topic
at
this
year's
cube
con.
It
has
been
a
hot
topic
in
this
year's
presidential
edicts
and
u.s
organizations.
P
So
what
is
the
supply
chain
we'll
start
with
and
explain
it
like
m5,
then
we'll
look
at
how
to
attack
it
like
we
are
a
pirate,
we'll
look
at
signing
approaches
which
are
one
of
the
mechanisms
we
can
use
to
defend
ourselves.
I
know
that
mr
garris
gareth
rushgrove
also
spoke
about
s-bombs,
which
is
software
bills
of
materials,
which
is
another
thing
we
can
do
all
integrates
with
signing.
P
There
are
lots
of
technologies
in
this
space,
so
I'll
attempt
to
give
a
brief,
teardown
and
then
finishing
with
the
grandiose
software
factory
a
pipeline
for
creating
pipelines
again
comprised
of
a
number
of
moving
parts,
and
hopefully
this
will
give
you
sufficient
oversight
to
enter
the
fray
copious
oceans
and
welds
of
thanks
to
the
friends
and
peers
and
colleagues
who
have
done
all
the
ex
excellent
work
in
this
space
to
get
us
to
where
we
are
today,
we're
very
much
not
finished,
but
there
is
a
huge
and
exciting
community
of
enthused
individuals
and
we'll
talk
more
about
these
people
and
their
technologies
today.
P
So
what
is
a
supply
chain?
First
of
all,
it
is
so
hot
right
now,
anything
we
depend
upon
can
be
expressed
as
a
supply
chain
in
a
military
context.
This
is
aircraft
carriers
being
made
from
nuts
and
bolts
and
bits
of
metal.
All
of
those
things
come
from
somewhere
and
are
planned
from
a
pharmaceutical
perspective.
P
We've
seen
the
supply
chains
that
have
affected
the
the
covert
vaccines
they
are
multifarious
and
distributed,
and
they
need
combining
and
coalescing
and
all
of
these
things
at
each
stage.
We
cannot
allow
contaminants
into
the
process.
We
must
be
sure
that
we
have
the
right
concentrations
and
all
these
kind
of
things.
P
The
same
thing
applies
to
foods.
We've
seen
a
different
part
of
the
supply
chain
impacted
recently
in
the
uk,
where
an
inability
to
ship
food
items-
and
I
say
ship
specifically
that's
loris
in
the
uk
at
the
moment.
So
although
the
supply
chain
is
able
to
generate
or
sort
of
breed
and
farm
the
food,
we
can't
actually
get
it
from
farm
to
table.
P
Just
in
time,
we
can
just
bring
in
the
things
that
we
need
from
the
supply
chain
onto
the
factory
floor
and
then,
finally,
the
the
supersets
are
almost
full
of
those
examples.
Software
software
is
comprised
of
other
pieces
of
software
that
come
from
other
places
built
on
hardware
running
other
software,
running
microcode,
the
yes,
it's
turtles
all
the
way
down.
We
will
attempt
to
disambiguate
some
of
those
things.
P
What's
the
point
here
well,
as
a
consumer
we
take
and
we
trust
whatever
we're
given
as
a
producer.
This
is
difficult
because
should
we
be
trusting
anything
and
everything?
Absolutely
not.
We
have
seen
this
go
badly
wrong
many
times
so
a
software
supply
chain,
then
any
code
that
ends
up
running
in
production.
P
This
is
a
malleable
definition:
I'm
going
to
stick
with
production,
because
production
is
where
the
lifeblood
of
the
company,
the
customer
data
flows
and
is
stored
and
manipulated
and
used.
So
it's
probably
the
juiciest
place
it's
where
an
attacker
would
want
to
get
to
and
what
could
possibly
go
wrong.
Well,
we
can't
be
sure
that
our
supply
chain
is
competent
at
all
stages
and
it
may
be
subject
to
events
such
as
these,
which,
as
I'm
sure
you
can
imagine,
would
take
a
few
days
to
clear
up
so
software
supply
chains.
P
Everything
is
software,
we've
transcended
various
different
renaissance
periods
and
with
cloud
native,
we
can
now
define
everything
as
software
as
yaml
as
code.
P
Ultimately,
we
can
package
package
all
of
these
things
up
into
oci
images,
and
we
have
a
relatively
universal
transport
container
if
you
like,
because
an
oci
image
is
just,
of
course,
a
collection
of
tables,
so
our
software
applications
yeah.
Of
course,
the
infrastructure
that
they
run
on
the
infrastructure
is
code,
security
and
policy
is
code.
P
We
can
put
all
of
those
things
into
a
container
and
put
them
through
specific
pipelines,
all
sorts
of
different
pipelines.
We
don't
really
mind
that
there's
so
much
of
this,
but
the
point
is
from
a
software
factory
perspective.
These
are
all
behaviors
that
we
would
defer
to
automation.
For
what
does
that
mean?
It
means
that
a
build
server,
ci
cd,
build
automation.
P
These
things
are
remote
code
execution
as
a
service.
They
operate
on
behalf
of
developers
in
order
to
complete
tasks
that
developers
would
otherwise
have
to
do
themselves,
such
as
cloning
source
codes,
building
the
thing
pushing
container
images
deploying
to
production,
ideally
with
a
git
ops
workflow
rather
than
a
direct
push.
We've
also
got
our
security
testing.
We
are
scanning
our
dependencies,
we're
scanning
our
container
images,
we're
scanning
our
networks,
we're
checking
for
expired,
tls
certificates,
we're
making
sure
that
our
infrastructure's
code
configurations
don't
change.
Somebody
goes
through
and
does
manual
change,
we're
alerted.
P
P
As
I
say
down
to
the
micro
code,
which
is
a
little
terrifying,
so
we
rely
on
the
people
who
give
us
that
code
that
we're,
depending
upon
for
correct
non-violent,
maybe
kind
and
technically
correct
code,
and
as
we
see
with
the
alice
bob
and
charlie
example,
anybody
who
is
able
to
get
in
the
middle
of
a
supply
chain
can
add
an
implant
or
malware
or
malicious
code.
P
Well,
then
we're
looking
at
the
beginning
of
potential
compromise
that,
if
it
expands
beyond
the
constraints
of
the
initial
impact
point
of
point
of
entry,
it
can
be
very
expensive
to
clean
up
might
end
up
with
a
crypto
locking
infestation.
That
sort
of
thing
the
point
here
is
that
any
entry
into
a
system
is
bad
news
for
us
and
because
we're
trusting
such
wide
long
expansive
supply
chains.
P
P
There's
multiple
different
types
of
supply,
chain
attacks
and
the
compiler
based
supply
chain
attack
has
been
the
new
software
security
frontier
for
a
number
of
years.
With
these
gentlemen,
with
this
gentleman
actually
reflections
on
trusting
trust,
talk
a
little
bit
more
about
that,
but
just
looking
at
this
question
of
trust
again,
we
trust
everything
in
a
supply
chain,
the
source
code
and
dependencies
that
either
we
build
or
our
developers
build
or
the
github
autopilot
accidentally
back
doors.
P
Well,
then,
everything
else
is
compromised
downstream.
The
network
that
transports
that
thing
to
the
application
repository
the
application
repository
contents
at
rest
finally
deployed
systems.
Any
of
these
points
are
an
avenue
for
compromise,
and
the
nature
of
reflections
on
trusting
trust
is
such
that
a
compromised
compiler
can
spit
out
compromised
and
backdoored
binaries.
P
P
Okay,
let's
look
at
how
to
attack
a
supply
chain.
Well,
first
of
all,
this
is
the
8-bit
monstrosity
dread
pirate
captain
hash
jack.
He
is
hacking,
kubernetes
archetypal
adversary
and
is
typecast
as
a
state-sponsored
organized
criminal.
What
does
he
want
to
do
to
your
supply
chain?
I
hear
you
ask
he
wants
to
trick
it
into
running
his
code
in
production.
P
This
is
the
goal,
an
implant,
a
back
door,
a
botnet
commander.
Control
of
some
description
in
production
gives
us
a
jumping
off
point
with
which
to
attack
the
rest
of
an
organization.
What
have
we
seen
recently?
We've
seen
reville
attack
the
colonial
pipeline
and
shut
down
oil
pipelines
in
the
on
the
east
coast
of
the
us
that
was
done
through
a
compromised
supplier
to
the
to
the
the
colonial
pipeline
systems.
We
have
seen
solar
winds,
which
were
attacked
by
a
foreign
intelligence
service.
P
What
happened
there
well
solarwinds
was
a
highly
privileged
piece
of
software.
It
still
is,
and
therefore
everybody
who
consumed
that
piece
of
software
solarwinds
being
the
supplier
and
microsoft
and
the
government
and
in
the
us
being
consumers
they
suddenly
had
a
back
door
in
their
systems
and,
as
we
say
again
once
you
have
that
initial
access
to
to
an
organization
system,
we
saw
multiple
secondary
and
tertiary
attacks
occurring,
especially
against
the
government
and
u.s
government
and
microsoft.
P
There
is
a
wonderful
catalogue
of
supply
chain,
compromise,
courtesy
of
the
cncf
technical
advisory
group
on
security.
If
you
would
like
to
learn
more
about
any
of
these
things,
they're
a
very
friendly
and
open
group,
full
of
full
of
excellent
contributions
and
white
papers,
and
it's
really
a
wonderful
place
to
learn
this
courtesy
of
of
that
group.
Then,
how
do
we
attack
a
supply
chain?
Well,
we
can
go
for
the
source
code.
P
This
means
getting
access
to
a
developer's,
end
user
device
and
eud,
or
it
means
stealing
their
credentials
so
that
we
can
write
into
a
source
code
repository.
It
might
mean
installing
a
key
logger
so
that
we
can
get
access
to
those
things
it
might
mean
getting
remote
access,
yes,
etc.
The
developer
tooling.
This
is,
then
the
compiler
type
attack
or
potentially
attacking,
as
we
can
see,
vs
code
github
here
on
the
right
hand,
side
the
publishing
infrastructure,
once
we
have
secured
the
source
code
and
the
tooling.
P
If
we're
then
building
and
distributing
things
from
compromised
hardware.
Well,
once
again,
all
bets
are
off
trust
and
signing.
Maybe
the
build
hardware
is
secure,
but
we've
managed
to
steal
the
signing
keys.
So
I
can
now
build
any
piece
of
software,
sign
it
with
a
legitimate
key
and
make
it
look
as
if
your
trusted
producer
gave
it
to
you.
Attack
chaining
is,
of
course
a
superset
of
some
of
the
above
and
negligence.
Is
things
such
as
committing
one's
code?
Sorry,
one's
keys
to
github
and
should
hopefully
be
avoided
by
things
like
source
code
scanning.
P
A
note
on
source
code
itself,
whether
or
not
to
sign,
commits
with
gpg
keys,
is
a
matter
of
some
contention.
In
my
mind,
it
is
better
because
this
means
that
we
provide
a
secondary
or
another
factor
of
authentication
to
say
very
specifically
at
this
point
in
time.
The
person
in
control
of
this
key
liked
this
sufficiently
to
generate
a
signature.
It's
really
all
that
it
says
it's
a
human-based
trust
system,
because
ultimately,
this
trust
is
all
based
on
how
humans
interact.
P
People
have
different
views.
The
linux
source
tree
prefers
to
only
merge
or
sign
a
merge
commit,
because
that
then
implicitly
trusts
everything
that
was
merged
in
one
go
in
my
mind,
for
open
source,
the
rapidity
of
change
and
the
size
of
a
pull
request
versus
a
kernel
patch
set
means
that
just
adding
that
extra
factor
gives
us
in
my
mind
a
lot
more
security.
P
Sorry,
a
little
bit
more
trust
there.
We
go
very
specifically,
of
course,
the
source
repository.
This
is
preventing
people
getting
access
to
hosted
version
control
systems
if
we're
hosting
our
own.
It
is
imperative
that
access
to
those
is
constrained
and
that
the
operations
team
managing
them
are
restricted
as
well
same
for
the
build
infrastructure.
It's
normally
a
soft
underbelly
of
any
organization's,
collective
software,
delivery,
pipelines
or
lifecycle.
I
suppose,
because
again
with
seeding
control
to
the
machines,
rightly
so,
but
that
requires
some
level
of
access
for
debugging,
complex
and
advanced
heisenbugs
and
non-determinism.
P
P
So
salsa
is
a
supply
chain
security
framework
from
google,
it
broadly
predicates
itself
on
hardened
infrastructure
in
the
first
place,
which
may
or
may
not
be
the
case.
But
if
we
look
at
all
the
places
that
we
can
attack
a
very
simple
pipeline
code
review
from
the
developer,
the
source
control
system
itself,
the
code
as
it's
in
transit
from
the
source
control
system
to
the
build
server,
the
build
platform,
so
the
build
steps
that
are
building
the
thing
or
jenkins
or
a
tekton
a
bad
dependency.
P
We
have
a
compromised
package
repository
itself,
so
maybe
an
internal
actor
has
manipulated
that
maybe
credentials
has
been
stolen.
Maybe
someone
has
got
access
through
a
vulnerability
and
finally,
just
using
a
bad
package
in
the
first
place,
as
in
the
package
was
there
but
yeah
we've
then
pulled
it
and
become
compromised
in
some
way.
Here
is
an
example
of
I've
got
a
few
examples,
a
few
demos,
but
in
the
interest
of
time
I'm
only
going
to
do
the
first
one
and
the
longer
version
of
this
talk
will
include
a
couple
more.
B
Firstly,
not
do
that.
Try
this
there
we
go
so
we
have
got.
P
What
is
notable
here
is
that
there
is
a
pre-installed
step.
Why
is
that
a
bad
thing?
Because
when
we
go
to
install
this
package
before
the
package
is
even
installed,
it
runs
my
shell
script.
You
may
be
able
to
infer
from
the
name
xfill
what
it
does.
It's
backdooring
applications
installing
a
key
logger.
It's
just
enumerated
the
contents
of
my
gpg
and
ssh
keys.
This
is
a
good
reason
to
run
second
factor
authentication,
because
it's
very
easy
to
steal
these
things
and
there's
not
very
much
that
we
can
do
about
it.
P
We
need
to
make
sure
that
what
we
pull
from
these
third-party
systems
is
trusted.
The
best
way
of
doing
that,
unfortunately,
is
to
denormalize
them
into
a
local
proxy
or
cache
of
some
description
and
make
sure
that
they're
of
a
decent
quality
before
they're
pulled.
This
involves
a
lot
of
manual
code
review.
It
is
not
a
great
look,
so
we
should
be
confident
about
exactly
what
we're
using
in
these
contexts
and
yeah
air
gap
is
probably
not
practical
for
everybody.
What
else
can
we
do?
We
can
back
door
a
container.
P
So
if
we
are
running
kubernetes-
and
I
trick
you
into
running
a
container
image
or
building
a
container
from
a
compromised
base
image
when
it
runs
in
production,
it
makes
this
reverse
tcp
connection
to
a
port
that
I'm
controlling
and
listening
on
somewhere
on
the
public
internet.
It's
an
outbound
connection,
so
it's
going
backwards
through
the
firewall
in
the
opposite
direction,
to
how
an
internet-facing
fireball
was
traditionally
considered
to
operate,
and
that
gives
me
access
to
your
kubernetes
there's
numerous
ways
to
get
not
to
get
around
but
to
protect
ourselves.
Here.
P
Of
course,
we
know
about
scanning
images,
minimum
viable
cloud
native
security,
intrusion
detection.
We
shouldn't
be
opening
shelves,
we
shouldn't
be
spawning
shells
or
opening
network
connections
to
the
internet.
We
can
do
better
than
nothing
there.
We
can
do
build
time,
behavioral
analysis
to
pick
this
kind
of
stuff
up,
so
does
the
implant
fire.
When
it's
put
into
a
malware
lab
type
environment,
we
can
use
evpf
tracing
to
detect
some
of
the
intricate
details
of
what
are
being
done
there.
P
This
is
this
is
on
the
bleeding
edge.
It's
it's
not
so
widely.
It's
not
really
widely
deployed
at
the
moment,
but
we've
been
doing
some
interesting
proof
of
concepts
around
that
work
and,
of
course,
this
is
all
just
predicated
on.
We
must
have
a
good
security
context
and
capability
config
shout
out
to
cubesec
and
the
oci
setcomp
bpf
hook
for
deriving
setcomp
profiles
using
ebpf,
okay.
What
other
forms
of
build
compromise
might
we
have
or
supply
chain
compromise
here?
P
Let's
just
think
about
exactly
how
we
build
software
for
a
moment.
So
courtesy
of
dan
lorenk,
who
has
a
numerous,
has
numerous
images
in
the
next
few
sections
and
pieces
of
software
as
well.
We
start
with
the
software
configuration
management
repository.
The
build
system
grabs
our
source
code.
P
It
builds
an
artifact
which
is
probably
a
container
image
for
us.
It
may
be
a
compilation
of
a
binary
and
it
generates
prominence.
That
is
a
way
of
saying.
I
have
done
a
thing,
and
here
is
a
cryptographic
signature
to
prove
that
I
did
it
when
we
go
to
deploy
into
production.
We
use
a
policy
engine
to
prevent
things
that
do
not
have
provenance
records
being
deployed,
and
we
will
come
back
to
this
concept.
P
This
is
now
the
this
is
now
the
target
of
how
the
software
factory
and
the
secure
build
system
is
intended
to
work.
Get
these
to
keep
con,
if
you
possibly
can.
This
is
why
I'm
traveling
now
in
order
to
try
and
get
in
in
time,
mike
liebman
and
timothy
miller
will
be
demoing.
P
Some
really
interesting
attacks
on
compilers,
and
this
is
some
of
the
work
that
we've
been
doing
over
the
past
year
or
so
and
there's
an
end-to-end
example
in
here
where
signed
images
are
tested
at
a
mission
control
time,
in
this
case
by
caverno,
to
make
sure
that
everything
that
is
deployed
to
production
is
signed.
So
these
container
images
right
now
we
have
been
a
number
of
years
getting
up
to
this
point
and
I'm
very
excited
to
say
that
we
are
close
to
it.
P
Another
song
in
inspired
interlude
here
sign
me
to
the
moon
all
right
in
the
last
few
minutes,
then
what
is
signing
signing
is
the
combination
of
two
entities,
a
key
pair
and
a
piece
of
data
to
create
a
signature
and
use
that
signature
later
to
reverse
the
process
and
verify
that
the
data
matches
the
signature
using
the
public
portion
of
the
key
pair
distributing
the
signature
alongside
the
data
gives
us
verifiable
certainty
that
the
contents
of
the
signature
or
the
metadata
in
it
was
signed
by
a
person
who
trusted
it
at
that
point
in
time,
and
we're
really
back
to
this
concept
of
human
trust
in
toto
is
a
tool
to
support
this
in
the
build
pipeline.
P
So
for
tekton
chains,
which
is
which
is
a
kubernetes-based
build
system
and
changes,
the
attestation
part
to
the
signing
part
in
toto
is
the
core
technology,
so
between
the
checkout
of
code
and
build
and
the
test.
Each
of
those
events
is
tested
against
the
layout
file
like
this.
So
we're
looking
at
a
step
to
say,
create
this
when
we
do
a
git
clone,
we
expect
this
demo
project
foo
pi
to
exist.
P
If
that
does
a
piece
of
link
metadata
as
we
can
see,
those
signatures
is
generated,
and
that
forms
a
chain
of
trust
that
we
can
use
to
tie
together
all
of
the
build
stages
so
far
so
good,
that's
only
the
build
stages,
we're
going
to
create
a
signed
artifact
at
the
end.
We
want
a
container
image.
We
want
the
container
image
to
have
been
built
securely,
but
also
be
provably
secure.
P
This
is
where
we
get
into
container
signing.
This
has
been
a
slow
moving
space
for
a
while
note.
3
was
the
original
and
best,
but
we
have
now
seen
cosine
and
recall
turn
up
from
the
sig
store
project
which
provide
a
much
simpler
way
of
doing.
What
notebook
was
doing
before
recall,
specifically,
is
interesting,
because
it
provides
a
transparency
log
analogous
to
a
certificate,
transparency,
log
for
metadata
and
signatures
of
arbitrary
things
in
this
case
container
images.
P
P
P
So
what
we're
looking
at
here
is
not
only
the
signing
and
publishing
of
the
artifacts,
but
the
certificates
that
go
with
them
and
those
public
logs,
so
that
we
can
monitor
them
for
signs
of
compromise
or
a
lack
of
a
signature
that
we
expect
before
we
get
finally
into
the
software
factory.
One
more
concept
is
spiffy.
This
is
a
way
to
try
and
replace
passwords
by
giving
everything
an
identity.
P
It
is
a
root
of
trust
based
system,
and
it
is
the
core
technology
in
istio
that
enables
workload,
identity
and
mutual
authentication
between
microservices
spiffy
and
in
toto
glue,
together
with
this
bit
of
code
again,
another
fantastic
team
that
we've
been
collaborating
with
this
year
to
try
and
get
some
of
this
stuff
over
the
line,
and
they
have
been
they
forked
in
toto
and
added
the
spy
workload
api.
So
we
can
verify
in
total
certificates
based
upon
x509
certificate
constraints.
P
With
all
these
underlying
pieces
of
technology
we
get
to
a
software
factory.
A
software
factory
builds
other
software
factors.
It
is
a
pipeline
for
building
pipelines.
This
means
it
is
devops
on
steroids.
It
really
requires
very
well
lubricated
pipelines,
etc
and
its
aggressive
automation
we
care
about
the
whole
shebang
here
from
infrastructure
to
application.
Any
one
of
these
points
in
a
software
factory
may
be
compromised
and
then
would
invalidate
the
the
level
of
trust
that
we
place
into
these
things.
The
department
of
defense
has
a
reference
design
for
these
things.
P
It
is
up
and
running
with
the
the
castle
run
program.
Everything
is
automated.
It's
the
it's,
the
core
line
here
and
the
cncs
tag.
Security
once
more,
are
doing
exceptional
work
and
building
out
a
reference
software
factory
architecture.
So
what
we
see
here
in
the
middle
is
our
ci
cd
pipeline,
we're
orchestrating
these
the
fetching,
the
building
of
the
artifact
and
the
publication,
and
then
in
the
at
the
bottom
of
the
diagram,
not
the
sdlc
services
but
the
last
green
layer.
P
There
is
a
lot
of
complexity
here,
and
things
are
really
just
emerging
and
getting
underway.
I
urge
you,
if
of
interest
to
jump
in,
and
dan
lorenk,
who
is
one
of
the
authors
and
founders
of
the
six
store
project,
has
a
zeros
trust
supply
chain
paper,
which
I
recommend
very
highly.
I
hope
that's
been
an
interesting
introduction.
Thank
you
very
much
for
your
attention
and,
yes,
beware
of
the
supply
chain.
Thank
you
very
much.
C
That
was
great
thanks.
Andy,
we
did
have
one
question
that
got
posted
into
our
slack
channel.
We've
probably
got
time
just
just
to
answer
this
one,
so
that
worked
out
well.
So
the
question
is:
if
there
are
no
current
checks
in
the
current
pipeline,
where
do
you
suggest
people
to
start
with
in
their
supply
chain?
Security
journey
assuming
breach,
is
a
good
approach
to
take
here.
P
That
is
a
very
good
question.
We
can
defer
to
the
salsa
document
for
an
answer:
salter
level
1
recommends
collecting
provenance
information
and
even
if
the,
even,
if
there
are
no
checks,
we
don't
trust
the
supply
chain
and
the
build
infrastructure
itself
just
collecting
what
is
essentially
metadata
and
s-bombs
about
the
things
that
we're
building,
even
if
it
doesn't
protect
us,
gives
us
some
some
view
of
historical
provenance
and
in
the
event
for
compromise,
we
can
start
to
build
up
some
idea
of
how
it
happened
from
there.
P
C
F
C
Thank
you,
okay,
so
if
anyone
else
had
more
questions
for
angie,
then
please
post
them
into
the
slack
channel
or
into
the
youtube
chat
and
for
our
very
last
talk
of
today.
It's
got
an
interesting
talk.
Titles
that
kubernetes
is
doomed,
so
I'm
quite
excited
to
find
out
how
kubernetes
is
doomed
and
I'm
really
delighted
to
welcome
and
curry
to
the
stage.
C
Q
Q
Q
Okay,
let
me
let
me
it
does
it
sometimes,
I'm
quite
surprised,
it's
not
offering
me
the
ability
to.
Q
To
just
no
that's
no
use
I'll,
try
a
new
new
share.
C
F
C
C
Q
Excellent
good
good,
good,
good,
good
right
all
right,
so
it's
about
time
for
me
to
kick
off.
Should
I
kick
off
yet
or
should
I
give
it
another
minute.
Q
Right
well,
my
name
is
anne
curry
and
I
have
been
in
the
tech
industry
for
depressingly
enough
nearly
30
years
now-
and
I
was
I
used
to
work
on
high
performance
c,
backhand
servers
these
days.
I'd
do
something
a
little
bit
different
and
we'll
talk
to
talk
I'll
mention
that
later
in
the
talk,
but
my
aim
today
is
to
talk
to
you
about
the
direction
of
travel
of
operations
and
architecture.
Q
Now
the
cloud
don't
worry,
don't
panic,
I'm
not
about
to
say
it's
the
cloud,
because
that
would
be
crazy
talk.
The
cloud
is
what's
completely
revolutionized
architecture
and
operations
in
the
past
10
years,
but
I
don't
think
that
that
in
and
of
itself,
not
not
directly
is
what's
going
to
be
pushing
our
direction
of
travel
in
the
next
decade.
Q
I
think
in
the
next
day
decade
it's
all
going
to
be
about
the
climate
and
it's
not,
and
also
don't
worry,
I'm
not
about
to
tell
you
that
this
is
that
your
data
center
all
about
to
burn
to
the
ground
or
be
washed
away
to
the
sea
or
anything
like
that,
hopefully,
within
the
next
10
years.
That's
that
won't
happen.
Q
But
what
will
happen?
What
we
know
will
happen
in
the
next
10
years
and
will
have
a
significant
effect
on
us
is.
That
is
how
the
cloud
is:
architecturally,
responding
to
climate
change
and
the
effects
of
climate,
because
for
the
past
five
years
or
so,
I've
been
involved
in
campaigns
to
move
the
cloud
over
to
sustainable
hosting
and
in
2020.
Q
We
had
an
amazing,
an
amazing
step
forward
in
that
which
I'd
I'd,
love
to
say,
win.
But
let's
face
it.
It's
not
jeff
bezos
woke
up
one
morning
and
decided
he
was
going
to
do
it
and
it
had
absolutely
nothing
to
do
with
anybody
else,
but
in
2020
all
of
the
major
cloud
providers
committed
to
being
carbon
zero
by
2030.
Q
So
now,
in
nine
years
time-
and
this
isn't
some
kind
of
airy
fairy
half-assed
carbon
neutral
commitment
because
they're
all
that
most
of
them
already
there
already
so
google
cloud
has
been
carbon
neutral
since
2007,
which
is
an
extraordinarily
long
time.
Azure
we're
a
bit
later,
but
they've
been
they've,
been
carbon
neutral
since
2014.
Q
aws
they're
still
not
carbon
neutral.
They
are
in
some
regions,
they're
carbon
neutral
in
ireland,
in
frankfurt,
canada
and
oregon.
So
if
you
want
to
be
carbon
neutral
now,
that's
where
you
should
be
hosting,
but
they
have
nonetheless
joined
everybody
else
in
committing
to
be
carbon
zero
by
2030
and
say,
carbon
zero
is
a
much.
F
Q
Harder
target
to
meet
you
can
be
in
many
ways:
carbon
neutral
just
means
you're
tracking,
what
carbon
you're
emitting
and
then
you're
paying
for
offsets
of
one
form
or
another,
and
that's
it's
nice
that
you're
doing
the
tracking
and
it's
nice
that
you're
willing
to
shell
out
a
little
bit
of
money
to
buy
the
offsets.
But
offsets
are
not
that
useful.
What
we
actually
need
in
the
long
run
is
a
commitment
to
not
emit
any
carbon
as
a
result
of
your
operations,
so
carbon
zero.
Q
Is
that
commitment,
no
carbon
from
electricity
and
no
carbon
from
hardware
production?
Q
That
is
a
ridiculously
difficult
goal,
and
I
have
to
say
in
all
the
time
that
I
was
campaigning
for
this
and
and
all
of
us
a
lot
of
us
were
campaigning
for
this.
I
think
we
were
oh.
We
were
ridiculously
naive.
We
all
thought
that
once
the
cloud
committed
to
be
carbon
zero,
if
you
were
running
on
the
cloud,
then
you
would
just
become
carbon
zero.
Q
Q
Their
first
step
is
that
they
have
spent
huge
amounts
of
money
getting
more
renewables
into
the
into
the
national
grids,
so
they've
put
shed
loads
of
money
into
either
building
wind
farms,
solar
farms
themselves
and
piping,
the
the
power
directly
into
their
own
data
centers,
but
more
commonly.
They
have
signed
up
to
be
guaranteed
purchases
of
power
coming
from
third-party
wind
farms
and
solar
farms.
Either
directly
with
the
with
the
companies
building
those
farms
all
with
the
within
that
with
the
local
grids
and
they've
spent
a
lot
of
money
on
this.
Q
So
over
the
past
decade,
google
has
commonly
been
the
biggest
non-government
purchaser
of
renewable
power
in
the
world.
Last
year
it
was
ada,
it
was
amazon
and
that's
probably
hardly
surprising
because,
as
I
said,
google
have
been
doing
this
for
years,
and
amazon
have
suddenly
woken
up
and
decided
that
they
need
to
do
it
as
well,
and
so
they're
chucking
it
they're
having
to
chuck
in
huge
amounts
of
money,
and
this
is
great
because
a
few
years
ago
I
think,
when
I
used
to
talk
about
this
people's
most
common
objection
was
well.
Q
If
the
clouds
decide
that
they're
all
going
to
be
the
run
on
on
sustainable
power,
then
all
they're
going
to
do
is
suck
all
the
sustainable
power
out
of
the
grids
and
there
won't
be
any
for
anybody
else.
And
it's
you
know,
there's
it's
a
zero-sum
game.
We
haven't
improved
things
at
all,
but
in
fact
that's
not
what
they're
doing
they're
they
are
guaranteeing
that
more
renewable
power
goes
into
the
system.
So
that's
all
great.
Q
So
that's
all
good-
and
I
kind
of
in
my
old
dream,
my
old
dream
world,
where
I
was
feeling
very
positive
about
this.
I
thought
that
would
be
all
that
was
required,
but
that
was
really
because
I
hadn't
properly
thought
things
through,
because
there
is
a
significant
problem
with
the
renewable
power.
Well,
some
renewable
power
there's
a
significant
problem
with
wind
and
solar,
and
that
is
that
sometimes
it
rains,
sometimes
it's
even
the
night,
wind
and
solar.
Sometimes
it's
not
windy.
Q
Wind
and
solar
are
naturally
variable
available,
variably
available
power
sources.
They
are
not
pumping
out
power
to
you
all
the
time.
You'll
there'll
be
times
when
there's
tons
of
power
and
times
when
there
is
no
power
very
little
power
now,
and
that
isn't
the
way
that
data
centers
work.
Most
data
centers
need
power
all
the
time.
Your
applications
mostly
need
to
run
all
the
time
and
there
are
places
where
you
could
have
data
centers,
where
that
would
be
the
case
and
the
power
would
still
be
renewable.
Q
I
mean
obviously,
if
you're
running
it's
the
reason
why
we
it's
the
reason
why
we
still
have
fossil
fuels
after
all
of
these
years
and
we've
known
for
you,
know,
half
a
century,
that's
about
climate
change
and
about
the
greenhouse
gas
effect,
but
fossil
fuels
are
so
damn
good.
They
are
reliable,
they're,
cheap,
they're,
easy
to
transport,
there's
a
reason:
it's
not
craziness
that
we've
we've
been
so
reluctant
in
moving
to
renewable
power
power
sources,
and
there
are
places
in
the
world
where
you
won't
have
to
worry
so
much
about
this.
Q
There
are
places
where
you
could
put
your
data
center,
where
you
would
have
renewable
power
that
was
reliable.
Q
So
maybe
you
could
be
in
france
where
there
were
loads
of
nuclear
power
or
you
could
be
in
iceland,
where
they've
got
those
of
geothermal
or
you
could
be
in
canada
where
they've
got
loads
of
hydro,
but
that
isn't
everywhere
and
that
isn't
where
most
data
centers
are
because,
let's
face
it,
most
data
centers
are
in
the
east
coast
of
the
usa,
so
there
is
there's
always
there
is
going
to
be
a
huge
problem
with
reliable
sourcing
of
power
for
data
centers.
Q
Now
the
way
that
climate
activists
have
been
pushing
to
handle
this
for
for
many
years
and
I
tend
to
agree
with
them.
I
think
this
is
a
very
sensible
way
of
doing.
It
is
using
variable
pricing
for
electricity,
so
at
times
when
there's
tons
of
it
because
the
sun
shining
and
the
winds
blowing,
then
power
is
extremely
cheap,
maybe
even
free
and
at
times
when,
when
there
isn't
any,
we
know
there's
very
little
renewable
power
available
and
maybe
carbon
is
having
to
be
emitted
to
the
atmosphere
in
order
to
provide
any
power
at
all.
Q
Because
I'm
not
one
of
these
communist
climate
activists,
I
think
that
capitalism
works
quite
well,
but
it
has
to
be
incentivized.
If,
if
we,
if
the
government
subsidized
that
subsidizes
bad
energy
production,
then
there's
there's
no
reason
why
anyone
should
do
anything
about
it.
There's
no
reason
why
we
should
start
to
adapt
to
a
world
of
variable
power.
So
I
really
hope-
and
I
think
that
it
will
be
the
case
that
we'll
get
very
electricity
pricing
more
widely.
Q
They
have
it
in
spain
at
the
moment,
but
that's
that's
kind
of
the
the
forerunner
of
this
kind
of
thing.
So
it
will
be
useful.
It'll
be
helpful.
We
think
it's
all
inevitably
coming,
but
it's
probably
not
gonna
solve
absolutely
well.
It
probably
will
solve
things
for
us
in
the
long
run,
but
we,
it
won't
just
transparently
solve
it-
for
us,
it'll
incentivize,
to
make
incentivizers
to
make
the
kind
of
operational
and
architectural
changes
that
we'll
need
to
make
to
take
advantage
of
variable
electricity
pricing.
Q
So,
let's
step
back
for
a
moment
and
and
just
remind
ourselves
about
what
the
cloud
providers
have
signed
up
to
absolutely
actively
signed
up
to
for
2030
and
what
that
means
that
they've
signed
us
up
to,
because
we
are
all
fairly
locked
into
the
cloud
and
that's
only
going
to
become
more
so
over
the
next
10
years,
so
what
they
do
we're
doing,
and
it's
a
good-
and
in
this
case
it's
a
really
good
thing
to
do,
and
I
so
I
can't
object
to
it.
Q
Q
Centers
they've
also
signed
up
to
reducing
embodied
carbon
in
the
hardware
that
runs
in
their
data
centers,
and
that
generally
means
that
they'll
have
to
make
hardware
last
a
lot
longer
and
use
it
better,
and
all
of
these
commitments
are
generally
for
most
of
their
data
centers
on
top
of
variable
availability
power.
So
from
solar
from
wind,
because
that
really
is
the
work
the
workhorse
I
would
personally,
I
would
love
it
if
we
were,
if
we'd
all
gone
to
nuclear.
Q
We
just
didn't
have
to
worry
about
this
kind
of
stuff,
but
we
didn't
and
we're
not
likely
to
quite
sometimes
so
I
think
we
have
to
grok
the
world
that
we're
in
is
one
in
which
that
power
will
be
variably
available.
I
know
that
there's
loads
of
storage,
everybody's,
desperate
for
storage,
but
all
of
the
storage.
Q
All
of
the
storage
solutions
at
the
moment
are
sub-optimal
they're,
expensive,
they're,
not
they're,
not
a
like
for
light
replacement
for
oil,
even
even
hydrogen,
which
is
kind
of
that
that
exxon
and
shell
would
like
to
believe
was
the
like
flight
for
replacement
for
oil
is
not
as
good,
it
will
cost
more.
So
I
think
we
have
to
accept
that
we're
going
to
be
handling
some
variable
availability
of
power.
Q
So
how
how
are
I
mean?
I
wonder
how
much
they'd
thought
about
this
really
thought
this
through
before
they
committed
so
their
zero
carbon
deadline.
Last
year,
some
of
them
certainly
had
google
certainly
had,
but
I'm
seeing
a
lot
of
activity
now
it
suggests
so
that's
that
they've
upped
their
game
a
little
bit
and
they're
trying
a
little
bit
harder
on
this.
Q
So
let's
look
first
at
google
who
released
an
interesting
paper
on
what
their
next,
apart
from
buying
a
whole
load
of
renewable
power,
what
their
their
next
steps
would
be
in
actually
using
that
renewable
power
and
meeting
their
2030
commitments.
Q
So
this
is
a
very
interesting
paper.
It
came
out
in
june
or
july
about
the
next
generation
of
scheduling
and
programmatic
orchestration.
Now
this
is
kubernetes
conference.
So
we
all
know
that
google
have
been
the
kings
and
queens
of
programmatic
orchestration,
the
forerunner
to
kubernetes
and
they've
used
it
to
physically
shift
encapsulated
tasks
around
in
their
data
centers
to.
Q
Server
density
and
use
less
energy
to
do
the
same
work,
which
is
all
great
for
for
climate
change.
It's
all
great
for
reducing
the
amount
of
bad
energy
that
you're
produ,
putting
into
the
atmosphere,
bad
energy
that
you're,
using
and
and
as
a
result,
carbon
goes
into
it.
But
it's
not
enough.
We
need
to
actually
have
a
bit
of
a
paradigm.
Q
Another
paradigm
shift
in
how
we
do
this
and
at
their
next
stage
I
think
they're
trialing
at
the
moment
is
more,
is
the
trying
harder
to
shift
tasks
in
time
and
they
call
this
temporal
displacement
and
because
they
are
googlers
and
they
do
like
their
sci-fi
and
it's
interesting,
because
what
they're
doing
is
in
many
ways
very
similar
and
just
an
extension
of
what
they've
done
in
the
past.
What's
what
their
schedule
is,
and
then
their
old
programmatic
orchestration
did
and
in
some
ways
it's
the
complete
opposite.
Q
Q
But
in
some
ways
it's
the
exact
opposite
of
what
they
were
doing,
because
what
they
were
doing
before
was
they
were
trying
to
pack
their
workloads
onto
machines
as
tightly
as
possible
so
that
those
machines
were
maximally
used.
They
got
really
high
server
density,
really
high
utilization,
and
that
meant
everything
was
more
efficient
and
it
meant
that
you
got
more
out
of
your
machine
during
its
lifetime.
So
you,
you
didn't
use
up
too
much
electricity
and
your
hardware
lasted
longer.
Q
But
the
idea
is
less
energy
used
when
there's
no
good
energy
to
use.
Now
there
are
various
things
that
they
need
in
order
to
accomplish
this.
So,
as
I've
said,
they
need
good
orchestrators,
which
they've
got
schedulers,
which
they've
got
that
actually
encapsulated
tasks
which
they've
got,
which
is
all
good,
but
you
also
need
tasks
that
are
lower
priority
and
not
as
urgent
that
don't
have
quite
as
high
an
sla
on
as
a
brockton
sla
and
when
they're
run
they
don't
have
to
be
run
immediately.
Q
They
can
be
delayed
deferred,
they
can
be
delayed
until
the
sun
comes
up
and
they
have
that.
But
we
don't
always
have
that.
So
that's
one
of
the
things
that
they
pointed
out
in
this
in
this
paper
is
that
they
can
run
this
and
they
can
get
this
to
work
and
actually
that
they're,
oh
I'll,
put
links
to
the
paper
in
my
twitter
feed.
Q
So
you
can
have
a
read
if
you
want,
but
their
initial
results
are
a
bit
rubbish
but
as
they
point
out,
it's
their
first
go
and
they
expect
it
to
get
better.
And
we
hear
in
the
grapevine
that
the
results
are
getting
much
much
better
as
they
move
on
as
they
move
forward.
Q
But
they
can
only
run
all
of
this
on
their
own
workloads.
They
can't
run
it
on
the
google
cloud
and
the
reason
is
that,
within
their
own
workloads,
they
know
a
lot
about
those
workloads.
They
know
which
ones
can
be
deferred.
They
know
an
awful
lot
about
about
how
urgent
they
are.
But
when
you
move
to
you,
when
they
look
at
the
vms
in
the
google
cloud,
those
are
just
black
boxes.
They
have
no
idea
what
they
can
defer.
Q
Q
Q
Well,
if
you
look
at
the
amazon
sustainability
blog
at
the
moment,
and
and
it's
giving
guidance
on
on
how
people
should
write
more
sustainable
code
in
the
future,
they're
pushing
spot
instances
quite
heavily,
and
I
would
tend
to
think
that
that's
a
very
good
idea,
so
a
spot
instance
I
mean
everybody
knows
a
spot
instances.
Q
You've
you've
wrapped
your
application
in
in
it
effectively
in
an
enabled
aws
spot
instance,
and
you
said,
run
it
when
you
got
the
chance
that
gives
aws
and
aws
orchestrators
and
and
schedulers
the
chance
to
balance
that
and
run
it
when
they
can
and
take
account
of
everything
else.
That's
going
on
the
system,
so
their
schedulers
have
more
information
than
your
local
kubernetes.
Scheduler
would
do
and
you've
told
it
that
you've.
Q
Given
a
lot
of
information
about
that
task,
you
said:
look
I
don't
mind
when
it
runs
just
make
sure
it
runs
at
some
point
and
as
a
result
of
that
you're
paying
a
lot
less
money,
and
that
reflects
the
fact
that
actually,
these
boss
instances
help
aws
and
the
other
providers
also
provide
them
to
make
their
systems
more
efficient
and
it
cuts
the
cost
for
them.
It
has
a
a
a
lower,
marginal
marginal
cost.
Q
Everything
I'm
talking
about
it's
it's
good
to
us
in
a
certain.
It
is
good
up
to
a
certain
point,
but
it's
not
perfect,
so
it
causes
problems
with
hardware,
but
those
are
other
problems
that
we'll
hope
that
google
fix
and
at
some
point
hopefully
I'll
talk
to
you
about
what
they
did
to
fix
them.
Q
I
won't
worry
too
much
about
too
much
about
this
now
so
given,
given
that
I've
told
you
that
google
and
amazon
and
and
azure
have
an
awful
lot
of
work
to
do,
but
the
way
that
they
are
attempting
to
do
it
is
using
programmatic
infrastructure
and
scheduling.
It
seems
a
little
a
little
perverse
for
me
to
say
that
kubernetes
is
doomed
given
that
kubernetes
is
a
programmatic
orchestrator
with
scheduling,
but
I
think
there
are
some.
Q
There
are
a
couple
of
really
quite
terminal
problems
with
kubernetes
at
the
moment
when
it
comes
to
this
new
world
of
advanced
temporal
shifting
scheduling
the
one
of
them.
This
is
essentially
not
even
the
main
one
is
it's
that
there
is
not
enough
variety
of
tasks.
So,
if
you're
running
kubernetes,
the
likelihood
is
you're
using
it
to
manage
an
enterprises
worth
of
workloads
and
google
themselves
point
out
in
their
paper
that
that
isn't
really
enough
tasks
to
to
get
really
good
utilization
to
get
the
efficiency
up
to
the
level
that
they
need.
Q
In
order
to
meet
this
zero
carbon
deadline
is
they
need
re?
They
need
massive
variety
of
tasks
of
tasks,
sizes
task,
priorities,
tasks,
urgencies
and
you
just
don't
have
that.
So
that's
a
bit
of
a
problem.
Your
workloads
are
probably
not
labeled
enough.
You
probably
don't
have
enough
higher
priority
and
low
priority
workloads
anyway,
but
even
if
you
do
they're
not
sufficiently
labeled
and
but
the
first
one
will
be
very
hard
to
fix.
The
second
one
is
fixable,
especially
if
you've
got
10
years
to
do
it.
Q
Q
They
are
too
inefficient
and
if
a
tool
is
going
to
be
running
all
the
time
as
as
these
tools
nest,
necess
by
necessity,
have
to
do,
those
tools
are
going
to
have
to
be
super
efficient
and
at
the
moment
that
has
not
been
a
requirement,
but
it
will
be
over
the
next
year,
10
years,
it's
going
to
become
an
absolute
requirement
and
you
need
to
be
pushing
back
to
your
suppliers
and
saying,
okay,
I
want
service
meshes.
There
are
a
lot
more
efficient
loans
that
are
being
offered
to
me
now.
Q
Q
So,
going
away
from
this
away
from
this
talk
and
and
going
back
to
work,
what
do
I
think
you
should
be
thinking
about
and
you've
got
time
you've
got
years
on
this,
but
it's
it's
a
big
change
and
we
need
to
be
preparing
for
it.
You
need
to
be
architecting,
architecturally
thinking
in
terms
of
high
and
low
priority
tasks,
and
I'm
using
that
literally
high
and
low
priority
task,
not
high
and
low
importance
tasks.
Q
It's
a
classic
of
management
that
you
have
important
tasks
and
urgent
tasks
and
that
they
are
not
the
same
thing
just
because
a
task
is
low
priority.
It's
not
urgent,
doesn't
mean
it's
not
important.
It
might
be
your
most
important
task,
but
you
need
to
split
out
what's
urgent
and
what's
not
urgent,
because
that's
going
to
be
utterly
required
in
a
world
of
variable
availability
power
embrace
spot
instances,
because
with
kubernetes
you
can
be
managing
spot
instances
as
well
as
your
normal
kubernetes
workloads
have
a
go
at
that.
Q
Make
sure
that
you
can
do
that
and
encourage
your
developers
to
start
thinking
in
terms
of
designing
architecting
to
use
spot
instances,
because,
with
a
spot
instance
it's
it's
that
they
can
be
incredibly
efficient
and
they
can
be
used
by
the
cloud
providers
to
to
to
help
them
move
towards
those
those
zero
carbon
goals
in
a
way
that
stuff.
That's
that
you're
managing
yourself
that
they
can
never.
They
can
never
do
that
as
well.
Q
So
I
said
distributed
systems
work
well
with
if
you're
splitting
tasks
out,
if
you
are
carving
application,
carving
micro
off
your
monolith,
start
thinking
in
terms
of,
can
you
carve
off
applications
that
have
a
consistent
sla
associated
with
them
in
the
right
now?
Spots
are
the
most
obvious,
but
I
think
there
will
be
more
sophisticated
spots
in
future.
That's
that
maybe
that
will
allow
you
to
say
well.
I
need
this
to
run
within
the
next
hour.
Q
I
need
this
to
run
three
times
a
day,
a
bit
of
a
a
halfway
house
between
spots
at
the
moment
and
systems
that
that
you
just
have
entirely
under
your
own
control.
Think
about
what
regions
some
regions
are
much
more
energy
have
much
more
sustainable
energy
in
them
than
others.
We
talked
a
little
bit
about
that
earlier
targets.
Your
efficiency
improvements
at
things
that
have
to
that
are
urgent,
that
you're
going
to
have
to
run
like
that.
Q
That's
where
you
really
need
those
efficiency,
improvements
and
efficiency
improvements
are
a
pain
in
the
neck
and
take
ages
and
yeah
yeah,
so
so
target
them
all
the
stuff
that
you
can't
stick
in
a
spot,
because
if
you
can
stick
it
in
a
spot,
it
doesn't
need
the
efficiency
improvement
as
much
and
make
sure
you're
using
the
engine
devices
and
if
you're
gonna
be
lacking
power,
those
devices
has
power.
If
they
don't
have
power,
then
they
won't
be
logging
into
your
systems.
So
almost
by
definition,
the
device
has
some
power
to
work
with.
Q
You
could
always
fall
over
to
using
that
failovers
using
that,
if
you
need
to,
but
you'll
have
to
think
carefully
about
how
you
achieve
that
for
your
particular
applications
and
as
a
little
a
little
thought
experiment
for
you
to
be
thinking
about,
or
for
you
to
be
setting
for
your
development
team
could.
F
Q
Run
90
of
your
global
cpu
usage
on
spots
now
that
might
seem
like
a
crazy
thing
for
me
to
suggest
and
actually
cpu
usage
and
energy
usage
are
a
very
good.
It's
good
rule
of
thumb
that
your
cpu
usage
and
your
energy
usage
are
pretty
much
the
same
kind
of
thing.
Q
You
might
think
that's
crazy
talk.
I
couldn't
possibly
do
that,
but
have
a
think
about
it,
because
actually
there
are
quite
a
there
are
several
ways
that
you
could
do
that
on
almost
any
system.
It's
the
kind
of
thing
we
used
to
do
in
the
90s.
We
didn't
have
any
any
cpu
or
memory
or
anything
else,
but
you
say
come
up
with
cunning
schemes
for
doing
these
kind
of
things
and
and
they
do
work
quite
well.
Q
There
are
more
efforts
and
you
do
have
to
think
about
them,
but
you
know
it's
quite
a
fun
thing
to
think
about
crazy
stuff
like
that
and
because
actually
in
10
years
time,
that
is
the
situation
you'll
be
in
I'm
afraid,
unless
we
completely
discover
some
amazing
new
storage
technology
during
that
time,
which
I
think
is
unlikely.
So
that's
that's
your
main
takeaway
from
this.
The
second
takeaway
is
my
job
these
days,
as
well
as
talking
to
conferences
and
doing
techy
things.
Q
I
am
a
science
fiction,
writer,
a
speculative
fiction
writer
and
to
celebrate
this
conference
today.
My
first
book
utopia,
five
is
on
is
available
for
free
download
today,
today,
only
so
go
away.
Google
utopia,
five
on
amazon
and
fully
boots,
get
yourself
a
free
copy.
Q
So,
yes,
that
is
my
talk.
So
paula.
C
That's
brilliant
thanks.
Anne
I'd
do
a
quick,
a
quick
recommendation
for
the
book
as
well,
because
I've
read
it.
It's
very
good.
I'm
working
my
way
through
the
rest
of
the
series,
so
I'm
very
excited
we
hadn't
got
any
questions
posted
in
the
slack
channel,
but
I
did
have
one
question
so
I'll.
Just
ask
my
own
question.
You
mentioned
about
efficiency
of
tools
and
you
specifically
called
out
service
measures
as
being
pretty
inefficient.
C
Q
No,
there
isn't,
although
it
is
one
of
the
things
that
so
I'm
involved
in
the
green
software
foundation,
the
the
microsoft
and
linux
foundation
group
to
start
giving
advice
on
on
how
to
write
greener
software
and
how
to
operate
greener
software,
and
this
is
one
of
the
things
we'll
be
looking
into.
So
what's
what
should
you
be
doing?
You
know,
what's
putting
putting
a
little
bit
of
pressure
on
the
on
the
writers
of
these
tools
to
make
sure
that
they
are
more
energy
efficient
in
the
future.
Q
E
I
was
just
going
to
say
to
you
to
ann's
point
about
spot
instances,
it's
worth
noting
that
at
least
up
until
fairly
recently,
I
think
the
entirety
of
yelp
used
to
run
on
on
spot
instances.
So
it
is
certainly
possible
for
even
large-scale
web
scale
applications
to
to
do
that.
C
E
What
a
day
it's
been
fabulous,
I
know:
we've
we've
had
some
teething
issues
shall
we
say
with
with
technology.
These
things
are
never
easy.
Despite
all
of
the
the
months
and
months
that
we've
all
spent
over
the
last
couple
of
years,
video
calls
and
streams.
It
still
doesn't
always
go
entirely
to
plan.
So
apologies
to
to
any
of
our
speakers
who
were
affected
by
that
or
or
any
of
any
of
you
watching.
I
hope
everybody's
had
a
great
day.
E
I've
certainly
enjoyed
all
of
the
talks
and
and
the
chat
and
slack
I'm
sure
the
same
applies
for
you,
paula
right.
It's.
C
C
It's
been
real,
no,
it's
been
fantastic.
Thank
you.
Thank
you
to
all
of
the
speakers
and
it's
I've
been
so
pleased
to
hear
so
many
different
talks.
It's
it's
interesting.
Even
in
this
kind
of
somewhat
niche
space
of
kubernetes
there's
been
we've
had
so
many
broad
talks
and
conversations
has
been
fantastic.
So
a
big
thank
you
to
all
the
speakers
and
I'm
delighted
that
we've
reached
the
end,
but
this
is
not
the
end
of
the
conference.
E
No
not
at
all
I
mean
I
guess
before
we
it's
not
even
the
end
of
the
day,
yet
paula
we've
still
got,
we've
still
got
absolutely
awesome
pub
quiz
which,
which
lewiston
and
parry
is
going
to
run
for
us
and
we're
just
waiting
until
he
joins.
So
please
do
stick
around
for
that
before
that,
though
we
should.
We've
thanked
all
our
speakers
today.
Speakers
we've
got
more
fabulous
speakers
for
you
tomorrow.
E
K
E
Also
worth
giving
a
shout
out
to
all
of
the
cncf
communities
in
the
uk
kubernetes
community
days,
as
I'm
sure
everybody
knows,
are
community
grassroots
community
events
supported
by
the
cncf
but
ultimately
put
together
by
community
folk
in
their
spare
time
from
the
ground.
And
and
so
we
should
have
a
big
shout
out
to
cloud
native
london
cloud
native
wales,
cloud
native
bristol
cloud
native
birmingham
cloud
native
manchester
cloud
native
edinburgh
cloud
native
glasgow.
E
I
don't
think
I've
forgotten
anybody,
but
hopefully
that's
all
of
them
who
who
really
keep
the
the
cloud
native
community
going
in
across
the
uk.
So
thank
you
to
all
those
folks
and
we
should
also
thank
our
workshop
providers.
Hopefully
some
of
you
managed
to
spend
some
time
at
some
of
our
sponsor
workshops.
E
So
thank
you
to
to
all
the
folks
who've
run
those
jet
stack
control
playing
solo.
I
o
container
solutions
sneak
and
souza
and
thank
you
for
our
watch
party
sponsors.
I
know
I've
been
at
the
watch
party
here
in
manchester
and
I
know
that
the
folks
are
at
the
watch
party
in
cardiff.
So
thank
you
to
tram,
shed
tech
and
to
soft
iron
for
sponsoring
those.
E
And
thank
you
to
our
charity
partners.
We
haven't
added
up
exactly
how
much
money
we've
raised.
Yet
how
would
paula,
but
I
know
it's
quite.
F
E
So
that's
great
so
stemettes
and
and
protector.
Thank
you
for
getting
involved
with
kubernetes
community
days.
You
know
this
whole
event's
been
for
charity.
Everything
above
the
costs
of
putting
it
together,
we'll
all
go
to
those
fantastic
charities.
E
I
don't
think
I've
forgotten
to
say
anything
there
paul
anything.
You
want
to
say.
C
We
are
just
waiting
for
our
excellent
quiz
host
luis
to
join
us,
and
then
we
have
it
all
again
to
do
tomorrow,
so
we
are
starting
at
the
same
time,
I
think
we're
starting
at
10
o'clock
tomorrow
morning
and
we
have
got
a
fantastic
track
of
keynotes
we're
opening
with
amanda
brock
from
open
uk.
So
please
be
here
at
10
o'clock
to
join
us
for
the
for
the
kickoff
and
then
we've
got
two
tracks
again
same
format
as
today.
C
So
we
are
really
really
really
excited
to
see
all
of
those
different
talks.
The
talks
that
you've
heard
today
will
all
be
available
to
rewatch
as
well.
So
once
we
have
the
the
recordings
kind
of
polished
up
they'll
be
available
on
our
youtube
channel.
I
know
we've
used
two
youtube
channels
today,
but
all
of
the
talks,
if
you
want
to
go
back
to
them,
will
all
be
available
on
our
youtube
channel,
so
you'll
find
them
all
there.
E
And
well,
I
know
we'll
also
try
and
fix
the
couple
of
talks
that
the
pre-recorded
ones
will
upload
the
actual
high-res
video
of
those
right,
because
I
know
they
were
not
not
great
on
the
streams
right
so.
E
The
resolution
so
we'll
make
sure
the
video
quality
is
good
for
those
for
those
ones
that
that
we
did
playback
pre-recorded
right.
C
Hopefully,
he's
going
to
come
back
and
ask
us
some
questions,
I'm
hoping
that
they're
not
too
difficult,
because.
E
Yeah
good,
we
are
in
work
life
a
manchester
co-working
space,
so
it's
been
great
great
conversation
watching
the
different
tracks
had
some
lunch
so
yeah,
it's
all
been
fantastic.
E
I'm
not
sure,
I'm
actually
in
a
different
room,
because
it
was
a
bit
difficult
to
get
the
the
technical
aspects
of
presenting
from
the
same
room.
We
wanted
to
avoid
feedback,
but
I
think
so,
and
I
and
I
suspect
this
there's
going
to
the
pub
in
the
future
of
this
group
at
some
point
once
we
are
once
we
have
finished
here.
E
C
C
E
See
what's
happening,
let's
see
if
we
can
find
out
what's
what's
going
on
here.
B
F
A
E
E
Was
running
out
of
philly
lewis
so
breathe
it's
over.
A
So,
yes,
sorry
about
this
another
story
for
another
day
over
a
point:
if,
if
you
ever
see
me
in
person
in
the
conference
in
a
nutshell,
just
in
the
future
there's
so
many
war
stories,
I've
got
today,
it's
been
phenomenal,
but
how
have
your
days
been
well,
so
I.
F
F
A
A
Awesome
awesome,
so
the
quiz
will
be
ready
and
momentarily.
As
you
see
me,
frantically
type,
I'm
not
finishing
up
the
questions
right
now
is
I'm
just
gaining
access.
I've
just
had
to
swap
computers
because
that's
what
we
do
isn't
it
this
is.
This
is
what
we
build
for.
This
is
what
we
prepare
for
within
our
phone.
If
we're
not
dependent
on
a
single
vm,
we
should
never
have
a
single
dependency.
So
so
we
just
brought
in
chaos
quizzing.
To
be
honest,
it's
nice,
but
honestly
these
questions,
though,
that
they
are
they're
intense,
so.
A
It
going
so
we're
going
to
be
using
a
tool
called
kahoot
for
this
if
anyone
has
been
with
families
during
the
lockdown
you're,
probably
well
aware
of
what
kahoot
is
and
for
one
of
those
family
quizzes
that
you've
been
in,
so
I'm
just
going
to
share
it.
Now,
I'm
going
to
ask
for
my
friendly
av
assistant
to
help
me
out
so
we're
just
going
to
remove
some
spotlights
hi
watch
party
manchester
lovely,
to
see
you.
A
I
went
to
umist,
incidentally,
and
that's
my
university
of
choice
and
I've
never
been
allowed
back
into
manchester
ever
since
so
yeah
that
that
is
not
a
spoiler
for
the
quiz
and
it's
just
a
it's
a
fact
of
my
life
right.
If
you
go
to
kahoot.it
and
then
you'll
be
requesting
a
pin,
so
the
pin
is
nine
nine
one,
five
four
six
one:
either
matt's
identity
has
already
been
taken
or
matt's
just
joined
in
equally
we're
just
going
to
do
this
as
a
quick
run
through
and
we've
got
a
warm-up
round.
A
Danny
has
now
joined
the
party
yeah.
Now
I'm
very
much
looking
forward
to
catching
up
on
them
on
on
today's
events
and
I'm
looking
forward
to
it
tonight
and
equally
tomorrow.
I've
got
some
more
time
for
the
conferences,
so
yeah,
but
it's
been
a
pleasure
working
with
everyone
to
do
this,
and
I've
got
some
references.
I
think
in
some
rounds.
A
See,
incidentally,
like
when
I
usually
do
this,
I
just
take
someone
else's
identity.
I
just
take
andrew
martin
from
control,
plane
and
yeah.
Then
we'll
see
how
it
goes
right,
we'll
get
started
with
this
one.
Now,
let's
get,
let
me
get
rid
of
my
face.
We
don't
want
to
see
that
cool
right,
I'm
going
to
get
started
on
this
quiz.
We've
only
got
three
questions
on
this
one
because
I
didn't
want
us.
A
I
didn't
want
us
to
test
in
production
that,
yes,
other
danny
perfect.
That's
that's
what
I'm
talking
about
several
great
names
right,
we're
going
to
get
started
on
this
one,
but
don't
worry
this
isn't
the
main
quiz.
This
is
the
biscuit
format,
so
we're
using
this
just
to
test
out
our
user
interfaces.
A
A
So
this
is
an
example
of
a
quiz
question.
So
can
you
just
name
me
this
biscuit
now:
you've
got
20
seconds
in
this
instance,
and
you
should
see
on
your
device
that
you've
connected
with
you
should
see
a
red,
blue,
yellow
green.
If
you're
color
blind,
you
should
see
different
shapes
anyway.
What
kind
type
of
biscuit
is
this,
and
I
don't
even
know
if
this
is
my
coffee,
but
I'm
going
to
go
for
it.
A
It
was
a
rich
tea,
see.
I
it
took
me
two
hours
to
source
a
picture
of
a
rich
tea
that
looked
like
a
digestive,
this
okay,
see
and
if
you're
frustrated
now
take
this
pain
and
multiply
it
by
an
exponent.
Like
a
huge
number,
that's
what's
going
to
happen
at
the
end
of
this
quiz,
but
it
was
a
rich
tea
and
who
would
start
biscuit
quiz
with
a
rich
tea.
This
fall,
but
that.
A
Now
there
might
be
another
question
where
it's
true
or
false.
So
do
you
add
milk
before
hot
water
when
making
tea?
So
in
this
it's
either
true
or
false,
and
there's
obviously
only
one
right
answer
so
whilst
you're
doing
this?
Incidentally,
if
you're
searching
google
for
this
answer
right
now,
this
I
don't
know
what's
going
on.
Like
that's
true
yeah,
I
don't
think
I
don't
think
any
search
engine
is
going
to
help
you
for
this
quiz
this
afternoon.
So
false!
A
A
Matt
knows
away,
as
you
can
see
by
the
scores
they're
not
set,
so
it
is
fastest
fingers.
First,
we
really
want
to
see
those
fingers
shout
out
to
uk
references
from
the
90s
there.
A
Finally,
we've
got
some
answers
where
you
have
to
try
your
best
at
being
able
to
type.
So
you
will
see
occasionally
some
gifts,
and
here
is
lord
and
savior,
paul
hollywood
in
the
bake,
tent
and
baking
some
biscuits.
But
what
biscuit
should
he
have
baked
to
be
defining
the
best
biscuit
available
to
us
if
you've
been
recently
looking
on
twitter,
then
there's
a
thread
that
I've
had
with
dan
pop
and
given
a
deeper
detail
into
it
and
instantly.
A
I
think
my
memoirs
as
to
my
life
with
biscuits
will
be
released
at
the
end
of
this
year.
So
these
shout
out
to
one
of
them
biscuit
oh
gee,
where's.
No,
it
is
for
chocolate,
hot
knob
and
thankfully,
someone's
got.
I
think
we've
got
two
people
with
that.
As
you
can
see,
I
I've
allocated
for
spelling
as
well,
but
it
should
be
one
word,
but
anyway
there
we
go.
So
that
is
our
quiz,
not
our
four
quiz.
A
We've
got
lots
more
tech
questions,
but
in
our
biscuit
walmart
in
third
place,
it's
dave,
you
congratulations,
dave
and
you
get
a
cursed
cream
guy.
You
get
the
pink
wafer,
but
with
the
chocolate
hobnob
of
success,
I
think
we
all
know
who
it
is.
It's
matt
right.
So
there
we
go
matt.
I
will
take
payments
for
giving
you
the
answers
to
those
questions.
After
the
end
of
this
month,
yeah.
A
Well,
I
think
that
is
it
I
am.
I
don't
actually
think
there
is
another
round
on
biscuits,
so
I'm
just
going
to
stop
my
shared
moment
and
I'm
just
I
don't
know
if
you
could
see
me
doing
that,
but
I'm
just
going
to
get
the
next,
I'm
going
to
get
the
real
quiz
up
and
right
now
the
real
quiz.
Let's
just
warm
up
biscuits,
are
important.
A
A
A
You
know
what
let's
go
for
it.
I
think
we
should
just
go
for
it
danny,
we'll
we'll
put
this
in
our
retro
for
next
time.
Let
me
just
get
the
next
quiz
up
and
running.
A
Actually,
oh,
what
I'll
do
is
there
we
go?
This
is
all
about
fixing
you'll,
be
able
to
see
it
on
your
phone
at
the
same
time,
so
the
phone
I'll
get
it.
So
that
question
appears
on
your
phone.
There
will
be
a
delay,
and
yes,
so
let
me
just
make
sure
I
have
that
setting
there
we
go
cool,
okay,.
A
A
It's
going
to
be
intense
thanks.
Thank
you
av.
Yes,
so
we've
got
a
new
quiz
set
up
right.
Remember
our
code
of
conduct.
At
this
point
I
have
tested
this
out
with
some
select
words.
Now,
I'm
I'm
sure
that
we've
got
some
people
who
are
security,
focused
or
penthouses.
Who
will
try
to
really
push
some
things?
So
yes,
so
what
we'll
do
is
we'll
probably
leave
this
running
for
two
minutes?
A
Well,
so
do
that
maybe
I'll
just
take
the
opportunity
to
be
serious
for
two
minutes
and
whenever
I
give
a
talk,
which
apparently
is
quite
rarely
nowadays
for
whatever
reason,
one
thing
that
I'd
like
to
highlight
is
mental
health
wealth,
mental
wellness
personally,
I've
suffered
in
the
past
with
not
feeling
great
and
whatever
that
may
be,
but
most
people
would
call
it
depression
and
obviously,
for
the
last
18
months
it
has
been
an
absolute
slug
and
everyone
has
their
own
battles
depending
on.
A
However,
deep
they
are
the
one
thing
that
is
really
helpful
and
has
really
helped
me
is
just
being
told
that
don't
ever
try
to
compare
yourself
to
someone
else's
pain,
whatever
pain,
you're
feeling
is
the
pain
that
you're
feeling
people
can't
necessarily
see
it
in
your
head,
if
you're
feeling
absolutely
terrible
and
I'm
sure
that
there
are
so
many
people
around
you
who
would
never
feel
that
way
about
you.
A
So
if
there
is
anything
that
if
there
is
ever
a
time
or
moment
of
weakness,
there's
a
number
of
support
networks
around
you,
I
would
always
say
my
dms
are
open,
but
there
are
definitely
other
people
are
available,
but
there's
always
an
option.
There's
always
help
and
yeah.
So
on
that
that
is
going
to
be
the
most
serious
thing,
I'll
possibly
say
this
week.
A
But
to
that
point:
yes,
it
is
a
serious
matter
and
I
hope
everyone's
well
and
I'm
really
looking
forward
to
being
able
to
see
people
in
person
virtually
it's
kind
of
cool
and
it's
helped
us
it's
been
a
means,
but
I
think
we're
full
we're
all
we're
all
getting
into
that
position
when
we
just
really
want
to
be
in
a
conference
center
together
and
who
would
have
said
that
in
2019,
who,
in
their
right
mind
would
have
said
that
okay,
so
cool,
I
think
we've
got
a
couple
of
players
in
so
this
will
be
on
youtube.
A
A
Right
so
we
started
off
today:
we've
you
might
be
at
one
of
the
watch
parties
you
might
be
in
the
office
you
might
be
at
home
and
so
far
you've
probably
brewed.
Several
mugs
of
tea
started
off
with
coffee.
Probably
you
probably
have
the
same
age
as
me
now,
where,
if
you
drink
coffee
after
2
pm,
you
don't
sleep
until
the
other
day.
A
So
with
that
being
the
case,
it's
time
to
get
in
the
pub
it's
time
to
get
down
there,
it's
time
to
get
pork,
scratchings
or
pickled
egg,
whatever
maybe
get
that
crisp
back
open
up
that
you
share
with
everyone
around
you
I'd
best
of
luck
to
try
and
find
any
of
these
answers
in
an
encyclopedia
or
dictionary
or
any
search
engine.
A
A
So
I'm
going
to
show
you
a
picture
of
some
code
because
that's
how
I
share
my
code
by
taking
screenshots
that's
how
people
should
share
code,
I'm
going
to
show
you
a
programming
language.
What
I
would
like
you
to
do
is
I'd
like
you
to
type
the
name
of
that
programming
language,
so
this
will
be
appearing
on
your
phones
now
and,
if
you're
watching
on
youtube,
this
probably
appeared
10
seconds
ago.
So
can
you
name
this
programming
language
you've
got
30
seconds
to
tell
me
which
programming
language.
This
is.
A
To
me
it
doesn't
matter
it's
just
getting
a
container,
that's
all!
I
need
just
get
it
running.
That's
all
that
I
want
so.
Yes,
let's
see
what
answers
we
got.
We
got
a
couple.
It
was
closer.
We
got
one
person
with
it,
who's
it
going
to
be.
Hopefully
it's
not
going
to
be
not
lewis,
but
let's
see
I
didn't
know.
I
gave
matt
the
answers
to
this
quiz
as
well.
I
do
apologize.
I.
A
A
A
A
A
So,
let's
see,
if
anyone
got
the
answer
this
one,
this
one's
called
arnold
c,
I
think
we'll
see
a
programming
language,
but
look
don't
okay.
I
understand
you're
getting
frustrated,
just
save
that
energy
just
leave
it
for
a
big
outburst
in
a
bit
of
time.
We
won't
be
doing
it.
We
won't
be
going
through
63
languages
by
the
way.
So
this
one,
let's
see
we
can
get
you
with
this
this.
A
A
That's
being
dethroned
by
abes
and
let's
go
on
to
the
next.
A
A
Maybe
maybe
shift
left
with
feedback
just
give
feedback
with
the
answers,
and
then
I
can
mould
this
quiz
as
we
go
through
today.
I
wish
it
was
css.
It
was
pete
and
again,
there's
spent
quite
a
few
minutes
last
night
trying
to
find
out
how
to
pronunciate
it
and
we
confirmed
well.
I
think
we
confirmed
it.
A
It
was
late
and
it
was
time
for
bed.
Okay,
here's
another
one.
This
just
looks
like
pain
to
me.
Yeah.
I
can
debug
that
that's
easy
enough.
I
can
debug
in
two
minutes
open
up
your
ide
of
choice,
and
then
you
see
that-
and
it's
just
like
right-
that
if
you
multiply
that
feeling
by
five
that's
kind
of
how
I
felt
today
we're
stressed,
but
there
we
go.
A
A
A
A
A
So
I
think
we
got
one,
no
it's
lol
code,
so
I'm
thinking
of
adding
some
of
these
to
our
ctf
later
at
cubecon
in
north
america
next
year.
This
might
be
some
fun.
Well,
not
really
going
to
learn
much.
I
guess
from
that
now
this
one
you're
probably
going
to
have
to
look
in
your
phone
for
this
one
there's
a
lot
in
there.
A
A
Rockstar,
so
a
lovely
chat,
dylan
beatty
wrote
the
rockstar
language
and
also,
if
you
check
out
his
youtube
channel,
he's,
got
some
great
songs
about
apis.
He
does
have
great
songs,
but
apis
he's
phenomenal.
So
right
here
we
go
we're
going
into
our
next
one.
I
don't
necessarily
know
if
you
can
see
the
banner
as
of
soon
but
name
the
technology
from
name
the
technology
thing
from
its
emojis
form.
A
A
A
It
was
a
keyboard
shortcut,
so
we
had
a
key.
We
had
a
sleep
for
boredom
and
then
we
had
someone
cutting
their
hair
again
somewhere
somewhere
in
the
world
right
now,
people
are
flipping
their
desks
name.
The
technology
thing
from
this
emoji
form,
so
we've
got
two
emojis
there.
What
could
they
relate
to.
A
I
just
realized
I
look
like
the
face
emoji,
but
with
the
eyebrows
underneath
my
eyes
representing
the
bags
that
I'm
suffering
from
at
this
moment
inside.
But
yes,
so
this
one
web
king
web
crown
no,
it
was
webmaster.
Oh
no,
I
got
webmaster
right,
we'll
see
how
we
do
on
the
next
one,
maybe
I'll,
try
and
give
some
hints.
So
this
one
come
on.
It's
we're!
Obviously,
just
it's
where
those
photos
are
being
stored.
Isn't
it
it's
yeah
just
keep
them
on
someone
else's
computer.
Just.
A
Do
you
remember
when
mobile
phones
used
to
be
cheap,
like
you'd
lose
a
mobile
phone
once
a
week
of
team,
and
then
you
could
get
another
one
for
a
couple
of
pounds
nowadays,
it's
you
need
to
remortgage
your
house
and
still
just
get
a
new
phone
anyway.
On
that
one
we've
got
cloud,
ask
about.
Yes,
it
was
icloud
all
right.
We've
got
some
movement
on
the
table.
A
A
A
A
A
Is
everyone's
favorite
slide
deck
thing,
slidex.
A
Yeah,
I
don't
think
I'm
going
to
be
able
to
watch
myself
after
this
when,
yes,
it
was
powerpoint,
seeing
the
way
that
the
cogs
in
my
head
are
slowly
creaking
around
trying
to
remember
how
we
did
this.
So
yes,
we're
a
third
of
a
way
through.
Don't
worry,
not
too
much
pain
now
so
here
we
go
this
one's,
so
we've
got
okay.
So
it's
a
convenience
thing
like
it's
a
spa
and
londis.
A
A
To
be
honest,
I
don't
think
I'm
ever
going
to
be
invited
to
a
public
event
again
only
just
be
shouted
out
on
stage
for
for
this
quiz.
Okay,
so
what
part
of
the
hand
is
that's
been
shown
on
the
left
and
and
then
what
are
being
painted
on
and
then
I
think
this
could
go
back
to
photos
you
might
have
on
your
system
and
how
do
we
preview?
Those.
A
Fun
paint,
I
I
think,
there's
a
collective
groan
if
you're,
not
one
of
the
seven
who
received
those
points
and
we
got
movement
on
the
table,
matt
is
just
teasing
with
us
he's
coming
back
with
a
vengeance
back
in
the
game.
A
So
I
right
we're
almost
there,
so
this
one's
back
in
the
day
it
feels
it
feels
back
when
I
was
in
school.
So
what
are
we
doing
to
shut
this
person
up
again?
I
promise
I'll
stop
talking
after
this
quiz
and
then
what
kind
of
transport
is
it.
A
See
being
welsh
as
well,
I
could
have
put
the
bus
on
there
as
well
with
a
person,
because
we
call
them
drive
so
zip
drive
was
the
answer
to
that
one.
A
That's
back
in
the
game
own
only
ever
so
slightly,
though
here
we
go
with
the
next
one,
everyone's
favorite,
if
you're
at
kcd
uk
today.
This
is
what
we're
talking
about
the
majority
of
the
time.
A
How
do
we
manage
our
containers
with
ice
cubes?
Well,
we
have
soft
drinks
with
ice
cubes.
Then
we
go
to
beer,
sporting
events
and
finish
with
cheese
to
get
those
random
dreams
about
thinking
of
how
to
manage
our
containers
online.
I
don't
know
what
I'm
talking
about.
I
should
probably
shut
up
at
this
moment,
but
here's
ice
beer,
cold,
cheese,
hubernet,
cheese,
cuban
cube
beer,
nuts
cheese
was
also
an
answer
that
I
would
have
definitely
allowed.
Him
would
have
allowed
cupid
cheese.
A
A
That's
that's
how
we
should
be
talking
about
cuban
attitudes
right
there.
We
go
so
matt's
up
on
top
tim
is
closely
following
ben
abe,
and
his
mum
are
doing
phenomenal
and
john
is
in
fifth
place
right.
So
I
think
we're
on
to
the
next
round
now,
which
is
our
cloud
sudoku
round.
A
Now
we
call
this
kai
sudoku,
but
then-
and
we
realized
that
it
should
be
called
heroku
sudoku,
so
name
name
one
of
the
missing
factors,
so
you
got
60
seconds
to
do
this
so
within
here
we've
got
the
12
factor
application
and
the
12
factors.
We've
got
code
base,
build
release,
run
disposability
processes,
dev
crowd,
priority,
config
pool
binding
backing
services,
admin
processes,
all
your
favorites.
But
what
are
the
three
that
we're
missing?
A
So
if
you
can
type
any
one
of
those
free
just
type,
one
of
them
don't
type
all
three
of
them.
If
you
do
that,
you're
not
going
to
get
anything
I'll,
try
and
start
to
include
some
references
now
game
shows
in
the
uk,
probably
not
on
this
one,
this
one's
going
to
be
a
bit
too
difficult.
I
think
the
next
round
actually
is
going
to
will
bring
back
some
bruce
forsyth
into
the
next
round.
A
Yeah
here
we
go
we'll
go
for
a
family
fortunes
reference,
so
we've
got
transport
if
it's
on
the
board.
I'll
give
you
points
myself.
No,
so
we
got
dependencies
logs
and
concurrency
with
the
three
missing
factors
again
that
was
the
speed
based
round.
So
there
we
go
just
smack
onto
the
table
there
right
here
we
go.
A
A
A
Remember
fastest
finger
first:
oh,
let's
look
at
some
of
these
binaries
that
we've
got
okay,
so
this
looks
like
a
multi-stage
build.
Has
that
caught
anyone
out
we're
just
copying
across
a
binary,
so
we've
gone
lower.
It
was
lower.
A
And
we'll
find
out
how
much
lower
by
in
the
next
slide,
when
we
confirm
is
it
higher
than
lower
than
43
megabytes
so
that
one
was
43
megabytes
now
this
one.
So
this
looks
like
we're:
building
this
from
one
of
control,
plane's
favorites,
justin
brazell
and
we're
using
her
dockerfile
to
build
wine.
A
A
So
basing
this
on
ubuntu
bionic,
you
know
we'd
love
to
now
implemented
labels
in
metadata
and
yeah.
We're
running
so
we're
updating
it.
We're
installing
the
samba
nginx
open
ssl
gets
doubly
getting
killed,
so
it
was
lower
and
in
the
retro
I'll
have
notes
as
to
how
much
it
was
lower,
buy
instead
of
enterprise.
Next
but
well,
then
john
g,
you
have
got
a
correct
streak
of
three
in
a
row.
A
If
it's
I
think
like
at
this
point,
I
think
we
should
pause
for
five
seconds
just
to
let
john
update
linkedin
just
so
that
he
can
say
that
he's
got
three
correct
answers
on
the
darker
font
quiz.
So
is
it
higher
lower
or
lower
than
355
megabytes?
So
can
we
use
an
ubuntu
in
this
one,
so
we're
also
using
so
it's
essentially
the
same
as
last
time,
but
also
I'm
nervous.
It's
going
to
be
higher
or
lower.
What
do
you
think.
A
A
So
is
this
higher
and
lower
than
306.?
We
only
saved
a
little
bit,
but
is
this
one
higher
lower
so
we're
doing
a
if
we're
basing
it's
on
golang
we're
installing
a
number
of
things
we're
setting
a
terraform
version,
then
we're
doing
a
git
checkout?
A
Yes,
well
done,
tim
and
john
in
oh
and
greg
now,
you're
on
four
correct
answers
in
real,
quick
you're
going
up
if
you're
not
aware
of
what
a
multi-stage
build
is
please
please
go
and
see
it.
It's
a
great
way
to
reduce
the
sizes
of
your
docker
images,
as
well
as
improving
security,
potentially
always
depending
on
how
you
run
it
more
by
security,
comes
ctf
so
round
five.
So
this
is
a
picture
round,
and
this
is
all
about
the
movies.
A
So
we're
going
to
see
a
picture
from
a
movie
where
they're
showing
some
technology
that
we
would
consider,
but
it
was
an
alpha.
It
wasn't
even
a
beta,
and
so
can
you
tell
me
the
movie
so,
yes
name
a
movie
with
a
text
still
in
author,
that's
a
better
way
of
saying
what
I
just
did,
but
so
again
this
is
a
type
answer.
So
this
one
just
name
the
franchise,
we're
going
to
start
easy
on
this
one.
A
So
can
you
tell
me
the
franchise
that
smoothie
is
in
again
for
the
90s
reference
to
face
any
fans
of
football
from
the
90s?
This
kind
of
looks
like
kevin
keegan
based
on
based
in
a
football
match
in
space
in
the
year,
3000
there's
a
reference
to
busted
there
as
well,
apparently
yeah.
A
A
It
was
star
trek
right
and
also
we
saw
the
first
well,
no
we'll
just
save
the
first
watch
device,
whichever
your
favorite
brand
of
watch
is
like
smartwatch.
So
this
time
you
need
to
name
a
movie,
not
the
french
flight,
so
which
movie
was
this
so
in
this
movie.
I
believe
this
was
around
the
90s
as
well.
A
This
is
probably
when
you
find
out
that
this
movie
just
makes
you
feel
a
lot
older
than
you
should,
but
this
was
the
second
installment
of
a
certain
british
movie
with
an
actor
who
has
gone
on
to
be
in
mamma
mia.
I
guess
as
well
as
numerous
other
films.
Yes,
we've
got
james
bond,
but
I
wanted
the
movie.
I
didn't
want
to
know
his
james
bond.
I
want
tomorrow,
never
dies.
Yes,
he
was
remote
controlling
his
bmw.
I
think
it
was
five
series
through
carpark.
A
So
that
was
a
firm
favorite
from
a
1974,
a
certain
certain
attendee
rainbow
movie.
A
A
A
A
A
Apologies
for
the
cough,
so
let's
name
this
next
movie,
everyone's
favorite.
A
A
No,
it's
louis's
brain
is
it's
just
pretty
much,
it's
just
a
drum
set
and
no
one's
even
playing
the
drums,
it's
being
there
and
there's
just
cobwebs
around
it.
That's
what's
his
brain
right
now!
Well
done
dave
came
back
in
there.
A
A
Yeah,
it
was
doctor
strangelove,
yeah
cheers
that
was
right.
Three
of
you
got
it
awesome.
My
status,
though,
is
no
one
needs
to
know
my
status
updates
right
now.
A
A
Oh,
we
did
have
one
more
movie,
there's
probably
no
one
after
this
as
well,
okay,
so
this
one,
the
person
who
has
yet
to
age
and
arguably
I've
aged
more
during
this
quiz
than
this
person
has
in
the
last
30
years.
So
it's.
A
A
Cool
another
movie,
how
many
movies
do
you
put
in
oh
come
on?
Obviously
this
is
the
creme
de
la
creme.
We
have
another
movie
round
at
the
end,
but
before
that
we've
got
something
else.
So
this
one
I
need
to
know
not
the
franchise
but
which
one
it
is.
So
if
you
can
change
your
answer-
and
you
didn't
put
the
number
of
the
movie
quickly
do
so.
A
Okay,
I
think
five
of
you
are
going
to
find
me
after
this,
but
that's
all
cool.
It
was
back
to
the
future
too,
obviously
going
forward
in
time
to
2015.
A
I
I
still
skate,
and
I
fell
off
my
skateboard
in
front
of
my
son's
primary
school
a
couple
of
months
ago
in
front
of
all
the
other
parents.
That
was
another
thing
which
I
wish
I
hadn't
admitted
on
the
score.
Now
I
don't
think
we've
gone
into
hollywood
seminars
yet,
but
we'll
soon
find
out,
because
regarding
first
of
all,
we're
going
to
go
to
the
game
show
whose
tweet
is
this
anyway.
A
A
So
now
you've
got
some
selections
that
you
can
do
so
we
are
all
made
out
of
stars,
but
your
outback
shouldn't
be
now.
This
tweet
is
referenced
a
lot,
but
it
is
not
referenced
enough
to
styles.
By
simply
read
now.
I
think
the
cogno
is
is
very
keen
on
your
our
back
policies.
If
you
don't
know
who
mick
cognoll
is
then
get
whichever
listening
device
streaming
service
or
just
even
if
you
get
cds,
just
simply
red
stars,
classic
that's
sick.
So
was
it
much.
A
Who
originally
sent
this
tweet?
Yes,
it
was
in
cold,
water
and
stanley.
If
your
outback
is
made
out
of
stars,
then
yes
look
at
securing
their
back
policies
quite
quickly.
A
Here
we
go
right
same
one,
well
different
tweet,
introducing
vanilla
code
framework
right,
nothing
deployed
nowhere.
So
who
did
this?
Was
it
kelsey
hightower?
Was
it
joe
veda?
Was
it
our
very
own
josh
or
was
it
brendan
burns?
It
was
kelsey
hightower
and
the
other
tweet
that
we
could
have
referenced
with
this.
We
decided
not
to
so
dressed
for
some,
like
pop-up
video
information
for
further
notice,
who
tweeted
who
tweeted
this
picture
of
their
honked
mug.
So
we're
just
going
to
slowly
reveal
this.
A
This
is
like
catchphrase
now,
just
say
what
you
see
say
what
you
see.
Well,
click,
who
you
see
so
who
originally
sent
this
this
photograph
of
the
mug
on
twitter
and
stanley.
To
me,
it
looks
like
two
geese
on
the
side
and
it
was
liz
rice.
It
wasn't
allen
or
paula
or
christopher.
It
was
liz
rice's
mug,
but
from
clavcon
there
we
go.
A
Oh
cheryl
just
shared
some
great
advice
on
not
fearing
failure
and
having
a
mindset
of
abundance.
Kcd,
uk
quesadilla-
so
this
is
this-
was
a
tweet
from
earlier
on
today.
So
did
oyster
I'll
tweet,
the
spank
to
itself
did
nick
tweet.
This
did
hadrian
tweet
this
or
danny.
Did
you
tweet
this?
Let's
find
out
who
tweeted
it.
A
Correct
it
was
adrian
adrian
tweeted
well
done
if
you've
been
keeping
up
to
date
on
twitter's
or
if
you
just
look
twitter
or
if
you
just
hit
the
closest
button
to
your
finger.
So
this
is
a
multi-select
one
who
tweeted
this.
A
A
A
Keep
calling
cube
admin
the
movie
that's
coming
to
a
cluster
sometime
soon,
but
no,
it
was
hackers.
A
So
can
you
name
me
this
movie
now
this
one
was
phenomenal,
like
I
think
it
was
released
straight
onto
youtube,
initially,
there's
some
great
cameos
by
mr
david
hasselhoff
himself,
but
someone
who
occasionally
comes
to
wales
as
well
still
so
come
to
wales.
You
might
see
behalf,
but
yes,
so
who
well?
Which
movie?
Is
this
not?
Who
is
the
character
because
we
all
know
who
the
character
is
it's
hackerman,
but
what
was
the
name
of
a
movie.
A
Awesome
thanks:
it
was
kung
fury
if
you
haven't
seen.
Kung
fury,
definitely
check
it
out.
It
is
a
phenomenal
movie
and
someone
just
produced
it
and
put
it
into
youtube.
Great
I'll,
share
links
on
twitter.
If
I
can
never
find
my
phone
again,
if
no
one
is
trying
to
find
me
name
the
next
movie
so
where
so,
when
I
first
saw
this,
I
literally
did
think
this
was
a
young
elon,
musk
and
just
starting
out
his
empire.
But
it
wasn't.
It
was
a
different
movie
and
which
movie
is
it.
A
And
also,
if
paula
stark,
I
I
hope,
paul's
dog
has
made
an
appearance
so
far
in
the
conference
today.
Postdoc
is.
A
Not
been
great
to
get
to
know
the
dog
over
the
last
couple
months.
Oh
now,
this
one
used
to
be
a
gift.
So
this
is
a
gift,
oh
jeez.
Why
is
it
of
hugh
jackman,
so
huge
jackman?
Yes,
that
is
right.
I'm
thinking
it's
huge
yeah.
It
is
hugh
jackman
anyway
famed
for
many
musicals
playing
wolverine
everything
else.
He
was
in
a
movie
where
he
was
hacking
away.
It's
named
after
a
certain
animal
within
the
sea.
A
Halle
berry
was
in
that
movie,
but
this
was
when
he
was
dancing
like
we
all
do
on
our
standing
desks
when
we're
writing
code-
and
if
you
haven't
seen
this
movie
just
yeah,
I
haven't
got
it:
two
people
have
got
swordfish
so
just
search
hugh,
hugh
jackman,
hacking,
swordfish
and
maybe
just
quick
quiz
now
just
go,
and
do
that
because
that
that's
like
my
debug
spirit,
animal
is
huge.
A
So
this
is
part
of
the
franchise,
but
I
want
to
know
the
actual
movie
itself
and
no
they're
not
looking
for
me,
this
isn't
a
team
of
cloud
native
engineers
and
enthusiasts
and
everyone
else
just
trying
to
find
where
I
am
just
to
find
me
to
save
this
pub
quiz.
What
did
he
do
why?
Why
did
he
make
us
do
this
now?
But
this
was
another
movie
when
they
were
trying
to
find
someone,
and
there
is
a
bit
of
an
ultimatum.
A
Anyway,
we're
not
we're
almost
hanging
there
hanging
there
right.
This
is
one
of
those
classic
movies.
The
anime
ones
remember
seeing
this
first
of
all
should
I
be
on.
I
have
a
fear
of
mannequins
there's
this
truth
that
I
am
terrified
of
mannequins
and
people
used
to
put
mannequins
in
rooms
when
I
wasn't
aware
of
it
just
to
absolutely
terrify
me
and
when
I
saw
the
hands
do
this
in
the
movie
gee
whiz,
I
knew
it
was
a
cartoon,
but
it
wasn't
for
me,
keep
going.
A
A
Right
so
name
the
movie
but
which
fascination
movie
is
this
and
again,
just
with
that
screenshot
there
was
a
gif
and
it
spins
out,
and
it
goes
out
and
everything
else.
I
will
be
sharing
the
act,
so
we
originally
did
this
on
google
slides
I'll
share
the
original
slide
deck
with
this
post
quiz.
So
if
you
want
anyone
else
through
the
pain
and
suffering
that
you've
just
been
through
you're,
always
more
than
welcome
to
do
so,
but
equally,
if
you've
got
some
other
questions
or
think
of
any
other
rounds
that
you
want
to
contribute
with.
A
Please
please
let
that
descent,
but
yes,
it
was
oh,
I
thought
it
was
fascinating
23
as
well,
but
no
it's
fast
and
furious.
Eight.
Apparently
I
spoiler
alert,
but
I
think
on
a
fast
and
furious
nine.
I
haven't
got
around
to
seeing
it
yet,
but
you
finally
get
a
card
move
which
I
remember
when
it
was
just
about
getting
to
the
first
quarter
mile.
That's
when
I
was
invested
in
the
fast
and
furious
franchise
listening
to
ja
rule,
but
now
they've
taken
cars
and
moons
in
nine.
How
it's
like
she's
anyway!
A
That's
why
I
didn't
work
in
hollywood
name,
the
movie!
A
A
A
I
think
matt's
got
this,
I
think,
but
we've
got
only
a
couple
left
now,
so
I
think
we've
already
seen
this
gift
today,
but
the
classic
returning
everyone's
favorite
we've
got
to
return
to
the
office
movie.
So
let's
watch
this
together.
Let's
have
a
watch
party
and
watch
this
movie
to
get
into
that
really
happy
mood
as
to
how
the
working
environment
before
we
have
to
go
and
see
hr.
A
Thank
you
for
whoever
posted
that
encouraging
comments
at
the
risk
of
at
the
risk
of
losing
out
on
that
one
right.
I
don't
know,
I
think
it's
let's
here
we
go
so
yes,
the
original.
For
me,
this
is
the
first
time
I
saw
a
computer
in
the
movies
where
I
thought
you
know
what
computers
are
for
me
because.
A
I've
still
yet
to
build
a
container
just
to
say,
but
again
maybe
the
clouds
have
captured
a
flag
at
security
days,
kubecon
north
america-
maybe
we
can
finally
get
across.
Maybe
we
can
make
this
happen.
Oh.
F
A
Just
do
vlogs,
okay
cool,
so
the
dinosaur
movie.
Yes,
it
is
jurassic
park
right.
That
is
it!
Thank
you
ever
so
much
for
your
time
and
your
patience
and
let's
see,
I
think
we
all
know
who's
on
and
spot
number
one,
but
in
third
place
we
have
john
g.
Bravo
brother!
Thank
you
playing!
Then
we
have
tim
tim.
You
had
some
air
against
this
by
the
way,
but
that
is
why
this
is
it.
We've
got
matt
matt
the
person
who
brought
this
conference
together.
A
Awesome
matt
well
played
matt
and
abe's
mom
honorable
reference
jv
as
well
well
played
well
paid.
So
I
guess
I
said:
I'm
gonna
pass
back
to
my
av
for
a
second
I'm
just
going
to
stop
my
share
and
see
how
we're
doing.
E
E
It
been
for
you,
we've
done
our
thank
yous.
We
want.
Thank
you
everybody.
I
thank
everybody
all
over
again,
perhaps
one
last.
Thank
you
to
our
sponsors,
who
I
haven't,
got
my
slides,
handy
words.
Well,
we've
got.
E
Thank
you,
everybody
who's
attended
today,
and
we
shall
see
you
at
the
same
time
tomorrow.