►
Description
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
A
A
B
Yeah
I've
been
working
in
the
open
source
for
actually
more
than
15
years,
they've
been
open
source
contributoring,
several
open
source
projects
and
I've
been
also
working
on
golang
operative
systems
in
general.
I
was
also
again
to
developer.
It's
a
Bion
developer
as
well.
B
They
are
Linux
distribution
that
are
very
well
known,
so
and
yeah
I've
been
having
a
lot
of
mixed
backgrounds,
so
I
have
also
experience
with
Cloud.
Foundry
I
was
also
a
developer
in
cloud
in
the
cloud
Foundry
Community
as
well
foreign.
A
Okay,
cool
sounds
good,
and
so
can
you
tell
us
a
little
bit
about
what
Cairo
is
Kairos
is
and
what
motivated
you
to
to
create
that
project.
B
Yeah
actually
keros
started
from
anit.
I
would
like
to
say,
because
in
one
of
the
open
source
project
that
I'm
contributing,
which
is
subion,
which
now
is
mochachino,
we
are
actually
really
needed
an
immutable
and
distributed
infrastructure.
So
it
came
out
from
a
need
because
we
have.
B
We
have
a
lot
of
build
systems,
but
over
the
over
the
contributors,
so
we
actually
needed
a
system
which
was
immutable,
distributable
and
distributed
and
scalable,
and
on
top
of
that
right,
we
I
I
also
stated
to
as
a
passion
for
immutable
system.
So
I
was
a
long
time.
K3Is
user
myself
I've
been
working
also
at
Susan
Ranger,
so
I
we
I
actually
have
a
deep
love
performing
the
design
of
immutable
systems
and
that's
where
actually
kerosis
form.
A
B
Yeah,
that's
a
good
question.
So
chemist
is
a
meta
distribution
because
it
can
be
overlaid
on
top
of
other
Linux
distribution,
so
it
is
more
or
less
I,
don't
want
to
say,
like
gentle,
because
also
again
to
it's
a
meta
distribution
but
keros
doesn't
have
a
base
system,
so
you
can
actually
use
whatever
OS
you
want
as
a
base.
Indeed,
in
the
chaos
release,
you
can
find
images
which
are
based
on
Alpine
open
source
Ubuntu.
A
Okay,
that's
good!
So
can
you
tell
us
a
little
bit
more
about
you
know
like
the
Kairos
foundation
and
just
walk
you
through
a
introduction
to
to
Kairos
and
also
what
makes
cairos
different
from
from
other
Solutions.
B
Yeah
I
would
be
happy
to
do
that.
I
think
Shane,
all
right,
so
keros
tries
to
try
to
solve
one
of
the
issue
which
is
crucial
in
Edge
in
the
bare
metal
when
deploying
kubernetes
on
their
Metals.
So
first
of
all
tries
to
what
is
what
is
what
we
are
trying
to
do
and
while
deploying
kubernetes
at
the
edge
we're
trying
to
move
the
computation
more
close
to
the
data
and
to
the
consumers
of
our
data,
so
our
Cloud
native
application.
B
We
want
them
to
be
more
closed,
so
not
only
for
increased
throughput,
let
so
better
latency
over
the
network,
but
also
to
to
have
better
analytics,
for
example,
or
local
data
AI,
so
processing
and
everything
which
can
be
interactive
user
interactive.
So
that
brings
a
lot
of
challenges.
B
So
one
of
those,
for
example,
is
what
you
do
with
the
machine.
So
what's
the
management
of
management
life
cycle
of
a
machine
both
are
actually
with
the
deployment,
and
how
do
you
handle
the
update
at
the
S
level
of
the
machine
and
also
what
about
kubernetes,
your
distribution
so
and
what
about
security?
So
there
are
a
lot
of
open
questions
when
we
we
think
about
kubernetes
applied
at
the
Hedge
and
one
of
the
most
important
piece.
B
It's
also
How
We
Do
customize,
the
OS,
because
in
any
of
the
award,
if
we
think
about
immutability,
we
think
a
system
that
doesn't
change.
But
still
we
would
like
to
introduce
some
changes
to
the
machine
like
having
additional
Canon
models,
depending
on
the
on
the
issue
that
you're
trying
to
face
where
you
are
deploying
kubernetes.
So
it
needs
to
be
still
a
little
bit
flexible
to
make
lines
to
keeping
that
into
account.
B
So
keros,
basically,
it's
not
only
a
meta
Linux
distribution
by
itself,
but
it's
very
tight
to
kubernetes.
Indeed,
the
whole
life
cycle
management.
B
It's
through
kubernetes.
That
means
also
upgrades,
are
managed
via
kubernetes
and
they
can
follow
deployment.
Rollout
strategy
like
you
are
used
for
application
you,
so
you
can
apply
the
same
logic,
but
instead
to
the
OS
and
keros
itself.
It's
a
just
a
single
container
image.
B
That's
probably
the
the
aspect
that
I
would
like
to
underline
here.
So
the
image
itself
contains
all
the
requirements
for
the
image
to
be
bootable,
and
that
includes
also
the
kernel
and
the
init
Rd,
for
example.
So
let's
make
it
a
little
bit
different
from
other
distros,
also
the
remotable
digitals,
but
we're
still
during
the
upgrades.
There
are
more
moving
pieces
with
cairos.
There
is
the
atomic.
The
upgrade
is
very
Atomic,
because
it's
one
single
image
it
gets
swap.
A
B
Exactly
so,
it
is
driven
by
it
is
focused
by
running
kubernetes,
but
it
can
also
run
other
workloads
right,
the
design
by
itself
it's
very
destragnostic
and
it
doesn't
have
any
string
attached
to
to
specific
implementation.
There
are
a
bunch
of
requirements
by
the
aisle,
the
layout
that
we
are
adopting
and
this
we
can
carry
over
across
all
the
distros
and
when
a
noise
is
going
to
be
converted,
let's
say
to
a
keros
one:
it
will
inherit
all
the
the
features
of
cheros.
B
One
of
the
most
important
ones
is
the
installation
process
of
carrots
itself.
So
if
you
put
chaos
ISO
by
default,
you
will
be
displayed
with
a
QR
code
and
the
QR
code.
Actually,
you
can
use
to
to
complete
installation.
So
in
this
way,
at
the
Facebook,
the
node,
it's
waiting
for
a
configuration
and
the
configurations,
then
you
can
give
it
by
logging
into
the
machine.
B
You
can
actually
do
an
interactive
install,
so
there
is
an
installed
with
the
gig
guides,
you
step
by
step
to
set
up
a
kubernetes
cluster
with
just
a
couple
of
questions
or
other.
Otherwise,
you
use
the
QR
code
with
the
Karo
CLI
that
it
will
connect
to
the
machine
and
it
will
push
the
configuration.
So
this
is
one,
for
example,
of
the
key
features
that
would
inherit
as
well.
B
Whatever
meta
Linux
distribution,
you
are
going
to
build
on
top
of
keros
and
the
same
way
you
get
aspects
like
being
Cloud
native,
which
is
contain
an
image
basis.
That
means
you
can
use.
A
Okay,
so
let
me
interrupt
you
so
that
does
that
mean
that
when
you're
you
want
to
build
your
operating
system,
you
want
to
deploy
your
operating
system,
it's
as
easy
as
creating
a
Docker
file,
and
then
what
you're
also
saying
is
that
you
can
use
kubernetes
itself
and
kubernetes
crds
to
to
manage.
Like
the
same
thing,
the
the
automated
installation
of
all
that.
B
Yes,
exactly
exactly
so
the
what
is
doing
keros
in
behind
the
scene
when
doing
an
upgrade
it's
creating
an
image
file
on
your
state
partition
on
the
disk,
so
during
installation
keros
is
going
to
have
a
very
static
partitioning
schema
that
you
can
customize,
but
there
will
be
a
strong
separation
between
the
OS
data
and
the
user
data.
This
was
also
a
little
design
Choice
that
have
something
in
common
with
Android
right.
B
So
if
you
want
to
think
it
in
that
way,
so
you
have
a
section
of
the
system
which
is
reserved
to
S
and
when
we
do
an
upgrade,
what
we
do,
we
just
swap
an
image
and
we
pull
a
container
image,
so
you
can
use
the
container
image
as
a
single
source
of
Truth
in
the
whole
keros
life
cycle
management.
B
B
So
yes,
in
case
of
failure,
actually
there
is
a
boot
assessment
strategy
built
in
keros,
so
let's
say
that
you
are
going
to
upgrade
and
the
upgrade
is
going
to
fail.
It
will
automatically
boot
into
the
fallback
system.
The
fallback
system
is
the
former
image
that
was
used
to
boot
before
the
upgrade
to
happen.
So
I
want
to
underline
that
the
upgrade
it's
an
atomic
action.
It
doesn't
happen.
For
example,
you
don't
reboot
the
node
and
perform
the
upgrade.
B
The
upgrade
is
going
to
run
in
the
system
and
the
next
time
it's
going
to
reboot
it.
It
will
be
already
in
the
system
which
is
meant
to
be
upgraded,
so
the
strategy
that
we
apply
there,
it's
assessment
of
the
boot
and
in
case,
if
it
fails,
then
you
get
back
to
the
system,
which
was
the
best
you
want.
A
Okay
sounds
good
and
also
I
wanted
to
ask
you,
so
this
is
a
an
operating
system
in
dn1.
So
how
and
knowing
that
it's
immutable,
how
can
you
customize
your
protein
system,
meaning
that?
How
can
you
add
you
know
specific
users
or
configure
your
DNS
settings?
Those
kind
of
things.
B
So
that's
a
great
question
so
keros
have
as
a
input
configuration
for
the
user
adopts
Cloud
init.
So
we
stick
to
this
format
for
everything-
and
this
goes
through
user
configuration.
B
You
know
running
generic
command
on
yours
before
booting.
Everything
that
his
customization
has
to
happen
into
a
cloud
unit.
Configuration
file
now
Courage
by
itself
supports
having
account
config
file
during
installation,
so
it
can
be
served
via,
for
example,
HTTP.
It
can
be
also
served
manually,
so
you
can
copy
the
file
and
perform
the
installation
via
the
gear
code.
So
what
you
send
to
the
machine?
B
It's
always
a
cloud
unit
configuration
file
so,
for
example,
if
you
run
keros
in
a
cloud
provider
it
will
actually
try
to
get
the
cloud
in
it
from
the
data
sources
of
the
cloud
provider.
So
you
can
specify
the
cloud
unit
config
file
directly
in
the
control
management
panel
of
the
cloud
provider
as
well.
Okay,.
A
B
So,
yes,
that's
a
great
question
again
because,
as
we
said
keros
by
itself,
it's
a
container
image.
So
we
have
to
see
that
as
a
pipeline.
So
if
you
want
to
customize
the
OS,
you
must
rebuild
the
OS.
That's
a
key
strategy
of
an
immutable
system.
You
are
not
tweaking
the
system
by
itself,
while
it's
running,
but
instead
you
already
build
a
new
image
and
you
push
that
image
as
an
upgrade
for
your
for
your
cluster.
B
Although
there
are
instructions
that
you
can
leverage
in
keros
to
handle
some
customization
to
some
degree,
but
the
streamlined
use
case
would
be
to
rebuild
this
from
scratch.
A
A
This
first
demo
shows
how
to
deploy
cairo's
configuration
at
the
Edge
by
simply
booting
up
a
nicer
image
available
from
the
release
and
using
the
generated
QR
code.
So
here
this
is
a
virtual
machine.
We
have
just
created
from
VMware
vcenter
with
mounting
the
iso
image
and
now
waiting
for
the
QR
code
to
be
displayed
on
screen.
A
A
A
Now
we
are
ready
to
send
the
configuration.
We
have
a
couple
of
parameters
here.
First,
the
PNG
file,
the
yaml
configuration
file
and
we
also
specify
on
which
drive
to
install
the
system
here,
slash
Dev
SDA.
Finally,
we
also
want
the
system
to
reboot,
so
we
add
that
option
too.
Okay,
the
payload
has
been
sent.
A
A
A
That
means
that
the
OS
artifact
configuration
can
be
understood
by
kubernetes
a
custom
controller
with
a
monitor
Cloud
operations
on
that
object
and
will
take
appropriate
actions.
In
our
case,
we're
going
to
create
a
new
object
which
we
installed
the
build
of
the
iso
image.
This
time
the
image
will
directly
include
the
custom
cloud-inning
configuration.
A
We
won't
need
an
interactive
installation
like
it
happened
in
the
previous
demo,
with
the
correct
code.
New
kubernetes
objects
are
created
to
build
and
serve
the
iso
to
the
end
user.
A
pod
is
created
to
stop
a
process
that
builds
the
iso.
A
service
will
also
be
created,
so
the
iso
can
directly
be
downloaded
via
the
network.
A
Here
we
are
monitoring
the
build
process
which
takes
a
couple
of
minutes
when
it's
finished,
we're
using
curl
to
download
the
custom
ISO
directly
from
the
kubernetes
service.
The
next
step
is
to
mount
the
iso
into
the
virtual
machine
and
see
how
it
boots
up
and
if
we
can
log
in
with
a
Kairos
user
from
the
console.
A
A
A
We're
going
to
use
a
similar
approach
in
the
sense
that
we're
going
to
add
a
custom
resource
definition
to
create
a
new
object
type
in
kubernetes.
This
time
it's
going
to
be
a
plan.
Custom
resource
available
from
the
system
upgrade
controller
project
which
provides
a
general
purpose,
kubernetes
native
upgrade
controller
for
nodes.
A
This
plan
contains
the
information
to
perform.
The
Kairos
upgrade
here,
a
couple
of
parameters
to
highlight
the
target
image
version,
which
includes
both
the
latest
version
of
Kairos
and
k3s,
and
we
also
specify
the
upgrade
image
which
is
Kairos
with
princeus.
In
our
case,
we
deploy
the
plan
object
in
kubernetes
by
using
Coupe
CTL
on
the
kubernetes
cluster
at
the
edge
it
triggers
the
orchestrated
upgrade
of
the
cluster.
The
process
is
executed
from
a
pod
that
is
automatically
created,
as
the
plan
gets
deployed
here,
we're
monitoring
the
logs
from
that
pod.
A
Firstly,
you
will
see
that
the
current
active
image
is
changed
to
passive
and
that
the
new
image
is
now
replacing
the
active.
Then
the
system
is
rebooting.
As
you
look
back
to
kubernetes,
you
will
see
that
the
Pod
is
now
marked
as
completed
and
both
the
kubernetes
version
and
the
Kairos
versions
have
been
updated.
A
B
Yeah
soon,
I
will
be
very
happy
too,
so
we
have
actually
a
very
exciting
items
in
our
roadmaps
we
are
going
to
now.
We
are
looking
at
integration,
which
is
the
area
which
we
are
focusing
on,
creating
and
making
possible
to
create
this
derivatives
more
easy
with
these
derivative
Creation
with
keros.
So
we
are
focusing
on
creating
a
controller
which
is
letting
you
able
to
to
recreate
directly
immutable
distribution,
keros
based
from
kubernetes
by
itself,
so
it
will
be
completely
driven
by
the
API.
B
There
are
so
many
other
topic
that
we
are
going
to
touch
also,
for
example,
secret
supply
chain
with
cosine
and
because,
for
example,
has
as
we
said,
everything
is
a
container
image
in
chaos,
also
the
OS
by
itself,
and
it's
published
into
container
Registries.
We
can
apply
all
all
the
tools
in
the
container
ecosystem
activist
level
by
itself.
That
means
also
be
able
to
verify
the
OS
with
with
cosine
verified
images
and
also
to
be
able
to
create
this
bomb
service
below
material
reports
directly
with
the
images
by
itself.
B
And
yes,
we
are
also
having
a
track
for
security
argument
security
and
we
have.
We
are
also
planning
to
have
a
meeting
with
copy
as
a
life
cycle
management,
and
on
top
of
that,
we
already
have
partial
support
to
what
we
call
a
place
to
build
support
in
keros,
which
lets
you
create
cluster
on
top
of
lead
peer
to
build.
B
Basically,
that
means
you
can
stretch
your
community's
cluster
up
to
a
1000
kilometer
already,
so
you
can
already
create
cluster
that
have
automatically
connection
between
themselves,
regardless
of
the
network
thanks
to
lead
peer-to-peer.
But
yes,
this
is
still
experimental
and
and
that's
all
more
or
less
so
we
have
other
exciting
items,
but
that's
that's
the
one
that
I
would
like
to
underline.
I
think.
A
Okay
sounds
good,
so
can
you
tell
us
like
where
people
can
find
you
do
you
handle
like
any
office
hours
if
they
want
to
contribute
or
learn
a
little
bit
more
about
Kairos.
B
Yes,
that's
actually
a
very
good
question:
we
have
a
matrix
channel,
so
you
can
enjoy
chaos
io
on
metrics.
We
are
on
Twitter
as
well
now
in
keros,
OS
and
also
we
are
on
Gita
book,
of
course,
so
everything
it's
open
source,
so
you
can
find
us
there
and
we
use
GitHub
discussion
to
to
communicate
with
the
community
and
we
have
office
hours.
So
there
is
the
event
calendar
that
you
can
find
in
the
in
our
website
that
you
can
use
to
join.
B
So
we
have
a
weekly
appointment
so.