Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time


B3 Init

[FOSDEM logo]

Jonas Linde <>

Day 1

  • 2020-02-01


How Containers and Kubernetes re-defined GNU/Linux

  • Cloud computing with vertical lock-in is undermining software freedom
  • But Docker and Kubernetes is changing the way we deliver software
  • Docker for packaging
  • Kubernetes for orchestration
  • Kubernetes Operators for full service delivery


Fixing the Kubernetes clusterfuck

  • Falco - Wireshark for kernel packages
  • Built on top on IPF
  • Can monitor and prevent malicious behaviour
  • Demo - privilege escalation in Kubernetes


Google vs Oracle

  • US Supreme Court case about Java2 SE in Android
  • Google took a bunch of declarations
    • there is only one way to do this so copyright can't cover that
    • it's fair use
  • Oracle
    • the API is a creative literary work
    • fair use is not allowed to displace market shares
  • Google won twice in district court and lost twice in appellate court
  • Supreme Court Final decision in June


Day 2

  • 2020-02-01


Identity box

  • Public key ≈ identity but not enough
  • A decentralized ID resolver must be built on a decentralized network
  • A decentralized network need static nodes
  • Identity Box is a small device that can be such a node
  • It can also handle one or more Self-sovereign ID:s



  • People often try to solve internet on top of internet
  • Routing is hard
  • SCION has decentralized routing
  • The end host defines the path
  • It can coexist with IP
  • Scalability, Control and Isolation on next-generati On Networks



  • 2020-02-03 -- 04
  • aka Days 5 -- 7
  • @HoGent - Hogeschool Gent


The Configuration Complexity Clock

  1. Scripts
  2. Config Values
  3. Rules Engine
  4. DSL
  5. GOTO 1

[The Configuration Complexity Clock]


  • Orchestrating Cloud infrastructure is complex
  • Using YAML doesn't make it less so
  • Programming languages are better at handling complexity
  • Pulumi is a cross cloud infrastructure as code tool
  • It supports Node and Python
  • and .NET and Go in beta



  • Container orchestration without the K8s complexity
  • Only cluster management and scheduling
  • Add other components as needed
    • service discovery
    • monitoring
    • secrets management
    • ...
  • By HashiCorp

See you there next time!

  • FOSDEM: 2021-01-30 -- 31
  • CfgMgmtCamp: 2020-02-01 -- 03

[206 Partial Content]