logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Itay Shakury, Toddy Mladenov
2023-04-20

tldr - powered by Generative AI

The presentation discusses the challenges and solutions in managing vulnerabilities as software bills of materials (SBOMs) in the context of DevOps and cybersecurity.
  • The new OCI changes make it easier to manage images and vulnerabilities as SBOMs.
  • However, there are challenges in standardizing artifact types and annotations.
  • Getting the right artifact is difficult and requires manual and automated steps.
  • The specifications for SBOMs are not always accurate and require additional information to make vulnerability reports more accurate.
Authors: Stefan Prodan, Hidde Beydals
2023-04-19

tldr - powered by Generative AI

Flux is moving towards OCI and container registries without relying on GitOps. The project is split into multiple controllers that can be extended without modifying its source code. GitLab and Orange have joined the Flux ecosystem, and there is an open-source edition called Weave Flux that offers a full-featured web UI for Flux.
  • Flux is a project that is split into multiple controllers that can be extended without modifying its source code.
  • Flux is moving towards OCI and container registries without relying on GitOps.
  • GitLab and Orange have joined the Flux ecosystem.
  • Weave Flux is an open-source edition that offers a full-featured web UI for Flux.
Authors: Krisztian Litkey, Mike Brown
2022-10-28

tldr - powered by Generative AI

The presentation discusses the use of NRI plugins in container and cryo configuration to simplify manual steps and reduce the chances of failure. The plugins provide a mechanism for unsolicited customizations and real-world examples of plugins are provided.
  • NRI plugins can simplify manual steps and reduce the chances of failure in container and cryo configuration
  • Plugins provide a mechanism for unsolicited customizations
  • Real-world examples of plugins are provided, including annotation-based device injection, CDI device injection, and OCI hook injection
Authors: Daniel Mangum
2022-10-28

tldr - powered by Generative AI

The presentation discusses the challenges of identifying types in a Kubernetes cluster and proposes a solution using package revisions and content addressability of OCI images.
  • Identifiers of types in a Kubernetes cluster are mostly meaningless outside of a single physical cluster
  • Types are not portable and can't be moved across clusters with a guarantee that the syntax has the same semantics
  • Behavior is attached to types in both imperative and declarative programming models
  • Package revisions and content addressability of OCI images can be used to expand the definition of types and include their behavior
  • The demo shows the installation of a type using package revisions and dependencies
Authors: Josh Dolitsky, Sajay Antony
2022-10-27

The limitations of the current OCI spec are causing people to come up with all sorts of wild hacks to connect objects in a registry. For example, tools like cosign push image signatures to the registry using a long, cryptic tag suffixed with “.sig”. There must be a better way! To solve this issue, all of the major registries have come together to form the OCI Reference Types Working Group. This group has been tasked with determining how to describe and query relationships between objects stored in an OCI registry. This means potential changes to the registry HTTP API (distribution-spec) and/or associated JSON schema (image-spec). Josh and Sajay will describe the ways in which the OCI plans to address these topics with backwards compatibility in mind. Beyond the technical details, hear about various challenges and techniques used within the working group to successfully bring people together to agree on changes to a critical spec that hasn’t been modified for years.
Authors: Daojun Zhang, Yan Wang, Chenyu Zhang, Vadim Bauer
2022-10-26

tldr - powered by Generative AI

Harbor is an open source cloud-native registry project that stores, manages, signs, and scans content to solve common OCI artifact management challenges. The presentation covers advanced features of Harbor such as OCI artifact management in cloud environments, management of artifacts and their attachments, recommended settings for high concurrent use, and high availability deployments. The team also seeks feedback from users and contributors on current features and future roadmap.
  • Harbor is a trusted cloud-native registry that can store, sign, and scan content
  • Harbor supports any OCI-compatible artifacts
  • Harbor provides advanced features such as OCI artifact management in cloud environments, management of artifacts and their attachments, recommended settings for high concurrent use, and high availability deployments
  • Harbor is highly customizable and can be monitored using Prometheus
  • Harbor will deliver system-level robot accounts in addition to project-level robot accounts
  • Harbor is an open-source project with a thriving community
Authors: Jason Hall, Daniel Mangum
2022-05-19

tldr - powered by Generative AI

The presentation discusses the memory hierarchy and the use of container registries in DevOps.
  • The memory hierarchy is based on the principles of temporal and spatial locality.
  • The memory hierarchy consists of registers, cache, and RAM.
  • The presentation provides a demonstration of a simple program and its disassembled instructions.
  • Container registries have benefits but should be used judiciously.
  • There are some great applications for container registries.
  • The presentation invites discussion on RISC-V and container registries.
Authors: Sambhav Kothari, Javier Romero
2021-10-15

tldr - powered by Generative AI

Cloudnative buildbacks are a powerful feature that allows developers to focus on development rather than image building. It follows a modular approach and provides layer by layer information of the container. Buildpacks help create OCI images without writing a Docker file.
  • Cloudnative buildbacks allow developers to focus on development rather than image building
  • Buildpacks follow a modular approach and provide layer by layer information of the container
  • Buildpacks help create OCI images without writing a Docker file
Authors: Jon Johnson, Daniel Mangum
2021-10-14

You know the registry as your most boring friend. You push and pull images, and it just works, but have you ever taken the time to really get to know it? What is the registry really like behind that unassuming OCI specification? What does it do when it’s not just distributing your images? Maybe it gets a little crazy on the weekend - maybe it has hidden talents you don’t know about. What would happen if this thankless hero went rogue? In this talk we will demonstrate unconventional registry implementations, including those that serve self-modifying and dynamically generated images. Along the way we’ll also take a look at how clients can utilize registries in interesting and unexpected ways, e.g. as a content-addressable key-value store or a general-purpose directed acyclic graph database. Attendees will walk away with a better understanding of what guarantees OCI images and registries provide, as well as how they can exploit the registry’s flexibility to benefit their own use cases.