Distributions

Do Linux Distributions Still Matter with Containers?

K.3.201
Scott Mccarty
In the beginning there was compiling and static linking. My first programs when I was 10 years old worked like that. Then, we discovered dynamic linking. This was great because we could now patch one library and all of the programs would pick up the change on restart. But we created another problem - dependencies. Throughout the history of computing we have solved one problem and created another. Containers are no different. This talk will walk through why we invented Linux distros and why we should continue to appreciate them in a world full of container images...
In the beginning there was compiling and static linking. My first programs when I was 10 years old worked like that. Then, we discovered dynamic linking. This was great because we could now patch one library and all of the programs would pick up the change on restart. But we created another problem - dependencies. Throughout the history of computing we have solved one problem and created another. Containers are no different. This talk will walk through why we invented Linux distros and why we should continue to appreciate them in a world full of container images. The short answer is yes. Yes, they still matter because of several reasons: A linux distribution is a bunch of human beings that work together to create a dependency tree of software packages. This dependency tree is still convenient in container images There is a TON of knowledge embedded in systemd unit files on how to properly start/stop commonly used daemons Mapping CVEs to packages with meta data is still useful in a container Standardized C libraries like glibc are used by binaries, interpreters like Python, and even virtual machines managers like the JVM Critical libraries like libssl, openssl, and hardware accelerated bridges, are useful to everyone Linux distros are a connection point with gravity which builds community. Community is what solves problems Host and container image portability (glibc actually can take different code paths depending on what hardware is made available by the kernel. Also, glibc has a min/max kernel version that it supports well when compiled)

Additional information

Type devroom

More sessions

2/2/20
Distributions
François Revol (mmu_man)
K.3.201
What are the new features in the upcoming R1/beta2? How did the packaging system work out? How to make your software easier to port to it, and how to contribute?
2/2/20
Distributions
Mike McQuaid
K.3.201
A talk about the Homebrew package manager and how we've been working with our users to introduce new features to subsets of users, encouraging users to donate to the project and communicating both these to as many users as possible without being annoying.
2/2/20
Distributions
Mathieu Othacehe
K.3.201
This talk demonstrates how to use GNU Guix to build a root filesystem for an embedded device (Pine A64 LTS). I will also try to answer the question: could GNU Guix be a viable alternative to the Yocto project and what would be the benefits of using GNU Guix?
2/2/20
Distributions
Alexander E. Patrakov
K.3.201
There is a multitude of software or code ecosystems: Linux distribution packages, language-specific (e.g. Python or node.js) modules, third-party desktop themes, git repositories, and recently also Flatpak and Snap. Users thus obtain software and code mainly from the network. This talk explores what can go wrong in such code delivery mechanisms, and what actually went wrong when a new threat has materialized: networks in certain countries started to be unreliable "thanks" to the governments ...
2/2/20
Distributions
Lennart Poettering
K.3.201
The concept of home directories on Linux/UNIX has little changed in the last 39 years. It's time to have a closer look, and bring them up to today's standards, regarding encryption, storage, authentication, user records, and more. In this talk we'll talk about "systemd-homed", a new component for systemd, that reworks how we do home directories on Linux, adds strong encryption that makes sense, supports automatic enumeration and hot-plugged home directories and more.
2/2/20
Distributions
Zbigniew Jędrzejewski-Szmek
K.3.201
Systemd provides a bunch of features which can be used to contain and secure services, making security and isolation primitives provided by the kernel accessible to system programs. This allows service authors to write much simpler code, and often to avoid any integration with the operating system for security purposes. Unfortunately, those features are still not widely used, possibly because developers want to maintain compatibility with a wide range of systems. I'll talk about the features ...
2/2/20
Distributions
Richard Brown
K.3.201
systemD has a very distribution-friendly way of providing it's configuration, with distributions providing defaults in /usr and users being able to override things either selectively or entirely with their own files in /etc. This is especially nice for distributions wishing to be in some way stateless, support a read-only root filesystem, or provide some kind of factory-reset. libeconf is a newly written C library to ease the adoption of similar configuration layering in other programs across ...