Skip to main content

43 posts tagged with "Event"

View All Tags

Nathaniel McCallum

Title: Wyrcan: the Container Bootloader Saga
Author: Nathaniel McCallum
Date: July 31, 2022

Wyrcan is a bootloader that boots into a container. That's all it does.

But of course, that's not the only thing that Wyrcan implies. Using Wyrcan to boot a container also means that you can use a tried and trusted software packaging ecosystem to have a bare-metal OS that is:

  • Stateless: Booting a container with Wyrcan means that nothing is installed on the disk. There is no state to manage except the state you put into your container. You never have to worry about whether packages are updated: you can schedule reboots to make sure you always have the latest OS. And if all your mounts of local storage are noexec, you can just reboot when compromised.
  • Memory-Resident: The full operating system is resident in RAM. That means it is fast. However, you can also set up swap in your container so that unused pages are written to disk, saving memory for your application.
  • Declarative: Your bare-metal operating system is developed using the same delarative tooling that you have come to expect from the container development pipeline. But your OS config in git. Host it in your favorite git forge (GitHub, GitLab, Bitbucket, etc). Build the images automatically. Host them in your favorite container repo.

Source: SCALE 19x 2022

Link: https://www.socallinuxexpo.org/scale/19x/presentations/wyrcan-container-bootloader-saga

Nathaniel McCallum

Title: Confidential Computing: why it HAS to be open source
Author: Nathaniel McCallum
Date: July 30, 2022

Confidential Computing is the use of hardware-based TEEs (e.g. Intel's SGX and AMD's SEV) to protect data and applications in use: that means that you can run workloads on a compromised or malicious system while still be assured that their confidentiality and integrity is protected. Setting this all up and deploying it is complex and has lots of moving parts. This session will discuss the core components, and look at the impact of who's running them, who supplied them, and whether they're open source. It will use the Enarx project (https://enarx.dev) as an example open source project to show what choices can be made to prioritise security and the importance of openness (in not just the code, but it's development) to the project and its success.

Source: SCALE 19x 2022

Link: https://www.socallinuxexpo.org/scale/19x/presentations/confidential-computing-why-it-has-be-open-source

Nick Vidal

Title: Bootstrapping a Community through Mentorship
Author: Nick Vidal
Date: June 25, 2022

We'll be presenting the strategies that we used to bootstrap our community. Enarx is an open source project part of the Confidential Computing Consortium from the Linux Foundation. Confidential Computing is a relatively new area which most developers are not familiar with. The Enarx project partnered with Outreachy (a diversity initiative from the Software Freedom Conservancy) and LFX Mentorship (from the Linux Foundation) to welcome five interns, who had zero knowledge of Confidential Computing. During just a few of months, they learned the basics and started building demos, from simple to more complex. They had the opportunity to showcase their demos at their first conference (Open Confidential Computing Conference), and have helped the Enarx project to be part of conferences in Africa (Open Source Festival) and Asia (FOSSASIA) for the first time. By creating a mentorship program, we were able to grow our community in a healthy and diverse way, where everyone helped each other to learn more about this new area and to promote it at conferences around the world.

Source: Open Source Summit NA 2022

Link: https://ossna2022.sched.com/event/11Nh2/bootstrapping-a-community-through-mentorship-nick-vidal-profian

Nick Vidal

Title: Confidential Computing: the next frontier for data protection
Author: Nick Vidal
Date: June 6, 2022

As organizations from different sectors move their computing workloads across multiple environments, from on-premises to public cloud to Edge, they require greater assurances that their sensitive code and data are protected.

There are three states in which data can be protected: at rest, in transit, and in use. Encrypting data at rest and in transit have become a common practice in cloud computing, while encrypting data in use (the core idea behind Confidential Computing) is still an emerging concern.

Enarx is a leading open source project part of the Confidential Computing Consortium that encrypts and provisions applications and data, providing a hardware-based solution to this need to maintain data confidentiality and integrity in use, regardless of who might own or have access to the host system on which the application is running. We plan to demonstrate how Enarx accomplishes this.

The Confidential Computing Consortium (CCC) is a project community at the Linux Foundation dedicated to defining and accelerating the adoption of confidential computing. It embodies open governance, open collaboration, and open source software.

As a member of the Confidential Computing Consortium and as a community manager of the Enarx project, I hope to demonstrate how Confidential Computing can help organizations - from sectors like healthcare, government & public sector, and human rights - to take advantage of the Cloud while still maintaining data confidentiality and integrity.

Source: RightsCon 2022

Link: https://www.rightscon.org/program/

Nick Vidal

Profian is attending KubeCon + CloudNativeCon Europe, in Valencia, Spain. Around 7500 attendees from across the world are participating. Profian is a Gold sponsor of Wasm Day, a co-located event in its third edition, bringing together the WebAssembly community specially interested in using Wasm on the server-side.

Source: Profian's Blog

Link: https://blog.profian.com/wasm-day-at-kubecon-cloudnativecon-europe-2022/

Nathaniel McCallum
Harald Hoyer

Title: WASI Networking: Towards a World Wide WebAssembly
Author: Nathaniel McCallum, Harald Hoyer
Date: May 16, 2022

The advancement of WASI, the WebAssembly System Interface, is key to pushing WebAssembly beyond the browser - from the Cloud to the Edge - allowing developers to build applications that are capable of running in a wide range of architectures and interfacing with an array of systems. One of the most exciting developments has been WASI’s networking support, which will unleash a whole new set of applications. In this session, we’ll explore the current state of WASI networking and cover the recent implementation of sock_accept(). Next, we’ll demonstrate a Wasm server using the Rust mio framework, along with some examples of networked applications. Finally, we’ll discuss the next steps towards building a full fledged networking API and the future of network-enabled WebAssembly applications, including some considerations with regards to deploying network identities and security implications.

Source: KubeCon / Wasm Day Europe 2022

Link: https://blog.profian.com/wasi-networking/