0:06 Welcome to the Chiro Show where open source make systems the key. Daverwolf's engineers gather around the best infrastructure tool we found. KAIROS, KAIROS, making it simple and clean. Star us. There's so much more. From edge computing to the cloud of heights, there is an architect. See why open source contributors join the fight. The future of infrastructure starts tonight. So grab your coffee, settle Hello, and welcome back to the Rawkode Academy. I'm your host, David Flanagan, also known across the Internet as Rawkode. And this is an episode of Rawkode Live, a show where we take a look at

2:26 amazing and interesting and fun all of the above cloud native projects to help make your cloud native lives all that little bit easier. And today, we're taking a look at a pretty cool project called Kairos. To guide us today, we are joined by two fantabulous guests from Spectral Cloud and contributors and maintainers of the Kairos project. Hello. Welcome to the show. This is Mauro and Ettore. How are you both? Hello, everyone. Hey, everyone. Thank you. All right. Let's take a wee minute just to say hello and introduce yourselves. We'll start at the top right there with you, Mauro, and then move

3:05 down. Please take it away. Yeah. So hi, everyone. I'm Mauro. I'm originally from Guatemala, but I've been living in Europe, for a while now, currently in Belgium. And, yeah, I'm working at SpectraCloud as a staff engineer at the moment with Tore. He's my boss, so I hope this goes well. I'm trying to put out the word for KAROS in different events. So KCDs, KubeCon, me expect to see me there. And I'm part of maintainer part, I guess, DevRel or something like that within the team. Yeah. And on my free time, if I have any because of the newborn,

3:53 I I try to go out running or playing the guitar a little bit. That's it. Awesome. Thank you so much. Yeah. I'm Ettore Giacinto. I'm from Italy. I'm head of open source at SpectroCloud. I basically created Kairos at the beginning. And, yeah, since then, it grew as a very much bigger open source project. I really like working in the open, and I've been also very passionate open source contributor. So, for instance, I was an ex Gentle developer also. So I like to put my hands in the lower stack of the system. I like to understand every single piece.

4:40 I've been also playing with AI. So maybe some of you know maybe local AI or I've been contributing to Lama c plus plus And, yeah, that's that's a little bit about me. Awesome. Very nice. Italy. Italy and then and then have it run there. Nice. Awesome. Italy and currently Belgium. I mean, if if you're in Belgium, I hope you like beer. Right? Yeah. Yeah. Yeah. Definitely. I mean, it's part of the reasons, not the only one. Yeah. I mean, Italy has some good beer too, but I think in Europe, Belgium is probably one of the places to go. The

5:20 the challenge with Belgian beer is you have two and then you're ready for your bed. At least I don't know. That is true. Yeah. Yeah. Like, it's funny when people don't know that fact and think they can just drink their beers like they do somewhere else. No. Low alcohol beer in Belgium is, 6%. Right? So Yeah. Anyway, so today we're taking a look at Kairos. Which one of you would like to kick things off and just tell us a little bit of a high level what is the Kairos project? Maybe you do it, Tore, because, I mean,

5:52 you have the whole thing behind Yeah. So, basically, Kairos is a metalinux distribution. So it's a way to streamline the management of an OS. The peculiarity is that it's vendor neutral. So it doesn't really have any, I would say, dependency on a specific OS, which basically means you can use it as a layer of your infrastructure. So if you are trying to build an immutable infrastructure, you can combine it with other pieces. So for instance, if you you're used to use Ubuntu, you can use Ubuntu plus KIROS. And what you'll keep, it's an immutable system

6:44 at the end. Immutable system, it's very much different from a standard Linux system because you cannot really write on all the the folders that you are typically used to. So you cannot just install a new software with, so to say, apt get. We're going to upgrade the system every time. So this is how it works with providing updates or changes to our running system. So you do that with this AB mechanism, similar to Android phones, right? So where you have a new updates coming in and you say, yes, I want to install the new updates. So the

7:26 phone goes off, it applies the upgrade, and you start with the new system. So this is how Kairos basically transform any other base operative system too, if that makes sense. So if you have OpenSUSE, you have Alpine, it doesn't really matter. You're going to upgrade those systems in the same consistent way. And on top of that, you can manage that very easily with Kubernetes. So you will find in the Kairos documentation a lot of references to run it with Kubernetes, because when it comes to managing fleets of machines, then it comes very handy to use also

8:12 Kubernetes as a management platform for upgrades. Okay. So I I've got a few questions. You know, I think immutable Linux distributions for the average cloud native developer, we're all familiar with maybe one or two, maybe not having shipped them to prod, but know, I think the original one in this space was core OS from way back in the day Cool. Which was built on top of RPM West Street. And then modern times, we've got flat car, which I think is very similar. But the reason they're they're built on RPM OS tree, which means they're probably stuck to Fedora and, you

8:48 know, Red Hat Lake distributions. But you've mentioned Ubuntu already and almost that this is gastro agnostic. So I'm going to assume that Kairos isn't using RPM OS three under the hood, and maybe you're doing a different pattern for AB upgrades. Can you maybe go into that in a bit more detail? Yeah. Correct. So we do have specific engine built for upgrades. So it's based on container images. So every time you are doing an upgrade, you're actually pulling an OCI image, which contains the upgrades. So, maybe it's done like in a one to one mapping. So, the same image that you can

9:30 run with Portman or Docker or whatever you prefer, it's the same image that it's going to be applied in AB style on the host. And by the way, yes, it follows also some of the concept of core OS and for instance, also K3 OS, which was kind of very inflated, I would say, because we have Cloud config support as well. So there is like this kind of configuration mechanism extended that allows to configure the system. And yeah, basically it goes to the point that, like you said, it's distribution agnostic. So it doesn't really depends on

10:13 Red Hat, RPMs or DEPS. For instance, we have Alpine flavors. Yeah. Maybe if I can add a little bit there. One interesting fact, in my opinion, that we have there is that the new image that you're building is always built outside of the running system. Some of these mechanisms like OS root or AB Root, sorry, or OS three are when you're applying those changes, you're applying it on the passive image that you have so that when you restart, then you that's the image that you're gonna get next. But that means that you would not have

10:55 an image to go back in case something goes wrong with the current image that you have. In our case, what we, our approach is to say you always have this passive image that you can, in case something goes wrong in in an upgrade, you you you go back into that one. And worst case scenario, you can always have the recovery image so that you can do the Ninja OS management stuff. Right? Okay. Nice. So one of the things that caught my eye on on the website is and I haven't seen this a lot before, but when

11:33 you talk about immutable images and OCI, right, these things can tend to get a little bit crazy size wise. People are not great at optimizing container files generally. But Kairos claims to also be an edge operating system, and I wonder how you balance that, you know, giving people the ability to ship essentially container images as operating systems, but also keep them lightweight and ship them to the edge. Like, is Kairos different from the other tools that I've tried this in the past? Well, that's a good question. I would say there are few things that we do.

12:12 First, maybe the most interesting one is you don't need to always ship everything in a single image. While we do, I would say, that from one source up, You can also split down the system with system the ACS extensions. So there are extension mechanisms that allows you to pack part of the image separately out of the container image building process. However, when we treat container images, we don't consider all the layers, so to say, we just flatten the image that it's being used, if that makes sense. So in terms of, if you are maybe not well used to optimize size of

12:58 images, you don't really have to take care of that unless you are adding a lot of panels that you mean to have in the image. So for instance, for a specific use case that you have, I don't for instance, I'm thinking about NVIDIA Jetson SDK or these kind of things that might be big. So those can be either in the image or either as an extension that you can basically sideload install separately, like if I have to talk into Android words. So something that you install separately and you manage separately out of the OS lifecycle.

13:40 One thing that I've been thinking lately is that the way I see Keras is like it's kind of an OS that when you don't need to go into the details, it steps out of your way. You know? Like, we we try to come with good standards. Like, in this case, for example, you will base it from the way minimal Ubuntu image, and that's what you would be building on. But in the case where you really need to go to the details, for example, you'd you really need a small image, you can go and remove firmware yourself

14:17 that that you're not going to need. So it's as flexible in that way, we could say. Okay. Two more questions, and then we will get hands on the keyboard and then start getting people through the documentation. Now right on the homepage of Keras, it says you take your Linux system and a Kubernetes distribution. Is KAIROS for building bespoke Kubernetes images, or is it could it just be generic Linux images? Like, who is this applicable to? Who should be paying attention to the project? That's a great question. So it really doesn't have, I would say, a specific preference. It

15:00 really is suited to use it with Kubernetes because of the management layer we discussed about. You can really use it for any project that can be even kiosks or appliance mode or running virtual machines. And these are all use cases that we see in the community as well. So it's not really about Kubernetes by per se, but it's whatever you want to simplify the management of Linux OS. And it comes also with, I would say, nice features to have, like trusted boot or high security mechanism, like Ben is quoting in the chat. Thanks, Ben. And, yeah, exactly. So there

15:55 are many, many feature set that you gain by just using Kairos on top of a standard distro. Nice. Yeah. So Ben, as in the comments saying, you know, it's it's nice to hear you talk about system based system extensions because a lot of people kind of just don't mention them and forget they exist or don't want them to exist. Yes. But I think they're a very powerful thing. And in fact, you know, Leonard Potter rings article that he wrote many years now, but fitting all of this together to build, like, the ideal Linux distribution. I feel we're getting so close in the

16:27 modern day. So yeah. Ben is also in using Keras without Kubernetes at scale. So that is awesome. Always nice to hear from people that are using the project. Now the last question before we go hands on is a leading question. But, you know, when we talk about who should be paying attention to this, right, we've got different classes of cloud native developers. There are the people that go on to the EC two console. They spin up an Ubuntu box. They run a few commands in a shell, and that's their production. Then there's the opposite end where the people

16:56 our infrastructure is code, building bespoke images, looking for immutability, etcetera. Right? Is Kairos a project that can be adopted full spectrum of cloud native developers? Anyone from single VM on EC two to at scale production. And bear in mind, we're about to go hands on, so we're hoping that we we get a correct answer here. Right? But it's applicable to everyone. Is it easy enough for people to pick up and ship to prod? I would say so because we have also called images published. Right? So we have the full spectrum covered in that case. Of

17:32 course, we are going to have I'm not going to lie. I mean, the cloud aspect, there are some optimization that we want to take specifically into integrating with copy, because currently we have management mechanism that allows to manage the fleet in a much more granular way, I would say, because CAPI doesn't quite fit to this paradigm. So we're going to work on this integration more closer. But yeah. I mean, it really have the all the best and whistles to to be from development to to production. And it's been used also, yeah, of course, at the edge.

18:18 Yeah. I would I would add just that. Is if you are comfortable at the OS level, then, hopefully, yes. Would be mainly people who are really just at the platform level and up who rather have something where they can just click that might feel it's a bit of a stretch, I would say. But, yeah, we we try to simply file as you were the saying from Leonard Potter. In all of these concepts that are there, we don't throw them in your face. Right? Like, you don't need to learn all those things in order to use

18:51 Kairos. Right? We did the hard work, the homework to go investigate how those things work and make the Keras agent do them for you. Perfect. Well, I think it's about time we share my screen and see how far we can get with the Keras project. Alright. Let's get my screen up here. Perfect. So for anyone who wants to learn more, you can go to kairos.io. This is a CNCF sandbox project. Maybe we'll talk about the that process later on. And there is a quick start guide, which on Rawkode Live is my favorite button because that's where we wanna show how to

19:39 get started with the project. And there there are quite a lot of no. Maybe not a lot. There are some prerequisites to get started for KAIROS. And this is one of the challenging things for a project like this is that you do need virtual machines and other things. Right? It's not just Docker run and off you go. So for anyone who does want to follow along, just make sure you follow the documentation. I'm gonna use the virtual machine manager that's not listed here, but hopefully that's alright. And I I actually sat and watched this video earlier. I've got to say this is

20:07 a good demo. Like this showed me like any question I had was answered by this video. You know Cool. Feel free to go check that out for anyone watching as well. And I'll make sure that the links to all of this are in the description for later. Now because I don't trust my Internet, I have downloaded this ISO here in advance. That's the only thing I've really done. And we're gonna create a virtual machine and get started. Now before I pull up the the kind of VM manager and stuff like that, like, what is what is the take home for

20:37 people when they work for this get started guide? Right? What is the what will they achieve by following this guide, what will they understand? Who wants to tackle that? Basically, you will get a system running with, Kubernetes, but this one will be immutable. You don't have to worry about how it was made immutable. You don't have to worry about spinning up and configuring Kubernetes. It's all running there for you. Nice. So I'm gonna get a Kubernetes cluster from this virtual machine. I like Kubernetes. So I just select this. And there were memory limits. Am I gonna be okay with

21:23 the two twenty, I think? Or should I I would put 40 for storage just in case. Yeah. I think it did say 35, didn't it, in the documentation? I know I I know I don't need to throw 32 gig of RAM at this, but I will. I've got I have a 20 gig of RAM in this machine. I I never use it. So today's the day. Go. Alright. Then in in the getting started, we go through the interactive install. So if you can select that one, that would be the best. Yeah. I was wondering if I can make this

21:58 bigger. Let's see. Yeah. That's fine. Where is can I change fonts or anything? I don't use Numboxes often. Maybe in the three dots, it allows you to Yeah. Not really. Oh, or configuration. No. That's Oh, that's for LibVert. It's not for these. Yeah. I don't wanna go mess them with that. Maybe. No. Unfortunately, I think we started in not the interactive mode. So just just to mention, there are different ways to configure Kairos system. This is the default one, which would spin up. And let's say that you're in an edge location, you can, take a screenshot of that QR

23:01 code and give it to, the terminal in another system, and then you would configure it, you know, to to simplify things because this system might not have a keyword or something like that. Alright. So should I start this again then? Yeah. Okay. Got it. Can't believe I broke it already. I'm only two minutes in. I guess I could just shut it down and start it again. Yeah. Alright. So The interactive one, the third. There we go. Yep. And this one, we really made it thinking on someone who is coming for the first time to the system. This is probably not

23:51 what the power user of Kairos will ever use. This is the ones we use every time we're testing the system just for a quick setup. It will make a couple of questions like like it's doing right now, asking in which device you want to install. By default, it will find the device with the biggest space in your system. So you can just hit enter if you wanna install there, or you can select the one you prefer. Do I want to create any users? Right. And in this case, for example, we can say, yes. We want to create a

24:28 user, but many times for systems in at the edge or now that we're talking about this special purpose of bringing systems on the cloud, many times we say we don't even want SSH in. Right? Like, we want those systems to be as secure as possible, and one one way of making the that is by not including any users. But if you're just starting and want to play with it, having a user is a good way to test it. Alright. And we'll call our user Kairos. Password we normally put Kairos. Yep. I'll do that. Then here, if you have your keys on

25:07 GitHub, you can put your GitHub user and it will fetch them for you. Otherwise, you can just hit enter and it will not put anything there. Yeah. Maybe SSH should now be good because I can change my own font size then. Indeed. Alright. Maybe user and admin, I'm gonna say yes. Yeah. And do we want full mesh support? In this case, I would say no. But generally, when we spin up multiple machines, you have the ability to have a mesh network between them so that they can decide who is the control plane and which ones

25:43 are the workers. Okay. And do we want k three s? If I say no, do I get another option or should I say yes? Here, I would say yes. It's also possible to do k c r s, but for for the sake of testing, we've run many more times K three s since it was the one we had since the beginning of the project. I would go with that one for now. Alright. I've also said my settings are okay, and now we have a machine, I guess, booting. That's correct. So if you saw there was a blue part there, that

26:17 is the cloud config that the installation, created for us. And and that's the main way in which we're going to configure Kairos system. It's just a traditional cloud in it like, syntax. And then right now, it's, just going to do everything Kairos related to make sure that you have the proper partitions on your system. Yeah. And I feel I should just have used KVM, and this would have been a bit more interesting, at least a bit more readable for you all. We have a box now. Right? Is that it? On Node That's that's correct. So now you

27:01 could just reboot and then we it would it should spin on an install Kairos system. Okay. Oh, I can't spell or take. Alright. Also, sometimes when you're testing this, make sure to remove the CD, because otherwise, it's gonna just go again and do that. It happens all the time because not all the systems have that automatically. Go away. Here we go. Don't know why they can't change the oh, wait. Preferences. Just let me do it. No. It's the same sentence. Alright. Now we have Kairos recovery, remote recovery, state reset. So let's put this up. Correct.

27:58 And yeah. So those main options that you see there is basically the interaction that you get with Kairos. You get your active system, which is the one that you're normally gonna be putting on. The passive one, which is in case something went wrong with an upgrade, for example, or you're gonna go to your previous system and then the recovery in case something goes really, really wrong. Alright. So, I mean, the docs cover everything we've just done. All the questions are here and the answers, even the reminder to eject the CD. And now we've done the first boot. So in

28:33 theory, we should be able to SSH now into our machine once we have an IP address. Correct. Alright. Whenever the IP would be available in the logs. It doesn't look like it. See if I can get the IP. Should have used KVM. So I can hey. I I picked the password. Right? So let's just kairos. Yeah. Kairos. Put in there. So I can see we've got our CNI interface. We've got Flannel, and we've got our local IP address here. So 100215. I'll get it on your tab. So SSH KAOS 100215. I'm assuming I can work to that from

29:37 my local machine, right? It depends on the network, I guess, that the virtual machine manager sets. Yeah. I don't think we got a route. Yeah. You will probably need a 1 90 2 in order to access it. Let's see what I've got. Maybe grep pro 192. I'm not seeing one. Yeah. So maybe not. Good question. I don't even have oh, come on. Alright. I broke it. I should have looked into numboxes before doing this. I mean, I could always add a root, right? But it depends on what the link is. And I don't wanna spend too much

30:42 time debugging and trying to work this out. But let me quickly IP. Oh, we did link. So I was expecting some sort of bridge or something, but it hasn't done any of that. Right? Sorry. What was that? I was expecting it to create some sort of device, bridge device here or tunnel or whatever. Right? And to the virtual machine, but it hasn't done any of that. So No. The default of I think if it's boxes, it's using at the end KVM or KN with using user mode network, which is completely isolated from the host then.

31:28 Alright. There goes that plan. Bleach. Shall we pop over to your machine where we can see a working demo rather than my Sure. One? Feel free. Let me know when you see my screen. Yeah, I'll just swap that right now. All right, we got it. All right. So I am just creating, I am using Copilot here and it will just same thing spinning up PM, create and run. And we should be able to see it here. Again, also interactive install. Sorry. What software is this? This is called Copilot, if I remember correctly. Poor guys because now Copilot, I guess, is

32:23 a bad name to have, but they chose it before. And it allows me to manage my workstation because I'm normally working from Apple computer. Okay. So let me move this thing at the bottom that doesn't let me see. Oops. Sorry. There. Okay. Create users. Yes. Kairos. Kairos. Again, GitHub. That should add my keys. Admin, yes. No mesh support at the moment. Yes. K three s. Settings. Okay. Yes. Like I was saying, it created at the top cloud in it like configuration, and now it's going through all the different stuff that it needs to do. Let me

33:22 also get back to where we are here. Then we're gonna need to reboot, and then we SSH into the system. And I can see here, Already, I'm getting an IP. So I'm gonna go into my terminal. Okay. So let's see how this is going. Yep. Reboot. Let's wait a bit. Kaira's already there. Yeah. So while you were spinning this up, I did check the documentation on Numboxes. And all you need to do is install LibVert daemon config network and start the system d service. But we'll we'll continue on your machine. So Okay. It wasn't it wasn't easy fix.

34:14 And it's coming up now. Alright. So now I can s s h in. As you see, I didn't have to add the password because it already fetched my credentials my my key from GitHub. And now here, I can basically ask Root to something like k nine s, where I can show, for example, the cluster that is spinning up at the moment. And that's basically it. Now you can play with your cluster. So the default image is shipping KNI nest as well? Yeah. It's something that we're constantly discussing, like what should be in the base image.

35:08 For some people, it should be about stripping it completely. We think that at least to get a bit of an idea, play with it, it's nice to have it. But, yeah, we we haven't decided whether we should remove it or not. So is kubectl there or do I need to use k three s kubectl? Like Kube CTL is here, so you can, I guess, do this? Yeah. Cool. Alright. Yep. Michael in the chat is asking, is this similar to Talos? So maybe we could talk about how are how are these different. That's a very good question.

35:51 I don't know if you wanna dive deep deep into that one, Tore. Yeah, I mean, there is some, I would say, crossing of the paths into the two projects because they are both trying to deliver on OS which is focused on workloads. However, Keras is, first, not restricted to Kubernetes and it's not a Linux OS by per se. It's a meta Linux distribution that you can put on top of any distro. Talos is a complete Linux distro while Keras is not. So they're kind of similar in the sense that both let you a system with Kubernetes in that sense,

36:46 but they do it in a very different way. And, yeah, it it really depends, I guess, on the use case here. Yeah. I mean, I can add some more context there. I'm quite familiar with with Talos as well. I mean, you know, Kairos and Talos, from my perspective, both give me an immutable distribution. But Talos is very opinionated in the way they do it and that they take over PED one. Right? So they only expose a gRPC API for communicating with the server over Talos control. You cannot SSH in. That's not an option. And, you know, there's no system d or

37:26 anything like that. So the learning curve can quite be quite steep because you have to relearn how to do the the basics. Whereas what I'm seeing so far from Kairos is I get to bring my own, you know, Linux distribution, but I get the perks and the benefits of having something that is immutable. You know? And then there's other things I I think we're gonna get to. I'm not sure, but, you know, there's to build their own version of Talos can be quite challenging. And I'm curious to see how that works with Kairos. Like, how do I actually bring my

37:59 own distribution and how do I configure things to my own liking and stuff like that? So maybe we'll get to that in just a moment. Yeah. Maybe it's important to mention what something we've noticed is that many projects or companies don't have the luxury of being in a completely greenfield project, so to speak, or or something modern that is already cloud native ready. So they actually require either multiple workloads, and some of them might be legacy and only run on Linux, but not on Kubernetes. Moving to Kubernetes might be, too costly for them or simply not an

38:37 option. Or we also see cases where some companies are already spending money on licenses with a certain provider. So in all of these scenarios, Kairos can adapt to you. Well, as you say in the other option with Talos, it's more opinionated in that sense. The the result of what you can do is probably the same to some degree with both distros, at least when it's on the Kubernetes side. But we do it in a flexible way where, for example, if you need to I don't know. Even if for you, it's important, the know how of your engineers,

39:18 and you cannot just let go of all that you've built on Ubuntu, then you can continue working on Ubuntu. Yeah. Yeah. Clear example could be, for instance, we do provide support for Nvidia JX Orin, your OS. But then you get all the benefits of using an immutable OS, AB system upgrades, and yada yada. So you get that extra layer also on a situation where you typically wouldn't do, even with Raspberry Pi. You could deploy Keras on Raspberry, and you can get all the OSs you want and switch between OSs by providing a different container image.

40:13 So this is the kind of vision that Keras accomplishes. And it doesn't matter what OS it is. So you could literally take whatever OS is out there or even build your own OS. You could build your Linux from scratch and put Keras on top so you don't have to handle the upgrades for your OS. Right? Alright. Let's get into some of those details there because those are pretty bold claims. Firstly, Michael said Talos wasn't an option because of CNI limitations. So I'm gonna assume the conversation here is that with sorry. The buzzer with Kairos, you can use

40:53 any CNI implementation. Yes. Yeah. Correct. You can use any Kubernetes distribution. So we currently support KZeros and K3s, but we have also community providers like Kube admin. So Kube admin is supported as well. And you can build whatever provider for your specific Kubernetes distribution and have the configuration bits you really need from the whole OS stack. So if you need some dependency in the system, you can just bring this in. Yep. Now when you say you can bring any Linux distribution even to the point of saying Linux from scratch, which is oh, I'll pop back over to here just now.

41:38 Even, like, building your own learnings from scratch. Right? I'm I'm curious to understand how this works. So say, I want to bring our Linux into the mix, and I wanna get that one running with with iOS. What is it you're doing to that Linux distribution to give us less automation and configurability and immutability? That's a good question. So Keras basically tries to identify which system you need to use on the image. And based on that, it's going to install the required services. On top of that, it's going to start the Keras agent binaries and some configuration that might be required

42:17 for the OS to function properly, like configuration, system settings, like users and these kinds of things. So it doesn't It tries to play with the tools that are already there. So I can bring you an example. So Linux from scratch is a good example because I've been exactly targeting that in my mind from the beginning. So as I was saying, I'm an next game to developer. So I was always doing my Linux from scratch. Right? And this system should have been working also on that. It's very much important. So Alpine works as well because we don't do any

42:55 magic. Basically, we just do a very clean layout. It depends on boot loaders. So for instance, we do support GRUB and System Deboot, and we leverage heavily on those to do the operation that we need to do. So to say a little bit of the logic, it's moved to the bootloader rather than OS to make it more agnostic when we do lifecycle management like upgrades. And it's obviously not magic. Right? Like, there are limitations to where we can run. Right now, it's only Systemd and OpenRC as init systems. But at least the code is written in

43:35 a way that it's you can expand it. Right? Like, if you really need to run on a different init system, then it's just a matter of telling the Kairos agent how that init system works. But the same thing for package management. Right? Like, if you bring your own distribution that you created and you also create a different package manager, of course, we're not gonna know how to install those packages. But the the mechanism to just extend that is right there, and it makes it easy to to have all the features of Kairos in your own

44:12 OS. Okay. So with that in mind then, if I said, let's share my screen and build a custom Kairos image that we can boot. Is that something we can do in the next thirty minutes? Mhmm. I mean, yeah. Part part if we continue in the getting started, that's a bit of where we want to what we want to do. Let me see if I have it here. So the the second section of the getting started, the building and upgrading will tell you how to create a new Kairos image based on an existing Kairos image. And then at the bottom,

45:03 it says build from scratch guide. And that that's the documentation we would need to follow if we wanted to do that. Alright. Let let me share my screen again. So Yep. Let's go back over here. And your screen is still on. Let me swap that over. Alright. So I did follow your instructions there. We don't need to start with bells from scratch. I mean, there are examples in the repo and I think we'll definitely take a look at them. But let's go with the Getting started. Yeah. Yeah. Like, just, you know, just taking a base image and then enriching it for some

45:50 ways. So the things that pop into my head right off the bat are, okay, what what are the bases that I can start with? What are you building these images for to get people started quickly? Yeah. For exam the the example that I have there is, let's say that for some reason, you need Ruby in the system that Keras doesn't provide. And in order to do that, all you would need to do is use us from one of our Keras images, then in the next step of the Dockerfile, you would say, okay. App get update, app

46:23 get install Ruby, and then do a normal Docker build for that image, and you're pretty much done. Now you can give this image that you've created to the previous machine that we just installed, and it will upgrade to that system that now has Ruby in it. Nice. So I see as a base choice of operating system, people can come to this page and then go for OpenSUSE, Rocky Linux, Fedora, Alpine, Debian, etcetera. I'm gonna keep things simple just because I did do a pull because it was a chunky sized image. This Ubuntu base is two and a half gig. So why

47:05 don't we just tweak this a little bit? And then okay. I can't I mean, I could pod man it. I'll just do docker to keep it simple. I don't wanna make things hard on myself again. And I'll grab this. What happened there? So we did from. Yep. Kui ubuntu tag. One thing to notice here is if you pick pick images with the core, you don't get basically the the Kubernetes distribution and Kubectl and K9s and etcetera, etcetera. Yeah. So there are Sorry, Nicole. No. No. Just just to clarify, basically, with images that they're using now, we're going to lose K9s or

47:56 K3s, K3s if we do upgrades. I I get that. I'm I'm I'm okay with that. I just wanna kinda show people how they can go from a Dockerfile to an ISO to building the thing, right, for some means. So, I mean, I'm a I'm hoping and assuming that anyone watching this is already quite comfortable putting together Dockerfile. Right? I mean, we can just do the classic example of now we have NGINX running inside of a container. So with that, what I could do then, it's just a docker image build dash t. Let's call this Rawkode

48:30 engine x. You're you're gonna need to publish it so that the system can consume it. If the system has Internet, I don't I haven't checked it. If can can you validate if the VM has Internet? Well, I mean okay. So you were suggesting that we built up the VM that I already got run got working and tell it to rebase off of another image. I was gonna say, like, the step that is missing from my mind is if I do this Mhmm. Tell me about Buildx. That's okay. I get a container image. But if I want

49:03 to create that as an ISO, is that the default flow or are you saying you would boot Kairos core and then tell it to consume a Docker image as an additional layer? Maybe I just not understanding that. Well, both work, actually. It it's a totally valid flow, the one you're describing. Okay. So is it easy now for me on my standard Linux machine to say, okay, let's convert Rawkode NGINX to an ISO that I can just DD onto some cloud virtual machine? Is that a common workflow or would you say publishing the container image and using that as

49:39 a layer on another Kairos as the preferred approach? Like, what should people aspire to if they wanna ship this stuff to production? So we have dedicated tooling for that. So from the container image, basically, you can build all the artifacts you need. So for upgrades, you are okay with the container image only. So up to this point, you just publish the container image to a registry, and then you would point the node to that image. If you would instead of, you know, create an ISO, there is the Aurora boot two that you can point the image like this one, and

50:23 it will create an ISO out from this. Alright. What Came with the WebUI. You can open the WebUI to drive this in front. What did you say? It was called Aurora. Yep. Aurora BIM? That's right? Yep. That's correct. Alright. All the way to the bottom, there is a WebUI. Or, otherwise, if you wanna use the CLI, there's there are examples offline ISO build from container images. Alright. I mean, I'm happy to use a web UI, but now that I'm seeing unified kernel images in secure bit, I mean, my interest is more than peaked. Like, we're getting

51:09 into the fun stuff now. Alright. Where was that web UI? Oh, I don't see. Ben says OCI is a % easier with Kairos upgrade. I guess I guess we're used to that flow as well. But, yeah, in this case, it's it's a total valid approach that you want to create your ISOs because I don't know. You need to send them through USBs for people to go and up upload because they don't have Internet in those boxes. Right? So it's a completely valid flow. Okay. So I've so I clicked on this create a custom cloud image. We you know, we've kind of

51:53 done this step already. So we added NGINX. Now I can use docker run to then create the ISO. So this is using oh, we got a different registry now. Right? So the Aurora boot isn't on Quay. It's on Scarf SH. I don't know where that is. Oh, yeah. That you can if you don't want to see that, you can just at the top of the page next to the sun, you can see you can select not to have that on the left. This one, yeah. Personal use and then you will see the Query. Yeah. All right. Okay.

52:32 Nice. So this just takes my current working directory, it makes it a build. Oh, no. It's create it's taking a build directory, bending it to Aurora, but sets these things. Alright. I don't know what that's doing. I'm just gonna run it. I'm feeling brave today. You just need to put the name of your image in where it says my custom image and we will need to have because this one wants Cloud config, we would need to create a Cloud config as well. Alright. So I don't have a build directory. Is that okay? Yeah. That's okay because it's

53:11 adding it on top of your current directory. Alright. I run a weird shell, so I will need to have this come through bash. My image now is it gonna have access to my local Docker image context? Or will I actually need to push this so well? Okay. In the second line, we added the Docker socket, so you should have access to them. Yeah. Okay. Can I just remove the Cloud config and say we don't care about that? Yeah. I don't know if we're going to be able to log in, but All right. Okay. So But you can. Technically,

53:51 you can. Sorry, I've went completely off script and now we're just going No, that's fantastic. There's Cloud Config. Yeah. You can take an example of Cloud Config probably from the getting I think in the getting started I put it It's up, no? There is no example up in the docs, no? There was. There there definitely was something. I remember looking at it and seeing the Yeah. In the getting started, if you're pressing configuration, go down and you will see one. Perfect. So let's just call this cloud config. Put my username in so I get my keys.

54:42 I'm okay with all of that. Alright. That's Now, the path and the build here is this because this is this is a parameter to the container image. So is this within the context? Yeah. You're going to have to add it. So I need to add another volume at the Yeah. All right. We can do that. So I can just do PWD and call that cloud like so. And I call it cloudconfig.com. Yeah. Okay. Let's see. Cool. Cool. Hopefully Aurora isn't too big. No, no. I think this one is a lot smaller. All right. So Michael was also in the

55:36 comments saying, Okay, what have I involved off of a hypervisor? I don't want container inception. Oh, I mean, I think that's the path we're on now actually. Right? So I mean, you could do this in a hypervisor? Maybe I don't understand the question, Michael. Feel free to expand on that a little bit. What if I'm building off of a hypervisor? Like, Michael, do you mean, like, you already are in a VM? Do you want to start building VMs within it? Or or what does it mean? Yeah. Possibly. But that seems like completely container what if you wanna build off of an

56:14 ISO? Okay. So what if they're from statement as another ISO rather than a container image? No. I think that would be a problem. Right, Tore? Our concept is starting always from Yeah. Container. Yeah. Is a container image in KARO's world. You have basically, you start always from a container, right? From the container image, you get all the final artifacts, including raw disks image for cloud providers, like even OpenStack, for example, or ISO, but always from the same container image. Yeah. Alright. I broke it. I mean, it seemed to do quite well. It got the cloud

57:01 config and then it was trying to dump the azure for us. Does it need permission to run with sudo maybe? If you're writing in Oh, no. Value too large. Maybe the space somewhere? Maybe too large for the file. Just to keep elaborating maybe on what Michael is asking. So if whatever distro you are you want to use, let's say, Proximox, I I don't know how they build their images. If they don't provide a container image, then no. You would you would need to figure out how to create a container image out of their images first.

57:52 Yeah. But generally speaking, you can build a container image from scratch, virtually from anything. So I don't know if that explain. Too large also. No. So, Michael, okay. Now I get to the point. So Keras is not running as a container. So the OS itself is not using a container engine to start in the system, but it's rather using OCI and container images only as a way to deliver upgrades or create artifacts. So from Proxmox, you get so you have yeah, yeah. So you create a standard VM and that's it. I mean, is no container line engine running the container image. So

58:49 the container image became your bootable system at that point. And from that container image you start to build off all the other artifacts you need. And Aurora boot for instance lets you build the ISOs, there are all these key images for cloud or drives a net booting installation tool. So you can also use it for booting several games or machines that are configured to boot from the network. Well, it also supports this way which doesn't require network configuration. So it only requires that the DHCP server support the DHCP proxy requests. So if that's true, then you don't need

59:29 even to set up any TFTP server. Nice. Alright. Michael is double high fiving, so that looks like he's happy with that answer. So have you seen my error before? I'm not sure. Happy to build it here if you want on my side. What they see, it's like having permission to yeah. Elchon. So it looks like you cannot do can you do? Maybe it's simply because ask. Can you do sudo docker run? I'm trying to run this as sudo just to be sure because maybe the operation doing on build folder does require a little bit more permission.

1:00:21 Alright. But it's it's something weird or or you'd have to run privilege it otherwise. Yeah. Because it's Yeah. I wonder if it would work with pod man. This looks better. Right? Stayed a bit longer already. Oh, no. It's weird. Alright. I'm gonna try it with Podman just because I'm curious now. I always use Podman, but I installed Docker for this just because the documentation normally mentioned it. I'm curious. I feel like I should tidy up that builder entry. And if it it can't type. If it doesn't work, it's fine. We can always pop over to your machine and take

1:01:25 a look at that. But I am definitely curious now. But we grabbed that code in it. We were on the building page. So where is that Aurora bit stuff? Oh, yeah. No. That we found in the Aurora bit. Oh, yeah. No. Where where was it? You took one from a different place, I think. I don't remember. I did. You're right. I did. Building custom cloud images. Okay. So Oh, yeah. Oh, so you can even build the base image by starting with a vanilla distro. Alright. That's nice. Yeah. Yeah. But I'm definitely gonna be hacking together some sort of Kairos arch

1:02:10 hybrid now. Yeah. I think once you're really into the hang of Keras, this is probably the way you're going to be building most of your images. Yeah. Okay. So we're actually got some information here on state sizing. This feels relevant to the error message we're getting, potentially. Did we put actually the state We we didn't include no. We didn't include that state size. Because normally we we don't, I think. Oh, and there was a cloud on it right here too. So Oh, yeah. I got the same with pod man. Do you wanna will I pop your screen up

1:02:50 and we'll take a look at a working one? Sure. Alright. But I had prepared is actually the other type of SSH model. So you're gonna show us an upgrade to the existing one? Yeah. So if I go here, I have an image here based on one of the Keras existing images. And then I'm going to install, in this case, Ruby. And then I can say docker build tag. And we can call this d t l dot s h row code. And then we put 24 on it and dot. Now we push it. Oh, I don't know how long this will

1:03:52 take. Didn't think of that, but hopefully not so much because I was playing with it. Oh, yeah. You can see that I was playing with it. So a lot of the layers were already there. TTL.sh is such a great service. Yeah. I don't even know who's responsible for it, but I use that, like, every workshop or conference I go to. It's just so handy. Yeah. It's so good. I I don't know how they offer it, but I'm happy that they do. Okay. So now we have this image here. Right? And I can just jump into

1:04:29 our machine that we already had here. If you remember, it was running this Kubernetes instance. And here, we have the Keras agent, and you can say upgrade source OCI and then paste the image that you want to upgrade to. Well, that's running. I'm I'm curious about the immutability aspect there. So how how does this work? Is it just a immutable file system? Have you just toggle it? Is it don't accept right? It's like is there what's going on here? Basically, have this I think the best place to go would be I think in the computation, we have

1:05:20 some some image about how this process goes. A B, what is it upgrade? But maybe you can explain in the meantime, it's alright that way. Yeah. Basically, there are so it works differently based on the if the system is using configured for trusted boot or not. So on trusted boot, you have the whole system as FEI files, and that means you're going to have an active and passive and the recovery FEI file in the system, those are actually handled in this moment. If you are not using TrustedBoot instead, those will be images that are mounted

1:06:10 read only in the system. And they are images that are created the fly, so the container image is pulled and the image file is being created from the container image in the system. And then there is an internal component that we call IMUCORE in Kairos, which does the mounting during the boot sequence. And for instance, when it's running in Trusted Boot, actually ImmuCore runs as a unit system from the early stages and then hands over to System B when hands into user mode. And yeah, this is basically in a nutshell what Maury is showing you what's going to happen. Yeah, here

1:06:53 you have the active, passive and transition image. Basically, we're putting everything, like like moving things around. Right? Your active becomes the passive. Then what we're building is the transition image. And then once this finishes, it goes into active. That means that if for some reason this process failed, you can always go back to the previous one that was working. And then we can reboot again. On top of that, there are also boot assessment strategies, which basically detects if the active system is not working properly and it will select the password. So if the upgrade here

1:07:36 would have succeeded but the image is bad, so it doesn't boot correctly, the system would basically detect that. Nice. So what we should see here when you log in is that you have the Ruby tool. Correct. Yep. And then, like I was saying, once once you get more into you probably sorry. Ruby dash v, I think it is. Yeah. We can see that we have Ruby installed. Well, once you get more into Kairos, this might be a bit not the way you want to handle your images because we have a way to keeping track of the OS.

1:08:26 Cairo wait. So we we have a way of keeping track of the image that you are spinning into. And you might want to have your own versioning here. Right? Your own cadence. Like, we we release our images when we have, I don't know, new features of our patches. But maybe you have a higher security level. Right? Like, maybe you're patching things much faster than someone else or than us in this case. So you you also can go into the we saw this with the building from scratch guide where you're going to be passing the version

1:09:15 oh, yay. Where where did I go? I get lost a bit. Yeah. When you pass the version, this will be the version of your system that you will see here. So then you can keep your own cadence of images. Yeah. And that's what it takes, basically. What you're seeing now, Marius yeah. Marius showing you is that in in just those few lines, you pull the Ubuntu image as a base, and you use the Keras init tool, which converts that image into a Keras based image, which what I was previously mentioning, it means it's going to start some base packages that are needed.

1:10:01 For instance, if it was Alpine, it would start things that are necessary for booting properly. For instance, if it's trusted boot, it would need systemd component. If it's not trusted boot, it will need grab. So it would Yeah. Pull grab in, these kind of things. Cool. Very interesting. That was this one here. So basically, here we went through the whole process of maintaining the images. But, yeah, at some point, you obviously want to have a better way to keep in track because you probably want to put this on your pipeline. Right? You don't wanna be doing those

1:10:43 manually, which is exactly what what we're doing, putting it on the on the pipeline. And for that, we have the if you see the repository, our image is as simple. Our Dockerfile is this, and that's it. This produces all the different Ubuntu OpenSUSE with or without k three s or k zero s. All the different versions are done just with this simple structure because at the end of the day, you can base from anything you tell it to start. Right? Cool. Yeah. Alright. Let's talk about the the project itself then. Right? I will pop us back over here.

1:11:35 I think what we've shown people is that building your own Linux distribution for loading and Kubernetes isn't that hard. We've never had a chance. The fact that this is all based on the OCI artifact and container fail. It's easy for anyone to come along and start customizing that, which has been hard for many years. Right? Nobody ever really enjoyed building virtual machine MQ. I had a quick look on GAP. I see this is a a gold project open source. It's a CNCF sandbox. You know People wanted to contribute and start having some fun with Kairos. What is the

1:12:16 best way for them to get involved and help shape the future of the project? Yeah. I think there are many areas in where Kairos opportunities where you can get involved in the project. There is for for example, if there's a distro that we're not tackling, you could bring that in documentation, of course. I I think the interesting part that we didn't get to talk about is that one way of installing things in Keras is bringing in bundles. So let's say you wanna have Calico already pre installed in your Kubernetes stack. You can just say bundle and put Calico.

1:13:06 All of that right now we have it as a community support. And so it really depends on the community to come and suggest and and ideally open up PR with the project that they want to see there. And and and that way, we can grow the different options that people can get almost from the ground when when they spin up a new Kairos machine. So, yeah, there are many different areas. We we we have, for example, office hours. You can show up and just make questions or suggestions or yeah. Like, just like we're having right now

1:13:49 this conversation, we're than happy to to have it with you. And We're we're open source. You there are many ways in in which you can come and contribute. Alright. The bundle concept is interesting. So assuming I want to build an image that has, you know, journal d log forward and baked into it, then I can configure an OCI layer that just does that. If I want to install Cilium, I'm assuming I can have something that does that. If I want to make maybe I want it to have tail scale on it and I want it

1:14:27 to join my tail net, I'm assuming there could be a layer for that. How do the bundles work then? Do you have to have guarantees that they all come from the same base, or does it not really matter? I I'm curious about how that works. Bundles are basically, again, distributed also CI images. Anybody can actually create bundles. So it doesn't really restrict in any way on how you can also distribute bundles. Right? So the bundles are a mechanism in Keras to have additional way to supply configuration for the system or ways how the system should

1:15:12 change the way how it works because it can also extend the cloud config mechanism. So with a bundle, you can feed cloud config during installation, for instance, and doing other things. So bundles is the way to run configuration, you can do that by distributing the bundle as OCI image, but also just as a simple tarballs if you want to. So there is really no restriction. And we have a community bundles repository where community can contribute new bundles, but also providers. So for instance, we have the kubeadmin provider, which enables Keras to to use QB admin or microcades,

1:15:59 for instance, well. So there are other Kubernetes distribution. This this is all all kind of feature requests or even, you know, contribution that we are welcome to to have. So even get to know how where you would be interested to see more support in terms of also of Kubernetes support, but not only. Yeah. Maybe one thing that I guess is the first one I'm I'm doing in an open source project is because normally you invite end users. Right? Like, come bring bring your suggestions or your or or the features that you want to see in the project. But in our case, being

1:16:40 a CNCF project, I would also invite other CNCF projects to join us because recently we had the experience that people from K0S said like, Hey, wait, why isn't K0s having the same level of integration as K3s, for example? And they came and started putting PRs and we worked together, and now the system improved thanks to that. And I I think there are so many projects out there if you see the landscape, right, like the typical joke in every presentation about the size of the landscape. But it's true. I mean, is there is so much it is so hard to take

1:17:26 the time to understand them and integrate them properly in a project. So if the people from those projects come and work together with us in this case, then Kairos can give the best experience for the Kairos users to to get a glimpse on their projects as well. Awesome. Thank you. I was also scanning your bundle docs there as well. And that's a really cool approach to doing this. It did raise one question, and I don't want us to go on much longer, but it'll also end up just sat here with the last loads and loads and and loads

1:18:00 more questions. Some of these bundle ideas and, again, I'm looking at the community bundles repository as well. Right? Some of these things probably need configured or need access to some sort of secret material. Is there a best path forward for working this? What is the you know, typically with, like, deploying a virtual machine or a container, some sort of handoff. Right? You see, now you're a workload within this workload identity pool. You could speak to a secret manager in the cloud and and do stuff that way. I'm assuming that would probably still work. But what about the edge scenarios or the bare

1:18:34 metal scenarios? How like, is this a path that's been solved, a problem that's been solved yet or not? I know that's a big question, but I hope I kinda got that across. It makes a lot of sense. I would say you have a limit, right? Like if you're talking about the edge, you could air gap everything, put it there, and and you would have, like, this small network that the system would have access to. Of course, you would have limitations there on how if there's a password there somehow ends up in the hands of someone,

1:19:17 you can't you can't do much at that point. What we're working on, and there is some functionality already in Keras, is that you can do remote attestation. So if there is connection to server, you could potentially tell the system to not boot if you're using the trusted boot mechanism. But if if you're not at that high degree of security, I would say, it's very hard because at the end of the day, it's a Linux box. Right? Yeah. So I'm assuming if I wanted to do an Kubernetes cluster with KTS running on Keras images, I'm just stuffing that joint token into the cloud

1:19:57 config. Is that is that the answer? Yep. Yeah. Got it. And there's nothing wrong with that. Right? You just you've gotta understand your security posture to make that safe to do so. I mean, this is how the cluster API project works as well. That's just so yeah. And people won't be won't be too disfamiliar with that. What what we've seen for example in a project is people who had it was an edge project and they had some sort of, I don't know, remote device, let's say, a phone that had connection to the server. And through that connection, they would allow,

1:20:35 to say, okay. If you see the connection, then the system can keep performing. If the connection is cut or the you get connection to a different service, then, you you cannot continue performing. Something like that. But you would have to come up with, most of these solutions depending on on the scenario. I don't think we have something out of the box per se, right, Tottori? So we don't have a mechanism to recognize hosts that are down, but we have the a k management service that allows you to isolate machines of a cluster from booting. So you can basically build on top of

1:21:19 that because it's a controller. So you can still use that in Kubernetes and control which machine basically can boot or not boot in a cluster. So you can do this kind of hardcore configuration, I would say, if you are strict in security terms. And, yeah, I mean, this is this is one of the most, I would say, interesting area when you can when we are looking for security features among also with trusted boot support that we have. Alright. I'm gonna say I'm gonna keep saying one last question, but, you know, I'm I'm just I'm curious and I'm having fun. Cool.

1:21:58 Cool. Are you actually running Cloud in it on a machine, or is your KAIROS agent responsible for handling that? Running, sorry? Running cloud. Are you actually running cloud in it or is the Keras agent consuming the cloud config and executing it? Oh, it's the Keras agent consuming the cloud config. Yeah, it's not the real cloud init. No, no, it's very So we provide Yeah, it's very good question. It's like we provide a compatibility layer to cloud init basically. Yeah, that's amazing. Because that, you know, that means that instead of stuffing secrets into my cloud config, I mean, I could contribute something

1:22:39 to the Keras agent. They could pull the cloud config remotely, and then I can make assertions against MAC addresses and say, okay. You are allowed to obviously Yes. It's slightly better posture. It's not great, but one step at a time. Right? So I've got ideas. I I've I've got ideas. Very good point. Yeah. Alright. I don't wanna take up any more of your time. We've been at this now for nearly an hour and a half. I would just say, firstly, it's such a cool project. The smile on my face throughout this has been completely genuine. I can't wait to start

1:23:09 kicking the tires and having fun with this. I would also say the documentation has been fantastic. I don't think there's ever been a time where I've asked a question that Mauro's not been able to open the docs page and say, here's the thing here. And that is very rare for our project. So kudos on that. Nice. And let's assume that people watching this, they're smiling too. They wanna check this out. They know either CNCF sandbox project. Right? There's a lot of them these days. They may want some confidence that there's forward momentum with the project. Maybe you can give us an

1:23:38 idea just in the last few minutes about what is the future and the road map for Kairos. And yeah, anything else you can share would be fantastic. Yes. Basically, most of the focusing point would be on streamlining the factory usage of Kairos. So what you have just been going with the documentation, like building images is going to be streamlined a lot. So, we didn't show it off today, but we are working on a web UI that lets you build every combination of artifacts. So, you start from a container image, you go through this very high level

1:24:23 process where you get all the artifacts you need, including also things like, again, I keep repeating, but trusted boot, but it's in that sense, when we talk about trusted boot, things get complex quickly when you have to deal with building artifacts. So, it's something very much appreciated when you look at that. And with that, also, are planning to have our own Keras operator, which provides the compatibility layer with copy. So currently, we don't have our known operator in doing that. We rely on system upgrade controller for doing upgrades in Kubernetes. But we are just using it as a

1:25:05 tool because of course it's providing the features that we need for doing the upgrades. And yeah, we are going to have our own solution on top of that, that allows us to pilot that also from a copy perspective and integrate with our factory lane. So that's very much important. So you can start from defining your OS to having bootstrapped bare metal clusters too, with almost zero configuration. So this is our vision going to the process from build from scratch the system you want, keep repeating that as many time you want for doing automated upgrades and consume that

1:25:49 from the cluster. Nice. Alright. Well, again, thank you so much for your time, both of you. Any final parting words? Contribute. Actually, thank you. Thank you for your time. It was very nice. That was a nice Yeah. And, I mean, I'm happy that documentation kind of worked today. No. I mean, jokes aside, I mean, thank you. Thank you a lot for your time. Yep. Much appreciated. It was a good time. Have fun. And if you need help with Kairos, just join our channels. And, we're there in the CNCF, Slack. Just reach out. All right. Well, thank you again for your

1:26:35 time. Thank you to everyone who watched. Also the links to the channels, the GitHub, etcetera will be in the description very, very soon. Yeah, have a great day and a great rest of your week and we'll see you all next time. Thanks. You too. Ciao. Thank you. Ciao. The Q and A, we've learned so much in every way. Thanks for watching Rawkode Academy and Rawkode Live today. Kairos