Skip to content

Instantly share code, notes, and snippets.

@ryanj

ryanj/Embedded_JS_workloads_with_Ignition_and_FedoraIoT.html

Last active May 4, 2021 13:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save ryanj/f30fc4c4555da88b5bc57d4d436ce026 to your computer and use it in GitHub Desktop.
Save ryanj/f30fc4c4555da88b5bc57d4d436ce026 to your computer and use it in GitHub Desktop.
Download ZIP
Delivering embedded JS workloads with Ignition and FedoraIoT - ForwardJS Ottowa 2020 http://bit.ly/js-embed
Raw
Embedded_JS_workloads_with_Ignition_and_FedoraIoT.html
<section data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/grayback.jpg" data-background-transition="none-in zoom-out" data-transition="zoom" id="js-embeded" data-background-color="black">
<h3><i>Delivering</i></h3>
<h1>Embedded JS Workloads</h1>
<p><i>with</i></p>
<h2>Ignition and Fedora IoT</h2>
<br/>
<h2><i>#ForwardJS Ottawa 2020</i></h2>
<p><a href="https://forwardjs.com/ottawa/schedule/">2:30 pm ET May 28th 2020</a></p>
<p class='fragment grow'><a style="font-weight:bold;" href="http://bit.ly/js-embed">bit.ly/js-embed</a></p>
</section>
<section data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/grayback.jpg" style="color:white;" data-transition='concave' data-background-transition='fade' data-background='#000000' data-background-color="black" id='presented-by'>
<p style="color:white;" class='fragment fade-down'><a href="http://twitter.com/ryanj/"><img alt="ryanj" src="http://ryanjarvinen.com/images/ryanj-mestrefungo-com.gif" style="width:50%"/><br/>@RyanJ</p>
<p style="color:white;">presented by <a href="http://twitter.com/ryanj/">Ryan Jarvinen</a>, Developer Advocate at Red Hat</p>
</section>
<section data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/grayback.jpg" data-transition="zoom" data-background-transition="none-in zoom-out" style="color:white;" data-transition='zoom-in zoom-out' data-background='#000000' data-background-color="black" id='previously'>
<h3><i>Previously at <b><code>CoreOS</code></b>&hellip;</i></h3>
</section>
<section data-transition="zoom" data-background-transition="none-in zoom-out" style="color:black;" data-transition='zoom-in zoom-out' data-background='#000000' data-background-color="white" id='previously'>
<h3><i>Previously at <b><code>CoreOS</code></b>&hellip;</i></h3>
</section>
<section data-transition="zoom" data-background-transition="none-in zoom-out" style="color:white;" data-transition='zoom-in zoom-out' data-background='#000000' data-background-color="black" id='previously'>
<h3><i>Previously at <b><code>CoreOS</code></b>&hellip;</i></h3>
</section>
<section data-background-size="contain" data-background='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/4fadef1992cc6c0e62719d450b4ccb882471f259/container-linux.png' id='container-linux'>
<p style='display:none;'>Container Linux (EOL)</p>
</section>
<section data-transition="zoom" data-background-transition="zoom-in fade-out" id='container-linux-evolution'>
<h2>Evolution Of <b>CoreOS Linux</b></h2>
<ul style='list-style-type:none;line-height: 2em;font-size: 130%;'>
<li class='fragment fade-left'><a href="http://coreos.com/os/eol/">CoreOS Container Linux<span class='fragment fade-left'> &rarr; coreos.com/os/eol</span></a></li>
<li class='fragment fade-left'><a href="https://silverblue.fedoraproject.org/">SilverBlue<span class='fragment fade-left'> &rarr; silverblue.fedoraproject.org</span></a></li>
<li class='fragment fade-left'><a href="https://www.openshift.com/learn/coreos/">RHEL CoreOS<span class='fragment fade-left'> &rarr; openshift.com/learn/coreos</span></a></li>
<li class='fragment fade-left'><a href="https://getfedora.org/coreos">Fedora CoreOS<span class='fragment fade-left'> &rarr; getfedora.org/coreos</span></a></li>
<li class='fragment fade-left'><a href="https://iot.fedoraproject.org/">Fedora IoT<span class='fragment fade-left'> &rarr; iot.fedoraproject.org</span></a></li>
</ul>
</section>
<section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/get-fedora-coreos-1.png" id='fedora-coreos'>
<p style='display:none;'>Fedora CoreOS</p>
</section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/get-fedora-coreos-2.png" id='fedora-coreos-1'>
<p style='display:none;'>Fedora CoreOS images</p>
</section>
</section>
<section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/87988aefb7c614051f6d682c7feebb43ecb96ab0/fcos-bare-metal.png" id='fedora-coreos-installation'>
<p style='display:none;'>Fedora CoreOS metal installation</p>
</section>
<!--
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/87988aefb7c614051f6d682c7feebb43ecb96ab0/fcos-pxe.png" id='fedora-coreos-pxe'>
<p style='display:none;'>Fedora CoreOS PXE installation</p>
</section>
-->
</section>
<section data-background-size="contain" data-background-transition="slide" data-background='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/fedora-iot.png' id='fedora-iot'>
<p style='display:none;'>Fedora IoT downloads</p>
</section>
<section data-transition="zoom" data-background-transition="zoom-in zoom-out" data-background-size="contain" data-background='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/d19fe6afad637e95c30cf2f1fac516c35a8b3aa5/iot-led.png' id='iot-led'>
<p style='display:none;'>Turn on an LED with Fedora IoT Edition</p>
</section>
<section data-transition="zoom" data-background-transition="zoom-in zoom-out" data-background-size="contain" data-background='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/d19fe6afad637e95c30cf2f1fac516c35a8b3aa5/power-over-internet.png' id='power-over-internet'>
<p style='display:none;'>github.com/ryanj/poweroverinternet</p>
</section>
<section data-transition="zoom" data-background-transition="zoom-in zoom-out" data-background-color="black" id='goals'>
<h2>Goals for this talk:</h2>
<ul style='list-style-type:none;'>
<li style='padding-top:0.5em;' class='fragment fade-left'><b>Language:</b> <span class='fragment'>JavaScript</span></li>
<li style='padding-top:0.5em;' class='fragment fade-left'><b>Motivation:</b> <span class='fragment'>Home Automation</span></li>
<li style='padding-top:0.5em;' class='fragment fade-left'><b>Architecture:</b> <span class='fragment'>Raspberry Pi (ARM)</span></li>
<li style='padding-top:0.5em;' class='fragment fade-left'><b>Demo Repo:</b> <span class='fragment'>github.com/ryanj/gist-reveal</span></li>
<li style='padding-top:0.5em;' class='fragment fade-left'><b>Demo Challenge:</b> <ol><li class='fragment'>Strive for a consistent management and workflow experience</li><li class='fragment'>Minimize differences vs x86 whenever possible</li></ol></li>
</ul>
</section>
<section data-background-transition="slide-in zoom-out" data-background-color="black">
<p><i>Don't miss <a href='https://twitter.com/joel__lord'>@Joel__Lord</a>’s #ForwardJS talk:</i></p>
<h3 class='fragment fade-left'>“Containerize All The Things!”</h3>
</section>
<section data-background-color="white">
<h4 class='fragment fade-left' style="color:black;">Image based workload delivery...</h4>
<br/>
<h4 class='fragment fade-right' style="color:black;" class='fragment'>Meet image-based OS delivery!</h4>
</section>
<section data-transition="zoom" data-background-color="white" id='why'>
<h2 style="color:black;">Why?</h2>
<br/>
<h4 class='fragment zoom-in' style="color:black;">IT'S ABOUT</h4>
<h2 class='fragment zoom-in' style="color:black;">STREAMING ALL THE THINGS!</h2>
</section>
<section data-background-color="white" id='why-dev'>
<h2 style="color:black;">Why?</h2>
<h4 class='fragment fade-right' style="color:black;" class='fragment'>For Developers <span class='fragment'>(code stream maintainers)</span></h4>
<ul>
<li class='fragment fade-left'>Consistent image-based service delivery metaphor</li>
<li class='fragment fade-left'>Portable developer toolchain, zero install</li>
</ul>
</section>
<section data-background-color="white" id='why-architects'>
<h2 style="color:black;">Why?</h2>
<h4 class='fragment fade-right' style="color:black;" class='fragment'>For Architects, Leads <span class='fragment'>(productivity / toolchain maintainers)</span></h4>
<ul>
<li class='fragment fade-left'>Consistent pod-based solution delivery metaphor</li>
<li class='fragment fade-left'>Ability to package and automate JS linting, auditing, workflow enforcement</li>
<li class='fragment fade-left'>Consistent dependency auditing and update/refresh mechanisms</li>
<li class='fragment fade-left'>Nodejs updates and security patches</li>
<li class='fragment fade-left'>Automation of libSSL patches</li>
<li class='fragment fade-left'>Reproducible access to production-grade service dependencies</li>
</ul>
</section>
<section data-background-color="white" id='why-security'>
<h2 style="color:black;">Why?</h2>
<h4 class='fragment fade-right' style="color:black;" class='fragment'>For IT, Ops, InfoSec <span class='fragment'>(security maintainers)</span></h4>
<ul>
<li class='fragment fade-left'>Consistent hardware refresh w/ minimal OS</li>
<li class='fragment fade-left'>Kernel updates</li>
<li class='fragment fade-left'>Key rotation</li>
</ul>
</section>
<!--
<section data-background-color="white" id='why-hardware'>
<h2 style="color:black;">Why?</h2>
<h4 class='fragment fade-right' style="color:black;" class='fragment'>For Security, Ops, IT <span class='fragment'>(hardware maintainers)</span></h4>
<ul>
</ul>
</section>
-->
<section data-background-color="black" id='features-compared'>
<h3>The Dist Contents:</h3>
<table>
<tr class='fragment'><td>Distribution</td><td>Components</td><td>
<tr class='fragment fade-up'><td><b>Container Linux</b></td><td><code>docker, ignition&nbsp;spec&nbsp;v2,<br/>RO disk w/ A/B boot partition</code></td></tr>
<tr class='fragment fade-up'><td><b>RHEL CoreOS</b></td><td><code>podman, ignition&nbsp;spec&nbsp;v2,<br/>ostree disk</code></td></tr>
<tr class='fragment fade-up'><td><b>Fedora CoreOS</b></td><td><code>podman, ignition&nbsp;spec&nbsp;v3,<br/>ostree disk</code></td></tr>
<tr class='fragment fade-up'><td><b>Fodora IoT</b></td><td><code>arm-image-installer, podman, ostree +RW</code></td></tr>
<table>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/4fadef1992cc6c0e62719d450b4ccb882471f259/fedora-coreos-components.png" id='fedora-coreos-components'>
<p style='display:none;'>Fedora CoreOS components</p>
</section>
<section id='podman'>
<h2>Podman</h2>
<ul>
<li class='fragment fade-left'>Manage pods, containers, and container images</li>
<li class='fragment fade-left'>build, diff, run, push, pull, ps, top, stats</li>
<li class='fragment fade-left'>https://podman.io/</li>
</ul>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/podman.png" id='podman-io'>
<p style='display:none;'>podman.io</p>
</section>
<section id='ignition'>
<h2>CoreOS Ignition</h2>
<ul>
<li class='fragment fade-left'>Similar to cloudinit</li>
<li class='fragment fade-left'>Runs only on the first boot</li>
<li class='fragment fade-left'>No variable substitution</li>
<li class='fragment fade-left'>Declarative JSON (w/ versioned spec)</li>
<li class='fragment fade-left'>https://github.com/coreos/ignition</li>
</ul>
<p class='fragment'><i><b>Not an option for RaspberryPi / ARM</b></i></p>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/coreos-ignition.png" id='coreos-ignition-on-github'>
<p style='display:none;'>http://github.com/coreos/ignition</p>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/ignition-examples.png" id='coreos-ignition-examples'>
<p style='display:none;'>https://github.com/coreos/ignition/blob/master/doc/examples.md</p>
</section>
<section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/ignition-spec-v3.1-1.png" id='coreos-ignition-spec-1'>
<p style='display:none;'>https://github.com/coreos/ignition/blob/master/doc/configuration-v3_1.md</p>
</section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/ignition-spec-v3.1-2.png" id='coreos-ignition-spec-2'>
<p style='display:none;'>https://github.com/coreos/ignition/blob/master/doc/configuration-v3_1.md</p>
</section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/ignition-spec-v3.1-3.png" id='coreos-ignition-spec-3'>
<p style='display:none;'>https://github.com/coreos/ignition/blob/master/doc/configuration-v3_1.md</p>
</section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/ignition-spec-v3.1-4.png" id='coreos-ignition-spec-4'>
<p style='display:none;'>https://github.com/coreos/ignition/blob/master/doc/configuration-v3_1.md</p>
</section>
<section data-background-size="contain" data-background-transition="slide" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/8e4a9904fbce852eea9b7ca2f99996014a3c4cdd/ignition-spec-v3.1-5.png" id='coreos-ignition-spec-5'>
<p style='display:none;'>https://github.com/coreos/ignition/blob/master/doc/configuration-v3_1.md</p>
</section>
</section>
<section id='ignition-config-example'>
<h3>ignition config example</h3>
<pre class='fragment'><code contenteditable>variant: fcos
version: 1.0.0
passwd:
users:
- name: core
home_dir: /home/core
shell: /bin/bash
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7sLcYVWUochTBiD/hbkBbt9MutMTFio+ogwgyDhHNCOktnlp2Lis2fi9QbyXlwARW9aGrEv5jiQmJSCKy8d4HHVAcS4cg5vuSDdTQJOBAowYjS4IXz2KXJ1NzZ9a+FvzEQuOgoVhvI/D+oj+TkpriWgt3lOh/fVQAcJbXhJSNug4LWfiTDGXaRDkqskJKXOKUjJTysHFnfoGTTQssb69HgWjcwT+E8ndRtyV09gJBXL8D+oSKNZCB+4RwQT0e1N608eUCmsi/9RbHCaZTG2+BZV1GEgnMPMRkzSrBXKD2YSGydsDfDjkwulpy62mZTakF5KsfrFERw0KGoO2ktZBxrIp9ZQf+89c7/jqohf4S1xwxm3FT3gsn3yrk/6H/APilXGPZatCIwFAqnqzapdQhF0RQXcuovuQwjjA6HCJfzurENZbOjTBPzUSH6fbCnvJnYM27W/PtKq769DCVjNkm7lRW32gCZa5o2yMVwbQ6gyd5BLrm5wQ2rCvrYo8mG/SMCkrLVKpmGGmWFjjiWJeVS7mvNvgtabTLxAkgnuu8qZwgbyjaDv2psa/ZmcmBATr/krsMxLIvvoNdzUe0+zQS3cUAbdw+xJpfrMaaHlDxKKNaNqzrYEwjF5aVEy65V6izalMjt7UEC0qjPpXQz7gyGb9753thCwTIzgq+uK8RXw== ryanj@redhat.com
systemd:
units:
- name: hello.service
enabled: true
contents: |
[Unit]
Description=A hello world unit!
[Service]
Type=oneshot
ExecStart=/usr/bin/echo "Hello, World! (from fcOS!!)"
[Install]
WantedBy=multi-user.target
storage:
files:
- path: /etc/hostname
overwrite: true
contents:
inline: core01
mode: 420
- path: /etc/motd
overwrite: true
contents:
inline: Good news, Everyone!
mode: 420</code></pre>
</section>
<section id='ignition-json-example'>
<h2>Ignition JSON example</h2>
<pre class='fragment'><code contenteditable>fcct -input ignition-example.yaml -pretty -output ignition-json.ign</code></pre>
<pre class='fragment'><code contenteditable>{
"ignition": {
"config": {
"replace": {
"source": null,
"verification": {}
}
},
"security": {
"tls": {}
},
"timeouts": {},
"version": "3.0.0"
},
"passwd": {
"users": [
{
"homeDir": "/home/core",
"name": "core",
"sshAuthorizedKeys": [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7sLcYVWUochTBiD/hbkBbt9MutMTFio+ogwgyDhHNCOktnlp2Lis2fi9QbyXlwARW9aGrEv5jiQmJSCKy8d4HHVAcS4cg5vuSDdTQJOBAowYjS4IXz2KXJ1NzZ9a+FvzEQuOgoVhvI/D+oj+TkpriWgt3lOh/fVQAcJbXhJSNug4LWfiTDGXaRDkqskJKXOKUjJTysHFnfoGTTQssb69HgWjcwT+E8ndRtyV09gJBXL8D+oSKNZCB+4RwQT0e1N608eUCmsi/9RbHCaZTG2+BZV1GEgnMPMRkzSrBXKD2YSGydsDfDjkwulpy62mZTakF5KsfrFERw0KGoO2ktZBxrIp9ZQf+89c7/jqohf4S1xwxm3FT3gsn3yrk/6H/APilXGPZatCIwFAqnqzapdQhF0RQXcuovuQwjjA6HCJfzurENZbOjTBPzUSH6fbCnvJnYM27W/PtKq769DCVjNkm7lRW32gCZa5o2yMVwbQ6gyd5BLrm5wQ2rCvrYo8mG/SMCkrLVKpmGGmWFjjiWJeVS7mvNvgtabTLxAkgnuu8qZwgbyjaDv2psa/ZmcmBATr/krsMxLIvvoNdzUe0+zQS3cUAbdw+xJpfrMaaHlDxKKNaNqzrYEwjF5aVEy65V6izalMjt7UEC0qjPpXQz7gyGb9753thCwTIzgq+uK8RXw== ryanj@redhat.com"
],
"shell": "/bin/bash"
}
]
},
"storage": {
"files": [
{
"group": {},
"overwrite": true,
"path": "/etc/hostname",
"user": {},
"contents": {
"source": "data:,core01",
"verification": {}
},
"mode": 420
},
{
"group": {},
"overwrite": true,
"path": "/etc/motd",
"user": {},
"contents": {
"source": "data:,Good%20news%2C%20Everyone!",
"verification": {}
},
"mode": 420
}
]
},
"systemd": {
"units": [
{
"contents": "[Unit]\nDescription=A hello world unit!\n[Service]\nType=oneshot\nExecStart=/usr/bin/echo \"Hello, World! (from fcOS!!)\"\n[Install]\nWantedBy=multi-user.target\n",
"enabled": true,
"name": "hello.service"
}
]
}
}</code></pre>
</section>
<section id='ignition-demo-workflow'>
<h3>Ignition Delivery Workflow:</h3>
<ol>
<li class='fragment fade-left'>Flash the Installer image to a USB thumb drive
<br/><pre class='fragment'><code contenteditable>sudo dd status=progress bs=4M if=installer-image.iso of=/dev/???</code></pre>
</li>
<li class='fragment fade-left'>Boot the machine using the USB installer image</li>
<li class='fragment fade-left'>Use the installer image to flash the SD card
<br/><pre class='fragment'><code contenteditable>/usr/libexec/coreos-installer \
-d /dev/sda -b http://example.com/os-image.raw.xz -i http://example.com/ignition.json</code></pre>
</li>
<li class='fragment fade-left'>Remove the installer USB and reboot</li>
<li class='fragment fade-left'>Use a web browser to confirm that the workload is available</li>
</ol>
<p class='fragment'><i>Works great for NUCs and most x86 machines</p>
<p class='fragment'><i>Unfortunately, not available for Pi (yet)</p>
</section>
<section data-transition="zoom" data-background-transition="zoom-in zoom-out" data-background-color="black" id='group-excercise'>
<h2>Group Exercise:</h2>
<ol>
<li class='fragment'>Stand up</li>
<li class='fragment'>Stretch your arms out wide</li>
<li class='fragment zoom-in'>Get ready for a big group <span class='fragment'>Eyeroll&hellip;</span></li>
</ol>
<br/>
<img src='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/rolling-eyes.png' alt='eyeroll' class='fragment zoom-in' />
<br/>
<p class='fragment zoom'><i>next topic:</i></p>
<h2 class='fragment fade-right'>systemd</h2>
</section>
<section data-transition="zoom" data-background-transition="none-in zoom-out" data-transition='zoom-in zoom-out' data-background='#000000' data-background-color="black" id='tomato-1'>
<img alt='tomato' src='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b68bf46a0252064b3e1c6c03d6c3cf08e99b9725/tomato.png' />
</section>
<section data-transition="zoom" data-background-transition="none-in zoom-out" data-transition='zoom-in zoom-out' data-background='#000000' data-background-color="black" id='tomato-2'>
<img alt='tomato' src='https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b68bf46a0252064b3e1c6c03d6c3cf08e99b9725/tomato.png' />
</section>
<section id='unit-of-management'>
<h3>Units of Management</h3>
<pre class='fragment'><code contenteditable>[Unit]
Description=Revealjs slides, powered by GitHub Gist
Documentation=https://github.com/ryanj/gist-reveal
Requires=network.target
Wants=network-online.target
After=network-online.target
Before=shutdown.target multi-user.target
Conflicts=shutdown.target
[Install]
WantedBy=multi-user.target
[Service]
Environment="DEFAULT_GIST=f30fc4c4555da88b5bc57d4d436ce026"
Environment="GH_CLIENT_SECRET=YOUR_GH_CLIENT_SECRET"
Environment="GH_CLIENT_ID=YOUR_GH_CLIENT_ID"
Environment="IMG=ryanj/gist-reveal:latest"
Environment="CONTAINER_NAME=reveal"
Restart=always
ExecStartPre=-/usr/bin/podman rm --force ${CONTAINER_NAME}
ExecStart=/usr/bin/podman run -it --rm --name ${CONTAINER_NAME} -e DEFAULT_GIST=${DEFAULT_GIST} -e GH_CLIENT_SECRET=${GH_CLIENT_SECRET} -e GH_CLIENT_ID=${GH_CLIENT_ID} --volume /tmp:/opt/app-root/src/css/theme/gists ${IMG}
ExecStop=-/usr/bin/podman rm --force ${CONTAINER_NAME}</code></pre>
</section>
<section id='iot-demo-workflow'>
<h3>Fedora ARM Installer Workflow:</h3>
<ol>
<li class='fragment fade-left'>Flash the Fedora IoT raw image to an SD card
<br/><pre class='fragment'><code contenteditable>sudo arm-image-installer \
--image=./Fedora-IoT-IoT-ostree-aarch64-32-20200429.0.iso \
--media=/dev/sda1 --target=rpi3 --resizefs \
--addkey /path/to/.ssh/id_rsa.pub</code></pre>
</li>
<li class='fragment fade-left'>Input the SD card and boot the Pi</li>
<li class='fragment fade-left'>Connect to the Pi to install your workload
<pre class='fragment'><code contenteditable>ssh root@IP_ADDRESS_FOR_PI </code></pre></li>
<li class='fragment fade-left'>Install and enable your systemd unit
<pre class='fragment'><code contenteditable>sudo curl -o /etc/systemd/system/workload.service http://example.com/workload.service</code></pre>
<pre class='fragment'><code contenteditable>sudo systemctl daemon-reload</code></pre>
<pre class='fragment'><code contenteditable>sudo systemctl enable workload</code></pre></li>
<li class='fragment fade-left'>Finally, <code>curl</code> to verify that your workload is availabile</li>
</ol>
</section>
<section data-transition="zoom" data-background-transition="fade-in zoom-out" data-background-color="white" id='packaging-streams'>
<h3>Packaging</h3>
<p class='fragment'>a stream in a box?</p>
<div class='fragment zoom-in'>
<img alt="thinking-face" src="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b2008921518b867cd02effb193601e980846de3f/thinking-face.png" />
</div>
</section>
<section data-background-color="black" id='packaging-options'>
<h3>Packaging Choices:</h3>
<ol>
<li class='fragment fade-left'>tarball</li>
<li class='fragment fade-left'>git repo</li>
<li class='fragment fade-left'>package.json</li>
<li class='fragment fade-left'>published modules</li>
<li class='fragment fade-left'>Dockerfile</li>
<li class='fragment fade-left'>container images</li>
<li class='fragment fade-left'>Kubernetes specs / helm charts</li>
<li class='fragment fade-left'>systemd unit</li>
<li class='fragment fade-left'>ignition spec</li>
</ol>
</section>
<section id='tomorrows-coreos-workflow'>
<h3>Tomorrow's Delivery Workflow:</h3>
<ol>
<li class='fragment fade-left'>Establish PXEboot automation for: <br/>hardware devices, OS images, and ignition configs</li>
<li class='fragment fade-left'>Programatically reboot hardware to process the associated ignition spec and layout the resulting OS</li>
<li class='fragment fade-left'>Reboot to verify workload operation</li>
<li class='fragment fade-left'>Repurpose your SD cards?</li>
</ol>
</section>
<section data-transition="zoom" data-background-transition="zoom-in zoom-out" data-background-color="black" id='the-future'>
<p>The Future is&hellip;</p>
<div class='fragment zoom-in'>
<img alt="ironic" src="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/3f1f9eb710fafe39ea90c40f53cab9c4e588d6ae/singer.png" />
<img alt="bear" src="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/3f1f9eb710fafe39ea90c40f53cab9c4e588d6ae/bear.png" />
<img alt="metal" src="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/3f1f9eb710fafe39ea90c40f53cab9c4e588d6ae/metal.png" />
</div>
<br/>
<h3 class='fragment zoom-in'>Ironic?</h3>
<br/>
<p class='fragment fade-left'><a href="https://docs.openstack.org/ironic/latest/">docs.openstack.org/ironic/latest</a></p>
</section>
<section id='zezere'>
<h3 class='fragment zoom-in'>Zezere</h3>
<ul>
<li class='fragment fade-left'>A provisioning service for Fedora IoT</li>
<li class='fragment fade-left'>Find local machines by Mac Address</li>
<li class='fragment fade-left'>Control deployment of ssh keys and OS images</li>
<li class='fragment fade-left'><a href="https://provision.fedoraproject.org/portal">provision.fedoraproject.org/portal</a></li>
</ul>
<p class='fragment'><a href="https://github.com/fedora-iot/zezere">https://github.com/fedora-iot/zezere</a></p>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b2008921518b867cd02effb193601e980846de3f/zezere-repo.png" id='zezere-repo'>
<p style='display:none;'>https://github.com/fedora-iot/zezere</p>
</section>
<section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b2008921518b867cd02effb193601e980846de3f/zezere-claim.png" id='zezere-browse'>
<p style='display:none;'>https://provision.fedoraproject.org/ - hardware claims</p>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b2008921518b867cd02effb193601e980846de3f/zezere-provision.png" id='zezere-provision'>
<p style='display:none;'>https://provision.fedoraproject.org/ - provision</p>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b2008921518b867cd02effb193601e980846de3f/zezere-select-os.png" id='zezere-select-os'>
<p style='display:none;'>https://provision.fedoraproject.org/ - select OS</p>
</section>
<section data-background-size="contain" data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/b2008921518b867cd02effb193601e980846de3f/zezere-processing.png" id='zezere-processing'>
<p style='display:none;'>https://provision.fedoraproject.org/ - processing&hellip;</p>
</section>
</section>
<section id='remote-imaging'>
<h3>Imagine Imaging Remotely</h3>
<ul style='list-style-type:none;'>
<li style='padding-bottom:0.5em;' class='fragment'><b>Today:</b> (After local device access with <code>dd</code>)<br/><span class='fragment'>Reboot to pick up minor updates; manually re-flash for major changes</span></li>
<li style='padding-bottom:0.5em;' class='fragment'><b>Yesterday:</b> CloudInit</li>
<li style='padding-bottom:0.5em;' class='fragment'><b>Today:</b> Ignition spec v2 (x86)</li>
<li style='padding-bottom:0.5em;' class='fragment'><b>Today / Tomorrow:</b> Ignition spec v3 (Fedora CoreOS, x86)</li>
<li style='padding-bottom:0.5em;' class='fragment'><b>Tomorrow:</b> Zezere <span class='fragment'><i>(under development)</i></span></li>
<li style='padding-bottom:0.5em;' class='fragment'><b>The Future(?):</b><span class='fragment'> Host OS images <i>and</i> workload images on the network; configure everything for PXEboot and PoE</span><br/><span style='float:right;' class='fragment'><i>Eliminate SD cards and power cables!</i></span></li>
</ul>
</section>
<section data-background-color="black" id='renewable-outcomes'>
<p>Continuous delivery enables</p>
<h2>Renewable Outcomes:</h2>
<br/>
<ul>
<li class='fragment fade-left'>Delivery of Nodejs updates and security patches, libSSL fixes</li>
<li class='fragment fade-left'>Portable developer toolchain, w/ zero-install option</li>
<li class='fragment fade-left'>Automation of code lintinting, auditing, workflow enforcement</li>
<li class='fragment fade-left'>Automatable dependency auditing and patching</li>
<li class='fragment fade-left'>Reproducible access to production-grade service deps</li>
<li class='fragment fade-left'>Machine OS and kernel updates</li>
<li class='fragment fade-left'>Hardware access automation via key rotation</li>
</ul>
</section>
<section data-transition="zoom" data-background-color="white" id='why-streams'>
<h2 style="color:black;">Why Streams?</h2>
<br/>
<h2 class='fragment zoom-in' style="color:black;">BECAUSE STREAMS</h2>
<h1 class='fragment zoom-in' style="color:black;">CONTINUOUSLY DELIVER</h1>
<h1 class='fragment zoom-in' style="color:black;">ALL THE THINGS!</h1>
</section>
<section id='platform-alternatives'>
<h3>Pi Stacks</h3>
<table>
<tr><td>platform</td><td><i>notes</i></td></tr>
<tr class='fragment'><td>Raspbian plus nodejs</td><td>Fastest getting started experience, easy to demo, minimal automation support</td></tr>
<tr class='fragment'><td>Raspbian w/ docker</td><td>Slow iteration speed, limited availability of ARM images, modest automation gains</td></tr>
<tr class='fragment'><td>Raspbian w/ Kubernetes</td><td>Extremely resource intensive, pods are fundamental</td></tr>
<tr class='fragment'><td>Fedora IoT w/ Podman</td><td>Low overhead, <span class='fragment'><br/>Kubernetes-style workload units (pods)</span></td></tr>
<tr class='fragment'><td>Fedora CoreOS</td><td><span class='fragment'>Assumes use of ignition<br/><span class='fragment'>Works on NUC; Not available for Pi (yet)</span></span></td></tr>
<table>
</section>
<section data-background-color="black" id='scorecard'>
<h2>Fedora IoT + RaspberryPi Scorecard:</h2>
<ul style='list-style-type:none;'>
<li class='fragment fade-left'><b>Consistency of management and workflow experience:</b> <br/><span style='float:right;' class='fragment fade-right'><code>7/10</code></li>
<li style='clear:both;' class='fragment fade-left'><b>Iteration speed:</b> <br/><span style='float:right;' class='fragment fade-right'><code>6/10</code></li>
<li style='clear:both;' class='fragment fade-left'><b>Automation capability:</b> <br/><span style='float:right;' class='fragment fade-right'><code>8/10</code></li>
<li style='clear:both;' class='fragment fade-left'><b>JS demo successfully ported to RaspberryPi:</b> <br/><span style='float:right;' class='fragment fade-right'><code>PASS</code></span></li>
<li style='clear:both;' class='fragment fade-left'><b>Successfully avoid mentioning OpenStack and/or systemd at JavaScript events:</b> <br/><span style='color:red;float:right;' class='fragment fade-right'><code>FAIL</code></span></li>
</ul>
</section>
<section id='resources'>
<h2>Follow-up Topics:</h2>
<ul style='list-style-type:none;'>
<li class='fragment fade-left'><b>Fedora CoreOS</b><span class='fragment fade-right'> &rarr; getfedora.org/coreos</span></li>
<li class='fragment fade-left'><b>Fedora IoT</b><span class='fragment fade-right'> &rarr; iot.fedoraproject.org</span></li>
<li class='fragment fade-left'><b>Podman</b><span class='fragment fade-right'> &rarr; podman.io</span></li>
<li class='fragment fade-left'><b>Ignition</b><span class='fragment fade-right'> &rarr; github.com/coreos/ignition</span></li>
<li class='fragment fade-left'><b>Zezere</b><span class='fragment fade-right'> &rarr; github.com/fedora-iot/zezere</span></li>
</ul>
<br/> <br/>
<h3 class='fragment fade-left'><b>OpenShift</b><span class='fragment fade-right'> &rarr; openshift.com/try</span></h3>
</section>
<section data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/grayback.jpg" data-background-color="black" id='thank-you'>
<h1>Thank You!</h1>
<br/>
<h1 class='fragment fade-left'>#ForwardJS Ottawa 2020</h1>
<br/>
<h3 class='fragment fade-left'>@RyanJ</h3>
</section>
<section data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/grayback.jpg" data-background-color="black" id='Q-and-A'>
<h1>Q & A <span class='fragment'>?</span></h1>
</section>
<!--
<section id='demo-bonus-round'>
<h3>Demo Round 2:</h3>
<ol>
<li class='fragment fade-left'>Contact your Pi on port 8080 using a web browser. Confirm that slides are visible</li>
<li class='fragment fade-left'>Click on the "Presented by" button at the bottom of the slides</li>
<li class='fragment fade-left'>Fork the gist and make a small change. Note your <code>gist_id</code></li>
<li class='fragment fade-left'>Return to the slides; Append your gist id to the URL path to load your copy of the slides</li>
<li class='fragment fade-left'>Confirm that your GitHub username is displayed within the "Presented by" button</li>
</ol>
</section>
-->
<section data-background="https://gist.githubusercontent.com/ryanj/dc456a26b2cbdef7bc431cff841b0a8e/raw/069d6ba4cb756a6d4e077e07016b111391d2c807/grayback.jpg" data-background-transition="none-in zoom-out" data-transition="zoom" id="goodbye" data-background-color="black">
<h3><i>Delivering</i></h3>
<h1>Embedded JS Workloads</h1>
<p><i>with</i></p>
<h2>Ignition <i>OR</i> Fedora IoT</h2>
<br/>
<h2><i>#ForwardJS Ottawa 2020</i></h2>
<h3 class='fragment'><a href="https://twitter.com/ryanj">@RyanJ</a></h3>
<p class='fragment grow'><a style="font-weight:bold;" href="http://bit.ly/js-embed">bit.ly/js-embed</a></p>
</section>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment