I would expect Raptor folks to contribute upstream to firmware, the Linux kernel, bootloaders and Debian itself, not make a fork just for their own machines. The Debian ppc64el architecture is an official release architecture so Debian supports those machines quite well already.
The existence of PopOS is pretty disappointing to me, they should instead be offering a choice of preinstalled distros, contributing to those distros and sponsoring those distros.
Can anybody help explain when organizations should use Talos instead of cloud-vendor-managed Kubernetes offerings (EKS/AKS/GKE)? Especially considering that the managed offerings now fit most regulatory requirements (e.g. EKS is FedRAMP-High Authorized)? Or does Talos see most of its use in on-prem environments?
For folks who are all in on a single cloud provider it might not make sense, but if you run Kubernetes in multiple clouds, on-premise, edge, etc. then it starts to make a lot of sense since you get consistency.
GKE runs Google's "Container Optimised" OS. It's just a bare-bones Linux designed for security and performance running containers, very similar to Talos.
Ssh into the nodes and poke around. Interesting FS layout, my typical probing commands didn't work and couldn't figure out the package manager or distro for a while, it was my firsr exposure to chromium os.
I've been looking at Talos for almost a year now. I love the fact there is no shell, each machine is just a K8s node. It seems wonderful, but I can not get it to install. A friend has has the exact same experience, he finally went with Ubuntu and k3s. Has anyone successfully installed it?
CoreOS has a lot of children including Flatcar, RHEL CoreOS, and Fedora CoreOS. Then you have Ubuntu whatever, Google Container-Optimized OS, Amazon Bottlerocket, Talos, and probably a few more. The market is flooded.
Did you just read a marketing blurb on their landing page and decide after 5 seconds they don't do unit testing? I guess we can also assume they don't brush their teeth every morning because they didn't mention that either.
Actually I read the entire documentation and browsed the source code.
https://www.talos.dev/v1.0/learn-more/philosophy/ "Security" section makes no mention of independent audits. It just boldly claims "There are no passwords in Talos" as if that was a panacea for security.
The existing integration tests don't verify any assumptions about security, only that the configuration is valid. Please correct me if I'm wrong or missed anything.
If you're going to call something "secure" you need to prove it.
They didn’t call it secure as per your initial quote. They say it is designed to have a small attack surface. You missed to acknowledge that security means different things for different contexts. Besides, it’s a free offering, clearing issues with insecurities other offerings have. If you want something to be more secure, you can point out flaws you find in the intended way (filing issues) which might help improve the situation. Calling it out the way you did (probably without trying the tool and even more likely without having substantial knowledge of better approachable alternatives in the space) doesn’t help at all.
