# Ask Noah Show 213 Transcript Introduction: Requesting connection, established encrypted. We're alive. The show you've been asking for advice, technology and community. Linux first, all others second. This is Ask Noah! Noah Chelliah: [Interlude] Live from Altispeed Technologies, The Ask Noah Show starts right now. This is the show where we came to do all the things on Linux they said couldn't be done, and take your questions on how to do the same. The phone lines are open this hour, to be a part of the program, it is a free call, 1-855-450-Noah. That's 1-855-450-6624 or send an email to live@asknoahshow.com. My name is Noah Chelliah, I am your host, glad to be here with you as another episode of The Ask Noah Show kicks off this hour. We have been following, as you might expect, what has been happening with Red Hat and CentOs transitioning to red hat stream, try to keep my finger on the pulse of that. Joining us this hour, his name is Greg Kurtzer. He's one of the early founders of CentOS, and now the Executive Director of the Rocky Linux project distribution that seeks to be a bug for bug Red Hat Linux Compatible Distribution. He joins us this hour as a guest on the Ask Noah Show, Greg welcome into the program. Greg Kurtzer: Thank you so much for having me, great to meet you. Noah Chelliah: Yeah, thanks for taking the time to be here. So, take me back to the beginning Greg, take me back to October of 2000. Before Red Hat Enterprise Linux, even before CentOS, back when you're working, it's just Greg and the Debian community at that. What was Greg doing in those days? Where were you at in life? What was your interest in Linux? Greg Kurtzer: Oh my gosh! I have to go way back and remember, a long time ago since them days. Let's see, just at the end of the 90s, I have a Degree in Biochemistry and I came out of Biochemistry, got really interested in Linux through bioinformatics and genomics. And I got introduced into Scientific Computing, and started up with a company called Linux Care. And Linux care was one of the three major Linux players at the end of the 90s or early 2000s. There was Red Hat, there was VA Linux who everybody knows them from their IPO, and there was Linux Care. And Linux Care was one of the coolest, companies that I had a chance to work with, and got to work with some amazing people, at that organization. But from there I kind of picked up Debian, and I got really interested in Debian. I didn't start maintaining any packages or anything, but did work with a lot of the package maintainers that were working at Linux Care at the time. And from there I ended up landing at the Department of Energy, at Lawrence Berkeley National Laboratory. Now LBL was completely focused and standardized on RPM based distributions of Linux. And at that point, I think where we were at Red Hat Linux, not Enterprise Linux, but Red Hat Linux, I think it was like 6 something or 7172 somewhere around there. And it just kind of all started from there, and at some point I really felt strongly that there needs to be a community implementation of an RPM distribution of Linux. And that's what CAOS was, not CHAOS, just CAOS. And we built that up and we were working on that, and that's when Red Hat announced that they were end of life with Red Hat Linux. And at that point, I think we were at a Red Hat Linux at 7.380099. Noah Chelliah: I think it was Red Hat, 738 then 9 and then it went to REL and Fedora. Greg Kurtzer: Yes, okay, yeah. And then all of a sudden, the whole community was left without their free Linux that most of the enterprise was using at that point. And we were basically out of a build system. So one of the team members over there, his name was Rocky Magaw, basically said, “Well, you know, I've been playing with this and I know how to rebuild Red Hat Linux. Maybe I should start doing that with Red Hat Enterprise Linux and get us a build system.” And we're like, okay, that's a cool idea, and so he started going in that route and in that direction, and before we knew it, that operating system ended up kind of taking over for CAOS. And all of the other initiatives we were doing just took off giant and that ended up becoming CentOS. Noah Chelliah: So at this point, is this back when it's CAOS Enterprise Linux, and then later the name CentOS comes out and the project becomes CentOS? Do I understand that right? Gary Kurtzer: Yeah, you're bringing up all sorts of memories. Yeah, it's called the CAOS Enterprise Linux, and then we ended up, one of the contributors proposed the name CentOS and I really liked it. I thought it had a nice ring to it, so we ended up going with CentOS and yeah, the story just kind of took off from there. Noah Chelliah: So, this lives for a good long time and a lot of people to include myself really appreciated the fact that, the work of the CentOS project meant when I went to study for my RCSA, I was able to sit down. The Instructor said, you can use one of these binary compatible distributions and installed it on as many machines as you want and practice, learn and explore. And I've since used that tool both professionally and personally, to learn more about Red Hat systems. So we skate for a long long time. Then, 2014ish, Red Hat comes out and they acquire CentOS, and when this happens, what is your thought? Red Hat takes over the community, repackaging of Red Hat, but they're going to keep it, and they're going to keep maintaining it. Anything concern you at all, or does it seem like it's a good idea at the time? Gary Kurtzer: So, I didn't have much to go on at that point, but I have a lot of respect for Red Hat, and everything that Red Hat has done for open source in the community. So, before jumping to any conclusions, I just kind of wanted to see and watch, see how everything worked out. But with that being said, I will say that there was a number of people that reached out and contacted me and said, well, now that this is under Red Hat's purview, and there's an obvious conflict of interest with their, main product. Maybe it makes sense to create a new CentOS at this point, and I said, let's just wait and see what happens. Let's just watch and see how Red Hat handles this and see where this goes. And Red Hat proved that for a number of years. I mean, they did a phenomenal job, a tremendous job maintaining CentOS. And, the community and enterprises and what not, we all should be thanking Red Hat for the energy and what they've done with CentOS since then. Noah Chelliah: Yeah, absolutely. Then the tools that they've given to people, not to mention all of the free training and developer licenses for Red Hat proper, all of that. But nevertheless, all of Red Hat's generosity aside Tuesday, December 8th comes, CentOS publishes a blog article entitled "The CentOS project shifts focus to CentOS Stream." And of course, this is the announcement where CentOS is going to become CentOS Stream, which means it's now an upstream continual release schedule. And in some cases, this is not going to be any problem at all. And those that previously ran CentOS can run CentOS Stream and there won't be any issues. In other cases, it could be catastrophic because we're no longer a bug for bug compatible version with Red Hat proper. And you made a post on our comment on this blog article and just said, "Hey, I'm considering creating another rebuild of REL. I may even be able to hire some people for this effort. If you're interested in helping please join, the HPC Slack," and then you posted a link. People are over the moon, it goes gangbusters within a week. There are people all over the place and the biggest task for you and your new team is, you have to organize these hundreds of people that are coming to you saying, "I want to help, I want to support what you're doing, this is needed." And so the project is called Rocky Linux, this is out of honor to your friend that passed away that helped you start the original CentOS project? Do I understand that right? Greg Kurtzer: Yes, you do. Noah Chelliah: And so, as this has grown, a couple of things came out, like you've outgrown Slack, and so you're moving to Mattermost. And so, as this community project has literally been born from the community, it started with a comment off of a blog and has in very public light I might add, gone from there, with you at the helm and kind of leading these things. Now there's a website up, you have a really good December update, giving people some details on what to expect, and, in there you talk a little bit about, approaching a timeline. You say, task number one is just to get ourselves organized so we understand what's going on, so we can do things like make ETAs. But you're thinking at this point, the way things are skating along, quarter two of 2021, we might see something? Greg Kurtzer: That’s what we're shooting for, yeah. So, maybe even some people may kick me for this, but maybe we may even start seeing things before that, I don't want to pressure the team. Rebuilding a bunch of sorts RPMs, is not the hardest problem in the world to solve right? You could do it in its most rudimentary form with a while loop in bash. Where it gets really complicated, is expanding this to where you can have many developers and many people that are interested in being part of this, being able to contribute and, being able to maintain that. And then how do you manage the security and the validity of those packages that are coming out of this process? And how do you audit that in a very scalable and in a big way? So that's really where we've been spending a lot of time. We don't have a huge rush, well, yes and no. CentOS is going to continue to be a solution, it's going to be continuing to get updates until December of 2021. So we do have some time, now with that being said, enterprises, typically, don't like to wait till the last minute. So we we've already gotten requests from enterprises that want to start considering their migration path. And from that perspective, we need to be thinking about it with that enterprise hat on, and we need to be able to give these organizations something that they can start planning towards. So it's really of high importance to me that we get this timeline out there, such that these enterprises, these individuals who are making these decisions know exactly what to expect. And when they can start testing this, when they can start rolling this out into production and not waiting till the last minute, but with that said again, infrastructure first, and that's what we're working on right now, Noah Chelliah: You have alot of experience in high performance computing, and super computers and those kinds of things. And so you're well versed in what the requirements are going to be from a University or a Science Research Facility and what they're going to expect from an enterprise operating system. And, aside from just the operating system you’ve worked on or, done entirely a few projects. Things like Essentially Docker for high performance computing, as you've done these things and what has your experience told you that the enterprise expects from a community-based operating system? What kind of targets are you looking to hit? Is it just like you say, the actual recompiling maybe is there, but negotiating and working with special interest groups and providing some sort of support infrastructure? And/or the infrastructure for the community to do the support, how are all of those things going? Greg Kurtzer: So almost all of my answers are going to be from the perspective of an HPC Center or an HPC Enterprise, and only because that's just what I know. So in almost all of these situations across the board, we have certain areas of trust, validation and, change management that we have to deal with. In high-performance computing specifically, you end up with big, huge systems. And when I say big huge systems, I mean, they can have many thousands of computers that are all part of one tightly coupled, tightly integrated system. From there, we can basically be running and providing a service or an infrastructure for thousands of users simultaneously. Now you can start to probably imagine the software dependencies and the amount of software that needs to be built against that entire system. Now, containers have helped a lot with that, singularity, which is the container system that I created, which is kind of like a Docker for HPC. This definitely helps with that, but most of today's HPC is very, very tied to starting from the underlying hardware and then working up the stack, going all the way to the applications. A couple of the centers that I've worked with, literally maintain thousands of custom compiled applications, libraries, and compilers on their HPC resource. So to change a version of the underlying operating system, there is something that in some cases requires well over, I would say eight to 10 months of preparation and planning, and it's a large amount of work. And then to do the qualification afterwards to make sure that all of those applications are working as expected. It's sometimes an extraordinarily again, very difficult process to maintain. So from an HPC perspective, they don't want anything changed, and I've worked with several organizations within government, specifically that said, once we have qualified this piece of software, we won't even let you upgrade SSH. And that shows you how critical it is to lock these systems down. Now, of course, I can usually talk my way out past SSH, but when you have a C library that needs to be updated, it's a little bit of a different story. So you start to get the idea that this is an extraordinarily stable kind of infrastructure that is not going to move fast. It's going to move very very slow and take a lot of planning to do so. So when I'm thinking of an enterprise operating system, there's several different facets, sorry to keep talking so much, there are several different facets. The first one is that stability. The next one is the trust and the validity of that underlying, binaries and that operating system to ensure that there's no Trojans right? When you're working for, whether it be government entities or whether you're working with enterprises or media, and you have to have that trust and that underlying operating system, it's absolutely critical. And how do you gain that trust? That's the kind of problems that we're working through right now. And that's something that CentOS just due to the infrastructure that was available at the time, didn't really have a great footing on how best to deal with those sorts of problems. And that's why the CentOS team was always very small, starting from the very beginning. Noah Chelliah: Essentially the way that the team had approached it before, was they were taking what would be a product that somebody could use, but came with a price tag an recompiling that and putting that out. One of the interesting things that has come out of this then is your ability to say, "Hey, I have the experience to know what kind of things are going to be important, and what kind of problems you might run up against. And I will know how to answer those questions for your certification process or your deployment process, or those kinds of things." And this is a way that Rocky Linux can perhaps add value to people that want to use that distribution. Greg Kurtzer: Yeah, absolutely. Oh, you hit that a hundred percent on the head. So we're even talking about enabling FIPSE, Security, STIG and others that we can actually guarantee particular security validation points of the base operating system. And thus people that are running this in, whether it be a controlled sector or, some sort of high security environment can actually gain that confidence and understand that that operating system actually has this baseline security stamp of approval and a matter of speaking. But how do you do that in a way in which you want this to be an open, diverse, large, inclusive community? And how do you allow them people to just take part in this while maintaining that level of certification? And that's where we've been spending a huge amount of time thinking through, and really architecting that infrastructure, right from the beginning to be security and controls compliant, as well as developer, open and engaging. Noah Chelliah: Konan Koodo in the chat room has a question. He says, if HPC has frozen environments, would it be possible to use frozen snapshots of the CentOS Stream to accomplish the same goal? Greg Kurtzer: Yeah, yeah, it definitely is. The problem then just comes into play when you do upgrades. So as we do, do system upgrades, so let me give you an example, on the spectrum of what is frozen and not, not being able to upgrade SSH is just one extreme. The more typical extreme is, well, we're going to stay on a particular REL version or SENTEL's version or Rocky version for as long as we absolutely possibly can. And we're going to have specific windows of opportunity where we are going to be doing system and security upgrades along the way. So you want to have that stability in that underlying API, such that all of those binaries, those thousands of binaries, applications, libraries, and compilers that you built, you're going to have confidence that just because you're doing a YUM or a DNF update, you're not going to break all of those. So you still want that longevity, and you want to ensure that you are going to be able to get necessary updates and security and bug fix updates as they become available. Again, my pointing at that one, compliance issue where we couldn't even upgrade SSH is kind of an outlier, but it just demonstrates how critical it is to a lot of people that these systems remain absolutely stable. Noah Chelliah: Sure, sure. And I think anybody that's worked in system administration at one point or another in their career, has come across the magic box, right? The magic box it's in the corner, well how does that, but I don't know. We, don't know how that was set up, we don't touch it and it's in the corner and it works. And we just pray every night, and then we come back the next day and it's still working. It's the magic box, we don't ask questions. Everybody has had that environment, right? And that's what it feels like when you need an operating system, but there isn't one available that fits the bill. Let me ask you this, Greg talk about special interest groups. I know that you've been approached, a lot of people are saying, "Hey here's our specific need," and of course there is a very symbiotic relationship that can be had there, in which the people that use the thing can help from the development of the thing. But talk about what some of these special interest groups are, and what their involvement are if any, or will be with the Rocky Linux project? Greg Kurtzer: Oh, that's a great question. And yeah, there's definitely been a lot of interest. We've had people come up and ask, can we have an optimized desktop environment? Can we add a newer Colonel? Can we do X, Y, or Z? And of course, as you can probably tell, I'm very interested in it from the HPC perspective. But the first rule here, is that we're creating a bug for bug compatible version with the Upstream Linux Distribution, which is REL. So anything that we do is not going to affect that, by default, the first thing we have is the stable foundation. On top of that stable foundation, now you have to make things, if you want to have SIGs, you have to have them to be optional. And you have to be able to give a mechanism for people to reliably buy into it and say, yes, "I want the desktop variant of this, or the laptop variant of this." And be able to select that package group and then be able to move forward from there. So that's how we're thinking about this. Again, we start off with this absolutely stable foundation, and then we give people the opportunity via special interest groups to jump in and add additional capabilities or packages. The model that I was thinking of for this, actually comes from another rebuild called Scientific Linux. Now a number of years ago, I don't remember which Scientific Linux variant this was, but even in the installer, they had another page which basically said, what are the extra or site-specific packages that you want to leverage? And this gave whoever's installing it a very easy way to basically enable or disable specific repos or SIGs. And you can then basically just add install time. You can make modifications to what is even being installed and, or have custom installers for those special interests. Noah Chelliah: Is there an opportunity for the special interest groups to fund the ongoing development of the project? Or do you have other ideas of how to fund the ongoing development of Rocky Linux? Greg Kurtzer: Oh, another really good question. So Rocky Linux, so if we look back towards Centos, it started off actually coming out of again, CAOS Linux and the CAOS Linux foundation. So at the time I created a not-for-profit organization around CAOS Linux, trying to come up with a way of hosting and taking in donations and whatnot around this. And those donations were then basically turned to be used on the project itself, so I'm basically doing almost exactly the same thing. Where CentOS really changed, was after it left this foundation that I had, and the developers went to a different direction. It kind of changed the tone, there was even a period there where some of the people were kind of unreachable and whatnot. There was an open letter that was sent out, trying to get access to things like the domain name and the donation button and things like that. So there was definitely a little bit of turmoil and drama that occurred early on. And again, because the infrastructure wasn't really there to have a very inclusive, large community and still end up with something that is cryptographically signed and trusted packages and whatnot. It was always a very small kind of group that was running with this. So one of the things that is very important to me, is to make sure that there's an organization that's hosting this, that has in its charter, in its founding principles that this is going to stay open and free from corporate control. Now I'm CEO of a startup, and I'm not going to plug any of that here. But one of my direct interest is how do I keep Rocky even away from my own company, and my own company's control? And how do I maintain that delineation and that separation? And so I I've been working through that and I've been working with a lot of volunteers to figure out, okay, what are the documents and the charters and the promises that we are making to the community on behalf of this organization on how are we keeping this free? How are we maintaining transparency? How are we doing all of these things to make sure that this stays in the community? And so that basically means you asked about funding development? It means that there's no business model associated with us. It will be sponsorship, we're going to, and again, a lot of this is kind of still materializing, we're like three weeks old at this point. But in terms of what's inside the vision and where we want to make this, is we want to have corporate sponsorships, donations and that's pretty much it. People that have the ability to spend time on this, whether through their employer or because they find this a fun hobby, something that they want to be associated with, whatever that is. That's really what we're trying to foster, and then to make sure that everything that gets put into this, stays open and free and making sure that we're creating the right infrastructure to do that. I will just put a little statement out there. Noah Chelliah: Sure. Greg Kurtzer: To do that, is not an easy thing to do. And it actually requires a number of lawyers to ensure that everything is open, that the Corporation is being set up in a way that is not for profit. And that we are going through all of the appropriate hoops and whatnot to ensure that all of the policy decisions we're making is something that's going to hold up. So I've engaged and I'm personally paying for this sort of stuff at the moment. And at some point I'm very much looking forward to that changing via sponsorships and donations from other people. But at the moment we're good and I'm not like begging for money or anything, we're good. But I just wanted to let people know that there's definitely going to be an opportunity for corporate sponsorships and individual donations and so on and so forth. Noah Chelliah: Well, it sounds to me like you are ultimately responsible to the end users and to the community. You're not responsible to another corporate interest, you're not responsible to a special interest group, and you’re responsible to the community and producing a product for the community. And so there's nothing left to say, but thank you. How many developers are currently working on this project? Again, you've been overwhelmed with support to the extent that you've been able to get people organized and working on small things. What's the situation right now? Greg Kurtzer: So you, you mentioned that blog post and the comment that I put on that blog post, I thought I'd get a little bit of interest, I had no idea. Noah Chelliah: The world was about to explode? Greg Kurtzer: I had no idea of the amount of people that would want to be part of this and want to help this. Within mere days, we had thousands of people jumping into the Slack. Our get hub was, was like ranked number one, in terms of just the ranking of the number of people starring it and, following it and doing all this stuff. We actually hit our get hub large file support limit, and we didn't have anything in the repository yet, well, we had a couple of logos and that was it. How do you hit the limits on a repository when you don't have anything there? It's really been a whirlwind in terms of how quickly and how much interest people have in this. And, and one of my goals is, I want to figure out how do we keep this, not only as a community endeavor, but how do we actually help everybody to be part of this? There's so much energy, and there's so much initiative that's coming through the Slack channel, IRC, email everything. So many people want to be part of this, and I just want to figure out how we can do this in such a way that everybody can be part of this. I want this to be a gigantic community inclusive group, and I want this to be cool and fun, where everybody who wants to take part in this can. To me, that is the perfect solution. Noah Chelliah: I'd say you're off to a great start, my friends. So you're a System Administrator, and you have a CentOS eight box in production. And now you know that by the end of the year, you're going to have to do something else. So we skate to order two of 2021, and Greg's plans comes together and sure enough, there's an ISO available and now we have a distribution. How difficult is it going to be for Administrators to convert a CentOS eight box to a Rocky Linux eight box? Greg Kurtzer: Literally one command. You don't need the ISO, you don't need anything. We're not talking about, you know, CentOS binaries are not restricted by ULA like Red Hat Enterprise Linux binaries are. Because it's CentOS, it is a freely available operating system, there's no restriction and there's no ULA quote unquote, that users cannot continue to use those binary. So the easiest way of managing the switches, you literally run one DNF command and you install our release package. And we will have a single copy paste this command into your terminal and it will basically go grab our release package, install our crypto, our GPG keys and whatnot into the system. It'll change all of the young repos, I am sorry, DNF repos on the system to point to our mirrors, and then updates and everything that you're expecting, will just continue on and there'll be zero disruption. Noah Chelliah: Wow! That's going to be fantastic. That's great! That's exactly what everybody who has a CentOS box in a production wants to hear right now. Let me ask you this for kind of a larger picture because you are one of the view people that can answer questions like this. Over 20 plus years, you have been involved in open-source and started many projects and led many projects and handed many projects off. What lessons have you learned throughout the years? And what do you take away from starting Rocky Linux today versus starting CentOS, whatever it was 10 years ago? What's changed? Is it easier? Are there more tools available? Has the perception changed? Funding changed? What stands out to you? Greg Kurtzer: Well, the stack has moved up considerably. It's kind of, it's depressing when you tell me I've been doing this for like 20 years, but stack has moved up. My skill set now is really core Linux, and it's funny because I'd see people advertising jobs for full stack, and it still boggles my mind that the full stack doesn't include the operating system. How could you have a full stack without the operating system? But that's where the technology and that's where everybody is kind of gone to it. But in doing that, we've changed the infrastructure, and the infrastructure now that is going to be running this, and building this operating system and building these packages is a completely different environment than what we had on the early days of CentOS. I kind of alluded to this already, but it's because of that, that we can do things in an extraordinarily different way and in a more scalable way. And that's some of the things that I'm, I'm really interested in and I've completely gone in another direction. I think I forgot the question now, so hopefully I either answered it or I'm going in the right way. Noah Chelliah: Yeah, no, you are. I think about back in the 2000s or mid-2000s, and if you wanted a website while you were probably going to purchase a server, and then you're setting it up in either at your apartment or your friend's place, or maybe you knew a business that had a place that had some static IP addresses, you could do it there. Today, you go on to your VPs of choice and you rent a server and you spin it up with whatever distort you want. And then you spin up the Docker containers you want, and all of a sudden communications tools and websites and sponsorships from other open source projects if you need that, all of those things are just available. The biggest thing to me Greg, is today, it's perfectly acceptable to say, I'm going to take source code, and I'm going to write it in this open way and put it up on this repo, and I want people to help fund this and people can wrap their brains around that. I suspect in the, in the 2000s, if you told everybody I wanted to start a software company, and I want you to pay for it, people look at you like you have four eyes. Like that doesn't make any sense, that's not the way we develop software. And so to a certain degree, I think the expectations in the IT sphere in general just have changed. And I'm just wondering if there was anything that stood out to you like, yeah, that was a lot easier. Nick life, for example, to spin up the website or WordPress to spin up the website, as opposed to sitting there writing HTML and in notepad plus or whatever the difference is. Greg Kurtzer: Still when I go to create a website, I'm still opening up like a VI session with Apache, although I started to upgrade to engine X, so that's a big step for me here. Noah Chelliah: I'm multithreading. Greg Kurtzer: It's still VI, so you don't want me creating the website. It's a matter of fact to mean the same thing for the build infrastructure. Again, I kind of joked about the build infrastructure could literally be a wild loop in bash, just GRI calling RPM build and pulling packages as they become available. I mean you could do that, right? But it's not scalable, it's not something that is going to drive a community and going to drive engagement with that community and whatnot. So yeah, I remember now, I got lost because of the thinking back through my 20 years of age and yeah and whatnot. Noah Chelliah: It's been a long ride, hasn't it? Greg Kurtzer: It really has. It really has, and in terms of lessons learned, which I think is where you were originally going with that or asking me about, there are definitely alot in some cases. Sorry, I'm going to go a little quick tangent. There's another interview that I did with the Community Manager of CentOS before all of this happened, and they just wanted to interview me for the 15th year CentOS anniversary. And that interview kind of became two parts, and the first one was, what was CentOS like in the early days and what kind of happened? But the second part of this was, and it was something that Rich, who was interviewing me, kind of called out is a little bit different, which is kind of my approach to building open-source communities. And when I first got involved with open source, 20 plus years ago, it was a harsh community, right? You had to have pretty thick skin and you had to be able to take quite a bit of attitude. I mean, there's a reason why Torvalds is kind of known for being somewhat on the harsh list and maybe that's an understatement. But it's because, when this whole thing started, it was not a kind community. Noah Chelliah: Right. Greg Kurtzer: And I actually just didn't hold up very well in that, I didn't enjoy it. I didn't like it, but I really wanted to take part in this. And I found that it was easier for me to help lead a community and set the tone of a community from a very different perspective than trying to join a community that was already kind of, set in its ways. To me, that was always very important, to make sure that that community was helpful, was friendly. We checked our attitudes and our egos at the door, and we basically are all on the same team and we're trying to figure out how to solve this problem again, all being on the same team. Noah Chelliah: Be the change you want to be. Greg Kurtzer: Yeah, no I mean, I hate to sound cliché, but yeah, that's really the big lesson learned, I think that I've taken with me through all of this. Noah Chelliah: Are you cool taking some phone calls? Greg Kurtzer: Absolutely. Noah Chelliah: 1855450Noah, that's (855) 450-6624. The email live@asknoahshow.com Walt joins us now, Walt welcome into the program. Walt: All right. Thank you. How are you? Noah Chelliah: Great, great. Greg Kurtzer: Hi Walt. Walt: Hi. How are you? You know I'm stumbling on my words, I'm sorry. I've been a Mac user since the very beginning, when I was a kid, I was assembling Ram modules with the little cores under microscopes. But what I'm wondering is what can be done to prevent, corporate steals of the product with an open source, a completely open source community, to an extent that they can easily breach the security of the platform? If it's a new platform, I know it's Linux and I'm trying to figure out how we can all get away from the big corporate structures where you ultimately end up having to buy expensive subscriptions to applications or other aspects for large sums of money that really don't deserve to be paid? I don't know if I said that right, I'm kind of new at this so forgive me. Noah Chelliah: Nope, no worries. Walt: Do you have any plans to package, say the education platform, like a mobile laptop for education, tablets for limits, just a complete series of products that are geared to specific hardware configurations that would be popular by consumers. That would also be interested in becoming part of the open source community. I think open source is where it's at, alot of people have been getting really really rich, and I'm not opposed to that, but when you have to pay $3,000 for a server that maybe holds five seats or 10 seat, that's ridiculous for upstarts. And it really hurts entrepreneurs, people who are trying to get into business and try new things and develop some sort of strategy. Noah Chelliah: So I think you kind of touched on this a little bit Greg, but, if I understand your question well. Essentially he's asking what protections are in place to ensure that the same fate of CentOS doesn't happen to Rocky Linux? What's to keep that from all of a sudden to some corporate interests looking over and saying, "Yeah that looks like that would be a good thing." I think you kind of touched on that, you said you've taken some steps to try to insulate Rocky from even your own Company. Greg Kurtzer: Yeah, exactly. And I would actually take it even a slightly different way, which is, I want companies to be able to leverage this because some of the points that Walt made regarding being able to add value in terms of specific hardware, custom hardware, custom integrations, additional capabilities. I want them to have a stable community-based open platform that they can leverage this and do this on. I absolutely want people to make money through this, and I want to give them the confidence that they can create their products based on this. They can build their infrastructure based on this without the fear that anything's going to happen to it in a negative way. You brought up corporate, like a hostile takeover and a matter of speaking. The nice thing about it being a completely open community, with an open charter, open direction, and being as transparent as absolutely possible, while protecting this as absolutely possible is really key. And putting that messaging out there, putting the intentions of the organization out there, and making sure that we hold ourselves to be true to that is incredibly important. And one way that we can do that, is not just putting it up on our website right? Because the website can change, sure we got the way back machine, we got the archive, people can go back and see it, but let's be a little bit more upfront with it. Let's put it on every release of every version that we're releasing, let's put it on the mirror, put all of our Carter's and all of our policies and our vision on that mirror, that's going to be archived and available anytime somebody downloads this. I see this as a way of not only bridging and gaining confidence in both educational, commercial, government, hobbyists, entrepreneurial, but it also keeps us honest. And not that I'm worried about us not being honest, maybe I'm naive in that. But I want people to realize how we're approaching this and the direction of how we're approaching this is really in the best interest of the community at large, to ensure that there is that stable platform for people to leverage and that it's not going to go away. Hopefully I touched on a couple of points that answered your question. But it was really good question, thank you. Noah Chelliah: Yeah, thanks again. Open the phone lines, 855450Noah. That's (855) 450-6624, the email live@asknoahshow.com. So Greg, if people are hearing this and they're saying, "yes, I am excited, he has convinced me this is the place I want to be and it's an open inviting community and I want it to be a part of it." Where are you directing people now? Greg Kurtzer: So we have a website, rockylinux.org. And from there, there's a link to join the Slack community that we have up, as has been mentioned already, we're going to be moving this over to Mattermost, here hopefully pretty soon. And we're really at the upper limits of what Slack is able to handle on a free account, and we can't afford the commercial account with Slack. So we're going to be moving as I mentioned to Mattermost, so probably in this next week, we're going to see that move. We want to, welcome people to come and join the Slack, and just be aware that, in whether it be a couple of days or a few days, we're going to be moving this. So you'll have to get another account on Mattermost, but we're going to try to transition as seamless as possible, but yes, please join in. We also have a Google form, where if you are interested in contributing from a development effort, please do fill that out. Now, I want to just mention one quick thing if you don't mind. We've had a lot of people fill out that developer form, and people that want to contribute. We've had over 400 the last time I looked, people who are trying to be part of this organization, contribute, develop, and so on and so forth. And as a result of that, it's even just taking us a long time just to go through that whole list. So if you've already, submitted something to us, sorry, it is taking longer than expected. We do have a few people that are going through every one of those, and we're matching those up to teams. And those teams are currently within Slack, within certain channels within Slack. And we have team leads, and we're trying to orchestrate everybody to go into the right team and do the right introductions. But if you just want to jump right in, jump into Slack, jump into Mattermost, depending on when you're listening to this and find the channels in the areas that you're most interested in. Jump into those channels, listen to the conversations that are occurring there, and if you don't see anything right away that's applicable, introduce yourself, "say hi, say this is the kind of stuff that you know I can do, and I'm interested in helping," and you will definitely get a very positive feedback. And we would love that, so please join. Noah Chelliah: Greg Kurtz, Kurtzer, excuse me. Kurtzer he is the Executive Director of Rocky Linux, a bug for bug Red Hat Compatible Distribution. You can learn more@rockylinux.org, we'll have the Google form as well as rockylinux.org link for you in the show notes. Greg, thank you so much for taking the time to join us here. We really appreciate all of the effort that you're doing, what you're doing, the way that you're going about doing it, the way that you're being open and transparent to the community. We'd love to get you back on the program in the future. Greg Kurtzer: My pleasure. This was a lot of fun Noah, thank you so much for the opportunity. And yeah, looking forward to talking again. Noah Chelliah: Fantastic. 1855450Noah, its (855) 450-6624, the email live@asknoahshow.com. In our feedback segment this hour, Jeremy writes in, he says, "Hey Noah I love the show, a couple of questions for you. I agree with you on Wi-Fi, that UniFi is one of the best options. On one of your recent podcasts, you recommended the UniFi UAP-AC-PRO, which has been your experience with the 45:39 UniFi UAP-AC-PRO versus the nanoHD, especially if most of the devices are 5GHz. The nanoHD seems to be a better choice. What are the strongest reasons to choose the AC-PRO over the nanoHD besides the slightly lower cost of the AC pro? Well, I will tell you, Jeremy, first of all, you're right. The nanoHD is a fantastic product, in fact, I would tell you that the vast majority of all of the UniFi lineup is a great product. There are only one or two of them I might stay away from. The UAP-AC-PRO rolls off my tongue, primarily because it's what we use most often in hotels. And it is because of the price for performance features. It's just the product that is best placed in the cheapest thing for the most amount of bang for your buck that you get. And so we have literally two shelves full of them, and so it just happens to be the first model that I think of. But if you have a large house, I should say, the nanoHD is a great way to go. I would tell you that if I were to upgrade the Wi-Fi in my house, if my access point died tomorrow, I wouldn't probably upgrade it with a UAP-AC-PRO, I'd probably upgrade it with the UAP-APHD, which is the bigger brother of the nanoHD. The only ones I would stay away from, I would stay from any of the long range access points, the APAC-LR, and the original UniFi APLR. Both of those devices, it was a great idea I guess. The problem is that they talk out farther than they can hear. And so in reality, they don't actually get you anything, you have to turn them all down to low power to get them to work reliably anyway. So I would stay away from the long range ones, any of the rest of the lineup from UniFi to include, they have a little in-wall unit that's real popular inside of, if you're doing like one access point per room in your house. And all of their access points are enterprise grade, and so you're not going to have to worry about what features come with one or the other. And so, yeah, if the nanoHD is what you want to go with and you have the budget for it, it is a smaller, a more up-to-date access point even. Hey, Jeremy, second question. What security and VR solution do you recommend? I want to support 16 cameras at 5 megapixels, 4k PoE IP cameras, Owen VRF compliant, H 265 over RTSP. I'm looking at Blue Iris Synology or a hardware based NVR. Synology seems underpowered, the hardware based in VR are mostly made in China and there's questionable security. They rarely get firmware updates and don't have the best UI. Blue Iris requires running Windows. There does not seem to be a great solution, some just okay, options. What do you recommend and why? I would start with this, I would encourage you to head over to synology.com and use their product selection tool. I'll have it linked for you in the show notes at podcast.asknoahshow.com. When I put your recommendation, or when I put your requirements into their selection tool, they spit back to me, the Synology FS 6400. Which can be upgraded to up to 512 GB of Ram, comes with a Dual Intel Xeon 8 Core Processor. So I guess I would dispute a little bit that Synology is underpowered. I think that they have more powerful devices, they may cost more money, but I started out in that boat. I was very very skeptical to get on the boat of Synology because I thought, I don't really want a security solution that's kind of an afterthought. They built a Nas and they hacked on a security solution, and I don't really want that. And that is not an accurate summation of first of all, how surveillance station came about, second of all, the emphasis that Synology places on it, and third of all, the way it actually works. If you took a Synology disc station installed surveillance station on it, put a fancy label and put it in the store next to the Honeywell’s and the Blue Irises and all of that. And you just picked it up and didn't know that it was supposed to be a NASA originally, and this was a third-party thing that Synology added on after the fact. You would think it was born to be the world's best NVR, they just worked that well. And the thing is, when our customers go out and their experience is primarily going to be based off the mobile app, because that's what they use to look up footage, that's what they look to seek back in their timeline, that's just the way that people want to interact with the device. And so their mobile app DS cam works fantastic, if you are one of those power users and you want to log in through a web UI and configure all of the things, you can certainly do that, or because if you're buying all ONVIF compliant cameras, which you should be, then you not only can you bring them into something like the Synology and have that for recording and management, but you can also use something like pie, display cameras to render them out onto a matrix so that you can see them on a TV for options. I agree with you, that the most of the hardware based NVRs are just cheap Chinese junk. I might look at GeoVision, they have a Linux-based NVR. GeoVision is not a Chinese company, they're a Taiwanese company, and the build quality seems to be slightly better, but it doesn't even hold a candle in my opinion to the Synology. And so if you're looking for the best one out there, I've tried them all, Synology seems to be the best. Even Blue Iris, if you're loading it on a windows system, when we took the software licensing completely out of the equation, the reliability is going to be higher on the Synology than you're going to get with a Windows 10 machine, because it's going to nothing else restart for updates. So that would be where I start, but even if I'm wrong, the vast majority of the money that you're going to spend will not be in the NVR itself, it may be in the NVR licensing. The vast majority of the cost is going to be tied up in the cameras. And so I would focus a lot on what cameras are going to buy, of course, we would recommend GeoVision access. By the way, to exemplify what I mean, when I tell you that Synology this is not necessarily this isn't just an afterthought. They purchase access cameras and test surveillance station against whatever the latest access lineup is. Top security camera manufacturer in the world, that's what they're using to test against. So it is a tier one product that just is. Our pick of the week this week is Snapdrop, local file sharing in your browser, inspired by Apple's airdrop. You learn more @snapdrop.net. Now underneath the hood, this is very simple, it's a vanilla HTML, five interface, web RTC, no JS backend, and a little web app. And so essentially you visit the server in your browser, you don't need an account, you don't need to set anything up. It just pops up and says, you're known as yellow yak, and then it says, have a friend or family member open a browser. And so they open a browser and they go to Snapdrop.net and they'll be known as something else. But then they see yellow yak in their browser, and if they just drag a file and drop it over yellow yak, it pops up in your browser and you can download it, coolest little thing ever, just have to be on the same network. Of course you can self-host, it comes in a Docker file. Our gadget of the week, the Dual Sense wireless PS5 controller. The Dual Sense wireless controller for the PS5 offers immersive haptic feedback, dynamic adaptive triggers with built in microphone integrated. Okay, here's the thing. You may not have a PS5, you might not even like Sony. I don't have a PS5, I don't even like gaming and let me tell you why I still might want one of these things. This is from a Roderickcolenbrander@sony.com. It's a submission for a patch into the Linux Kernel quote. "I am pleased to share with you a new Linux driver for the PlayStation 5 dual sense game controller. The drive supports dual sense in both Bluetooth and USB modes. Most controller features are supported, including led touchpad motion, sensors, and rumble. The dual sense supported implementation of a new HID PlayStation driver, which will be used for peripherals by Sony interactive entertainment. HID Sony will be used for devices for a larger Sony group, we intend to migrate existing devices over to this gradually to HID PlayStation. We do not want to cause any regression, and we want to maintain quality as such moving unit tests are important. And we have started by providing these through HID tools, including dual sense, not supported yet unique features introduced by dual sense, such as adaptive triggers and VCM based haptic. These features require a large amount of data and complex data structures. It's not clear how to expose those. The current endeavor and FF frameworks are too limiting, we hope to have a dialogue on how to expose these over time in a generic way." And of course, what he's referring to is this new game controller that Sony has designed for their PS5 has a really interesting way of providing haptic feedback. Not only can they do adapt to triggers, so for example, if you're pushing a brake on a car, it's going to push back as a break would, if you're firing a firearm, it's going to feel like the trigger of a firearm. It can simulate those different things. They've also placed haptic feedback, so when you're getting thrown back in the seat of a racing game, you feel that in your hands, on your controller. Now, the thing that was so cool about this is first of all, that it works on Linux. Second of all, that it's Sony proper, that's writing this patch and then submitting it. And this guy that works for Sony, and he wrote this driver and send it in. If you would have told me 10 years ago, or 15 years ago, that Sony was going to be writing drivers and willingly submitting them to the Linux kernel so that we would have good support with their controller, I would have told you that you're crazy. Articles that we didn't have time to get to in the show today, Xfce 4.16 has been released. There are a number of new features, they've cleaned up a lot of stuff. A lot of noteworthy updates, you'll have to check out the show notes to learn more. Dark table 3.4 Encore, one of the best professional photography tools out there. This is the second major release that they've had in 2020, over 5,500 commits, and they've improved so much stuff inside of dark table that I don't even understand all of the things that they have changed. But over 5,500 commits, a lot of new tools and new filters that have been introduced. So if you're a user of that up, you're definitely going to want to go check it out. That's it for this week, we're back next Tuesday, 6:00 PM central asknoahshow.com to stay with the latest to follow us on Twitter @asknoahshow, you can follow me personally @kernellinux, of course, all of the articles and references that we used throughout the show. We released some as "show notes in the podcast." You can find it at podcast.asknoahshow.com. Everyone have a great week, we'll see you back here next Tuesday, 6:00 PM central, asknoahshow.com.