diff options
| -rw-r--r-- | guix-blu-2016-01-20.org | 217 |
1 files changed, 217 insertions, 0 deletions
diff --git a/guix-blu-2016-01-20.org b/guix-blu-2016-01-20.org new file mode 100644 index 0000000..b5c4377 --- /dev/null +++ b/guix-blu-2016-01-20.org @@ -0,0 +1,217 @@ +#+TITLE: Functional Package and Configuration Management with GNU Guix +#+AUTHOR: David Thompson +#+EMAIL: davet@gnu.org +#+DATE: Wednesday, January 20th, 2016 +#+DESCRIPTION: +#+KEYWORDS: +#+LANGUAGE: en +#+OPTIONS: H:1 num:t toc:nil \n:nil @:t ::t |:t ^:t -:t f:t *:t <:t +#+OPTIONS: TeX:t LaTeX:t skip:nil d:nil todo:t pri:nil tags:not-in-toc +#+INFOJS_OPT: view:nil toc:nil ltoc:t mouse:underline buttons:0 path:http://orgmode.org/org-info.js +#+EXPORT_SELECT_TAGS: export +#+EXPORT_EXCLUDE_TAGS: noexport +#+LINK_UP: +#+LINK_HOME: +#+startup: beamer +#+LaTeX_CLASS: beamer +#+LaTeX_CLASS_OPTIONS: [bigger] +#+COLUMNS: %40ITEM %10BEAMER_env(Env) %9BEAMER_envargs(Env Args) %4BEAMER_col(Col) %10BEAMER_extra(Extra) +#+LATEX_HEADER: \beamertemplatenavigationsymbolsempty + +* About me + + - GNU project volunteer + - GNU Guile user and contributor since 2012 + - GNU Guix user since 2013 + - Day job: Ruby + JavaScript web development / "DevOps" + +* Overview + + - Problems with application packaging and deployment + - Intro to functional package and configuration management + - Towards the future + - How you can help + +* Preface: User autonomy and control + + It is becoming increasingly difficult to have control over your own + computing: + + - Growing number of applications that cannot be reasonably packaged + for GNU/Linux distributions + - Self-hosting web applications requires too much time and effort + - Growing number of projects recommend installation via =curl | sudo + bash= or otherwise avoid using system package managers + - Users unable to verify that a given binary corresponds to the + source code + + This is bad for desktop users and system administrators alike. + +* Problems with package management + + - Global state (=/usr=) that prevents multiple versions of a package + from coexisting + - Non-atomic installation, removal, upgrade of software + - Nondeterminstic package builds + - Proliferation of language-specific package managers + - Reliance on pre-built binaries that few can build from source + - Binary bundles (a la OmniBus) complicate secure system maintenance + - System package managers do not allow unprivileged operation + +* Problems with mainstream configuration management + + - Imperative paradigm makes software overly-complex and brittle + (idempotence is hard) + - Promotes one disk image per application to cover up underlying + package management mess + - Made primarily for developers for server maintenance, but all + users could benefit + +* Qualities of good software + + - System integration + - Reproducibility + - Security + +* System integration + + - Use the system package manager! + - Not uncommon for today's web applications to require 2 or more + package managers to get all dependencies + +* Reproducibility + + - Growing number of free software projects that no one knows how to + build from source + +* Security + +* Solutions? + + - Ansible? + - Docker? + - OmniBus? + +* Functional package management + +* What does it mean? + + Treating package builds as functions, in the mathematical sense... + +* Why? + +* What's wrong with dpkg/yum/pacman/etc.? + + Lack of transactional updates, rollbacks, unprivileged package + management + +* What about Docker? + + Trusting random binaries, non-reproducible, no provenance, opaque + disk images... + +* Reproducible builds + +* What are they? + +* Why is it important for security and freedom? + + reproducible-builds.org + + guix challenge + +* GuixSD: Configuration management + + guix system, declarative interface, fully free, system rollback + +* Choice of language + +* Off the beaten path + + Guix takes a different approach than a lot of other + package/configuration managers + +* Embedded vs. External DSLs + + Using an extensible programming language as a host has several + advantages compared to external DSLs: + + - No new parser, interpreter/compiler, editor tools, etc. to + maintain + + - Access to all available libraries of the host language + + - Extensions to the host language can be used as a library by + others + + Not all general-purpose programming languages are suitable for + embedding new languages, [fn:1] so which did we choose? + +* Guile Scheme + + - GNU Guile is a Scheme implementation and the official extension + language of the GNU project + + - It's a great choice for EDSLs because of Scheme's hygienic macro + system + + - It's a great choice for Guix because purely functional + programming is well-supported in Scheme + +* Guile all the way down + + Guix uses Guile for nearly everything: + + - Initial RAM disk + - Init system (GNU Shepherd, formerly GNU dmd) + - Package recipes (including build scripts!) + - Command line tools + - Low-level POSIX/Linux utilities (such as =call-with-container=) + +* Guix as a library + + Guix is a big collection of Guile modules. + + Packages are first-class Scheme objects. + + Anyone can use Guix as a library to write new Guile programs that + manipulate package recipes, create new user interfaces (like a web + UI), etc. + +* Development environments + + guix environment + +* UIs + + CLI, Emacs, web prototype + +* The trouble with language-specific package managers + + Why Guix is better, how to pull in foreign packages with guix + import, update them with guix refresh + +* Project status + +* Join us! + + - Chat with us in the =#guix= channel on Freenode or on the + =guix-devel@gnu.org= mailing list + - + +* Thank you! + + Any questions? + +* Legal + + © 2016 David Thompson <davet@gnu.org> + + This presentation is licensed under the Creative Common Attribute + Share-Alike 4.0 International license. + +* Footnotes + +[fn:1] "How to be a good host: miniKanren as a case study" \newline +Dan Friedman and Jason Hemann +https://www.youtube.com/watch?v=b9C3r3dQnNY |