I like the idea behind ostree and bootc, but I feel that OCI (with tarlayers) is not a good fit. `repack` makes an absolute hash of things, and since the layers are logically packaged, they will have to be composed somehow, and then ostree becomes only slightly more useful than coreos's A/B usr.
OCI roughly assumes that layers will be laid out in some logical way, and that a given host will see opportunities to reuse across different instances, but with bootc, there will only ever be one instance.
OCI also assumes that individual layers are small enough that it is always worth pulling and unpacking a layer instead of some kind of authentication delta, which is great for a k8s cluster in a center, but not great for devices out on the edge, where you might want this kind of pseudo-immutable system even more.
I really want some standardized way for a manifest in OCI to say that "this content is also available in other format X here".
Trademarks are about recognizability, not about some objective similarity. There's no magic Levenshtein distance from a trademark.
However, they are also scoped to domains, so if there was some non-car business with such a name, they would also be entitled to the name, and the domains tend to be first-come first-serve in those kinds of cases.
Think of all the "Acme" or "A-1" companies that all have different products, and the general public doesn't have an issue conflating them.
I agree pretty strongly. A translation layer like this is making an intentional trade: Giving up performance and HW alignment for less lead time and effort to make a proper port.
I wonder which [publicly listed] companies would look at the abandonment of Jetson and still commit to having Nvidia set the depreciation schedule for them.
It's my opinion that nvidia does good engineering at the nanometer scale, but it gets worse the larger it gets. They do a worse job at integrating the same aspeed BMC that (almost) everyone uses than SuperMicro does, and the version of Aptio they tend to ship has almost nothing available in setup. With the price of a DGX, I expect far better. (Insert obligatory bezel grumble here)
At least in most jurisdictions, the egress to a gathering area can __never__ be blocked, there is some provisions for delay on emergency exits, but those require NRTL certification, and are actually usually mechanical.
You might be able to lock it down during periods of limited occupancy, and you can rig it to an annoying alarm, and maybe try to identify the person, and ban them from future. It is possible to get variances for this, but you usually need to either be a medical or penal facility.
Thanks for clarifying the finer points, my exposure to these systems is sending people to wire them up (mostly electrical but sometimes the control wiring) and not so much on the code side.
I looked up a wiring diagram for a similar gate and saw it had a fire alarm input so I assumed the AHJ in this case approved it based on the ability for the gate to open when an alarm condition is detected. That being said, it seems like a danger to me.
A regional hardware store chain has turnstiles at the entry points and swing gates at exits, which seems much safer for access control in a big box store.
Most run on hardware that is not supported by seL4, or at least on hardware where it has not been validated.
Not to mention that a task manager would be needed as well as tons of other services which aren't provided out of the box, and don't share the verification provided guarantees.
Pretty much all of them allow unrestricted access from KMS from factory, tough all of them have a way to disable it once configured, and HPE even throws shade until it's limited. KMS only works from the host itself.
OCI roughly assumes that layers will be laid out in some logical way, and that a given host will see opportunities to reuse across different instances, but with bootc, there will only ever be one instance.
OCI also assumes that individual layers are small enough that it is always worth pulling and unpacking a layer instead of some kind of authentication delta, which is great for a k8s cluster in a center, but not great for devices out on the edge, where you might want this kind of pseudo-immutable system even more.
I really want some standardized way for a manifest in OCI to say that "this content is also available in other format X here".
reply