From 3bff42c4e1fad8821081cb65c43fb473ac2609f3 Mon Sep 17 00:00:00 2001 From: Simon de Vlieger Date: Fri, 15 Mar 2024 12:48:43 +0100 Subject: [PATCH 1/4] index: first occurence of OCI made into link Signed-off-by: Simon de Vlieger --- index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.md b/index.md index 5742bad..1bd6002 100644 --- a/index.md +++ b/index.md @@ -5,7 +5,7 @@ layout: home ## Image Based Linux with Bootable container images -Over the last decade, OCI containers have become a de facto way to deploy a complete functioning Linux user space as an application. +Over the last decade, [OCI containers](https://specs.opencontainers.org/image-spec/) have become a de facto way to deploy a complete functioning Linux user space as an application. A large set of practices and tooling has evolved around them. Bootable containers are a modern opinionated way of deploying, configuring and managing immutable image based Linux systems. From 614c5bb51cc934e68d0eea62b2a72a8faf73f44b Mon Sep 17 00:00:00 2001 From: Simon de Vlieger Date: Fri, 15 Mar 2024 12:54:44 +0100 Subject: [PATCH 2/4] index: make use of 'both' The sentence has a 'both' in there. Signed-off-by: Simon de Vlieger --- index.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/index.md b/index.md index 1bd6002..e06f1ac 100644 --- a/index.md +++ b/index.md @@ -24,8 +24,7 @@ The system either uses the contents of the old system, or the new image; Never s Updates can be delayed or scheduled. This default behavior can be adapted or controlled by a larger management system. -1. It should always be possible to factory reset back to both the known built behavior of the system. -It is always possible to rollback to a previous behavior if an updated image does not function correctly. +1. It should always be possible to factory reset back to either the known built behavior of the system or roll back to previous behavior if an updated image does not function correctly. 1. A cryptographic trust chain that runs from the hardware, through the boot loader, through the operating system all the way to the apps ensures that only the expected code is run, and the contents of the operating system and applications have not been changed unexpectedly. If something has been changed, or changes at runtime unexpectedly, the system can alert or stop. From 459e4885114e36fa2d5ecbb38593ebac2f0e7797 Mon Sep 17 00:00:00 2001 From: Simon de Vlieger Date: Fri, 15 Mar 2024 12:55:10 +0100 Subject: [PATCH 3/4] index: apps -> applications Signed-off-by: Simon de Vlieger --- index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.md b/index.md index e06f1ac..913ad52 100644 --- a/index.md +++ b/index.md @@ -26,6 +26,6 @@ This default behavior can be adapted or controlled by a larger management system 1. It should always be possible to factory reset back to either the known built behavior of the system or roll back to previous behavior if an updated image does not function correctly. -1. A cryptographic trust chain that runs from the hardware, through the boot loader, through the operating system all the way to the apps ensures that only the expected code is run, and the contents of the operating system and applications have not been changed unexpectedly. +1. A cryptographic trust chain that runs from the hardware, through the boot loader, through the operating system all the way to the applications ensures that only the expected code is run, and the contents of the operating system and applications have not been changed unexpectedly. If something has been changed, or changes at runtime unexpectedly, the system can alert or stop. The builder of the images can sign the images with keys that are under their own control, or of course build images and deploy systems without a trust chain. From ff8265561328c75f7d66d0317f36f66d05634908 Mon Sep 17 00:00:00 2001 From: Simon de Vlieger Date: Fri, 15 Mar 2024 13:36:15 +0100 Subject: [PATCH 4/4] index: capitalize Bootable Container Images Signed-off-by: Simon de Vlieger --- index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.md b/index.md index 913ad52..d7abd71 100644 --- a/index.md +++ b/index.md @@ -3,7 +3,7 @@ title: Goals layout: home --- -## Image Based Linux with Bootable container images +## Image Based Linux with Bootable Container Images Over the last decade, [OCI containers](https://specs.opencontainers.org/image-spec/) have become a de facto way to deploy a complete functioning Linux user space as an application. A large set of practices and tooling has evolved around them.