 Hey Alexander, so do you want to introduce yourself for the guests? Yeah, great. So I'm Alexander Schwartz. I'm working as a principal software engineer at Red Hat on the Key Clock team. I've been working with Key Clock for I think eight or nine years now. Okay, but not with Red Hat, right? Yeah, like I did the first pull request in 2015 as a community member and since January 2022 I've been employed by Red Hat and yeah it's cool. I'm working fully remote from my home office near Frankfurt. Oh nice. In Germany. Yeah, there is a Red Hat office though in Frankfurt, right? Yeah, there's one, but I in these one and a half years I never visited it. Yeah, I can see how that might be. But yeah that's cool. It's funny, I talked to my students about how one of the interesting ways to get a job these days is actually to go and contribute to like an open-source project and then you know eventually you might just get noticed by the organization that sponsors it so that you can you know potentially get a job doing whatever it is you really like. Is that how you kind of got to Red Hat or was there other considerations? Yeah, well there have been also other considerations so it's like I've been working as an IT consultant, I've been doing a lot of traveling before COVID, then working with customers, setting up for job applications, doing then key clock for authentication and authorization and then this project was looking for a new members at Red Hat to join that was cool and so I applied but then there's not only Red Hat contributing to that project so right even if you pick a project like key clock there are lots of companies working in this area and there might be other companies outside Red Hat looking for it as well so it's not just on a single company that's a good thing with open-source projects, you might change the employer but not the project. Right, right, yeah so okay so you were working on key clock it kind of pulled you in, what got you into open-source in the kind of the first place? Well I think I've been in an open-source since I was maybe 14-15. Oh yeah, yeah. So there were actually networks before the internet you know, Fido, I was a Fido point if that's something that rings the bell with you. Well it's like your mailbox is connecting together and transfer emails like two or three times a day so it was in the old days. Oh yeah, yeah. I'm kind of old. My college was actually on BitNet so I do have some experience with the precursors to the general internet but yeah. Well as the internet then came up Fido was kind of dead over time and yeah I think it was online with Comp yourself. Oh right. When they distributed all these CDs. Yep, yep I remember them. And when I had done, at least before I had Comp yourself, like open-source was hosted on FTP service at that time and you had Bit FTP so you can send an email to a service that then grabs a file. I remember this well, yeah exactly. And you would, the hardest part that I think people don't realize right is you would have to send an email to the FTP server to get a listing of what was there so that then you could send an email asking for whatever was there. Yeah it was timed and then you don't have to mess with all your administrator if you're sending too many emails, too many volumes. Yeah yeah it was back in the time but then still once there was an internet with Comp yourself and others I had the static website and from static websites I went into PHP doing like personal projects and doing programming. Gotcha. That was really cool and then I think around 2000 I then gradually went into Java when I was working in the bank. Gotcha. Yeah I, my first website was actually in Perl, that's being in PHP, but yeah it was pretty cool because it would actually, it was like a search engine but it would generate more Perl code to do the searches and then execute the Perl kind of on the fly which was pretty crazy. So yeah so this is exciting driving. All right so you've kind of gotten into key code for a long time and and so what you know what do you think is coming with Key Cloak or what's what's kind of hot on the horizon in your opinion. Yeah so with Key Cloak we've been targeting both cloud and non-cloud environment at the same time for for many many years so we're running an OpenShift you can but he's still down on the zip file and extracted and running with OpenShift DK and that's really cool and I think sometimes you want to develop on a local machine you don't spin up too many containers anyway you just want to have it up and running without it and that's cool on the other hand integrating with the cloud native space there are still a lot of things to do thinking of maybe cloud native events that we really natively integrate with that so we can get notifications in a cloud native way of when somebody logs in and does stuff so that's going to be interesting right we might have more showcases where you secure your cluster with Key Cloak and all your community API server. Yeah I mean it's it's one of those things it's I still feel like it's kind of in your kind of average website is not kind of a solved problem of the you know how do I get you know kind of authentication just kind of out of the box right and you know I think Key Cloak is you know doing a pretty good job of of trying to solve for that problem. Yeah it's it's kind of a daunting problem like managing your users it's not like authentication authorizations but everything a user wants to do like they want to register they want to have some terms and conditions confirmed they forget the passwords right it's it's all that stuff that you don't want to reinvent because it's hard to do it right and on the other hand we have communities in the Key Cloak space like the financial great API where they kind of define the subset or the way you want to do OpenID connect right as right with the perspective of a bank like it really secure right and this helps a lot because people don't need to worry so much like so that's good on the other hand we are handing out Key Cloak as something that you can customize quite a lot so you can write your own extensions and well hope that it's still as secure as it was before. That's why the approved list of extensions is often a good idea right yeah and I talked to a customer today they say there are lots of SPIs as we call them service provider interfaces and they say well we implemented extensions for 30 of your SPIs I say oh wow that you are doing quite a good job there. Yeah that's nice yeah I think it's it really helps like you know it's like everything else in open source world right it's like you know adoption really helps you know like you know once you kind of have that you know whatever that snowball it really does kind of help your product as much as it helps you know the world right or whatever you know thing that you think is cool so I know we had a couple other things we want to talk about but now after the flustering of taking that first corner I can't remember what it was we were going to talk about next. We can talk about Key Cloak was on the horizon still yeah so I'm also very much into monitoring and observability so at the moment we're I think well it's it's not official package but you can do if you're interested in metrics and tracing and all that stuff you can hook up Key Cloak quite easily with open telemetry with the agent so you edit as a Java agent to Key Cloak was also written in Java and you get lots of nice metrics even down to a single URLs that will give you an idea like what re-arms what are usually users actually doing with my Key Cloak oh okay are they logging in what part of the logging flow are they using yeah are they kind of using the password to set pass flow so that that's all then recorded like how many times has this URL been hit and that's really cool what re-arms are most active right and yeah we want to get or I want Key Cloak to get better in this area so and we should expose more of the metrics what's happening I mean it's pretty huge for like knowing where to kind of put you know like your technical resources right behind your application you know if you can if you have a good idea of what people are actually you know doing you know we can kind of save you money and stuff without having to go and support you know 50 odd different you know kind of authentication methods you know because some of them you have to pay for and you know stuff like that so yeah I think it's telemetry is really nice you know yeah but I think we serve two kinds of users one kind of users is they just want to have an IAM running identity and access management running they don't want to customize it they just want to have it solved right and the other ones they want to tinker with it and make this stuff that they really bring their business forward and we care for both of these right kind of users yeah that's uh I'm definitely in the bucket of I wanted to just like give me authentication right and then and then you know an easy way to say okay this user can do this and user can do that but once you start you might have ideas right right well the other part I mean I think and I think that's a big part of it too is that you get you know as you as your kind of application grows right you really start to find okay this you know oh we we messed up what this role can do right it either has too much or too little privilege and you know and so when you can kind of dynamically modify that and have a good idea of what it's supposed to be doing I think that makes a big difference too yeah so what's the next what would you say is the next big feature that you think is going to land with key cloak yeah well so we've we've been uh talking about uh zero downtime upgrades oh okay um for quite some time I hopefully that will become a reality really really soon uh so the idea is that um when you upgrade from one key cloak version to another key cloak version that you can do it seamlessly in a way that you run it side by side right right yeah I was gonna say because you can't you know it's one of those things where you know if you're changing that user database right you can't you know have a secondary server or whatever yeah well and you can't even just run another one right yeah I mean you you know it's kind of like a hard switch no matter what you do um but you can people are doing lots of things already today sometimes doing like a read-only stuff there or switching clusters and so and and redhead is running uh um key cloak for their own customers as well so we are um eating our own dog food as a as a service no but well no yeah eventually maybe eventually but no like every customer of redhead who's logging in is logging over the instant of key cloak oh right yeah so that's we eating that way for a long time it is it is and we've seen there are lots of lots of requests and requests are growing and key cloak has to um I don't know how to say um keep takes with that right well I mean it's like it's a huge like uh actual use case I bet that would be really nice for that telemetry as well because then you know you know like okay we've got you know all the developer logins on developers dot redhead dot com right or you know are suffering some sort of challenge right but all the ones into the customer portal is not right um yeah but we are not at dev ops yet so I'm um but we're working very closely the two groups working upstream and to work the ones who are actually running this service uh for redhead for our customers right and um and we we brought the downtime uh quite uh down a lot and we are now very very very satisfied with the downtime that's nice yeah um and is the rest of that infrastructure Java or is it using because as I recall like a lot of that stuff is actually Drupal right uh I well I'm I'm not so much in that infrastructure I'm all I can know a bit more how the key cloak setup is done yeah and um yeah and then we lose using lots of features every using um Federation there like having a user data stored another store so all the features that you see in the community edition we are very very heavy users of that functionality in lots of places right and um yeah it makes us a power user it's hilarious but still we need a community to the same community still finds new ways of deploying it and we're open for that both in contributions and ideas um and while the community and the customers while of course there's the open source community um and then there's the the customers who use uh the product that has a subscription with it right right um I didn't know they could drive where the trams go yeah interesting uh what was funny is that the trams in Boston that they are all like on the roads so some of them have dedicated pathway but a lot of them are just like right in the street um and so not only is it nerve-wracking to drive around with um the like the track the trams right next to you in a lane or something but the tracks themselves like you can feel them in the car and so you're kind of like oh you know am I in the wrong place and then you know and like I can judge the distance from another car but judging it from a train is a little bit you know uh a little weird so I generally avoid those roads when driving around Boston uh not that driving around Boston is uh all that simple to begin with but when I was in the U.S. about us like 10s years 10 of years ago 15 years maybe um they had like carpool lanes is that those things oh yeah yeah um yeah there's a few of them usually you see them on the highways rather than you then kind of like you know kind of regular surface roads um but uh yeah no carpool lanes are definitely a thing and usually the best choice um so like if you have a carpool lane option and you have you know somebody else in the car yeah uh they're usually the fastest route so what does count as a carpool two people in the car yeah so yeah more than one basically um but uh yeah and it's also but it's time of day base too it's like you can use the carpool lane when um you are you know if it's not basically rush hour uh without other people usually but you know local local rules apply um yeah well it's always local rules apply yeah yeah exactly I don't know if this is our turn or next one I think I want the next one you want the next one yeah he's giving us a fierce look here oh yeah yeah well I'm not exactly driving the best I've ever driven I'll tell you um okay now he's looking at us at his back mirror yeah exactly well he's nice like a car so um yeah it drives me like I like how it drives it's just you know I got to get used to it which is taking a little while you know yeah okay it's yeah it's the first one I'm here for kubecon so some more drives yeah during the week so uh yeah so what what was the uh we were going to talk about something else too yeah we're talking about ASCII doc oh that's what yeah yeah um I've actually used ASCII doc kind of like off and on uh for a while um the uh it's like we actually did a documentation sprint uh for fedora uh I guess a few years ago now um it was really nice because it was in like northern it was in Spain and then actually we moved to um northern Italy which neither one okay so if you ever do a documentation sprint again just let me know yeah that was always in Spain or northern Italy um yeah it was really nice um it was actually funny we had to change our schedule when we were in Spain um because you know like typically with like conferences or stuff like that um you know you feel kind of feel guilty because you're spending a lot of money to travel right but it made a lot of sense because something like three quarters of the people involved were actually European and so it made sense to do it here somewhere um and so we were planning on starting at like 8 a.m every day and then kind of working whatever and then we got to Spain and we were like this is a non-starter because we couldn't dinner until nine o'clock at night and so we basically ended up shifting the schedule to start at like 10 a.m but then work until 7 8 you know p.m uh which was just it was really funny that you know local culture dictated a change in an entire schedule um yeah it was it was really great uh I highly recommend where were we um uh Sevilla uh cool and uh yeah it was great but so I wrote a big ASCII doc uh builder engine during that sprint cool yeah an ASCII doc um Moldais ASCII doc where you write your documentation as code and you can have your CI CD pipeline really deliver that documentation on a steady website on maybe other things maybe you can generate main pages from that you have your choice and um and Fedora is also using Intora and Torra is then the static site generator that's built I would say on top of ASCII doc yeah yeah and this gives you a navigation on the left uh a navigation bar on the top um you can have a search engine uh feed all that content to a search and then that's an onsite right so that makes it really really nice I think that Fedora documentation sprint is where we migrated to that oh okay cool yeah and I think it was then and yeah Dan Allen did a great job on this one yeah and um I have to say that um I'm working for the uh I'm maintaining the ASCII doc plugin for IntelliJ oh okay and if you were looking for I'd say the best support of Intora and ASCII doc in an IDE um then give it a try with IntelliJ and the ASCII doc plugin so um you will have then not only syntax highlighting in the preview but also auto completion like you would expect it from an IDE right so auto completion for the for the references for the includes and it also picked up the the file structure of Intora so it will know if you worked with Intora you have these things to called modules and components and the special kind of cross references that work really really nicely and um the IDE or the ASCII doc plugin teaches that to the IntelliJ IDE uh but does it is it build it directly in IntelliJ uh it's a plugin you can it's a IntelliJ as an IDE and you can install plugins right the ASCII doc plugin and once you install it it has all the features oh that's cool um yeah the uh I mean I I think you know it's like like I understand the concepts behind like ASCII doc and kind of other mechanisms as well but it's a little bit hard unless you kind of have something doing real time um you know for lack of a better term compilation um because you know it's like I want I want to know what I'm writing kind of as it happens you know yeah um and you know sometimes I use the documentation god forbid um so you know it's kind of a yeah it's nice to have it kind of built in like that so you can get you know and then the is the IDE also aware of the docs kind of as they come sorry um well you have a live preview in your IDE of what you're writing of your writing yeah you have like a split uh vertically usually vertically split editor on the left your type on the right you have a live preview gotcha like um in a sub-second one to type in a sub-second later it will be refreshed right uh in place and you can even um sell tell it well it comes with a standard layout um or style sheet uh csa style sheet and if you go then one step further and tell it well this is the live the the style sheet of my live website you will it will make your preview look like the real side so if you have like maybe special roles for the different parts of the text and how should admonitions look like how does source highlighting look like it will always shown in the preview like it's on the real side oh cool yeah so um yeah we went to some length and there was also very good interaction with the community there um and so with ASCII doc do you have um I don't never think I ran into this too much but is there anything like a kind of a latex type plug-in uh yeah well they're latex I think it's it crossed my road in two or three places so you can convert it to latex eventually if you want to uh you can also if you are into math formulas if you want to pick up only the math formula part of it um then you can at least when you do html output you can use latex formulas and make put them in the output and they will run it in a nice way yeah because I run into uh that a lot more now that I'm teaching than I ever used to when I was programming um you know but uh like one of my classes um I have to you know like teach or hopefully reteach things like slope of a line all right you know and how to calculate it and stuff so that yeah I think it's not of yeah so it's very good integrated in html previews but if you want to prepare pdf um the tooling is a bit I would say hard to handle yeah in a polite way um so there you might be better off um doing a latex in a in a real latex pull out an image and drop that in yeah or yeah I mean that's how I do it sometimes because uh the uh yeah the basically the tech live uh instead of libraries is complicated and somewhat difficult to install and um you know and I somewhat make success with it in my experience yeah but there's a project called ASCII doc web ASCII doctor web pdf okay and Joom uh he's doing very good good job he's also um there they are using ASCII doc you render html from that spin it up in the chromium and create a multi-page pdf from that oh and this makes you really really flexible I know that you can start it anywhere you want as long as you can fit the rules into css another css pro yeah so sometimes uh kind of fail on that part yeah yeah css has its own you know entertainment value um yeah yeah I don't know every every time I've tried to like get good at css I you know it's just one of those things where I just don't you know I just can't get it you know it's just hard yeah well I think it's an every day thing too is the other problem right it's like yeah you know programming is difficult when you don't use the tech every day um like for my personal homepage I pulled up boomers css being a css framework okay yeah it's a bit well it's not so fresh anymore but still stable and maintained and does a good job so it's a very very light theme of the web page and I managed to handle that that was cool yeah yeah that's cool um and um and then there's another thing on the block called tailwind css oh yeah I've used that before and it's it's like cool like like I want to make a shadow there and that's what kind of class one of shoes and autocomplete that in your id right that's really really cool and that's my css yes exactly uh yeah it was funny I was actually I was working on a site for something I don't remember what but the um and I was gonna use tailwind for it um but then I ended up uh using MUI um because uh tail like and they weren't really like compatible or whatever and I was like this is yeah one of the other complexity perspective so but I wanted MUI for oh I know what it was for is because I wanted um these really like really complicated uh rendered tables um and uh and the MUI kind of built-ins and some of the add-ons were closer to what I needed tailwind was you know meant to be a lightweight kind of efficient you know css framework and didn't have these wonky tables I needed yeah yeah yeah but then if you want to have a design I'll eat an idea I'm not on design anyway but when I went when I wrote like a small well I now then give ask a dog trainings and workshops and for that I came up with a small collaborative editor so like people come up in a group of three or five they all open the same year on their browser and they start typing and they have multiple cursors like in Google Google yeah um and this is then like the real IDE or like the intelligent IDE but on the left you have the text on the right you have the preview and you're typing at the same time oh it's really low latency like uh sub 10 milliseconds or so is it does it do it locally or is it going across the internet no it will use uh web RTC locally and if web RTC doesn't work for whatever reason to discover the other kinds it like fails to public internet yeah it fails to web sockets on the public internet yeah and um so it's I think it's uh it's a hack but in a good way yeah right all right and um so I use it in trainings a lot and I have another upcoming training next uh the other week I think yeah the other week and uh that's going to be an outside training and I did lots of um online trainings on this as well so that's um yeah I'm enthusiastic about ASCII talk and um that's one of the ways I showed yeah well I wouldn't you mentioned uh Alan uh what's his first name Dan Dan yeah I was like had Ted in my head for some reason um but uh yeah exactly uh so um but I actually met he was one of the first people I met uh at Red Hat and uh you know we you know whatever talked a lot for whatever reason um I can't remember what we were working on together um that made us cross paths but yeah so so I do pretty well but yeah so he introduced me to ASCII talk all that you know he's been a great advocate on on a community there yeah um yeah so one of the things I really like about um you know and I know you have your favorite editor but mine is uh is vs code right um and uh it has a really nice uh you know uh whatever collaborative coding plugin which I think is proprietary but it's still yeah it's really awesome it is yeah um and so you know I like that a lot yeah there's if you're on telly jay's code with me uh but it came out a lot later after like maybe a year or maybe a year and a half after visual studio code was um then uh on every yeah every laptop yeah yeah uh when it comes to live coding at least everybody who wants to do live coding is then kind of move to visual studio code and not so many people came back yeah yeah but yeah let's see but it's it's doing a good job on this part right um yeah I mean I just like I also love that it is mostly open source um you know and and really quite enjoy it um but uh yeah well we are just about back yeah we are thank you so much for the time yeah uh you know it wasn't that harrowing I didn't think uh so you know uh in Detroit we did a lot of there was a lot of fast stops for things like geese um so you know it's uh geese in Boston all right no this is in Detroit uh and Detroit okay yeah uh so then I know there's no parking so all right well thank you thank you that's cool