 All right, well, our next speaker is joining us from Amazon Web Services. Phil Estes' focus is on core container technology, another area where I hear some open source help could be needed with a large language model in generative AI communities. He works on offerings like Fargate, EKS, ECS. Currently, Phil is an active contributor and maintainer for the CNCF ContainerD Runtime Project. He participates in the Open Container Initiative as a member of the Technical Oversight Board. Today, he's going to explore the power of community in open source container runtime tools. Please welcome Phil Estes. Good morning, everyone. It's another great day at Open Source Summit. I hate to say this as exciting as my voice will get in the next 15 minutes. And I'll explain that with an interaction I had with a very sarcastic friend yesterday. He pulled me aside and he said, Phil, you're too high energy. You're too excitable, like, bring it way down for this keynote, you know, just steady. You're gonna lose people if you jump around on the stage and do your usual antics. So if you know me, you know, that's a big joke. And he's a very sarcastic friend. But regardless of that, no matter what you hear in my tone or demeanor, I am excited and honored to be here to talk about things that do matter to me and experiences I've had in open source. So I'd like to start with a story. It's not a very impressive story. It doesn't have a huge, exciting ending. But it does relate to something that my friend, Angel Diaz, said yesterday about first, and he was mentioning first, you know, do you remember your first computer? Maybe this week someone here is experiencing giving their first talk. But we're at open source summit. Does anyone remember their first contribution to an open source project? Maybe it's recent, maybe it's a long time ago. This screenshot is my first pull request to the Docker engine project in 2014, I think. And even though you can tell by the color of my hair, that was not the first software piece of code I'd ever written. But I felt like a newbie. Was like, man, this is scary, you know, create PR. That's like a scary step to take. Did I do everything right? Did I do the right signed off by for this community and their requirements? And I was like a nervous kid just out of college, you know, my first interaction with the community. But it was so exciting when I got an LGTM from someone famous, by the way, Jess Frizel. But it was amazing. It was amazing to all of a sudden feel a part of this community to feel like I had a role to play. I could help them, you know, make the project better. And like I said, this is not a very exciting story. This is an unimportant bug and an unimportant part of the interface for Docker back in that day. But it was my stepping off point that got me hooked, I'll say, on open source. And I only have a few minutes, so I can only summarize what led me to this moment for a few minutes to not bore you to death. But I came out of college and joined IBM and worked on OS2, and there's definitely some blank stares in the crowd. Some of you were not born by the time IBM put OS2 gently to bed maybe before you're born. But it was a great project for me to start my career. I had an engineering degree and so I wasn't really a software guy, but hired by IBM. It was kind of cool to work on an operating system and it was really at that interface with the hardware and device drivers and it had a kernel. And so it was a great project to cut my teeth coming out of college and just learn basic things about software development, how to work with others, how to debug a problem, how to submit a fix to a source code control system. And really over the next 20 years, I'm sad to say, I'm getting older, before I ever did that first PR, my world revolved around two major technologies. First was Java. IBM became a licensee of the Sun Java source code long before it was open source. And my team's job was to port that JVM to OS2. And so again, I learned a ton about taking a huge software system and making it work on a different operating system. And it was exciting to figure that out, to make it work. And around that time, I heard about this young operating system called Linux. And I thought, oh, this would be fun to just try out. The problem was it took downloading 15 diskette images stacked on my desk to install this thing. And IBM had this token ring network and the token ring driver wasn't part of Linux. So you had to download this random.c file, sorry, supply chain security folks. You had to compile this random file into your kernel so you get on the network. But my experimentation with Linux opened this new door for my career. Someone said, hey, why don't we take the JVM and port it to Linux? Phil, you're a Linux user. Can you figure this out? And it was a really exciting point in my career to work with another IBM or to bring the JVM to Linux and turn that into an IBM product. But out of that, it was just kind of perfect timing. IBM created the Linux Technology Center. And Jim will finally remember Dan Fry, who's IBM executive who brought that organization to life, spoke in many of the LF events over the years. And so I worked on Linux for another decade, packaging it, customizing it for various IBM products, but never working on open source. It wasn't until that PR that I showed you earlier that I really experienced what it was to be involved in a community. And so I dove in after that first PR and did a bunch more PRs, became a maintainer. And I had my few seconds of fame when I got represented in a opening cartoon for one of the Dockercons along with Vincent Batts who's here this week, Jess Frizzle, Solomon Hikes and others. And it was, I was having a blast. But the point I want to make is not about me. It's about this community that I joined and the power, the feeling of being part of something and that everything I'd done with OS2 and Java and Linux, I could bring to the table in the Docker community and many others were bringing their experiences from other places. And some of you might say, well, I wasn't part of the Docker community, but I remember reading the new stack back in the day and it sounded like there were a lot of problems. Yeah, there was some big excitement around Docker and open source and Kubernetes. But I'll say for the most part that didn't impact the people who were dealing with that flood of pull requests every day in the Docker project. There was kind of a pressure cooker moment of just the project was so popular. There were so many people bringing their ideas and their interests to the project. But the cool thing that came out of that, even with all the complicated relationships and some of the fallout from those days, one of the coolest things about the power of that community is that that group of people has worked together in the OCI, in the CNCF, in Kubernetes, a bunch of new projects have formed out of that same group of people that you'll recognize many of the logos. And not only that, that group of people has continued collaborating around things like bringing C-Gurbs V2 support across all the ideas of runtimes and Run-C and Creo and Podman. We still work together in SIGnode and the runtime interface that Kubernetes uses to connect to runtimes. We still have brought rootless mode, not just to Run-C but to Docker, to Podman, to Container D to all these projects. And we're still working together on things like the OCI New Reference Types and Refers API and BuildKit has become its own project that many people use, not just Docker or Container D or other projects. So to me, this is the real power of that community is that there's continued collaboration and innovation. Now two years ago, just a little over two years ago, I joined AWS and one of the reasons I joined is that they were investing in Container D and I was seeing it in the community. They were using it in some of their services, they were contributing, and I was excited to come help them even contribute more upstream. And so while they had a small container runtime team, in the last two years we've seen that grow and we don't just contribute to Container D but there's dims many of you know from the Kubernetes community. He and many others are contributing upstream. We have SED maintainers on staff. We now have people contributing to other projects like Lima and Nerd CTL. And I'm short changing the rest of Amazon. This is my little corner of the world. There's many, many other projects that Apache projects and IoT projects and Java projects that Amazon is contributing to. But we don't just contribute, we also create. And so over the years, even before I joined and more recently building projects like Firecracker and Botteraka OS built around Container D and a snapshotter for lazy loading images on Container D that we recently launched last summer. And then one that's near and dear to my heart that I wanna spend a few minutes talking about called Finch in a minute. But we're not just doing contribution and creation, we're also investing in open source security. You probably heard a lot about the OpenSSF yesterday in Tracy's keynote. I've been tangentially involved in the OpenSSF. I was part of the original founding TAC. But we've even this week launched some new initiatives around the Cedar Policy Language which has used automated reasoning to prove out their language. And that's now open source. You can go to the booth today and see demos on that I think one and four. Our fine and fixed team has just launched SnapChange which is a fuzzing framework. You heard again about fuzzing from Eric in yesterday's keynote as an important part of securing open source. We've also funded several things in the OpenSSF like Alpha Omega which was mentioned yesterday. And so we're also funding Prosimo now for memory safety initiatives. If you're a Linux user, surely at some point you've had to type sudo or su. These are very important utilities that need to be secure. And so part of this initiative will be funding the rewrite of those in memory safe languages like Rust. So again, I'm proud of what we've been able to contribute, what we're creating, what we're funding around open source security. But I want to switch gears and use the last few minutes I have to again talk about Finch as just a really cool project that I've been involved in us creating and launching last year. I hope this isn't the computer you use on your desk. I'm pretty sure it's not. But with the economic times, watch out if your manager comes walking down the hall with one of these, hold on to your MacBook. But the picture I want to give you is if you're a container developer, you might write your Docker file on a system that has nothing to do with the system you want to run it on. Most of us write Docker files that are meant to be turned into Linux containers that run on a Linux system. But I'm sorry we're here at an event that used to be called LinuxCon. Linux on the desktop is not here yet. We're still waiting. So if I'm writing on a system like this, I have to push that Docker file somewhere. Something has to trigger a build. I have to find compute somewhere to run it. And if I just made one simple mistake, now I have to do that cycle all over again. So developers love the tight inner loop of can I try this locally? Can I run it here, figure it out, make it work and then start to use automated CICD or push it to some compute somewhere? And so there's been a lot of innovation in this space. Like I said, as much as I've been a Linux user for a very long time, most of us are on Mac and Windows and we could argue about their percentages. This is hard data to figure out who's using what. But let's just admit that the line shared with enterprise developers are probably not on Linux. And so this space has been innovating all the way back to a project called Docker Machine in the early days of Docker. I just want a VM so I can run Docker inside of it so I can test out my containers. So we created Finch along these same ideas of we want to give Mac OS developers a simple command line tool to have that tight inner loop of development. And again, it's not something we started from scratch. It's built on existing open source, like container D and Lima and Nerd CTL and build kit. And so again, I've only got a few minutes left. I can't go into all the details of why we built it and how we built it. I did have the pleasure of helping write the launch blog that you can find online. We have a lot of ideas about offering an extensions framework and offering it on other OS platforms. So we'd love to make it a community. Like I talked about at the beginning, that power of community of being a part of something and contributing, we'd love for that to happen with Finch as well. So we would love for you to join us upstream. Again, not just in our project, but in the projects we depend on as well. And we'd love to have you participate in any way, report issues, contribute features, and give us feedback. Now, I followed someone who talked all about the coolest stuff ever, AI. When I was sitting two weeks ago in front of a blank PowerPoint screen, I was like, how do you get started? I was like, oh, I'm gonna ask an AI image creator to build me some Finches. And I even have the meta, there's a Finch contributing to Finch on his or her laptop here, but this was just my little fun to get my heads moving in a direction of creating the talk. But I titled this talk, Building Bridges. And if you know anything about image creators, I had to try several times to not give you nightmares of the gruesome things it created when I said, please build a bridge out of Finches. But this one was pretty cool. So I'd like to leave you with two things. One, find a community where you can experience what I experienced. Find some place that you can use your capabilities, the things that brought you to open source and use them. The second thing, as I just mentioned, we'd love to have you participate with us. We're definitely not creating a closed community, we're creating a community where you can participate, you can become a maintainer, you can help us move the project forward. So with that, thank you very much. Hope you have a great rest of your day at Open Source Summit.