I took the recent TalosCon as a chance to dig into a Linux distro that's designed only for running Kubernetes on in a way that's a much like Kubernetes itself as it can manage: no system, no shell, no scripts, no SSH, no problem - because no snowflakes

Talos grew out of the frustration of people like @rsmitty.cloud @siderolabs.com running ops: good open source often starts with someone scratching their own itch and discovering that it's not just their own itch because starting with the problem is a good way to get a realistic solution.

It's a very different mindset; Talos doesn't have the recent busybox CVE because it doesn't have busybox, which is great but it also doesn't have a lot of things security agents and compliance audits expect so you have to change the way you do traditional ops to make it work and that can take time

Just convincing people to do it that way probably takes longer than doing it and it's going to be easier if you're born in the cloud, bursting to cloud, living on the edge or doing anything but coming from a very traditional ops environment; which is why I'm impressed that SNCF did just that