jesus/ontoref
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ontoref/assets/presentation/reader-script-en-live.md

886 lines
18 KiB
Markdown
Raw Normal View History

feat: unified auth model, project onboarding, install pipeline, config management The full scope across this batch: POST /sessions key→token exchange, SessionStore dual-index with revoke_by_id, CLI Bearer injection (ONTOREF_TOKEN), ontoref setup --gen-keys, install scripts, daemon config form roundtrip, ADR-004/005, on+re self-description update (fully-self-described), and landing page refresh.
2026-03-13 20:56:31 +00:00
# Rustikon 2026 - Live Reader Script (Speech Only)
Only lines to speak. Legend: `/` short pause, `//` long pause.
## Slide 1
STORY: Act 1 - Hook & Promise
TENSION: Low -> Medium
EMPHASIS: Credibilidad y dolor real
DELIVERY: Calma, pausas limpias
Why I Needed Rust
Finally. / infra Automation I Can Sleep On
## Slide 2
STORY: Act 1 - Hook & Promise
TENSION: Low -> Medium
EMPHASIS: Credibilidad y dolor real
DELIVERY: Calma, pausas limpias
Years. / One Problem.
Era Tool Lesson
1990s Perl Power without safety is a disaster
2000s Python practical work without safety rules is fragile
2010s Bash · Chef · Ansible · Terraform More tools don't solve approach problems
2020s Go · ???
Each time. / I thought I had the answer.
Each time. / reality proved me wrong.
## Slide 3
STORY: Act 1 - Hook & Promise
TENSION: Low -> Medium
EMPHASIS: Credibilidad y dolor real
DELIVERY: Calma, pausas limpias
The Evolution
How we got here
## Slide 4
STORY: Act 2 - Escalation
TENSION: Medium -> High
EMPHASIS: Crecimiento de complejidad sin control
DELIVERY: Ritmo creciente
Stage 1. / Local (late 80s / early 90s)
Dumb terminals. / Single machine. / One state.
Local development. / long deployment cycles. / low urgency
One state. / easy to observe. / easy to control
I A C: procedural scripts. / logic hidden inside the application
> The Perl Era: we could do anything.
> We could also break anything.
> Beautiful. / terrifying metaprogramming.
> No safety net.
> Silent failures at 3 AM.
> Lesson: power without safety is a disaster.
🛡 ●●●●○   😴 ●●●●○   🔥 ●○○○○
## Slide 5
STORY: Act 2 - Escalation
TENSION: Medium -> High
EMPHASIS: Crecimiento de complejidad sin control
DELIVERY: Ritmo creciente
Stage 2. / Networks / Internet
Systems getting farther away. / More people. / More coordination.
Remote access. / spread out teams. / security becomes relevant
Cost of downtime rises. / processes become critical
Harmonizing: package installs. / config. / updates across multiple machines in parallel
I A C: reproducible automation. / first declared attempts
> The Python Era: rapid development. / great community.
> But nothing stopped you from being wrong.
> Type hints came late. / and optional.
> Runtime errors >> compile-time errors.
> Lesson: practical work without safety rules is fragile.
More pieces. / More people. / Getting interesting.
🛡 ●●●○○   😴 ●●●○○   🔥 ●●○○○
## Slide 6
STORY: Act 2 - Escalation
TENSION: Medium -> High
EMPHASIS: Crecimiento de complejidad sin control
DELIVERY: Ritmo creciente
Stage 3. / Containers / Cloud / CI-CD
Everything. / Everywhere. / All at once.
Monolith → spread out. / all day. / every day. / high availability
Cloud. / hybrid. / multi-cloud. / on-prem. / simultaneously
Rollback and rollforward: database transactions. / but for infra
Scale horizontally AND vertically. / and descale
C I slash C D continuous: new features. / new deploys. / permanent churn
> The Cloud/I A C Era: Ansible. / Terraform. / Chef. / Puppet.
> What changed? The syntax.
> What didn't? The fundamental problems.
> Still fighting type safety. / Still discovering errors in production.
> Lesson: more tools don't solve approach problems.
🛡 ●●○○○   😴 ●○○○○   🔥 ●●●●○
## Slide 7
STORY: Act 2 - Escalation
TENSION: Medium -> High
EMPHASIS: Crecimiento de complejidad sin control
DELIVERY: Ritmo creciente
I could automate infra.
But I couldn't make it reliable.
I couldn't prevent mistakes.
I couldn't sleep.
🛡 ●○○○○    😴 ○○○○○    🔥 ●●●●●
## Slide 8
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
Why I A C Fails
The restaurant problem
## Slide 9
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
The Restaurant
Every restaurant has at least three actors.
Restaurant infra
Guest declares what they want declared config (YAML. / HCL)
Waiter validates and transmits controller (K8s. / Ansible)
Kitchen executes and delivers Runtime / setup
Dish arrives. / or doesn't Deployment succeeds. / or not
What makes it work. / or not:
The guest declares. / Doesn't implement.
The waiter must know what's possible. / before going to the kitchen.
> "I want X" → waiter goes to kitchen
> → "we don't have X. / why is it on the menu?"
> → back to the table.
> Equivalent: I configured a host with port 8443 → that port isn't allowed → reconfigure from zero.
## Slide 10
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
The Truth That Mutates
State is not static. / It can change at every step of the chain.
Step Truth for this actor
Guest speaks What they want
Waiter's notepad What was written down
Kitchen markings What's done / not done
Payment ticket What was actually served
> Fail early = fail cheap. / Fail in production = nightmare.
The context problem:
The waiter knows the regular customer: "always no salt."
The kitchen doesn't. / If the waiter changes. / that context disappears.
config drift is the same thing: Implicit state. / Not explicit. / Not propagated. / Lost silently.
The cost of failure depends on where it happens:
Fail at the table (impossible order): cheap. / caught before kitchen
Fail in kitchen (ingredient missing): medium. / renegotiate with guest
Fail at delivery (wrong dish arrives): expensive. / experience destroyed
## Slide 11
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
"We Don't Have Mushrooms"
When an actor in the chain can't fulfill part of the order.
> "Can I substitute vegetables?"
> That renegotiation must be explicit. / Traced. / Re-authorized. / Not silent. / Not assumed.
config drift is silent renegotiation:
The system changes. / Nobody notified. / State diverges without trace.
Rust's answer. / Option :
[code example]
> The compiler check is the waiter who cannot pretend an ingredient exists.
## Slide 12
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
The Config Evolution
How we got from code to YAML hell
Hardcoded. / everything inside the binary. / Full control. / Zero flexibility.
External config (JSON). / works between machines. / Unreadable for humans at scale.
YAML / TOML. / more readable. / Fragile syntax. / Implicit types. / Silent errors.
YAML + Serde. / Serde validates the structure:
Does the field exist? Is it the right type?
Do we accept "elephant" as a pet? If the type is String... / yes.
Serde validates shape. / Not meaning.
Helm / Jinja templates. / YAML generated from variables (in YAML).
Does it validate the content of the generated YAML? No. / Not at all.
Like using an LLM with a markdown reference: the format is there.
but is the content correct? Nobody safety rules that.
## Slide 13
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
Continuous C I slash C D.
No semantic check.
Continuous hope.
(crossing our fingers in production)
🛡 ●○○○○    😴 ○○○○○    🔥 ●●●●●
## Slide 14
STORY: Act 3 - Problem Anatomy
TENSION: High
EMPHASIS: Causa raiz y costo de fallar tarde
DELIVERY: Didactico, frases cortas
Three Questions Without Answers
Question 1 —
— Why do we wait for things to break?
"Works on my machine". / in production. / I don't know
Fail late = maximum cost. / We want: fail fast. / fail cheap
Question 2 —
— Do we actually know what we want?
Is the declaration sufficient and consistent with what's possible?
What are the boundaries? Static or dynamic? What is the source of truth. / and when does it mutate?
Question 3 —
Can we guarantee determinism ?
C I slash C D without semantic check = continuous hope
We want certainty. / not randomness
"Works on my machine" cannot be the production standard
> We're not inventing anything new. / Everything already exists.
> The question is whether we're managing it correctly.
## Slide 15
STORY: Act 4 - Turning Point
TENSION: Peak
EMPHASIS: No faltan tools, falta paradigma
DELIVERY: Silencios intencionales
The tools weren't the problem.
The languages weren't the problem.
The approach was the problem.
## Slide 16
STORY: Act 4 - Turning Point
TENSION: Peak
EMPHASIS: No faltan tools, falta paradigma
DELIVERY: Silencios intencionales
Systems we don't know how to control.
We hope they work.
When they don't. / we fix them.
Continuous nightmare.
( alarm state as the new normal)
🛡 ●○○○○    😴 ○○○○○    🔥 ●●●●●
## Slide 17
STORY: Act 4 - Turning Point
TENSION: Peak
EMPHASIS: No faltan tools, falta paradigma
DELIVERY: Silencios intencionales
Rust
The answer to all three questions
## Slide 18
STORY: Act 4 - Turning Point
TENSION: Peak
EMPHASIS: No faltan tools, falta paradigma
DELIVERY: Silencios intencionales
The Bridge: From Serde to Types
Serde loads structurally valid config.
But "elephant" as pet: String compiles.
Rust's answer: don't use String. / Use a type.
[code example]
This is the shift.:
Not the config format. / The model of what it can contain.
Serde validates shape Types validate meaning
The compiler check validates before the binary exists.
## Slide 19
STORY: Act 5 - Resolution
TENSION: High -> Medium
EMPHASIS: Types y compiler como respuesta
DELIVERY: Claro y tecnico
What Rust Gives Us
Answer to Question 1: fail early. / fail cheap
[code example]
Answer to Question 2: explicit contracts
[code example]
## Slide 20
STORY: Act 5 - Resolution
TENSION: High -> Medium
EMPHASIS: Types y compiler como respuesta
DELIVERY: Claro y tecnico
The compiler check as Pre-Validator
Answer to Question 3:
guaranteed determinism
[code example]
The compiler check validates:
Before building the binary
Not after hours of execution
Not when a function nobody touched in months finally gets called
Predictable behavior: memory. / resources. / workflows
The compiler check is the waiter who validates the order.
Before it reaches the kitchen.
Before the guest waits.
Before any ingredient is missing.
🛡 ●●●●○   😴 ●●●●○   🔥 ●●○○○
## Slide 21
STORY: Act 5 - Resolution
TENSION: High -> Medium
EMPHASIS: Types y compiler como respuesta
DELIVERY: Claro y tecnico
The Human Impact
When the system is trustworthy:
✓ Sleep comes back
✓ Confidence returns
✓ The team trusts the automation
✓ Stress decreases
✓ You can actually rest
> What you can't measure: fear .
> What you can measure: MTTR .
> Before: > 30 minutes. / Now: .
🛡 ●●●●●  😴 ●●●●●  🔥 ●○○○○
## Slide 22
STORY: Act 5 - Resolution
TENSION: High -> Medium
EMPHASIS: Types y compiler como respuesta
DELIVERY: Claro y tecnico
Continuous C I slash C D.
Types. / compiler check. / Explicit state.
Continuous certainty.
(to keep sleeping well)
🛡 ●●●●●    😴 ●●●●●    🔥 ●○○○○
## Slide 23
STORY: Act 5 - Resolution
TENSION: High -> Medium
EMPHASIS: Types y compiler como respuesta
DELIVERY: Claro y tecnico
In Production
This is not theory
## Slide 24 (name: provisioning)
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
import { ref. / computed } from 'vue'
const useWhite = ref(false)
const bgStyle = computed(() => ({
backgroundImage: url('${useWhite.value ? "/w-arch-diag-v2.svg" : "/arch-diag-v2.svg"}').
backgroundSize: 'contain'.
backgroundRepeat: 'no-repeat'.
backgroundPosition: 'center'.
position: 'absolute'.
inset: '0'.
cursor: 'pointer'.
## Slide 25
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Nickel
YAML rejected. / TOML rejected. / Reason: no type safety.
YAML wrote what we wanted.
It couldn't say what was possible.
Nickel closes that gap
— at config time. / not at 3 AM.
[code example]
Typed Source of Truth
Result (ADR-003): zero config type errors in production.
Config hierarchy:
defaults → workspace → profile → environment → runtime
Each layer merges.
Type system catches conflicts.
At config time. / not deployment time.
The guest wrote an impossible order.
Nickel makes impossible orders unwritable.
> Serde validates shape.
> Nickel validates meaning.
> The compiler check validates before deployment.
## Slide 26
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Traits as Provider
The kitchen can change. / AWS ≠ UpCloud ≠ bare metal. / Same menu.
[code example]
Explicit state. / no drift:
[code example]
Contracts
Checkpoint every 5 minutes
No implicit state.
> No "the waiter remembers the customer doesn't want salt."
It's in the order. / Always. / Explicit.
## Slide 27
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Dependency Graph
Failfast: bool is not a config option.
It's a principle encoded as a type.
Typed DAG. / dependency resolution enforced at workflow compile time:
The kitchen doesn't serve the main course before the starter is done.
DependencyType::Hard is that rule. / In the type system. / not in a runbook.
[code example]
Fail Fast. / Fail Cheap
DependencyType::Hard - failure stops the chain. / Always.
DependencyType::Soft - continues. / explicitly degraded.
DependencyType::Optional - missing is expected and fine.
> The compiler check catches the install order.
> Not the on-call engineer at 2 AM.
🛡 ●●●●●   😴 ●●●●●   🔥 ●○○○○
## Slide 28
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Real Applications
## Kubernetes
The controller provisions cluster components as a typed workflow:
[code example]
Each dependency is a DependencyType.
The compiler check catches: installing Cilium without Kubernetes.
Not the on-call engineer at 2 AM.
>"In my machine it works" has a price here.
> This is the highest-stakes infra in the deck.
## Blockchain Validators
Validators require brutal uptime.
A validator that fails loses funds. / not your infra's money.
Your customer's.
Post-quantum cryptography: CRYSTALS-Kyber + Falcon + AES-256-GCM hybrid. / Validator keys protected against quantum computers.
SLOs with real error budgets: 99.99% = 52.6 min downtime/year. / Prometheus blocks deploys when burn rate exceeds budget.
Deterministic config: validator parameters are types. / A bondamount that isn't a valid u128 doesn't compile.
## Slide 29
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Disaster Recovery
Rollback as a type. / not a procedure
3 AM. / Something broke. / You need to rollback.
Without types: you improvise.
With types: you choose a strategy
— or it doesn't compile.
[code example]
Multi-backend backup: restic. / borg. / tar. / rsync
— all as enum variants.
Production backup and DR restore use the same type. / the same schema.
> The runbook exists.
> Nobody reads it clearly at 3 AM under pressure.
> The type forces the decision before the crisis.
> The state is the same in prod and in DR. / Always.
## Slide 30
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Self-Healing
> When something breaks at 3 AM
>. / the system responds. / not you.
[code example]
— Typed Remediation
What happens at 3 AM:
Alert fires → RemediationEngine matches condition → runs RestartService
Works: silent. / Nobody woken up.
Fails 3×: page sent. / with full state. / checkpoint. / and execution history.
> You wake up to information. / Not to chaos.
🛡 ●●●●●   😴 ●●●●●   🔥 ●○○○○
## Slide 31
STORY: Act 6 - Proof in Production
TENSION: Medium -> High
EMPHASIS: Casos reales e impacto operativo
DELIVERY: Energetico y concreto
Without types. / Without compiler check. / Without explicit state.
MTTR > 30 minutes.
Rust. / Types. / Explicit state.
Automated response.
MTTR (at 3 AM. / without you.)
🛡 ●●●●●    😴 ●●●●●    🔥 ●○○○○
## Slide 32
STORY: Act 7 - Close & CTA
TENSION: Medium -> Low
EMPHASIS: Cierre emocional con accion
DELIVERY: Lento y memorable
Why This Matters
For everyone in this room
## Slide 33
STORY: Act 7 - Close & CTA
TENSION: Medium -> Low
EMPHASIS: Cierre emocional con accion
DELIVERY: Lento y memorable
For You
If you've been frustrated like me
Rust solves problems you already have.
This is not hype. / It is operational relief.
Start here:
Model your infra as types
Let the compiler check pre-validate before deployment
If you're earlier in your career
Start with type safety from day one.
Build for stable work. / not only speed.
The shortest path:
Types for config.
Traits for providers.
Determinism for operations.
## Slide 34
STORY: Act 7 - Close & CTA
TENSION: Medium -> Low
EMPHASIS: Cierre emocional con accion
DELIVERY: Lento y memorable
I have perspective from long production experience.
I have seen technologies come and go.
Rust is not hype. / Rust is relief with evidence.
It solves real operational problems I had for decades.
More years is not a liability.
It is an advantage.
## Slide 35 (name: end)
STORY: Act 7 - Close & CTA
TENSION: Medium -> Low
EMPHASIS: Cierre emocional con accion
DELIVERY: Lento y memorable
Why I Needed Rust
Three Closing Lines
I have lived this problem for decades.
Rust gave me deterministic systems and better sleep.
Start small: model infra as types.
Thank you. / Questions?
More info:
· jesusperez.pro
· setup.systems · vapora.dev · rustelo.dev
Reference in New Issue Copy Permalink