d59644b96f
The full scope across this batch: POST /sessions key→token exchange, SessionStore dual-index with revoke_by_id, CLI Bearer injection (ONTOREF_TOKEN), ontoref setup --gen-keys, install scripts, daemon config form roundtrip, ADR-004/005, on+re self-description update (fully-self-described), and landing page refresh.
18 KiB
Rustikon 2026 - Slide Text (Reader Version)
One section per real Slidev slide (parser-based count).
Slide 1
STORY: Act 1 - Hook & Promise TENSION: Low -> Medium EMPHASIS: Credibilidad y dolor real DELIVERY: Calma, pausas limpias
Why I Needed Rust Finally, Infrastructure Automation I Can Sleep On 🛡 ●●●○○ 😴 ●●●○○ 🔥 ●○○○○
Slide 2
STORY: Act 1 - Hook & Promise TENSION: Low -> Medium EMPHASIS: Credibilidad y dolor real DELIVERY: Calma, pausas limpias
Years. One Problem. 1987 → 2025 Era Tool Lesson
1990s Perl Power without safety is a disaster 2000s Python Pragmatism without guarantees is fragile 2010s Bash · Chef · Ansible · Terraform More tools don't solve paradigm problems 2020s Go · ??? Each time, I thought I had the answer. Each time, reality proved me wrong.
Slide 3
STORY: Act 1 - Hook & Promise TENSION: Low -> Medium EMPHASIS: Credibilidad y dolor real DELIVERY: Calma, pausas limpias
The Evolution How we got here
Slide 4
STORY: Act 2 - Escalation TENSION: Medium -> High EMPHASIS: Crecimiento de complejidad sin control DELIVERY: Ritmo creciente
Stage 1 — Local (late 80s / early 90s) Dumb terminals. Single machine. One state. Local development, long deployment cycles, low urgency One state — easy to observe, easy to control IaC: procedural scripts, logic hidden inside the application
The Perl Era: we could do anything.
We could also break anything.
Beautiful, terrifying metaprogramming.
No safety net. Silent failures at 3 AM.
Lesson: power without safety is a disaster. 🛡 ●●●●○ 😴 ●●●●○ 🔥 ●○○○○
Slide 5
STORY: Act 2 - Escalation TENSION: Medium -> High EMPHASIS: Crecimiento de complejidad sin control DELIVERY: Ritmo creciente
Stage 2 — Networks / Internet Systems getting farther away. More people. More coordination. Remote access, distributed teams, security becomes relevant Cost of downtime rises — processes become critical Harmonizing: package installs, config, updates across multiple machines in parallel IaC: reproducible automation, first declarative attempts
The Python Era: rapid development, great community.
But nothing stopped you from being wrong.
Type hints came late — and optional.
Runtime errors >> compile-time errors.
Lesson: pragmatism without guarantees is fragile. More pieces. More people. Getting interesting. 🛡 ●●●○○ 😴 ●●●○○ 🔥 ●●○○○
Slide 6
STORY: Act 2 - Escalation TENSION: Medium -> High EMPHASIS: Crecimiento de complejidad sin control DELIVERY: Ritmo creciente
Stage 3 — Containers / Cloud / CI-CD Everything. Everywhere. All at once. Monolith → distributed, 24×7×365, high availability Cloud, hybrid, multi-cloud, on-prem — simultaneously Rollback and rollforward: database transactions, but for infrastructure Scale horizontally AND vertically — and descale CI/CD continuous: new features, new deploys, permanent churn
The Cloud/IaC Era: Ansible, Terraform, Chef, Puppet.
What changed? The syntax.
What didn't? The fundamental problems.
Still fighting type safety. Still discovering errors in production.
Lesson: more tools don't solve paradigm problems. 🛡 ●●○○○ 😴 ●○○○○ 🔥 ●●●●○
Slide 7
STORY: Act 2 - Escalation TENSION: Medium -> High EMPHASIS: Crecimiento de complejidad sin control DELIVERY: Ritmo creciente
I could automate infrastructure. But I couldn't make it reliable. I couldn't prevent mistakes. I couldn't sleep. 🛡 ●○○○○ 😴 ○○○○○ 🔥 ●●●●●
Slide 8
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
Why IaC Fails The restaurant problem
Slide 9
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
The Restaurant Every restaurant has at least three actors. Restaurant Infrastructure
Guest declares what they want Declarative config (YAML, HCL) Waiter validates and transmits Orchestrator (K8s, Ansible) Kitchen executes and delivers Runtime / provisioning Dish arrives — or doesn't Deployment succeeds — or not What makes it work — or not: The guest declares. Doesn't implement. The waiter must know what's possible — before going to the kitchen.
"I want X" → waiter goes to kitchen → "we don't have X, why is it on the menu?" → back to the table.
Equivalent: I configured a host with port 8443 → that port isn't allowed → reconfigure from zero.
Slide 10
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
The Truth That Mutates State is not static. It can change at every step of the chain. Step Truth for this actor
Guest speaks What they want Waiter's notepad What was written down Kitchen markings What's done / not done Payment ticket What was actually served
Fail early = fail cheap. Fail in production = nightmare. The context problem: The waiter knows the regular customer: "always no salt." The kitchen doesn't. If the waiter changes — that context disappears. Configuration drift is the same thing: Implicit state. Not explicit. Not propagated. Lost silently. The cost of failure depends on where it happens: Fail at the table (impossible order): cheap — caught before kitchen Fail in kitchen (ingredient missing): medium — renegotiate with guest Fail at delivery (wrong dish arrives): expensive — experience destroyed
Slide 11
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
"We Don't Have Mushrooms" When an actor in the chain can't fulfill part of the order.
"Can I substitute vegetables?"
That renegotiation must be explicit. Traced. Re-authorized. Not silent. Not assumed. Configuration drift is silent renegotiation: The system changes. Nobody notified. State diverges without trace. Rust's answer — Option : [code example] The compiler is the waiter who cannot pretend an ingredient exists.
Slide 12
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
The Config Evolution How we got from code to YAML hell Hardcoded — everything inside the binary. Full control. Zero flexibility. External config (JSON) — works between machines. Unreadable for humans at scale. YAML / TOML — more readable. Fragile syntax. Implicit types. Silent errors. YAML + Serde — Serde validates the structure: Does the field exist? Is it the right type? Do we accept "elephant" as a pet? If the type is String... yes. Serde validates shape. Not meaning. Helm / Jinja templates — YAML generated from variables (in YAML). Does it validate the content of the generated YAML? No. Not at all. Like using an LLM with a markdown reference: the format is there, but is the content correct? Nobody guarantees that.
Slide 13
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
Continuous CI/CD. No semantic validation. Continuous hope. (crossing our fingers in production) 🛡 ●○○○○ 😴 ○○○○○ 🔥 ●●●●●
Slide 14
STORY: Act 3 - Problem Anatomy TENSION: High EMPHASIS: Causa raiz y costo de fallar tarde DELIVERY: Didactico, frases cortas
Three Questions Without Answers Question 1 — — Why do we wait for things to break? "Works on my machine" — in production, I don't know Fail late = maximum cost. We want: fail fast, fail cheap Question 2 — — Do we actually know what we want? Is the declaration sufficient and consistent with what's possible? What are the boundaries? Static or dynamic? What is the source of truth — and when does it mutate? Question 3 — Can we guarantee determinism ? CI/CD without semantic validation = continuous hope We want certainty, not randomness "Works on my machine" cannot be the production standard
We're not inventing anything new. Everything already exists. The question is whether we're managing it correctly.
Slide 15
STORY: Act 4 - Turning Point TENSION: Peak EMPHASIS: No faltan tools, falta paradigma DELIVERY: Silencios intencionales
The tools weren't the problem. The languages weren't the problem. The paradigm was the problem.
Slide 16
STORY: Act 4 - Turning Point TENSION: Peak EMPHASIS: No faltan tools, falta paradigma DELIVERY: Silencios intencionales
Systems we don't know how to control. We hope they work. When they don't — we fix them. Continuous nightmare. ( alarm state as the new normal) 🛡 ●○○○○ 😴 ○○○○○ 🔥 ●●●●●
Slide 17
STORY: Act 4 - Turning Point TENSION: Peak EMPHASIS: No faltan tools, falta paradigma DELIVERY: Silencios intencionales
Rust The answer to all three questions
Slide 18
STORY: Act 4 - Turning Point TENSION: Peak EMPHASIS: No faltan tools, falta paradigma DELIVERY: Silencios intencionales
The Bridge: From Serde to Types Serde loads structurally valid config. But "elephant" as pet: String compiles. Rust's answer: don't use String. Use a type. [code example] This is the shift.: Not the config format. The model of what it can contain. Serde validates shape Types validate meaning The compiler validates before the binary exists.
Slide 19
STORY: Act 5 - Resolution TENSION: High -> Medium EMPHASIS: Types y compiler como respuesta DELIVERY: Claro y tecnico
What Rust Gives Us Answer to Question 1: fail early, fail cheap [code example] Answer to Question 2: explicit contracts [code example]
Slide 20
STORY: Act 5 - Resolution TENSION: High -> Medium EMPHASIS: Types y compiler como respuesta DELIVERY: Claro y tecnico
The Compiler as Pre-Validator Answer to Question 3: guaranteed determinism [code example] The compiler validates: Before building the binary Not after hours of execution Not when a function nobody touched in months finally gets called Predictable behavior: memory, resources, workflows The compiler is the waiter who validates the order. Before it reaches the kitchen. Before the guest waits. Before any ingredient is missing. 🛡 ●●●●○ 😴 ●●●●○ 🔥 ●●○○○
Slide 21
STORY: Act 5 - Resolution TENSION: High -> Medium EMPHASIS: Types y compiler como respuesta DELIVERY: Claro y tecnico
The Human Impact When the system is trustworthy: ✓ Sleep comes back ✓ Confidence returns ✓ The team trusts the automation ✓ Stress decreases ✓ You can actually rest
What you can't measure: fear .
What you can measure: MTTR .
Before: > 30 minutes. Now: . 🛡 ●●●●● 😴 ●●●●● 🔥 ●○○○○
Slide 22
STORY: Act 5 - Resolution TENSION: High -> Medium EMPHASIS: Types y compiler como respuesta DELIVERY: Claro y tecnico
Continuous CI/CD. Types. Compiler. Explicit state. Continuous certainty. (to keep sleeping well) 🛡 ●●●●● 😴 ●●●●● 🔥 ●○○○○
Slide 23
STORY: Act 5 - Resolution TENSION: High -> Medium EMPHASIS: Types y compiler como respuesta DELIVERY: Claro y tecnico
In Production This is not theory
Slide 24 (name: provisioning)
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
import { ref, computed } from 'vue' const useWhite = ref(false) const bgStyle = computed(() => ({ backgroundImage: url('${useWhite.value ? "/w-arch-diag-v2.svg" : "/arch-diag-v2.svg"}'), backgroundSize: 'contain', backgroundRepeat: 'no-repeat', backgroundPosition: 'center', position: 'absolute', inset: '0', cursor: 'pointer', })) 🌗
Slide 25
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Nickel YAML rejected. TOML rejected. Reason: no type safety. YAML wrote what we wanted. It couldn't say what was possible. Nickel closes that gap — at config time, not at 3 AM. [code example] Typed Source of Truth Result (ADR-003): zero configuration type errors in production. Config hierarchy: defaults → workspace → profile → environment → runtime Each layer merges. Type system catches conflicts. At config time — not deployment time. The guest wrote an impossible order. Nickel makes impossible orders unwritable.
Serde validates shape.
Nickel validates meaning.
The compiler validates before deployment.
Slide 26
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Traits as Provider The kitchen can change. AWS ≠ UpCloud ≠ bare metal. Same menu. [code example] Explicit state — no drift: [code example] Contracts Checkpoint every 5 minutes No implicit state.
No "the waiter remembers the customer doesn't want salt." It's in the order. Always. Explicit.
Slide 27
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Dependency Graph Failfast: bool is not a config option. It's a principle encoded as a type. Typed DAG — dependency resolution enforced at workflow compile time: The kitchen doesn't serve the main course before the starter is done. DependencyType::Hard is that rule. In the type system, not in a runbook. [code example] Fail Fast, Fail Cheap DependencyType::Hard - failure stops the chain. Always. DependencyType::Soft - continues, explicitly degraded. DependencyType::Optional - missing is expected and fine.
The compiler catches the install order. Not the on-call engineer at 2 AM. 🛡 ●●●●● 😴 ●●●●● 🔥 ●○○○○
Slide 28
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Real Applications
Kubernetes
The orchestrator provisions cluster components as a typed workflow: [code example] Each dependency is a DependencyType. The compiler catches: installing Cilium without Kubernetes. Not the on-call engineer at 2 AM.
"In my machine it works" has a price here.
This is the highest-stakes infrastructure in the deck.
Blockchain Validators
Validators require brutal uptime. A validator that fails loses funds — not your infrastructure's money. Your customer's. Post-quantum cryptography: CRYSTALS-Kyber + Falcon + AES-256-GCM hybrid. Validator keys protected against quantum computers. SLOs with real error budgets: 99.99% = 52.6 min downtime/year. Prometheus blocks deploys when burn rate exceeds budget. Deterministic config: validator parameters are types. A bondamount that isn't a valid u128 doesn't compile.
Slide 29
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Disaster Recovery Rollback as a type, not a procedure 3 AM. Something broke. You need to rollback. Without types: you improvise. With types: you choose a strategy — or it doesn't compile. [code example] Multi-backend backup: restic, borg, tar, rsync — all as enum variants. Production backup and DR restore use the same type, the same schema.
The runbook exists.
Nobody reads it clearly at 3 AM under pressure.
The type forces the decision before the crisis.
The state is the same in prod and in DR. Always.
Slide 30
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Self-Healing
When something breaks at 3 AM — the system responds, not you. [code example] — Typed Remediation What happens at 3 AM: Alert fires → RemediationEngine matches condition → runs RestartService Works: silent. Nobody woken up. Fails 3×: page sent — with full state, checkpoint, and execution history. You wake up to information. Not to chaos. 🛡 ●●●●● 😴 ●●●●● 🔥 ●○○○○
Slide 31
STORY: Act 6 - Proof in Production TENSION: Medium -> High EMPHASIS: Casos reales e impacto operativo DELIVERY: Energetico y concreto
Without types. Without compiler. Without explicit state. MTTR > 30 minutes. ──────────────────────── Rust. Types. Explicit state. Automated response. MTTR (at 3 AM. without you.) 🛡 ●●●●● 😴 ●●●●● 🔥 ●○○○○
Slide 32
STORY: Act 7 - Close & CTA TENSION: Medium -> Low EMPHASIS: Cierre emocional con accion DELIVERY: Lento y memorable
Why This Matters For everyone in this room
Slide 33
STORY: Act 7 - Close & CTA TENSION: Medium -> Low EMPHASIS: Cierre emocional con accion DELIVERY: Lento y memorable
For You If you've been frustrated like me Rust solves problems you already have. This is not hype. It is operational relief. Start here: Model your infrastructure as types Let the compiler pre-validate before deployment If you're earlier in your career Start with type safety from day one. Build for reliability, not only speed. The shortest path: Types for config. Traits for providers. Determinism for operations.
Slide 34
STORY: Act 7 - Close & CTA TENSION: Medium -> Low EMPHASIS: Cierre emocional con accion DELIVERY: Lento y memorable
I have perspective from long production experience. I have seen technologies come and go. Rust is not hype. Rust is relief with evidence. It solves real operational problems I had for decades. More years is not a liability. It is an advantage.
Slide 35 (name: end)
STORY: Act 7 - Close & CTA TENSION: Medium -> Low EMPHASIS: Cierre emocional con accion DELIVERY: Lento y memorable
Why I Needed Rust 🛡 ●●●●● 😴 ●●●●● 🔥 ●○○○○ Three Closing Lines I have lived this problem for decades. Rust gave me deterministic systems and better sleep. Start small: model infrastructure as types. Thank you. Questions? More info: · jesusperez.pro · provisioning.systems · vapora.dev · rustelo.dev