DevConf.CZ 2026

login

Colin Walters
.ical

Colin is a software engineer at Red Hat, Inc. He works on various areas such as containers and bootc.

The speaker's profile picture
Company or affiliation:

Red Hat

Job title:

Engineer

Sessions

06-18
13:15
35min
Hardening Operating System Distribution: Verifiable and sealed OS with bootc and composefs
Colin Walters

How do we provide platform engineers and security architects with the same immutability and integrity for the operating system (OS) that they expect from containers? While OSTree pioneered transactional deployments, the ecosystem has shifted toward OCI images and sealed, hardware-rooted attestation, leaving a gap for a standardized, verifiable OS delivery path.

This talk introduces a shift in image-mode Linux, aligning the OS directly with the OCI model using bootc and composefs. By consuming OCI images and materializing them through composefs, we create a bootable, verifiable filesystem with strong lifecycle and update guarantees.

We compare this approach with traditional OSTree methods, examining layering, updates, and operational trade-offs. We will demonstrate deploying a sealed UKI composefs-backed system on RHEL 10.2!

After this talk, attendees will be ready to build, verify, and deploy OCI-native operating systems with production-grade integrity.

Linux Distributions, Operating Systems, and Edge
E112 (capacity 156)
06-19
12:30
80min
Generative AI and FOSS - Open discussion meetup!
Tomas Tomecek, Colin Walters

In this interactive meetup, we'll run an un-conference style discussion on the topic of LLMs/GenAI and FOSS. Bring your opinions and thoughts. If you're completely against LLMs, we want to hear from you! If you haven't written any code by hand for the last 6 months and want talk about your tools and techniques, we want to hear from you too!

The goal of this meetup is especially to focus in on those who need/want to LLMs safely and responsibly for "important" software. What are the shared best practices, tools and procedures? What can we do to use these tools to address prior problems around things like supply chain security?

The submitter of this workshop has a lot of of experience and opinions, but is looking to have a realistic in-person discussion where different tools and experiences are presented and attendees can learn from each other.

Proposed topics:

  • Scale of change
  • Contribution policies
  • Sandboxing & Security
  • Effectiveness (Ralph loops, Planning vs exec models, skills, ...)
  • Orchestrators and workflow (Gastown, Fullsend, Paperclip)
  • Discussion of the future
Artificial Intelligence and Data Science
A112 (capacity 64)