ULB (Université Libre de Bruxelles) Brussels 2017-02-04 2017-02-05 2 09:00:00 00:05:00 09:30 00:25 Janson keynotes_welcome Keynotes keynote <p>FOSDEM welcome and opening talk.</p> <p>Welcome to FOSDEM 2017!</p> FOSDEM Staff Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:50 Janson kubernetes Keynotes keynote <p>Kubernetes enables teams to focus on developing innovative applications by simplifying deployment, scaling, and configuration through a simple yet flexible API. The system can support all types of applications: web apps, databases, distributed systems, or even VMs; and can do it on any cloud or bare-metal platform. Our vision is that every organization has access to this infrastructure technology, a mission we call #GIFEE: Google Infrastructure For Everyone.</p> <p>But, as Kubernetes’s reach grows, what do real production applications look like? Where does Kubernetes need to go to continue supporting an ever-wider range?</p> <p>Join Brandon Philips for a look at the status of Kubernetes and at the roadmap for its future, including automated Kubernetes upgrades, management of complex applications, integration with cloud providers, and multi-cluster federation.</p> Brandon Philips Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:50 Janson software_heritage Preserving the Free Software Commons Keynotes keynote <p>Free and Open Source Software (FOSS) constitutes the bulk of the Software Commons, and is at the heart of our digital society. We discuss why and how the Software Heritage project is taking over the mission of ensuring that this precious body of knowledge will be preserved over time and made available to all.</p> <p>The Software Commons is the vast body of human knowledge embedded in software source code, that is publicly available and can be freely altered and reused. Free and Open Source Software (FOSS) constitutes the bulk of it. Sadly we seem to be at increasing risk of losing this precious heritage built by the FOSS community over the paste decades: code hosting sites shut down when their popularity decreases, tapes of ancient versions of our toolchain (bit-)rot in basements, etc.</p> <p>The ambitious goal of the <a href="https://www.softwareheritage.org">Software Heritage</a> project is to contribute to address this risk, by collecting, preserving, and sharing <em>all</em> publicly available software in source code form. Together with its complete VCS development history. Forever, of course.</p> <p>By doing so Software Heritage will serve the needs of: Society, by preserving our collective technological heritage; Industry, by building the largest software provenance open database; Science, by assembling the largest curated archive for software research; and Education, by creating the ultimate anthology for programming curricula.</p> <p>Although still in Beta, Software Heritage has already archived more than 3 billion unique source code files and 700 million unique commits, spanning more than 45 million FOSS projects from major software development hubs, GNU/Linux distributions, and upstream software collections.</p> <p>Software Heritage is developed transparently as a collaborative project and all its own source code is available as FOSS under copyleft licenses. Currently incubated by <a href="http://www.inria.fr/en">Inria</a>, the project will graduate soon to an independent charitable, nonprofit organization.</p> Stefano Zacchiroli Roberto Di Cosmo project homepage Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:50 Janson cloudabi Easily develop sandboxed apps for UNIX Cloud maintrack <p>One of the fundamental problems with UNIX-like operating systems is that they don't seem to make it easy and intuitive to develop applications that are strongly hardened against exploits through sandboxing. With CloudABI, we're trying to make this process a lot easier.</p> <p>CloudABI is a blend of POSIX and pure capability-based security, which allows you to create applications that are only capable of accessing those things that they are designed to use. As you'll see, software also becomes easier to test and deploy as a result of using this model.</p> <p>In this presentation I am going to discuss a project I've been working on over the last two years, called CloudABI. CloudABI is a simplified POSIX-like runtime environment that is inspired by FreeBSD's Capsicum. It allows you to create programs that can solely interact with the environment through file descriptors (capabilities). Compared to traditional UNIX-like systems, this approach has three advantages:</p> <ol> <li><p>It reduces the impact of exploits. If an attacker manages to take over control of a CloudABI application, it can only access those resources that the application was designed to use (for a networked service: typically an already bound TCP socket and some data directories). This is different from most traditional UNIX-like systems, where an attacker would gain access to all resources that the user running the application can access, which is very broad.</p></li> <li><p>It makes applications easier to test. By knowing that an application can only access those resources that are provided explicitly, the entire environment in which the application runs can be customized for testing.</p></li> <li><p>Similarly, it makes applications easier to deploy. This model tends to reduce the need for using containers and virtual machines. Applications can be started directly, while still providing the necessary isolation from the rest of the system.</p></li> </ol> <p>In this talk I'm going to explain how CloudABI works in detail, while also discussing some of its design decisions. I'll also show how you can design your own CloudABI programs.</p> <p>CloudABI is available for Linux, FreeBSD and Mac OS X. A NetBSD port also exists.</p> Ed Schouten CloudABI's website CloudABI's source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:50 Janson dinosaurs How Containerised Applications could eat our users. Cloud maintrack <p>Containerised Application technologies like AppImage, Snappy and Flatpak promise a brave new world for Linux applications, free from the worries of shared libraries and dependency issues. Just one problem, this is a road long travelled before, such as in the application dark ages of Win32 applications and DLLs. And it worked out so wonderfully there... Do we risk a future where, like the resurrected dinosaurs of Jurassic Park, this family of applications will break their containment and start eating our users? This session will try to present a balanced argument about the situation, frankly discussing the benefits promised by these technologies, but highlighting the very real issues and risks their widespread adoption could, and in some cases are, already bringing to the table.</p> <p>The talk with cover the promised benefits of application containers, such as AppImage, Snappy and Flatpak. It will detail the empowerment of developers who use the technologies, the ability for upstream projects to have a much closer role in delivering their software, and the benefits that brings to both the upstream projects and their users. But as a counter to those benefits, the session will detail some of the risks and responsibilities that come with that technology. The complexities of library integration, the risk of introducing new forms of dependency issues, and the transference of responsibility for those issues, plus security, away from the current Distributions delivering upstream projects towards those upstream projects directly. As a conclusion, the session will present some suggestions to upstream projects adopting these technologies to start them down the road of accepting those responsibilities directly, or working more closely with existing Distribution projects to share the burdens these technologies now provide.</p> Richard Brown Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:50 Janson curl curl from A to Z Miscellaneous maintrack <p>Thousands of contributors help building the curl software which runs on several billions of devices and are affecting every human in the connected world daily. How this came to happen, who contributes and how Daniel at the wheel keeps it all together.</p> <p>This is a description of a small project with a major reach. curl and libcurl can probably be considered corner stones in a world of client-side Internet transfers and in particular HTTP, running on every imaginable operating system and CPU architecture in use today. Started in the late 90s, the software now runs in billions of devices and is quite likely one of the most widely used software components - any category. Daniel takes us through how it started, how it works and why it never gets done.</p> Daniel Stenberg Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:50 Janson hello_world (*But Were Afraid To Ask) Miscellaneous maintrack <p>I've been working on a new system call ABI and the required runtime support for a C variant with spacial memory safety. Along the way I've encountered lots of interesting bits and pieces required to implement a simple C "Hello, World" program. I found the process fascinating so this talk brings all that knowledge together in one place.</p> <p>The first example in the classic "The C Programming Language" by Kernighan and Ritchie is in fact a remarkably complete test of the C programming language. This talk provides a guided tour a slightly more complex program where printf() is called with multiple arguments. Along the way from the initial processes' call to exec() to the final _exit(), we'll tour the program loading code in the kernel and the dynamic linker, the basics of system call implementation, the implementation of the memory allocator, and of course printf(). We'll also touch on localization and a little on threading support. Where appropriate, I'll discuss portions of the system that need changing to accommodate memory safe versions of C like the version we are developing for our CHERI CPU.</p> <p>This talk will assume some knowledge of a language with C-like syntax (C, C++, Java, and PHP should all be fine).</p> Brooks Davis Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:50 Janson network_measurement_ethics Moral obligations of engineers, scientists and hackers, based on example of RIPE Atlas Miscellaneous maintrack <p>When designing technologies, networked systems, and measurements on the Internet, we must be aware of their implications and consequences for the society and participants. As engineers, scientists, programmers and other experts, we have moral obligations towards our peers, users of technologies we create, and the wider communities.</p> <p>In this talk I want to talk both about general ethical considerations, and specific examples of moral dilemmas that come from building the RIPE Atlas system, and conducting measurements that reveal workings of Internet infrastructure and services.</p> <p>RIPE Atlas is an extensive measurement network, where the vantage points (sources of measurements) are hosted by volunteers: mostly individuals at home, but also some institutions (ISPs, IXPs, academia, various other businesses). RIPE Atlas users are using someone else's Internet connection to do measurements. In order to recognise ethical considerations surrounding use of RIPE Atlas, we looked both into the historical considerations of engineers and scientists, and into practical constraints users should keep in mind, and we published some findings in this article: https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements</p> Vesna Manojlovic https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements https://wiki.techinc.nl/index.php/Hackers_tribes#Hackers_Ethics Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:50 Janson all_ages Miscellaneous maintrack <p>We want the free software movement to keep growing and one facet of successful movement building is embracing a multi-generational community. The good news is that there is no age requirement for using, promoting and contributing to free software. The bad news is that we aren't always doing a great job of facilitating a diverse, inter-generational movement. We'll take a look at what we're currently doing to bring in young people, how we are treating older people in our communities and where there is room for improvement.</p> <p>Using examples from other movements and inter-generational communities, we'll identify tactics that aren't being used to build the free software community and see what we can collectively port over. We plan to inspire the audience to find ways to recruit and retain young people, inspire older people to participate and maintain an unbroken thread of free software conservatorship.</p> Deb Nicholson Molly de Blanc Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:05 00:50 Janson copyleft_defense After 25 Years of GPL Enforcement, Is Copyleft Succeeding? Keynotes keynote <p>After 25 years of copyleft enforcement and compliance work, is copyleft succeeding as a strategy to defend software freedom? This talk explores the history of enforcement of the GPL and other copyleft licenses, and considers this question carefully. Attendees who have hitherto not followed the current and past debates about copyleft licenses and their enforcement can attend this talk and learn the background, and can expect to learn enough to provide salient and informed feedback of their own opinions about the processes behind upholding copyleft.</p> <p>The <a href="https://www.gnu.org/philosophy/pragmatic.en.html">first GPL enforcement action was done by Richard Stallman against NeXT Computers in 1989</a>, regarding Objective C support in GCC. For 25 years, GPL enforcement has remained a regular but rarely mainstream activity in Open Source and Free Software projects. Very few projects enforce their <a href="https://copyleft.org/">copyleft</a> licenses; most live with regular violations and merely ignore them, or simply beg violators to comply.</p> <p>Even under the now-published and publicly discussed <a href="https://sfconservancy.org/copyleft-compliance/principles.html">Community Principles of GPL Enforcement</a>, co-drafted by Software Freedom Conservancy and the Free Software Foundation, GPL enforcement is regularly criticized and questioned. Those of us who enforce the GPL get wildly inconsistent feedback from the community: some copyright holders recruit organizations like Conservancy and FSF to enforce as much as possible, others often complaining that we simply don't enforce enough, and still others call for a complete moratorium on GPL enforcement.</p> <p>Meanwhile, not all enforcement abides by community principles. For-profit enforcers, who have existed for decades, use copyleft licenses in a manner not intended by the license drafters: to captiously convince "customers" that they must buy proprietary licenses, or otherwise pay, to incorporate Open Source and Free Software into their products.</p> <p>This complex landscape has become almost impenetrable for the average FLOSS developers who merely wish their code to remain forever free and libre. This talk will provide the basic history and background information about the state of copyleft in our community, and set the stage for all developers to give informed feedback to organizations that stand up for copyleft.</p> Bradley M. Kuhn The Copyleft Guide The Principles of Community-Oriented GPL Enforcement LWN Article on Patrick McHardy GPL Enforcement LWN Article on ksummit-discuss thread about GPL Enforcement Slides from this talk at FOSDEM 2017 Video recording (mp4) Video recording (WebM/VP8) FOSDEM Interview with Bradley M. Kuhn Submit feedback 11:00 00:50 K.1.105 (La Fontaine) veripeditus Enabling everyone to freely create Augmented Reality Games Miscellaneous maintrack <p>When the Ingress game started in 2013, quite a few people world-wide found out that augmented reality gaming in the real world was a great new invention, and the game grew to become a success for the then-project inside Google. With its Pokémon themed update in 2016, Niantic got the whole world playing - and sponsoring them with all their personal details. Veripeditus opens up the world of AR game creation to the public.</p> <p>The Pokémon Go hype is spreading and more and more people are playing - on a real map with real objects. With the ever growing possibilities of smart phones and apps, interest for Augmented Reality is getting bigger. But there are obvious problems: current developers don't care about privacy and data is collected, sold and freely provided to others at will.</p> <p>About time to make a change! Veripeditus is entirely free, open source software and easy to use. The server can be run entirely by yourself and everyone can develope games and custom clients if they wish. The frameworkd allows for the development of augmented reality games, so called "cartridges", that can be played in the real world in any scope, be it locally, like on the premises of a museum, or on global scope, like an augemented reality MMORPG.</p> <p>In the development of Veripeditus, we aim at making game development as easy as possible. The only thing needed is basic knowledge of Python and, of course, ideas for the game. Veripeditus itself also employs basic, well-known technologies like a relational database, the SQLAlchemy object-relational mapper and a (glorified) RESTful API.</p> <p>This talk will give an introduction to how Veripeditus was developed, how games can be created and what can be done with it - some ideas include using Veripeditus in education, local group activities, tourism amd, of course, plain fun gaming.</p> <p>We will also showcase a mini game that will be playable on the ULB campus!</p> Dominik George Eike Jesinghaus GitHub project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:50 K.1.105 (La Fontaine) lorawan Talk Hard: A technical, political, and cultural look at LoRaWAN for IoT Miscellaneous maintrack <p>Everyone is excited about the The Internet of Things (IoT) and the possibilities of really seeing the democratization of the internet, devices for everyone needs, not just a few! If we are to achieve, then these devices must be design and built by everyone, we must create a Zine like industry, beyond the current makers of today, to enable people of all ages, gender (including non-binary), and race, to build devices suited to their own needs. LoRaWAN is a Low Power Wide Area Network (LPWAN) specification intended for wireless battery operated Things in regional, national or global networks. LoRaWAN target key requirements of Internet of Things such as secure bi-directional communication, mobility and localization services.</p> <p>In this talk, I will introduce LoRaWAN as a key radio technology for IoT and walk through why it is a technologically important development as I show how to build LoRaWAN node applications to explore the possibility of IoT. There are a number of LoRaWAN networks emerging across Europe and I will highlight the political importance of why these networks should be open, supporting Open Data and Open Science and empowering the development of a new set application domains.</p> <p>The lecture will involve a demonstration of an LoRaWAN application that will showcase the both the node and Gateway aspects of a deployed network.</p> <p>Soon, everything on Earth will be connected via peer-to-peer networking and/or the public Internet, with a multitude of sensor-driven devices dramatically changing our lives and our environment. These devices will be based on a wide variety of devices, ranging from tiny (e.g., microcontrollers) to huge (e.g., cloud servers), with one thing in common: they will require a radio connection to a Gateway that is connected to the internet, in some form or another. While Bluetooth LE or even Wi-fi might be used around the "smart" house or within a limited range, the battery limitations of the later and the range limitations of the former mean it is unlikely that these standards will form the backbone of a IoT network.</p> <p>For IoT there are a number of competing radio standards, e.g. LoRa and SigFox, both are long range and provide the ability to build nodes that are very low-power, with a potential battery life of 2 or more years, while providing a long range, often in access of 10km. A key feature of these standards is they are low-bandwidth, often each message is limited to 100 or so bytes, for SigFox even less. Each standard has its drawbacks but SigFox requires more expensive chipsets for the Gateway side of things, which is not the case for LoRa, and as such this has seen the development of community, crowd sourced, LoRa networks, based on LoRaWAN. One example of this is The Things Network, who community has been developing Gateways, nodes, cloud backends, and software to run on these, all open source, supporting open data and open science. In Bristol we are deploying a LoRaWAN network built on existing wireless infrastructure locations, provided by Bristol Wireless.</p> <p>In this lecture I will introduce LoRaWAN from a technical perspective, providing examples, and also look at the IoT and LoRaWAN networks from a political perspective.</p> <p>I will bring a portable LoRaWAN network that we have developed at the University of West of England, mostly for testing radio capabilities but also allowing us to demo LoRaWAN and IoT on the move, and also some example nodes, some of which will be used by the audience. This will demonstrate the use of The Things Network backend infrastructure to provide an internet backend and bring the internet part of Internet of Things. We will provide demos that the audience will be able to interact with during the session and see the results live during the talk.</p> Benedict Gaster (cuberoo_) LoRaWAN Bristol The Things Network LoRa Alliance LoRaWAN Pages Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:50 K.1.105 (La Fontaine) datacubes Open Source, Open Standards, Open Terabytes Miscellaneous maintrack <p>Never before it was so easy and inexpensive to gather, as well as generate, massive amounts of data. Often, data get discretized in space and time, nat­ur­ally leading to multi-dimensional arrays. In fact, arrays play a core role in most domains of science, engineering, and bus­in­ess - generally speak­ing, spatio-temporal sensor, image, time­series, sim­­ul­ation, and statistics data­. This raises the need for flexible, scalable, and open services in replacement of the bespoke silo solutions that have prevailed in the past.</p> <p>Traditional databases have been successful due to their flexibility (through query languages) and scalability (through manifold optimizations and parallelization in the server) - however, they unfortunately do not support massive arrays. This is being remedied within ISO currently where SQL/MDA ("Multi-Dimensional Arrays") is in an advanced stage, likely becoming adopted in summer 2017. SQL/MDA adds declarative array definition and operations to SQL. Not only paves this the way for powerful services, maybe even more important it allows, for the first time, integrating data and metadata into the same archive, even in one and the same query. As such, SQL/MDA will be a game changer in data services not only for science and engineering at large.</p> <p>We present the concepts and rationales, as well as the open-source technology rasdaman ("raster data manager") which is serving as the blueprint for MDA.</p> <p>We have learnt to live with the pain of separating data and metadata into non-interoperable silos. For metadata, we enjoy the flexibility of databases, be they relational, graph, or some other NoSQL. Contrasting this, users still "drown in files" as an unstructured, low-level archiving paradigm. It is time to bridge this chasm which once was technologically induced, but today can be overcome.</p> <p>One building block towards a common re-integrated information space is to support massive multi-dimensional spatio-temporal arrays. These "datacubes" appear as sensor, image, simulation, and statistics data in all science and engineering domains, and beyond. For example, 2-D satellilte imagery, 2-D x/y/t image timeseries and x/y/z geophysical voxel data, and 4-D x/y/z/t climate data contribute to today's data deluge in the Earth sciences. Virtual observatories in the Space sciences routinely generate Petabytes of such data. Life sciences deal with microarray data, confocal microscopy, human brain data, which all fall into the same category.</p> <p>The ISO SQL/MDA (Multi-Dimensional Arrays) candidate standard is extending SQL with modelling and query support for n-D arrays ("datacubes") in a flexible, domain-neutral way. This heralds a new generation of services with new quality parameters, such as flexibility, ease of access, embedding into well-known user tools, and scalability mechanisms that remain completely transparent to users. Technology like the EU rasdaman ("raster data manager") Array Database system can support all of the above examples simultaneously, with one technology. This is practically proven: As of today, rasdaman is in operational use on hundreds of Terabytes of satellite image timeseries datacubes, with transparent query distribution across more than 1,000 nodes.</p> <p>Therefore, Array Databases offering SQL/MDA constitute a natural common building block for next-generation data infrastructures. Being initiator and editor of the standard we present principles, implementation facets, and application examples as a basis for further discussion. Time allowing we will present live demos from services exceeding 20 TB of "datacubes".</p> Peter Baumann rasdaman, open-source Array DBMS and ISO SQL/MDA blueprint Array DBMS demos on 1-D through 5-D Earth science data Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:50 K.1.105 (La Fontaine) bazel How to build at Google scale? Building maintrack <p>This talk will present the mechanisms of Bazel, Google's own build tool.</p> <p>Bazel is Google's own build tool, open-sourced in February 2015.</p> <p>Bazel has built-in support for building both client and server software, including client applications for both Android and iOS platforms. It also provides an extensible framework that you can use to develop your own build rules.</p> <p>This talk will present the mechanisms that enable Bazel to deal with the scale of software made at Google while guaranteeing reproducibility of builds. It will also cover the challenges the Bazel team faced to open-source such a large tool and the future of the Bazel project.</p> Klaus Aehlig Bazel website Bazel Github repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:50 K.1.105 (La Fontaine) distribution_ci Shepherding 30.000 packages to never break Building maintrack <p>Ubuntu's development and stable releases have been using Continuous Integration for about four years now, using thousands of tests for gating the landing of changes. This talk shows how this works on both a technical and organizational level: test cases and their maintenance, the infrastructure to run them, the benefits and problems with it, and how this helps other distributions and upstreams.</p> Martin Pitt Gating status for development series Documentation of the infrastructure Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:50 K.1.105 (La Fontaine) localisation Building a fast responsive localisation process using open source tools Building maintrack <p>Continuous integration brought us fast reliable and continuous testing. Continuous localisation brings the same speed and delivery to the translation of software. We'll look at how to build such a process using FOSS tools.</p> <p>Continuous localisation is becoming more critical to the software delivery process. And just like continuous inegration we rely on a number of tools and automation to ensure that we deliver good translations quickly to products.</p> <p>We'll be looking at continuous localisation processes using FOSS tools and mapping the parallels between modern software development and continuous localisation.</p> <p>We'll cover aspects such as:</p> <ul> <li>Testing/Checking and building automated linguistic and stylistic checks</li> <li>Automated and bidirectional synchronisation between the translation tools and software repos</li> <li>Building in processes for content review both in source and target text</li> <li>Encouraging translator participation</li> <li>Delivering translations quickly and continuously</li> </ul> <p>And for FOSS projects we'll show how to implement a process using FOSS tools.</p> Dwayne Bailey Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:50 K.1.105 (La Fontaine) libreboot Free your BIOS today! Miscellaneous maintrack <p>Libreboot is free/opensource boot firmware for laptops, desktops and servers, on multiple platforms and architectures. It replaces the proprietary BIOS/UEFI firmware commonly foundin computers.</p> <p>Libreboot is a free/opensource boot firmware implementation for laptops, desktops and servers, on ARM and x86 (POWER8 and POWER9 is planned). It replaces the proprietary BIOS/UEFI firmware found in most PCs. We believe that this is an important goal to aim for, for reasons of security, privacy and freedom in the user's computing, where, if we are successful and thrive, more people can use systems which do not have malicious anti-features, invasive backdoors and other nasty quirks introduced by most modern proprietary firmware.</p> <p>Libreboot started in December 2013, as a response to the lack of other similar projects. Its goal was (and is) to provide an easy way for the public to access free, libre computing. This includes the boot firmware, operating system, drivers, applications and everything else.</p> <p>It is based on coreboot, but we are also interested in using other projects as upstreams aswell, for other hardware. Libreboot is currently expanding, with an explosion of new hardware support on the horizon.</p> <p>Libreboot was also a GNU project, for a brief period, but it voluntarily left the GNU project over a fundamental disagreement with the FSF, regarding their employment practises. Libreboot is now its own independent project once more, with its own community and infrastructure.</p> <p>The libreboot project is always looking for more people to get involved, especially skilled hardware hackers (companies welcome) who have experience or knowledge in low-level firmware development.</p> <p>Libreboot is funded by Minifree, which sells systems with Libreboot and Debian preinstalled. https://minifree.org/</p> Leah Rowe Libreboot website Libreboot preinstalled systems Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:45 K.1.105 (La Fontaine) pieter_hintjens For ZeroMQ and all the rest Miscellaneous maintrack <p>Pieter Hintjens was a writer, programmer and thinker who has spent decades building large software systems and on-line communities, which he describes as "Living Systems". He was an expert in distributed computing, having written over 30 protocols and distributed software systems. He designed AMQP in 2004, and founded the ZeroMQ free software project in 2007. He was the author of the O'Reilly ZeroMQ book, "Culture and Empire", "The Psychopath Code", "Social Architecture", and "Confessions of a Necromancer". He was the president of the Foundation for a Free Information Infrastructure (FFII), and fought the software patent directive and the standardisation of the Microsoft OOXML Office format. He also organized the Internet of Things (IOT) Devroom here at FOSDEM for the last 3 years. In April 2016 he was diagnosed with terminal metastasis of a previous cancer.</p> <p>Pieter Hintjens's website: http://hintjens.com</p> <p>ZeroMQ: http://zeromq.org</p> <p>iMatix: http://imatix.com</p> Benjamin Henrion (zoobab) Pieter Hintjens Website ZeroMQ iMatix.com Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:50 H.2215 (Ferrer) open_power How Open POWER is changing the game and why the Free Software Community should care. Architectures maintrack <p>Clouds are spreading and software is eating the world. But software depends on hardware. If that hardware is not trustworthy, open and secure, the software's trustworthiness, openness and security is for naught. The Free Software community has been forced to live with this conundrum for lack of good alternatives. Too pervasive and omnipresent was the Intel defined x86 architecture, throttling innovation, while sequestering security and control from its users.</p> <p>Most of the discussion in our community centred around damage control and preventing being locked out from the platform for good. We focused our efforts on protecting our ability to use our own software. Positively shaping the future, driving the direction, and solving the problem of trustworthy hardware for good and at scale seemed impossible.</p> <p>But, the thing is, without (almost) anybody noticing, all of the above has changed.</p> <p>Georg Greve, CEO of <a href="https://kolabsystems.com" title="Kolab Systems Home Page">Kolab Systems</a>, will talk about the journey <a href="https://www.kolab.org" title="Kolab Home Page">Kolab</a> took to discover OpenPOWER, what we found in the <a href="https://openpowerfoundation.org" title="OpenPOWER Foundation">OpenPOWER Foundation</a>, and what it all means for Free Software.</p> <p>In this session you will learn how far we have come in our quest to run a data centre for High Performance Computing on a complete open hardware and software platform, a platform that, at the same time, far outperforms Intel. We will also cover the TALOS secure work station and what it brings to our community.</p> Georg Greve Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:15 H.2215 (Ferrer) virtuozzo_containers virtuozzo, most known as openvz containers techonlogy Lightning Talks lightningtalk <p>openvz containers, how it works and how it looks</p> <p>We'll talk about how Virtuozzo Linux create lightweight virtual environments - containers, preloaded with the Linux distribution and a given set of applications. In our approach we use a modified version of the package management tools, i.e yum, dpkg, zypper for creating caches and file system images, which need for the fast deployment and for package management in already deployed environments. In this presentation we will look at the advantages and disadvantages of our approach compared to other solutions - such as templates and Docker Lxc.</p> Alexander Stefanov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:20 00:15 H.2215 (Ferrer) lizardfs A fault tolerant, distributed, parallel and easy to use POSIX file system Lightning Talks lightningtalk <p>Short presentation of LizardFS with example Setup. Especially focused on how easy it is to setup, use, manage, extend and shrink.</p> Michal Bielicki LizardFS LizardFS Documentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:40 00:15 H.2215 (Ferrer) pep A rough overview Lightning Talks lightningtalk <p>A rough overview on the pretty Easy privacy (p≡p) project:</p> <p>p≡p stands for pretty Easy privacy. The idea is to ease the use of well-known and established end-to-end cryptographic tools for already existing and widely used written digital communication channels, starting with email and radically easing adoption of OpenPGP-compliant encryption for it. Later on, XMPP-based communication channels (using e.g. OTR) and others will be added, with the ultimate goal to route all messages through GNUnet, a secure peer-to-peer framework, which doest not just protect message contents, but also metadata.</p> <p>Basically, p≡p's proposed and (to some degree) already implemented protocols automate the steps taught to users at CryptoPartys, from which the project emerged.</p> <p>p≡p supports multiple platforms (e.g., Android, *BSDs, GNU/Linux distributions, iOS, MacOS X and Windows), multiple programming languages and environments (e.g., C#/COM, C++/Qt, Java, JavaScript, Objective-C/Swift and Python) and will provide easy access to multiple crypto technologies through an abstract API which doesn't require application developers to have in-depth cryptographic knowledge, i.e. the p≡p engine takes care of the details. The focus for now is to have OpenPGP-compatible communications for email widespread, using already existing crypto tools like GnuPG and a NetPGP fork (needed for iOS).</p> <p>p≡p's core parts (the p≡p engine and the adapters / bindings for different programming languages) are owned by the Swiss-based, tax-free p≡p foundation and held under the GNU GPL v3 license alongside with the p≡p trademarks. The foundation is run by privacy activists from Germany and Switzerland. Any project willing to implement p≡p will be supported, especially in the Free Software world. For trust and security reasons, the p≡p foundation requires projects to let their p≡p implementations code audited by a trustworthy independent firm upon every release, if they want to use the p≡p trademarks, so as to make sure there are no backdoors in officially endorsed p≡p end-user software. The p≡p foundation, for cases where the money for such undertakings is not available, is willing to either finance the code audits itself or to organize such funding at least.</p> <p>p≡p foundation has close cooperations with the Enigmail (Enigmail 2.0 will be Enigmail/p≡p), the GNUnet project and soon ISOC Switzerland (ISOC-CH).</p> <p>But there's also extensive exchange with other groups like the CCC (particularly in Switzerland), the FSFE, the Mozilla Foundation (Mozilla Thunderbird in particular), The Reva &amp; David Logan Foundation and the GnuPG project.</p> <p>The Lightning Talk will be quite short: 10mins. 5mins will be reserved for (hopefully) lots of questions. :) (For further and more detailled questions, just visit us at the GNU Taler / p≡p foundation stand in building K, level 1, group A.)</p> <p>The speaker, Hernâni Marques, is council member of the p≡p foundation.</p> <p>(Note that this talk was originally going to be presented by Volker Birk, p≡p foundation's council president, who now cannot be present.)</p> Hernâni Marques p≡p foundation site p≡p White Paper (PDF) First code audit of the p≡p engine (v0.8) Foundation's constituiting documents (foundation's deed) Overview of p≡p end-user software (being developped) p≡p's core code (source repositories) @pEpFoundation (Twitter) Longer p≡p talks (video podcasts @ YouTube) End-user documentation for p≡p implementations by p≡p security Work-in-Progress: Internet-Drafts for p≡p protocols (to become RFCs) p≡p for Android source code Enigmail/p≡p source code p≡p for Outlook source code p≡p for iOS source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:15 H.2215 (Ferrer) passbolt Open source password manager for teams Lightning Talks lightningtalk <p>Passbolt is a web based password manager designed for collaboration build on top of OpenPGP. In this presentation we will give a quick overview of the product functionalities, a high level introduction to the code architecture as well as our methodology and tooling for developing and testing the product.</p> <p>Passbolt is an open source password manager built for collaboration. It allows your team to securely share and store credentials. For instance, the wifi password of your office, or the administrator password of a router or your organisation social media account password.</p> <p>Passbolt is different from the other password managers because it is: - free &amp; open source - designed for teams and not individuals - based on OpenPGP - easy to use for both novice and IT professionals alike - extensible thanks to its restful API - respectful of privacy</p> <p>After a quick product demo, this talk will focus on the inner workings of passbolt, its high level architecture as well as our methodology and tooling used for the development and testing the product.</p> Remy Bertot (passbolt) Official site Demo site FAQ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:20 00:15 H.2215 (Ferrer) qtpass The road from a 2 day project till inclusion in all distro's Lightning Talks lightningtalk <p>This talk focusses on how QtPass went from a 2 evening necessity project to get management in on using a group password manager, to a full fledged project with over 40 contributors that is available on all linux distributions and OSs.</p> <p>Working at a full service internet bureau I was shocked to see their way of storing credentials. The most shocking thing was that this seemed to be defacto industry standard behaviour.</p> <p>A solution for the developers was soon found in pass, the standard UNIX password manager.</p> <p>Unfortunately management in unable (or rather unwilling) to use CLI tools. So in two evenings I wrote a quick graphical read-only password viewer that used pass to allow management to view passwords. As an added bonus, all internal mails between developers and management were now instantly encrypted aswel.</p> <p>I put it on github, under a group label, did a little hackathon to have people help me translate it to some languages and thought that was it.</p> <p>But this was only the start of my adventures into opensource project management.</p> Anne Jan Brouwer QtPass pass, the standard unix password manager Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:40 00:15 H.2215 (Ferrer) armadito modular, multi-platform & a management console Lightning Talks lightningtalk <h1>The Armadito antivirus project</h1> <p>We will present Armadito, an open source and multi-platform antivirus. Its original modular architecture allows third-party developers to add their own malware detection modules, written in C and in the future in Python or Go. Current modules are signature-based (ClamAV), rules-based (YARA) or heuristics. It provides also real-time detection on GNU/Linux and MS-Windows.</p> <p>Armadito provides graphical user interfaces to notify of malware detection, launch scan, view statistics and journal. A central administration console, integrated as a GLPi plug-in, allows a system administrator to manage all the installed antivirus, view alerts, launch remote scans, deploy configuration or bases.</p> <p>Project has several opened issues that are not addressed yet: high memory footprint, sandboxing for scan modules, automatic generation of signature bases from automatic malware collecting. Contributions from the free software community would be highly appreciated.</p> <p>Armadito project is on github: (https://github.com/armadito)</p> <h1>The Armadito antivirus project</h1> <h2>What is it?</h2> <p>Armadito is an open source antivirus, that runs on GNU/Linux and MS-Windows. Its modular architecture allows easy integration of new detection algorithms.</p> <p>Armadito provides standard antivirus features: on-demand scan, quarantine, alerts, journal and real-time (or "on-access") protection. This protection is implemented on GNU/Linux using fanotify and on MS-Windows with its own driver.</p> <h2>Modular architecture</h2> <p>Armadito scans files using scan <em>modules</em>, which are plugins written in C and using a common API (load, configure, scan, unload).</p> <p>Current modules are:</p> <ul> <li>ClamAV using libclamav</li> <li>YARA</li> <li>heuristic for PE and ELF binaries</li> <li>heuristic for PDF documents</li> </ul> <p>A future extension is to allow writing modules in Python and Go languages.</p> <h2>User interfaces</h2> <p>Armadito provides 2 user interfaces:</p> <ul> <li>a lightweight graphical user interface, showing only notifications plus "systray" icon, developed using native toolkits</li> <li>a full interface, developed using web technologies (AngularJS), that runs in a browser and uses the antivirus REST API</li> </ul> <h2>Antivirus administration</h2> <p>The installed antivirus can be managed from a central console, that allows through a web interface to view alerts, launch remote scans, deploy new bases or configuration. This console is integrated as a GLPi plugin.</p> <h2>Next steps</h2> <p>Future developments of the project are:</p> <ul> <li>update MS-Windows code and release a MS-Windows version with installers</li> <li>make extensive testing</li> <li>improve documentation</li> <li>re-implement the heuristic module for PE/ELF binaries analysis</li> <li>provide an API to allow scan modules to be implemented in Python and GO</li> <li>improve code quality using sonarqube</li> <li>contribute to IRMA with Armadito plugin</li> <li>make Armadito antivirus be available inside virustotal.com and AVCaesar</li> </ul> <h2>Issues</h2> <p>The project has several opened issues which are not obvious to address:</p> <ul> <li>memory footprint is too high, approximately 450M when using the ClamAV module, when compared to standard antivirus which have a momory footprint in the order of 100M</li> <li>scan modules should run inside a sandbox because they parse complex formats and unpackers, and a bug in the parser or a deliberately malformed file can crash the module and therefore compromise the entire antivirus</li> <li>providing up-to-date and good "signature" bases is yet to be done; it requires a strong architecture for malware collecting and automatic signature (likely YARA rules) generation</li> </ul> <p>The current team is small and contributions from the free software community would be highly appreciated.</p> <h2>Links</h2> <p>Code: <a href="https://github.com/armadito">github.com/armadito</a></p> <p>Documentation: <a href="http://armadito-av.readthedocs.io/en/latest/">armadito-av.readthedocs.io</a></p> <p>Talk: <a href="https://gitter.im/armadito/armadito-av">gitter.im/armadito/armadito-av</a></p> <p>Ubuntu PPA: <a href="https://launchpad.net/~armadito/+archive/ubuntu/armadito-av">launchpad.net/~armadito</a></p> François Déchelle Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:15 H.2215 (Ferrer) tpm2 Using a firmware TPM 2.0 on an embedded device Lightning Talks lightningtalk <p>Nowadays Trusted Platform Module is present in most computers, and it is making its way into embedded platforms as well. In this talk I will explain how to use the (firmware)TPM2.0 available on the Minnowboard MAX/Turbot (see also https://fb.me/MinnowBoardMax and https://fb.me/MinnowBoardTurbot) for everyday's encryption (https://fb.me/tpm2-openssl)</p> <p>Even though TPMs are cryptographic processors, it is surprisingly hard to use them for common cryptographic operations like signatures and decryption.</p> <p>Moreover, as opposed to its predecessor TPM1.2, TPM2.0 gets a very little support in Linux and the TGC Software Stack has no support for the most common encoding formats (e.g. PEM and DER).</p> Davide Guerri Minnowboard Max embedded platform RSA signatures with TPM2.0 and OpenSSL Minnowboard Turbot embedded platform Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:20 00:15 H.2215 (Ferrer) programming_reconfigurable_devs A User View Benchmark on a Declarative Reconfiguration Framework Lightning Talks lightningtalk <p>We share our experiences with a new framework in the Linux kernel for programming reconfigurable devices, namely MPSoC-FPGAs. Our example use case integrates reconfigurable hardware accelerators into the Crypto API. We apply a new, declarative and device-tree-driven reconfiguration framework within the Linux kernel as proposed and implemented by Alan Tull. The implemented concept maps reconfigurable regions within the FPGA to device tree nodes. The insertion of a device tree overlay triggers the reconfiguration of the corresponding reconfigurable region. The reconfiguration process consists of the scheduling, descheduling and execution phase. Based on our usecase, benchmark results for the scheduling phases are shared. We present the bottlenecks revealed by our benchmark and show currently missing components of this approach. We conclude that the current implementation is already in a usable state for developing and deploying MPSoC-FPGA based heterogeneous systems.</p> Ulrich Langenbach Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:40 00:15 H.2215 (Ferrer) programming_rpi3 Your first aarch64 bare metal program Lightning Talks lightningtalk <p>The Raspberry PI 3 board is very popular, but mainly known as a Linux platform. But it could also be used to do bare metal development: writing low-level code without any OS. There are almost no tutorials on the internet addressing the main new feature of the RPI-3 board: 4x 64 bit cores (previous generations were 32 bit). Let's fill the gap by this lightening talk: a very short presentation of the board, how to write and build a first example and a demo of a more advanced multi-core application.</p> Tristan Gingold Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:15 H.2215 (Ferrer) crazyflie News from the Crazyflie universe Lightning Talks lightningtalk <p>The Crazyflie 2.0 is a nano quadcopter, a flying open source development platform invented by <a href="http://www.bitcraze.io/">Bitcraze</a>. It features a modular design (similar to Arduino), powerful and robust hardware, polyglot and cross-platform software support and has been used in different private and academic science and research projects around the world.</p> <p>This talk will focus on news from the Crazyflie universe, like new expansion boards, software improvements, interesting research projects and most importantly the new indoor positioning system based on UWB radios. It promises to make indoor navigation two orders of magnitude cheaper than commercial systems.</p> Frederic Gurr Bitcraze website Crazyflie Github repository Crazyflie lightning talk - FOSDEM 2015 Crazyflie lightning talk - FOSDEM 2016 Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:20 00:15 H.2215 (Ferrer) openscore Open-sourcing music with open source software Lightning Talks lightningtalk <p>OpenScore is a new initiative to liberate public domain music using MuseScore, the leading open-source music notation program. The aim is to unite MuseScore’s millions of users in an effort to digitise and liberate the works of Mozart, Beethoven and other famous classical composers. OpenScore extends the principles of open source to apply not only to software, but also to the content produced by the software, thereby opening up a new avenue of funding for open source software development.</p> <p>The goal of OpenScore is to improve access to public domain music. The project is a collaboration between MuseScore, the leading open-source music notation program, and IMSLP, the largest online archive of public domain music.</p> <p>The IMSLP archive contains scanned copies of scores by Mozart, Beethoven and other classical composers in “binary” PDF format, which allows musicians to read them, but not edit or listen to them. OpenScore will unlock the true potential of the scores by making the actual “source code” to the music available in MuseScore’s text-based format, which allows listening, editing, and easy conversion to other formats like MusicXML, MIDI and PDF, as well as all audio, video and image formats. Text-based scores offer improved accessibility over PDFs, and are easily parseable by software tools to allow searching, indexing, data mining, and analysis for research purposes.</p> <p>To make this happen, OpenScore will adopt the open source model and draw upon the strength of MuseScore’s massive online community. The digital scores will be published under a Creative Commons license to allow anyone to adapt, share and improve upon the transcriptions.</p> <p>OpenScore partners: MuseScore, IMSLP, RNIB, St Andrews, music21, Nicholas Rougeux</p> Peter Jonas MuseScore IMSLP Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:40 00:15 H.2215 (Ferrer) s6_supervision A modern alternative to systemd Lightning Talks lightningtalk <p>s6 is the most modern of the "daemontools family" of process supervision suites. It is used to provide lightweight multi-service container images, or extremely fast init systems on real machines - smaller, simpler, faster, and more reliable than systemd. This presentation explains what process supervision is, why it is a good pattern to have, how s6 implements it and how you can use it to your advantage.</p> <p>What does sysvinit do? Why are gettys treated differently in /etc/inittab? What is process supervision? What is s6 and how does it work? What is a service manager? How can I use s6 today to run my services? How can we overthrow systemd and rule the world?</p> <p>All these questions find their answers in this lightning talk!</p> Laurent Bercot (skarnet) Slides for a full-scale, extended presentation about s6 (next year perhaps!) The s6 home page The s6-rc home page Using s6 in Docker containers Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:15 H.2215 (Ferrer) dgsh Escape the tyranny of the shell’s linear pipelines with dgsh Lightning Talks lightningtalk <p>The Unix <a href="http://www.spinellis.gr/sw/dgsh/">dgsh</a> shell provides an expressive way to construct sophisticated and efficient data processing pipelines using standard Unix tools, as well as third-party and custom-built components. Dgsh allows the specification of pipelines of non-uniform non-linear operations. For example <em>tee</em> can feed three processes whose output can then be collected by <em>paste</em>. The pipelines form a directed acyclic process graph, which is typically executed by multiple processor cores, thus increasing the task's processing throughput. We will see how to use <em>dgsh</em> in practice through a number of general data processing and domain-specific examples, and how to adapt tools for use with <em>dgsh</em>.</p> Diomidis Spinellis Project's web page Source code on GitHub Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:20 00:15 H.2215 (Ferrer) syslog_ng_scaling using syslog-ng Lightning Talks lightningtalk <p>Event logging is important not only for IT security and operations, but also for business decisions. The syslog-ng application is an enhanced logging daemon, with a focus on central log collection. It collects logs from many different sources, processes and filters them and finally it stores them or routes them for further analysis. From this session you will learn (using examples from syslog-ng) why and how to parse important information from incoming messages, and how to route logs, feeding downstream systems using arbitrary formats. We will also discuss how the client – relay – server architecture can solve scalability problems. Also, I will present some of the recently introduced “Big Data” destinations of syslog-ng, which can help to scale your infrastructure even further.</p> <h2>Outline:</h2> <ul> <li>what is syslog-ng</li> <li>log collection</li> <li>introduction to log processing</li> <li>filtering</li> <li>Big Data destinations</li> <li>log formats - the importance of name-value pairs</li> <li>message parsing (both unstructured and some structured message formats)</li> <li>formatting (templates, anonymization)</li> <li>log routing (optimizing analytics infrastructure)</li> <li>client (collection) - relay (processing) - server (storing, routing)</li> <li>summary</li> </ul> Peter Czanik Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:40 00:15 H.2215 (Ferrer) weave_net_npc Blocking unwanted network traffic in Kubernetes Lightning Talks lightningtalk <p>Describing the design and function of Weave Network Policy Controller, which uses iptables and ipsets to govern which Linux containers can talk to which other containers, under control of Kubernetes. The code is all written in Go, and available on GitHub under Apache Licence.</p> <p><a href="https://kubernetes.io/">Kubernetes</a> <a href="https://kubernetes.io/docs/user-guide/networkpolicies/">Network Policy</a> is an abstract specification to define which connections are to be allowed within a Kubernetes cluster. <a href="https://www.weave.works/securing-microservices-kubernetes/">Weave Network Policy Controller</a> (weave-npc) is an implementation of this specification in Go, under the Apache Licence. This talk will describe the design of weave-npc; how it was built from existing components in Linux, Kubernetes and the wider Go ecosystem, how it integrates with the Linux network stack, and how it can be used to tighten security on a typical Cloud application.</p> Bryan Boreham Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:15 H.2215 (Ferrer) open_source_market_readiness Lightning Talks lightningtalk <p>This talk presents OW2's efforts, experience, vision and methodology to assess the market readiness of open source softwa re. If ''open source software has won'' it remains that many conventional managers are not comfortable with it : rating open source market readiness can be a powerful tool to help decision makers. This presentation will cover: - the value chain of open source software : an analysis of what makes software valuable from the stand point of the end-user and what are the stakeholders in the value creation process; - the OW2 Open-source Sofware Capability Assessment Radar (OSCAR) platform, an open-source umbrella project implementing the OSCAR model by combining several open-source quality tools such as SonarQube, Fossology, ScanCode, Spago4Q, and outcomes from the RISCOSS European collaborative project; - the first version of OW2 OSS Market Readiness Level (MRL, derived from NASA's TRL or Technology Readiness Levels) scale derived from data ana analysis provided by OSCAR, a work in progress that we are happy to share with and submit to the audience.</p> <p>This talk presents OW2's efforts, experience, vision and methodology to assess the market readiness of open source softwa re. If ''open source software has won'' it remains that many conventional managers are not comfortable with it : rating open source market readiness can be a powerful tool to help decision makers.</p> <p>OSS is everywhere in our enterprise information systems and in nearly all the electronic systems we interact with daily, such as communication devices, cars, trains, healthcare systems, entertainment environments. With the increasing success of OSS software and in parallel the advent of OSS quality failures such as Heartbleed, the quality and sustainability of OSS components we use and produce is becoming progressively as important as the quality of the air we breathe.</p> <p>OSS come in many different flavors. At OW2 identify three broad categories of projects. Those that are developed by a grassroot community, those that are essentialy developed and commercially supported by private companies and those that result from the collaborative efforts of ecosystems of commercial companies and research organisations. Our efforts aim at applying a common value chain analysis across the different categories enable to be able to compare them along a unified scale scale of market readiness levels. The growing number of companies that specialize in assessing open source software reflect how crucial this topic is becoming for the whole economy.</p> <p>Initially derived from the seminal NASA's Technology Readiness Levels scale and inspired by, among others, the SEI Capability Maturity Model, several models and tools have been created in the last 20 years for describing and analyzing the quality and maturity of open-source software. These early models aim at capturing the projects' general software engineering quality drivers, their open-source related aspects such as their IP and community management. The most well-known initiatives include the Qualipso Open Maturity Model, the Qualification and Selection of Open Source software methodology, the Software Sustainability Maturity Model (OSS Watch), the NASA Reuse Readiness Levels and the PolarSys Maturity Assessment model. More recently, the Linux Foundation has launched the "Badge Program" project for drafting a new quality model for open-source software.</p> <p>The existing models raise several questions: - first of all, theses models do not always follow the same pace as the IT world: several models were drafted in a pre-cloud, pre-devops, pre-heartbleed area and do not cover important aspects of modern OSS such as the ability to deploy easily a project into one or several cloud environments. - second, the models generally do not provide a reference implementation for feeding the data with open-source software and for providing both high-level and detailed quality analysis. - third, while it's easy to get a general consensus on software quality, divergences can appear when going into the details and attributing weights to the criteria, hence a need for a flexible model, - fourth, these models concentrate on the technical assessment of software and projects and their interest from the perspective of the contributor</p> <p>This lightning talk will introduce: - our analysis the value chain of open source software: what makes software valuable from the stand point of the end-user and what are the stakeholders in the value chain; - the OW2 Open-source Sofware Capability Assessment Radar (OSCAR) platform, an open-source umbrella project implementing the OSCAR model by combining several open-source quality tools such as SonarQube, Fossology, ScanCode, Spago4Q, and outcomes from the RISCOSS European collaborative project. - the first version of OW2 OSS Market Readiness Level (MRL) scale derived from data ana analysis provided by OSCAR, a work in progress that we are happy to share with and submit to the audience. .</p> Cédric Thomas OSCAR OW2 Open Source Software Quality Program Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:20 00:15 H.2215 (Ferrer) goodbye_hello_world How to say goodbye to "Hello, world" Lightning Talks lightningtalk <p>With DOM, software-defined architecture, advanced build tools, StackOverflow and ultra-high-level languages, main languages are still taught (and learned) via I/O operations, simple data structures, loops and switches, and little space to development and deployment environment advances and even algorithmic changes, like asynchronous running, that completely upend the way programming language, and programming, concepts should be assimilated. In this presentation I'd like to advocate for a multi-lingual, multi-paradigm, multi-tool approach to learning programming languages and how this could eventually be carried out.</p> <p>The new century has seen an explosion of new ways of learning: through MOOCs, Webinars, bootcamps and incorporation of new technologies to learning. Still, syllabus of programming languages pretty much stays the same. There is enphasis in learning a single language (front end, back end, DSL) and a progress that goes from very simple input/output operations through some simple data structures to loops and other programming structures. This works usually well and the proof is all around us; besides, the ten first programming languages are the hardest, it is downhill from there. However, it could be much easier if we acknowledged the existence of this multi-environment (console, UI, web, embedded), multi-language (many languages in a single application, from data description to UI language), multi-tool (from simple compilation tools to deployment and monitoring tools) and organized our learning experience around it. And first we should use whatever we have on hand, like command-line interfaces (some of them with powerful languages) or even the browser itself, which always include a programmer mode. Also use visual languages like Scratch to teach more complicated concepts, as long as they are put into use with languages that can run the whole nine yards. In this lightning talk I will try to outline what would be the first basic steps in a course following these principles, and why I think this would lead to faster formation of programmers and the creation of a more adaptive mindset when tackling new careers or project in programming.</p> Juan Julián Merelo Learning to program good, a Medium post that outlines my thoughts on the subject. Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:40 00:15 H.2215 (Ferrer) bibisco Introduction to bibisco Lightning Talks lightningtalk <p>Introduction of bibisco, a novel-writing application created with love by book lovers to inspire writers to create “beautiful” work.</p> <p>bibisco is an open source application for writing novels hosted on github (https://github.com/andreafeccomandi/bibisco).</p> <p>bibisco is available for windows, linux and mac and you can download it at: http://www.bibisco.com.</p> <p>With bibisco you can organize chapters and scenes, manage revisions, export novel in pdf or rtf, and write with a fully featured text editor.</p> <p>You can create a novel structure, define premise, fabula, plots and settings: geographic, temporal and social context.</p> <p>bibisco provides you various statistics, such as who appears in which scenes, and where the scenes are located, which plots are used in which scenes, and how many words each chapter has.</p> <p>And, most of all, with bibisco you can know everything about your characters, interviewing them.</p> <p>Actually, bibisco has 40k downloads, is translated in 8 languages and is one of the 7 cool little open source projects that stood out in 2016 in the yearbook of opensource.com (https://opensource.com/16/12/yearbook-7-cool-little-projects).</p> Andrea Feccomandi bibisco web site bibisco github page bibisco review bibisco review bibisco review bibisco review bibisco review (italian) bibisco review (italian) bibisco review bibisco review (spanish) bibisco review (spanish) bibisco review (portuguese) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:05 H.1301 (Cornil) legal_and_policy Legal and Policy Issues devroom <p>This will constitute the traditional ceremonial introduction of the Legal and Policy Issues Devroom</p> Tom Marble Submit feedback 10:35 00:25 H.1301 (Cornil) foss_and_drones Safety, security and privacy issues Legal and Policy Issues devroom <p>Drones have become ubiquitous: from small toys to remote piloted aircrafts, they are not uncommon anymore. FOSS is fundamental for the drone (or UAV) environment: several drone platforms are based on it, like Dronecode and various autopilot systems. The talk will address the possible interactions with FOSS drone components, and the pressing issues of security and privacy.</p> <p>Drones were, not many years ago, an exotic item, straight from SF movies. In very few years, they have become ubiquitous, and FOSS has played a fundamental role in this very fast expansion. Several important drone platforms and software rely on FOSS components, and one of the most prominent projects, Dronecode, is governed by the Linux Foundation. The expansion of drones has triggered a regulatory frenzy, not only at the national level, but also at the European one: EASA (the European Aviation Safety Authority) has already released the second draft of the ‘Prototype’ Commission Regulation on Unmanned Aircraft Operations, which may be approved during 2017, while the EU General Data Protection Regulation 2016/679 has several articles which have a direct influence on the developing of drones. Principles like data protection by design and data protection by default cannot be ignored for developers involved in FOSS drone platforms. The talk will examine the current (and future) European Legal framework, in order to assess the interactions between EU safety security and privacy regulations, and the “FOSS powered” development of drones.</p> Giovanni Battista Gallus common, shared open source platform for Unmanned Aerial Vehicles (UAVs) ‘Prototype’ Commission Regulation on Unmanned Aircraft Operations Drones and security - presentation at Linuxday Cagliari (Italian) Professional Website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:05 00:25 H.1301 (Cornil) easy_corporate_cla Legal and Policy Issues devroom <p>If you run an open source project, and you'd like to get contributions from employees at medium-to-large companies, the simplest way to provide a smooth contribution process is to <em>not</em> use a Contributor License Agreement. If your project requires one, though, there are steps you can take to ease the burden this causes on contributions from company employees, and this talk will cover a number of issues encountered during 4+ years of managing contributions from a 20K+ employee global company.</p> <p>While there is a growing movement in the open source community away from Contributor License Agreements, many important projects still require them. Some of these projects are focused on 'enterprise' usage, so as a result employees of major companies want to contribute. However, the mechanisms used to execute these CLAs vary widely (it seems that every project builds its own CLA system), and none of them take into account the various legal and logistical requirements of a major corporation who wants to contribute. This talk will present a series of problems encountered as a contributing company, and propose ways that CLA-requiring projects can resolve them.</p> <p>These problems include (but are no means limited to): requiring the agreement to be executed on a social media platform; providing no ability for the authorized signer and the manager of the authorized employee list to be different people; requiring FAXed copies of agreements; failing to provide the ability to authorize employees to contribute to specific codebases within a large project; and more.</p> Kevin P. Fleming Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:35 00:45 H.1301 (Cornil) mixed_license Unintended Consequences, Worked Examples, Best Practices Legal and Policy Issues devroom <p>Many projects start out with the intention of staying single license FOSS projects. As your project grows, reality hits: some components or files may need to use different licenses than originally anticipated. There are many reasons why this can happen: you may need to interface with projects of another license, you may want to import code from other projects or your developers may not understand the subtleties of the licenses in use. Besides the obvious challenges of managing mixed license FOSS projects, such as license compatibility and tracking what licenses you use, you are running the risk of exposing your project to unintended consequences.</p> <p>This talk will explore unintended consequences, risks and best practices using some examples from the recent history of the Xen Project. In particular we will cover:</p> <ol> <li>Refactoring can lead to licensing changes: best practices and unintended consequences when importing code from elsewhere. Making code archeology easy from a licensing perspective and why it is important.</li> <li>A worked example of a license change of a key component: process, pain points, their causes and how they could have been avoided</li> <li>The perils of LGPL/GPL vX (or Later): the unintended consequences of not providing pre-defined copyright headers in your source base</li> </ol> <p>We will conclude with a summary of lessons and best practices.</p> Lars Kurth Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:25 00:25 H.1301 (Cornil) license_compliance_easy Legal and Policy Issues devroom <p>Open source license compliance has become more complex as time progresses. Using open source tools and open standards (SPDX), we should be able to make it easy to comply with the terms of the licenses specified in the code, and not require expensive proprietary technologies. This talk will outline some steps that will help to make license compliance more transparent, and with automation, make it easier to fulfill the obligations.</p> <p>Using an openly developed standard (SPDX), and open source tooling it is now possible to generate accurate summary information for a project with open source tools, that can be shared with those that use the project. Software development today builds thousand of open source components that developers have shared, tools permit composition of new interfaces from code from many sources, conveying the licensing information hasn't always been a priority for developers, and as a result there's a fair amount of ambiguity out there that needs sophisticated proprietary tooling to decipher the actual licenses in effect. By leveraging automation to generate this information when a project builds, it ensures that the intentions of the authors are accurate and can easily be respected.</p> <p>This talk will overview the problem scope and then propose some open source tools that can help start the automation part using open standards to improve the transparency of the information.</p> Kate Stewart Thomas Gleixner http://www.spdx.org https://github.com/spdx Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:55 00:45 H.1301 (Cornil) corporate_shenanigans Legal and Policy Issues devroom <p>It is generally assumed that free and open source communities are best served by governance rules that are open and transparent. I will argue that while openness and transparency are necessary, they are not sufficient. Particularly as the number of open source communities governed by trade associations grows, additional principles are necessary such as vendor neutrality, and ensuring a level playing field. This talk will provide an overview of the (often legal) control points that exist in open communities, and various strategies used by corporations to seize them. It will also provide some examples of existing community governance rules which openly and transparently ensure special rights to particular organizations. A few simple governance hacks to help make trade associations better stewards of open communities will also be discussed.</p> Mike Milinkovich Submit feedback 13:45 00:45 H.1301 (Cornil) foss_issues_research Legal and Policy Issues devroom <p>When Free and Open Source Software (FOSS) are becoming more broadly deployed (sometimes as part of proprietary systems) amongst organisations who have limited pre-understanding of the philosophy underlying FOSS there are a number of challenges which need to be successfully addressed. Such challenges include licensing obligations for FOSS and a number of associated legal issues, such as patents, trademarks, procurement law, and various conditions (e.g. FRAND-terms) for use of standards. Many companies and public sector organisations struggle with these challenges and there are sometimes tensions and legal disputes between different interests, which may involve organisations and individuals contributing to specific open source projects.</p> <p>This panel seeks to address the following overarching question: Which are the contemporary legal and policy challenges needed to be better understood through systematic research studies, and what relevant studies should be designed and conducted in order to produce relevant research results as well as practical outcomes in order to shed light on these challenges?</p> <p>The (45 minutes) panel will start with short position statements by the panellists and a dialogue between them. Significant time will be allocated to an open discussion on the issues with the audience, and those attending are invited to raise their own concerns and share their own experiences.</p> <p>When Free and Open Source Software (FOSS) are becoming more broadly deployed (sometimes as part of proprietary systems) amongst organisations who have limited pre-understanding of the philosophy underlying FOSS there are a number of challenges which need to be successfully addressed. Such challenges include licensing obligations for FOSS and a number of associated legal issues, such as patents, trademarks, procurement law, and various conditions (e.g. FRAND-terms) for use of standards. Many companies and public sector organisations struggle with these challenges and there are sometimes tensions and legal disputes between different interests, which may involve organisations and individuals contributing to specific open source projects.</p> <p>This panel seeks to address the following overarching question: Which are the contemporary legal and policy challenges needed to be better understood through systematic research studies, and what relevant studies should be designed and conducted in order to produce relevant research results as well as practical outcomes in order to shed light on these challenges?</p> <p>The (45 minutes) panel will start with short position statements by the panellists and a dialogue between them. Significant time will be allocated to an open discussion on the issues with the audience, and those attending are invited to raise their own concerns and share their own experiences.</p> <p>About the panellists:</p> <p>Björn Lundell (Ph.D.) is a senior researcher at the University of Skövde, Sweden.</p> <p>Associate Professor Björn Lundell (Ph.D.) is a senior researcher at the University of Skövde, Sweden. He leads the Software Systems Research Group, has conducted research related to free and open source software for a number of years and participated in a number of research projects in different leading roles. His research is reported in over 100 publications in a variety of international journals and conferences. He was the program co-chair for the 8th and 12th International Conference on Open Source Systems (OSS 2012 and OSS 2016) and is the project leader for the collaborative research project LIM-IT (www.his.se/lim-it), which address fundamental FOSS challenges in collaboration with several industrial partners.</p> <p>Dr. Matthias Stürmer is head of the Research Center for Digital Sustainability at the Institute of Information Systems at University of Bern since 2013. As a post-doc he is researching, teaching, and consulting on digital sustainability, open source software, open data, open government and ICT procurement. Previously he worked as IT advisory manager at EY (Ernst &amp; Young) and as project leader at Liip AG, a Swiss software company creating agile Internet solutions based on open source technologies. In 2009 Matthias finished his doctoral dissertation at the Chair of Strategic Management and Innovation at ETH Zürich focussing on open source communities and firm involvement. He studied business administration and computer science at University of Bern until 2005 (lic.rer.pol) and wrote his master thesis on Open Source Community Building. Currently Matthias Stürmer is president of tcbe.ch ICT Cluster Bern, member of the board of the open source association CH Open, co-founder and member of the board of Opendata.ch, and secretary of the Swiss Parliamentarian Group for Digital Sustainability. Since 2011 he is member of the city parliament of Bern having initiated the increased use of and contribution to open source software in public administration and schools.</p> <p>Andrew Katz is a UK-based lawyer specialising in FOSS and open content.</p> <p>Prior to becoming a lawyer, Andrew Katz was a developer and has released software under the GPL. He advises individuals, corporations, foundations and public sector organisations on FOSS law issues, and is a visiting researcher at the University of Skövde, Sweden, and visiting lecturer at Queen Mary, University of London. He is a founder editor of the Free and Open Source Software Law Review.</p> <p>Pamela Chestek is the principal of Chestek Legal, which counsels creative communities on branding, marketing, and protecting and sharing content.</p> Pamela Chestek Andrew Katz Björn Lundell Matthias Stürmer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:35 00:45 H.1301 (Cornil) principled_enforcement An open source company perspective Legal and Policy Issues devroom <p>During the last few years there has been significant debate over approaches to GPL enforcement in technical and legal communities. This talk presents a new and unique vendor perspective on free software license enforcement that emphasizes the goal of fostering greater collaboration and participation in community development and highlights the importance of transparency regarding funding relationships and conflicts of interest arising out of enforcement activities.</p> <p>During the last few years there has been significant debate over approaches to GPL enforcement in developer and legal communities. This talk presents a unique vendor perspective on free software license enforcement that has been shaped by deep organizational involvement in free software development, longstanding cultural ties to GPL-using communities, and a strong corporate emphasis on ethical conduct.</p> <p>Where compliance efforts adhere strictly to certain principles, they can provide a legitimate mechanism for ensuring that everyone plays by the rules established by the community through the license. But the ultimate objective of enforcement should be to foster greater collaboration and participation in community development.</p> <p>The Principles of Community-Oriented GPL Enforcement published in 2015 by the Software Freedom Conservancy and Free Software Foundation represent a good first step in articulating an appropriately principled basis for copyleft enforcement. However, there are some gaps in the Principles that should be addressed by communities supportive of license enforcement. In particular, for enforcement to have community legitimacy, there needs to be an expectation of disclosure of funding relationships and exposure and resolution of the potential conflicts of interest that may arise in enforcement activity.</p> Richard Fontana Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:25 00:45 H.1301 (Cornil) copyleft_in_commerce How GPLv3 keeps Samba relevant in the marketplace Legal and Policy Issues devroom <p>This talk will cover how Samba uses GPLv3 to work with both proprietary and Free Software companies to maintain software with a vibrant commercial and amateur user and developer community.</p> Jeremy Allison Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:15 00:45 H.1301 (Cornil) copyleft_in_open_hardware Copyleft and Licensing in Open Hardware Legal and Policy Issues devroom <p>What does it look like when we apply Open Source software licenses and practices to hardware? How do authors intend for Open Source licenses and copyleft principles to apply to hardware, across its many types of components and interconnects, and what legal frameworks can preserve that intent? Hardware raises new scenarios and questions; how might we extrapolate our principles to them? We'll propose some use cases to explore intent and ideal outcomes, and invite discussion on how to get there.</p> <p>The first hardware-focused Open Source activities started around 20 years ago. But even as open hardware itself matures, the legal aspects remain relatively unexplored, and many unanswered legal questions remain. We'll examine what "licensing" means in terms of hardware, and discuss the adequacy of currently available mechanisms to express the intent of the authors and creators of open hardware. From our experience in Open Source software, we naturally attempt to find parallels in software licenses that can be applied to hardware; however, hardware designs introduce new aspects that have no equivalent in the software world.</p> <p>In particular, we're especially interested in how the ideas and principles of copyleft translate. How do things like linking, derivative works, and compilation operate in terms of hardware? What "exclusive rights" belong to authors and makers in this domain, and can we offer a license to those rights the same way we can for software copyrights? What rights do builders/fabricators have? How does a license on a digital description affect the manufacture, distribution, and copying of the corresponding physical objects it describes? How do the various types of components within an open hardware design interact, and how do the licenses of those components interact over the many ways of connecting those components together? And can we apply or adapt existing Open Source software licenses for hardware, without fragmenting the ecosystem between software and hardware, especially as the lines between the two become increasingly fluid?</p> <p>We'll explore each of these areas, using as a case study the creation, licensing, and distribution of a product incorporating both open software and many types of open hardware. We'll offer our thoughts on some possible properties of an ideal open hardware licensing framework, seek consensus on how our principles apply in various concrete scenarios, and invite discussion on how our legal structures can adapt to serve the needs of the developing Open Source hardware world.</p> Jessica Marz Josh Triplett Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:05 00:25 H.1301 (Cornil) fedoras_legal_state This is why I drink. Legal and Policy Issues devroom <p>Tom Callaway, the Fedora Legal chair, will talk about the past, present, and future of licensing and legal issues in the Fedora community. Tom is not a lawyer, nor does he play one on TV, but he does consult with lawyers, and occasionally, go drinking with them. Bring your questions, and he'll do his best to answer them. I am not a lawyer, so nothing in my presentation should be (or could be) construed as legal advice.</p> <p>Fedora, as the evolution of Red Hat Linux, is one of the oldest and most well known Linux distributions in existence today. For more than 10 years, I have been the Fedora Legal representative who investigates licenses, negotiates with lawyers, advises our community, and does everything in my power to not have to tell people "no" without a very good reasoning.</p> <p>In my presentation, I'll discuss the past, present, and future of licensing and legal issues in the Fedora community (and beyond). I'm also happy to take questions from the FOSDEM audience as to why Fedora does what it does (or doesn't do what it doesn't do).</p> <p>I am not a lawyer, so nothing in my presentation should be (or could be) construed as legal advice. I am however, a well informed hacker, and the editor/maintainer of possibly the largest list of FOSS licenses in existence.</p> Tom Callaway Keynote for Southeast Linuxfest 2011 Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:35 00:25 H.1301 (Cornil) radio_lockdown_directive Major threat for Free Software on radio devices Legal and Policy Issues devroom <p>Since June 2014 we face an EU directive that threatens all wireless devices. The Radio Equipment Directive requires all devices that are able to send and receive radio signals to be locked down. This goes much further than the FCC lockdown in the US since it doesn't only affect routers but also mobile phones, GPS receivers, and amateur radio operators.</p> <p>From June 2017 hardware manufacturers will be forced to install technical measurements to protect the devices from being flashed with "non-compliant" software: firmware that hasn't been checked by the manufacturer to comply with applicable radio regulations (e.g. signal strenght, frequences). Many European states already have implemented the directive in national law without many ways how to circumvent the major lockdown.</p> <p>However, we have identified possible ways how to excluded certain classes of devices from this directive. The speaker will evaluate the current situation, present additional findings and opinions of political and economic actors, and exchange ideas and knowledge with the audience.</p> <p>More and more devices connect to the Internet and each other using wireless and mobile networks. These include countless devices such as routers, mobile phones, WiFi-cards and laptops. All of them, as well as all Internet-of-Things devices, today and in the future, fall under the regulation of the Radio Equipment Directive 2014/53/EU (hereinafter ‘the Directive’), adopted in May 2014 by the European Parliament and the European Council. The main purposes of the Directive are harmonisation of existing regulations, improving security of radio spectra, and protection of health and safety.</p> <p>Many people agree to general purpose of the Directive. However, we express our concerns over the far-reaching consequences of Article 3(3)(i) of the Directive, which require device manufacturers to check each device software's compliance in order to comply with the Directive.</p> <h2>Threats of Radio Lockdown</h2> <p>We believe such requirement has negative implications on users' rights and Free Software, fair competition, innovation, environment, and volunteering – mostly without comparable benefits for security.</p> <p>Article 3(3)(i) require device manufacturers to assess software for compliance with existing national radio regulations, a requirement which will keep users and companies from upgrading the software on devices they own, unless that software is assessed by the original manufacturer. This not only is a severe burden for device manufacturers themselves but also violating the customers' rights of free choice.</p> <p>The requirement enshrined in Article 3(3)(i) will impact the freedom to conduct business of many companies relying on the abillity to provide alternative and Free Software firmware on devices. Alternative software is the foundation of many companies' products, and we should prevent economic disadvantages for these businesses.</p> <p>Burdensome requirements to check every possible software's compliance will also have negative implications on innovation and charitable non-profit organisations who rely on software other than the manufacturers'. Efforts of volunteer associations helping people in need to connect to the internet, may be rendered void or severely handicapped.</p> <p>Furthermore, alternative software on radio devices also promotes a sustainable economy. There are many devices still in working order which do not receive updates from the original manufacturers anymore, hence alternative software developed and improved by community efforts (such as Free Software) has a much longer support period which prevent users and customers having to dispose of still working equipment. In return, this also improves the security of users since older hardware still receives security updates after a manufacturer stops supporting those.</p> <p>We are in favor of the Directive's aim to improve security of radio devices but not at the unbalanced expense of users' freedom and security in other areas. Firstly, upgrading the software of a device mostly helps increasing the devices' security. Secondly, we are convinced that such strict regulations are not necessary for typical consumer products with limited radio output power. And thirdly, we believe that such technical restrictions will not hinder people willingly violating applicable radio regulations.</p> <h2>Our Proposals</h2> <p>Therefore, we ask EU institutions and the Member States to take these concerns into consideration and ensure that the Directive does not place blanket, unnecessary and disproportionate restrictions on the rights of consumers and businesses when implementing the Directive into national legislations.</p> Max Mehl Information on Radio Lockdown Directive Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:55 00:05 H.1302 (Depage) weclome Free Java devroom <p>Welcome to the Free Java DevRoom!</p> Mario Torre Submit feedback 11:00 00:25 H.1302 (Depage) state_of_openjdk Free Java devroom <p>A review of the past year in the life of the OpenJDK Community, and a look at what's ahead.</p> Mark Reinhold Blog @mreinhold Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 H.1302 (Depage) jigsaw1 Free Java devroom <p>A whirlwind update on Project Jigsaw, a long-term effort to design and implement a standard module system for the Java SE Platform and apply that system to the Platform itself, and to the JDK.</p> Mark Reinhold Blog @mreinhold Submit feedback 12:00 00:25 H.1302 (Depage) openj9 Free Java devroom <p>For years IBM has developed an independent implementation of the Java Virtual Machine which helped foster rapid improvements in the Java ecosystem. Recently, IBM has open sourced language agnostic components such as IBM's JIT and GC technologies as part of the Eclipse OMR project. IBM is actively working to open source the rest of the J9 Java VM as the Open J9 project. I will discuss the different components of the Open J9 VM at a high level and our plans for creating the open source project.</p> Charlie Gracie Video recording (mp4) Video recording (WebM/VP8) Presentation Slides http:// Submit feedback 12:30 00:25 H.1302 (Depage) thermostat Free Java devroom <p>Thermostat is a monitoring and management tool for Java deployments, allowing users to measure and monitor a host of different performance aspects of their Java applications. Available metrics range from raw CPU and memory usage to operation of the Garbage Collector and JIT compiler through to thread activity and method call/heap profiles. Thermostat provides a GUI view of activity of local and distributed JVMs in a live-view or, alternatively, offline for after-the-fact analysis.</p> <p>What Thermostat cannot do on its own is track events and record statistics that are specific to a given Java application, at least not unless the application co-operates with it, for example by publishing JMX statistics that Thermostat can read, persist and display in its GUI. However, that's about to change thanks to work Thermostat developers have been doing to integrate Byteman into Thermostat.</p> <p>Byteman is a tool which can be used to modify the behaviour of Java programs by injecting extra Java code almost anywhere in the program. You don't need to recompile your program or even prepare it in advance in order for this to work. You can specify changes to the program on the command line but, what is more amazing, you can actually use Byteman to change the way a program runs after startup while it is still running.</p> <p>In this talk we will show how Thermostat can collect and visualize metrics with Byteman's help in order to better understand a specific performance issue in a Java application.</p> Severin Gehwolf Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 H.1302 (Depage) optimizing_error Free Java devroom <p>The HotSpot JIT compilers use a lot of sophisticated optimization techniques to speed up your Java code. Sometimes, these advanced optimizations are so aggressive that they may eliminate required checks by mistake and therefore suppress expected program errors.</p> <p>In this talk, I'll briefly introduce Escape Analysis and Intrinsics, two commonly used HotSpot optimization techniques. I'll show how a combination of these two features can optimize away IndexOutOfBoundsExceptions in some corner cases where they are required by the standard and how I fixed this error in recent versions of the OpenJDK.</p> Volker Simonis Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 H.1302 (Depage) shenandoah Why Do We Need Yet Another Garbage Collector Free Java devroom <p>Garbage Collection (GC) liberates the programmer from having to call malloc and free. More importantly GC saves the programmer from having to debug their mistakes when using malloc and free. Unfortunately the details of how GC works are often a black box. This talk will start with a tour of all of the GC algorithms currently available in OpenJDK. We'll discuss how they work, their strengths and weaknesses, and which class of applications they were developed for. We'll work our way through serial gc, parallel gc, concurrent mark and sweep, and g1. We'll make the case for why we need all of them and just one more GC algorithm, Shenandoah.</p> <p>Shenandoah is a parallel and concurrent GC algorithm designed for applications with 100gb+ heaps and tight pause time constraints. It's the first GC algorithm targeting OpenJDK which compacts the live objects while the Java threads are running. We'll describe the algorithm itself, the implementation details, and the optimizations needed to achieve good performance. We'll present performance numbers and give a demo that visualizes Shenandoah.</p> Christine H Flood Roman Kennke Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 H.1302 (Depage) g1gc Free Java devroom <p>The G1 garbage collector is currently proposed to become the default garbage collector in JDK 9. Recently three new ideas for G1 were described on the hotspot-gc-dev at openjdk.java.net mailing list: - parallel full GC - throughput write barriers - rebuilding remembered sets during concurrent mark</p> <p>This talk will present these three new ideas so that people who are interested in getting into G1 development know where to start, see what the existing code looks like today and highlight how one can contribute (it is not only about code!).</p> <p>The presentation can be made longer if people want to dive deeper into the details (but it can also fit in a 25 minute slot).</p> Erik Helin Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 H.1302 (Depage) eclipse Free Java devroom <p>This talk will cover the latest development and organizational news of the free and Open Source Eclipse IDE. You will learn for example what we are doing to improve Java tool performance by a factor by 1000 and why we think developing support for a new programming will be much easier with the new release.</p> <p>I also cover how people can contribute to the project.</p> Lars Vogel Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 H.1302 (Depage) jruby Free Java devroom <p>Ruby's Strings aggregate a collection of bytes and an encoding, allowing for IO to avoid transcoding, regular expressions to execute against raw bytes, and 7-bit strings to be compactly represented. Only the last item has been adopted by Java. To make matters worse, most Java APIs depend on Java's string representation, making them incompatible with alternative languages like Ruby. We'll explore the advantages of Ruby's string compared to Java's and discuss options for improving Java's string support in the future.</p> Charles Nutter Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 H.1302 (Depage) graal Free Java devroom <p>HotSpot's optimizing Just-In-Time compiler C2 is reaching its end-of-life and it's time to look for alternatives. One very promising replacement candidate is Graal. Graal is a Java JIT compiler written in Java. It is being developed by Oracle Labs for a couple years now and has reached a state where it's viable to be that replacement. Twitter's huge distributed system tickles every corner of the JVM and is the perfect testing ground for a new JIT compiler technology like Graal. This presentation will talk about Twitter's experiences with Graal, good and bad, the bugs we found and also the wins.</p> Christian Thalinger Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 H.1302 (Depage) jigsaw_challenges Free Java devroom <p>With the introduction of the Jigsaw module system many projects are confronted with issues running their code, now throwing new Exceptions like InaccessibleObjectException because they used to work around issues in the Java API. Although many features like the famous sun.misc.Unsafe are now provided by other public APIs, there is still the problem of making your code work with previous Java versions, but also dynamically using the new Java 9 replacements. Apache Lucene, the open source fulltext search library behind Apache Solr and Elasticsearch, is also using some of those "hacks" to work around issues in the Java API, but the developers also noticed that some code in the project hit some limits introduced by the module system. This talk will show on some examples how Apache Lucene managed to allow its code to run with different java versions (without using multi-release JAR files, as this brings additional burden with the build system) and still offer backwards compatibility to earlier versions. It will show also the common pitfalls that can be easily found with running your tests in a security manager to uncover bugs.</p> Uwe Schindler Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:25 H.1302 (Depage) java_linux Free Java devroom Christine H Flood Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:25 H.1302 (Depage) outreach Free Java devroom <p>Over the last couple of years, the OpenJDK Quality Outreach effort has become a good source of high quality feedback from many popular FOSS projects starting with JDK 7 Updates, JDK 8 and JDK 8 Updates. It now plays the same role for JDK 9.</p> <pre><code> With a number of large changes being planned for JDK 9 that are </code></pre> <p>being developed through the OpenJDK community, reaching out to popular FOSS projects well ahead of a release and keeping them informed of upcoming changes, collecting as well as acting on their feedback created a great feedback loop.</p> <pre><code> Today, around 80 open source projects and communities participate </code></pre> <p>in testing of early access builds of the JDK, reporting issues they find, and helping get them resolved in time. In this session, we'll look at some examples of how they have helped make JDK 9 better, and discuss how we can together improve the OpenJDK Quality Outreach effort for JDK 10.</p> Dalibor Topić Rory O’Donnell Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:30 H.1302 (Depage) gb Free Java devroom <p>An open Q&amp;A session with members of the OpenJDK Governing Board</p> Mark Reinhold Mario Torre Andrew Haley Georges Saab Doug Lea Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 H.1308 (Rolin) python_datacubes How to Access Massive Multi-Dimensional Arrays in a Pythonic Way Python devroom <p>While python has developed into the lingua franca in Data Science there is often a paradigm break when accessing specialized tools. In particular for one of the core data categories in science and engineering, massive multi-dimensional arrays, out-of-memory solutions typically employ their own, different models.</p> <p>We discuss this situation on the example of the scalable open-source array engine, rasdaman ("raster data manager") which offers access to and processing of Petascale multi-dimensional arrays through an SQL-style array query language, rasql. Such queries are executed in the server on a storage engine utilizing adaptive array partitioning and based on a processing engine implementing a "tile streaming" paradigm to allow processing of arrays massively larger than server RAM. The rasdaman QL has acted as blueprint for forthcoming ISO Array SQL and the Open Geospatial Consortium (OGC) geo analytics language, Web Coverage Processing Service, adopted in 2008. Not surprisingly, rasdaman is OGC and INSPIRE Reference Implementation for their "Big Earth Data" standards suite.</p> <p>Recently, rasdaman has been augmented with a python interface which allows to transparently interact with the database (credits go to Siddharth Shukla's Master Thesis at Jacobs University). Programmers do not need to know the rasdaman query language, as the operators are silently transformed, through lazy evaluation, into queries. Arrays delivered are likewise automatically transformed into their python representation.</p> <p>The presenter is Principal Architect of rasdaman, editor of several "Big Data" standards, and co-chair of "Big Data" relevant working groups in several high-impact bodies. In the talk, the rasdaman concept will be illustrated with the help of large-scale real-life examples of operational satellite image and weather data services, and sample python code will be demonstrated live.</p> Peter Baumann raster data manager EarthServer: Agile Datacube Analytics at Your Fingertips Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:30 H.1308 (Rolin) python_mss Python devroom <p>Scientific aircraft research flights have to be planned beforehand. For that it is necessary to have model forecasts of relevant quantities such as meteorological parameters, chemical composition or particle information to guide the aircraft to the location of interest. We develop the MSS Project to make decissions easier where to investigate.</p> <p>Scientific aircraft research flights have to be planned beforehand. For that it is necessary to have model forecasts of relevant quantities such as meteorological parameters, chemical composition or particle information to guide the aircraft to the location of interest. Typically, many scientific instruments on board those aircrafts used to investigate e.g. the chemical composition of the air in order to get new insights often with the involvement of different science groups.</p> <p>For discussion of the possibilites of the research flights, the Mission Support System (MSS) was developed. This software helps to review a big amount of metereological and model data by viewing the forecasted parameters of interest along possible regions of a proposed flight path. Data and possible flight paths can be displayed on a hoizontal view (map projection) or on a vertical view (along the proposed flight path). Flight paths can be constructed and modified on these views. Exchange through a waypoint table is also possible.</p> <p>The talk gives a brief insight into the MSS software development current state.</p> <p>We are using the OWS interface standard. https://geopython.github.io/OWSLib/ MSS is a client/server application. The QT client interacts with a paste wsgi server. The software is available for all platforms on conda-forge.</p> Reimar Bauer RTFD Manual GMT Publication by Marc Rautenhaus et all Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:30 H.1308 (Rolin) python_duck_typing How linear algebra and python make a good fit Python devroom <p>Algebraic operator are every where in python. + = * / Dict are every where in python.</p> <p>What can we achieve by combining both of them?</p> <p><a href="http://jul.github.io/cv/pres.html#/init">Slides</a> are here</p> <h2>Introduction</h2> <p>Algebra is a wonderful abstraction that make the infamous 2D point example of a class or nameddict useless when you have complex data type (that is HW accelerated on Intel CPU).</p> <h2>I Algebra 101 : it is all about consistency between symbol and behaviour</h2> <p>Simple: Is something consistent with linear algebra? it requires 17 simple unit tests suffice to say so</p> <p>So just let makes a test this rules are followed, and then a class that applies these behaviours and we have implemented it.</p> <h2>II I have linear algebra behaviour. How useful can it be? </h2> <p>Well, you have basic data type like { x: 1, y :2, z :3 } that is actually behaving like an euclidean vector.</p> <p>If an object is a MutableMapping thus we can create a universal operator for saying how much an object «looks like» another one. Practical use :</p> <ul> <li>finding doublons in database;</li> <li>text matching (after a pass of ntlk + word counters);</li> <li>pattern fitting;</li> </ul> <p>...</p> <p>That is the basis of Textual indexation and profiling (it is not only for evil purpose) https://github.com/jul/ADictAdd<em>iction/blob/master/example/cos</em>demo.py</p> <h2>III State of the art of 2 working POC how to use MutableMapping (dict) and super</h2> <p>Most of the operation tested here https://github.com/jul/ADictAdd_iction/</p> <p>Implementation as a trait here https://github.com/jul/archery</p> <p>Basically it works BUT :</p> <ol> <li>it is hard : with archery I stumbled on super</li> <li>with VectorDict (obsolete) it lacks of genericity and the code is clumsy</li> <li>python 2 div behaviour was screwing this (and since these library were relying on base operator, I got biten)</li> </ol> <p>Prepare to throw 2 away</p> <h2>IV the future</h2> <p>A chain is as strong as its weakest link : if a lib is based on composing the python based operator, the algebra will be as consistent as the CORE behaviour of the operator in the language.</p> <h2>Conclusion</h2> <p>Algebra is a powerful abstraction that is still underused.</p> <p>Possible development : - Rieman/Hermitian algebra: using the power of the math used in Quantum Mechanics/relativity and python in the same fashion - Using Quaternion to have quirkless rotation in euclidean 3D...</p> Julien Tayon Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:30 H.1308 (Rolin) python_datetime Painless working with time in python Python devroom <p>Working with time is not a trivial challenge. Python includes a native module in the standard library to work with it but datetime keeps being together with unicode a common source of errors. This often leads to the widespread of many other libraries in the attempt of easing the work of working with datetime. Datetime is one of those API that looks easy to use but given the many concepts around time, is it easy to get backfired if the developer has not solid knowledge about the them.</p> <p>In this talk we will overview the main concepts about timestamps represented through datetime objects, the limitations on the standard library and some simple steps to try to avoid the common mistakes that everyone can fall into.</p> <p>Naive datetimes (which the datetime API works by default with) are a great tool to represent calendar times, but when talking about timestamps (focus of this talk) timezones is n essential part of it and the datetime module can be tricky to use for that use cases.</p> <p>We will also speak about different standards of time, time zones, Daylight Saving Times, leap seconds, serialization and datetime arithmetics.</p> <p>The talk will be focused on giving the foundations that everyone knows to be able to understand and work efficiently and without making painful mistakes when dealing with time related algorithms.</p> <h1>Audience</h1> <p>All developers face a time when they have to work with datetime. This is clearly not a simple domain to just jump in to. The talk will help beginners and intermediate developers to understand and don’t subestimate the complexity of working with time. The most experiences developers will also have some take aways and pointers to further their grasp of this tricky field and gain confidence on their daily usage of time related libraries.</p> <p>The talk will include explanations of what “time” actually means and how can we represent it in python. You don't need to be an expert in datetime nor ISO standards, the attendees will leave understanding the complexity of time, the main concepts behind datetime and a list of tips to represent timestamps with datetime in a painless way. The talk will also include pointers to solutions for more complex problems like leap seconds, the <a href="https://www.python.org/dev/peps/pep-0495/">fold attribute</a>, etc.</p> <p>Key Takeaways: - Calendar time vs Timestamps - Representations of time - Core ideas and tips around using datetime - Pointers to advanced topics</p> Mario Corchero Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:30 H.1308 (Rolin) python_kinto Python devroom <p>After introducing the Kinto project I am working on, I will explain why push notifications can be useful in the web environment and how I integrated the web push API in Python in Kinto as well as on the client using service workers.</p> <p>What is Kinto? Kinto is a minimalist JSON storage service with synchronisation and sharing abilities. It is easy to use and to self-host. Kinto is used and developed at Mozilla and released under the Apache v2 licence.</p> <p>Why use Kinto? Kinto lets you focus on writing great user-facing interfaces and takes care of storing, sharing and synchronizing your application state with multiple devices or users. It is often a big deal for developers to develop web APIs that handle CORS, are secure, respect users privacy by supporting encryption when building applications that work offline, store data remotely, and synchronise across devices. Existing solutions either rely on big corporations that crave user data, or require a non-trivial amount of time and expertise to develop a new server for every new project. We want to help developers focus on their business logic and value proposition, and we don’t want the challenge of storing user data or developing backends to get in their way. The path between a new idea and deploying to production should be short! Also, we are firm believers of the fact that data belongs to users, and not necessarily to the application authors. Applications should be decoupled from the storage location, and users should be able to choose where their personal data is stored. The backend can often be universal, generic and reusable. We envision mutualisation of services and self-hosting: the backend is deployed, secured and scaled only once for several applications, which is amazing!</p> <p>Why Web Push? Push notifications allow users to opt-in to timely updates from the sites they love and allow you to effectively re-engage them with not only customized and engaging content but also enable real time interactions with other users of the application, realtime updates and real time data sharing through websockets With Web Push, the notification payload is encrypted by the server sending the notification which makes it really secure and privacy aware. Web push is a browser API feature so that you don't need to pay or to deploy anything on the server side to have it working out of the box.</p> <p>HOW TO PUSH:</p> <p>What is a service worker? A service worker is a worker working in the background of your browser that can handle events for a given origin and path. It takes the form of a JavaScript file that can control the web page/site it is associated with. They will also allow handling of push notification events and background sync APIs. Service workers keep working after the page or website is closed and between browser restarts.</p> <p>How to use push notifications? On the client side, it means to setup a service worker and to get a subscription for the user browser. The resulting PushSubscription includes all the information that the application needs to be able to send a push message: an endpoint and the encryption key needed for authenticating and encrypting the data.</p> <p>What is the Kinto Push Service? In the Kinto use case, all users of the same web application will probably want to receive notifications informing them about the creation, updation or deletion of a collection or a record from another device. Each device will have its own subscription endpoint and encryption key and the payload will need to be sent to each one of them. My project was about creating a service that can handle subscriptions management and notification broadcast for a given channel. When the web application starts, it will start a service worker that will be configured to receive push notification and sent them back to all the active browser pages of the web application. The application will call the push service to register the push subscription on some events. A Kinto plugin will be triggered each time the application collection changes and it will call the ‘send the notifications’ on the push service channel. The push service will get the notification, encrypt it and publish it to all the subscriptions for that user.</p> <p>Role of the PushAPI: - So, once you’ve got the permission for notifs, registered the service worker and suscribed to push notifs! Congratulations, major breakthrough has been achieved already. - Send the endpoint associated with the subscription and generate a client public key (PushSubscription.endpoint and PushSubscription.getKey()) to the server so it can send push message when required. - Using the Channel Messaging API set up a new message channel (MessageChannel.MessageChannel()) to communicate with the service worker and by calling Worker.postMessage() on the service worker, in order to open up the communication channel. - On the server side, store the endpoint and any other required details so they are available when a push message needs to be sent to a push subscriber. In a production app, it needs to be made sure that these details are kept hidden, so malicious parties can't steal endpoints and spam subscribers with push messages. - To send a push message, an HTTP POST is sent to the endpoint URL. The request must include a TTL header that limits how long the message should be queued if the user is not online. To include payload data in the request, it must be encrypted (which involves the client public key). Encryption is a complex process, so we can choose to use libraries which handles all the hard work.</p> Mansimar Kaur Kinto Kinto Documentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:30 H.1308 (Rolin) python_tanker Embrace the relational model Python devroom <p>Tanker goal is to allow easy batch operations without compromising database modeling. For pandas users, it's like DataFrame.to_sql on steroids.</p> <p>The Tanker inception is based on two strong observations (not particularly new):</p> <ul> <li><p>The object-relation mapping in so called libraries is sometimes source of performance and semantic difficulties, especially with queries involving multiple joins. On the other hand, the relational model is both powerful and simple, and there are no reason not to expose it to the Python world.</p></li> <li><p>When working with external data sources, we are often faced with the challenge of matching those records with the database content. We have to know which record is new, which has been updated, etc. We also often have to de-normalize content and map it with a (hopefully) well-designed and 3NF schema.</p></li> </ul> <p>This presentation will show how Tanker answers those two aspects, how it was inspired by existing libraries and how it is currently used in production applications.</p> Bertrand Chenal Tanker repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:30 H.1308 (Rolin) python_osint Open Source Intelligence with python tools Python devroom <p>The talk would aim about making an introduction to open source intelligence automation tools(OSINT) developed in Python, commenting the process we can follow to obtain, analyze and exploit public information in social networks and public servers.The final objective is obtain the maximum possible of knowledge in the context we are auditing.</p> <p>The talking points could be:</p> <p>-Introduction searching information from multiples sources with OSINT tools. -OSINT tools developed with python for extracting public information from servers and domains. -Advantages and limitations these tools from the user point of view. -Comment how these tools are developed and the main modules used in their development.</p> <p>Some of the tools to comment are:</p> <p>-Censys and Shodan Python API as search engine server information. -SpiderFoot and recon-ng as a tools for extracting information from multiple sources and automate the footprinting process. -the Harvester as Python script for extracting emails and hostnames in a particular domain. -Osrframework and Maltego OSINT visualisation tool -Libraries and modules for collecting information from Tor and ZeroNet networks -Tinfoleak and Tweepy as Python scripts for data extraction on twitter. -FullContact API for obtain social networks profiles associated with an email address.</p> José Manuel Ortega Github code repository Presentation for python conference SpiderFoot Automating OSINT Censys Shodan Shodan Developer API Recon-ng theHarvester OSR framework InstaRecon WebApp Information gatherer OSINT Framework Tinfoleak FullContact API OSINT guide Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 H.1308 (Rolin) python_rinohtype The Python document processor Python devroom <p>rinohtype is a batch document processor that renders structured documents to PDF based on a document template and style sheet. rinohtype is written in Python 3 and supports CommonMark (Markdown) and reStructuredText input. A Sphinx builder is also provided that can produce PDFs from Sphinx projects, obviating the need for LaTeX.</p> <p>The talk will present the design of rinohtype and illustrate how the style of documents can be easily customized using document templates and style sheets.</p> Brecht Machiels rinohtype documentation rinohtype GitHub page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:55 H.1308 (Rolin) boostcodespecifications PHP and Friends devroom <p>Big repositories, complex query builders, tight coupling to your ORM. Adding new behaviors and search methods can be a mess.</p> <p>Don't struggle anymore! This talk shows you how to decouple you from the ORM and writing general search behaviors for all your entities with the specification pattern. Your new specifications are not tied to any specific ORM and can be reused on different levels.</p> Patrik Karisch Slides RulerZ library RulerZBundle for Symfony wallabag: Uses RulerZ for tagging rules from the user Video (WebM) Video (MP4) Submit feedback 16:00 00:55 H.1308 (Rolin) unbreakableunittests PHP and Friends devroom <p>How often have you rewritten your unit tests from scratch just because the code it was testing evolved slightly? In this session we will explore some unit testing techniques from other languages to produce more robust tests in PHP. You’ll never have to send your unit test to the trashcan again.</p> Michael Simonson Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:55 H.1308 (Rolin) phpinthegraph PHP and Friends devroom <p>Graph databases come with enhanced connectivity of data and whiteboard friendly paradigm. It requires learning a new Graph Traversal Language, that crawls the network and brings informations. It's indeed a fresh new look at how we store web of data and search for it. We'll meet gremlin, from Apache TinkerPop, which provides an abstract layer that make it easy to express your business logic without fighting with the code, and several Open Source graph databases, available for testing and toying.</p> Damien Seguy Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:55 H.1308 (Rolin) metricsapplicationlog Your new best friends PHP and Friends devroom <p>Do you remember the time you spent an afternoon putting print statements in your app trying to debug an issue and removed them before shipping the fix, only to add them back in a day later to work on another issue? Wouldn't it be great if those debug statements could just stay in your code forever? Like a little gift that keeps on giving, not just for you, but for everyone else on your team too.</p> <p>That's what an application log is for! Logs aren't just for when things go wrong. They're for helping you to keep track of what's going on within your application.</p> <p>We take a look at how you can add helpful messages throughout your codebase and leave them there, even in production! We'll cover common logging strategies, log aggregation and how to efficiently work with your logs to get the data back out again.</p> <p>We'll also take a look at metrics solutions such as Graphite that can help augment your logs to help work out what was going on by correlating event logs with peaks/drops in other monitoring systems.</p> Michael Heap Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:10 H.1309 (Van Rijn) mysql_welcome Welcome MySQL and Friends devroom <p>Opening the devroom and welcoming all attendees</p> Frédéric Descamps Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:40 00:20 H.1309 (Van Rijn) opti_mysql MySQL and Friends devroom <p>At Dropbox, with 1000s of machines running MySQL, performance is important. Among other things, out team is responsible for our MySQL servers being tuned well. In this talk, we will talk about the performance impact of “environmental” MySQL tuning, where the tuning is neither at the SQL level (like creating indexes or using different table structures), nor with setting MySQL parameters (tuning parameters like innodb<em>buffer</em>pool<em>size or innodb</em>log<em>file</em>size even more obscure ones like innodb<em>lru</em>scan_depth). Instead, in the talk we will cover the following areas (we won’t limit the talk to these):</p> <ul> <li>Operating system level tuning opportunities</li> <li>Compiling MySQL: does it worth to build your own from the performance perspective?</li> <li>Building MySQL with different compilers</li> <li>Building MySQL with profile-guided optimization</li> <li>Impact of using different memory allocators</li> <li>CPU and memory affinity with running multiple instances</li> </ul> <p>The experiments we conducted here helped us to make more educated decisions about how to run MySQL at Dropbox.</p> Maxim Bublis Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:05 00:20 H.1309 (Van Rijn) profilemysql From PMP to perf, and why performance_schema is not a replacement in all cases MySQL and Friends devroom <p>While troubleshooting MySQL performance problems it is important to find out where CPU time is spent inside mysqld process. The process of investigation should have as small influence as possible on the server we try to troubleshoot. Ideally, the source code should be instrumented for that.</p> <p>Performance_schema introduced in MySQL 5.5 is supposed to provide detailed enough instrumentation. But it comes with a cost, require careful sizing of performance counters, and the process of instrumenting the code is not yet complete even for MySQL itself, to say nothing about 3rd party storage engines, plugins and libraries like Galera.</p> <p>This is when profilers come handy. Poor Man's Profiler (PMP, aka pt-pmp), perf and oprofile on Linux can be easily used while studying MySQL performance problems. Basic usage steps are presented and several typical use cases are discussed.</p> <p>In case of any performance problems with MySQL is important to find out where CPU time is spent inside mysqld process. Is it waiting on disk I/O, some lock or internal mutex, or maybe it performs complex computation that should be optimized? You can not figure out until you know how much time each important step takes, and how often it occurs. To investigate that, one may use different tools and approaches, from tracing the code to using simple OS level utilities that show disk and memory usage in total or per device, to more advanced programs that collect all kinds of information about specific program running (these are often called profilers). The process of investigation should have as small influence as possible on the server we try to troubleshoot.</p> <p>Ideally, the source code should be instrumented for that and provide a "domain-specific" performance metrics. It may be not enough to know how much time specific function runs if its code is huge and complex. Performance_schema introduced in MySQL 5.5 was supposed to provide detailed enough instrumentation. But it comes with a cost (performance penalty, that can be notable), require careful sizing of performance counters, force investigator to use advanced SQL to get the information needed. What's even worse, the process of instrumenting the code is not yet complete even for MySQL itself, to say nothing about 3rd party storage engines, plugins and libraries like Galera.</p> <p>This is when profilers come handy. During this talk we'll discuss the use of Poor Man's Profiler (PMP, aka pt-pmp), perf and oprofile on Linux to study MySQL performance problems. Basic usage steps are presented and several typical use cases are discussed. These including several famous bugs (like https://bugs.mysql.com/bug.php?id=68079), profiling for Galera, MyRocks storage engine etc. Quick review of the most interesting MySQL bug reports where profilers played a key role in the investigation is also presented.</p> Valerii Kravchuk My blog (on MySQL bugs mostly) My Facebook page (a lot about MySQL) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:20 H.1309 (Van Rijn) pfs_plugins MySQL and Friends devroom <p>The MySQL Performance Schema provides an interface to plugin developers that allows you to instrument your own plugins via the Performance Schema infrastructure, such as file IO latency and usage, memory usage, and mutex or other synchronization point wait times. Come to this session to understand the key points to that instrumentation interface, and how to start using it.</p> Mark Leith Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:05 00:20 H.1309 (Van Rijn) sysbench MySQL and Friends devroom <p>sysbench is a benchmark tool that is quite ubiquitous in the MySQL community. It is used by both beginners and huge corporations alike as a quick way to evaluate general system performance, a universal measuring tool to compare configuration or code changes, server releases or server flavors, or as a part of QA process. This session will present new features provided by version 1.0 and explain why they are significant enough to justify the 1.0 number.</p> Alexey Kopytov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:35 00:20 H.1309 (Van Rijn) ghost GitHub's triggerless, painless schema migrations for MySQL MySQL and Friends devroom <p>GitHub's <code>gh-ost</code> is a MySQL online schema migration tool changing the operational paradigm. It is triggerless, controllable, auditable, and generates a low writeload on the master.</p> <p>This session describes how <code>gh-ost</code> differs from existing online schema migration tools, and the many perks made available by its design.</p> <p><code>gh-ost</code> runs all of GitHub's migrations. It is released as open source and supported by GitHub at https://github.com/github/gh-ost</p> Daniël Van Eeden Shlomi Noach gh-ost repo Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:05 00:20 H.1309 (Van Rijn) autopsy_mysql MySQL and Friends devroom <p>You’ve deployed automation, enabled automatic master failover and tested it many times: great, you can now sleep at night without being paged by a failing server. However, when you wake up in the morning, things might not have gone the way you expect. This talk will be about such a surprise.</p> <p>Once upon a time, a failure brought down a master. Automation kicked in and fixed things. However, a fancy failure, combined with human errors, with an edge-case recovery, and a lack of oversight in automation, lead to a split-brain. This talk will go into details about the convoluted - but still real world - sequence of events that lead to this disaster. I will cover what could have avoided the split-brain and what could have make things easier to fix it.</p> Jean-François Gagné Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:35 00:20 H.1309 (Van Rijn) honeypotmysql And easy method to detect if you've been hacked MySQL and Friends devroom <p>Most database attackers are after your sensitive data. But there's no easy way to detect them accessing the data since your application will be accessing it too. This is where honey-potting can be really useful. This session will demonstrate a neat way to do honey-potting using nothing but existing MySQL tools.</p> <p>We will demonstrate how one can set up a "honey-pot table" and set alarms around it in such a way that, when the table is accessed the server will take decisive actions to limit the session's access and warn the DBA. We will do with nothing but stock tools available for the MySQL 5.7 server.</p> Georgi Kodinov (Joro) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:05 00:20 H.1309 (Van Rijn) mysql_proxy_war MySQL and Friends devroom <p>As proxies (and database routers) go, the first one I ever used was the now deprecated MySQL Proxy. Since then, I've managed to use MariaDB MaxScale quite a bit (including its fork AirBnB MaxScale), played around with ProxySQL in recent time, and also started taking a look at MySQL Router. In this quick 20-minute overview, we'll discuss why these three exist, a feature comparison, and reasons when to use the right tool for the job.</p> Colin Charles Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:35 00:20 H.1309 (Van Rijn) painless_mysql_ha With Ansible, MHA and ProxySQL MySQL and Friends devroom <p>DAMP: Docker is the component that makes the whole environment portable (only bash and Docker needed to set it up) Ansible is an agentless config management system that makes the whole setup automated and painless ProxySQL is a rising star on MySQL's horizon giving full control to DBAs over queries before they hit the DBs. MHA is an proven MySQL HA solution that's easily customizable</p> <p>My aim with this demo/repo is to show people how easy to set up a test environment with to test a really good MySQL HA/Proxy solution.</p> <p>Attendees will gain insight into how to leverage Ansible plays to automate many tasks for managing a highly available MySQL environment with the ability of read/write split, load balancing, on-the-fly query rewrite(ProxySQL). We're going to demonstrate scenarios like: - Building HA environment in 3 minutes - ProxySQL auto dynamic config generation with Ansible - failover without losing a single SELECT</p> <p>A fully working Ansible playbook will be available for the attendees running in Docker</p> Miklos Mukka Szel Git Repo Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:05 00:20 H.1309 (Van Rijn) proxysqldatamasking data anonymization for developers MySQL and Friends devroom <p>During this session we will cover the last development in ProxySQL to support regular expressions and how we can use this strong technique in correlation with the query rules to anonymize live data quickly and transparently.</p> <p>We will explain the mechanism and how to generate these rules quickly. We show live demo with all challenges we got from the Community and we finish the session by an interactive brainstorm testing queries from the audience.</p> Frédéric Descamps René Cannaò Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:35 00:20 H.1309 (Van Rijn) mariadb_cte CTE's and Window Functions Highlight MySQL and Friends devroom <p>Window functions are an important tool for analytical queries. Window functions act as regular functions but have access to more than one row during computation. This makes them highly useful for optimising queries involving self-joins, as well as queries that need to extract data from multiple related rows from the same table. The performance speedups obtained are sometimes 100 fold. This talk will explain how that is possible, as well as use cases for window functions.</p> <p>On top of that, window functions pair well with another feature that MariaDB 10.2 has introduced - Common Table Expressions. This feature was contributed by a community member and helps make queries more maintainable and sometimes faster. This feature will be covered, mostly through the use of window functions, but also introduce new use cases.</p> <p>The agenda for the talk is:</p> <ul> <li>What are CTEs</li> <li>What are window functions</li> <li>Solving problems with regular SQL and window functions</li> <li>Smoothing data</li> <li>Top-N Queries</li> <li>Difference between consecutive rows</li> </ul> Vicentiu Ciorbaru Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:05 00:20 H.1309 (Van Rijn) mysql_spark MySQL and Friends devroom <p>Apache Spark is a cluster computing framework, similar to Apache Hadoop. There are a number of tasks where MySQL does not show great performance: for example MySQL is not massively parallel system and a single query will only utilize 1 CPU core . Spark, on the the other hand is designed to be massively parallel; in addition Spark is a clustering framework, so you can easily add more compute nodes so that Spark can utilize more resources and scale.</p> <p>Apache Drill is similar project aimed to make data discovery easier. For example it allow you to join data sources in MySQL, MongoDB, flat files, other RDBMS, etc.</p> <p>In this talk I will demonstrate how to use Apache Spark together with MySQL for data analysis. I will sho how Apache Spark aggregates data (wikipedia pageview statistics) and stores the resultset in MySQL. I will also show how to use Apache Spark with multiple sources and join virtual tables from MySQL, flat files and even MongoDB.</p> Sveta Smirnova Alexander Rubin Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:35 00:20 H.1309 (Van Rijn) mysql_gr_journey A Journey to the Group Communication Core MySQL and Friends devroom <p>MySQL Group Replication implements a "synchronous" replication protocol built upon a Group Communication Framework which is responsible for disseminating transactions to a set of MySQL instances and for managing their membership.</p> <p>In this talk, we are going to present the framework's key properties and also detail the design decisions made to efficiently handle group replication demand for a high throughput and low latency communication infrastructure. Moreover, we are going to bring forth the main differences between our solution and mainstream algorithms such as classic multi-paxos and raft.</p> Alfranio Correia Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:05 00:20 H.1309 (Van Rijn) finetune_gr MySQL and Friends devroom <p>MySQL Group Replication brings together group communication techniques and database replication to build a resilient, highly available database service. Fault-tolerance comes, however, at the cost of complexity and extra work that the system itself has to do.</p> <p>In this session, we will look at how Group Replication performs and how it can meet the most demanding performance requirements. We will also bring forth a few tips and guidelines to configure and manage it in the most optimal way. These may help you to set it up efficiently and meet your infrastructure requirements. At the end of the session you will have learned how to make the most out of the Group Replication plug-in in terms of HA while achieving good performance overall.</p> Vitor Oliveira Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:35 00:20 H.1309 (Van Rijn) mix_async_gr MySQL and Friends devroom <p>Redundancy is the prominent technique for creating resilient, highly available services. MySQL has had a quite mature and feature rich replication solution for over a decade now. Moreover, there are interesting new features that allow users to create quite advanced setups. Nowadays, there is group replication, multi-source replication, and of course plain asynchronous replication that allow users to create interesting new setups.</p> <p>In this session we will present recommended ways to mix and match group replication with regular asynchronous replication. We will show how the user can combine both to create simple upgrade/migration paths to complex setups. We will also show specifically on group replication what is the recommended procedure to provision and deploy replicas and detail what happens behind the scenes when a replica joins the group.</p> Pedro Gomes Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:05 00:20 H.1309 (Van Rijn) myrocksdb The RocksDB storage engine for MySQL MySQL and Friends devroom <p>MyRocks is the RocksDB storage engine for MySQL. It will soon be available in proper distributions. I will explain when and why it can be useful. I will also cover the features it has, features we are working on and features it is missing. The short version of the story is that it provides the best space efficiency, better write efficiency and good read efficiency. But performance in practice has more nuance and I hope to help you to understand how to evaluate it.</p> Mark Callaghan Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:30 00:20 H.1309 (Van Rijn) myrocks_at_fb MySQL and Friends devroom <p>In this session, I'll talk about how we migrated from InnoDB to MyRocks in production at Facebook, for both slave and master instances, without stopping services, without losing data, and without returning wrong results. We created many features for easier migration, such as fast data loading, online data correctness check tool. I will share with you about lessons learned from our initial migrations and impacts what we have seen.</p> Yoshinori Matsunobu Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:05 H.2213 hpc_opening HPC, Big Data and Data Science devroom <p>Welcome and opening session</p> Vasia Kalavri Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:35 00:25 H.2213 singularity HPC, Big Data and Data Science devroom <p>Traditional container technology (i.e. Docker) was not meant for the deployment of HPC applications among large computing clusters. New container technology like Singularity focuses on the portability of compute, allowing us to ease deployment, reducing administrative overhead and user support. However, some issues still need special attention, for example how to handle different MPI configurations (e.g. over Infiniband), and how to handle special resources like GPUs.</p> <p>Today, there is no need to have applications installed on any cluster or HPC/scientific resource; we can use container technology to encapsulate all the software and libraries of any specific application, ensuring the operation thereof in any possible operating system, software, and hardware architecture, avoiding  incompatibilities and retaining native or near-native performance. Our design strategy makes the container agnostic to the queue system i.e. the container works with SLURM, TORQUE and stand alone.</p> <p>This talk will cover creating such portable containers using multiple resources, and showing how simple is to deploy a complex MPI dependant application across multiple TOP500 supercomputer with only a regular user account, including the ability to exploit existing resources like Infiniband and GPGPUs.</p> <p>Also we’ll show how to add open source profiling tools to the container. We are going to show execution profiling samples of critical HPC/ML applications like VASP, Amber, Seismic Imaging and Chainer running on portable containers across different HPC systems.</p> Michael Bauer César Gómez-Martín Singularity containers SLURM Workload Manager Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 H.2213 hpc_cuba How supercomputing is being made available to all Cuban researchers using FOSS HPC, Big Data and Data Science devroom <p>To offer supercomputing services to all Cuban institutes of higher education, research centers and industrial partners is the mission set forth by a group of ambitious young system administrators working at various universities of the lush Caribbean island of Cuba. With the assistance of the Flemish Inter-university Council (VLIR), lots of hard work and hardware donations by Ghent University they have succeeded in setting up a nation-spanning architecture comprised of three datacenters, in Havana (West), Santa Clara (central) and Santiago de Cuba (East). Their campuses are spread geographically across the 1000 km long island and are interconnected by a 20 Mbps network that covers up to the furthest regions of the island where remote rural universities are given the opportunity to take advantage of the magnificent capacities of massive parallel processing.</p> <p>Thus was born "HPC Cuba" the national center for academic supercomputing. While fully depending on Free Software for their operations, HPC Cuba has also joined the global Free Software community by producing installation packages for software not yet covered by EasyBuild.</p> <p>On a tropical island where access to resources is being limited by a US imposed trade embargo, setting up a datacenter capable of hosting a proper supercomputer "no es fácil" ("it is not easy", a Cuban saying). Come learn about the specific challenges poised in the Cuban context, calling for resourceful solutions and unique problem-solving capacities standing proof of the high standard of the universities of this so-called third world country and its relentless human resources.</p> <p>KEYWORDS: Cuba, University, Development Coooperation, VLIR-UOS, Free Software, National Center for Supercomputing, Distributed, HPC Cuba</p> Dieter Roefs Hector Cruz Enriquez Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 H.2213 hpc_deployment_guix with free software and GNU Guix HPC, Big Data and Data Science devroom <p>HPC computing environment and especially super computing has its bag of challenges when it comes to software deployment. As scientists we often do not get root access which means that we either depend on what software is available or we build software in a dedicated directory using tools such as Brew, Conda or even from source. Unfortunately these solutions depend on already installed tools from an underlying distribution, often proprietary or dated compilers, and, for example, modules. Any binary that gets produced, therefore, tends to be totally unique, both in the generated binary and its set of dependencies. This is bad, both for trouble shooting and for pursuing reproducible science. With GNU Guix we are developing a fully reproducible free software stack including all dependencies targeting cross-builds for heterogeneous computing environments, such as the Beacon Intel PHI-based supercomputer, without having a requirement for containers. In this talk I will describe the challenges we are overcoming and what it will mean for the HPC community to have architecture optimized and fully reproducible build targets that can be deployed in a non-root, non-container environment.</p> Ludovic Courtès Pjotr Prins Pjotr's part of the talk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 H.2213 cray_easybuild HPC, Big Data and Data Science devroom <p>EasyBuild is a framework for building and installing (scientific) software on HPC clusters, implemented in Python and available under the GPLv2 FOSS license. It has served HPC support teams well on standard Linux/x86 systems since 2012.</p> <p>More recently, interest has grown to also employ EasyBuild on Cray systems, where the Cray Programming Environment (PE) not only provides common tools (compilers, ...) and libraries (MPI, BLAS/LAPACK, FFTW, ...), but also tuned installations of 3rd party libraries like HDF5, netCDF and PETSc. The Cray PE consists of an extensive stack of environment modules, providing a familiar yet complex working environment of users.</p> <p>To leverage the Cray PE a couple of enhancements had to be made to EasyBuild, including support for using 'external' modules, and defining Cray-specific compiler toolchains. In addition, the way in which EasyBuild deals with environment modules had to be carefully revisited, since standard operations like 'module purge' are not supported by the Cray PE.</p> <p>This work has led to the use of EasyBuild in production on the largest Cray supercomputer in Europe, the Piz Daint system at the Swiss National Supercomputing Centre.</p> <p>In this talk, we will outline how Cray systems are different from standard HPC systems, motivate the need for a tool like EasyBuild despite the presence of Cray PE, and show how EasyBuild was tweaked to support reproducible software installations on Cray systems.</p> <p>We believe this is interesting success story of how FOSS has significantly enhanced the software environment on a multi-million dollar production system.</p> Guilherme Peretti-Pezzi EasyBuild Cray Documentation Making Scientific Software Installation Reproducible On Cray Systems Using EasyBuild CSCS Github repository with EasyBuild recipes Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:25 H.2213 ogrt HPC, Big Data and Data Science devroom <p>With the advent of modern package managers for scientific applications (EasyBuild, Spack, etc.) automated building of large amounts of software is becoming easier, quickly giving rise to issues related to life cycle management of applications. This makes tracking the applications and libraries that actually get used considerably more important. Existing solutions (module load hooks, launch wrappers) do not account for user-built software, are hard to deploy or produce inconclusive results.</p> <p>OGRT enables the tracking of jobs on a cluster with process-level granularity and without discernible performance penalty. It tracks used shared libraries, environment variables and loaded modules at the moment of process execution. It also supports watermarking executables and shared objects and reading those watermarks out of memory at runtime. Gathered information is collected and shipped to various backends.</p> <p>OGRT aims to be a versatile tool, which can be used to:</p> <ul> <li>provide a census of used software (including user-built)</li> <li>troubleshoot problems with programs picking up unexpected shared libraries</li> <li>retroactively inform users about buggy libraries</li> <li>overlay process-level data onto existing job monitoring tools</li> <li>contribute to reproducibility of application runs</li> </ul> <p>This presentation will give an overview of the design and implementation of OGRT, as well as demoing some of its capabilities when plugged into an Elasticsearch backend.</p> Georg Rath Source Code of OGRT Slides prior Talk at HPCKP16 Slides prior Talk 1st EB User Meeting Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 H.2213 dask HPC, Big Data and Data Science devroom <p>The growing Python data science ecosystem, including the foundational packages Numpy and Pandas, provides powerful tools for data analysis that are widely used in a variety of applications. Typically, these libraries were designed for data that fits in memory and for computations that run on a single core.</p> <p>Dask is a Python library for parallel and distributed computing, using blocked algorithms and task scheduling. By leveraging the existing Python data ecosystem, Dask enables to compute on arrays and dataframes that are larger than memory, while exploiting parallelism or distributed computing power, but in a familiar interface (mirroring Numpy arrays and Pandas dataframes).</p> <p>Slides: <a href="https://jorisvandenbossche.github.io/talks/2017_FOSDEM_dask/">https://jorisvandenbossche.github.io/talks/2017<em>FOSDEM</em>dask/</a></p> Joris Van den Bossche Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 H.2213 functional_gpu_futhark HPC, Big Data and Data Science devroom <p>We present the pure functional array language, Futhark, along with its optimising GPU-targeting compiler. Of particular focus are the language tradeoffs necessary to ensure the ability to efficiently generate high-performance GPU code from a high-level parallel language. We also demonstrate (nested) data-parallel array programming, a programming paradigm that enables concise programming of massively parallel systems. We show how Futhark code can be easily integrated with larger applications written in other language. Finally, we report benchmarks showing that Futhark is able to match the performance of hand-written code on various published benchmarks.</p> <p>GPUs and other massively parallel systems are now common, yet programming them is often a painful experience. Languages are often low-level and fragile, with careful hand-optimisation necessary to obtain good performance. The programmer is often forced to write highly coupled code with little modularity. The high-level languages that exist, often functional in nature, are often insufficiently flexible, or poor performes in practice. We present our work on a programming language that seeks a common ground between imperative and functional approaches.</p> <p>Futhark is a small programming language designed to be compiled to efficient GPU code. It is a statically typed, data-parallel, and purely functional array language, and comes with a heavily optimising ahead-of-time compiler that generates GPU code via OpenCL. Futhark is not designed for graphics programming, but instead uses the compute power of the GPU to accelerate data-parallel array computations. We support regular nested data-parallelism, as well as a form of imperative-style in-place modification of arrays, while still preserving the purity of the language via the use of a uniqueness type system.</p> <p>The Futhark language and compiler is an ongoing research project. It can compile nontrivial programs which then run on real GPUs at high speed. The Futhark compiler employs a set of optimisations (fusion, flattening, distribution, tiling, etc) to shield the programmer from having to know the details of the underlying hardware. The Futhark language itself is still very spartan - due to the basic design criteria requiring the ability to generate high-performance GPU code, it takes more effort to support language features that are common in languages with more forgiving compilation targets. Nevertheless, Futhark can already be used for nontrivial programs, and has been used to port several real-world benchmark applications, with performance comparable to original hand-written GPU (OpenCL or CUDA) code.</p> <p>Futhark is not intended to replace existing general-purpose languages. Our intended use case is that Futhark is only used for relatively small but compute-intensive parts of an application. The Futhark compiler generates code that can be easily integrated with non-Futhark code. For example, you can compile a Futhark program to a Python module that internally uses PyOpenCL to execute code on the GPU, yet looks like an ordinary Python module from the outside.</p> Troels Henriksen Futhark website Futhark Github page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:10 H.2213 cloud_hpc_containers HPC, Big Data and Data Science devroom <p>Experiences of supporting HPC/HTC workloads on private cloud resources, with ideas for how to do this better and description of trends for non-traditional HPC resource provision.</p> <p>I will discuss my work as part of the Operations Team for the eMedLab private cloud, https://www.emedlab.ac.uk, which is a large-scale (6000-core, 5PB) biomedical research cloud using HPC hardware, aiming to support HPC workloads. This includes an account of the technical challenges of marrying traditional HPC components such as parallel filesystems with the rather different expectations of the OpenStack cloud management framework. Other challenges faced include educating users about the basics of virtual environments, providing access to restricted-license large-scale (800TB) datasets in a multi-tenant environment, and achieving good performance inside virtual HPC clusters.</p> <p>Looking to the future, container orchestration engines such as Kubernetes provide a very promising approach, as the containerisation of scientific applications gains momentum, and I will describe existing and future work in this area.</p> Adam Huffman http://emedlab.ac.uk http://www.crick.ac.uk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:10 00:10 H.2213 quickstart_big_data HPC, Big Data and Data Science devroom <p>How to scale out an engineering workload in HPC with Apache Bigtop.</p> <p>The Speaker will present how to setup up Big Data scenarios using the tools contained within the Apache Bigtop project. Apache Bigtop is a framework to compile, package, test and deploy Big Data components supporting all major Linux distros. The speaker will demonstrate how to install and configure a single node or deploy to a cluster using the supplied package repositories and puppet manifests. As an example usecase he will demonstrate how to run Apache Spark to scale out a python engineering workload from single node to a HPC environment.</p> Olaf Flebbe Homepage of the Project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:25 00:10 H.2213 spark_ml Going beyond wordcount with Spark ML HPC, Big Data and Data Science devroom <p>Apache Spark is one of the most popular new "big data" technologies, and now has a sci-kit-learn inspired pipeline API. This talk looks at how the pipeline API works as well as how to add your own custom algorithms to Apache Spark.</p> <p>Apache Spark is one of the most popular new "big data" technologies, and now has a sci-kit-learn inspired pipeline API. This talk looks at how the pipeline API works as well as how to add your own custom algorithms to Apache Spark. The talk will be focused in Scala, but the same techniques can be used in Java or with other JVM languages. Sadly extending the pipeline API can not currently be done in non-JVM languages, but the information on how to use the pipeline API will be useful to Python and R users as well.</p> Holden Karau Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:35 00:10 H.2213 bigbench BigBench in Hive and Spark HPC, Big Data and Data Science devroom <p>BigBench is the brand new standard for benchmarking and testing Big Data systems. This talk first introduces BigBench and how problems can it solve. Then, presents both Hive and Spark benchmark results with with their respective 1 and 2 versions under different configurations. Results are further classified by use cases, showing where each platform shines (or doesn't), and why, based on performance metrics and log-file analysis.</p> <p>BigBench is the brand new standard (TPCx-BB) for benchmarking and testing Big Data systems. The BigBench specification describes several application use cases combining the need for SQL queries, Map/Reduce, user code (UDF), Machine Learning, and even streaming. From the available implementation, we can test the different framework combinations such as Hadoop+Hive+Tez (with Mahout) and Spark (SparkSQL+SparkML) in their different versions and configurations, helping us to spot problems and possible optimizations of our data stacks.</p> <p>This talk first introduces BigBench and how problems can it solve. Then, presents both Hive and Spark benchmark results with with their respective 1 and 2 versions under different configurations including: Tez, LLAP, and file formats. Experiments are run on Cloud and On-Prem clusters of different numbers of nodes and testing data scales, taking into account interactive and batch usage. Results are further classified by use cases, showing where each platform shines (or doesn't), and why, based on performance metrics and log-file analysis. The talk concludes with the main findings, the scalability and limits of each framework.</p> Nicolas Poggi Alejandro Montero Publication list ALOJA Big Data tools Github code repo Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:45 00:10 H.2213 wiki_gardening HPC, Big Data and Data Science devroom <p>I have been involved with Fedora Community Operations Team where I mostly contribute on community-metrics related tasks. This talk will be about a NLP-based tool I have built for Fedora wiki to make wiki-gardening tasks easier for contributors, the methods I used for building it and how it can be scaled to any other wiki.</p> <p>Fedora wiki is a community documentation space about different projects, initiatives, contributors in Fedora Project. However, due to large size of the project, the Fedora wiki has been growing in size and has become difficult to manage. As a result, wiki gardening tasks were born. These tasks generally involve not only updating current information on wiki pages but also identifying pages with redundant information to merge them, marking pages with old and outdated information accordingly etc.Most of these wiki gardening tasks are a part of one-day FADs, hackathons or sprints and suitable for new contributors looking to contribute to the project as they have a low entry-barrier. While there has been a category traditionally to mark wiki pages which need to be worked on, this task is mostly manual(needs to be done by some contributor prior to the hackathon or event) and also doesn't cover the whole wiki as it is manually difficult due to it's large size.</p> <p>My tool uses Natural Language Processing-based techniques to 1.Identify pages with redundant information so that contributors can merge/delete them 2.Identify pages in a specific category/topic which need to be worked on. 3.Identify old pages which might need to be updated or categorized as out-of-date</p> <p>To make the tool faster, I have used Parallel Processing techniques. In this talk, I would like to describe the tool and it's functionality, the methods I used for building it and how it can be scaled to any other wiki. I would also like to hear feedback on other wiki gardening tasks this tool could possibly be used for, and how to scale it to automatically merge pages with redundant information.</p> Bee Padalkar Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 H.2213 machine_learning_zoo HPC, Big Data and Data Science devroom <p>As machine learning (ML) finds its way into more and more areas in our life, software developers from all fields are asked to navigate an increasingly complex maze of tools and algorithms to extract value out of massive datasets. In this talk we'll try to help the aspiring ML developer by describing:</p> <ul> <li>a conceptual framework that most ML algorithms fall under</li> <li>considerations about data readiness, algorithms, and software tools from an open-source perspective</li> <li>some common mistakes and misconceptions in the development and deployment of ML systems</li> </ul> <p>The goal of the talk is to aid the audience to think about ML problems in an integrated manner; facilitating the process of going from problem to prototype, making an informed choice about the algorithms and software to use, and providing examples of issues that can, and do come up in production.</p> <p>The talk is designed to be informative and entertaining, with little previous knowledge required.</p> Theodore Vasiloudis Presentation at last year's devroom Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 H.2213 nifi_minifi Intro to Apache NiFi and MiNiFi HPC, Big Data and Data Science devroom <p>Apache NiFi provided a revolutionary data flow management system with a broad range of integrations with existing data production, consumption, and analysis ecosystems, all covered with robust data delivery and provenance infrastructure. Now learn about the follow-on project which expands the reach of NiFi to the edge, Apache MiNiFi. MiNiFi is a lightweight application which can be deployed on hardware orders of magnitude smaller and less powerful than the existing standard data collection platforms. With both a JVM compatible and native agent, MiNiFi allows data collection in brand new environments — sensors with tiny footprints, distributed systems with intermittent or restricted bandwidth, and even disposable or ephemeral hardware. Not only can this data be prioritized and have some initial analysis performed at the edge, it can be encrypted and secured immediately. Local governance and regulatory policies can be applied across geopolitical boundaries to conform with legal requirements. And all of this configuration can be done from central command &amp; control using an existing NiFi with the trusted and stable UI data flow managers already love.</p> Andy LoPresto Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 H.2213 postgres_mpp_hadoop Making two elephants dance HPC, Big Data and Data Science devroom <p>Hadoop has been touted as a replacement for data warehouses. In practice Hadoop has had success offloading ETL/ELT workloads, but still has gaps serving requirements for operational analytics.</p> <p>Apache Bigtop now includes Greenplum Database in deployment of big data solutions. Greenplum Database is, an open source massively parallel data warehouse based on PostgreSQL, and is an excellent addition to the Hadoop ecosystem.</p> <p>In this session we'll cover: * Introduction to Greenplum * Bigtop Support for Greenplum * External tables in Hadoop by Greenplum * Parallel reads and writes to Hadoop by Greenplum * Running advanced analytics on structured and unstructured data in both Hadoop and Greenplum via Apache MADlib (incubating) * Geospatial and Machine Learning in Greenplum based on HDFS data * Storing data from a data lake in Greenplum for high throughput analytical queries</p> Roman Shaposhnik Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 H.2213 bigpetstore_spark_flink Implementing use cases on unified Big Data engines HPC, Big Data and Data Science devroom <p>Implementing use cases on unified data platforms. Having a unified data processing engine empowers Big Data application developers as it makes connections between seemingly unrelated use cases natural. This talk discusses the implementation of the so-called BigPetStore project (which is a part of Apache Bigtop) in Apache Spark and Apache Flink. The aim BigPetStore is to provide a common suite to test and benchmark Big Data installations. The talk features best practices and implementation with the batch, streaming, SQL, DataFrames and machine learning APIs of Apache Spark and Apache Flink side by side. A range of use cases are outlined in both systems from data generation, through ETL, recommender systems to online prediction.</p> <p>Session type Lecture</p> <p>Session length 30 min + 5 min discussion</p> <p>Expected prior knowledge / intended audience Basic exposure to Big Data Systems</p> <p>Speaker bio Márton Balassi is a Solution Architect at Cloudera and a PMC member at Apache Flink. He focuses on Big Data application development, especially in the streaming space. Marton is a regular contributor to open source and has been a speaker of a number of open source Big Data related conferences including Hadoop Summit and Apache Big Data and meetups recently.</p> Marton Balassi Hadoop Summit, Dublin, 2016 Flink Meetup, Berlin, 2016 Flink Forward, Berlin, 2016 Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:25 H.2213 democratizing_deep_learning HPC, Big Data and Data Science devroom <p>According to Andrej Kaparthy, there are four main factors holding back AI: Compute, Data, Algorithms, and Infrastructure. In this talk, we will show how we attack the Data and Infrastructure challenges for Deep Learning. Specifically, we will show how we integrated Tensorflow with the world's most scalable and human-friendly distribution of Hadoop, Hops (www.hops.io). Hops is a new European distribution of Hadoop with a distributed metadata architecture and 16X the performance of HDFS. Hops also includes a human-friendly UI, called Hopsworks, with support for the Apache Zeppelin Notebook. We will show how users can run tensorflow programs in Apache Zeppelin on huge datasets in Hadoop. Moreover, we will show how Hopsworks makes discovering and downloading huge datasets a piece of cake with peer-to-peer sharing of datasets between Hopsworks clusters. Within minutes, you can install Hopsworks, discover curated important datasets and download them to train Deep Neural networks using Tensorflow. Hops is the first Hadoop distribution to support Tensorflow. Hops and Hopsworks are both Apache v2 licensed projects and have been developed primarily at KTH Royal Institute of Technology and SICS Swedish ICT in Stockholm.</p> <p>According to Andrej Kaparthy, there are four main factors holding back AI: Compute, Data, Algorithms, and Infrastructure. In this talk, we will show how we attack the Data and Infrastructure challenges for Deep Learning. Specifically, we will show how we integrated Tensorflow with the world's most scalable and human-friendly distribution of Hadoop, Hops (www.hops.io). Hops is a new European distribution of Hadoop with a distributed metadata architecture and 16X the performance of HDFS. Hops also includes a human-friendly UI, called Hopsworks, with support for the Apache Zeppelin Notebook. We will show how users can run tensorflow programs in Apache Zeppelin on huge datasets in Hops Hadoop. Moreover, we will show how Hopsworks makes discovering and downloading huge datasets a piece of cake with custom peer-to-peer sharing of datasets between Hopsworks clusters. A new user can, within minutes, install Hopsworks, discover curated important datasets and download them to train Deep Neural networks using Tensorflow. Hops is the first Hadoop distribution to support Tensorflow. Hopsworks itself is a self-service UI for Hops Hadoop, that is based around projects, users, and dataset concepts. Users collaborate in projects that contain datasets. Data owners can give users access to process data (but not download it, copy it outside of the project, or cross-link it with data outside the project). Hopsworks, thus, provides stronger access control guarantees than are available in Hadoop, enabling senstive data to securely reside on shared Hadoop clusters. Since April 2016, Hopsworks has provided Hadoop/Spark/Flink/Kafka-as-a-service to researchers in Sweden from the Swedish ICT SICS Data Center at www.hops.site.</p> <p>Hops and Hopsworks are both Apache v2 licensed projects and have been developed primarily at KTH Royal Institute of Technology and SICS Swedish ICT in Stockholm.</p> Jim Dowling Gautier Berthou Hops homepage Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:25 H.2213 kafka_streams_protobuf stream processing at trivago HPC, Big Data and Data Science devroom <p>A lot of components in the Kafka and hadoop ecosystem assume you are working with avro messages. In this talk I will highlight some of the advantages and challenges of stream processing with protobuf encoded messages, and why it might be worth using them.</p> <p>A powerful feature of protobuf messages is its handling of unknown fields, and the ability to partially parse messages with different schema versions or no schema at all. This helps in stream processing when you don't actually need to know all message fields in order to process and forward them.</p> Clemens Valiente previous talk by the presenter Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:25 H.2213 large_scale_stram_processing HPC, Big Data and Data Science devroom <p>Large-scale data stream processing has come a long way to where it is today. It combines all the essential requirements of modern data analytics: subsecond latency, high throughput and impressively, strong consistency. Apache Flink is a system that serves as a proof-of-concept of these characteristics and it is mainly well-known for its lightweight fault tolerance. Data engineers and analysts can now let the system handle Terabytes of computational state without worrying about failures that can potentially occur.</p> <p>In this talk, I am going to explain all the fundamental challenges behind exactly-once processing guarantees in large-scale streaming in a simple and intuitive way. I will further guide you through the tricks and pitfalls that we faced in our effort to make state management easy to use, transparent and yet extraordinarily powerful. Finally, I will demonstrate how you can declare state and the in-flight protocol that is running underneath your processing pipeline to guarantee that your computation will always run consistently and uninterrupted, until infinity.</p> <p>In more detail I am going to demonstrate the basic and extended versions of ABS (Asynchronous Barrier Snapshotting) , our state-of-the-art decentralized, in-flight snapshotting algorithm tailored to the needs of a dataflow graph. ABS needs no global synchronisation and works purely in a decentralised manner. It is considered today as one of the most lightweight mechanisms for checkpointing application state and has been developed even further together with the rest of the Flink community with additional optimisations. In fact, other open source systems such as Apache Storm have also recently incorporated the same mechanism due to its simplicity and effectiveness. One of such optimisations that is currently being merged in the system, is the adaptation of the algorithm in graphs that contain cycles which I am also going to cover in this talk in more detail. Furthermore, I will also briefly explain our current efforts to incrementalize state snapshots to further balance the load trade-off of state checkpointing and recovery time.</p> Paris Carbone Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:30 00:25 H.2213 hpc_bigdata_calcite #SQL4NoSQL HPC, Big Data and Data Science devroom <p>When working with BigData &amp; IoT systems we often feel the need for a Common Query Language. The platform specific languages are often harder to integrate with and require longer adoption time.</p> <p>To fill this gap many NoSql (Not-only-Sql) vendors are building SQL layers for their platforms. It is worth exploring the driving forces behind this trend, how it fits in your BigData stacks and how we can adopt it in our favorite tools. However building SQL engine from scratch is a daunting job and frameworks like Apache Calcite can help you with the heavy lifting. Calcite allow you to integrate SQL parser, cost-based optimizer, and JDBC with your big data system.</p> <p>Calcite has been used to empower many Big-Data platforms such as Hive, Spark, Drill Phoenix to name some.</p> <p>I will walk you through the process of building a SQL access layer for Apache Geode (In-Memory Data Grid). I will share my experience, pitfalls and technical consideration like balancing between the SQL/RDBMS semantics and the design choices and limitations of the data system.</p> <p>Hopefully this will enable you to add SQL capabilities to your prefered NoSQL data system.</p> <blockquote><p>It will be interesting to see what happens if an established NoSQL database decides to implement a reasonably standard SQL; the only predictable outcome for such an eventuality is plenty of argument. - NoSQL Distilled, Martin Fowler - 2012</p></blockquote> <p>The Relational Databases (RDBMS) are an essential component of the computing ecosystem. Yet in the past decade we have witnessed a wave of alternative data management technologies often branded as NoSQL and BigData - an ambiguous and lacking prescriptive definition names.</p> <p>To understand the NoSQL/BigData "movement" one need to understand the forces fueling it:</p> <ul> <li>The rise of Internet (Web, Mobile, IoT...) leading to Data {Volume, Velocity and Variety} challenges</li> <li>Object-relational impedance mismatch</li> <li>Cloud computing - Infrastructure Automation and Elasticity</li> <li>Shift from Integration to Application databases</li> <li>Data-Value vs. Storage-Cost Economics Shift</li> </ul> <p>The various approaches in addressing those challenges have led to a multitude of over 150 commercially supported NoSQL/BigData platforms.</p> <p>Such diversity means that an organization will adopt a mixture of data storage technologies for handling different circumstances (Polyglot Persistence).</p> <p>How does an organization integrate the mix of data technologies?</p> <p>To fill the gap many NoSql/BigData vendors are (or are considering) building SQL and SQL-based layers for their platforms.</p> <p>It is worth exploring the driving forces behind this trend ...</p> Christian Tzolov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:55 00:05 H.2213 hpc_closing HPC, Big Data and Data Science devroom <p>Closing session</p> Vasia Kalavri Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 H.2214 graph_intro_graph_databases Graph devroom <p>An introduction to graph databases. From graph theory, through the history of computing and how it affected database design, to why relational databases aren't about relations. Next, a look how diverse is the current graph database market and what obvious and not so obvious problems are solved by graphs. A short introduction to Neo4j's query language, Cypher, will show the main concepts of querying graph data. Then, by use of the same datasets in both relational and graph databases will compare syntax clarity and database performance.</p> Szymon Warda Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:10 00:30 H.2214 graph_drupal_cms_neo4j Neo4J and Drupal, potential application areas and module introduction Graph devroom <p>Traditionally CMSs use SQL databases that are really fast when you need all the information stored together in a record row, but are a bad fit when you need to search for relationship patterns that are not already stored together in your database. A significant performance penalty is incurred for every additional table that needs to be joined for a query. That is why SQL databases are notoriously bad at deducting relationships from datasets. Graph databases however are really good at this task. In this talk we discuss potential application areas of graph databases in existing open source CMSs like Drupal.</p> <p>We believe graph databases could make a big difference when used in key areas where traditionally CMSs would fail: Explore large non-uniform datasets: Neo4j got a lot of attention after it was used by investigative journalists to <a href="https://neo4j.com/blog/analyzing-panama-papers-neo4j/">identify the organisations and individuals involved in offshore tax evasion in the Panama papers leak</a>. Recommend content: Media companies like <a href="https://www.youtube.com/watch?v=k47aC01Uy64&amp;ab_channel=Neo4j-theWorld%27sLeadingGraphDatabase">the Financial Times are using Neo4j to display related content</a> on their website, this helps them to increase engagement with higher clickthrough rates. Personalisation: <a href="https://neo4j.com/news/adidas-neo4j-customer-experience/">Addidas uses the Neo4j graph database to create it’s internal metadata service</a>, offering access and searchability to their data and making sense of complex interdependencies and relationships.</p> <p>We've created a basic integration that makes it possible for non-developers to work with Neo4j. Combined with Drupal’s content modelling capabilities we believe it could be a powerful tool for people to explore graph databases using a GUI. There is also a case to be made for the use of graph databases in the Drupal ecosystem: sites that already use Drupal could benefit from its capabilities.</p> Kristof Van Tomme Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:50 00:30 H.2214 graph_incremental_queries_open_cypher Graph devroom <p>How can we evaluate a global query on huge graphs in 0.1 seconds? Given our current technology, that would be magic. The lack of wizarding skills did not stop us, however, from tackling the problem by using smart caching structures, which are witchcrafts on their own.</p> <p>Why is this challenge important? Several applications evaluate global queries on continuously changing graphs: <a href="https://neo4j.com/resources/recommendations-business-white-paper/">fraud detection in financial transactions</a>, <a href="http://docs.inf.mit.bme.hu/ingraph/pub/stein-daniel-static-analysis.pdf">analysis of source code repositories</a> and <a href="http://link.springer.com/chapter/10.1007/978-3-319-11653-2_40">validating engineering models</a>. Current approaches employ domain-specific optimizations, which are difficult and error-prone to implement. Meanwhile, the requirements of these (and similar) use cases could be uniformly addressed by incremental graph query evaluation. With this technique, the first execution of the queries takes some time, but once the result are calculated, they can be efficiently maintained for each change in the graph.</p> <p>To allow incremental queries on property graphs, we implemented the <a href="https://github.com/FTSRG/ingraph">ingraph</a> engine, based on the <a href="http://www.opencypher.org/">openCypher</a> language specification. We aim to support the <a href="https://github.com/opencypher/openCypher/blob/master/docs/standardisation-scope.adoc">standard subset</a> of openCypher, as most standard constructs can be calculated incrementally. We already mapped some of the standard constructs to <a href="http://docs.inf.mit.bme.hu/ingraph/pub/opencypher-report.pdf">relational algebra</a>, defined <a href="http://docs.inf.mit.bme.hu/preprints/perpol2016-gqo.pdf">incremental relational algebraic operators</a> and implemented them in an <a href="https://github.com/FTSRG/ire">incremental relational engine</a> using <a href="http://akka.io/">Akka</a> actors.</p> <p>We start the talk by presenting use cases that evaluate complex global queries on continuously changing graphs and discuss the idea of incremental graph queries. We show the mapping of basic openCypher constructs (e.g. <code>MATCH</code>, <code>WHERE</code>, <code>WITH</code>, <code>RETURN</code>) to relational operators, such as joins, selections and projections. Finally, we show our approach for optimizing incremental graph queries and outline related challenges.</p> <p>Target audience: Developers, looking for a deeper understanding of openCypher and/or facing complex queries on continuously changing graphs</p> Gabor Szarnyas Technical report on formalizing OpenCypher Using sharding techniques for scalable incremental graph queries IncQuery-D, a prototypical distributed incremental graph query engine Query optimization for incremental graph queries Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:30 H.2214 graph_streaming_twitter_gephi Visualising stream of Data Graph devroom <p>Presentation of the original vision of the Twitter Stream Importer, from start to current situation with "experience feedback". If possible showing a demo real-time and "open discussion" about improvement on going, visualisation usage etc...</p> <p>Since some years now, the particularity of Twitter is to be "reactive" or real time compare to other Social Network.</p> <p>The massive stream of data generated by some events (going from Tv shows to more serious event) can't be digested with traditional tools (Twittdeck etc...). The visual representation of a twitter activity could help to reveal insights on a running topic. Graph allows to contextualize and visualise the interaction between users and thematic within this topic.</p> <p>To do that, the Twitter Stream Importer brings tools to start tracking a topic and visualise data with different "Network logic" that act like a particular projection of the data. The integration within Gephi then, makes easy to use the integrated tools (statistics, filter, exports) to works easily on you subject.</p> <p>We will see what are the main concept, what are the pro and cons and the following evolution of the plugin.</p> Matthieu Totet Source Code Plugin Page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:10 00:30 H.2214 graph_postgres_graphdb PostgreSQL as RDF Graph Database Graph devroom <p>Presentation of an investigation into how Python's RDFLib and SQLAlchemy can be used to leverage PostgreSQL's capabilities to provide a persistent storage back-end for Graphs, and become the elusive practical RDF triple store for the Semantic Web (or simply help you export your data to someone who's expecting RDF)!</p> Jimmy Angelakos EDINA Labs Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:50 00:30 H.2214 graph_cypher_on_flink Graph devroom <h3>Abstract</h3> <p>Graph pattern matching is one of the most interesting and challenging operations in graph analytics. However, it is primarily supported by graph database systems such as Neo4j but, besides research prototypes, not generally available for distributed (not-only graph) processing frameworks like Apache Flink or Apache Spark.</p> <p>In our talk, we want to give an overview of our current implementation of Cypher on Apache Flink. Cypher is the Neo4j graph query language and enables the intuitive definition of graph patterns including structural and semantic predicates. As the Neo4j graph data model is not supported out-of-the box by Apache Flink, we leverage Gradoop, a Flink-based graph analytics framework based on Apache Flink that already provides an abstraction of schema-free property graphs.</p> <p>We will give a brief overview about the technologies used to implement Cypher, explain our query engine and give a demonstration of the available language features. Finally, we will discuss open challenges and missing features hopefully motivating people to contribute.</p> <p>The project is a cooperation between the University of Leipzig and Neo Technology.</p> <h3>Intended audience and goal of the talk</h3> <p>Developers and analysts, trying to express graph queries on distributed graphs</p> <h3>Links to background information on the given talk for the hungry and impatient</h3> <ul> <li><a href="http://www.opencypher.org/">OpenCypher</a></li> <li><a href="https://neo4j.com/">Neo4j</a></li> <li><a href="http://flink.apache.org/">Apache Flink</a></li> <li><a href="http://www.gradoop.com/">Gradoop</a></li> </ul> <h3>Links to previous talks, code snippets or repositories</h3> <ul> <li><a href="http://www.gradoop.com/">GitHub</a></li> <li><a href="http://dbs.uni-leipzig.de/file/EPGM.pdf">Extended Property Graph Model</a></li> <li><a href="https://www.youtube.com/watch?v=WmP9xB_sG2o">FlinkForward 2015</a></li> <li><a href="https://fosdem.org/2016/schedule/event/graph_processing_gradoop_flink_analytics">FOSDEM 2016</a></li> </ul> Martin Junghanns Max Kießling Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:30 H.2214 graph_structural_patterns Graph devroom <p>Mining frequent itemsets is an established approach to data mining and supported by productive data mining solutions. For example, one can get insights about buyers’ behavior by analyzing frequent co-occurrences of products in shopping baskets. In contrast, frequent subgraph mining (FSM), the graphy variant of frequent itemset mining, not only evaluates entity co-occurrence but also relationships among entities, i.e., structural patterns. However, existing implementations are all research prototypes which are tailored to textbook problems.</p> <p>In our talk, we want to give an introduction to the FSM problem on distributed collections of graphs and our implementation in Gradoop, an open source system for scalable graph analytics based on Apache Flink. In contrast to other iterative graph algorithms like page rank, in FSM the search space is dropped but intermediate results of iterations are the desired result. Here, the major technical challenge is the respective usage of Flinks’ distributed iterations.</p> <p>We will explain different implementation approaches, discuss implementation details which influence scalability and show benchmark results.</p> <p>Intended audience and goal of the talk: Developers and analysts, interested in relationship-centric data mining techniques</p> <p>Desired length of your time slot: 30min</p> <p>Links to background information on the given talk for the hungry and impatient: http://www.gradoop.com http://flink.apache.org/</p> <p>Links to your previous talks, code snippets or repositories: http://dbs.uni-leipzig.de/file/Graph<em>Mining</em>for<em>Complex</em>Data<em>Analytics.pdf GitHub: http://www.gradoop.com/ Graph Data Model: http://dbs.uni-leipzig.de/file/EPGM.pdf Fosdem 2016: https://fosdem.org/2016/schedule/event/graph</em>processing<em>gradoop</em>flink_analytics</p> André Petermann Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:10 00:30 H.2214 graph_library_javascript Graph devroom <p>While a lot of languages already have comprehensive libraries to handle graph data (like <a href="http://networkx.github.io/">networkx</a> in python), the same cannot be said for JavaScript.</p> <p>This talk discusses how we were driven to create a multipurpose graph object specification for JavaScript and what were the design issues we soon had to tackle from implementation choices to API naming.</p> <p>The result of this work is the <a href="https://graphology.github.io/">graphology</a> specification &amp; reference implementation which we present to open it to feedbacks &amp; contributions.</p> <hr /> <p>We will first review the state of the art of graph libraries for JavaScript and discuss the issues which brought us to create a new projet from scratch.</p> <p>Then we will explain why we chose to design an open specification for a standard API rather than only providing a library.</p> <p>Finally we will present the reference implementation &amp; the attached library of algorithms and justify the technical choices made, before presenting our future roadmap and related projects (a new version of the graph rendering library, <a href="http://sigmajs.org/">sigma.js</a>, notably).</p> <hr /> <p><em>Alexis Jacomy</em></p> <p>Alexis is CTO of Matlo, a data discovery web app. He spent last years working on tools to help people explore data. He also develops multiple JavaScript tools with Guillaume Plique, notably sigma.js to visualize networks in web pages.</p> <p>https://github.com/jacomyal</p> <p><em>Guillaume Plique</em></p> <p>Guillaume Plique is a developer at SciencesPo's médialab working on a variety of Open Source projects in JavaScript, Clojure &amp; Python. He specializes in developing software for social sciences researchers and often works with graphs, natural language processing and UIs.</p> <p>https://github.com/Yomguithereal</p> Guillaume Plique Graphology Documentation Sigma.js Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:50 00:30 H.2214 graph_processing_sap_hana Graph devroom <p>With the recent announcement of the SAP HANA, express edition, a free to use and streamlined version of SAP HANA that can run on laptops and other resource-constrained hosts, it is now possible to use the SAP HANA Graph functionality for free in own graph projects and applications with up to 32GB main memory limit. In addition, the SAP HANA, express edition offers development utilities that can be used to develop own applications on top of SAP HANA.</p> <p>In this presentation, we will provide an overview of SAP HANA Graph, a native graph processing engine, which is tightly integrated into the database kernel of SAP HANA. It allows to freely combine graph, relational, text, and geospatial processing on a single transactional data representation without the need to replicate data into specialized systems. In particular, we will use the SAP HANA, express edition running on the speaker's laptop to demonstrate the audience a walk-through of the steps to get started with SAP HANA Graph. Specifically, we will show how to execute openCypher queries in SAP HANA and also showcase GraphScript, a high-level domain-specific graph query language for imperative and complex graph query processing.</p> Thomas Fischer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:30 H.2214 graph_analytics_massively_parallel_processing_databases Graph devroom <p>As graph processing moves to the mainstream, a large number of specialized graph engines have emerged. However, for many enterprises, much of their important data resides in relational databases and SQL is the most common workload. So is it reasonable to suggest that relational data processing engines can be used to solve graph problems in a productive and performant manner?</p> <p>The answer to this question is: “Yes!”</p> <p>In this talk, we will address the use of massively parallel processing (MPP) databases for graph analytics workloads. We will share some recent findings from the Apache MADlib (incubating) project, including design of graph data structures, implementation of common graph algorithms, and performance results.</p> <p>Graph analytics is becoming an important part of enterprise computing. With roots in academia going back many decades, the last 10-15 years have seen a huge surge of interest in this topic to address a wide range of modern use cases, from cybersecurity to social networks to supply distribution chains.</p> <p>Enterprises have made significant investments in infrastructure, software, and training of their employees, all centered around SQL. So how can an enterprise add graph analytics to their business without the cost and complexity of moving to specialized graph processing engines? And, what are the tradeoffs?</p> <p>Graph analytics is a new area of innovation in Apache MADlib, which is a SQL-based open source library for scalable in-database analytics. It provides parallel implementations of mathematical, statistical and machine learning methods for structured and unstructured data.</p> <p>Many existing analytics products do not scale in a way that makes it convenient and economical to operate on large data sets. The graph methods in Apache MADlib have been designed to take advantage of the shared-nothing, scale-out parallelism offered by modern parallel database engines.</p> <p>I look forward to presenting this topic at FOSDEM 17!</p> Frank McQuillan Apache repo for software Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:10 00:30 H.2214 graph_scale_mesos_dcos_neo4j Scale out Neo4j using Apache Mesos and DC/OS Graph devroom <p>In the era of docker, big data and micro services it is really important to distribute your applications reasonable across your cluster and keep a good overview of all of your applications. This fact is well addressed, but it would be great to utilize your cluster in that way, that you locate your data in the same cluster like the rest of your application landscape and share your physical resources all over your running applications, no matter if you are serving user requests, crunching data or calculating big graphs. For this reason we brought the awesome graph database Neo4j to run natively on top of Apache Mesos and DC/OS. In this session we will see how easy it is to install, run, operate and scale out Neo4j Causal Clusters on top of Apache Mesos and DC/OS and which possibilities you have spanning big graphs across your cluster.</p> Jörg Schad Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:50 00:25 H.2214 graph_traffic_analysis_hadoop_patterns Understand the common usage patterns and identify typical / atypical workloads. Graph devroom <p>Cybersecurity is a broad topic and many commercial products are related to it. We demonstrate a fundamental concept in network analysis: re-construction and visualization of temporal networks. Furthermore, we apply the method to describe operational conditions of a Hadoop cluster. Our experiments provide first results and allow a classification of the cluster state related to current workloads. The temporal networks show significant differences for different operation modes. In reallity we would expect mixed workloads. If such workload parameters are known, we are able to handle a-typical events accordingly - which means, we are able to create alerts based on context information, rather than only the package content. We show an end-to-end example: (1) Data collection is done via python, using the sniffer script; (2) using Apache Hive and Apache Spark we analyze the network traffic data and create the temporary network. Finally, we are able to visualize the results using Gephi in step (3). In a next step, we plan to contribute to the Apache Spot project.</p> <h1>Expected prior knowledge / intended audience:</h1> <p>No special skills required, but minimal exposure to the Hadoop ecosystem is helpful.</p> <h1>Speaker bio:</h1> <p>Márton Balassi is a Solution Architect at Cloudera and a PMC member at Apache Flink. He focuses on Big Data application development, especially in the streaming space. Marton is a regular contributor to open source and has been a speaker of a number of open source Big Data related conferences including Hadoop Summit and Apache Big Data and meetups recently.</p> <p>Mirko Kämpf is a Solution Architect at Cloudera and the initiator of the Etosha project. He holds a Diploma in Physics and worked on several projects related to complex systems analysis. His focus is on time dependent network analysis and time series analysis, using tools from the Hadoop ecosystem, and especially on the related metadata management. Mirko is actively using open source tools, author of several blog articles in the Cloudera engineering blog, and a speaker in Big Data related conferences and meetups.<br/> https://de.linkedin.com/in/kamir</p> <h1>Links to previous talks by the speaker</h1> <h2>Marton:</h2> <p>Hadoop Summit, Dublin, 2016 https://www.youtube.com/watch?v=mRhCpp-p11E</p> <p>Flink Meetup, Berlin, 2016 https://www.youtube.com/watch?v=Rk8mVtGumPc&amp;t=462s</p> <p>Flink Forward, Berlin, 2016 https://www.youtube.com/watch?v=FtzXOLhZ-2c</p> <h2>Mirko: </h2> <p>Cloudera Technical Summit, Las Vegas, 2016 http://www.slideshare.net/mirkokaempf/from-events-to-networks-time-series-analysis-on-scale?qid=a3a3f939-19e4-4127-81a7-e963114d4110&amp;v=&amp;b=&amp;from_search=1</p> <p>GridKA, Karlsruhe, 2015 http://www.slideshare.net/mirkokaempf/apache-spark-in-scientific-applications?qid=b82c1d59-2098-409c-8b84-5570504c5546&amp;v=&amp;b=&amp;from_search=4</p> <p>GridKA, Karlsruhe, 2014 http://www.slideshare.net/mirkokaempf/hadoop-complex-systems-research?qid=a0eebdd3-b042-453d-9b65-a2e2301d09f8&amp;v=&amp;b=&amp;from_search=6</p> <p>Hadoop meetup, Munich, 2013 http://www.slideshare.net/mirkokaempf/munich-hug-20130522v2?qid=72841b48-efbf-442a-8b7f-0ea0db3b3ad4&amp;v=&amp;b=&amp;from_search=5</p> Mirko Kämpf Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 01:00 H.3227 mageia_bof BOFs (Track A - in H.3227) bof Submit feedback 16:00 01:00 H.3227 openhmd_bof Meeting for the OpenHMD community BOFs (Track A - in H.3227) bof <p>OpenHMD is a community building full open source drivers for different type of VR devices such as the Oculus Rift, HTC Vive, PSVR and others. Since we found out quite a bunch of our contributors are attending this event, we would like to take this opportunity to meet up to have development and design discussions, but also to introduce new people to our project, and even help out reverse engineering new devices, or help out implementing OpenHMD in other projects!</p> <p>This meeting is for everyone interested in our project and community, discuss things like VR in Open Source, multi platform development, application integration, device support and anything related in general.</p> <p>For questions poke us on irc.freenode.net channel #openhmd</p> TheOnlyJoey project website github subreddit Submit feedback 17:00 00:30 H.3227 oracle_jigsaw_bof BOFs (Track A - in H.3227) bof <p>Oracle Jigsaw</p> Submit feedback 17:30 00:30 H.3227 apache_maven_jigsaw_bof BOFs (Track A - in H.3227) bof <p>Apache Maven / Jigsaw</p> Submit feedback 18:00 01:00 H.3227 upipe_meetup BOFs (Track A - in H.3227) bof <p>Upipe is primarily designed to be the core of a multimedia player, transcoder or streamer. The framework organizes the processing of incoming data buffer inside a pipeline of modules. It exposes core types for buffers and modules (called “pipes”), and the API of communication between pipes and between the application and pipes.</p> <p>The meetup is for everyone interested in our project and community, to discuss the future orientations and problems.</p> <p>For questions poke us on irc.freenode.net channel #upipe.</p> Christophe Massiot Upipe website github Submit feedback 14:00 01:00 H.3228 eda_bof BOFs (Track B - in H.3228) bof <p>Electronic Design Automation BOF</p> Submit feedback 15:00 02:00 H.3228 sailfishos_bof BOFs (Track B - in H.3228) bof <p>SailfishOS</p> Submit feedback 17:00 01:00 H.3228 videolan_bof BOFs (Track B - in H.3228) bof <p>VideoLAN</p> Submit feedback 18:00 01:00 H.3228 armadito_bof BOFs (Track B - in H.3228) bof Submit feedback 10:30 00:10 AW1.120 introsdr Software Defined Radio devroom <p>Welcome to the Software Defined Radio track! As in the last couple of years, we will talk about anything related to software defined radio: Interesting hacks, SDR hardware, wireless security, homebrew radar, academical research, etc. Here, we introduce the track and topics, and welcome all fans and afficionados of the SDR track!</p> <p>The software defined radio track has been part of FOSDEM since 2014, and has been choc-a-block with talks an all kinds of topics related to software defined radio. This year again, we'll be talking about a variety of topics ranging from interesting hacks to SDR hardware, wireless security, homebrew radar, academical research and many other things that fall into this wide field.</p> Philip Balister Martin Braun Sylvain Munaut Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:40 00:20 AW1.120 darpa_hackfest Software Defined Radio devroom <p>The Defense Advanced Research Projects Agency (DARPA) is hosting a pre-FOSDEM hackfest on unintentional emitters of electromagnetic signals. The hackfest should attract many people from the software defined radio (SDR) community to participate as it will involve the design and development of techniques to discover, capture, identify, and disseminate the emissions and emitters. The hackfest will take place in Brussels from February 1 – 3, so this talk will provide a review of the work that went on in the days just preceding FOSDEM.</p> <p>Electromagnetic (EM) emissions are everywhere and come from radio systems that purposefully emit EM signals, unintended emissions from these radios in other frequencies, and unintentional emissions from all of our electronics, even those not designed as radios. These emissions affect spectrum usage, which is a vital part of our daily lives and continues to grow in its importance. As more services and devices are depending on wireless connectivity, the problems of interference will grow, too. We typically think about interference coming from other wireless devices, but other electronics create EM emissions as well, such as computers and vehicles. But even more mundane electronics, like AC-to-DC converter “wall-warts” for charging cell phones, produce emissions. Though often low-power, the growing prevalence of electronics to support our daily lives is also an additive source of interference.</p> <p>DARPA will be hosting a hackfest in Brussels over the three days leading up to FOSDEM. The purpose of the hackfest on unintentional emitters is to help us develop techniques to find and study the emissions with the hope of better understanding and characterizing how different devices behave. The hackfest outcomes could lead to important scientific and technical knowledge for how we understand the interference problems from these emitters. Can we characterize how a building and its various components look by its EM emissions? How about parts of a city and the effects of traffic, subways, and other infrastructure?</p> <p>The FOSDEM presentation will review the work that went on during the three-day hackfest and report on any resulting techniques/technology and what we learned about the unintentional emissions around us. It will be a relatively short talk presented without slides as a quick wrap-up to the FOSDEM SDR audience.</p> Tom Rondeau Hackfest signup page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:30 AW1.120 gnuradio manipulating one of the four fundamental forces of the universe Software Defined Radio devroom <p>GNU Radio is a free and open source toolkit for software radio, and has been part of the GNU project since 2001. This talk will kick-off the Software-Defined Radio Dev Room with a quick introduction to software radio. I will then give a brief introduction to GNU Radio, and then go into some updates about the project and development direction, and provide some examples of some of the awesome stuff happening in the software radio community.</p> Ben Hilburn Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:30 AW1.120 sdrdebian Turn-key solutions for hams using Debian packages Software Defined Radio devroom <p>Intro to ham radio and a brief demo of SDR capabilities in the Debian Ham blend, explaining why Debian and Ham Radio are both important parts of the SDR eco-system.</p> Daniel Pocock Blog posts tagged SDR Debian Ham blend Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:30 AW1.120 introtosdr Start from scratch today, hack the EM spectrum tomorrow! Software Defined Radio devroom <p>There's no reason SDR needs to be limited to an elite group of users. There are so many tools out there that allow anyone with some technical background to quickly get familiar with the world of SDR. Depending on your background (Ham radio operator, software developer, wireless researcher, Michelin star chef) you may already know some parts of the big picture, but might be missing others. The last few years, many tools have been created to ease your entry into SDR, and we will give an overview of what they are and how you can quickly get started working with electromagnetic waves. No prior knowledge required!</p> <p>Assuming you can operate a Linux computer, we will use the following tools to get you started with SDR and GNU Radio: - PyBOMBS - GNU Radio Companion - gr_modtool</p> Marcus Müller Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 01:00 AW1.120 sdr_panel An interactive session. Let's talk about SDR! Software Defined Radio devroom <p>The state of SDR, and free/open SDR in particular, is interesting. In some cases, SDR research and progress has been declared dead, implying that there is nothing left to research or develop. Practical usage of SDR tells a different story, though, and users of SDR products run into all sorts of issues every day.</p> <p>In this panel, we would like to discuss with the audience what the top issues are that SDR frameworks need to solve in the near future -- be they technical, legal, political or anything else.</p> <p>What are the top 3 items that the realm of Software Defined Radio needs to figure out? In this panel, we invite some experts as well as the entire audience to discuss this question. We shall discuss technical challenges (if there are any) as well as legal and political challenges. Does free/open software radio have any different questions to tackle? If we were to attend a technical conference in the near future, what would be the most mind-blowing thing we could present? Will there be more, competing frameworks going forward, or will they consolidate? These and many more questions shall be the topic of this year's SDR panel.</p> Martin Braun Tom Rondeau Bastian Bloessl Francois Quitin Ben Hilburn Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:30 AW1.120 jesd204b High-speed inter-device data transfers for SDR Software Defined Radio devroom <p>JESD204B is a industry standard for interfacing high-speed converters (ADC, DAC) to logic devices (FPGA, ASIC). This presentation will give a introduction to the JESD204B standard which is gaining increasing adoption in SDR solutions to connect the RF-fronted device to the processing device.</p> <p>JESD204B is a industry standard for interfacing high-speed converters (ADC, DAC) to logic devices (FPGA, ASIC).</p> <p>Software-defined-radio solutions follow a trend of ever increasing channel bandwidth and diversity (e.g. MIMO). Another trend is the transition from zero-IF to direct-IF, which bypasses the analog modulator and samples the full spectrum up to the desired signal. Both of them require additional data throughput rates which can reach the limits of more traditional interfaces like CMOS or LVDS. The JESD204B standard has been designed to overcome these restrictions and allow higher throughput data rates between the converter and the logic device. It is as such not surprising that to accommodate the increased data rate demands of such solutions JESD204B is often adopted, both for discrete as well as integrated RF designs.</p> <p>In addition to specifying the physical layer the JESD204B specification also has a protocol layer defining data mapping and encoding as well as standard methods for commonly needed features like data integrity checks, multi-chip synchronization and deterministic latency.</p> <p>This presentation will provide an introduction to the JESD204B standard in the context of software-defined-radio explaining how the different layers inside the JESD204B standard interact, giving developers a understanding of how to setup and configure a JESD204B system.</p> Lars-Peter Clausen Video recording (mp4) Video recording (WebM/VP8) JESD204B Survival Guide Submit feedback 14:00 00:45 AW1.120 sdr_fpga Taming digital hardware for software radio Software Defined Radio devroom <p>Most SDR hardware nowadays includes an FPGA of sorts, but how to make use of them in an SDR application is often unclear for newcomers to the SDR ecosystem. Even more daunting can be to take first steps into FPGA-land and start writing code for your reprogrammable chips. We will talk about how an FPGA is actually useful for SDRs on an very basic level, and provide a very basic introduction into how to use the RFNoC framework to start using (and maybe learning) FPGAs.</p> <p>The following topics will be covered: - How are FPGAs already available in modern SDR hardware? - Which tasks are FPGAs well suited to tackle? - When do we move tasks to an FPGA, and when do we not? - How can we enter the realm of FPGA development using the RFNoC framework?</p> Martin Braun Nicolas Cuervo Ettus Research RFNoC Knowledge Base Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:45 00:30 AW1.120 gpupfb Everyday I'm Shuffling Software Defined Radio devroom <p>Frequency Division Multiple Access (FDMA) schemes are widely used in many existing communication systems and standards. On Software Defined Radio (SDR) platforms, separating the channels can prove more difficult though due to high requirements for the digital filters. This talk will showcase an implementation of a polyphase filterbank on a graphics processor unit (GPU) that can help overcome the heavy computational load of those filters. In the software, all the partitioned filters can run in parallel. Each of these filters produces output samples for numerous input samples simultaneously, thus providing an additional parallel approach. Furthermore, several rational oversampling factors are supported by this implementation. Operations for oversampling can as well be implemented to run in parallel, due to the massive amount of usable hardware threads in a GPU. Hence, the effects of oversampling on the throughput can be reduced. On an Nvidia GTX970 GPU, this implementation achieved a throughput of 67.43 MSamples per second, 12 times higher than the (optimized) general purpose processor (GPP) version.</p> <p>Separating information using the frequency space is rather simple if one can do it with appropriate hardware. Cycle accurate operations executed in FPGA and ASIC fabric allows one to carefully create the desired waveform and then control filterbanks and oscillators. This way, the desired information can get into the air at the exact time and frequency one fancies. Unfortunately, controlling a software defined radio (SDR) in that manner can prove to be quite a challenge. Timing constraints when changing the center frequency often turn out to be the main limiting factor [1]. Instead, a pure SDR approach is often the desired way of generating multifrequency content. To cope with hard latency/timing constraints, the solution is to generate the whole spectrum at once and to position the desired information digitally into the time/frequency matrix.</p> <p>But this poses quite a challenge as one usually, depending on the number of channels, has to tremendously oversample the signal to generate the aggregated bandwidth. The needed anti-imaging filter at the transmitter side and the separation/anti-aliasing filters on the receiver side can grow to obscene amounts of filter taps. Coping with this amount of computational load can be demanding, even for high-end general purpose processors (GPP). Using a polyphase filterbank (PFB) to do the synthesis/separation of the waveform can help eminently with reducing the computational load. PFBs do this by breaking down the needed filter in several polyphase partitions and doing the filtering on these partitions. A division of a filter in M polyphase partitions can already reduce the theoretical computational load by exactly a factor of M [2]. Additionally, the Fast Fourier Transform (FFT) can be used to extract or generate all channels needed at once, using just one filtering operation.Still, the challenge of separating the channels can prove to be too much for the GPP, even with the help of a PFB channelizer/synthesizer.</p> <p>Using a graphics processor unit (GPU) can help immensely with offloading the critical task of separating the dedicated channels, providing some headroom for the GPP to perform the remaining task of decoding the information imprinted on the individual channels. Filtering itself is an operation that can be mapped pretty well onto many-core architectures, especially if the constraints on latency and buffer sizes are not as stringent. But the operations inside a PFB really seem to be made for over the top parallelization. The notion of performing several independent polyphase partitioned filtering operations at once is something that can be easily mapped onto common GPU architecture abstractions, as every polyphase filter partition can run simultaneously.</p> <p>Most GPUs have even more computing capabilities and their resources would lie idle if one only parallelized the PFB algorithm in terms of polyphase partitions. Additionally, the computation of consecutive output samples is independent from each other. So one can further parallelize the algorithm by computing several output samples concurrently. If the need for oversampling of the signal arises, that too can be exploited to produce the additional output samples in parallel, thereby minimizing the additional computational stress caused by oversampling.</p> <p>This talk will showcase, how all operations of the algorithm of the PFB channelizer/synthesizer can be mapped to a GPU using the CUDA framework. Examples of the code will be shown to highlight some of the oddities one can encounter when developing code for GPUs or many-core architectures in general. Benchmarks and results of the current implementation will be presented and discussed. As of now, on an Nvidia GTX970, the implementation reaches a throughput of 67.43 MSamples per second (45 channels, 5x oversampling, 1318 tap prototype filter), which is 12 times higher than an optimized GPP (Intel I7 6850K) version. Last but not least, future steps for releasing and maintaining the code will be laid out.</p> <p>References: [1] M. Ibrahim and I. Galal, “Improved sdr frequency tuning algorithm for frequency hopping systems,” ETRI Journal, vol. 3, no. 3, Jun 2016. [Online]. Available: http://dx.doi.org/10.4218/etrij.16.0115.0565 [2] F. J. Harris, Multirate Signal Processing for Communication Systems. Upper Saddle River, NJ, USA: Prentice Hall PTR, 2004.</p> Jan Kraemer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:15 00:30 AW1.120 trafficlights Software Defined Radio devroom <p>Wireless mobile traffic lights are often used to secure construction sites when roads are partially blocked. Some day, when a pair of them was placed close to our home, I set off to explore how they are working. In this talk, I will describe how I used a cheap RTL-SDR together with GQRX, Inspectrum, and GNU Radio to reverse engineer the modulation and frame format of different types of wireless traffic lights. With some patience, I could also make some sense out of the bits. In particular, I was able to extract the signal state and display it in a web interface, mirroring the traffic light. A closer look at the frame format and the apparent absence of any authentication might leave one with a bit of a worrying impression regarding the security of those systems.</p> Bastian Bloessl https://www.bastibl.net/traffic-lights/ https://www.bastibl.net/traffic-lights-2/ https://www.youtube.com/watch?v=1hb10T3aP4g Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:45 00:30 AW1.120 oai Software Defined Radio devroom <p>This talk will provide an overview of the evolution of OAI architecture to cater to distributed software radio systems, in particular those characteristics of upcoming cellular networks.</p> <p>This talk was moved forwards 1 hour from its original timeslot (16:45).</p> <p>The evolution of radio communication networks will soon include by so-called “CloudRAN” technologies which refer to centralized radio-access infrastructure deployed in data-centers. Although exhibiting important differences in the type of processing they perform, the compute and storage architecture of these data-centers, as well as many of the software technologies, are very much modelled by those used by internet-based industries for information content management and distribution.</p> <p>The future network architecture is comprised of three segments, the so-called fronthaul network, the CloudRAN data-centers and the main data-centers. The fronthaul network links the radio nodes at the extremities with the CloudRAN. These interconnection networks are typically optical links over very large distances (10-20 km) when the CloudRAN resides in the central office of an operator. Various technologies are envisaged including analog (radio-over-fiber) PON (passive optical network), TDM and WDM PON and carrier grade optical Ethernet. Other solutions will also exist for indoor networks (e.g. airports, shopping malls, large administrations, private enterprise networks, etc.) using both optical and copper-based fronthaul networks.</p> <p>The software architecture of OpenAirInterface (OAI) is currently being evolved to cater to these distributed processing environments. In particular the infrastructure processing elements in OAI are being split at various places to allow them to be distributed between the central cloud processing units (RCC), the so-called radio-aggregation units (RAU) which perform centralized signal processing and switching and the network of remote-radio units (RRU). OAI now comprises two such processing splits which will be detailed along with examples of how to build simple ethernet-based RRU with low-cost commodity radio equipment (e.g. USRP B2x0, LimeSDR, etc.) and embedded PCs or ARM-based computers. In addition, The current architecture for deploying OAI in a data-center environment will be described.</p> <p>A short live demonstration of networked-signal processing for 4G will be provided comprising a USRP-based RRU running on an UPBoard, an ethernet fronthaul and a mini radio-cloud-center housing the access protocol stack and a small core network.</p> Raymond Knopp Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:15 00:20 AW1.120 grinspector A Signal Analysis Toolbox for GNU Radio Software Defined Radio devroom <p>This talk copes with the signal analysis toolbox gr-inspector for GNU Radio. I will talk about the development process as well as the functionality and some usage examples.</p> <p>Receiving unknown signals is hard. It was already possible with GNU Radio, but much manual work and offline tweaking was necessary. Real-time signal analysis was hardly possible. During Google Summer of Code 2016, gr-inspector was developed to make these tasks more easy. The main purpose of the toolbox is to automate as much of a receiving process as possible during runtime. The components of the toolbox include a energy detection block, automated down-mixing/filtering/decimation, resampling, automated modulation classification (AMC) and OFDM parameter estimation/synchronization. Also, a GUI is able to display the analysis results. In this talk, I will give information about the background of the toolbox, what it's capable of and how to use it.</p> Sebastian Müller gr-inspector GitHub Page Development Blog Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:45 00:30 AW1.120 satnogs An SDR-based Satellite Networked Open Ground Station Software Defined Radio devroom <p>This talk was moved backward one hour from its original timeslot (15:45).</p> <p>SatNOGS: An SDR-based Satellite Networked Open Ground Station</p> Manolis Surligas Website gr-satnogs source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:15 00:30 AW1.120 radioml Functional Algorithm Definition and Concurrent Automation Software Defined Radio devroom <p>This talk will discuss the applicability and potential of tensor processing methods for signal processing algorithm implementation. It will consider both machine learning and non-machine learning signal processing applications and discuss how they can be efficiently implemented with TensorFlow and used quickly in conjunction with GNU Radio.</p> Tim O’Shea Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:45 00:30 AW1.120 multiantenna Software Defined Radio devroom <p>This talk will present a new method to estimate the bearing of a radio transmitter with a mobile, single-antenna receiver, and its implementation on a software-defined radio (SDR) testbed. The bearing estimation method relies on the following principle: by considering the signal received at several points along its trajectory, the receiver implicitly creates a virtual multi-antenna array (similarly to synthetic aperture radar systems) that can be used to estimate the bearing of the radio transmitter. Virtual multi-antenna arrays have two major differences with conventional multi-antenna arrays: 1) the position and orientation of each antenna in the virtual array depends on the movement of the receiver and must be estimated; and 2) the local oscillator (LO) offset between transmitter and receiver adds a phase offset to the signal received by each “virtual” antenna, which must be estimated and compensated for. The first problem is solved by using an inertial measurement unit (IMU), which can provide the relative position and orientation of the receiver for short time periods. The second problem is solved by expanding the signal model that is used in bearing estimation algorithms (such as MUSIC) to account for LO offset. The proposed system is implemented on a USRP-N210 SDR with an external high-end IMU and tested in an anechoic chamber. The SDR implementation is a mixture of FPGA and software development, while some parts of the data are processed off-line. The results show that our method is indeed feasible, with bearing estimation errors of only a few degrees. We then present the first efforts of an implementation on a USRP-E310 SDR which has an integrated, lower-quality IMU.</p> Francois Quitin Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:15 00:30 AW1.120 dcf77 software defined radio processing of DCF-77 signals Software Defined Radio devroom <p><a href="https://www.ptb.de/cms/fileadmin/internet/fachabteilungen/abteilung_4/4.4_zeit_und_frequenz/pdf/2011_PTBMitt_50a_DCF77_engl.pdf">DCF-77</a> is a German very low frequency (VLF) emitter locked on the Cs clocks of PTB used for synchronizing radiofrequency-disciplined clocks found, for example, in low-cost weather stations. VLF signals propagate through the waveguide whose boundary conditions are defined on the one hand by ground, and on the other hand by the ionosphere (charged) layer altitude. In addition to the amplitude modulation of the Cs-locked DCF-77 frequency standard, a <a href="https://www.ptb.de/cms/en/ptb/fachabteilungen/abt4/fb-44/ag-442/dissemination-of-legal-time/dcf77/dcf77-phase-modulation.html">phase modulation</a> is imprinted on the carrier for time of flight measurement, allowing for "precise" time of flight measurements. The topic of the presentation is</p> <ol> <li><p>reception of the DCF-77 VLF signal using a coil antenna, with enough power to feed a lock-in amplifier and extract phase and magnitude information. When the reference signal of the lock-in is referred to a local Cs primary standard, day/night ionosphere altitude variations are readily observed -- here using the carrier phase analysis,</p></li> <li><p>extraction of the time of flight through CDMA processing of the phase output from the lock-in amplifier, recorded on a (low frequency) oscilloscope, emphasizing the time resolution improvement of the phase modulation with respect to the amplitude modulation gained from the increased signal bandwidth,</p></li> <li><p>replace the lock-in amplifier with software-defined radio processing of signals recorded with a personal computer sound card or the analog to digital converter (RTL2832U) of a DVB-T receiver dongle,</p></li> <li><p>refer the second channel of the stereo sound card/DVB-T to a low-cost GPS 1-PPS time reference for local oscillator drift compensation, and hence measure the ionosphere altitutde variation through time of flight variation by comparing the phase-encoded cross-correlation peak position with the 1-PPS position, yielding results consistent with the lab-grade instrumentation.</p></li> </ol> <p>Although the whole processing chain is trivial, various issues making its practical implementation challenging will be emphasized. Most significantly, the processing chain is very similar to those applied to <a href="https://archive.fosdem.org/2015/schedule/event/xcorr/">GPS signals</a>, yet easier to grasp with the strong VLF signal. We aim at analyzing the time stability of the phase modulated signal -- allowing for sub-100 us timing resolution -- and correlated observed phase fluctuations with <a href="https://www.funkamateur.de/tl_files/downloads/hefte/2006/DG9WF_Iono_lang.pdf">ionosphere altitude</a></p> Jean-Michel Friedt preliminary slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:10 AW1.121 backup_dr_welcome Introduction and welcome word Backup and Disaster Recovery devroom <p>This will constitute the traditional ceremonial introduction of the Backup and Disaster Recovery devroom</p> Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:45 00:25 AW1.121 backup_dr_essentials_rear A generic introduction for beginners Backup and Disaster Recovery devroom <p>An initial basic and generic introduction for beginners on Disaster Recovery with Relax-and-Recover.</p> <p>This basic introduction on Disaster Recovery with Relax-and-Recover will explain the following items from a generic higher-level point of view:</p> <ul> <li>What does disaster recovery mean ?</li> <li>How does disaster recovery work ?</li> <li>What disaster recovery is not meant to do</li> <li>What is Relax-and-Recover ?</li> <li>How does Relax-and-Recover work ?</li> <li>How to set up Relax-and-Recover</li> <li>Relax-and-Recover advantages/disadvantages</li> <li>Relax-and-Recover limitations</li> </ul> Johannes Meixner Essentials about disaster recovery with Relax-and-Recover presentation PDF General info about Disaster Recovery at openSUSE Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:15 01:25 AW1.121 backup_dr_drlm DRLM Workshop Backup and Disaster Recovery devroom <p>An introduction about DRLM (Disaster Recovery Linux Manager) features, news and a complete workshop on DR management with ReaR and DRLM.</p> <p>DRLM Project Intro: will explain the following items:</p> <ul> <li>What is DRLM ?</li> <li>DRLM Short History</li> <li>DRLM Features</li> <li>News on version 2.1.0</li> <li>How to contribute ?</li> </ul> <p>Workshop: will provide the opportunity to dig into topics relevant to real DR needs and to get your questions/doubts answered</p> <ul> <li>How to set up DRLM</li> <li>DRLM Operations (manage networks, clients, backups, jobs, etc.)</li> <li>Best Practices</li> <li>Questions &amp; Answers</li> </ul> Didac Oliveira OpenExpo 2016 Presentation about GNU/Linux DR (spanish) OpenExpo 2016 Presentation Video (Spanish with English Subs) DRLM Workshop instructions Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:55 AW1.121 backup_dr_bareos_overview Backup and Disaster Recovery devroom <p>Bareos (Backup Archiving Recovery Open Sourced) is a reliable, cross-network open source software for backup and recovery of data for a large set of operating systems (Linux, Unix, Windows, MacOS). This presentation will give an overview about what Bareos is and how to use its components. It will also highlight the latest stable features and present the roadmap for the next release.</p> <p>The Bareos project stated in 2010 as a fork of Bacula. Since then, lots of features have been introduced or enhanced, like Python-Plugin-Interface, VMware Plugin, Always Incremental, SCSI Crypto support, bareos-webui ...</p> <p>This presentation will give a general overview about what Bareos is and how it can be used.</p> <p>It will highlight some of the unique features, tells what is currently in development and the roadmap for the next releases.</p> Jörg Steffens Bareos Project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:45 00:55 AW1.121 backup_dr_incr_backups Good things come in small packages! Backup and Disaster Recovery devroom <p>Full backups of large storage devices are expensive, slow, and waste a lot of space. Incremental and differential backups are an oft-requested feature in virtualization stacks to help eliminate the redundant copying of backup data.</p> <p>This presentation will cover recent developments in related delta-backup technologies, covering incremental and differential backups, image fleecing, dirty bitmap management, and different paradigms of consuming this data to produce reliable backups both through QEMU as an agent or via an external backup appliance.</p> <h1>Style</h1> <p>This talk will cover the incremental backup functionality in QEMU and developments since its first introduction in 2015.</p> <p>The talk is intended to be a fairly light-weight, quick trip through the feature; explaining the mechanics behind both the implementation and the API. I do not intend to cover in incredible detail the algorithmic minutiae of incremental backup techniques, but 'dirty bitmaps' as a fundamental technology enabling the technique will feature quite heavily. A theme of the talk will be how these features were implemented using targeted modifications to existing stable API to unlock rich functionality while maintaining backwards compatibility -- and the difficulties faced while doing so in a diverse open source environment. Current/Future developments are intended to be a highlight of the talk.</p> <h1>Audience</h1> <p>First and foremost, students who are interested in how large-scale projects tackle problems and would like some insight to how components in "the cloud" actually manage data on a technical level would find this talk interesting. At the very least, hopefully they find it entertaining.</p> <p>Secondly, any developers or hobbyists who rely on virtualization in their workflow, but may not be heavily invested or well-versed in QEMU/KVM/libvirt et al specifically could benefit from an expanded knowledge of how this FOSS virtualization stack manages data. These users may be keen to gain insight into newer, more flexible storage and backup options.</p> <p>Third, Upper-layer stack developers or users who script against upper-layer virtualization stack components may be interested to hear what we're cooking up -- this includes libvirt, virsh, openstack, oVirt or any projects that count these projects as dependencies.</p> <p>And lastly, anyone who has a keen appreciation for bad puns on slide captions might enjoy stopping by.</p> <h1>Takeaways</h1> <p>Attendees can expect to leave with a basic outline of the storage management solutions as they exist in FOSS virtualization today, and how we'd like to improve on them. With a copy of the slides and footnotes, attendees will be well equipped to author power-user scripts that take advantage of some advanced functionality in QEMU-kvm today that may help them eke out more mileage from their existing FOSS virtualization stack. The talk will cover general design, usage, current caveats and expected next steps for related backup features; this will hopefully provide generally relevant information for anyone interested in or contributing to the field in general.</p> John Snow KVM Forum 2015 talk; geared for virt-centric audience Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:45 00:55 AW1.121 backup_dr_first_steps Understand how ReaR works by running it yourself. Backup and Disaster Recovery devroom <p>To get some initial basic understanding how Relax-and-Recover works you will use it yourself on two virtual machines on your laptop.</p> <p>On the first virtual machine Relax-and-Recover (ReaR) will be installed and used to prepare that machine for disaster recovery.</p> <p>The second virtual machine is the replacement machine that is used for disaster recovery of the first virtual machine.</p> <p>Preconditions for this workshop:</p> <p>To actively participate you need a sufficiently powerful laptop it that is ready-to-use prepared as follows:</p> <ul> <li><p>An NFS server runs on the laptop that exports a directory in "rw" mode.</p></li> <li><p>Two simple virtual machines are running on the laptop:</p> <ul> <li>x86/x86_64 with BIOS (no UEFI)</li> <li>hardware virtualization (no paravirtualization)</li> <li>a single virtual 20GB harddisk (IDE disk)</li> <li>a usual virtual CDROM drive (IDE CDROM)</li> <li>a single usual virtual network interface card (no special driver/firmware)</li> </ul> </li> <li><p>A small and simple Linux system is running on the first virtual machine that is installed in a single ext3/ext4 filesystem with GRUB/GRUB2 as bootloader.</p></li> <li><p>The Linux system running on the first virtual machine can access the NFS server that runs directly on the laptop.</p></li> <li><p>A second "empty" virtual machine without an operating system that is identical as the first one (BIOS, same 20GB harddisk, CDROM, same NIC).</p></li> <li><p>Preferably a recent ReaR version is installed on the Linux system that is running on the first virtual machine</p></li> </ul> <p>What will be done step by step:</p> <p>If not already done Relax-and-Recover (ReaR) will be installed on the Linux system that is running on the first virtual machine.</p> <p>ReaR will be set up (configured) for disaster recovery.</p> <p>By running "rear mkbackup" on the first virtual machine one gets on the NFS server a backup.tar.gz and a rear-hostname.iso.</p> <p>The first virtual machine is shut down to simulate a disaster happened.</p> <p>The second virtual machine is booted from the rear-hostname.iso via CDROM.</p> <p>Now the special ReaR rescue/recovery system runs on the second virtual machine and by running "rear recover" therein one gets on the second virtual machine the system re-created as it had been before on the first virtual machine.</p> Johannes Meixner First steps with Relax-and-Recover on openSUSE SDB:Disaster Recovery First steps with Relax-and-Recover workshop Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:45 00:25 AW1.121 backup_dr_automated_testing Backup and Disaster Recovery devroom <p>Relax-and-Recover (ReaR) is a bare metal Disaster Recovery tool that can save you hours (and sometimes days) to recover a system from scratch in case of failure. However, for us developers before making a new release it is a real nightmare to test all the different Linux distributions in combination with all the known workflows that ReaR provides. It used to be a manual process of testing the recovery, but we are in progress to automate the whole process for some workflows. We will explain the internals of how we do automated testing and we will give a live demo as well.</p> Gratien D'haese Relax-and-Recover website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:15 00:25 AW1.121 backup_dr_bareos_plugins How to extend Bareos with Plugins written in Python Backup and Disaster Recovery devroom <p>Bareos (Backup Archiving Recovery Open Sourced) is a reliable, cross-network open source software for backup, archiving and recovery of data for all well-established operating systems. Emerged from the Bacula Project in 2010, Bareos was and is actively developed as a fork and enriched with lots of new features. After a short introduction about the Bareos architecture and terminology, this session will introduce how to extend Bareos with Plugins written in Python.</p> <p>Using plugins makes it possible to extend the Bareos functionality. This allows to backup and restore in an application specific and more flexible and dynamic way than normal file backup. Use cases include database backups, agentless virtual machine backups or LDAP backups. Using Python makes this a lot easier, and with its large library for connectivity and API access it is possible to address a wide range of applications.</p> Stephan Dühr Website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:45 00:55 AW1.121 backup_dr_bareos_scripting Using Bareos Console commands to automate tasks Backup and Disaster Recovery devroom <p>Bareos (Backup Archiving Recovery Open Sourced) is a reliable, cross-network open source software for backup and recovery of data for a large set of operating systems (Linux, Unix, Windows, MacOS). Bareos offers a lot of tools for user interaction. The best known tool is the bconsole, offering a command line interface. While it offers a lot of functions and can also be scripted, the Bareos JSON backend is much easier parse-able, especially when using the bareos-python module.</p> <p>This presentation will show, how Bareos can be scripted. It will give a overview about the existing tools (bconsole, bls, bscan, bareos-dir, ...), with special focus to the Bareos Console. It will show the Bareos Console feature, like commands, ACLs, JSON backend and scripting abilities. Especially for the JSON backend, we show how this can be accessed by the python-bareos module.</p> Jörg Steffens Bareos Project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:45 00:55 AW1.121 backup_dr_future_ideas Talk with ReaR, DRLM, and Bareos users about what they like to get Backup and Disaster Recovery devroom <p>An informal talk with ReaR, DRLM, and Bareos users about what they would like to get implemented in future ReaR, DRLM, and Bareos versions.</p> <p>This talk happens at the end of the "Backup and Disaster Recovery" devroom time schedule. This way also new ReaR, DRLM, and Bareos users could first get informed about ReaR, DRLM, and Bareos so that afterwards they could better tell about what enhancements or features they would like to have implemented in future versions.</p> Gratien D'haese Johannes Meixner Didac Oliveira Jörg Steffens Stephan Dühr Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:05 AW1.125 microkernel_welcoming_and_introduction Microkernels and Component-based OS devroom <p>A short introduction of the devroom and some warm words.</p> Josef Söntgen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:45 00:45 AW1.125 microkernel_kernel_library Genode's custom kernel approach Microkernels and Component-based OS devroom <p>A fundamental aspect of the Genode OS project always was the support for various kernels as back-end. It remarkably raised testing versatility and provided a high flexibility to users and developers. But supporting the Genode API on self-contained third-party kernels is sometimes also accompanied with deficiencies, redundancies, or work-arounds. To also have the option of a basic kernel without such compromises, the custom Genode kernel was developed. Its main distinguishing mark may be that it not only trusts the Genode Core-component but even more is a mere library to it. The implications of this new design and other characteristics of the custom Genode kernel, such as scheduling, capabilities, and ARM virtualization, are discussed in this lecture.</p> Martin Stein Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:45 00:45 AW1.125 microkernel_helenos_year_of_the_fire_monkey Microkernels and Component-based OS devroom <p>HelenOS is a portable microkernel-based multiserver operating system designed and implemented from scratch. It decomposes key operating system functionality such as file systems, networking, device drivers and graphical user interface into a collection of fine-grained user space components that interact with each other via message passing. HelenOS does not aim to be a clone of any existing operating system and trades compatibility with legacy APIs for cleaner design. Most of HelenOS components have been made to order specifically for HelenOS so that its essential parts can stay free of glue code, franken-components and the maintenance burden incurred by them. In this talk I will do the annual HelenOS project update.</p> <p>Please note that the talk will be given by Martin Děcký instead of Jakub Jermář who, caused by illness, will not attend FOSDEM.</p> Martin Děcký HelenOS project home page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:25 AW1.125 microkernel_replay_support Performance penalty and challenges Microkernels and Component-based OS devroom <p>we are modifying Nova kernel to make it support temporal redundancy for user processes running Genode components. Every time a process releases the CPU, we manage to restart it from its last starting point and re-run the same portion of the process code. An practical application of this could be an implementation of a fault tolerant system. At the end of the two executions, one may compare their memory footprints to detect an eventual fault due for example to SEU. We are also interested in the performance penalty this would induce on the overall systems compared to existing redundancy models. In this talk, we will present how Genode components performances are impacted by this type of redundancy. Possible choices and remaining challenges for extending this model for multiprocessor environment will also be discussed.</p> Mahoukpego Parfait Tokponnon Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:25 00:45 AW1.125 microkernel_redox_os A safety-first microkernel developed in Rust Microkernels and Component-based OS devroom <p>Redox is an attempt to make a complete, fully-functioning, general-purpose operating system with a focus on safety, freedom, reliability, correctness, and pragmatism.</p> <p>So how do we get there? By keeping the kernel minimal, both in terms of syscalls and in terms of size. By writing the code in Rust, a modern, memory-safe and type-safe systems programming language. By maintaining minimal privileges, through a general capability-based system.</p> <p>Redox is an ambitious project, but it already runs on real hardware. Let's take a look.</p> David Teller Official site Slides (Markdown) Slides (formatted) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:25 00:45 AW1.125 microkernel_kernel_agnostic_genode_executables Microkernels and Component-based OS devroom <p>Genode recently gained the ability to execute the same binary executables on kernels as different as seL4, NOVA, or Linux. Such kernel-independent executables are created via a regular tool chain and executed natively on the machine. The talk explains how it works, presents the challenges that had to be overcome, and gives an outlook of how Genode will leverage this ability in the future. The talk will be presented on a laptop running a Genode system and will be accompanied with live demonstrations.</p> Norman Feske Genode OS Framework Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:25 00:45 AW1.125 microkernel_microkernel_for_embedded_devices Microkernels and Component-based OS devroom <p>Embedded system development is a complex area in which the developers need to have a deep understanding of the underlying hardware with its configurations and interfaces, and one of the solutions to reduce this complexity is to utilize an operating system. This talk will introduce F9 microkernel aimed at low resources embedded systems powered by ARM Cortex-M microprocessors, allowing to perform real-time activities while keeping the drivers and the application isolated by a secure layer.</p> <p>F9 microkernel proved itself extremely small and simple to use while still maintaining the security of the system regarding the temporal constraints with a trusted computing base (TCB) as small as 3kLoC, which is important for safety, security and reliability in mission-critical embedded systems. This talk will also present the prototype at its early stages built to experiment with the idea of third-generation microkernels heavily inspired by seL4 for resource-constrained devices with fairly strong memory protection.</p> Jim Huang F9 microkernel: An efficient and secure microkernel built for ARM Cortex-M cores, inspired by L4 Demo scenario: SSL/TLS encrypted data gathering and processing Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:25 00:30 AW1.125 microkernel_tcpip_for_minix Microkernels and Component-based OS devroom <p>I wrote inet (the TCP/IP stack on MINIX) for two reasons: I like to come up with my own designs for everything and, most of all, I had to impress Andy Tanenbaum enough to become a Ph.D. student. Inet had to fit in with MINIX. In particular, it had to live with minimal changes to the MINIX code base. At the same time, there were quite a few areas where I felt sockets and the BSD TCP/IP implementation were wrong.</p> <p>In hindsight, there is a lot that I did not know and got wrong. I this talk, I will look at how inet follows the structure of MINIX, what works, and what went wrong.</p> Philip Homburg Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:10 00:30 AW1.125 microkernel_vfs_component_os Microkernels and Component-based OS devroom <p>The virtual file system (switch) is an instrinsic element of traditional operating systems and the majority of alternative OSes alike. For the most part, this is caused by existing applications that depend on the file abstraction and to some extent on a global view on system resources. In contrast, component-based OSes with strong security ambitions strive to apply the principle of least authority and shun one global view on the system. This was the starting for the VFS developments for Genode. The talk will present our design considerations and the current state of the VFS in Genode as a component and capability-based microkernel operating system.</p> Christian Helmuth https://genode.org/ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:55 00:30 AW1.125 microkernel_virtualization_on_hurd Microkernels and Component-based OS devroom <p>Virtualization is one aspect of our everyday life where multiserver operating systems can shine. Given the right underlying architecture, one gets robust and fine-grained virtualization with little effort and code. Achieving the same on conventional monolithic systems requires careful and invasive changes to the whole system, and the security merely depends on the implementation at hand.</p> <p>This talk describes and demos how both fine- and coarse-grained virtualization is implemented on the Hurd, and how virtualization helps users gain freedom #0, i.e. the freedom to shape her computation environment anyway she wants.</p> Justus Winter Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 AW1.126 iot_opening Overview of the day and Pieter Hintjens in memoriam Internet of Things devroom <p>Internet of Things devroom opening and Pieter Hintjens in memoriam.</p> Maxime Vincent Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 AW1.126 iot_bocce Teach your IoT thing to speak Modbus and it will not stop talking Internet of Things devroom <p>There are many IoT dashboards out on the web, most will require network connection to a server far far away, and use non standard protocols. We will show how to combine free software tools and protocols from the worlds of IT monitoring, Industrial control and IoT to create simple yet robust dashboards.</p> <p>Modbus [1] is a serial communication protocol developed in 1979 for use with programmable logic controllers (PLCs). In simple terms, it is a method used for transmitting information over serial lines between electronic devices., it’s openly published, royalty-free, simple and robust.</p> <p>Many industrial controllers can speak Modbus, we can also teach “hobby” devices like Arduino boards and ESP8266 to speak Modbus [2]. Reliable, robust and simple free software Modbus client [3] will be used to acquire the metrics from our device, then the metrics will be collected [6][7] and sent to Hawkular and Grafana [8] to store and visualize our data.</p> <p>(*) http://starwars.wikia.com/wiki/Bocce</p> <p>[1] https://en.wikipedia.org/wiki/Modbus [2] https://github.com/yaacov/ArduinoModbusSlave [3] https://github.com/yaacov/node-modbus-serial [6] https://github.com/hawkular/hawkular-client-python [7] https://github.com/yaacov/hawkular-client-cli [8] https://github.com/hawkular/hawkular-grafana-datasource</p> Yaacov Zamir Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 AW1.126 iot_smart_bulbs Control LIFX WiFi-enabled light bulbs Internet of Things devroom <p>In this talk we'll take a close look at a one of the "smart" (WiFi-connected) light-bulbs available on the market today. The bulbs expose a small API over UDP that I used to run an interface on a programmable buttons array. We will see how topics like reverse engineering, security, licensing, "self-hosting" and user experience came into play.</p> <p>monolight is an user interface to control LIFX WiFi-enabled light bulbs. monolight runs on a programmable button array; it is written in Python 3.6 (to have type annotations and asyncio), and it interfaces with the bulbs through a more complex daemon written in C: lightsd.</p> <p>This talk will start with a live demo of the button grid remotely controlling the light bulbs. We will then explore how it works and some of the motivations behind it (network isolation, trying to not depend on the "cloud", reliability, user-experience). Finally, we will look into what kind of opportunities even more open IoT products could bring, and open leave the place to Q&amp;A and discussion.</p> Louis Opter lightsd, a daemon to control LIFX bulbs Work in progress on lightsd (includes monolight) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 AW1.126 iot_adem Collaborative air pollution monitoring Internet of Things devroom <p>The aim of this project is to collect air quality information (fine dust particles) by means of a device that collects fine dust (PM1.0 and PM2.5) metrics. The device is mounted on bicycles to crowdsource factual air pollution information in and around the city of Ghent, Belgium and centralize that information for further processing.</p> <p>During this presentation we will look at the hardware and firmware design. New ideas and future extensions. But we also touch on the problems related to particulate matter and air pollution.</p> <p>The device uses an ESP8266 with various sensors and output devices. The firmware is written in C++ using the Arduino framework.</p> Dag Wieers ADEM project website (Dutch) ADEM Github repo Timelab website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:25 AW1.126 iot_eclipse Internet of Things devroom <p>The Internet of things (IoT) is expected to connect billions of devices. The demand for an open IoT platform is increasing to enable and accelerate the development of cross-domain/cross-vendor use cases and face the accompanying challenges like connectivity with a wide range of heterogeneous protocols and large scale messaging. Eclipse IoT on top of Cloud Foundry is a promising software stack for this goal. However, it will only be successful if it is widely adopted. I will show you where we are today and we can find out together where to go tomorrow.</p> <p>It is expected that in the next years billions of devices will be connected to the internet of things (IoT). Many of them will interact with cloud-based solutions to provide additional services on the devices or in the web. To bring IoT to the next level technologies for supporting cross-domain/cross-vendor solutions are needed. There is already a lot FOSS available to provide a technological base for building IoT solutions (e.g. Cloud Foundry). However, on top of it, software is needed for the connectivity challenges, support of domain-specific protocols, large scale messaging and device management and integration with existing infrastructure. Eclipse IoT aims to address these needs and provide an IoT framework that makes IoT development fast and simple. However, such an IoT platform can only be successfull if it is widely adopted. No-one can do I(o)T alone. I will show you where we are today and we can find out where to go tomorrow. Come and join us!</p> Steffen Evers Eclipse IoT working group Cloud Foundry Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 AW1.126 iot_msgflo Flow-based-programming over message queues Internet of Things devroom <p>MsgFlo is a tool to build systems that span multiple processes and devices, for instance IoT sensor networks. Each device acts as a black-box component with input and output ports, mapped to MQTT message queues. One then constructs a system by binding the queues of the components together. Focus on components exchanging data gives good composability and testability, both important in IoT. We will program a system with MsgFlo using Flowhub, a visual live-programming IDE, and test using fbp-spec.</p> <p>At the 2014 IoT devroom, we introduced flow-based programming (FBP) for heterogenous IoT systems, using NoFlo and MicroFlo. The programming model worked well for individual devices, but between the devices of the system our solution caused too tight coupling. When we realized this, we decided to build Msgflo, which reuses many of the same concepts and tools.</p> <p>In MsgFlo each process/device is an independent participant, receiving data on input queues, and sending data on output queues. A participant do not know where the data comes from, nor where (if anywhere) the data will go. This strong encapsulation gives good composability and testability. MsgFlo uses a standard message queue protocol (MQTT or AMQP). This makes it easy to use with existing software. As each participant is its own process and communicate over networks, they can be implemented in any programming language. Convenience libraries exist for C++, Python, Arduino, Node.js and Rust. On top of the message queue protocol, a simple discovery mechanism is added. For existing devices without native Msgflo support, the discovery messages can be sent by a dedicated tool.</p> <p>We have used Msgflo in a handful of real-life deployments, and will demonstrate building a simple stand-alone IoT system.</p> Jon Nordby MsgFlo Flowhub fbp-spec 2014 IoT devroom talk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 AW1.126 iot_6lowpan And how to support new Link Layer types Internet of Things devroom <p>6LoWPAN enables, as the name implies, IPv6-communication over Low-power Wireless Personal Area Networks, e.g. IEEE802.15.4. A lot of resources are available to allow 6LoWPAN over IEEE802.15.4, but how can one extend the 6LoWPAN feature-set for the use with other link layer types? This talk will cover the details about a generic implementation that should work with every link layer type and how one can provide support for ones own custom wireless network. The goal is to give quite a technical and detailed talk with finally a discussion about when 6LoWPAN is actually useful and when is it not.</p> <p>Last year, as a summer project, I've implemented a generic 6LoWPAN adaption layer into picoTCP, an open source embedded TCP/IP-stack developed by Altran Intelligent Systems, with an eye on the IoT. I've made an effort to make the adaption layer as generic as possible allowing it to be easily expandable with new link layer types and topologies. The layer should also be able to allow multiple link-layer extensions, for post-network-layer processing. This could be used for mesh-under routing, link layer security, whatever you want. This talk will cover how one can take advantage of these features and caveats that come with it. I also have my personal thoughts on 6LoWPAN and I would like to share them with you at the end of the talk.</p> Jelle De Vleeschouwer Author's blog http://picotcp.com Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 AW1.126 iot_jerryscript An ultra-lightweight JavaScript engine for the Internet of Things Internet of Things devroom <p>JerryScript is a lightweight JavaScript engine designed to bring the success of JavaScript to small IoT devices like lamps, thermometers, switches and sensors. This class of devices tends to use resource-constrained microcontrollers which are too small to fit a large JavaScript engine like V8 or JavaScriptCore. JerryScript is heavily optimized for low memory consumption and runs on platforms with less than 64KB of RAM and less than 200KB of flash memory. Despite the low footprint, JerryScript is a full-featured JavaScript engine implementing the entire ECMAScript 5.1 standard. It is actively used in production and already runs on more than one million smartwatches! JerryScript is an open source project and has been released under the Apache License 2.0. The talk will include a demo showing JavaScript code executing on top of JerryScript on a resource-constrained microcontroller.</p> Tilmann Scheller http://jerryscript.net Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 AW1.126 iot_yocto Internet of Things devroom <p>Yocto/OpenEmbedded is a very famous build system for embedded Linux and according to the last "IoT developper survey", it's the the most used OS for IoT devices. During the conference, we will describe some advanced Yocto/OE features in order to build a simple sensor based on Raspberry Pi zero.</p> <p>Building a sensor with Yocto could be quite simple. During the conference we will explain hown to integrate an I²C sensor with Raspberry Pi zero.</p> <ul> <li>setting up Wi-Fi connection</li> <li>writing recipe for I²C temperature/pressure device control</li> <li>adding a Linux service to get data from sensor through I²C bus</li> <li>adding NTP client with Yocto package management (SMART)</li> <li>building a dedicated distro for the device</li> <li>adding everything to a new layer (meta-iot)</li> </ul> Pierre Ficheux Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 AW1.126 iot_frosted A free POSIX OS for Cortex-M embedded systems Internet of Things devroom <p>FROSTED is an acronym that means "FRee Operating System for Tiny Embedded Devices". The goal of this project is to provide a free kernel for embedded systems, which exposes a POSIX-compliant system call API. In this talk I aim to explain why we started this project, the approach we took to separate the kernel and user-space on Cortex-M CPU's without MMU, and showcase the latest improvements on networking and supported applications.</p> Brabo Silvius Frosted repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 AW1.126 iot_warp10 Internet of Things devroom <p>IoT changed deeply the value chain. End users of consumer devices aim to have an instant gratification which is based on data/metrics produced by the object. At the end, IoT makers have to execute an epic split: Build the actual device (mechanical and electronics), Be over the top in firmware development in order to be secured Design services based on the object data. Surrounding all that is a hard job for a product team. In such a context Open Source Software constitutes basic building blocks of IoT devices. Data produced by smart devices are often time series, storing them is not the challenge, many good open source solutions exists (OpenTSDB, Influx..) but developing algorithms based on your data is difficult. It can become a nightmare if you have to think about scalability. Warp10 is a 3 years old open source platform designed for collect, store and manipulate sensor data with WarpScript, a language dedicated to time series analysis. WarpScript works natively on times series stored into Warp 10 (based on either levelDB or HBase) but can be connected to any data source. When you manipulate sensor data, you must deal with privacy. Security and privacy have also been addressed by Warp 10 since its very inception, this includes fine grain access control mechanisms, encryption capabilities and throttling management. Warp10 plateform can be integrated into an open ecosystem likes Storm, Flink, or also Apache Pig with one cornerstone, the capatibility of manipulate time series with WarpScript.</p> <p>The Warp 10 Platform is designed to collect, store and manipulate sensor data. Sensor data are ingested as sequences of measurements (also called time series). The Warp 10 Platform offers the possibility for each measurement to also have spatial metadata specifying the geographic coordinates and/or the elevation of the sensor at the time of the reading. Those augmented measurements form what we call Geo Time Series.</p> <p>The first differentiating factor of Warp 10 is that both space (location) and time are considered first class citizens. Working with Geo Time Series allows you to have geo-located readings without having to use four separate series and having to keep track of the reading context.</p> <p>Complex searches like “find all the sensors active during last Monday in the perimeter delimited by this geo-fencing polygon” can be done without involving expensive joins between separate time series for the same source.</p> <p>We created WarpScript, an extensible stack oriented programming language which offers more than 700 functions and several high level frameworks to ease and speed your data analysis. Simply create scripts containing your data analysis code and submit them to the platform, they will execute close to where the data resides and you will get the result of that analysis as a JSON object that you can integrate into your application.</p> <p>The WarpScript approach is another differentiating factor of Warp 10. Traditional time series platforms offer few manipulation options, usually only providing a SQL like query language which cannot express complex analysis, or providing a reduced set of aggregation functions. These approaches force you to produce more code on the client side thus increasing your development time and leading to massive transfers of unprocessed data from the platform to your applications. Our approach lets you focus on your business use cases, simplifying IoT and sensor data applications by taking care of a larger chunk of the data analysis in a very efficient way.</p> Sébastien Lambour The Warp 10 Platform Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 AW1.126 iot_project_lighthouse A low-cost device to help blind people live independently Internet of Things devroom <p>Let's see how we can build small IoT devices that can help blind people in their daily life.</p> <p>The Word Health Organization estimates that more than 250 million people suffer from vision impairment, 36 millions of them being entirely blind. In many cases, their impairment prevents them from living independently. To complicate things further, about 90% of them are estimated to live in low-income situations.</p> <p>Project Lighthouse was started by Mozilla to try and find low-cost technological solutions that can help vision-impaired people live and function on their own. To this date, we have produced several prototypes designed to aid users in a variety of situations.</p> <p>Let's look at some of them.</p> <p>This will be a relatively low-tech presentation.</p> David Teller Forums Wiki Source Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 AW1.126 iot_micropython IoT programming with Python Internet of Things devroom <p>MicroPython is a FOSS implementation of Python 3 optimised to run on a microcontroller with MHz and tens or hundreds of Kbytes of RAM. I will present MicroPython in terms of hardware and software, including some boards with network access, like WiFi, Bluetooth and LoRa. But even with these hardware constraints, scientific MicroPython is already available and practical, to be shown from the perspective of users and developers.</p> <p>MicroPython is a implementation of Python 3 optimised to run on a microcontroller, created in 2013 by the Physicist Damien P. George. The MicroPython boards runs MicroPython on the bare metal and gives a low-level Python operating system running interactive prompt or scripts.</p> <p>The MicroPython boards currently use 32 bit microcontrollers clocked at MHz and with RAM limited to tens or hundreds of Kbytes. These are the microcontroller boards with official MicroPython support currently in the beginning 2017 : Pyboard, Pyboard Lite, WiPy 1/2, ESP8266, BBC Micro:bit, LoPy, SiPy, FiPy. They cost between USD3-40, are very small and light, about some to tens of mm in each dimension and about 5-10 g, have low power consumption, so MicroPython boards are affordable and can be embedded in almost anything, almost anywhere.</p> <p>MicroPython boards have many electronic interfaces : digital input/output (GPIO) ports, analog inputs (via Analog Digital Converter), analog outputs (via Digital to Analog Converter), wireless (WiFi, Bluetooth, LoRa), etc. So MicroPython on these boards can be used to control all kinds of electronic projects.</p> <p>In terms of hardware, 2016 was the year of MicroPython, as new boards compatible with MicroPython arrived : ESP8266 boards (there are more than 10 types, with WiFi), BBC Micro:bit (with Bluetooth LE, free distributed to 1 million British students of 11-12 year-old), LoPy (with LoRa, WiFi, Bluetooth LE), SiPy (with Sigfox, WiFi, Bluetooth LE). Even a 5 network board was announced for April 2017 delivery, FiPy with LoRa, Sigfox, cellular LTE-CATM1/M2(NBIoT), WiFi, Bluetooth LE.</p> <p>In terms of software, MicroPython allows microcontroller programming directly with Python 3, which is easier and more productive than programming with Arduino IDE, C/C++, etc. And MicroPython is well suited for Internet programming, so MicroPython boards are a natural choice for IoT (Internet of Things), for example running a simple web server to show a sensor output (text and graphics), sending sensor data to IoT cloud, etc. This fact is very important as today there are some billions of IoT devices worldwide, and in 2020 some tens of billions are expected.</p> <p>Even with RAM constraints (tens to hundreds of Kbytes), scientific MicroPython is not only possible, but already available and practical to use, with MicroPython modules capable of numerical calculations, FFT (Fast Fourier Transform), calculations with uncertainties, etc. I will list the scientific MicroPython modules which are available, as well as show how to port Python 3 modules to MicroPython, squeezing the source code in tens of Kbytes.</p> <p>Some hints will be given to the FOSS community to be open minded about MicroPython : be aware that MicroPython exists, MicroPython is a better programming option than Arduino in many ways, MicroPython boards are available and affordable, porting more Python 3 scientific modules to MicroPython, MicroPython combines well with IoT.</p> Roberto Colistete Jr Presentation about Physical Computing made in April 2016 Presentation about MicroPython made in May 2016 Presentation about MicroPython and IoT made in July 2016 Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:25 AW1.126 iot_iotivity How to make IoT ideas to real using FLOSS. Internet of Things devroom <p>The OCF/IoTivity project aims to answer interoperability issues in the IoT world from many different contexts to accommodate a huge range devices from microcontrollers, to consumer electronics such as Tizen wearables or your powerful GNU/Linux system The vision of Iotivity is not restricted to ad hoc environment but also can be connected to Internet and make the service easily accessible by other parties. With cloud access in place, usage scenarios for IoT devices can be enriched immensely.</p> <p>In this talk we walk through the steps on how to practically handle IoT use cases that tailored towards various topologies. To introduce the approach used in IoTivity, we first give a detailed background introduction on IoTivity framework. Then we will present a demo that shows a few examples, from setting up a basic smart home network to accessing the IoT resource via a third party online service. Challenges and solutions will be addressed from development and implementation aspects for each step of the demo.</p> <p>We hope this talk will inspire developers to create new IoT prototypes using FLOSS,.</p> <p>This will be a shared presentation with Ziran Sun from Samsung Open Source Group.</p> Philippe Coval http://www.slideshare.net/SamsungOSG/iotivity-from-devices-to-the-cloud-71867171# (HTML slides with video demos) http://wiki.iotivity.org/community https://vimeo.com/202478132#iotivity-artik-20170204rzr https://blogs.s-osg.org/tag/iotivity/ https://archive.fosdem.org/2016/schedule/speaker/ziran_sun/ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:25 AW1.126 iot_opensmartgrid An Open source IoT platform for large infrastructures Internet of Things devroom <p>For FOSEM we would like to excite developers - who have interest in working on use-cases for Smart Cities, Utility Companies and other large-scale infrastructure companies - for the Open Smart Grid Platform. The Open Smart Grid Platform is an Open source IoT platform for large infrastructures. The platform allows you to monitor and control hardware in the public space. With several (generic) functions ready to use, the main benefits of the Open Smart Grid Platform are: scalability &amp; high availability, high security, its generic design, and no vendor lock-in.</p> <p>Introduction The Open Smart Grid Platform is an open source IoT platform. The open smart grid platform is a generic IoT platform, built for organizations that manage and/or control large-scale infrastructures. The following use cases are now readily available: smart lighting, smart metering, tariff switching, and microgrids. Furthermore the following use-cases are in development: distribution automation, load management and smart device management. The architecture of the open smart grid platform is modular and consists multiple layers. External applications are connected to a service domain via the integration layer. This integration layer contains web services. The service domain manages all the business rules such as: "Can we allow this change?”. The core component routes the messages to the correct protocol adaptor and contains generic functions such as device management, time synchronization and firmware management. The protocol adaptors convert the messages to a protocol that is used by the smart objects. This message could be a switching command, for example.</p> <p>The open smart grid platform is highly unique for embracing the open source approach and the following key features: • Suitable for scalable environments delivering high performance • High availability and multitenant architectures • Built with security by design and regularly tested. • It has a generic architecture. More use cases and domains are easily added to the platform. • The open smart grid platform is based on open standards where possible.</p> <p>More information can be found on: http://opensmartgridplatform.org/ and http://documentation.opensmartgridplatform.org/</p> <p>Proposal talk For FOSEM we would like to excite developers for our platform by discussing the reasoning behind the platform from a technical point of view and the architecture of platform. We believe the platform is interesting for developers who have interest in working on use-cases for Smart Cities, Utility Companies and other large-scale infrastructure companies.</p> Jonas van den Bogaard Open Smart Grid Platform website Open Smart Grid Platform documentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 K.3.201 luawt Lua bindings for a C++ Web Toolkit library Lua devroom <p>Wt is a C++ library for developing web applications and sites.</p> <p>Wt provides widget-centric API to write web application as if graphical application. Wt translates this to Ajax powered site or to plain HTML site depending on the client. Unlike page-based frameworks or single-page JavaScript frameworks, Wt creates stateful applications that are at the same time highly interactive but still support plain HTML browsers or web crawlers.</p> <p>Luawt uses all the power of Wt in the world of Lua. Luawt is different from popular solutions like Lapis and Sailor, because Wt is different. Target customer of luawt wants to provide web interface to a library, written in C or Lua. Luawt application can’t run directly from nginx.conf, but the application has per-session state and its code looks like GUI application's code. Luawt is not finished yet, but we have a number of solutions to automate generation of bindings using gccxml, so we expect it to become a practical solution very soon.</p> <p>We would like to give a talk about luawt in order to show its facilities and demonstrate several examples how it could be applied in everyday web development.</p> <p>Homepage of luawt: https://github.com/LuaAndC/luawt Luawt is delivered to you by Pavel Dolgov (github.com/zer0main) who is a CS student and open source developer and Boris Nagaev (github.com/starius) who is a site reliability engineer.</p> Pavel Dolgov https://github.com/LuaAndC/luawt https://github.com/zer0main Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:05 00:30 K.3.201 mermaid Lua devroom <p>The talk presents a programmer-friendly approach to rapid prototyping of functional UI sketches for an enterprise application, using a home-grown Lua text template library and the mermaid.js command-line tool. The speaker will also share the experience of creating yet another text template library, the reasoning behind it and the lessons learned in the process of implementation.</p> Alexander Gladysh Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:40 00:30 K.3.201 luarocks Lua devroom <p>In my presentation I will focus on my project during Google Summer of Code program (mentor Hisham Muhammad). I will tell basic informations about this program and then continue to talk about our main goal, which was to increase quality of LuaRocks test suite, use new features from Lua unit testing framework busted and how to use / extend this suite. We implemented the new test suite with Lua unit testing framework busted and changed Continuous Integration practice.</p> <p>Content of presentation:</p> <ul> <li>Basic informations about Google Summer of Code program</li> <li>Basic introduction to Unit test</li> <li>Advantages of Lua unit testing framework busted <ul> <li>Main features of this framework</li> <li>Smarter tests that check execution and results</li> </ul> </li> <li>Idea of black-box testing based on old bash script used before <ul> <li>Few details about old style testing of LuaRocks</li> <li>What was used from old suite</li> </ul> </li> <li>Multi-platform of this suite (Windows primary) <ul> <li>OS X on TravisCI added</li> <li>Which tests are executable on Windows</li> <li>Known issues with Windows platform</li> </ul> </li> <li>Some specific tests, how we deal with black-box tests problems <ul> <li>Example of creating mock http server (kind of system testing)</li> </ul> </li> <li>What was needed to be changed in LuaRocks Continuos Integration practice <ul> <li>Example of yaml files</li> <li>Codecov.io instead of Coveralls.io</li> </ul> </li> <li>Merging results of tests from more services <ul> <li>Example of new test results</li> </ul> </li> </ul> Robert Karasek main page of our project & link to final document with details of our work Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:15 00:30 K.3.201 nodemcu_wearables Lua devroom <p>NodeMCU is an open hardware IoT platform based on eLua for the ESP8266 microcontroller. It allows creating low-cost projects using Wi-Fi and easy scripting in Lua, which makes it great for making wearables, for example. In this talk I'll give an introduction to the platform, show how I built an audio reactive graduation dress and share the materials to get you started on your own wearable project. This talk is ideal for beginners to hardware hacking or Lua enthusiasts looking for project inspiration.</p> Etiene Dalcol Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:50 00:30 K.3.201 eclipse_omr Using the Eclipse OMR JitBuilder to improve Lua performance with minimal changes to the interpreter Lua devroom <p>I will be discussing recent work by my team to use the Eclipse OMR JitBuilder technology to improve the Lua interpreter performance. I will show the small changes required in the runtime to take advantage of the OMR JitBuilder technology, show the performance improvements and discuss the trade offs of using a JIT.</p> <p>The Eclipse OMR project consists of a highly integrated set of open source C and C++ components that can be used to build robust language runtimes that will support many different hardware and operating system platforms. The talk will be focused mainly on the Compiler technology and specifically the JitBuilder and how it could be used by the Lua runtime. You can read more about the Eclipse OMR project at https://www.eclipse.org/omr/ and view the code at https://github.com/eclipse/omr. I will make a version of the Lua runtime source code with our changes available so everyone can look through and ask questions or provide feedback.</p> Charlie Gracie Eclipse OMR GitHub Eclipse OMR Video recording (mp4) Video recording (WebM/VP8) Presentation Slides Submit feedback 13:25 00:30 K.3.201 luajit Improvements and the status Lua devroom <p>In this talk, we will present the latest improvements done for ARM64 and MIPS64 platforms in LuaJIT. The talk will cover challenges related to new GC64 mode, as well as arch-specific issues.</p> <p>Up to recently, the only 64-bit architecture that LuaJIT supported was x86_64 and in the latest official release it had limits with addressable memory. In the meantime, new GC64 mode was finished which enabled LuaJIT to address 47-bit address space. ARM64 and MIPS64 ports were done on the top of the new GC64 mode. We will discuss the current status of these ports and point out some pending issues that could cause problems in today's software that uses LuaJIT. The talk will also be useful to those interested to port LuaJIT to another architecture.</p> Djordje Kovacevic Stefan Pejic Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 K.3.201 packaging_go BSD devroom <p>After a quick introduction to pkgsrc (the NetBSD package collection), we will talk about how Go code is built, how Go handles dependencies and what challenges there are in putting the two together. It turns out that the buildlink framework is well applicable to dependencies of Go programs too. Bonus: How to make your Go code easy to package.</p> Benny Siegert Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:55 K.3.201 my_bsd_sucks_less BSD devroom <p>Instead of speaking about successful parts of the projects, this talk will focus on the weakness of both OpenBSD and FreeBSD, exploring conceptual differences between them and also exploring directions where motivated contributors can start working on to improve the projects. While being general purpose operating systems we will see that one size doesn't fit all and how one or the other may be a better solution to a particular problem. Trolls are to be left at the door.</p> Baptiste Daroussin Antoine Jacoutot Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:55 K.3.201 geli_boot Booting FreeBSD from encrypted disk BSD devroom <p>FreeBSD has supported disk encryption with GBDE and GELI since 2002 and 2005 respectively. However, booting the system required storing the loader and kernel unencrypted so that the requisite GEOM module could be loaded to handle decryption. This became a significantly larger stumbling block with the introduction of ZFS, as having multiple separate partitions detracts from the advantages of ZFS, and also causes headaches when upgrading the operating system. With the growing popularity of ZFS Boot Environments, a solution was needed that allowed the kernel and loader to remain part of the primary file system, even if it was encrypted. This paper provides an overview of the design of the GELI enabled BIOS boot code and loader, as well as the numerous challenges encountered during their development.</p> <p>A walk through the tale of woe that was implementing support for GELI in the FreeBSD bootcode and loader. Hear the story of a very junior developer persisting through countless complications and roadblocks to finally arrive at working code. Learn just how complicated it is to boot a computer, and how much worse it can get. In the end, we are left with working ZFS Boot Environments, even with fully encrypted pools.</p> Allan Jude Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:55 K.3.201 transport_evolution_bsd A New, Evolutive API and Transport-Layer Architecture for the Internet BSD devroom <p>Internet Transport is changing, some changes have been incremental updates to mechanisms (e.g., RACK, BBR), others demand new protocol options (e.g., MPTCP) or entirely new protocols (e.g., QUIC, SCTP). However significant changes are still difficult to deploy - requiring modifications to application code and support by the stack. Even when updates happen, the network needs to support the new method to allow applications to use it. Long deployment times have motivated the need to change how protocols are handled in the stack. We review the state of the art in Internet Transport, and the status of deployment in th BSD's and then propose a new direction for the transport interface, developed in the EU NEAT Project, that can ease deployment of new transports across all platforms. We conclude by showing the advantages and its prospects for standards adoption.</p> Tom Jones ([tj]) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:55 K.3.201 cloud_abi How does it work? BSD devroom <p>One of the fundamental problems with UNIX-like operating systems is that they don't seem to make it easy and intuitive to develop applications that are strongly hardened against exploits through sandboxing. With CloudABI, we're trying to make this process a lot easier, by having an environment that is purely based on capability-based security.</p> <p>In another talk in the main track I'm going to give a more general talk about CloudABI, explaining what the mindset behind the project. During this talk in the BSD devroom I want to focus on one specific aspect, namely how FreeBSD's runtime environment for CloudABI works.</p> <p>CloudABI is a simplified POSIX-like runtime environment that is inspired by FreeBSD's Capsicum. It allows you to create programs that can solely interact with the environment through file descriptors (capabilities). Compared to traditional UNIX-like systems, this approach has three advantages:</p> <ol> <li>It reduces the impact of exploits. If an attacker manages to take over control of a CloudABI application, it can only access those resources that the application was designed to use (for a networked service: typically an already bound TCP socket and some data directories). This is different from most traditional UNIX-like systems, where an attacker would gain access to all resources that the user running the application can access, which is very broad.</li> <li>It makes applications easier to test. By knowing that an application can only access those resources that are provided explicitly, the entire environment in which the application runs can be customized for testing.</li> <li>Similarly, it makes applications easier to deploy. This model tends to reduce the need for using containers and virtual machines. Applications can be started directly, while still providing the necessary isolation from the rest of the system.</li> </ol> <p>An interesting aspect of CloudABI is that it's cross-platform. You can compile a CloudABI program once and run exactly the same executable both on FreeBSD, macOS and Linux. In this talk I want to focus on this specifically: how is FreeBSD capable of running these programs? Topics I'll be covering during this talk include:</p> <ul> <li>FreeBSD's image activator framework: the code that parses and loads executables.</li> <li>The ELF file format</li> <li>System calls and system call tables</li> <li>vDSOs: Virtual Dynamic Shared Objects</li> </ul> Ed Schouten CloudABI's website CloudABI's source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:20 K.3.401 webrtc_low_barrier Real Time Communications devroom <p>The session will look at the issues developers run into when developing their own WebRTC applications. It looks at the problematic elements in the API, the compatibility problems between browsers, missing infrastructure, and even the human element. All in all, it's a demonstration that a true WebRTC application can't be built in a snap.</p> <p>Last year, I presented a talk explaining how easy it is to build a WebRTC application.</p> <p>This year, I'll tell you the truth!</p> <p>It will cover both the ideas and code necessary to move your basic application into something that resembles production-ready.</p> Steven Goodwin WebRTC Tutorial Guide Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:55 00:20 K.3.401 rtc_technologies What are the main technologies, frameworks and protocols used for building real-time applications and how reliable, efficient and scalable are they? Real Time Communications devroom <p>Real-time applications are growing in popularity across almost every industries : Gaming, IoT and smart home, Healthcare, Transportation, etc... - What are the main technologies, frameworks and protocols used for building real-time applications and how reliable, secure, efficient and scalable are they ? - Which stacks are used amongst the industries to build real-time infrastructures ?</p> Martin Lagrange Video recording (mp4) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:20 00:20 K.3.401 telepathy The case of Telepathy Real Time Communications devroom <p>The current state of the Telepathy project and its vision for the future of real-time communication on the desktop.</p> <p>Recent developments in the Telepathy project have brought it again on the front, after years of inactivity. In this talk we will look through what is going on in Telepathy recently and what are its plans for addressing real-time communication needs on the desktop.</p> George Kiagiadakis Project website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:45 00:20 K.3.401 xmpp_iot XMPP backed IoT Real Time Communications devroom <p>How can we secure IoT and provide for a robust single point of access? XMPP Powered by Tigase can provide an easy touchless setup, a single point of access, and secure access to connected devices.</p> <p>Currently the IoT world is a wild west of open devices and insecure access. Given the recent DDoS attack on the eastern seaboard of the US being spawned by such technology, it may be easy to disregard the IoT as a flash in the pan technology without much promise. But to do this would be to discount the benefits the Internet of Things can offer. Using the real time communication power and built in security of XMPP, we at Tigase have developed an instant access box to serve as a unified device for IoT devices while providing easy setup for your internet connected devices.</p> <p>Consider a home thermostat that is IoT enabled. Currently, the device itself is forward facing using some sort of HTTP page, protected by a simple password challenge. To be able to access this device while outside your home network, you will need to leave this device exposed to the greater internet. Your publicly available IP now has a front door that can be beaten by brute force. Granted, the worst somebody could do in that situation is inflate your HVAC bill for a day until you figure out that 18°C is not an appropriate house temperature. Still, many devices that feature IoT come with very little unified security built in, and even then may have the most rudimentary of security built in.</p> <p>XMPP can provide the solution; a single device to unify, secure, and provide access to IoT devices in the home.</p> Daniel Wisnewski Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:10 00:20 K.3.401 asterisk Real Time Communications devroom <p>There are many considerations when building a large SIP infrastructure. This talk will focus on some of the key challenges and decisions that must be made when designing such a system, and how Asterisk can be deployed as a horizontally scalable application server in such a system.</p> <p>While there is no right way to build a large SIP infrastructure, there are certainly wrong ways. Often, design decisions have to be made early in the construction of an infrastructure that balance trade-offs affecting performance, scalability, and ease of development/deployment.</p> <p>This talk will explore these trade-offs and design decisions when building such an infrastructure using Kamailio and Asterisk. This includes investigating considerations surrounding: * Managing SIP location and registration * Call routing * SIP subscriptions and event handling * Communications application development</p> Matt Jordan Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:35 00:20 K.3.401 jitsi What's new in Jitsi and its related projects Real Time Communications devroom <p>Jitsi offers seamless and secure multiparty video conferencing while being 100% Open Source. Come and see what's new in Jitsi land! This talk will dive into the latest developments in the Jitsi Videobridge such as simulcast support and the new React Native based Jitsi Meet, the video groupchat client which just went mobile.</p> <p>Jitsi started out as "SIP Communicator" back in 2003 and has been in the forefront of Real Time Communications ever since. One of Jitsi's biggest innovations was the introduction of the videobridge, which made video groupchat possible. Lately the Jitsi team has been focused on adding new features to the videobridge such as simulcast along with the development of a React Native based client for mobile platforms. All of this while being secure and 100% Open Source!</p> Saúl Ibarra Corretgé Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:20 K.3.401 jssip Real Time Communications devroom <p>JsSIP allows you to create WebRTC applications using SIP within your browser.</p> <p>The talk will go through the beginning of its development along with the standarization process of the WebSocket as a transport for SIP, the use cases, the present and the future of JsSIP.</p> Jose Luis Millán Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:25 00:20 K.3.401 mediasoup A WebRTC SFU for Node.js Real Time Communications devroom <p>mediasoup is a WebRTC SFU (Selective Forwarding Unit) for Node.js that allows applications to run multiparty video conferencing with browser and mobile devices in a multi-stream fashion.</p> <p>Rather than being yet another standalone media server, mediasoup is a Node.js library/module which can be easily integrated within existing applications.</p> <p>mediasoup exposes both, the ORTC API and the WebRTC API (same as in browsers), allowing the application to program multiparty video conferencing via JavaScript. mediasoup is minimalist, it just focuses on media handling. It does not provide, nor it mandates, a specific network signaling protocol.</p> <p>The talk will expose the technology behind mediasoup, the API it exposes, and a demo application the assistants will be able to join.</p> Iñaki Baz Castillo Homepage of mediasoup project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:50 00:20 K.3.401 webchat How to use XMPP and Converse.js to integrate webchat into any website Real Time Communications devroom <p>Converse.js is an XMPP-based webchat application that can be used as a standalone application or it can be customized and integrated into any website. In this talk I'll provide an introduction to Converse.js and I'll also explain the infrastructure required to integrate and host XMPP-based webchat.</p> <h2>What is XMPP and how do I integrate it into a website?</h2> <p>I'll provide a brief introduction to XMPP (as presence and chat protocol) and the two main technologies for integrating XMPP into the webbrowser (long-polling with BOSH versus websockets).</p> <h2>What is Converse.js?</h2> <p>Next follows an introduction to Converse.js, which is a webchat client that can be used standalone, or which can be integrated into any website. Then I'll talk about how Converse.js came to be, what it was originally used for, where it's been integrated and what's been done with it since.</p> <h2>How to integrate webchat into your website</h2> <p>In this section, I'll provide an outline of what's needed to create a webchat solution for your website. I'll mention XMPP servers, BOSH connection managers, XEPs (XMPP protocol extensions) that you'll likely want to enable, and more. I'll also elaborate on how you might want to enable communication between your web app's backend and an XMPP server.</p> <h2>Plans for the future</h2> <p>I'll then finish off by discussing plans for future improvements and enhancements to Converse.js</p> JC Brand The Converse.js website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:15 00:20 K.3.401 dualstack IP and the old IP together - what can go wrong? Real Time Communications devroom <p>The Internet has shifted to the current 128-bit IP protocol but some networks are still lagging behind. This talk is about issues with the dual stack scenario, changes to protocols needed and real world experiences of implementations.</p> <p>The Internet has shifted to the current 128-bit IP protocol but some networks are still lagging behind. This talk is about issues with the dual stack scenario, changes to protocols needed and real world experiences of implementations.</p> <p>SIP was written for both IPv4 and IPv6, but not for both at the same time. The talk is about experiences from SIPit tests, code and real world implementations on mobile networks - what happens with your software when being faced with both protocols? Can this affect your old IPv4-only implementation as well? What is the best option when my software crashes and generates core dumps?</p> Olle E Johansson Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:40 00:20 K.3.401 ring_opendht BlockChain and OpenDHT Real Time Communications devroom <p>Ring is free software for communication developed by Savoir-faire Linux in our Montréal offices. It was conceived and developed on a peer-to-peer architecture model, relying on OpenDHT, its dedicated distributed hash table for retrieving its users on the network. Ring's Beta 2 version released on november 4th 2016 provides many new features for its users. The most interesting of them is the identity and account management mechanism, implementted on a blockchain Ethereum technology.</p> <p>Since the project started and the software's first release about 2 years ago, Ring has evolved in many directions. Our new Beta 2 release features new funcionalities developed to improve the user's experience: The Multi-device function makes it possible for users to associate many devices to the same identity (many RingID's to the same identity/person), and all the devices will be synchronized. The Blockchain supports the multi-device feature for the identity and account management. It is implemented on an Ethereum technology. OpenDHT library was enhanced in order to optimize user's retrieval on the p2p network and decrease the network's operations time. Ring is now available on UWP (Universal Serial Platform thus offering support for Ring's clients on different platforms supported and maintained from Microsoft.</p> <p>Finally, we are planning to release Ring's first stable version in a few months, which will introduce new elements and potentially a higer level of software reliability, users' privacy protection, utilisability and a better user experience</p> Alexandre Viau Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:05 00:20 K.3.401 opensips Real Time Communications devroom <p>When moving from a linear processing architecture to an event-oriented one, OpenSIPS becomes able to handle more advanced SIP scenarios, as well as to perform complex integrations with external applications.</p> <p>The new OpenSIPS version follows a Subscribe/Notify model, which allows the SIP routing to be driven by events. These events are triggered from both inside and outside OpenSIPS, and are internally dispatched by OpenSIPS to the right process/subscriber.</p> <p>During this presentation, I will show how the asynchronous architecture revamp of the upcoming OpenSIPS 2.3 facilitates a series of state-of-the-art integrations (SIP transaction pausing while push notifications are taking effect, custom suspend-resume logic while waiting for an external event, etc.).</p> <p>The discussion will also include OpenSIPS scripting, and how we tweaked it to incorporate all these changes in a simple, straightforward, and efficient manner.</p> Liviu Chircu Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:20 K.3.401 freeswitch FreeSWITCH in Real World Real Time Communications devroom Giovanni Maruzzelli (gmaruzz) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:55 00:20 K.3.401 qos Deployable QoS Using the NEAT System Real Time Communications devroom <p>Quality of Service markings can benefit real time traffic. A survey we conducted on a mobile cellular testbed (Monroe) has revealed how differentiated services traffic is treated in practical networks, and shows many networks do not respect diffserv markings resulting unpredictable real-time performance.</p> <p>This motivates a change to the network programming API for real-time traffic to provide dynamic transport selection and fallback, enabling successful use of network QoS. The API is presented in the context of the NEAT<a href="https://neat-project.org">1</a> open source project.</p> Tom Jones ([tj]) Project On Github Project Site Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:20 00:20 K.3.401 metre Border Guard for XMPP Security Domains Real Time Communications devroom <p>Metre is an XMPP Server, but not one that serves XMPP. Instead, it lives in the nether regions between servers - being a Man In The Middle by design and intent - filtering and securing traffic as required.</p> <p>Metre supports pretty well every bell, whistle, and in fact any other musical instrument of XMPP Server to Server security. It then filters traffic, drops stanzas you don't want, eliding it totally on occasion.</p> <p>It'll throw your traffic over TLS, over DANE, over SATCOM.</p> <p>It'll log it all.</p> <p>It'll protect your autonomous security domain.</p> <p>It'll wag its little tail when it sees you in the morning, but you won't have to take it for walks.</p> Dave Cridland Metre source (MIT) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:45 00:20 K.3.401 webrtc_speech_recognition Real Time Communications devroom <p>In the modern real time communication world, WebRTC is being paired with multiple channels and services to provide an unparalleled customer experience. Utilizing automated speech recognition allows us to build advanced assistive services such as real time captioned phone calls for hearing impaired people, simultaneous translation tools and automated bot assistants. All of that can be achieved leveraging modern open source software such as Adhearsion, the Ruby telephony application framework, FreeSWITCH, Flite, PocketSphinx and (optionally) external APIs such as IBM Watson. Our experience in developing that kind of service will be presented and discussed, plus code samples and a live demo.</p> <p>Wrapping FreeSWITCH's WebRTC capabilities with Adhearsion acting as the call logic and the "glue" between parts makes creating rich ASR-enabled applications easier. Adhearsion allows you to leverage the full power of Ruby to access APIs, send messaging and updates, and use databases. Integrating FreeSWITCH with third party APIs who do not provide a direct interface, such as IBM Watson and Wit.ai, through Adhearsion and Ruby. ASR and sentiment analysis will provide our IVRs with an unparalleled ability to not only understand what callers say, but also what their desires and intent are. Dialplan applications can be complex to set up to use those APIs, and web applications are not well suited to that type of application. Adhearsion, the Ruby voice application framework, makes it easy and fun!</p> Luca Pradovera Our company website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:10 00:15 K.3.401 janus Providing administrators and developers with more tools to manage a Janus instance Real Time Communications devroom <p>This presentation introduces a new modular mechanism for implementing live state and event notifications within the context of Janus WebRTC server instances, for the purpose of allowing administrators and developers to monitor and handle WebRTC sessions more effectively.</p> <p>Janus is a general purpose open source WebRTC server and gateway. It allows you to implement heterogeneous and complex WebRTC multimedia applications using the different functionality it provides as modules, and can interact with legacy technologies as well in the process (e.g., SIP or RTSP). An introduction to Janus was made ad Fosdem '16. This new presentation is aimed to address a new feature recently added to Janus, and currently being worked on in a separate branch that will soon be merged.</p> <p>Specifically, a modular mechanism has been designed and implemented to allow modules to receive asynchronous and live events of several different types from Janus and its plugins, in order to then handle them accordingly. Notifications can be about whatever is happening in a Janus instance, e.g., Janus sessions/handles and their states, PeerConnections and their lifecycle (SDP exchanges, ICE and DTLS state changes, etc.), application plugin internals and related events, and so on. These new modules can then decide whether to just forward these events, or a subset of them, to an external backend for further processing, or process them themselves. Use case examples are simple debugging, live monitoring, troubleshooting, storing on DBs or other systems in a structured way, CDRs, etc. Within the context of Janus, this is particularly useful as so far the only API available to administrators has been a query/response API to monitor the WebRTC internals of Janus itself and a few other aspects, which limited the scope of what admins could do to effectively manage a Janus instance.</p> <p>At the time of writing, a single module implementing this mechanism exists, one we implemented ourselves as a proof of concept and that simply forwards all events as JSON objects to an external web server. In the future more modules will be implemented to cover more practical scenarios, hopefully by third-party developers as well.</p> Lorenzo Miniero https://janus.conf.meetecho.com/ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:15 K.3.401 homer Export, Analyze and Alert RTC using HOMER and your favorite Bigdata solution Real Time Communications devroom <p>HOMER 6 allows users to Export, Analyze and Alert RTC and VoIP sessions in real time using popular Big-Data backends such as InfluxDB and Elasticsearch providing unprecedented flexibility and opening the way for new uses of the platform in larger ecosystems with business intelligence feeds.</p> Lorenzo Mangani Project Homepage Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:50 00:15 K.3.401 cgrates Real Time Communications devroom <p>Growing your real-time network infrastructure increases the pressure on backend services, especially billing, which becomes in most of the cases the bottleneck of the products offered. In this talk Dan will exemplify various mechanisms and strategies implemented in CGRateS for improving the speed of CDR rating and implicitly offloading the rest of components waiting for billing to occur. CGRateS is a battle-tested Online Charging System with support for Prepaid, Postpaid, Pseudo-prepaid and Rated charging modes.</p> Dan Christian Bogos CGRateS Project website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:10 00:20 K.3.401 crowdfunding_free_rtc Helping developers who work on RTC full time Real Time Communications devroom <p>RTC development is a very specialized topic. Developers working in this field often have to make a serious time commitment to know it well and keep up with all the new things that are happening. This implies that people need to focus on projects that pay their wages. The projects that pay are not always the projects that deliver the best results for the wider community though. In this session, we will look at the opportunities that crowdfunding and other schemes may provide to help RTC developers spend some of their work hours on projects for the greater good.</p> Daniel Pocock Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:30 00:10 K.3.401 telepathy_bell Telepahty Connection Manager for Ring. Real Time Communications devroom <p>Telepathy Bell is a telepathy connection manager that enables a telepathy front end for Ring. Ring is a privacy focused communication application that uses a distributed peer to peer network for real time communications. In this talk, I would like to share my experience while creating Telepathy Bell.</p> <p>The idea behind Telepathy is to unify all communications. Several communication services like IM, VOIP etc. implement their own desktop clients. This leads to duplication of effort and sometimes poor integration. Most of these features can be abstracted and their functionalities can be integrated to provide a unified user experience. A normal everyday user will use the telepathy client application to communicate. This could lower the entry barrier for many applications and make it convenient for the user to manage communication services in a single client application.</p> <p>Through my talk, I would like to share my experience during GSoC and beyond of creating a telepathy connection manager for Ring.</p> Alok Anand Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:40 00:10 K.3.401 improving_rtc Improving Real Time Communication with free software Real Time Communications devroom <p>Do you have phone numbers in email messages that you have never copied to your address book? Would you like a systematic way to find them and compare the to your address book?</p> <p>This project worked for Google Summer of Code-2016 for Debian with the title "Improving voice, video and chat communication with free software", one of the Real Time Communication project. The first part of the project is email mining where the necessary data are extracted from the mail and to make into web interface.</p> Jaminy Prabaharan Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:50 00:10 K.3.401 ichat_gateway Getting Started with iChat Gateway Real Time Communications devroom <p>The talk consists of an introduction to iChat gateway, tech and protocols used to build it, what new features are being build into it and why we should use ita and a working demo. It mainly shares my ideas and views on this project as that I gathered as I worked on it as part of GSoC'16.</p> <p>The iChat-SIP gateway was designed to allow communication between a Apple iChat and standard SIP client, for audio calling purposes. It also provides the ability to register iChat users to a SIP registrar server for routing purposes. iChat uses normal XMPP for chat with non-standard extensions for voice and video. The reSIProcate iChatGW can be extended easily to enable chat messaging with any XMPP client but more significant effort is required to standardise the voice support. iChat have been discontinued by Apple and currently iMessage perform the same tasks with added features. The talk includes a demo of this project, starting from from setting it upon the server to successfully sending and receiving calls and messages. It also gives a brief details on the libraries used and on how these help in effective communication. It'll help more peole to get a head-start on this project, setup or contribute to the project or use the libraries and technology to build their on chat systems and set them up.</p> Balram Pariyarath iChat gateway - GSoC'16 project with Debian iChat GitHub Repo Submit feedback 10:30 00:15 K.4.201 ruby_welcome_2017 Ruby devroom <p>Welcome to the Ruby Devroom 2017</p> Christophe Philemotte Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:45 00:50 K.4.201 ruby_concurrent_ruby_modern_tools_explained Ruby devroom <p>I am going to present modern concurrency tools provided by concurrent-ruby gem These modern concurrent tools provided by concurrent-ruby gem are inspired by Erlang, Clojure, Scala, Go, Java, JavaScript, and some classic concurrency patterns. We will go through detailed example of each of the feature</p> <p>In this talk, I am going to present modern concurrency tools provided by concurrent-ruby gem http://concurrent-ruby.com</p> <p>These modern concurrent tools provided by concurrent-ruby gem are inspired by Erlang, Clojure, Scala, Go, Java, JavaScript, and some classic concurrency patterns.</p> <p>We will go through detailed examples about how to use each of the feature.</p> <p>I am also going to cover little theory of classic concurrency models such as CSP, Actor Model, Event based so that we will understand importance of these modern concurrency features.</p> <p>This talk will be very useful for modern Rubyist to understand concurrency abstractions those can be used at application code.</p> Anil Wadghule Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:45 00:50 K.4.201 ruby_a_people_s_history_of_the_ruby_garbage_collector Ruby GC from 1.8 until 2.4 and beyond! Ruby devroom <p>C Ruby's garbage collector has come a long way since the good old days of Ruby 1.8. We'll walk through over 20 years of GC history in the C Ruby runtime, and along the way we'll talk about the key features that were added with each Ruby version. We'll cover the 5 (!) different GC algorithms C Ruby has used since 1.8, copy-on-write optimization, and possible optimizations for the future. No prior knowledge of GC or the C Ruby runtime is required for this talk.</p> <p>By covering the long and varied history of Ruby GC, this talk ends up being a general introduction and discussion of concepts in garbage collection in high-level languages. We'll cover the 5 different algorithms Ruby has used, copy-on-write optimization, and how the Ruby C API has sometimes held back garbage collection in the runtime. I'm aiming this talk at people who have never thought about such topics before, but have a few years of Ruby experience under their belt.</p> <p>I have been debugging and writing about issues in Ruby memory usage for some time now, and I think we could all benefit from plugging up this "leaky abstraction" in our Ruby knowledge.</p> Nate Berkopec Pat Shaughnessy on Ruby 2.0 GC Sam Saffron on Ruby 2.0 GC Koichi explains GC in 2.2 Ruby Under a Microscope by Pat Shaughnessy Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:50 K.4.201 ruby_leverging_rust_to_build_a_windows_friendly_ecosystem_for_mruby Ruby devroom <p>Even if mruby core works on Windows, any mruby app is may not work if the libraries it depends on don’t compile and run on Windows. Using Rust, we can work towards building an ecosystem that is Windows compatible. This talk walks through building mruby libraries that do that.</p> <p>Unlike some other languages like JavaScript, Java, or Python, Ruby is not known for it’s ability to run well on Windows. The Windows environment is often treated as a second or third class citizen even though there are many potential users. Part of this is due to Ruby’s strong POSIX oriented standard library. This has mostly been ok since most Ruby applications are hosted and run on UNIX servers.</p> <p>mruby is a lightweight Ruby that can be linked and embedded inside other applications. Being embeddable means that the runtime host could be Windows. mruby also has no Operating System specific standard library. Since the ecosystem is young, there’s potential for an ecosystem that is Windows friendly. But writing cross platform native extensions in C for mruby is still difficult.</p> <p>Rust is a modern systems programming language that is fast and built to prevent segfaults and guarantee thread safety. It’s more than just a compiler, it’s a platform that has a great dependency manager and cares about cross compilation out of the box. This makes it a great candidate over C to write native extensions.</p> <p>In this talk, we’ll go over some basic Rust and how we can integrate this to write mruby libraries that compile on Linux, OS X, and Windows. It’ll dig into not only writing the library code, but also the mruby C API as well as the mruby/Rust binding layer that makes this all possible.</p> Terence Lee Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:45 00:50 K.4.201 ruby_jruby_in_2017_rails5_ruby24_performance We'll survey the work going on to make JRuby more compatible and faster in 2017 Ruby devroom <p>JRuby has been compatible with various Ruby versions during its lifespan, ranging from the 1.6 series through today's 2.4. JRuby has supported Rails in some capacity since the 1.0 days. And at the same time, we've continued to improve performance. In this talk we'll explore JRuby's level of compatibility today and discuss the challenges of keeping up with an actively-developed language and ecosystem.</p> Charles Nutter Thomas Enebo Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:45 00:50 K.4.201 ruby_what_makes_jruby_and_truffle_run_optcarrot_9_times_faster_than_mri Ruby devroom <p>TruffleRuby runs Optcarrot 9 times faster than MRI 2.</p> <p>TruffleRuby is new optimizing implementation of Ruby. Optcarrot is a NES emulator. MRI 3 targets to run Optcarrot 3 times faster than MRI 2. We will explore the techniques which allow TruffleRuby to achieve high performance in Optcarrot.</p> <p>TruffleRuby runs Optcarrot 9 times faster than MRI 2.</p> <p>TruffleRuby is new optimizing implementation of Ruby. Optcarrot is a NES emulator. MRI 3 targets to run Optcarrot 3 times faster than MRI 2. We will explore the techniques which allow TruffleRuby to achieve high performance in Optcarrot. We’ll discuss splitting, inlining, array strategies, Proc elimination, etc.</p> Petr Chalupa Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:45 00:50 K.4.201 ruby_highly_surmountable_challenges_in_ruby_omr_jit_compilation Ruby devroom <p>The Ruby+OMR JIT compiler adds a JIT to CRuby. However, it has challenges to surmount before it will provide broad improvement to Ruby applications that aren’t micro-benchmarks. This talk will cover some of those challenges, along with some brainstorming about potential ways to tackle them.</p> <p>The Ruby+OMR JIT compiler is one way to add JIT compilation to the CRuby interpreter. However, it has a number of challenges to surmount before it will provide broad improvement to Ruby applications that aren’t micro-benchmarks. This talk will cover some of those challenges, along with some brainstorming about potential ways to tackle them.</p> Matthew Gaudet Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:45 00:50 K.4.201 ruby_scientific_computing_on_jruby Ruby devroom <p>I worked on “Port NMatrix to JRuby” in the context of GSoC 2016. The performance of NMatrix-JRuby is outstanding even without making use of JRuby threading capabilities. Also, I am working on ArrayFire gem that helps in easy GPU computation and is 1e4 to 1e7 times faster than NMatrix gem</p> <p>JRuby is known for performance. NMatrix, a linear algebra library, now supports JRuby. All SciRuby gems that depend on NMatrix can now be run on JRuby. A scientific library must be highly efficient as the programs can be memory intensive. The programs must be fast at the same time. This calls for optimization.</p> <p>Suppose, you are running a Ruby program and you need to make it faster; you use threads, yet you are not happy with the results! Just chain the Ruby methods to Java methods. Using Java method can improve the speed, around 1000 times when compared to using Ruby method. Not only speed, it can help you save a lot of RAM, around 10 times. JRuby’s Garbage Collection can sometimes slow down your program if you are not careful with handling a large amount of data.</p> <p>I would also like to share about ArrayFire gem that would be soon available for MRI that can be used for high-performance GPU computing using OpenCL/CUDA.</p> Prasun Anand Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:45 00:50 K.4.201 ruby_diy_home_monitoring_with_ruby_and_pi Ruby devroom <p>Ruby and RaspberryPi are available to us for quite sometime and this talk is meant to discuss how to use Ruby to explore things on a RaspberryPi. From a practical point of view, we will go through installation, setup, and build a simple Motion Sensor application on a RaspberryPi.</p> <p>In a world we teach ourselves a lot of things, why not do it Ruby &amp; Pi way? Let’s get our hands on a piece of hardware, understand what it takes to setup one up, install a couple of libraries, Ruby, RVM, RBENV, a GUI. Let’s get a couple of sensors: motion, temperature, humidity, tsunami, ectoplasm and see if we detect a cool thing or two.</p> Helio Cola Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:20 K.4.401 office_pokemon Games, Fun, and Hacks with OpenOffice/LibreOffice Open Document Editors devroom <p>As a hardcore OpenOffice and game player/hacker, I always keep detailed game records with Calc spreadsheets, including characters, stats, resources, event plans, etc., so that I can get the best of it. When it comes to Pokémon GO, I keep the Pokémon individual values (IV), maximum combat powers (CP), and other information that calculated from 3rd-party websites on my spreadsheets, in order to plan which Pokémon to spent precious resources to power up. The spreadsheet document eventually becomes an application that works completely off-line.</p> <p>You can always do everything with OpenOffice, for fun!</p> Shih-Ching Yang (imacat) Application Download Source Directory Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:50 00:20 K.4.401 libreoffice_ui_concept A personal, user friendly and flexible interface Open Document Editors devroom <p>Starting from LibreOffice 5.3, LibreOffice user interface will be improved with the addition of a notebook bar which integrates with the existing layout. A background on the rationale.</p> Italo Vignoli Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:10 00:20 K.4.401 libreoffice_notebookbar How to make life easier for beginners Open Document Editors devroom <p>Toolbars are a common toolkit control that have been around since the dawn of GUI applications, providing direct access to an application's most frequently used functions. But with increasing scope, the number of frequently used functions grows to an extent that can have a detrimental impact on quickly locating a particular item. LibreOffice made it possible to create UI based toolbars on blank canvas where designers have all the freedom to do whatever they want with the space. The talk will present the reasoning behind the Notebookbar layout with contextual groups.</p> Heiko Tietze Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:20 K.4.401 libreoffice_extensions Defining user interface has never been easier Open Document Editors devroom <p>This talk will present two ways of working with LibreOffice user interface elements for an extension or a macro - legacy Basic dialog designer, as well as the new feature using .ui files editable by Glade</p> <p>User interface for LibreOffice extensions and macros has never really been in the spotlight of attention of LibreOffice developers and users despite the fact that built-in dialog designer was pretty advanced piece of software in its time. It still contains quite some powerful features (such as drag-and-drop editor, live preview or easy access to l10n). And while core LibreOffice dialogs have been converted to modern .ui format (thus making it possible for LibreOffice developers to use even more powerful UI editor - Glade), LibreOffice peripherals were still stuck with legacy home-grown obscure formats.</p> <p>Come and see for yourself that extensions and macros don't have to be dull, interfaceless pieces of software and that with minimum effort and basic knowledge of UI design, you can make them rock. Now you can even use all the capabilities of Glade as .ui format can be read by/included in extension or macro as well.</p> Katarina Behrens Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:50 00:20 K.4.401 libreoffice_interoperability_regression_testing Open Document Editors devroom Xisco Fauli https://github.com/x1sc0/office-interoperability-tools/pulls Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:10 00:20 K.4.401 libreoffice_online_debugging Open Document Editors devroom <p>Debugging in browser, logging at server side, analyzing log files, tracing option, that dumps command and notifications for replay, etc.</p> Andras Timar Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:20 K.4.401 libreoffice_xml Bringing 2017 to LibreOffice Help Open Document Editors devroom <p>Currently the LibreOffice help system is based on a technology developed circa 2005, and uses the internal Writer - Web module to display its contents. This presentation introduces our efforts to bring the LibreOffice Help system into a modern 2017 technology, preserving our legacy contents and l10n processes.</p> <h2>Introduction</h2> <p>Currently the LibreOffice help system, here forth called HC2 is based on a technology developed circa 20051, and uses the internal Writer - Web module to display its contents. HC2 uses a combination of XML and XLST technology to display contents in Writer/Web and is historically bounded to HTML version 3.2 . As a consequence, the HC2 misses multimedia resources such as videos, animations as well as a modernized concept of CSS and Javascript for better user experience.</p> <p>Further, the HC2 XML schema (XHP) requires special tools (HelpAuthoring) for editing its contents and a simple inspection on the schema indicates most of its elements are now part of W3C standard HTML5, turning XHP almost obsolete. Current help authoring tools are buggy and requires steep learning curve for the unskilled volunteers.</p> <h2>History of LibreOffice XML Help</h2> <p>LibreOffice Help System was designed and implemented in 2005 by SUN Microsystems ant the times where the "Browswer war" raged and no standard published by W3c was adopted in full by the major browser players. The WWW hijack by major corporations was played in the browser battlefield, twisting specs and invalidating page rendering to build fences around browsers and servers and creating silos of web display technologies;</p> <p>SUN Microsystem adopted an internal only solution, with a A specific XML (XHP) to hold contents and navigation and an internal browser (Writer Web), that beared a resticted HTML 3.2 specification, together with a C++ wrapper to create index and proper calls</p> <h2>2017 issues for Help System</h2> <p>The current (2005) help system is in a state that is is complex edit/update contents, hard to test and visualize results. There is no rich text available except an authoring extension to LibreOffice that uses Writer as rich text editor but has several issues in exportng and importing xhp files. To use this extension features is as hard as learning XHP itself and as hard as to attempt to edit content with a simple text editor as vim or emacs.</p> <p>Furthemore the rich text authoring is bounded to the current XHP schema, doubling the effort when it comed to evolove XHP, because the tools must follow the new schema.</p> <p>The current HTML 3.2 implemetation with LibreOffice Writer / Web rendereing engine, is also bounded to simple images and text, and no video nor another multimedia resource is avalable for the user.</p> <h2>General requirements</h2> <p>The new help system for LibreOffice must support important requirements</p> <p>It must preserve legacy contents, composed into thousands of XHP files covering all 6 LibreOffice modules and an internal user guide.</p> <p>It must also preserve the dozens of translations done on these legacy XHP files and the translation process must be ideally preserved or incur in the least perturbation possible.</p> <p>It must use open, royalty free standars of web technologies, supoort all major browsers of 2017, OS independent.</p> <p>It must be of easy access, low entry barrier for newbies, volunteers an have support of ease of use editing tools.</p> <p>It must be perfectly handled by git version control</p> <p>It must work Off-line and on-line</p> <h2>Strategy</h2> <p>The strategy of the project is in 2 pieces</p> <p>1) Progressively phase out XHP and phase-in HTML5</p> <p>HTML5 is a serious candidate to deserve our efforts to bring back our hep content into a general purpose rendering technology, suport moder CSS, javascript, other companion technologies</p> <p>2) Develop a micro javascript server capable of</p> <ul> <li>Display the correct help page required by the LibreOffce applicaiton</li> <li>Use most of the resources such as navigation history, bookmarking, caching incluced in any major browser</li> <li>Handle indexing and searching text among pages</li> <li>support XHP and HTML simultaneously</li> </ul> <h2>Demo</h2> <p>We will demo where we are at the moment</p> <h2>Concusions</h2> <p>Part of the cost of a technology adoption is its capability to be quickly absorbed by its target audiences. Documentation and help systems plays a key role for the adoption of LibreOffice not only in the home but also in the corporations. Having a dynamic and rich help content that can make users feel the better experience in seeking help is a key step LibreOffice project is taking to inclrease its popularity. The project described here is our current status and will be real very soon.</p> Olivier Hallot Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:50 00:20 K.4.401 hairdo Ugly Toupee or Hipster Hairdo? Open Document Editors devroom <p>"But what about the extensions?" can be the death knell for whatever cool new feature somebody tries to implement in LibreOffice, as extensions naturally ask for interface stability. But what about them, anyway? Are they the saviour that brings diversity to our desktops, or are they just a ghostly phantom that stifles innovation? Lets take a look at the extension landscape out there.</p> Stephan Bergmann Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:10 00:20 K.4.401 spellcheck And making it faster and more maintainable Open Document Editors devroom <p>It's easy to spot if a word is missing in a spellcheck dictionary. But it's much more complex to find out if a dictionary contains words that are actually wrong. We'll see how to clean up a dictionary in a safe way and the benefits this brings.</p> Andrea Pescetti Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:20 K.4.401 office_source_code_mgmt OpenOffice/LibreOffice Basic Development with 3rd-Party Editors, Version Control and Cloud Storage Backup Open Document Editors devroom <p>OpenOffice Basic is cool. It can manipulate everything in your document, spreadsheets and slides. It helps you to create complicated reports automatically. But OpenOffice Basic is not cool. It lacks everything a modern hardcore developer needs: Personal favorite text editors, version controls, source repositories, etc. OpenOffice Basic macros are created and edited only with Basic IDE, and stored in some hidden place in your hard disk, not in the source form but in XML. They cannot be managed with modern development tools like svn, git, different text editors, and cloud storage backup.</p> <p>What if there is a tool that let you work off-line, out of the OpenOffice Basic IDE box, with your favorite text editor, on anywhere on your hard drive? That's why I wrote obasync to do this job: Synchronize your local Basic macro sources with OpenOffice Basic storage. It frees me from Basic IDE and I can apply every source code development tools now.</p> Shih-Ching Yang (imacat) Python Package Download Source Directory Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:50 00:20 K.4.401 libreoffice_ide gbuild, json and other buzzwords Open Document Editors devroom <p>The LibreOffice build system provides integration with a set of IDEs including Kdevelop, Eclipse, Vim/YouCompleteMe, QtCreator and Visual Studio. This allows developers on all platforms to use their preferred environment and still IDE features like code-completion on many of them without the need to manually maintain all of those. Gbuild, the LibreOffice build system, exports most relevant data about this to JSON files, which then can be used to create project solutions on multiple IDEs. This talk describes how we got there, past and future challenges and opportunities. It might also be of interest for other projects interested in providing something similar.</p> Bjoern Michaelsen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:10 00:20 K.4.401 libreoffice_on_wayland Open Document Editors devroom Caolán McNamara Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:20 K.4.401 drawinglayer See how we optimized drawinglayer performance with buffering and multi-threading, plus some architectural overview Open Document Editors devroom Armin Le Grand Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:50 00:20 K.4.401 exploiting_concurrency How I stopped worrying and started threading ... Open Document Editors devroom <p>We now have hardware with increasing numbers of threads and functional blocks left &amp; right. Come and hear how we plan to use that for maximum effect to make LibreOffice rock - things we have already done, things we are working on doing, and how you can get involved to encourage your PC to use more of its power to speed your LibreOffice up.</p> Michael Meeks Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:10 00:20 K.4.401 wopi Open Document Editors devroom <p>Come and hear how you can integrate LibreOffice Online into your webservice!</p> Jan Holesovsky Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:20 K.4.401 libreoffice_safemode Open Document Editors devroom <p>Safe Mode was developed to investigate and fix problems with the user configuration in LibreOffice.</p> <p>This talk will present several use cases where LibreOffice's Safe Mode helps users and admins to fix problems with their LibreOffice.</p> Samuel Mehrbrodt Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:50 00:20 K.4.401 enhance_metafile_importers First steps in re-architecting our various metafile / svg importers into one Open Document Editors devroom Armin Le Grand Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:10 00:20 K.4.401 cell Unexpected things happening under the grid. Open Document Editors devroom <p>Some examples of weird behavior encountered while developing / bug fixing the LibreOffice Calc spreadsheet application.</p> Eike Rathke Video recording (mp4) Video recording (WebM/VP8) Slides Submit feedback 16:30 00:20 K.4.401 libreoffice_updates Automated updates and update statistics Open Document Editors devroom <p>The crash reporter showed that the LibreOffice project has a serious update problem with users using old versions and not updating to newer versions. The talk will present the work on the automatic updater as well as the approach to collect some user statistics to improve the crash reporter.</p> <p>Based on the Mozilla updater code an automatic updater has been under development for the LibreOffice project for quite some time. Based on the experiences with the crash reporter the need for an automatic updater has been shown to be a serious problem for the project. The talk will show the current approach used in the automatic updater code, open challenges and how this allows to rethink the installation and packaging experience. Based on the prototype server the talk will also show how the server can be used to generate am estimation for active daily users (ADU) and how the information about the number of ADU can be used to enhance other services.</p> Markus Mohrhard Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:50 00:20 K.4.401 development_dashboard_deployment How LibreOffice is being developed Open Document Editors devroom <p>The LibreOffice project has become a large software development project. To better understand how it is being developed, a software development analytics dashboard has been deployed for it. This dashboard tracks most of the public data about LibreOffice development, and it allows to visualize, drill down and understand that data. The talk will present this dashboard, and will explain how to interpret the data it provides.</p> <p>The Document Foundation Development Dashboard visualizes data obtained from some systems used to support LibreOffice development: git, Gerrit, Bugzilla... The data is retrieved from them, stored, organized an massaged in a database, and later visualized in the dashboard. The dashboard permits to track activity (in commits, issues, pull requests, questions and answers, etc.), actors (who is creating the code, who is fixing bugs, who is answering questions), and processes (hot long does it take to close issues, or to accept pull requests).</p> <p>The Document Foundation Development Dashboard has been deployed using GriomoireLab, an complete FOSS system for retrieving data from software development repositories, storing it, and producing different kinds of analytics, dashboards and reports.</p> Jesus M. Gonzalez-Barahona Document Foundation Development Dashboard GrimoireLab Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:10 00:20 K.4.401 development_dashboard Open Document Editors devroom <p>The Document Foundation Development Dashboard shows detailed data about how LibreOffice is being developed. It also allows for drilling down, filtering, and understanding it. The talk will explore some of these possibilities, by showing how to look for specific data, for customizing the results, and for sharing the results with others.</p> <p>The Document Foundation Development Dashboard visualizes data obtained from some systems used to support LibreOffice development: git, Gerrit, Bugzilla... The data is retrieved from them, stored, organized an massaged in a database, and later visualized in the dashboard. The dashboard allows not only to browse the data, but also to drill down and play with it. The dashboard permits to track activity (in commits, issues, pull requests, questions and answers, etc.), actors (who is creating the code, who is fixing bugs, who is answering questions), and processes (hot long does it take to close issues, or to accept pull requests).</p> <p>The Document Foundation Development Dashboard has been deployed using GriomoireLab, an complete FOSS system for retrieving data from software development repositories, storing it, and producing different kinds of analytics, dashboards and reports.</p> <p>The talk will explain how to interact with the data provided by the dashboard for finding any detail of interest. The talk will also provide hints on how to exploit the data behind the dashboard to obtain specific information.</p> Jesus M. Gonzalez-Barahona Document Foundation Development Dashboard GrimoireLab Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 01:00 K.4.401 open_doc_editors_lightning_talks 5 minutes each - come to submit until 30 minutes before, until we run out of slots Open Document Editors devroom Thorsten Behrens Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:50 K.4.601 how_i_learned_to_stop_worrying_and_love_tumbleweed Why everyone should be running a rolling release Distributions devroom <p>Rolling Releases are the future of Linux distributions. They are already the better solution for power users &amp; developers. The methodologies, techniques, and capabilities of Tumbleweed are opening up new doors, creating possibilities, and disrupting existing technologies beyond its borders. This session will explain how and why openSUSE Tumbleweed is paving the way for that future, while already being "the reliable rolling release". The talk will dispel the fears, uncertainties and doubts that many have regarding rolling releases in general and Tumbleweed specifically, and share how you can get involved both using, and improving, this exciting fast moving foundation of the openSUSE Project.</p> <p>The audience is anyone interested in using recent versions of the Linux kernel or other upstream projects. This includes not only enthusiasts, but developers, especially Linux kernel developers and other developers of fast moving stacks who often benefit from having a stable platform with all the latest libraries and binaries available to them. Attendees can expect to get a solid understanding of how Tumbleweed is developed, it's strengths and benefits, as well as a comparison with Tumbleweed to other similar Linux-based rolling distributions. This presentation will encourage a broader adoption of rolling releases and the mentality, methodologies and capabilities that come with it. Tumbleweed and other similar rolling releases are key platforms to enable the high speed development of the Linux kernel and other key ecosystem components which increasingly move at a faster pace than 'traditional' Linux distributions can keep up. Rolling releases are also the natural platform for not only the development but the early adoption of key emerging technologies such as Containerisation and NFV.</p> Richard Brown Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 K.4.601 homebrew_getting_to_1 Learn about what went into, how we did it and why we released Homebrew 1.0.0. Distributions devroom Mike McQuaid Submit feedback 12:00 00:25 K.4.601 mageia_successes_and_lessons Retrospective and future plans from the community-driven distribution Distributions devroom <p>Six years after having forked the commercial Mandriva Linux distribution and with five solid releases, the Mageia community wants to share its successes and lessons learned from developing, releasing and supporting a user-friendly and flexible distribution with an inclusive governance model. Mageia's aim is to bridge the gap between end users and developers, encouraging and facilitating contributions from all users thanks to low entry barriers and mentoring programs in its various teams.</p> <hr /> <p>The 100% community-driven GNU/Linux distribution Mageia was forked from the then-unsteady (and now defunct) commercial distribution Mandriva Linux 6 years ago, in September 2010. Since then, the volunteers from the Mageia community have published 5 stable releases, with the 6th one in the making, always focusing on bridging the gap between end users and contributors, to create a user-friendly but powerful system made for and by its users.</p> <p>Forking a commercial distribution with paid staff to run it as a community-driven non-profit endeavour relying solely on volunteers was an ambitious move – with the perspective of those 6 years of development, the Mageia community would like to present the lessons learned, the hardships and successes it had or still has and its plans to continue progressing forward as a community-based independent GNU/Linux distribution.</p> <p>The talk will aim at outlining general conclusions that could be relevant beyond the scope of GNU/Linux distributions, and therefore provide useful insights for other projects transitioning from a company-driven development to partial or full community focus.</p> <p><em>Speakers:</em></p> <p><strong>Anne Nicolas</strong> is one of the founders of Mageia, and since then active as packagers team leader, member of the Mageia Council and chairwoman of Mageia.org's Board (non-profit association representing the community's interests). She is responsible for building ISO images for stable and development releases. She is also of former employee of Mandriva SA and knew well the development and governance of Mandriva Linux.</p> <p><strong>Samuel Verschelde</strong> was a long time end user and occasional contributor of Mandriva Linux when the fork was initiated in 2010. He then decided to join the adventure and to get more involved in the development of his system of choice. He is most active in the bug triage and quality assurance teams, which he helped organise and led several times. He is also a member of the Mageia Council and the Mageia.org Board.</p> Anne Nicolas Samuel Verschelde Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:50 K.4.601 writing_open_source_documentation How SUSE is documented and what we can learn from it Distributions devroom <p>To publish it's documentation, SUSE has developed not only a comprehensive Open Source toolchain to create and publish documentation but also an open workflow that allows community and partners to provide feedback and contribute. These tools and processes can easily be adopted by other projects to write high quality software documentation.</p> <p>SUSE has been around as Linux vendor for a long time and from it's early days onwards, delivered not only software but also the documentation to use it. In fact, SUSE is not only writing the documentation for it's own distributions but for upstream projects like OpenStack as well. Over time, the SUSE documentation team has developed not only a comprehensive, completely Free and Open Source toolchain to create, edit, manage, and publish documentation but also an open workflow that allows community and partners to provide feedback and contribute. These tools and processes can easily be adopted by other projects to write high quality software documentation, everything from a man page to a reference guide.</p> <p>In this talk, Christoph will introduce the complete SUSE/openSUSE documentation workflow and tool chain. It will cover both the technical details like formats, tools, or branching model and the organizational aspects such as the feature planning and tracking, distribution of work and feedback process.</p> Christoph Wickert Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 K.4.601 continuous_integration_with_obs Distributions devroom <p>Getting a new Linux appliance with every commit you push sounds awesome but impossible, right? Not with the Open Build Service, the Free Software build and distribution system which powers openSUSE, ownCloud and Tizen! Usually a lot of manual work is necessary to create your custom Linux appliance, but the Open Build Service abstracts all the complicated technologies and makes this task as easy as pie. In this talk, we will show you how we plug several open source technologies together to create Linux appliances in a fully automated, continuous integration cycle.</p> <p>Getting a new Linux appliance with every commit you push sounds awesome but impossible, right? Not with the Open Build Service, the Free Software build and distribution system which powers openSUSE, ownCloud and Tizen! Usually a lot of manual work is necessary to create your custom Linux appliance, but the Open Build Service abstracts all the complicated technologies and makes this task as easy as pie. In this talk, we will show you how we plug several open source technologies together to create Linux appliances in a fully automated, continuous integration cycle.</p> <p>Starting with a commit to your favorite version control system, the OBS will build a ready-to-use image of an operating system for you automatically, using the power of KIWI. And to finish the continuous integration cycle, openQA will run automated tests to make sure your appliance still works as expected.</p> <p>If you still manually build and test your Linux appliances, this talk is for you!</p> Christian Bruckmayer Open Build Service Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 K.4.601 rdo_continuous_packaging_platform How to continuously package OpenStack (or other things) for CentOS Distributions devroom <p>This presentation shows the workflow currently followed by RDO to ensure the quality of OpenStack packaging, and the specificities of the tools implementing this workflow.</p> <p>After the OpenStack Tokyo Summit in november 2015, the RDO community transitioned to a delivery workflow inspired by OpenStack's own continuous integration infrastructure ("OpenStack Infra"). The platform relies on Software Factory (https://softwarefactory-project.io/) to set up automatically the tools from OpenStack Infra together, and a few additional tools specific to RDO to ensure the quality of their packages. In this presentation, we will introduce the main components of RDO's delivery platform, the problems they help solve, and how they can be adapted to set up your own "RPM Factory".</p> Matthieu Huin Slides Software Factory's home page and project repository CI/CD platform used by RDO for packaging Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:50 K.4.601 modularity_and_generational_core The future of Fedora? Distributions devroom <p>Following the progress of the Modularity initiative and Factory 2.0 developments in Fedora, it's about time we define what the next, modular operating system should look like, focusing on the developer’s point of view.</p> <p>This first half of this talk will present the main concepts of Modularity, explaining in detail what modules are, how they get built, composed, distributed and kept updated once deployed on the target system.</p> <p>The second half of the talk will explore the idea of the so-called Generational Core, often also referred to as Base Runtime — a modular platform base on top of which application modules can both be built and executed.</p> <p>Both these topics cover ongoing efforts and we don’t yet have definitive answers to all the questions. We’ll talk about what we learned in the past year, what problems we’re trying to solve and our plans for the future.</p> Petr Šabata Adam Samalik Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 K.4.601 transactional_update_with_btrfs Distributions devroom <p>While small updates normally don't disturb the services running on your system, bigger or intrusive updates can break your running services or Desktop. There are different ways of doing transactional updates like new package formats or different partitions. This talk will show how to use the features of btrfs for this with traditional package managers.</p> <p>Applying small updates is normally no problem in a running system. But what about if there is a new major release of your favorite Desktop? Or a major version update of your used Linux distribution? Today’s concepts are most of the time to apply the patches in the running system and risk that a running service or Desktop breaks, or apply them all by booting an installation media and wait for quite some time until you can access your machine again. A solution for this are transactional updates.</p> <p>Transactional updates are atomic, means either they applied successful, or if an error occurred, you have the same state as before. And if an update does not work, there is an easy way to go back to the last working state.</p> <p>There are different solutions for this, some require new package formats, other require a second partition and you can switch during the next reboot to the other partition. I want to present a third solution: using a standard package manager and leverage btrfs for this. With snapshots and rollback on btrfs, there is already everything available what you need. This talk will give a short introduction into snapshots and rollback with btrfs and show how to combine and use this technologies to your advantage.</p> Thorsten Kukuk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 K.4.601 building_a_distro_with_musl_libc Why and how Alpine Linux did it Distributions devroom <p>How ready is musl libc? How does it actually work to build an entire distribution with musl libc? How does the community benefit from having another libc?</p> <p>This talk will discuss why Alpine Linux switched to musl libc, how the migration went and how things goes now, two years after the migration.</p> <p>How ready is musl libc? How does it actually work to build an entire distribution with musl libc? How does the community benefit from having another libc?</p> <p>This talk will discuss why Alpine Linux switched to musl libc, how the migration went and how things goes now, two years after the migration.</p> Natanael Copa alpine linux website musl libc website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:50 K.4.601 deploying_npm_packages_with_nix Distributions devroom <p>Nix is a package manager providing a number of unique features to automate deployments in a reliable and reproducible way. It serves as the basis of the NixOS Linux distribution (that can be automatically installed from a single declarative specification), as well as a number of additional deployment solutions, such as NixOps, that deploys virtual machines in the cloud and Hydra: the Nix-based continuous integration server. Although Nix offers all kinds of deployment benefits, integration with language-specific package managers that also do dependency management, such as the NPM package manager, is problematic as they conflict with Nix's reliability properties. In this presentation, I will show <code>node2nix</code>, a tool that automatically generates Nix expressions (build recipes) from an NPM package's <code>package.json</code> configuration file, allowing users to deploy NPM packages with the Nix package manger alongside other types of packages (e.g. Autotools, Perl, Python, ...) that constitute a large complex system.</p> <p>In this talk I try to address the following target audience:</p> <ul> <li>System administrators/DevOps: <ul> <li>people who typically deploy entire software systems in which parts of them might be Node.js applications</li> <li>NPM makes it less convenient to use a single intergrated deployment solution, e.g. you might need to use both NPM and the host system's package manager + additional scripts</li> <li>solution requires on external distribution channels</li> </ul> </li> <li>Distro packagers: <ul> <li>Some types of software are hard to package and as a result difficult to include with e.g. a Linux distribution</li> <li>Especially if source package uses a system that does both build and dependency management</li> <li>The Dependency manager conflicts with the host system's package manager and might use inferior technology</li> <li>Besides NPM, Apache Maven is also a prominent example</li> </ul> </li> <li>Node.js developers: <ul> <li>Many Node developers are not aware of some of NPM's dependency management implications</li> <li>Good to raise awareness</li> </ul> </li> <li>Package manager developers (e.g. the NPM devs): <ul> <li>Virtually every modern programming language/environment has its own (language-specific) package manager</li> <li>Lessons learned are important for everybody</li> </ul> </li> </ul> Sander van der Burg Nix package manager NixOS Linux distribution node2nix tool blog post about NixOS Initial implementation of node2nix Improved implementation of node2nix providing npm 3.x compatibility Another use case for development purposes Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:25 K.4.601 distributions_from_the_view_of_a_package Distributions devroom <p>Having spent more than the last decade being the main point of contact for distributions shipping MySQL, then MariaDB Server, it's clear that working with distributions have many challenges. Licensing changes (when MySQL moved the client libraries from LGPL to GPL with a FOSS Exception), ABI changes, speed (or lack thereof) of distribution releases/freezes, supporting the software throughout the lifespan of the distribution, specific bugs due to platforms, and a lot more will be discussed in this talk. Let's not forget the politics. How do we decide "tiers" of importance for distributions? As a bonus, there will be a focus on how much effort it took to "replace" MySQL with MariaDB.</p> <p>Having spent more than the last decade being the main point of contact for distributions shipping MySQL, then MariaDB Server, it's clear that working with distributions have many challenges. Licensing changes (when MySQL moved the client libraries from LGPL to GPL with a FOSS Exception), ABI changes, speed (or lack thereof) of distribution releases/freezes, supporting the software throughout the lifespan of the distribution, specific bugs due to platforms, and a lot more will be discussed in this talk. Let's not forget the politics. How do we decide "tiers" of importance for distributions? As a bonus, there will be a focus on how much effort it took to "replace" MySQL with MariaDB.</p> <p>Benefits: if you're making a distribution, this is the point of view of the upstream package makers. Why are distribution statistics important to us? Do we monitor your bugs system or do you have a better escalation to us? How do we test to make sure things are going well before release. This and more will be spoken about.</p> <p>As an upstream project (package), we love nothing more than being available everywhere. But time and energy goes into making this is so as there are quirks in every distribution.</p> Colin Charles Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:25 K.4.601 source_code_are_we_not_forgetting_something Are we not forgetting something? Distributions devroom <p>Part of our job as package maintainers in various distributions is to ensure the binary packages can be built from the corresponding source code. This is often a requirement, either from a distribution's own policies (eg, the DFSG for Debian), or from the license of the upstream package (eg, the GPL). But although we are used to seeing .c and .py files as source, we sometimes forget that our packages are built from many other files for which we also must make the source available.</p> <p>In this talk I will explain why we require source code in the first place; without the availability of source code, the whole free software ecosystem would not exist. I will also describe file types that we sometimes forget to see as source, or which are considered binary but we forget to include the source code for. This includes documentation, build scripts, files generated at build time by various programs, fonts, multimedia such as sound, music, images and even video. I will also describe various problems we can encounter when trying to determine what the actual source is, and that even if we know what the source is, that it is sometimes creates practical problems for distributions to include all of it.</p> Guus Sliepen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:30 00:25 K.4.601 generic_distro_iot Distributions devroom <p>Generic distributions such as Fedora, CentOS, RHEL and others have well defined update and security mechanisms as well as other processes that have been established and proven to work over a multiple decades. How can we make use of these positives of distributions along with modern tools and technologies to produce a secure, stable, scaleable OS for IoT products?</p> Peter Robinson Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 UA2.114 (Baudoux) open_access Open Source initiatives addressing new models for a future internet SDN and NFV devroom <p>SDN &amp; NFV together are technologies intended to ease connectivity and access to content and workloads. This talk with address the need for open/programmable/available access technologies to make this a reality.</p> <p>Access virtualization is one of the focus areas across the networking industry and provides some of the greatest opportunities to explore new approaches to connectivity and new models for carriers and others providing internet services. This talk with look at ongoing initiatives in this area such as ONOS/CORD, OpenDaylight, OPNFV and present a set of common goals, valuable to our ecosystem, being addressed across these implementations.</p> Chris Price Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:30 UA2.114 (Baudoux) 5g_oai SDN and NFV devroom <p>Overview of 5G, network slicing, and OpenAirInterface</p> <p>One of the interesting aspects of the 4G/5G era is confluence between the open-source software-defined networking technologies used in mainstream fixed networks and the closed-source technologies used the access and core components of cellular networks. This poses significant challenges from a legal standpoint because of the required mix of the two software technologies in common data centers. This conflictual relationship is aggravated further with the emergence of mobile edge computing. Once the legal issues are ultimately resolved, as it seems to be the case, the main issue will be that of satisfying real-time processing constraints for the radio-access network functions. These stem from the latency requirements of cellular systems when the radio-access procedures are executed on commodity servers. Moreover, when network function virtualization is put into the picture to allow for techniques such as network slicing to descend down in the radio-access network, the situation becomes even more challenging from a real-time perspective.</p> <p>This talk will provide an overview of the evolution of 4G networks towards 5G and some of he new applications and industries that will be enabled by it. We also cover the role of the OpenAirInterface Software Alliance and how it is trying to soften the blow of clash between open and closed-source communities in radio-access and core networks along with its relationship with some of the other related open-source communities. The talk will also cover some technical aspects related to the difficulties in virtualizing radio-access network functions on commodity servers when it comes to real-time requirements, orchestration and management.</p> Raymond Knopp Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:30 UA2.114 (Baudoux) switchdev running a mainline kernel on network gear SDN and NFV devroom <p>The network equipment world long ago embraced Linux as a base operating system, but one aspect got left behind: the switch chips at the core of this equipment are still stuck in the binary blob era. The switchdev subsystem in the Linux kernel is here to help.</p> Bert Vermeulen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:30 UA2.114 (Baudoux) tldk overview of the architecture and implementation of TLDK SDN and NFV devroom <p>The Transport Layer Development Kit (TLDK) is new Layer 4 implementation, developed for DPDK (dpdk.org) and VPP (https://wiki.fd.io/view/VPP).</p> <p>TCP and UDP socket based applications are core technologies in the modern data-center. The introduction of Orchestration, SDN controllers, vSwitches and Virtual Dataplane have seen a huge change in how network packets are delivered to data-centre nodes. While the stacks that consume these packets, the socket based applications have evolved much more slowly. Virtual switches like VPP and OVS-DPDK, have benefited from the vector packet processing technology in DPDK to scale process millions of packets per second, while TCP and UDP socket based applications have not yet benefited. There have been a number recent efforts to port various L4 implementations to DPDK, and while these usually give a modest performance benefit the performance of these is not yet revolutionary.</p> <p>TLDK has been developed from the ground up to be a very fast and scalable UDP and TCP implementation, targeted for use with DPDK and VPP. In this presentation will provide an overview of TLDK design and implementation. This deep-dive will include:-</p> <ul> <li>Overview of the TLDK UDP and TCP API, and how it differs from the BSD Sockets API.</li> <li>How TLDK scales DOS prevention mechanisms such as SynCookie and SynCache.</li> <li>How TLDK scales TCP Timers to handle millions of connections per core.</li> <li>How TLDK integrates with Virtual Switches likes VPP?</li> <li>How will existing TCP and UDP based applications such as NGINX or Apache Traffic Server benefit from TLDK?</li> </ul> <p>The Transport Layer Development Kit (TLDK) is new Layer 4 implementation, developed for DPDK (dpdk.org) and VPP (https://wiki.fd.io/view/VPP).</p> <p>TCP and UDP socket based applications are core technologies in the modern data-center. The introduction of Orchestration, SDN controllers, vSwitches and Virtual Dataplane have seen a huge change in how network packets are delivered to data-centre nodes. While the stacks that consume these packets, the socket based applications have evolved much more slowly. Virtual switches like VPP and OVS-DPDK, have benefited from the vector packet processing technology in DPDK to scale process millions of packets per second, while TCP and UDP socket based applications have not yet benefited. There have been a number recent efforts to port various L4 implementations to DPDK, and while these usually give a modest performance benefit the performance of these is not yet revolutionary.</p> <p>TLDK has been developed from the ground up to be a very fast and scalable UDP and TCP implementation, targeted for use with DPDK and VPP. In this presentation will provide an overview of TLDK design and implementation. This deep-dive will include:-</p> <ul> <li>Overview of the TLDK UDP and TCP API, and how it differs from the BSD Sockets API.</li> <li>How TLDK scales DOS prevention mechanisms such as SynCookie and SynCache.</li> <li>How TLDK scales TCP Timers to handle millions of connections per core.</li> <li>How TLDK integrates with Virtual Switches likes VPP?</li> <li>How will existing TCP and UDP based applications such as NGINX or Apache Traffic Server benefit from TLDK?</li> </ul> Ray Kinsella Transport Layer Development Library Vector Packet Processing Dataplane Development Kit Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:30 UA2.114 (Baudoux) dpdkapp SDN and NFV devroom <p>Writing a functional DPDK application from scratch</p> <p>A talk to take a user from a basic understanding of the Data Plane Development Kit (DPDK), through writing a simple but functional forwarding application.</p> <p>This is a presentation to introduce users to the Data Plane Development Kit (DPDK) a set of cross platform open source libraries and drivers for fast packet processing. We will take the user through the steps of building up a simple but functional packet forwarding application, and some tips, tricks, and best know methods of writing an efficient and performant DPDK application.</p> <p>The talks will be approximately 30 mins each (including 5 mins for questions).</p> Ferruh Yigit DPDK Home page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:30 UA2.114 (Baudoux) ebpf_xdp SDN and NFV devroom <p>This talk presents an overview of the Linux kernel's eBPF subsystem and how it integrates into tc (traffic control) and XDP (eXpress Data Path) for providing a high-performance, in-kernel programmable networking data plane. Since the last fosdem, many new eBPF-related features found its way into the Linux kernel. This talk highlights some of the most important advances along with some examples on how this facility can be programmed.</p> Daniel Borkmann Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:30 UA2.114 (Baudoux) cilium SDN and NFV devroom <p>This talk demonstrates that programmability and performance does not require user space networking, it can be achieved in the kernel by generating BPF programs and leveraging the existing kernel subsystems. We will demo an early prototype which provides fast IPv6 &amp; IPv4 connectivity to containers, container labels based security policy with avg cost O(1), and debugging and monitoring based on the per-cpu perf ring buffer.</p> Thomas Graf Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 UA2.114 (Baudoux) stateful_ebpf an implementation of OpenState interface SDN and NFV devroom <p>Software Defined Networks (SDNs) usually involve programmable switches with limited autonomy of decision, that heavily rely on the instructions of their controller to handle “exceptions” and to adapt to traffic evolution. In an attempt to bring back some of the dataplane logic from the controller to the programmable switches, the <a href="https://beba-eu.github.io/">OpenState</a> abstraction layer has been designed, to enable efficient stateful packet processing through programmable actions occurring at the switch level.</p> <p>The first part of this talk in an introduction to OpenState and includes a description of the layer as well as some example use cases. Then the implementation prototypes of OpenState realized during the project will be presented. One, in particular, will get more focus: because <a href="https://www.iovisor.org/blog/2016/04/12/exploring-ebpf-io-visor-and-beyond">eBPF</a> (extended version of Berkeley Packet Filter) can be stateful and has been conceived to reach high performances for inline packet filtering and processing, we found it to be an excellent target for OpenState.</p> <p>As for the background: the work around OpenState (and its extended version, Open Packet Processor) has been achieved in the context of the <a href="http://www.beba-project.eu/">BEBA</a> research project (Horizon 2020), that tackles dataplane programmability for SDNs. Started in January 2015 and closing in March 2017, this project has entered its final stage, mostly centered on functional and performance tests for the validation of the developed prototypes.</p> Quentin Monnet Transcript of the talk, as a blog article Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:30 UA2.114 (Baudoux) odl_intro SDN and NFV devroom <p>Heard about OpenDaylight and SDN? Ready to get your feet wet and start kicking the tires with an OpenDaylight installation? This session provides a brief intro to Software Defined Networking (SDN) in general, and more specifically to OpenDaylight, an open source platform for programmable SDN. After providing a high level overview of the architecture, the session goes on to show you how to deploy OpenDaylight and interact with it through the CLI and graphical tools. You will learn how to configure various options and enable/disable various features, and how to check the logs to verify things are working as planned and trouble shoot things when they are not. Lastly we show you how to interact with OpenDaylight through its northbound APIs for network aware applications and southbound plugins to physical and virtual network elements.</p> Charles Eckel Giles Heron Open Source Dev Center OpenDaylight Microsite Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:30 UA2.114 (Baudoux) odl_bgp using OpenDaylight to enable advanced BGP use-cases SDN and NFV devroom <p>In this talk I will give a short overview of how OpenDaylight can be used to enable a range of advanced BGP use-cases - such as traffic optimisation and DDoS mitigation. The approaches presented are broadly applicable to other open-source BGP speakers but I will also show the benefit of a platform supporting multiple southbound protocols in addition to BGP.</p> Giles Heron Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:30 UA2.114 (Baudoux) fds A fast and flexible platform for high performance applications using FD.io SDN and NFV devroom <p>NFV and virtualized high performance applications, such as video processing, require a “fast data stack” solution that provides both carrier grade forwarding performance, scalability and open extensibility, along with functionality for realizing application policies and controlling a complex network topology. This session discusses how different components in OpenStack and OpenDaylight are being evolved to integrate with the new open source Virtual Packet Processor (VPP) forwarder provided by the FD.io Linux Foundation project to build such a solution stack. The FastDataStacks is run as an OPNFV project where leverages OPNFV’s continuous integration, deployment and test pipeline as well as the automated component install and test infrastructure.</p> Tomas Cechvala Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:30 UA2.114 (Baudoux) pnda_io Big data platform SDN and NFV devroom <p>In this presentation, we will showcase the whole scope of PNDA, from baremetal provisioning to application deployment. Also, we will describe the current use case on NFV &amp; IoT.</p> Jeremie Garnier PNDA website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:30 UA2.114 (Baudoux) ansible_sdn SDN and NFV devroom <p>In the system administration world, Ansible is a well know tool used to deploy and manage systems easily and seamlessly. However, few people know this can also be used by network engineer to manage manage all kind of switches and network equipement thanks to the flexibility of the agent-less design. This in turn open the doors of automation of the network layer without the disruption of a complete SDN solution, permitting to adopt modern best practices of management with small step, and starting the culture change required for embracing SDN.</p> <p>The talk will quickly present Ansible, its principles, and how you can use it to manage a simple server. Then we will go deeper in the topic of network, the philosophy behind the network modules, their limitations, and how to use them.</p> Mickael Scherer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:30 UA2.114 (Baudoux) netconf_ipv6 SDN and NFV devroom <p>The FOSDEM Networking team has managed the network for FOSDEM since its early days. Through our time operating this network, we have learned a few things about keeping networking up for a large group of highly-connected hackers, without an SDN controller managing the network.</p> <p>We discuss how you can get traffic and monitoring information out of traditional routers and how to program them using NETCONF/YANG.</p> Peter Van Eynde Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 UA2.220 (Guillissen) opsi_introduction An introduction to opsi. Config management devroom <p>opsi is a powerful tool for <em>client management</em> in heterogenous environments. This lightning talk will give a short overview over the system and what possibilities system administrators get with opsi for managing Windows and Linux clients.</p> <p>In many environments system administrators are required to manage a wide range of operating systems. Wouldn't it be great to have a tool where one tool can manage Windows and Linux? Introducing opsi, a client management tool that allows managing both worlds.</p> <p>This talk will give you an overview of the system opsi and introduces possible tasks that can be done with opsi. Handling different systems is most present when writing the scripts that perform tasks on the clients. Similarities and differences that administrators may face when creating these scripts are important for the creation and will be highlighted during that talk.</p> Niko Wenselowski opsi - open pc server integration Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:50 UA2.220 (Guillissen) mgmt Autonomous systems Config management devroom <p>Next Generation Config Mgmt</p> <p>A presentation about a next gen config management tool, and the specific problems this project solves.</p> <p>Three of the main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture</p> <p>This talk will demo a prototype I've built that implements these ideas and which is written in golang. I will start by presenting an introduction to the tool. I will then demo the new features that were added since the project was introduced. This will include the automatic grouping, automatic elastic etcd clustering and remote execution features. I will finally share some of the future planned designs for the tool.</p> <p>An introductory blog post on the subject is available. https://ttboj.wordpress.com/2016/01/18/next-generation-configuration-mgmt/ Attendees are encouraged to read it before the talk if they are interested!</p> <p>Please note that this talk was originally scheduled to be given at 15:00. The talk originally in this slot, "Puppet Catalog Diffs in TheForeman" by Greg Sutcliffe will now take place at 15:00.</p> James Shubin Project homepage Debconf video recording Intro blog post Submit feedback 12:00 00:50 UA2.220 (Guillissen) replacing_dockerfiles_ansible Config management devroom <p>Dockerfiles, while being the de factor standard for generating Docker containers, are also often seen as cumbersome to write and maintain due to the nature of Docker layering, subtle behaviour changes due to caches, and best practices who requires explicit actions to be applied. To improve this situation while keeping the innovation of Docker, the Ansible community came with the ansible-container project, a tool that permit to reuse the existing trove of Ansible roles to create, build and deploy containers in production with a single command.</p> <p>This talk will present the project, explain the basics of ansible-container, show how to use it to build and deploy a complex multi-containers application.</p> Mickael Scherer Homepage of the project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:50 UA2.220 (Guillissen) external_node_classifier Analysis on advantages of using an external node classifier system. Examples on how to ease Saltstack with reclass. Config management devroom <p>Analysis on advantages of using an external node classifier system. Examples on how to ease Saltstack administration with reclass.</p> <p>The configuration management system are born in order to lower the burden of administering a bunch of servers and to increase the profitability of the work of the system administrator. But what happens with the increase of the administered nodes and the extensiveness of the administration's formulas?</p> <p>In order to do not get lost into the complexity of rules and exceptions, the life of the system administration could be eased by the adoption of an external node classifier system that could bring clarity and concision.</p> <p>As example I will show how to easy the administration of a saltstack infrastructure with reclass, a ENC software compatible also with Puppet and Ansible.</p> Riccardo Scartozzi (risca) Submit feedback 14:00 00:50 UA2.220 (Guillissen) opstheater OpsTheater, an open source stack of best of breed infrastructure management tools Config management devroom <p>If you need to manage more then a reasonably sized infrastructure in today's day and age you will want to automate things as much as possible. In order to do that properly, you'll need to use tools that help you manage your infrastructure. This poses a problem: before you can manage your infrastructure, you now need to manage the infrastructure you will use to manage your infrastructure. The interesting bit is that if you use industry best practices, a lot of that management infra will look the same or similar across organisations. So why do we need to reinvent the weel over and over?</p> <p>This talk will present OpsTheater, a stack of tools used to manage an infrastructure made up of current industry best practices (Puppet, GitLab, Icinga, ELK stack). OpsTheater is a fully open source project that was started in late 2015 and is growing to be a great set of tools that takes away the work we do over and over: managing the infrastructure to manage our infrastructure. We will look at the problems OpsTheater solves, the state of the project and what you can do with it today. If you want to help, we'll show where you an go and what you can do. If time permits, a demo will be added showing some of the things we can do with OpsTheater.</p> Walter Heck opstheater source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:50 UA2.220 (Guillissen) puppet_catalog_diffs Using octocatalog-diff to view catalog changes in the Foreman UI Config management devroom <p>Viewing the potential changes when changing the environment on a Puppet agent is challenging - much can be altered, and often the only way to know what will change is to <em>actually</em> run it. Using octocatalog-diff (from GitHub) and TheForeman (using a new plugin) we can now view these changes up front, in the UI, <em>before</em> switching the agent to the new env.</p> <p>Please note that this talk was originally scheduled to be given at 11:00 The talk originally in this slot, "Next Generation Config Mgmt" by James Shubin will now take place at 11:00.</p> <p>Octocatalog-diff is a commandline tool to show the differences between two puppet environments for a specific node <em>before</em> the node is moved to the new env. That's great, but not everyone wants to work on the commandline</p> <p>In this talk we'll look at a new Foreman plugin (foreman-puppetdiff) which brings this functionality to the Foreman UI. We'll cover the basics of octocatalog-diff (installation, uses, limitations) and then show how to set up the Foreman plugin and use it in the UI.</p> Greg Sutcliffe Foreman website Octocatalog-diff Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:50 UA2.220 (Guillissen) is_it_safe How compliance and scanning fit with Config Management Config management devroom <p>Config management is a perfect fit for compliance: you model desired compliant state, continually enforce it and have a full audit path of when changes occur and what lead to the drift. But what are the best practises for using config management for compliance, what are the caveats, how do you scan for issues and how can you keep the auditors happy?</p> <p>If you work with or at a Telco, Financial Institution or a Government entity, you probably already know about compliance and the various acronyms and headaches it can bring.</p> <p>How can we make this less of a painful process?</p> <p>Well, if you think about it: compliance is a set of rules that someone has given you to enforce and prove that they're being enforced. What is configuration management? A series of rules for systems that need to be enforced. So compliance is the perfect use-case for configuration management.</p> <p>We'll be discussing how you can enforce compliance in your estate with config management, what open-source tooling you to perform scans across your estate and how to save time by leveraging existing work such as http://dev-sec.io.</p> <p>We'll also be talking about how to sell the benefits of config management for compliance to stakeholders and some real-life examples of how it's worked with customers in the past, and the caveats that come with it.</p> Peter Souter Compliance Is Not Security. Compliance Scales Security. A Year in Open Source Automated Compliance With Puppet – Trevor Vaughan at PuppetConf 2016 Prove it! The Last Mile for DevOps in Regulated Organizations - DOES15 - Bill Shinn Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:50 UA2.220 (Guillissen) config_code_smell Config management devroom <p>The wide adoption of configuration management and the increasing size and complexity of the associated code, prompt for assessing, maintaining, and improving the configuration code's quality. This talk introduces configuration smells, their types with various examples, tools to detect them, and suggestions to refactor them.</p> <p>The wide adoption of configuration management and the increasing size and complexity of the associated code, prompt for assessing, maintaining, and improving the configuration code's quality. We can leverage traditional software engineering knowledge and best practices to develop and maintain high quality configuration code. This talk brings the smell metaphor to configuration domain. This talk introduces configuration smells, their types with various examples, tools to detect them, and suggestions to refactor them.</p> Tushar Sharma Personal blog Twitter LinkedIn Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:50 UA2.220 (Guillissen) config_management_community Awesome, Awful or Apathetic? Config management devroom <p>The leading configuration management tools, Ansible, Chef, Puppet, and others, are open source products, so active communities have formed around these technologies. The people participating in this community are one of the things that really stand out. When you ask about the best part of this community, the most common response is “the people,” since they tend to be welcoming, friendly, knowledgeable, and most importantly, helpful. The community certainly isn't perfect, and there are some challenges. This talk will cover a variety of wonderful and not so wonderful things about the configuration management community.</p> Dawn Foster Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 02:00 UB2.147 cert_bsdcg Certification certification <p>The BSDA certification is designed to be an entry-level certification on BSD Unix systems administration.</p> <p>Testing candidates with a general Unix background and at least six months of work experience as a BSD systems administrator, or who wish to obtain employment as a BSD systems administrator, will benefit most from this certification.</p> <p>The successful BSDA candidate is able to complete common administrative and troubleshooting tasks and has a good understanding of general BSD Unix and networking principles. In addition, the successful candidate demonstrates basic skills with these BSD operating systems: Dragonfly BSD, FreeBSD, NetBSD and OpenBSD. This does not mean that the candidate needs to learn the complete details of four operating systems. It does mean that the candidate is aware of the basic utilities common to these operating systems, and where specified in the exam objectives, of features unique to some of the BSD operating systems.</p> BSDCG Team Submit feedback 13:00 02:00 UB2.147 cert_lpi_1 Certification certification <h3>LPI offers discounted certification exams at FOSDEM</h3> <p>As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost <strong>50% discount</strong>.</p> <p>For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>.</p> LPI Team Submit feedback 15:30 02:00 UB2.147 cert_lpi_2 Certification certification <h3>LPI offers discounted certification exams at FOSDEM</h3> <p>As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost <strong>50% discount</strong>.</p> <p>For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>.</p> LPI Team Submit feedback 10:30 00:25 UB2.252A (Lameere) iaas_manconinfra Virtualisation and IaaS devroom <p>During this presentation we will see how to manage infrastructure which is used to run containers. We will see how to use reliable vms provisioned by ovirt and run openshift containers on them by using single management UI (manageiq) with ansible modules.</p> Piotr Kliczewski Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 UB2.252A (Lameere) iaas_modvde VDEplug now supports plugins... including slirp Virtualisation and IaaS devroom <p>The new VDEplug code now supports a URL-like syntax to define the virtual networking system to use. While it is backward compatible, and it is supported by many VM (kvm/qemu, virtualbox, user-mode linux, umview), now it is possible to add the compatibility layer for current and future virtual networking environments.</p> <p>Currently VDEplug supports: legacy VDE, point-to-point AF_UNIX or UDP, tap, vxlan, vxvde, slirp.</p> <p>In the developing phase of the slirp plugin, we have implemented a general purpose slirp library (derived from qemu's slirp implementation).</p> <p>VDEplug4 together with new tools for the management of namespaces and capability create a new ecosystem for the support of virtual networking.</p> Renzo Davoli Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 UB2.252A (Lameere) iaas_livepatxen Virtualisation and IaaS devroom <p>Live patching -- the process of updating software while it is running -- has become a popular topic of late, with several companies offering services providing live patching for Linux culminating with an implementation being contributed to Linux. While Xen supports live migration of VMs which mitigates the need for live patching, there are still some reasons why live patching is useful. For example, to minimize downtime, when running applications with low latency requirements, and when using PCI passthrough.</p> <p>This talk reviews the state of live patching for Xen. A live patching implementation has recently been contributed to Xen so we will look at the design and implementation in detail, noting how and why it differs from live patching for Linux. We will look at some of the ways that live patches can be created and the pitfalls to watch out for when doing so. There will also be a status report of ongoing and future work for live patching for Xen. Finally, the talk will show a demo of live patching in action by building a live patch for a known security issue and applying it to a vulnerable system.</p> <p>Xen LivePatch is a new tech preview feature in Xen 4.7 for live patching the hypervisor. It is the result of collaboration between several members in the community guided by the existing live patching efforts for Linux. We will talk about this and how Xen's requirements differ from Linux.</p> <p>The core idea of Xen LivePatch is to insert a "trampoline" in each buggy function with a jump to a replacement function. This is simple in principle, but there are a number of complexities which make it interesting to look at.</p> <p>Live patches can be built by hand, by compiling the replacement functions in a separate source file. This is a manual process and can also be unreliable due to the nature of compiler optimizations. So we repurposed kpatch's live patch creation tool for Xen. This computes a binary difference of the output binaries before and after a source patch is applied. This simplifies the process of creating live patches and overcomes issues with compiler optimizations but is still not without difficulties. We look at the process of creating live patches and why it is hard.</p> Ross Lagerwall Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 UB2.252A (Lameere) iaas_nexgencer Certainty in shared storage environments Virtualisation and IaaS devroom <p>In oVirt datacenter virtualization environments, a manager directs hosts to initiate operations to shared storage. These operations create or remove volumes, copy data between volumes, create or merge snapshots, and various other actions related to virtual machine storage. For efficiency and balance these operations should be distributed across multiple hosts and run in parallel when possible. Maintaining reliability under real world conditions requires careful management and resilient algorithms. This talk will introduce some of the problems that can arise including: dropped communications, scheduling conflicts, and host or storage array failure. Next, a solution to these problems using shared storage locking, atomic operations, volume generations, and forensic analysis of the storage will be presented. Through step by step examples, the audience will understand how the proposed solution can solve all of the outlined problems.</p> Adam Litke Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:40 UB2.252A (Lameere) iaas_petconuni Virtualisation and IaaS devroom <p>How do you integrate containers in your IaaS? In a VM based IaaS environment, introducing containers can be a painful experience. Most likely you end up running containers inside VMs to reuse existing infrastructure, or you start dividing your data-center into a container- and a VM-world. Either way, you have two management solutions and non optimal resource management. But what if we put VMs inside containers? Would such a copernican revolution give us some benefits? This talk covers our research around using Kubernetes as a virtual machines cluster manager.</p> <p>How do you integrate containers in your IaaS? In a VM based IaaS environment, introducing containers can be a painful experience. Most likely you end up running containers inside VMs to reuse existing infrastructure, or you start dividing your data-center into a container- and a VM-world. Either way, you have two management solutions and non optimal resource management. But what if we put VMs inside containers? Would such a copernican revolution give us some benefits? This talk covers our research around using Kubernetes as a virtual machines cluster manager.</p> <p>First we will briefly look into what a typical container and a typical VM is. Then we will look into the details on how resource and device limitations are enforced on VMs. In our research we used oVirt, so comparing its host side stack (VDSM/libvirt/QEMU/systemd) to Kubernetes container host side stack (kubelet/docker/rkt/systemd/cni). At the end we will have a better understanding of the differences and overlaps, and can therefore consider how to manage Pet-VMs and containers in the same cluster, managed by kubernetes.</p> Roman Mohr oVirt Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:15 00:40 UB2.252A (Lameere) iaas_qemintapi How abstractions inside QEMU (don't) work together Virtualisation and IaaS devroom <p>QEMU is an open source machine emulator and virtualizer written in C. Over time it has evolved multiple interfaces to interact with the outside world, and multiple internal APIs and abstractions to model and keep track of data. The talk will be a review of some of the challenges and trade-offs involved in making those abstractions work together.</p> <p>Over time, QEMU has evolved multiple interfaces to interact with the outside world (command-line interface, configuration files, its monitor protocol), and multiple internal APIs and abstractions to model and keep track of data (including configuration, device hierarchy, device state, etc).</p> <p>Understanding the goals and limitations of each of those abstractions and finding their way through the long list of acronyms (qdev, QOM, QAPI, QMP, VMState, QemuOpts, QObject, etc) can be intimidating to developers not familiar to QEMU. Sometimes each of them have conflicting world views, different goals and constraints, and interaction between them generate interesting challenges to developers working on QEMU. The talk will be a review of some of the challenges and trade-offs involved in making those abstractions work together.</p> <p>The target audience are developers that want to get more familiar with QEMU internal APIs, or see what are the lessons learned (or not learned) from them.</p> Eduardo Habkost Slides for the talk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:40 UB2.252A (Lameere) iaas_netblodev how, what, why Virtualisation and IaaS devroom <p>This talk will describe the NBD protocol: what is it, what can it do, and why is it relevant for virtualization and IaaS. We will also touch at a few features that have been specified for the protocol, but so far have not been implemented in any known implementation.</p> <p>The Network Block Device (NBD) was originally written for the Linux kernel, to use and export block devices over a network (TCP) link. Its feature set was very limited, however, which limited its practical usability for many purposes. Over the years, however, the protocol has evolved, with features such as better negotiation, improved reliability through flush requests, and awareness of holes in backing files being implemented.</p> <p>Recent versions of QEMU implement the client side of the protocol, while at the same time also being able to export local resources through NBD. This situation makes it possible for NBD to be used as a protocol for shared storage, backup, or mirroring of resources to other systems for live migration.</p> <p>We will quickly cover the history of the protocol, describing some of the features that were added over the years; make a short comparison against similar protocols such as iSCSI and AoE and why NBD is relevant in that context; and then move on to newer features that were added to the protocol at the request of the QEMU developers.</p> Wouter Verhelst project pages git repository Video recording (mp4) Video recording (WebM/VP8) Talk slides Submit feedback 14:45 00:40 UB2.252A (Lameere) iaas_advbuiuni or a Crash Course in Building L2-L7 from Scratch Virtualisation and IaaS devroom <p>Unikernels are often touted as being the building blocks of next generation of cloud infrastructure. However, even the process of compiling and booting them remains daunting for the average developer let alone building out infrastructure for them to live on. In this talk we'll dive deep into the various layers of infrastructure one needs to understand in order to build out their own infrastructure for unikernels. What might seem simple at first quickly becomes difficult as one needs to cast aside preconceived notions of what an operating system and application are and how they might interact together. We'll approach everything from hypervisor orchestration to filesystems, networking and best practices for CI and testing. The attendee should be comfortable exploring unikernel cloud concepts by the end of the talk.</p> <p>Unikernels are often touted as being the building blocks of next generation of cloud infrastructure. However, even the process of compiling and booting them remains daunting for the average developer let alone building out infrastructure for them to live on. In this talk we'll dive deep into the various layers of infrastructure one needs to understand in order to build out their own infrastructure for unikernels. What might seem simple at first quickly becomes difficult as one needs to cast aside preconceived notions of what an operating system and application are and how they might interact together. We'll approach everything from hypervisor orchestration to filesystems, networking and best practices for CI and testing. The attendee should be comfortable exploring unikernel cloud concepts by the end of the talk.</p> Ian Eyberg Virgo - unikernel runner Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:40 UB2.252A (Lameere) iaas_impyouvir Virtualisation and IaaS devroom <p>Lago is an ad-hoc virtual framework which helps you build virtualized environments on your server or laptop for various use cases. It creates and orchestrates virtual machines that can be used to run test suites and allow a developer to quickly test his code change on non-trivial flows such as live migration even before starting the CI process. In this session, we will walk through the usage of Lago in the oVirt project and how it can be extended to assist virtualization developers.</p> <p>Virtualization software became a vital part of the IT infrastructure of most companies nowadays. Making sure that the software works as expected in "real world" tasks is hard, mainly because virtualization environments are usually hard to reproduce automatically. Lago is an ad-hoc virtual framework which helps you build virtualized datacenter on your server or laptop to run test suites. Being a framework, it can be extended to implement any required workflows needed by the tested software.</p> <p>We will discuss how Lago works with KVM and Libvirt to create a test environment, how it can be extended to help with automated system tests of virtualization products and how it is currently used by oVirt project to run automated system tests and help developers testing their patches during development phase. We will also review and compare Lago with tools like Vagrant, when applied to the virtualization development workflow.</p> Rafael Martins Lago documentation GitHub repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:15 00:40 UB2.252A (Lameere) iaas_20yealin From simple server workloads to cloud virtualization Virtualisation and IaaS devroom <p>Andrea will provide a high level perspective of the most notable milestones in the long term evolution of the Linux Virtual Memory and Virtualization subsystems. In addition, Andrea will explore recent advances in Memory Management related to the KVM Virtualization Hypervisor, such as NUMA balancing, THP, KSM and userfaultfd/postcopy live migration. Andrea will cover best practices, providing the audience with an understanding of when and how to leverage these features in their environments.</p> Andrea Arcangeli Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:40 UB2.252A (Lameere) iaas_vmheyvm Affinity rules in a virtual cluster Virtualisation and IaaS devroom <p>The workloads and scenarios for virtual machines grow more complex every year. So do the interactions, availability, and performance requirements. All that requires the administrators to carefully plan where to start the VMs that depend on each other and/or specific hosts.</p> <p>This talk will present the concepts that allow the administrator to express the rules for affinity between virtual machines and between virtual machines and hosts to form complex relationships that will cover for example:</p> <ul> <li>licensing rules - limiting group of VMs to only use certain hosts</li> <li>overhead - web + database VMs running together</li> <li>performance - eg. storage VMs running on hosts with better IO performance</li> <li>failover recovery - VMs returning to “their” hosts</li> <li>reservation - There is place for only one of us!</li> </ul> <p>oVirt is an open source project for managing virtual data centers that will now help the administrator with exactly the above tasks. We have introduced the virtual machine affinity feature in the past and a huge improvement in that area is coming right now.</p> <p>And the best part is that all this works in a fully dynamic environment with automatic conflict resolution and no manual management of host pinning rules, saving the administrator his precious time.</p> Martin Sivák Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:45 00:25 UB2.252A (Lameere) iaas_usinvdund Applications of persistent memory in virtualization Virtualisation and IaaS devroom <p>The introduction of non-volatile memory changes how applications, databases, and virtual machines will work in the future. NVDIMM is not simply a faster block device. Programs can avoid block I/O entirely and use byte-addressable NVDIMM to benefit from the performance characteristics of RAM. This requires new storage APIs that applications must use instead of traditional block I/O.</p> <p>These new programs run successfully inside KVM virtual machines thanks to the vNVDIMM support already available in QEMU. Virtualization offers additional options for managing and using NVDIMM beyond what is available on bare metal.</p> <p>This talk covers the NVDIMM programming model and how KVM virtual machines can use NVDIMM for faster I/O, reduced memory footprint, and faster boot times.</p> <p>Xiao Guangrong recently gave a talk at KVM Forum covering the ACPI and hardware interface for NVDIMM under KVM. I want to follow that up with a talk for a wider audience of developers and system administrators who care more about the use of NVDIMM than its implementation.</p> <p>This talk covers recent work on NVDIMM in QEMU and focuses on how applications can take advantage of this new class of storage device. It is suitable for an audience interested in storage or virtualization. Most of the concepts carry over to other hypervisors besides KVM.</p> Stefan Hajnoczi Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:15 00:25 UB2.252A (Lameere) iaas_opemaccon Replacing VM's with Fast and Secure Machine Containers Virtualisation and IaaS devroom <p>Find out why LXD machine containers should be part of your OpenStack cloud!</p> <p>LXD provides Linux machine containers to users with the performance of bare metal servers and the security and flexibility of virtual machines.</p> <p>By combining the LXD hypervisor with OpenStack (using Nova LXD) we can provide fast machine containers to users of a IaaS cloud with the same semantics and functionality of full KVM virtual machines.</p> <p>This session will cover in detail:</p> <p>The LXD hypervisor.</p> <p>The Nova LXD integration of LXD into OpenStack.</p> <p>Performance analysis of LXD vs KVM machines deployed as part of an OpenStack Cloud.</p> James Page LXD resources Nova LXD Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:45 00:15 UB2.252A (Lameere) iaas_towahvm reducing the OS burden while taking advantage of new hardware features Virtualisation and IaaS devroom <p>Xen is a hypervisor using a microkernel design that allows running multiple concurrent operating systems on the same hardware. One of the key features of Xen is that it is OS agnostic, meaning that any OS (with proper support) can be used as a host. Xen has a long history going back to the 90s when it was designed and the early 2000s when it was released. As a consequence of this, many of the assumptions and virtualization techniques backed into it are now superseeded by new hardware features, that make virtualization more transparent from an OS point of view.</p> <p>This talk provides an overview on the different kind of guests supported by Xen and how these new hardware features are used in order to improve and evolve them. It also describes the design and implementation of a new guest type, called PVHv2, and how it can be used as a control domain (Dom0).</p> Roger Pau Monné Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 01:00 UD2.119 (Moved from AW1.124) valgrind_memcheck Looking backwards and looking forwards Valgrind devroom <p>Memcheck is probably the most heavily used tool in the Valgrind suite, checking for invalid addresses, undefined values and memory leaks. In this talk I'll look back at the history of the tool, then I'll look forwards at some of the challenges it faces as the hardware and software ecosystem continue to evolve around it. I'll talk a bit about some of the effects of Memcheck on the C++ ecosystem and how it fits into the big picture of making your big C++ app crash-free and reliable.</p> <p>This talk is aimed at Valgrind (Memcheck!) users and developers. It should be accessible to C/C++/Fortran developers who have used the tool or are thinking of doing so.</p> Julian Seward Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 01:00 UD2.119 (Moved from AW1.124) valgrind_sparcv9 New architecture to be supported by Valgrind Valgrind devroom <p>SPARC is an instruction set architecture (ISA) originally developed by Sun Microsystems since 1980's. Today's largest enterprise servers run on sparc, leveraging several terabytes of memory and several hundreds of CPUs. This talk will briefly introduce key concepts of sparcv9 ISA and the big picture where support of a new architecture fits into Valgrind architecture. Some interesting problems during the port will be discussed together with solutions and still-to-be-solved issues. Finally a live demo will conclude the talk. The talk assumes basic knowledge of Valgrind, interaction among Valgrind subsystems, basic assembly and VEX IR notation. It is targeted to all interested in sparcv9 ISA and running Valgrind on sparc.</p> Ivo Raisr Tomáš Jedlička Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 01:00 UD2.119 (Moved from AW1.124) valgrind_features Valgrind devroom <p>Valgrind and its different tools are providing a rich set of functionality to track memory problems such as dangling pointers, memory leaks, race conditions, etc.</p> <p>In this talk, we will describe some old and new features that help to understand what happens in your application. Among others, we will give a demo and/or discuss:</p> <ul> <li><p>how to use valgrind with your application specific memory pool</p></li> <li><p>how to (interactively) ask Valgrind to describe a piece of memory</p></li> <li><p>some heuristics used by Valgrind to reduce the number of 'possibly lost' leaks with C++ code</p></li> <li><p>...</p></li> </ul> <p>We will discuss more in detail the concept of execution trees, which will be available in the next Valgrind release. An execution tree associates stack traces of your program with some data. Execution trees allow Memcheck and Helgrind to provide a memory profile of your application. We will show how such an execution tree memory profile can be visualised using tools such as Massif visualiser or kcachegrind.</p> Philippe Waroquiers Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 01:00 UD2.119 (Moved from AW1.124) valgrind_fortification Making gcc/glibc fortification and valgrind memcheck work better together Valgrind devroom <p>gcc/glibc support fortification of some functions by defining <em>FORTIFY</em>SOURCE. This inserts some compile and runtime buffer overflow checks for selected glibc functions. These checks have no or very little runtime overhead and work on the object level (the compiler provides/proofs the size of the object buffer size). valgrind memcheck provides similar memory buffer overflow checks. These checks don't need any compiler help (you won't have to rebuild your code). But they have a much higher runtime overhead. They also work on a different level. valgrind memcheck doesn't know anything about the objects the user is manipulation but has knowledge of all memory blocks allocated. Lets explore how these different mechanisms work and how we can make them work better together.</p> Mark Wielaard Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 01:00 UD2.119 (Moved from AW1.124) valgrind_optimizations Valgrind devroom <p>Making Valgrind faster is a never ending challenge. In this talk, we will describe 2 optimisations in Valgrind.</p> <p>A first optimisation is a speedup of Helgrind (a race detection tool). A very simple observation has led to an optimisation in the way helgrind captures stack traces for its 'full recording' of where a piece of memory was modified. This optimisation gives a typical speed up of 25%. We will describe the issues encountered during the implementation and discuss the reasons why this optimisation is not (yet?) committed in the Valgrind sources.</p> <p>The second optimisation is the implementation of the execution tree concept : this generalises the way Massif (a heap profiler) records the memory usage of a program. We will show how a (maybe counter-intuitive) representation of a tree using a hash table of flat stack traces has doubled the speed of Massif for some workloads.</p> <p>This talk is aimed at Valgrind developers and any application developer interested in data structures and algorithm optimisations.</p> Philippe Waroquiers Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 01:00 UD2.119 (Moved from AW1.124) valgrind_vex_future Where next for Valgrind's dynamic instrumentation infrastructure? Valgrind devroom <p>VEX is the JIT at the core of Valgrind. It unpicks blocks of machine code, hands them off to the tool for instrumentation, recompiles the result, and links the instrumented version into the running image. By using a target independent intermediate representation, it insulates tools from the complexity of the underlying instruction sets.</p> <p>Back in 2003, when the framework was designed, I never dreamt that it would end up supporting X86, ARM, POWER, MIPS, S390 and TILEGX in both 32- and 64-bit variants. From that perspective VEX has been amazingly successful. But the framework is now showing its age. Recent instruction set features (transactional memory, LoadLinked/StoreConditional, wide vectors) have proven difficult to implement. It supports precise memory exceptions only poorly. And perhaps worst, its simplistic compilation pipeline causes it to generate code that is uncompetitive compared to other frameworks, particularly DynamoRIO and PIN.</p> <p>In this talk I'll outline VEX's structure, then talk about these problems and what can be done about them. And I'd be particularly interested to hear opinions on how much effort, and for which problem areas, should be invested in upgrading it.</p> <p>For the audience, some background in compiler internals and assembly code programming would be helpful, but is not essential.</p> Julian Seward Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 01:00 UD2.119 (Moved from AW1.124) valgrind_angr Using VEX for static analysis Valgrind devroom <p>The angr binary analysis platform (http://angr.io) uses libVEX as the base of its analysis engine. In this talk, we discuss the things about VEX that make it attractive for static analysis and symbolic execution, its pitfalls, and ways that it can be improved, including the changes we have made in our fork of libVEX.</p> <p>Agenda</p> <ul> <li>The goals of static analysis and symbolic execution on binary code</li> <li>Brief overview of competing analysis IRs</li> <li>Design of angr structured around libVEX <ul> <li>PyVEX, FFI wrapper of libVEX objects into python</li> <li>simuvex, symbolic implementation of most VEX operations, ccalls, and dirty calls</li> </ul> </li> <li>Pitfalls we've encountered <ul> <li>VEX is not truly SSA</li> <li>libVEX is not designed for fault tolerance</li> <li>libVEX's multiarch support is a little shoddy</li> <li>Licensing concerns</li> </ul> </li> <li>Our patches to libVEX <ul> <li>The only real thing stopping us from submitting our patches upstream is manpower</li> </ul> </li> <li>The possibility of a simplified python interface for writing lifters</li> <li>angr <ul> <li>symbolic execution</li> <li>static analyses <ul> <li>control-flow recovery</li> <li>binary rewriting</li> <li>type inference (sort of)</li> <li>value-set analysis</li> </ul> </li> </ul> </li> </ul> Andrew Dutcher angr website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 01:30 UD2.119 (Moved from AW1.124) valgrind_hackaton Open discussion of ideas for Valgrind - and then we hack! Valgrind devroom <p>Come and hack on Valgrind together. Open discussion about small (or big) ideas to improve or change Valgrind.</p> <p>Valgrind developers and users are encouraged to participate either by submitting ideas/suggestions or by joining the discussion. And of course by kindly (or bitterly) complain about bugs you find important that are <em>still</em> <em>Not</em> <em>YET</em> solved for <em>that</em> many years!?@!!!</p> <p>Afterwards we will sit together and try to fix or implement some of the things discussed.</p> <p>Discuss any kind of possible improvement (technical or functional) to Valgrind.</p> <p>If you want to put something on the agenda please send a small description (one or two paragraphs) to the the moderator Mark Wielaard <a href="&#109;&#97;&#105;&#x6c;&#x74;&#x6f;&#58;&#109;&#x6a;&#119;&#64;&#114;&#x65;&#100;&#104;&#97;&#x74;&#46;&#x63;&#111;&#109;">&#109;&#106;&#119;&#x40;&#x72;&#101;&#100;&#x68;&#97;&#x74;&#x2e;&#99;&#x6f;&#x6d;</a> with in the subject: "FOSDEM devroom discuss: ..." If you want to discuss a somewhat larger topic please do feel free to send two or three slides in advance.</p> <p>Mark will collect ideas/suggestions/... and present these and coordinate the discussion (and keep track of the time, so every idea will be discussed).</p> <p>Some discussion topic ideas:</p> <ul> <li>Release/bugfixing strategy/policy.</li> <li>Can we move to git yet?</li> <li>Valgrind and transactional memory.</li> <li>Making Valgrind really multi-threaded, parallelising Memcheck, parallelising the rest of the framework, and tools.</li> <li>Instant leak detector. Modify memcheck to report the last leaked pointer to a block. Integrate "omega" as a memcheck option or omega as a separate tool. http://www.brainmurders.eclipse.co.uk/omega.html</li> <li>Make Callgrind work sanely on ARM (and PPC). The Callgrind algorithm to track call and return is to be improved to work properly on these platforms. Is there a way to make this better? E.g. by having a fast way working in most cases, and rely on unwind info in the difficult cases. Can we detect at instrumentation time that an instruction is a difficult case?</li> <li>Packaging valgrind for distros, handling patches, suppressions, etc.</li> <li>32-bit x86 vs modern instruction sets (avx, etc.)</li> <li>VEX is in theory cross-architecture. What would it take to make valgrind cross-arch? How about starting with i686 on x86_64?</li> <li>Which CPUID is it anyway? Valgrind isn't completely consistent in handling host CPU capabilities vs VEX emulation capabilities. What can we do to improve that? Make it user tunable?</li> <li>&lt;YOUR SUGGESTION HERE!></li> </ul> <p>And now is the time on Sprockets when we hack!</p> Mark Wielaard Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 01:00 UD2.120 (Chavanne) abusing_chromium_ec Building Franken-Chromebook-devices Embedded, mobile and automotive devroom <p>Google’s chromebooks and routers use off the shelf Microcontrollers (MCU) to do power sequencing, fan control, PWM and other hardware control tasks one typically encounters in embedded systems. Interestingly enough the firmware is available under (3 clause) BSD license and thus open for hacking, abusing and modifying to your needs.</p> <p>We’ll look at a bunch of MCU options and eval boards to get started with, their availability and pricing in low quantities as well as ways to hook them up to your embedded platform. Moreover we’ll look at hardware level requirements your SoC / board will have to provide in order to make it all work.</p> <p>We’ll cover existing driver / software support in upstream Linux and U-Boot, as well as parts that are or were missing.</p> <p>Typical tasks of an embedded controller for a chromebook or random other devices like mine - which is everything but a laptop - will be discussed. Topics covered will include boot selection, firmware upgrades, watchdog timers and others.</p> <p>Finally I’ll share my experiences building a real world Zynq based system using chromium-ec on an STM32 MCU and my experiences adapting the software to my needs and interacting with the community. Examples include replacing the coreboot bootflow with U-Boot, creating device drivers for things like buttons and issues encountered in making things work.</p> Moritz Fischer Slides HTML5 Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:30 UD2.120 (Chavanne) openconnectedcar Embedded, mobile and automotive devroom <p>A number of new components have matured in GENIVI to provide a true connected car experience. A couple of them are key connectivity components; namely SOTA (Software Over the Air) and RVI (Remote Vehicle Interface). This talk will discuss both these components, how they work together, the security work done on them and their integration into the GENIVI Development Platform.</p> <p>This talk will also run down the overall status of GENIVI's development platform and how it can enable an automotive stack to speak not just with the cloud, but with IoT devices via Iotivity interface. The new GENIVI Development Platform (GDP) technical lead, Zeeshan Ali, will give the talk.</p> Zeeshan Ali Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:30 UD2.120 (Chavanne) diy_pi_hat A Story About Open Source Harware and Open Source Software Embedded, mobile and automotive devroom <p>This presentation will provide guidelines how to create an open source hardware add-on board for the most popular single board computer Raspberry Pi using free and open source tools from scratch. Specifications of Raspberry Pi Foundation for HAT (Hardware Attached on Top) will be revealed in details. Leon Anavi has been developing an open source Raspberry Pi HAT for IoT for more than a year and now he will share his experience, including the common mistakes for a software engineer getting involved in hardware design and manufacturing. The presentation is appropriate for anyone interested in building entirely open source products that feature open source hardware and open source software. No previous experience or hardware knowledge is required. The main audience are developers, hobbyists, makers, and students. Hopefully the presentation will encourage them to grab a soldering iron and start prototyping their DIY open source device.</p> <p>Raspberry Pi is the most popular single board computer among hobbyists and students. In 2014 Raspberry Pi Foundation released a specification for add-on boards called HAT (Hardware Attached on Top). Nowadays we are capable of making our own open source add boards following these specifications. In this presentation, Leon Anavi will share his experience in designing an open source hardware Raspberry Pi HAT and developing open source software for it using only free and open source tools such as KiCAD. Leon has been working on his Raspberry Pi HAT as a hobby project in his spare time for more than a year. In November 2016 his open source Raspberry Pi was successfully crowdfunded through IndieGoGo. Now he will explain the challenges and the common mistakes for a software engineer getting involved in hardware design and manufacturing. The presentation will reveal details about the technical specifications of Raspberry Pi HAT, the life cycle of entirely open source project and will provide getting started guidelines. The presentation is appropriate for anyone interested in open source hardware and open source software development. Previous experience or knowledge about hardware design is NOT required. Attendees can expect details about Raspberry Pi HAT technical specification, embedded Linux software development tips for Raspberry Pi, guidelines for hardware design and low cost manufacturing of prototypes or small volume PCB. This presentation will help software developers, hobbyists and students better understand the value of open source hardware and hopefully it will encourage them to a get a soldering iron and start prototyping add-on boards for their favorite Raspberry Pi. The presentation will be also useful to people interested in the concept of entirely open source projects that integrate open source hardware and software created with free and open source tools.</p> Leon Anavi Introducing Raspberry Pi HATs Open source hardware Raspberry Pi HAT and pHAT powered by open source software Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 01:00 UD2.120 (Chavanne) software_life_cycle_data_mining Embedded, mobile and automotive devroom <p>One of the major challenges for certification in the SIL2LinuxMP project, is to show that Linux does not only define a development process, but also follows it. To this end (and far beyond!) the meta-data of commits to the Linux kernel are analyzed.</p> <p>The talk covers everything from gathering the data, to distributing it to every one in the project while keeping it the data up-to-date and of course our first analysis results. Each of these phases contain their own set of problems that needed to be considered, leading to a framework called DLCDM (Development Life-Cylce Data-Mining) that is introduced for the first time during this talk.</p> <p>One of the major challenges for certification in the SIL2LinuxMP project, is to show that Linux does not only define a development process, but also follows it. To this end (and far beyond!) the meta-data of commits to the Linux kernel are analyzed. There are several intended outputs we hope to get out of this analysis, some examples are:</p> <pre><code> - Competence of persons involved (IEC 61508-1, 6.2.13/6.2.14) - Dependencies amongst developers (Independence of persons doing code reviews) - Identify patches that did not get enough review (based on patch complexity, experience of author, reviews, etc.) - Automatic notification of patches in our configuration - Bug analysis (based on Fixes: tag) - Subsystem dependencies and conflicts </code></pre> <p>The talk covers everything from gathering the data, to distributing it to every one in the project while keeping it the data up-to-date and of course our first analysis results. Each of these phases contain their own set of problems that needed to be considered, leading to a framework called DLCDM (Development Life-Cylce Data-Mining) that is introduced for the first time during this talk.</p> Andreas Platschek Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 01:00 UD2.120 (Chavanne) kernel_spi_subsystem Embedded, mobile and automotive devroom <p>The Serial Peripheral Interconnect (SPI) bus is a ubiquitous de facto standard found in many embedded systems produced today. The Linux kernel has long supported this bus via a comprehensive framework which supports both SPI master and slave devices. The session will explore the abstractions that the framework provides to expose this hardware to both kernel and userspace clients. The talk will cover which classes of hardware supported and use cases outside the scope of the subsystem today. In addition, we will discuss subtle features of the SPI subsystem that may be used to satisfy hardware and performance requirements in an embedded Linux system.</p> Matt Porter Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:30 UD2.120 (Chavanne) debian_based_with_bitbake Build Debian-Based Products with BitBake Embedded, mobile and automotive devroom <p>Building products requires putting together many components. There are source-based distributions supporting that process. Using a pre-built, pre-tested binary distribution like Debian has its advantages.</p> <p>Isar is a system for image generation using binary packages. It uses mainstream tools and workflows to build multiple products, managing common subsystems, and maintaining components from different vendors.</p> <p>In this talk, Baurzhan will describe the motivation for Isar, its current state, advantages and challenges to overcome.</p> Baurzhan Ismagulov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:30 UD2.120 (Chavanne) open_embedded_video_player Embedded, mobile and automotive devroom <p>Video playback for embedded devices such as infotainment systems and media centers demands hardware accelerators to achieve reasonable performance. Unfortunately, vendors provide the drivers for the accelerators only as binary blobs. We demonstrate how we built a video playback system that uses hardware acceleration on i.MX6 by using solely open source software including Gstreamer, Qt QML, the etnaviv GPU driver, and the coda video decoder driver.</p> <p>While hardware accelerators are necessary to provide reasonable performance for video playback on embedded devices, the drivers that are provided as binary blobs by hardware vendors cause a lot of problems. They are linked to specific versions of the Linux kernel, may contain security and performance issues, and are pretty much impossible to debug by developers trying to build a system based on these drivers.</p> <p>We built an i.MX6 based embedded system that simultaneously decodes and displays four videos. Our system solely uses open source drivers to control the available hardware accelerators.</p> <p>The GUI consists of a Qt application based on QML. Using Qt and QML allows us to use OpenGL for compositing the user interface. OpenGL is backed by the open source etnativ GPU driver and the Vivante GPU.</p> <p>The Qt application receives the video streams from a Gstreamer pipeline (using playbin). The Gstreamer pipeline contains a v4l2 decoder element, which uses the coda v4l2 driver for the CODA 960 video encoder and decoder IP core (VPU in the Freescale/NXP Reference Manual), and a sink element to make the frames available to the Qt application.</p> <p>The entire pipeline including the Gstreamer to Qt handover uses dma_bufs to avoid copies in software.</p> <p>This example shows how to use open source drivers to ease the development of video and graphics applications on embedded systems.</p> Michael Tretter Etnaviv driver repositories Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 01:00 UD2.120 (Chavanne) sniffing_usb Sniffing traffic on your USB bus Embedded, mobile and automotive devroom <p>Driver not found, incorrect driver bound, kernel oops. If you've ever experienced any of those problems while using USB then this talk is exactly for you!</p> <p>We start with a gentle introduction to the USB protocol itself. Then standard Linux host side infrastructure will be discussed. How drivers are chosen? How can we modify matching rules of a particular driver? That's only a couple of questions which will be answered in this part. Final part will be an introduction to USB communication sniffing. Krzysztof will show how to monitor and analyze USB traffic.</p> Krzysztof Opasiak Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:30 UD2.120 (Chavanne) secure_safe_embedded_updates Embedded, mobile and automotive devroom <p>Recent DDoS attacks powered by embedded devices have finally discredited the old excuse that security is not important: security support (and thus software updates) is suddenly a required feature.</p> <p>Often, physical access to these devices is limited and there is no administrator who can fix issues manually. Thus, performing updates is an operation with a critical design goal: Never brick the device!</p> <p>This talk gives an overview of the surprisingly complex requirements and common pitfalls for a generic update mechanism by comparing several existing approaches. Also, our reasons for implementing (yet another) tool and the reasoning behind the design choices are explained.</p> <p>Using RAUC and other open source update tools as examples, requirements, limitations and possible pitfalls in the process of designing and implementing a redundancy and update infrastructure will be presented. You will also get a brief overview over RAUCs design and abstraction of the underlying system that allows to manage both simple asymmetric setups consisting of a full system and an initramfs-based recovery system as well as complex setups with multiple root filesystems, application and data storage partitions.</p> <ul> <li>How to make updates atomic?</li> <li>How to manage both simple and complex redundancy concepts?</li> <li>How to allow secure and trusted updates?</li> <li>How to schedule updates to a large number of devices?</li> </ul> Enrico Jörns Project on GitHub Project Documentation Video recording (mp4) Video recording (WebM/VP8) Project Website Submit feedback 17:30 00:30 UD2.120 (Chavanne) updates_with_ostree Why and how Embedded, mobile and automotive devroom <p>Security reasons and market demands dictate that software in a connected embedded Linux device should be updated regularly. Update on a package basis that is used by PC Linux distributions can be a security threat by itself on embedded devices. On the other hand, full fylesystem upgrade that is common in embedded field can be too wasteful for systems constrained in network bandwith and disk space. OSTree is a tool that allows for upgrades that are both incremental and atomic and as such perfectly fits the needs of embedded world.</p> <p>Software updating is an essential feature for a connected embedded Linux device, even if it is not required by end users of the device, since responce to newly discovered vulnerabilities in critical Linux software should be as fast as possible. One approach that is widely used in Linux world is using a package manager that will download a package and take care of all the dependencies. Unfortunately, some dependencies and/or conflicts with other packages can not be noticed by repository mantainers. On a PC it would just lead to the necessity to revert the package back to the working version, but on an embedded device with no human operator it is not possible. Theoretically, number of system configurations is an exponent of number of packages one can install, which means that it is practically impossible to make sure that no combination will result in a broken system. In embedded world it is more common to update whole file system image atomically. Thus we can test system configuration before we distribute it to the devices. To allow for atomic switching between file tree versions, dual disk partitioning scheme is used: while Linux is running on a root file system stored in one partition, updates are written to another. When the whole new file system image is downloaded, Linux can switch atomically to it. The main drawback of this approach is that you actually have to download the whole file tree (which can be 100-800MB large in modern devices) for every update. You also can use only half of your available disk space at once.</p> <p>OSTree was developed by GNOME team for the GNOME Continuous project and was not initialy intended to be used in embedded Linux. It stores all the data in a git-like object repository, but unlike git it is designed to store binary data and can deploy data as hardlinks to the objects in the repository, thus saving significant amount of disk space. Like git it allows to incrementally transfer data between repositories, thus making distribution of software updates possible. OSTree repository contains roughly three kinds of objects: commit, directory and file object. Every commit points to a directory tree and represents a version of file system tree. Commits can then be deployed to a dedicated area and the system can switch to a deployed file tree much the same way it would switch to another partition in dual-partition scheme. Since deploying files just creates hard links to the file objects in the repository, there is no data duplication.</p> <p>These benefits come at a price: since deployed files are just hardlinks to objects in a repository, they can't be changed, as it would corrupt the repository and other deployed file systems. Therefore, a clear separation should be mantained between read-only data, such as executables and resources and writable data, such as temporary files, logs, configuration stored in /etc. These requirements are not too restrictive, for most use-cases it will just involve putting data in correct directories. An image class that thansforms an OSTree-ignorant file tree to appropriate form and BSP packages for some popular platforms (Raspberry Pi, Porter board, QEMU; minnowboard coming soon) were integrated into Yocto build process and are now available as a separate Yocto layer on Github [https://github.com/advancedtelematic/meta-updater]. It allows you to create OSTree-enabled image and a commit in your OSTree repository as a part of your normal build process (simply 'bitbake your_image').</p> Anton Gerasimov meta-updater layer to enable OSTree updates on your device Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 01:00 UD2.120 (Chavanne) agl_secure_industrial Factory production line controllers requirements are not that special Embedded, mobile and automotive devroom <p>There is no de facto secured embedded Linux distro while the requirement is becoming more and more critical with raise of IoT in Industrial domains. When looking under the hood of the Yocto built AGL project, it is obvious that it can fit 95% of the most common requirements as a Secured Embedded Linux. We will look how non Automotive industries can easily reuse the AGL code and tools to build their own industrial product and why it's a safer bet than to build it internally.</p> <p>Industrial IoT cannot be successful without a serious improvement of the security coverage. Unfortunately there is as today, no of-the-shelves offer and the skills required to create such solution, are at best rare, more often out of reach. AGL as created a customizable embedded Linux distro which is nicely designed for reuse in many domains outside of Automotive. During the presentation we will see how to: - start your development with boards readily available on the Net, - change the BSP and add peripherial using Yocto layers or project like MRAA, - integrate a secure boot in your platform, - add your middleware and your application without breaking the maintained Core OS - develop a UI on the integrated screen and/or an HTML remote brower - update the core OS and your add-ons. - get support and influence the project.</p> Dominig ar Foll Howto install AGL on Intel Joule AGL Documentations Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 UD2.218A mozilla_what_motivates_open_source_community - a qualitative exploration of the underlying experiences and motivations of open source community members Mozilla devroom <p>In 2016 Mozilla did a qualitative exploration project into the experiences and motivations of community members from several different open source projects.</p> <p>The results have been crucial in understanding what we are doing well, not so well and what others are doing better in open source engagement.</p> <p>The presentation will go through the identified motivations and experiences as well as present the 4 persona's that were developed. The research will give you concrete understanding of how people engage with new open source opportunities and set examples for how to use the research in your own community work.</p> Rina Jensen research report Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 UD2.218A mozilla_rebooting_firefox_nightly A community building project around the Firefox Nightly Channel Mozilla devroom <p>A community building project around the Firefox Nightly Channel</p> <p>Every day, we compile the code for Firefox on our master branch, mozilla-central, and generate builds without the Firefox branding, those are called Firefox Nightly build. Until recently, those builds were barely mentionned or promoted on mozilla.org, localized versions existed but were only known to the localizers themselves, the download page was on a separate domain and hadn't been redesigned since 2011.</p> <p>As a result, we have very few Firefox Nightly users.</p> <p>What would be the impact for Mozilla if Firefox Nightly became a first-class citizen among Firefox channels? How about getting back more technical users on this channel reporting bugs as they get introduced into our codebase instead of weeks or months later? Could we ship faster and better quality software if we had an army of Nightly testers reporting regressions and giving their feedback on a daily basis? How about engaging our existing community of power-users directly into the production process for Firefox as a long term participation project?</p> <p>This talk is a recap of what the release management team has been working on in the last 8 months to turn the nightly channel in a more useful tool leveraging our existing community to ship a better Firefox and what we expect to do in 2017 around the nightly channel to serve our QA needs.</p> Pascal Chevrel Video recording (mp4) Video recording (WebM/VP8) Slides Submit feedback 11:30 00:25 UD2.218A mozilla_devtools_deep_dive Mozilla devroom <p>No, Firefox DevTools are not Firebug. The web came a long way since Firebug, and so have the DevTools baked into Firefox. So let's go exploring!</p> <p>As the complexity of the web apps you build keeps moving, so do the Firefox DevTools.</p> <p>In this session, Alex will give you the latest tips and tricks on Firefox DevTools. We'll explore new and less commonly known features in performance profiling, JavaScript debugging and animation inspection. The session will give you a productivity advantage when developing and debugging your web applications.</p> Alex Lakatos Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 UD2.218A mozilla_firefox_and_webextensions Mozilla devroom <p>Do you know that Firefox now have a new technology that simplify the development of an extension? And also use and extend the API of Chrome? Yea, I am serious you can do an extension for both the browsers!</p> <p>WebExtension are the future for addons in Firefox but this is not enough because they works also on Chrome, Opera and soon Edge without any changes!<br/> Think about it, the cross browser addon issues are only an old nightmare! In conclusion because all this amazing news and how it is easy to extend Firefox will be available new APIs to customize the the Firefox experience in this year.</p> Daniele Scasciafratte Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:25 UD2.218A mozilla_firefox_puppet_show Automating Firefox with WebDriver using Selenium and GeckoDriver Mozilla devroom <p>Join us as we demonstrate how Mozilla are using Selenium to test Firefox by extending the WebDriver specification.</p> <p>Selenium is a popular tool for testing websites across multiple browsers, and when combined with Mozilla's implementation of the WebDriver specification, it becomes possible to interact directly with Firefox itself. In this session, we'll show a simple approach to writing tests using Selenium in Python, and then demonstrate how we're taking this further to replace our existing functional UI tests for Firefox. By using Selenium, we're hoping to make contributing to these tests much easier for our community, and by pushing the tools to their limits we'll also make them rock solid.</p> Henrik Skupin Dave Hunt Slides Selenium WebDriver FoxPuppet Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 UD2.218A mozilla_webrender_next_generation_graphics_engine A technical talk about the web rendering architectures of today and tomorrow. Mozilla devroom <p>A technical talk about the web rendering architectures of today and tomorrow.</p> Nicolas Silva Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 UD2.218A mozilla_rust_development The Rust development dashboard Mozilla devroom <p>The Rust project has become a large software development project. To better understand how it is being developed, a software development analytics dashboard has been deployed for it. This dashboard tracks most of the public data about Rust development, and allows to visualize, drill down and understand that data. The talk will present this dashboard, and how to use it to learn about the details of Rust development processes and community. It will also present some interesting data obtained from it.</p> <p>The Rust software development dashboard visualizes data obtained from some systems used to support Rust development: git, GitHub, StackOverflow... The data related to Rust is retrieved from them, stored, organized an massaged in a database, and later visualized in the dashboard. The dashboard allows not only to browse the data, but also to drill down and play with it. This way, any person interested in how Rust is being developed can have both an general overview, or very detailed views of the community and processes involved. The dashboard permits to track activity (in commits, issues, pull requests, questions and answers, etc.), actors (who is creating the code, who is fixing bugs, who is answering questions), and processes (hot long does it take to close issues, or to accept pull requests).</p> <p>The Rust Development Dashbard has been deployed using GriomoireLab, an complete FOSS system for retrieving data from software development repositories, storing it, and producing different kinds of analytics, dashboards and reports.</p> <p>The talk will present the different kind of information that can be obtained from the dashboard, and how to interact with it for finding any detail of interest. Several specific aspects of Rust development will be presented as well, so that people attending may expect to finish the talk with a better understanding of how Rust is being developed. The talk will also provide hints on how to exploit the data behind the dashboard to obtain specific information.</p> Jesus M. Gonzalez-Barahona Rust Development Dashboard GrimoireLab Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 UD2.218A mozilla_translation_from_c_to_rust Tool-aided translation from C to Rust Mozilla devroom <p>C has been the <em>de facto</em> systems programming language for decades, so huge amounts of useful programs and libraries are written in that language. New Rust code can make use of that legacy of work via FFI, but to get the full advantages of Rust, legacy software needs to be re-written in Rust. Corrode is a tool to semi-automate these rewrites by producing Rust source that behaves exactly like the original C, enabling developers to focus on the interesting parts of improving code quality. I'll talk about what Corrode does and does not do; present case studies of Corrode-assisted translations; and discuss rationale for decisions such as writing Corrode in Haskell or documenting in "literate programming" style.</p> Jamey Sharp Corrode on GitHub Blog post introducing Corrode Blog post on CVS case study and Mozilla participation team support PDXRust September presentation on Corrode Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 UD2.218A mozilla_spidermonkey Mozilla devroom <p>Mozilla's SpiderMonkey library can be used to embed JavaScript in any C++ projects. It is quite easy to expose some simple bindings and get a "hello world" application running in no-time.</p> <p>However, after this first hello world, you'll quickly notice that you'll need other features such as timer, networking, file access, threading or even graphics and audio. At this point things get much more complicated, and maintaning the bindings can quickly become overwhelming.</p> <p>Our team has been creating such bindings for SpiderMonkey since 2007 in several projects and this talk will present best practices, tips and caveats that we have learned over the years. We will also see how to make embedders life easier by using nidium library that bundles many basic bindings, in the hope that more developers can use the power of SpiderMonkey in a convienient way.</p> Nicolas Trani Nidium Project website APE Project Nidium twitter account Nidium github repo DevRoom presentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 UD2.218A mozilla_iot_coding_with_html5_games Introducing Clouduboy and Happy Code Friends Mozilla devroom <p>Learning to code might be the handiest skill of the XXI. century - but finding motivation to do so seems to be the hardest part. Even when one decides to embark on this journey, their path is often hindered by the lack or quality of tools, resources they will be using, and are often turned away by the lack of success and their feeling of "coding is not for me" is often reinforced by all these negative experiences. This is where Happy Code Friends, Code Invaders and Clouduboy tries to help - introduce coding, hardware and IoT in a friendly, impulse-rich, exciting environment to anyone willing to give computers a try.</p> <p>Learning to code might be the handiest skill of the XXI. century - but finding motivation to do so seems to be the hardest part. Even when one decides to embark on this journey, their path is often hindered by the lack or quality of tools, resources they will be using, and are often turned away by the lack of success and their feeling of "coding is not for me" is often reinforced by all these negative experiences. This is where Happy Code Friends, Code Invaders and Clouduboy tries to help - introduce coding, hardware and IoT in a friendly, impulse-rich, exciting environment to anyone willing to give computers a try.</p> <p>Happy Code Friends is a "free one-day coding bootcamp" type of initiative to introduce anyone to web technologies and coding in general, with the intention to give them a taste of the bright side of computer programming, and start them on a way of learning coding self-sufficiently. Code Invaders is a free online webpage/tutorial teaching basic JavaScript programming concepts by building an online game. Clouduboy is a free web-based tool for creating HTML5 games with JavaScript and running/playing them on tiny microcontrollers.</p> István Szmozsánszky Clouduboy home Happy Code Friends Code Invaders Clouduboy project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 UD2.218A mozilla_introduction_aframe Build Virtual Reality on the Web Mozilla devroom <p>A deep introduction to a-frame, the Web VR framework from Mozilla. After this talk you will be able to build amazing vitual reality experiences using the same web technologies you already are familiar with!</p> Eugenio Petullà Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 UD2.218A mozilla_mobile_web_compatiblity Why is important to care about users from different platform. How can you unblock them? Mozilla devroom <p>Many developers do not consider web standards while create their webpages/apps. This will create a bad experience for some users that not use that product with a certain OS or application. This talk will cover best practices and give examples of how some users could not do some simple booking because of the bad experience given by the website for their app. This will cover web in general, not only Firefox.</p> <p>Many developers do not consider web standards while create their webpages/apps. This will create a bad experience for some users that not use that product with a certain OS or application. And nowdays there are way to many configuration available to be sure you use the right one. And a limited memory will narrow your option to have several apps installed only for certain webpages. Some simple example for a bike sharing system, a Michelin rated restaurant from Stockholm or a museum in Krakow - that worked poorly on several browsers will show the importance of compatibility. Best practices for developers will be presented. Best practices for report issues will be exemplified. Already fixed issue will present simple solutions to the audience that unblocked several users.</p> Ioana Chiorean WebCompat Make the Web Work For Everyone Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 UD2.218A mozilla_http2_whats_next Mozilla devroom <p>A look at how HTTP/2 has improved the web, which cases that are still problematic and what's being done about it next. Will there be a QUIC fix?</p> <p>A recap on what HTTP/2 brought that HTTP/1 couldn't offer before we dig in and look at some numbers that show how HTTP/2 has improved (browser) networking and the web experience for people.</p> <p>Still, there are scenarios where HTTP/1's multiple connections win over HTTP/2 in performance tests. Why is that and what is being done about it? Wasn't HTTP/2 supposed to be the silver bullet?</p> <p>A closer look at QUIC, its promises to fix the areas where HTTP/2 didn't deliver and a check on where it is today. Is QUIC perhaps actually HTTP/3 in everything but the name?</p> <p>Depending on what exactly happens in this area over time until FOSDEM, I will spice it up with more details on how we work on these protocol things in Mozilla/Firefox!</p> Daniel Stenberg Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:25 UD2.218A mozilla_web_logins_after_persona How I solved logins on my small websites Mozilla devroom <p>With Mozilla shutting down its Persona web login service in late 2016, a pretty decent solution for logging into small websites became unavailable. The problem that Persona set out to solve is not gone, we still need solutions to log into all kinds of sites without a few central and big players analyzing all data about when and where we log in. I ran into that issue for my sites <a href="https://home.kairo.at/blog/2016-10/the_neverending_question_of_login_system">as documented in my blog</a> - this talk will discuss the problem itself and my solution to it. This may include opening up some source code to the public!</p> Robert Kaiser Blog post on the problem Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:30 00:25 UD2.218A mozilla_discourse_development_beginners Mozilla devroom <p>An introduction to Discourse development for the non-ruby inclined where participants will leave with knowledge of how to set up their development environment, where they can contribute to Discourse within Mozilla and upstream, and how to ask for help if they get stuck.</p> Leo McArdle Mozilla's Discourse instance Meta Discourse Discourse Development Contribution Guidelines Discourse git repo Rails guide Ember guide How to start building stuff for Discourse if you’re a newbie (like myself) Mozilla Wiki page Discourse pr-welcome Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:00 00:25 UD2.218A mozilla_diversity_user_research Becoming a Better Listener and Women in Open Source Technologies. Developing a deeper understanding of minorities in tech. Mozilla devroom <p>Diversity User Research: Becoming a Better Listener - Gloria Dwomoh</p> <p>In order to understand the struggles and/or challenges of minorities in tech and foster a safe environment for their inclusion, we need to be better listeners. One way we are able to get access to the voice of our users is through user research. However in order to increase effective communication we need to learn the art of listening. Several of us were taught to speak, read and write, but we simply assume we know how to listen. There is a saying that less than 2% of people have had any formal education on how to listen, while that is a skill that many of us use in our daily lives. Through this talk we will understand the difference between hearing and listening; we will also explore active listening and how it can better help us in our user research.</p> <p>Women in Open Source Technologies - Kristi Progri</p> <p>The Gender Gap is one of the most talked topic since forever, and still a Gap. Where are the women in Open Source? Why is the gap so big? Women participation in open technology and culture is very important so we should all pay more attention. This talk will be focused on the large steps we can take to reduce this gap. Also we will share out experience at our hackerspace in Tirana, Albania since we have lots of women there.</p> <p>Let's face it: Gender Diversity in Tech is in a quite bad shape. The sad thing about it is that it's even more noticeable in many Open Source communities in particular. But why is gender diversity important?</p> <p>It’s not just diversity for the sake of diversity. If men and women are equally intelligent, statistically speaking, then out of the smartest ten people in the world, five should be male and five should be female. Thus, if your team is anything less than an equal balance of men and women, then your team is probably not the best it can be.</p> <p>Unfortunately, if we take a look at a random sample from GitHub active contributors from 2015, just 5.4% of GitHub users with over 10 contributions are female.</p> <p>Let's talk about the ways we can fix this and what efforts Mozilla does to improve this and how you can help Mozilla help the community, concretely with Womoz (Women at Mozilla) and the Diversity &amp; Inclusion Team at Mozilla.</p> Kristi Progri Gloria Dwomoh Video recording (mp4) Video recording (WebM/VP8) Submit feedback 18:30 00:30 UD2.218A mozilla_copyright_campaign_europe Mozilla devroom <p>After nearly a decade, the European Commission has presented its draft law for copyright reform. And it’s about time: our copyright laws are out of step with today’s technology. But the proposal to reform copyright lacks ambition, and is inadequate to address the today’s challenges. It even contains some very dangerous provisions - such as a snippet tax, and upload filters for online platforms - that would put the open internet, innovation, and creativity, at great risk. This session will unpack some of the key issues at stake in the reform and how you can get involved. Together we can achieve an EU copyright reform that fosters innovation and creativity.</p> Raegan MacDonald Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:50 Janson keccak Security and Encryption maintrack <p>Since its adoption as the SHA-3 standard, Keccak has grown out of the mere hashing functionality. We present a consistent set of cryptographic functions, for fast hashing, pseudo-random bit generation, authentication or authenticated encryption, that enjoy very competitive safety margin vs speed ratios. We highlight the bases for the security of these functions and dive into their software implementations.</p> <p>Beyond the FIPS 202 standard functions derived from Keccak (i.e., SHA-3 hash functions and SHAKE{128,256} extendable output functions), we present several interesting proposals, consistently based on the same permutation or its round function. Among others:</p> <ul> <li>For authenticated encryption, Ketje and Keyak are schemes that were selected for the third round of the <a href="http://competitions.cr.yp.to/caesar-submissions.html">CAESAR competition</a>. In particular, Keyak proposes interesting features when protecting a stream of data flowing on a network. It exploits the parallelism in modern processors to achieve a high throughput.</li> <li><a href="http://eprint.iacr.org/2016/770.pdf">KangarooTwelve</a> is a recently published arbitrary-output-length hash function. We designed it so that the implementation can automatically adapt to the available degree of parallelism. On Intel's Haswell and Skylake architectures, it achieves a speed below 1.5 cycles/byte for long inputs.</li> </ul> <p>Two key aspects will be covered.</p> <p>First, the essential goal of these functions is to remain secure despite advances in cryptanalysis. We will explain explain how we base the security on two strong pillars: the track record of third-party cryptanalysis and the generic security of the underlying construction.</p> <p>Second, we will explore the <a href="https://github.com/gvanas/KeccakCodePackage">Keccak Code Package</a> and its two-level structure. The high-level cryptographic services are implemented in plain C, without any specific optimizations. The low-level services implement the permutations and the state input/output functions, for which we provide optimized code for different platforms. Another interesting topic to discuss is how the parallelism is exploited on modern processors with SIMD units.</p> Gilles Van Assche CAESAR competition KangarooTwelve Keccak code package Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:50 Janson password_keeper From the Electronics to the High Level Software... Security and Encryption maintrack <p>The Mooltipass Offline Password Keeper project was started three years ago by a small community to provide a safe and offline way of storing credentials.</p> <p>Since then, about 50 individuals from around the globe have contributed to the project, bringing two models of the Mooltipass device to market.</p> <p>Mooltipass devices are currently used by thousands of people, several major companies, and government agencies. This talk will describe the Mooltipass hardware, firmware and software architectures with a focus on what it took to move from idea to commercial product, while having all the development and production files publicly available on GitHub.</p> <p>While writing for Hack-a-Day, in December 2013 project creator Mathieu Stephan had the crazy idea of creating an open hardware device using a team spread all over the globe. He posted a call for developers on hackaday.com, which resulted in a team of 20 individuals. Over the course of three years, using a variety of free (Trello, Google groups, IRC) and open source (KiCad, Gimp, GCC) tools the Mooltipass team developed a complete solution composed of:</p> <ul> <li><p>Firmware for the devices (AES encryption, storage management, graphics, random number generation, smartcard management)</p></li> <li><p>Two models of physical device each composed of a PCB, case, screen, usb and smartcard connectors</p></li> <li><p>Several open source software solutions to provide computer integration with the device, depending on the users' preferences: a cross platform daemon (Windows, Linux, Mac) [moolticute], a python management tool [mooltipy], a chrome and firefox extension, and a chrome app to provide native integration with websites</p></li> </ul> <p>Having a complete, unremunerated teamworking on the Mooltipass project during their spare time created interesting management challenges, particularly with respect to establishing and enforcing coding rules and commenting practices. The first crowdfunding campaign successfully raised $125k in December 2014, which was more than sufficient to start the ball rolling. The second crowdfunding campgin for the Mooltipass Mini raised $168k last October.</p> Mathieu Stephan Mooltipass repository Our website Mooltipy repository Moolticute repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:50 Janson safe_internet Introducing SAFE, the decentralised privacy-first storage and communication network Security and Encryption maintrack <p>Servers are hacked. Passwords leaked. Personal information stolen. DNS DDoS'ed. Cloud services are mining and exploiting everything they can get their hands on. The core problem; centralised server infrastructure.</p> <p>In this talk, we will introduce you to SAFE, a decentralised privacy-first open source data storage and communications network enabling anyone to develop decentralised, secure, privacy-concealing apps.</p> <p>There is no more denying it; the server-centric infrastructure has failed us: personal information mined, private photos are stolen, passwords leaked, entire infrastructures DDoS'ed – en masse. We are doomed!</p> <p>But are we? Actually, as engineers, we know better: a decentralised network has the highest reliability. With distributed computing resources that can scale up and down on-demand and aren't bound by physical limitations. And we've been building these systems, clusters of databases across data centres, successfully for years – in our server backends. On the public internet, however, we are still using a single point of failure infrastructures: DNS, single endpoint IPs.</p> <p>But issues with the existing Internet infrastructure don't stop there: government firewalls can block web services for entire countries, our plain text communication is heavily surveilled, and companies mine our most personal and private data for their profit. To protect one's privacy, people have to resort to obfuscation protocols like Tor – with significant drawbacks like slower connectivity and worsened user experience. But even then the data is still stored, exploited and stolen from the centralised "cloud providers".</p> <p>It is time that we bring those concepts of distributed computing, decentralised storage and communication out of the data centres into the realm of the wider internet. Combine that with an obfuscating peer-2-peer routing mechanism, a transparent, self-encrypting public-key-infrastructure and automatic data retention, and you have covered the basics of what the open source SAFE Network software provides.</p> <p>In this talk, we explore the SAFE Network, the underlying DHT-based routing, and the XOR-namespace and how they are used to successfully conceals connectivity and even metadata itself by making it infeasible for an attacker to calculate the path data will travel. We will discover what it means to build privacy-first Apps on a network where all data is sandboxed per tenant and distributed over multiple machines. Furthermore, by taking a look at the APIs SAFE provides and going through some example apps, we will learn how to structure and build fully distributed, privacy-first Apps on SAFE today.</p> <p>Finally, we will take a look into the future of SAFE, what apps are in development and how developers could alternatively be paid through the built-in currency based on the app usage rather than the exploitation of personal data.</p> <p>SAFE, Secure Access for Everyone.</p> Benjamin Kampmann the SAFE Network SAFE Developer Community MaidSafe Company Website Source Code on Github SAFE User Forum Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:50 Janson securing_automated_decryption New Cryptography and Techniques Security and Encryption maintrack <p>This talk covers an alternative to key escrows using new cryptographic techniques implemented by the Clevis (client) and Tang (server) projects.</p> <p>Keeping secrets is tough. It is hard enough when you have control over the full computing chain. But now we are expected to keep secrets while storing those secrets in cloud and SaaS infrastructures. At least we can trust the network providers, right? Of course, the answer is to encrypt the data. But then how do we know who should have access to the data and when? This talk will look at the new strategies and cryptographic techniques implemented by the Tang and Clevis open source projects. Tang forgoes complex (and compromise-prone) key management infrastructures by using simple algorithms to bind data to third party entities. Clevis permits sophisticated unlocking policies that go beyond simply password management to true attributed cryptography. Come see how to integrate Tang and Clevis into your infrastructure or software project!</p> Nathaniel McCallum http://github.com/latchset/tang http://github.com/latchset/clevis Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:50 Janson wireguard Cutting edge crypto, shrewd kernel design, and networking meet in a surprisingly simple combination Security and Encryption maintrack <p>WireGuard is a next generation VPN protocol, which lives in the Linux kernel, and uses state of the art cryptography. One of the most exciting recent crypto-networking developments, WireGuard aims to drastically simplify secure tunneling. The current state of VPN protocols is not pretty, with popular options, such as IPsec and OpenVPN, being overwhelmingly complex, with large attack surfaces, using mostly cryptographic designs from the 90s. WireGuard presents a new abuse-resistant and high-performance alternative based on modern cryptography, with a focus on implementation and usability simplicity. It uses a 1-RTT handshake, based on NoiseIK, to provide perfect forward secrecy, identity hiding, and resistance to key-compromise impersonation attacks, among other important security properties, as well as high performance transport using ChaCha20Poly1305. A novel IP-binding cookie MAC mechanism is used to prevent against several forms of common denial-of-service attacks, both against the client and server, improving greatly on those of DTLS and IKEv2. Key distribution is handled out-of-band with extremely short Curve25519 points, which can be passed around in the likes of OpenSSH. Discarding the academic layering perfection of IPsec, WireGuard introduces the idea of a "cryptokey routing table", alongside an extremely simple and fully defined timer-state mechanism, to allow for easy and minimal configuration; WireGuard is actually securely deployable in practical settings. In order to rival the performance of IPsec, WireGuard is implemented inside the Linux kernel, but unlike IPsec, it is implemented in less than 4,000 lines of code, making the implementation manageably auditable. These features converge to create an open source VPN utility that is exceedingly simple, yet thoroughly modern and secure.</p> <p>The presentation will be divided up into several parts. First, there will be an overview of the problems with IPsec, OpenVPN, and other popular VPNs, outlining attacks and weaknesses. Next, the WireGuard idea of the "cryptokey routing table" will be introduced, and we’ll walk through several properties derived from it. This will transition into a discussion of the timer state mechanism, and how secure protocols are necessarily stateful, but it’s possible to make them appear stateless to the user by exhaustively defining all possible state transitions. Then we’ll get into the hardcore meat of the presentation: the cryptography and various crypto innovations behind WireGuard. We will discuss the triple Diffie-Hellman, the role of combining static and ephemeral keys, the performance and DoS-potential of Curve25519 point multiplication, using a PRF chaining for rotating keys, identity hiding and remaining silent on a network, and clever usage of authenticated encryption with additional data. We will examine the various attack models, and enumerate the cryptographic mitigations employed by WireGuard. The sum will be a comprehensive overview of modern day crypto tricks, attacks, and useful constructions, and how these insights have been funneled into WireGuard. Finally, we’ll examine the Linux kernel implementation of WireGuard, seeing how it’s possible to avoid allocations in response to unauthenticated packets as a defense coding technique. During the presentation, a live WireGuard endpoint will be provided to audience members who wish to send packets, whether encrypted, legitimate, malformed, dubious, or otherwise curious.</p> <p>Threaded throughout will be an enumeration of attacks on existing protocols and cryptographic tricks for their mitigation.</p> <p>My background is in security -- kernels, hardware, reversing, crypto, large networks, etc -- and as such I've broken a lot of systems with some novel tricks and protocol insights. WireGuard is motivated by a sort of cornucopia of clever attacks (crypto and otherwise) against other networks. I made it because I wanted something I could actually confidently run on my own infrastructure, and none of the other tools were nearly up to the task. So, this talk is going to go into depth about real attacks on various protocols, in addition to unveiling some techniques to avoid entire classes of attacks.</p> <p>Finally, since WireGuard is initially implemented for the Linux kernel, there have been some very interesting considerations to account for with kernel programming. Cross platform implementations are also in the works, written in Go and Rust.</p> Jason A. Donenfeld WireGuard Website Technical White Paper Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:50 Janson encrypting_matrix Building a universal end-to-end encrypted communication ecosystem with Matrix and Olm Security and Encryption maintrack <p>For the last 2 years the Matrix.org team has been working on libolm - a clean-room FOSS liberal-licensed (Apache) independent specification and implementation of the end-to-end encryption Double Ratchet Algorithm as popularised by Signal, WhatsApp, Facebook Messenger, Google Allo etc. As of November 2016 the spec and library is finally finished and being unleashed on the world, successfully audited by NCC Group, and is available as part of Matrix's client SDKs for Web, iOS &amp; Android and apps that use them (e.g. Riot.im).</p> <p>In this talk we will discuss Matrix's mission to be an open, global end-to-end-encrypted communications network - showing that it's possible to build open communication infrastructure which is both secure <em>and</em> decentralised (unlike the silos of Signal, Wire, etc); where users can own their data and pick who they trust to run their service. We'll show how you can use Matrix to securely defragment communities scattered over proprietary silos such as Slack, Telegram and Gitter, open silos like Rocket.Chat and MatterMost - whilst also bridging to IRC, XMPP and even SIP.</p> <p>We'll also introduce the Megolm cryptographic ratchet - a new ratchet written by Matrix to tackle the specific problem of encrypting Matrix rooms, which may have thousands of users and require synchronised history over multiple devices (including new devices). Megolm is layered on top of the Olm ratchet, and is unusual in that it encrypts per-device rather than per-user, and lets rooms specify how much scrollback may be decrypted by new devices: providing a customisable trade-off between privacy and usability. This is a major step forwards from other systems which unilaterally prioritise privacy over usability.</p> <p>Finally, we'll give a quick tour of all the FOSS clients, bots and bridges that the community has built on Matrix over the last year - ranging from native Qt clients (Quaternion, NaChat, Tensor), CLI apps (WeeChat), React webapps (Riot, Freebird) to Native mobile apps (Riot).</p> <p>Matrix.org is a non-profit open source initiative dedicated to creating and maintaining the Matrix open standard for decentralised communication, whose goal is to create an open and secure ecosystem for interoperable messaging, VoIP and IoT communication on the internet.</p> Matthew Hodgson Matrix spec Olm spec Megolm spec Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:50 Janson quantum a gentle overview Security and Encryption maintrack <p>The goal of this talk is to give a simple insight of what quantum computing is, what makes it so different; to see when it poses a threat to existing crypto solutions and when it is not.</p> <p>This talk will show what quantum computing is: how cubit is different from an ordinary bit and what new opportunities this provides. We'll take a look at algorithms important for cryptanalysis. QCL — a free software tool to simulate quantum computer will be discussed as well.</p> <p>In the second part of this talk an impact on widely used cryptographic algorithms will be discussed. Algorithms resilient to quantum computing will be reviewed. Codecrypt — a free GPG-like software for postquantum crypto will be discussed.</p> <p>Note: this talk is intended to be an understandable overview, not a completely strict and full introduction to the subject.</p> <p><em>Erratum:</em> As was noted after my talk by one of the listeners from the Oxford University, slide 9 "Qubits: implementation" contains outdated information about quantum storage progress: the latest result allows to store it for several hours instead of 1.75 sec I mentioned. Impressive progress. Thank you for your input, friend, sorry I don't know your name.</p> Andrew Savchenko Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:00 00:50 Janson air_traffic_control Hardware and Operating System Platforms Keynotes keynote <p>How can Open Source Software and safety critical systems work together? DFS GmbH relies on Linux for its core air traffic control systems. We have successfully managed to standardize a highly reliable, modular operating system and hardware platform at DFS.</p> <p>In a brief overview we explain the challenges, technical and non-technical ones, we have faced getting to the modular platforms. What approaches did we take and why? Which ones did work out in the long end? We will cover a broad range of aspects ranging from hardware life cycles, application lifecycles, regulations, deployment solutions, user acceptance, cost cutting and testing.</p> Gerolf Ziegenhain Video recording (mp4) Video recording (WebM/VP8) Submit feedback 17:50 00:10 Janson closing_fosdem Keynotes keynote <p>Some closing words. Don't miss it!</p> FOSDEM Staff Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:50 K.1.105 (La Fontaine) better_manual Read The F* Manual? Maybe you need to write a better f* manual Documentation maintrack <p>Project documentation is so much more than just the formal manual. It's how you present yourself in all the forums where users may ask for help - IRC, mailing lists, StackOverflow, and in-person events. If you want people to use your project, and if you want people to join your project, you must be willing to listen to their needs, and be welcoming of their contributions.</p> <p>Definition: RTFM - Read The F'ing Manual. Occasionally it is ironically rendered as Read The Fine Manual. A phrase uttered at people who have asked a question that we, the enlightened, feel is beneath our dignity to answer, but not beneath our dignity to use as an opportunity to squish a newbie's ego. Documentation, and technical support in general, sets the tone for your community, in that it determines who sticks around. If you're a jerk, the next generation of your community will be composed of jerks. Based on 20 years of Open Source documentation experience, and lessons learned about not being a jerk, and crafting great documentation as a side-effect, this talk encourages you to see your entire project community as its documentation.</p> Rich Bowen Submit feedback 11:00 00:50 K.1.105 (La Fontaine) legacy_docs Documentation maintrack <p>How to turn legacy docs into user-story-based, modular content to better serve users while reducing maintenance load and overall amount of docs.</p> <p>It has become cumbersome to wade through chapters upon chapters of docs, looking for the relevant bits, especially with the advent of embedded applications, container deployments, and other usage scenarios that target highly specialized use cases. We need topic-based, action-oriented content to guide users through specific tasks. So, how do we turn the voluminous guides of yesterday into lean, modularized narratives that are easy to maintain, scale well, and still allow for a ‘guide-like’ experience when it is required? In this presentation, Robert Kratky will describe the work docs writers at Red Hat are doing to solve this problem: re-purposing the existing body of documentation, so that its parts – adapted into modular units to allow for reuse – can be dynamically combined.</p> <p>Traditionally, Linux documentation has been perceived as lacking in user friendliness and oftentimes in quality or scope. This presentation will help attendees understand what problems Linux (and OSS) documentation faces, what is being done to remedy the problems, and how can existing documentation be improved or re-purposed to address future requirements and user expectations. The audience is anyone interested in documentation for Linux and open-source products, which includes technical writers, content strategists, support engineers, developers, and members of management who want to understand documentation processes and new methods of supporting users through documentation. Attendees can expect a presentation and discussion of ways to modernize existing documentation and adapt it for new expectations with regard to content consumption.</p> Robert Kratky Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:50 K.1.105 (La Fontaine) storytelling Importance of storytelling in open source projects Documentation maintrack <p>One of the most well-known writers of literature, J.K. Rowling is a master of storytelling. What you might not have guessed is that open source and J.K. Rowling have something in common. The importance of storytelling in open source projects is as important as some of Rowling's famous characters in Harry Potter. In this session, speaker Justin W. Flory introduces the role of storytelling in open source projects and how to uncover that narrative. There a variety of tools and methods that can be used to help tell the story of project, particularly with data analysis. By the end audience members will understand the role of crafting the story of their open source project and how it motivates the community, what methods are available for writing this story, and what the outcome of focusing on storytelling results in.</p> <p>J.K. Rowling has an ability to see a story and bring it to life through powerful methods of storytelling. But what you might not have guessed is that open source and J,K. Rowling both have something in common. The importance of storytelling in open source projects and communities is as important as some of Rowling's famous characters in Harry Potter. Finding ways to derive the story of a project community from lines of code, commit messages, and IRC conversations is a challenging but worthwhile task.</p> <p>In this session, speaker Justin W. Flory introduces the role of storytelling in open source projects and how to best uncover that narrative. There are a variety of tools available to project communities to help them extract data to perform an analysis and mix of methods you can use regardless of what data you have available. Justin pulls from his experience as one of the founding members of the Fedora Community Operations team, working with team members with backgrounds in writing and data analysis, and the editor-in-chief of the Fedora Magazine.</p> <p>By the end of the session, audience members will understand the role of crafting the story of their open source project and how it motivates the community, what methods are available for writing this story, and what the outcome of focusing on storytelling results in.</p> Justin W. Flory Fedora Project user page Fedora at FOSDEM (Bhagyashree 'Bee' Padalkar) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:50 K.1.105 (La Fontaine) riscv Open Hardware for Your Open Source Software Architectures maintrack <p>RISC-V is a new open, royalty-free instruction set specification from the University of California, Berkeley that is finding its way into applications that range from IoT to supercomputing. With the advent of RISC-V, hardware implementers are now able to build fully open-source CPUs.</p> <p>RISC-V distills over 30 years of RISC processor research at Berkeley and elsewhere into an extensible instruction set that can be fully customized. In this talk, we will discuss the goals of the RISC-V project and dig into the RISC-V instruction set. We will also give an overview of some popular open-source RISC-V hardware implementations as well as the RISC-V open-source software stack.</p> Arun Thomas Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:50 K.1.105 (La Fontaine) the_machine Architectures maintrack <p>The Machine is a hardware project at Hewlett Packard Enterprise which takes a new look at computer architecture. With many processors and large amounts of directly addressable storage, The Machine program has offered an equally large opportunity for developing new system software. Our team at HPE has spent the better part of two years writing new software and adapting existing software to expose the capabilities of the hardware to application developers.</p> <p>Taking off from my presentation at LCA 2016, this presentation will explore the changes we've made throughout the Linux environment, from security infrastructure to new file systems.</p> <p>As directly addressable storage is such a large part of the new hardware, this presentation will focus on a couple of important bits of free software which expose that to applications, including our Librarian File System and Managed Data Structures libraries.</p> <p>Managed Data Structures introduces a new application programming paradigm where the application works directly on the stable storage form for data structures, eliminating serialization and de-serialization operations.</p> <p>Finally, the presentation will describe how the hardware is managed, from sequencing power to a rack full of high-performance computing hardware, through constructing custom Linux operating systems for each processor and managing all of them as parts of a single computing platform.</p> Keith Packard Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:50 K.1.105 (La Fontaine) tempesta Linux Application Delivery Controller Miscellaneous maintrack <p>Tempesta FW is a high performance open source Linux application delivery controller (ADC). The project is built into the Linux TCP/IP stack to get maximum performance for normal Web content delivery and efficient traffic filtering for volumetric DDoS mitigation.</p> <p>I'll start by considering a simple example of how to build an ADC using traditional open source software. I'll describe drawbacks of the approach and why we started Tempesta FW's development. Next I'll go into the project internals and conclude the presentation with Tempesta FW performance benchmarks and several examples.</p> <p>Application delivery controllers (ADCs) are typically hardware appliances that accelerate Web content delivery, intelligently balance loads among upstream servers, employ QoS and traffic shaping to efficiently and elegantly mitigate DDoS on all network layers, and provide Web application firewalling and application performance monitoring. However, it seems there are no open source projects that are able to perform these tasks with comparable performance and accuracy.</p> <p>In this presentation I'll describe Tempesta FW - a high performance, open source Linux application delivery controller. The project is built into the Linux TCP/IP stack to get maximum performance for normal Web content delivery and efficient traffic filtering for volumetric DDoS mitigation.</p> <p>I'll start by considering a simple example of an installation of Nginx, Fail2Ban, and IPtables. Alternative configurations containing other open source projects will be covered as well. I'll describe why such configurations usually do a poor job, and why we started Tempesta FW's development.</p> <p>Next I'll describe how Tempesta FW services HTTP requests, and how the HTTP layer works with low-layer filter logic. There are several HTTP load-balancing strategies, including flexible distribution of requests by almost any HTTP field and predictive strategy by monitoring application performance. Several technologies at the basis of Tempesta FW's performance will also be covered:</p> <ul> <li><p>Linux TCP/IP stack optimizations for efficient HTTP proxying</p></li> <li><p>stateless HTTP parsing and using AVX2 instruction set to efficiently process HTTP strings</p></li> <li><p>lightweight in-memory database, TempestaDB, based on a cache-conscious lock-free data structure used for servicing a web cache</p></li> </ul> <p>I'll conclude with Tempesta FW performance benchmarks and show several installation and configuration examples.</p> Alexander Krizhanovsky Official site of the project Source code of the project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:50 K.1.105 (La Fontaine) session_recording An Open-Source Effort by Red Hat Miscellaneous maintrack <p>Now, when many IT-related services are delegated to external parties, government, medical, financial, and other organizations need tight tracking of what users and administrators do on their critical systems. Up to recording everything they see on the screen, the commands they execute, and files they access.</p> <p>In this presentation Nikolai Kondrashov will review available solutions for user session recording, open-source and otherwise, their benefits and shortcomings, and will present a new effort to create an integrated Open-Source solution.</p> <p>While there are many capable solutions for session recording, which can centrally collect, search and playback sessions, there is no such open-source code. The best we have is jump servers with script(1), or sudo I/O logging, all manually set up. This presentation will show an approach that would meet the needs of the modern enterprise.</p> <p>The presentation will include a demo of a user session and accompanying data being recorded, stored centrally, inspected and played back.</p> <p>The intended audience is developers of security, identity and policy management systems, as well as system administrators and security officers responsible for maintaining critical systems and preventing insider attacks.</p> Nikolai Kondrashov A brief project overview A short demo of one part of the solution A design page in FreeIPA wiki Some underlying source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:15 H.2215 (Ferrer) outlook_caldav The missing link in FOSS Exchange server replacement Lightning Talks lightningtalk <p>This talk introduces the only open source Outlook addin, Outlook CalDav Synchronizer, to synchronize calendars, tasks and contacts with CalDAV and CardDAV servers, Google or iCloud services. We will focus on the challenges faced integrating those protocols into Outlook. A case study of a large deployment in an university infrastructure will show the benefits of such a solution.</p> <p>Microsoft Exchange/Outlook together with the Exchange ActiveSync (EAS) protocol for mobile clients is still the most widely used groupware solution in enterprise environments. But what open source alternatives exist as Exchange replacements out there? Actually, there are many products implementing the open CalDAV and CardDAV protocols like SOGo, Horde Groupware, Zarafa or Owncloud/Nextcloud. Client integration is possible with mobile iOS and Android clients and desktop clients like Thunderbird/Lightning, but Outlook users were kept in the dark or needed proprietary 3rd party connectors. In 2015 even Zarafa, which had a strong focus on seamless Outlook integration, announced the discontinuation of their connector. A promising alternative, SOGo together with OpenChange as a native Open Source MAPI implementation, is not yet production ready in large scale enterprise scenarios and development stalled lately. Luckily, there is another solution on the horizon. This talk introduces the only open source Outlook addin, Outlook CalDav Synchronizer, to synchronize calendars, tasks and contacts with CalDAV and CardDAV servers, Google or iCloud services. We will focus on the challenges faced integrating those protocols into Outlook. Together with other open source solutions like SOGo or Nextcloud and DAVDroid for Android, a full open source exchange server replacement for desktop and mobile clients is finally possible and enterprise ready. A case study of a large deployment in an university infrastructure will show the benefits of such a solution.</p> Alexander Nimmervoll Project on Github Project on SourceForge Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:20 00:15 H.2215 (Ferrer) kopano Introduction to Kopano Collaboration Platform Lightning Talks lightningtalk <p>This talk will introduce Kopano, a fork of Zarafa which aims to provide a fully AGPLv3-licensed collaboration platform. The Kopano backend offers ICAL, POP3 / IMAP connectivity. Our Kopano-webapp web-based front-end offers functionality similar to Outlook. It also comes with optional WebRTC and Files sharing integration. Mobile device and outlook connectivity are provided by the Z-Push project which implements the ActiveSync protocol.</p> <p>Kopano is a fork of Zarafa and a full AGPLv3 collaboration platform.</p> <p>Kopano implements the MAPI specification and uses a MySQL database for storage, attachments can be stored on disk or in S3 to reduce the size of the MySQL database. Administrators are free to choose any MTA to be used in combination with Kopano.</p> <p>The core of Kopano is one (or multiple) kopano-server('s) which provide storage and authentication via various supported user backends: LDAP / AD / DB and PAM. All other functionality is implemented in MAPI clients, which are clients of the server and can be written in PHP or Python through use of our own bindings. These clients communicate MAPI over SOAP, which means that the server can not act as a drop-in replacement for Microsoft Exchange since the kopano-server does not implement the wire-protocol.</p> <p>The 'MAPI clients' provide the rest of the collaboration functionality:</p> <ul> <li>kopano-gateway IMAP, POP3 server (conversion of IMAP &lt;=> MAPI, POP3 &lt;=> MAPI)</li> <li>kopano-ical ICAL server (conversion of ICAL &lt;=> MAPI)</li> <li>kopano-webapp An web-based front-end which offers functionality similar to Outlook</li> <li>z-push PHP ActiveSync implementation, adds connectivity with Mobile devices (IMAP, Maildir, MAPI => ActiveSync)</li> <li>kopano-dagent Interface between MTA / MAPI. Converts EML's to MAPI Messages. Python plugins for administrators</li> <li>kopano-spooler Interface between MTA / MAPI. Converts MAPI Messages to EML's. Python plugins for administrators</li> </ul> <h2>Upstream support</h2> <p>The project is working with Debian maintainers to get Kopano packaged in Debian stretch.</p> <p>https://wiki.debian.org/Groupware/Kopano</p> <p>There is an Open SuSe Build service repository.</p> <p>https://build.opensuse.org/project/show/server:mail:kopano</p> <h2>Python-kopano</h2> <p>Since the rewrite of search from C++ to Python, there has been a lot of development towards a high level Python API for Kopano. Which allows a programmer to interact with Kopano as a client without MAPI knowledge. A backup tool has later been build on this high level API and we hope to remove more low-level C++ with Python and maybe eventually rewrite the whole server in Python and interact with components using a JSON protocol.</p> <p>Project page - https://www.kopano.io Git repository - https://stash.kopano.io/repos?visibility=public</p> Jelle van der Waa Kopano's community website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:40 00:15 H.2215 (Ferrer) requirements_bazaar Lightning Talks lightningtalk <p>Requirements Bazaar is an Open Source project developing a social continuous innovation platform on the Web to bring together users, developers and operators. It is available at https://requirements-bazaar.org. End users can enter their ideas, requirements or bug reports by providing short descriptions including textual descriptions and images. The requirements can then be voted and shared. Developers may take up ideas at any time to transfer the accepted requirements to an issue tracker like GitHub Issues. At FOSDEM 2017 we would like to present our ongoing work in keeping our responsive single-page Web application performant using Web Components, and discuss new ideas with the crowd!</p> <p>As developers, we have to acknowledge, that in most software projects there is a huge imbalance between millions of users on one hand, and a small amount of developers on the other hand. Additionally, we experienced that our users are our most precious source of innovative and often disruptive ideas about how to improve our software. That's why we are convinced it is important to provide feedback mechanisms so that users can easily report bugs or feature requests. In many of our development projects we tried out various means to do just that: users were guided to issue trackers like the ones provided by GitHub or JIRA, forums, emails or simple app store comments. The solutions were either not easy enough for users or simply did not scale well for developers. Commercial solutions didn't exactly fit our expectations or budget. Then we came up with Requirements Bazaar! :) Requirements Bazaar is an Open Source social continuous innovation platform to bring together users, developers and operators. It is freely available under https://requirements-bazaar.org and is currently hosting multiple interesting projects. Besides managing the innovation of our research projects, we see users adopting it for various exciting societal purposes like the digitalization processes of Afghanistan or creating the new IEEE standard for Augmented Reality learning.</p> <p>This is how our Web app works: End users can enter their requirements by providing short descriptions including use cases, screenshots and other images. The requirements can then be voted and shared. Then, developers may take up ideas and transfer the discussed requirements to an issue tracker like GitHub Issues.</p> <p>At FOSDEM 2017 we would like to encourage Open Source developers and designers in rethinking the way requirements are currently gathered from the crowd. How do we want to collect new software ideas or simply feature requests from our users? Is it effective to provide feedback forms in our apps’ “About” menu? Do our users think in terms of issues like we developers do? How can gamification be used to reward actual end-users of software? We hope Requirements Bazaar can answer these questions and fill the gap!</p> <p>We are also happy to talk about our experiences developing a performant responsive single-page Web application with Web Components using Polymer.</p> István Koren Web Frontend on GitHub Backend on GitHub Requirements Bazaar Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:15 H.2215 (Ferrer) repoman How We Do CI at oVirt Lightning Talks lightningtalk <p>Repoman is a tool developed in-house and used as a core tool in oVirt CI and release processes. It aids the process of integrating RPM packages from multiple sources into the single repo. Made to be self-contained, so it is easy to use from CI. Come and see what our use cases at oVirt are and how we use repoman to solve them. Being developed with an abstraction in mind it might be helpful to you too.</p> Anton Marchukov repoman GitHub Mirror repoman Documentation repoman gerrit Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:20 00:15 H.2215 (Ferrer) patchwork_jenkins Combining Patchwork and Jenkins for fun and profit Lightning Talks lightningtalk <p>What does it take to implement continuous integration-style automated testing into a mailing list-driven software project? Not a lot, actually. In this talk, we demonstrate how a simple but easily scaled testing system can be implemented for a such a project through the combination of Patchwork, the web-based patch tracking system, and open source CI tools such as Jenkins.</p> <p>At FOSDEM 2016, developers working on Patchwork, the web-based patch tracking system, demonstrated some of the ongoing work in Patchwork. This work ranged from UI improvements to new features and APIs but, collectively, it had the goal of enabling automated testing functionality for software projects developed via mailing lists. The Patchwork developers have been busy since then and the application, in widespread use since 2008, recently hit the 2.0 milestone, marking this functionality as complete.</p> <p>Projects such as the Dataplane Development Kit (DPDK) have quickly adopted the features that 2.0 brings, using them to enable real time, automated testing of patches sent to the mailing list. This automated testing provides a mechanism for developers to not only sidestep the more perfunctory of tasks, such as coding standard checks, but also to test changes in environments that they may not have at their disposal, such as differing hardware or OS configurations. As seen in projects pairing open source code collaboration tools like Gerrit or Rietveld with CI systems such as Jenkins or BuildBot, this continuous testing can provide huge improvements in developer velocity.</p> <p>In this talk, we demonstrate how to build a basic "checkstyle" testing system through a combination of Patchwork and an off-the-shelf, open source CI system. This system will retrieve patches and dependencies, apply and test them, and report the results back to both Patchwork and a separate mailing list. This configuration demonstrates the best of Patchwork's new features, and can be easily extended to cover far more complex testing scenarios.</p> Stephen Finucane Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:40 00:15 H.2215 (Ferrer) open_source_wiki and stop using closed source solutions like Atlassian Confluence Lightning Talks lightningtalk <p>XWiki is an Open Source Second Generation Wiki being developed for more than 12 years, fully with an Open Source model.</p> <p>In this Lightning talk we will show in 15 minutes how it can benefit the community thanks to it's flexibility and openness and now competes with very well known proprietary softwares. Powerful advanced features like Nested Spaces, Collaborative applications and it's scripting language to integrate external data, allows to reach new heights. Open source software can compete with solutions like Confluence or Microsoft Sharepoint.</p> Ludovic Dubost Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:15 H.2215 (Ferrer) tslib state of the touchscreen access library Lightning Talks lightningtalk <p>tslib is a more than 14 years old library that reads your touchscreen's input in order to help you optimize it for you. It took a break but now it's back.</p> <ul> <li>where does tslib come from? (pre-uinput days)</li> <li>what does it do?</li> <li>why still use it?</li> <li>the state of multitouch</li> <li>let's bring it back to debian (it's only in wheezy)</li> </ul> Martin Kepplinger tslib project page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:20 00:15 H.2215 (Ferrer) libuv Cross platform asynchronous i/o Lightning Talks lightningtalk <p>libuv is the platform abstraction layer used in Node, Julia, NeoVim and many other projects. It features an event loop, timers, signals, as well as many cross platform utilities including threading and name resolution.</p> <p>This lightning talk will introduce libuv and its current development state.</p> Saúl Ibarra Corretgé Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:40 00:15 H.2215 (Ferrer) spark How to prove key properties of Tetris and run it on ARM Cortex M Lightning Talks lightningtalk <p>SPARK is a programming language and a set of tools for building highly reliable software. The SPARK language is a subset of Ada and can be compiled with the GNAT toolchains to a wide range of platforms, including the popular ARM Cortex M3, M4 and M7. The SPARK language also provides specification features, so that the intended behavior of the program can be embedded in the program itself. The SPARK formal verification tool can check that a program does not contain any run-time error, such as buffer or integer overflows, and that the code complies with its specification. We will demonstrate these capabilities on a game of Tetris, whose core game logic has been proved, and which has been ported to several embedded platforms: SAM4S Xplained Pro Evaluation Kit, Pebble Time watch, Unity game engine, Arduboy game platform. We will show in particular that you don’t need any specific mathematical background to achieve such results!</p> Yannick Moy Portal for information and resources Free online e-learning course Online User's Guide Download community version Pro version from AdaCore GitHub repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:15 H.2215 (Ferrer) analyze_os_code How to leverage the code shared on GitHub with ease Lightning Talks lightningtalk <p>Google has made available a BigQuery copy of most open source code shared in GitHub. This allows any interested party to analyze 5 years of GitHub metadata and more than 42 terabytes of code easily. In this session we'll cover how to leverage this data - to understand the community around any language or project. With this, design requests and decisions can be made looking at the actual patterns discoverable through analytical methods.</p> <p>Google has made available a BigQuery copy of most open source code shared in GitHub. This allows any interested party to analyze 5 years of GitHub metadata and more than 42 terabytes of code easily. In this session we'll cover how to leverage this data - to understand the community around any language or project. With this, design requests and decisions can be made looking at the actual patterns discoverable through analytical methods.</p> <p>During a lighting talk we can quickly see:</p> <ul> <li>How is this run.</li> <li>How coding patterns have changed through time.</li> <li>Guiding your project design decisions based on actual usage of your APIs.</li> <li>How to request features based on data.</li> <li>The most effective phrasing to request changes.</li> <li>Effects of social media on a project's popularity.</li> <li>Who starred your project - and what other projects interest them.</li> <li>Measuring community health.</li> <li>Running static code analysis at scale.</li> </ul> Felipe Hoffa Announcement and collected links Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:20 00:15 H.2215 (Ferrer) sofa with an emphasis on medical simulation Lightning Talks lightningtalk <p>Simulation Open Framework Architecture (SOFA) is an open source multiplatform framework primarily targeted at real-time physical simulation, with an emphasis on medical simulation.</p> <p>It is mostly intended for the research community to help develop new algorithms, but can also be used as an efficient prototyping tool or as a physics engine.</p> <p>Started in 2004, SOFA is currently developed by 4 research teams from Inria (french research institute): Mimesis, Imagine, Defrost and Asclepios.</p> <p>Based on a C++ advanced software architecture, SOFA allows to:<br/> - Create <strong>complex and evolving simulations</strong> by combining new algorithms with existing algorithms<br/> - Modify most parameters of the simulation (deformable behavior, surface representation, solver, constraints, collision algorithm, ...) by simply editing an XML file<br/> - Build complex models from simpler ones using a scene graph description<br/> - Efficiently simulate the dynamics of interacting objects using <strong>abstract equation solvers</strong><br/> - Reuse and easily compare a variety of available methods<br/> - Transparently <strong>parallelize</strong> complex computations using semantics based on data dependencies<br/> - Use new generations of GPUs through the CUDA API to greatly improve computation times</p> <p>Today, SOFA gathers more than 10 years of research in physics simulation. Many publications were accepted, several simulators were developed and five startups were created.<br/> The research topics are diverse: <br/> - <strong>Solid mechanics</strong> with the simulation of the brain, the eye, the heart, the liver, the bones<br/> - <strong>Thermodynamics</strong> with thermo-ablation of tumors<br/> - Many other topics as <strong>image processing</strong>, <strong>Fluid dynamics</strong>, <strong>animation</strong> or <strong>biological applications</strong></p> Guillaume Paran Hugo Talbot SOFA Website SOFA GitHub repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:40 00:15 H.2215 (Ferrer) open_student_info_system A Belgian university decides to open source their core business Lightning Talks lightningtalk <p>The Catholique University of Louvain (Université catholique de Louvain - UCL) decided to rewrite their core business applications from Java/EE to Python/Django and make them freely available as open source software. This presentation intends to share with the community the experience on building OSIS, the open source transition, the cultural and technical shift, the engagement of students, teachers and employees on the improvement of their own user experience, the costs implied and the productivity gains.</p> <p>OSIS (Open Student Information System) is an application designed to manage the core business of higher education institutions. It is free and open source under the terms of GPL v3 public license, aligned with the strong spirit of knowledge sharing and collaboration with the community. The project is sponsored by <a href="http://uclouvain.be/index.html">Université catholique de Louvain</a> (UCL) in the context of its long term goal of modernising its information systems towards the next generation of students, devices, practices and technologies.</p> <p>We aim that UCL and many other higher education institutions adopt OSIS to be able to maintain, control and monitor the entire student’s career. This extends from the admission to the diploma and all information orbiting this fundamental process, such as planning the academic year, managing partnerships with other institutions for exchange and mobility programs, assigning teachers to courses and courses to students, etc. At the current stage, OSIS is designed to fulfil UCL’s needs, but it can be properly adapted to fulfil more needs coming from other institutions interested in joining the project, which is the case of Université Saint-Louis, Bruxelles.</p> <p>For us, offering a reusable system is not the only advantage of being open source. It also means:</p> <ul> <li>fully transparent operations for the entire academic community;</li> <li>inspiration for entrepreneurs to build integrated services to improve students academic experience;</li> <li>empower departments, endowed with the necessary expertise, to fulfill their particular needs by extending OSIS;</li> <li>build up students' experience on real world projects to boost their chances when applying for a job or founding a company; and</li> <li>reduced maintenance cost for the University thanks to the range of reliable open source products required by the application.</li> </ul> <p>But the path to open source was not simple. It required lots of discussions to finally find a realistic long term formula to meet the institution's major goals. Now that it is our reality, this history cannot be kept aside, but shared with FOSDEM's community. We are going to answer the following questions during the presentation:</p> <ul> <li>Why we are sharing our core business applications before any other higher education institution.</li> <li>How the academic community persuaded us to use Python/Django/PostgreSQL instead of JavaEE.</li> <li>How we are adapting to this new reality that requires much more discipline and high quality craftsmanship work.</li> <li>Why there is no doubt we will succeed in this entrepreneurship.</li> <li>Why we need your help to better manage and write this open source software.</li> </ul> Hildeberto Mendonça GitHub Repository Website Université catholique de Louvain Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:15 H.2215 (Ferrer) alyvix Visual synthetic monitoring of network applications that work through proprietary protocols Lightning Talks lightningtalk <p>The open-source software Alyvix is a synthetic monitoring system, based on computer vision. It automates any application, interacting with GUIs exactly as a human would do. In this way, Alyvix can check the availability and can measure the responsiveness of applications. From a computer science point of view, Alyvix is an open-source Python-based software, which can be deployed on Windows 64-bit machines as a part of an open-stack of libraries. Alyvix mainly relies on the following open-source software projects: RobotFramework for desktop automation, OpenCV and Pillow for image processing, TesseractOCR for text recognition and PyQt for GUI programming. Francesco Melchiori, as Alyvix product manager, will explain how Alyvix works leveraging on the aforementioned packages, what software design choices have been taken. Finally, he will show how this computer vision solution solves the need of an effective visual synthetic monitoring of proprietary network applications. This aims to suggest other use cases with the Alyvix API.</p> <p>The open-source software Alyvix is a synthetic monitoring system, based on computer vision. It automates any application, interacting with GUIs exactly as a human would do. In this way, Alyvix can check the availability and can measure the responsiveness of applications. Network applications suffer of latencies, or even downtimes, because of many factors having to deal with the complexity of data communications, for example client software, protocols, telecommunication channels, backend hardware resources, etc. Monitoring application performances from the end user perspective is the first step for keeping high the quality of the provided services. Alyvix provides GUI tools to reproduce user interaction flows on any application, interacting through mouse clicking, text typing or shortcut sending. Alyvix is not hardwired to application APIs but acts like a human user sitting in front of the monitor. Therefore, it is able to automate every on-premise or cloud application after having built so-called test cases. Alyvix checks the availability of network applications and measures their responsiveness. Hence, it outputs how long transactions take to be accomplished and reports the corresponding performance data in HTML pages. In case of test failures, these reports will show an animation of the broken transaction visually describing what has gone wrong. Through the integration with any monitoring system, for example Nagios or Icinga, performance time series charts can be created to recognize latency spikes and service downtimes. Alyvix certifies the ongoing quality of service and highlights when and in which location it is higher or lower than expected. Thanks to these insights, IT operations teams can modulate infrastructure resources and IT clients can check their SLA with providers. From a computer science point of view, Alyvix is an open-source Python-based software, which can be deployed on Windows 64-bit machines as a part of an open-stack of libraries. Alyvix mainly relies on the following open-source software projects: RobotFramework for desktop automation, OpenCV and Pillow for image processing, TesseractOCR for text recognition and PyQt for GUI programming. Francesco Melchiori, as Alyvix product manager, will explain how Alyvix works leveraging on the aforementioned packages, what software design choices have been taken. Finally, he will show how this computer vision solution solves the need of an effective visual synthetic monitoring of proprietary network applications. This aims to suggest other use cases with the Alyvix API.</p> Francesco Melchiori Alyvix - Visual Synthetic Monitoring Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:20 00:15 H.2215 (Ferrer) energy_data what, how, and why Lightning Talks lightningtalk <p>This lightning talk will provide you with the necessary context and links to start working with energy data in your own projects.</p> <p>The Smart Grid is coming, at webscale, enabled by Internet of Things, resulting in Big Data. A clear statement, right? Not at all! Let me show you what is going on behind these buzzwords:</p> <ol> <li>First I'll take you briefly through the analog origins of utility energy data to help you understand why this seems counter-intuitive by modern standards.</li> <li>Second I'll go over the driving force for opening up the energy data: why sustainable energy demands it, and how businesses and consumers can benefit.</li> <li>Then having created a common understanding of the word of energy data, I'll go over developments in mainly the field of Internet of Things to highlight the potential, but also where it fall short to support renewable energy. I will specifically address practical technologies and frameworks, and some examples of energy data usage.</li> </ol> <p>This lightning talk will provide you with the necessary context and links to start working with energy data in your own projects. As a bonus it will also make you aware of differences inside Europe, as this might be a hindrance in your project.</p> Nico Rikken Blogpost: Energy data deserves a standard Video (MP4) Video (WebM) Submit feedback 14:40 00:15 H.2215 (Ferrer) citybikes Bike sharing networks around the world Lightning Talks lightningtalk <p>Many years ago I built a FOSS Android application for our local bike sharing system. After realizing global bike sharing information was not publicly available we ended up going after the task of solving the problem for once and for all: a free and open API for others to create applications, visualizations and research on bike sharing data. Fast forward today and thanks to the community, the CityBikes project supports more than 400 cities all around the world and our API powers most bike sharing transportation apps on all platforms.</p> <p>The CityBikes project is a good example of the benefits on the so-called "open data". When data is made available, the community is eager to contribute to and improve public services. We are usually regarded as an "open data project", even though less than 10% of our data feeds come from properly licensed, documented and machine readable feeds. Our project showcases the need of a better policy than the PSI Directive [2] regarding re-use of public sector information, and some common misconceptions between representation and data.</p> <p>The main problem with the PSI Directive is that it does not take into account Public-Private partnerships (PPP). If data ownership or re-use is left out of the deal, the company kidnaps the data and leaves both the city council and its citizens at the mercy of the company providing the service. That is, only the company (or any other company in agreement with the "umbrella company") is to provide applications to use their systems. We as citizens should demand that any project that comes as a result of a public-private partnership should put the data right where it belongs: the public.</p> <p>When I started this project on the year 2010 little did I know I would end up battling city councils and companies to release their data as public feeds, nor I could imagine pybikes [3] was going to help create apps for all platforms [4] without having to code a single line.</p> Lluís Esquerda Website API pybikes Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:15 H.2215 (Ferrer) gravimetric_phenotyping Finding low-cost solutions to continuous plant monitoring for scientific purposes Lightning Talks lightningtalk <p>An open source design for a Gravimetric phenotyping system for plant science. Commercial solutions tend to skip over technical information that leads to inaccurate results. We are developing a system suitable for scientific research</p> <p>We have encountered a lot of issues with proprietary systems for gathering research data. Therefore we have started designing our own and have made it free and open source (https://github.com/NPPC-UK/Gravimetrics).</p> <p>We have so far built a lot of the software and hardware designs in order to operate a gravimetrics system for watering and recording data on plants</p> Nathan Hughes Our source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:20 00:15 H.2215 (Ferrer) gridsound Pushing the boundaries of the Web Audio API Lightning Talks lightningtalk <p>GridSound is a free open source HTML5 audio sequencer based on the new fresh Web Audio technology. Drag and drop your samples, mix them and create a composition directly in your modern browser.</p> <p>GridSound uses many new HTML5 technologies, the main one is the Web Audio API which provides a powerful and versatile system for controlling audio on the Web. We chose to extract all the reusable Web Audio code into a standalone library: webaudio-library. The user's intial audio sample files have to be dropped into the app then into the samplegrid. For these actions we use the Drag and drop API, and for opening and read the files we use the File API. User Interface : We write our design with a modern CSS3 without any browser prefixes (eg : -webkit, -moz) and by using properties like transition and display: flex, the CSS is organised into different files using Sass (SCSS). The HTML part is separated into different templates, for that we use Handlebars. We use &lt;canvas> to draw a live audio analyser of the master output, and all the audio waveform are drawn with SVG.</p> Melanie Ducani (Misty) Thomas Tortorini Application Wiki Gridsound code How to test it WebAudio-library Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:40 00:15 H.2215 (Ferrer) grub_new_maintainers New maintainers, news and future Lightning Talks lightningtalk <p>Presentation of new maintainers and ongoing work on new policies, ideas and opportunities.</p> <p>In the lighting talk we would like to say several words about the project itself and it's history. After that we would like to spend some time describing current project status, current goals (in addition to global goals discussed in the first part) and release policy. Also we would like to introduce people reliable for the project, as several new members appeared in the maintainers team. In the end we would like to briefly describe open tasks and opportunities for people with different background to join the project.</p> Vladimir Serbinenko Official website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:15 H.2215 (Ferrer) interledger Payments & Micropayments to/from Any Currency Lightning Talks lightningtalk <p>What if you could send money to anyone, instantly, in any currency and practically for free? What if users could support your project with tiny amounts of money each time they use it? What if we could use anything of value as "currency" and have it automatically exchanged when we want to make a payment?</p> <p>Interledger is the inter-networking protocol for money. It enables secure transfers across different currencies and payment networks. By connecting all different types of payment networks or ledgers together, Interledger can help create an "Internet of Value".</p> <p>This talk will include a demo of an Interledger payment, a technical overview of how it works, and examples of how Interledger can be built into other projects.</p> Evan Schwartz Interledger.org Interledger.js on Github Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:20 00:35 H.2215 (Ferrer) fosdem_infrastructure Lightning Talks lightningtalk Richard Hartmann Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:25 H.1301 (Cornil) whats_in_your_binary Tracing back from a binary to its corresponding source code Legal and Policy Issues devroom <p>Software is (often) distributed as binary. But where is the corresponding source code? Given a binary, how can you find out which source code was used to compile?</p> <p>Using advanced techniques and open source tools, we can find out which source code was built in a binary. The applications are important for FOSS license compliance and/or enforcement as well as general code hygiene and build sanity.</p> <p>Can you tell exactly which files are baked into the binaries of the software you build and distribute?</p> <p>There are many applications for this knowledge:</p> <ul> <li>facts finding for FOSS license compliance and enforcement.</li> <li>better control of what third-party code you use and depend on and their related FOSS license requirements.</li> <li>general software and build hygiene such as pruning obsolete or dead code.</li> </ul> <p>With clarity on what's in your binary, you can better understand:</p> <ul> <li>if a file is really used or not and what it is used for.</li> <li>if and how files are linked together such as static vs. dynamic linking.</li> <li>if some extra files are pulled from network repositories at build time.</li> <li>what are your build and runtime dependencies.</li> </ul> <p>We will review why this does matter, present available FOSS tools and techniques to get back to the corresponding sources from built binaries using dynamic build tracing and static analysis; and the applications, usage and caveats of these techniques for various programming languages and platforms.</p> <p>So join me and let's find out <em>what's in your binary!</em>?</p> Philippe Ombredanne TraceCode source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:45 H.1301 (Cornil) patently_prepared Are FOSS Companies Ready to Deal with Patents in the US and Europe? Legal and Policy Issues devroom <p>Most small businesses have no patent strategy. Though many FOSS companies have policies in place regarding copyright and keeping detailed records of code contributions, few have paid enough attention to how patent litigation could affect them. For those FOSS businesses active in multiple countries or looking to expand into an international market, failure to understand the patent ecosystem in each jurisdiction could be a costly mistake.</p> <p>Most small businesses have no patent strategy. Though many FOSS companies have policies in place regarding copyright and keeping detailed records of code contributions, few have paid enough attention to how patent litigation could affect them. For those FOSS businesses active in multiple countries or looking to expand into an international market, failure to understand the patent ecosystem in each jurisdiction could be a costly mistake.</p> <p>This talk will use recent cases and ongoing changes in the patent systems of the US &amp; Europe as modern examples for our discussion. We'll describe the pitfalls that can affect any company, tabulate the costs of litigation, and offer methods businesses can use to reduce overall risk.</p> <p>With the future of the European Union's Unitary Patent Court in limbo due to the Brexit, and with no public position on patents from the United States' next administration, leaders in Free Software owe it to themselves and their companies to be more agile and more prepared to address patent issues -- whether they work at a small startup or at a large multinational corporation.</p> Robinson Tryon Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:20 00:25 H.1301 (Cornil) open_patents Hacking the patent system. Legal and Policy Issues devroom <p>Many people, also software developers, put their inventions or innovations on the 'market' without filing patents. For good reasons: the patent privileges to exclude others are not really compatible with freedoms and openness. However, to protect your freedom to operate, you need to avoid that others file a patent on your invention. Open Patents are a new way to do this.</p> <p>Software patents are still a threat. When you publish your software code, a company or a patent troll might file a patent for the inventions in your code. The patent offices should not grant patents for existing knowledge ('prior art'), but they will have a very hard time to find the ideas in your code. As such the troll might succeed in getting the patent, and might stop you and everyone else from further exploitation of your ideas.</p> <p>Patents are a classical protection against patents, but it's an expensive and overly offensive solution. Defensive publications are another solution. But this concept is not well known and doesn't get a lot of recognition. The established implementations are commercial, have a per page publication fee and hide the defensive publications behind a paywall. The Defensive Publications program, a component of Linux Defenders, uses such commercial channel, but waives the publication fee and republishes openly outside the paywall. This solution is however for a very narrow (Free software) field and lacks the popularity it deserves.</p> <p><a href="http://openpatentoffice.org/">The Open Patent Office</a> is a non-profit organization that aims to stimulate innovation by providing an open, free and social alternative to the traditional patent offices. It allows inventors to register their innovative ideas as open patents. Open patents act as defensive publications. The Open Patent Office publishes these descriptions, timestamps them, gives them an open patent number, classifies them, facilitates discussion and facilitates easy searching and finding by patent examiners and the general public.</p> Frederik Questier http://openpatentoffice.org/ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:50 00:25 H.1301 (Cornil) is_gpl_a_contract Legal and Policy Issues devroom <p>In this talk I will summarize the case law on the contract or license question in the U.S. Certain obligations under the GPL may be merely contractual, meaning there are less damages and enforcement mechanisms available to a plaintiff, while other obligations may have more teeth. I will use this analysis to help the community think about how it might craft software licenses in the future.</p> Max Sills Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:20 00:45 H.1301 (Cornil) f_and_in_freedom Codes of Conduct & Community Guidelines Legal and Policy Issues devroom <p>This talk examines the way the free software community communicates with one another, and ways codes of conduct and community guidelines affect language. By analyzing mailing lists, looking at the frequency with which participants use slurs and expletives before and after the institution of codes of conduct, we can see how effective these policies are, and what sort of spaces they are creating for community members and project contributors.</p> <p>This talk is the follow up to talks at Libre Planet (2016) and SeaGL (2016), taking a mostly (and then progressively less) humorous look on language used on Twitter and mailing lists, and the positive and negative ways we use strong language to talk about free software, and talk to each other about free software. This talk will include a general look at the purpose of codes of conduct and community guidelines, what sort of things make one policy "good" or "bad," and, when possible, the process by a given community agrees on the institution of one. It will then focus on statistical analysis of language use on a chosen number of mailing lists (including the Linux Kernel Mailing List), with outstanding examples.</p> <p>This talk will likely include some strong language.</p> Molly de Blanc Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:10 00:25 H.1301 (Cornil) trusted_service_provider An overview of some internals of our Trusted Service Provider Legal and Policy Issues devroom <p>The world of PKI and the interactions between browsers and Certificate Authorities are very complex these days. We are creating a Trusted Service Provider (TSP) to deploy to the public reliable certificates for free, free as in "free beer". What are the requirements to deliver extended validated certificates? Why do you have to pay for it? What will be the price? We believe that it is one of our principle rights to secure our identity and privacy in the digital space. You can't buy a basic right but you can organize an environment to make the best use of it.</p> <p>The talk gives an overview of our setup of a new Trusted Service Provider. The heart of all is a non-profit organization in Austria which will lead some legal bodies required to operate successfull. This NPO is open for all people who accept the United Declaration of Human Rights. We think this is a key factor for success. But a NPO like this is not a Certificate Authority. We need another organisation to take over all tasks of a CA which has to pass an audit with flying colours. A successfull performed audit is the key factor to play a reliable role in the market. Certificates will be accepted. Trust between this CA and the end users will be established. Last but not least a money flow must be organized. Individuals will get their certificates always for free. What about organizations? I will point out that a special kind of association will do and will work. The software to operate the CA is developed from scratch. Of course the software will be published under a FLOSS license.</p> Reinhard Mutz Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:40 00:45 H.1301 (Cornil) mozilla_root_program Tales of running an open and transparent Certificate Authority Program Legal and Policy Issues devroom <p>Seamless secure (TLS) connections on the internet are underpinned by the Web PKI - a system where Certificate Authorities (CAs) issue identity certificates to people and sites, and clients such as browsers have a "trusted root" list of those they think will do that job right. Mozilla runs the only open and transparently root program, which defines what Firefox (and probably your Linux distro) trusts; this talk explains how we use that power to make the Internet a safer and more secure place.</p> Gerv Markham Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:45 H.1301 (Cornil) permissive_or_dismissive Legal and Policy Issues devroom <p>In advanced free software legal and policy circles, a disturbing number of conversations treat it as given that fewer new projects are choosing copyleft licenses, and more are going the route of lax permissive. Though this has been repeated in news articles and blog posts, when we look deeper for evidence of the claim, we find either anecdotes (often from the field of corporate-backed project license choices), or highly questionable and unscientific data sets. Is it really so?</p> <p>In advanced free software legal and policy circles, a disturbing number of conversations treat it as given that fewer new projects are choosing copyleft licenses, and more are going the route of lax permissive. Though this has been repeated in news articles and blog posts, when we look deeper for evidence of the claim, we find either anecdotes (often from the field of corporate-backed project license choices), or highly questionable and unscientific data sets.</p> <p>Sometimes the claim is repeated by people just trying to set the table for other discussions about trends in free software or open source; sometimes it is promoted by people specifically arguing against copyleft (especially in business); sometimes it is raised as a concern by people defending copyleft. All three situations are worrisome in their own ways.</p> <p>This was all true in 2012, when I gave my talk "Is copyleft being framed?", but things have gotten worse since then.</p> <p>I'll discuss:</p> <p>1) new "data" and articles published since 2012, including issues with my own methodology;</p> <p>2) whether the contexts in which permissive license use does appear to be increasing mean what they are purported to mean, and whether those contexts are actually relying purely on permissive licenses or on other sorts of supplementary legal structures;</p> <p>3) prominent instances of copyleft usage, especially the AGPL and GPL; and</p> <p>4) different ways to study and understand the trends people are trying to get at when they talk about licensing choices in quantitative terms.</p> <p>In a community with so many computer scientists, lawyers, and talented researchers, it's important that we habitually put popular assumptions up for critique. Assumptions and bits of conventional wisdom need to be audited just like code, to ensure that the business plans and movement-organizing decisions which flow from them aren't based on rotten foundations.</p> John Sullivan Slides from referenced 2012 talk Submit feedback 14:20 00:45 H.1301 (Cornil) european_legal_entities Legal and Policy Issues devroom <p>As a FOSS/OSHW project grows, at some stage it often reaches a point where it requires a legal entity for better operation – whether this be to gather donations, pay for development, handle finances, organise events, consolidate rights, better governance or other reasons. So far in Europe there were no alternatives to setting up your own legal entity, and with it a huge tonne of work and obligations.</p> <p>But finally three host/umbrella organisations have just emerged in Europe and aim to offload this overhead from your projects.</p> <p>Join our panel to learn if and which of these organisations could help your project flourish best, as well as pose any open questions or concerns you may still have.</p> <p>Panelists include</p> <ul> <li>Simon Phipps, Founder of Public Software CIC</li> <li>Michiel Leenaars, Chairman of The Commons Conservancy</li> <li>Moritz Bartl, CTO of Center for the Cultivation of Technology</li> <li>Karen Sandler, Executive Director of the Software Freedom Conservancy</li> </ul> Simon Phipps Tom Marble Karen Sandler Moritz Bartl Michiel Leenaars Public Software CIC Software Freedom Conservancy Center for the Cultivation of Technology The Commons Conservancy Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:10 00:45 H.1301 (Cornil) foss_and_the_gdpr Overview of key changes to EU privacy law that FOSS can use to promote individual's privacy and autonomy Legal and Policy Issues devroom <p>The last year has seen significant changes to European Privacy. Last April the EU approved the GDPR, a comprehensive replacement for the European Privacy regime. The GDPR is a technology neutral regulation that has wide spread impacts on how individuals and business will use computers and the Internet worldwide. Free Software has an opportunity to help achieve the goal of the GDPR by baking in privacy and compliance into free software. This presentation will talk about key elements of the GDPR that free software is positioned to take advantage of to increase adoption of free software and promote privacy.</p> <p>This presentation will discuss what the General Data Protection Regulation is, the scope of its impact, and how FOSS developers can align their efforts with the GDPR to promote individual's privacy and on-line autonomy.</p> <p>Topics covered will include: what the GDPR is; who it applies to; and important legal rights such as the right to be forgotten, data portability, privacy by design and auditing requirements. By becoming aware of the demands the GDPR will be placing on organizations using FOSS, developers can invest in improvements to their projects that help organizations comply in a way that benefits individuals.</p> Marc Jones Text of the GDPR Wikipedia GDPR Page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 H.1301 (Cornil) free_software_legal_tools Legal and Policy Issues devroom <p>Companies are using more free software than ever, but often with little or no understanding of the licenses or the community norms that are part of the package. When it comes to talking about free software legal tools, we need to control the message. This talk will offer ideas on how we should craft and deliver our message around the adoption of free software legal tools.</p> <p>Companies are using more free software than ever, but often with little or no understanding of the licenses or the community norms that are part of the package. When it comes to talking about free software legal tools, we need to control the message. If we let other entities fill in the gaps in our outreach strategy, a lot of context and nuance will be lost. A poor or incomplete message hinders our ability to gain more widespread acceptance of free software tools and practices.</p> <p>Suing collaborators or consciously working to erode well-established community norms for short term gain has no place in the world the free software community is trying to build. Massive, globally useful, customizable software projects aren't merely a side effect of publicly available repositories, they're a product of intentionally cooperative communities with rules and legal safeguards. The FOSS community's message must be, "If you don't respect our legal tools, then you aren't a free or open source software company."</p> <p>Policy isn't made by coders. Official government policy is made by judges and legislators and company policy is made by engaging with business and legal teams. We need to foster better understanding of our tools and norms amongst policy makers. This talk will offer ideas on how we should craft and deliver our message around the adoption of free software legal tools.</p> Deb Nicholson Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 H.1301 (Cornil) dont_send_an_engineer A beginners guide to community legal engagement Legal and Policy Issues devroom <p>A thread on an open source project mailing list offers seven lessons on how to engage an open source community over legal issues.</p> <p>A thread on an Apache mailing list (Now safely in the past) provides a great illustration of what not to do when your employer's interests seem to need engagement in an open source community. Instead of asking a suitably-trained lawyer to directly engage, the company asked an engineer to engage when they wanted special terms for a contribution. They went on to propose custom terms, a custom CLA and even implied that they wanted private bilateral negotiations. This session runs through the thread and draws seven lessons for approaching an open source community with your legal issues.</p> Simon Phipps Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:05 H.1302 (Depage) go_welcome Go devroom <p>Word of welcome</p> Arjan van Eersel Submit feedback 09:05 00:25 H.1302 (Depage) go_mobile Android development with Go Go devroom <p>In this presentation I will talk about Android (and a little of iOS too) development with Gomobile. What options do we have when it comes to mobile devices and our favorite language, how to start and a few bits about my experience building an Android App.</p> Daniel Esteban Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:25 H.1302 (Depage) go_tail Go devroom <p>As part of a log file monitoring tool, I implemented a file tailer that keeps reading new lines from log files. This turned out to be much more challenging than I thought, especially because it should run on multiple operating systems and it should be robust against logrotate. In this 20 Minutes talk I will present the lessons learned, the pitfalls and dead-ends I ran into.</p> <p>The monitoring tool is <a href="https://github.com/fstab/grok_exporter">https://github.com/fstab/grok_exporter</a></p> <p>Slides: <a href="https://goo.gl/9ABX2R">https://goo.gl/9ABX2R</a> (docs.google.com)</p> Fabian Stäber Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:20 H.1302 (Depage) go_bpf Go devroom <p>eBPF is a Linux in-kernel virtual machine that is used for tracing kernel functions, networking, performance analysis and more. In this talk I will give an introduction into eBPF and gobpf, a new library under the IO Visor Project, and show how gobpf can be used to access and utilize eBPF features from Go programs. We will also look at the design of gobpf and its use of the bcc framework and Cgo.</p> Michael Schubert Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:40 H.1302 (Depage) go_gobot Go devroom <p>The Go programming language from Google has become well known for its power and portability in the containerization world. The open source framework Gobot (http://gobot.io) is written in the Go programming language, and brings this same power to IoT development, with support for many different hardware and software platforms.</p> <p>In this talk, including live demonstrations, we will show how high-performance IoT and robotics solutions can be built using Go.</p> Ron Evans http://gobot.io Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:15 00:30 H.1302 (Depage) go_git A pure Go implementation of Git Go devroom <p><a href="https://github.com/src-d/go-git">go-git</a> is a Git library written entirely in Go. It is designed to be developer-friendly and highly extensible. In this talk we will introduce go-git, the reasons why we created it, its current development status and its roadmap. We use go-git to fetch every Git repository that has been published (all GitHub, Bitbucket, self-hosted...) and analyze all source code history and we hope that it can support many other use cases.</p> <p>go-git intends to be the way to go for Git with Go and a solid alternative to libgit2 and jgit. Currently the library has 22k LOC's, has full read-feature parity with libgit2, has a dedicated team committed to it, and is the 3rd most popular git implementation. While it's still has a long way to go, we have already used it to fetch and analyze 17M GitHub repositories, so it has a good stability level for the feature set that we have implemented so far. Developers who are looking into building software to manipulate repositories at low level will find go-git a tool that can boost their productivity.</p> Santiago M. Mola go-git Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:45 00:45 H.1302 (Depage) go_scaling Go devroom <p>In this presentation we present some optimizations we have developed for the Minio object server. To maximize hashing performances for bit-rot protection we have exploited the Go Assembly capabilities to natively optimizing BLAKE2 and SHA2 techniques for both Intel and ARM platforms. In addition we will present a distributed locking package to aid with scaling a single server solution into a multi server solution.</p> <p>In this presentation we would like to focus on a couple of developments that we have done for the Minio object server in terms of performance improvements and scaling techniques.</p> <p>Regarding hashing we have developed Go packages for two hashing algorithms (BLAKE2 and SHA256) that take advantage of the Golang (or Plan9) assembly capabilities. These packages exploit SIMD instructions of Intel and the Cryptography Extensions for the ARM platform. The speed up range from 3 to 4 times (Intel) to 100X (on ARM). Due to the use of Golang assembly there is no need for a C-compiler in order to use these packages (when compiling from scratch). For the Intel platform SSE, AVX, and AVX2 specific version are available and the most performant architecture is automatically chosen.</p> <p>In addition we have developed a distributed locking and syncing package for Go. Its main features are: - Simple design for avoiding many tricky edge cases - No need for a master node - Resilient so other nodes are not affected when a node goes down - Drop-in replacement for sync.RWMutex -Automatically reconnect to (restarted) nodes - Limited scalability of up to 16 nodes</p> <p>We are successfully using this package for the Distributed version of the Minio Object Server</p> Frank Wessels Accelerated BLAKE2 hash algorithm Accelerated SHA256 hash algorithm A distributed locking and syncing package Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:40 H.1302 (Depage) go_state What to expect in Go 1.8 Go devroom <p>The state of Go, updated until go 1.8</p> Francesc Campoy Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:25 00:30 H.1302 (Depage) go_lighting_talks Lighting talks about Go Go devroom <p>Go lightning talks. This talk replaces Two Years With Go and ZeroMQ by Brian Knox.</p> Arjan van Eersel Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:55 H.1302 (Depage) monitoringautomation PHP and Friends devroom <p>Bugs, corrupt data or performance issues on web applications are often recognized far too late. In the worst case they are reported by the customer, so they probably have already done some serious damage - frustrated the user, made them lose trust or even corrupted their data. Finding these bugs or recognizing them early gets especially hard, if your application makes heavy use of background processes, daemons or cronjobs. They might even throw exceptions that are buried somewhere in the logs, and no one will ever be aware of them, until someone has a look into the log files.</p> <p>I want to show a way out of this misery and provide different solutions in form of practical examples. These will include different levels of monitoring - from simple text logs on the servers up to a fully monitored application including hardware monitoring, extensive metrics, indexed and searchable logs of the whole environment, performance analysis and alerts if something odd happens. I'll show different examples and give ideas when such a fully monitored solution is a good idea, or when a "light monitoring" is applicable.</p> Sven Finke Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:55 H.1302 (Depage) dashboardlaravelvuepusher PHP and Friends devroom <p>On the wall mounted TV in our office a dashboard is displayed. At a glance we can see what the current tasks for each member of our team are, which important events are coming up, which music is playing, if it will rain in the next 30 minutes, ... and much more. In this demo I'll explain how we leveraged both Laravel and Vue to build the dashboard. After demonstrating the dashboard itself we'll take a deep dive in the code. We'll take a look at the entire flow: the grid system, broadcast events, the Pusher service, some cool Vue mixins and much more. After this talk you'll be able to setup a dashboard using our code available on Github.</p> Freek Van der Herten Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 01:00 H.1302 (Depage) monolithtosoa PHP and Friends devroom <p>Let's look at how to migrate a legacy PHP application to a modern scalable set of services. The presentation will focus on best practices, pitfalls to avoid, and tools that will help you to safely achieve this long-term task. We'll also give some hints to move further to a fully micro-services environment.</p> Mathieu Gillot Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:25 H.1308 (Rolin) desktop_security Security devroom <p>Firewall, IDS, SELinux, ssh bastion, and others, the list of server side security measures is long. While servers can be reasonably secure nowadays, we always forget that there is always a way to enter by the desktop side. In this talk, we will explore various security measures to be used and deployed on a Linux desktop, and while it will be primarily focused on the Fedora distribution, lessons will be applicable to most Linux distributions and Unix systems.</p> Mickael Scherer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:25 H.1308 (Rolin) ptags Security devroom <p>What should be done of the PTags Linux Security Module?</p> <p>PTags means Process-Tags, it allows to tag processes and is compatible with user namespaces.</p> <p>What problem does it solves? How does it works? How can it be used and for what purposes?</p> <p>Answers to these questions would allows to answer the main question: should it be part of linux tree?</p> <p>PTags allows a system to attach tags to processes. The tags can receive values. The semantic of tags and of the values is not enforced and that is the big strength of that model that can be widely used for several purposes.</p> <p>This talk will answer the following questions: - What problem does it solves? - How does it works? (including user namespace) - How can it be used and for what purposes?</p> <p>It firstly came from studies on "user land" capabilities attached to APIs. But as the process of tagging can be more widely used in system, it became more generic and simply solve the problem of attaching data (or meta-data) to a process and its possibly forked children.</p> <p>It works by writing or reading the file /proc/PID/attr/ptags. When reading the file, the tag list is read. When writing the file, the tag list can be changed under conditions. The file can be monitored using inotify to be alerted on write accesses that presumely change the content. An available C library implements common operations.</p> <p>The implementation is aware of user namespace. It can thus be used safely in containers because a same process is able to expose different tags in different namespaces, depending on there history.</p> <p>Examples will show that it can be used for: - managing capabilities in the user land - setting cookies on processes - publishing, or exposing, data or state of a process - passing data without IPC - managing lifecycle of processes - tracking forks - ...</p> José Bollo repository and sources meta for yocto Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 H.1308 (Rolin) panopticon A Libre Cross-Platform Disassembler Security devroom <p>Panopticon is a graphical disassembler written in Rust that runs on GNU/Linux, Windows and OS X. It aims to create a free replacement for tools like IDA Pro and BinDiff.</p> <p>Analysis of closed source applications is necessary for security practitioners and FLOSS-developers. Roughly 1/3 of the FSF High Priority Projects will likely involve analysis of binary applications, on top of the dedicated reverse engineering projects. Yet, the majority of the tools to do this are closed source themselves. This problem extends to academia where the lack of stable and extensible binary analysis tools forces scientist to implement their prototypes on top of proprietary software. This further hampers adoption of the -- publicly funded -- research by practitioners.</p> <p>The Panopticon project aims to develop a tool to end the dominance of proprietary software for reverse engineering. What sets Panopticon apart from other free disassembler is that we believe an intuitive GUI is paramount to aid human analysts to understand as much of the binary as possible. As such Panopticon comes with an Qt 5 UI written in QML that allows browsing and annotating control flow graphs. Panopticon implements semantic-based analysis to resolve dynamic jumps and calls. We believe that a disassembler that knows assembly code semantics allows automation of common reverse engineering tasks and provide aids for manual analysis.</p> <p>The talk will touch on the vision and architecture of Panopticon. The target audience are reverse engineers interested in FLOSS tools and/or advanced static analysis as well as developers who want to contribute to the project.</p> Kai Michaelis Project website Source code repository and issue tracker Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 H.1308 (Rolin) footprinting Security devroom <p>Footprinting is one of the most important techniques security auditing, since allows them gather information about the target we are analysing.</p> <p>In the process to collect information about our target we can diferentiate two phases,the first one is where we obtain public information without interact with the objective and the second one is where we can use tools such as port scanning.</p> <p>In the process to collect information about our target we can diferentiate two phases, the first one is the passive where we obtain public information about our target without interact with the objective and the second one is the phase where we can use tools such as port scanning or banner grabbing.</p> <p>These could be the talking points:</p> <p>1.Introduction to footprinting I will comment the main footprinting phases:</p> <p>Passive Footprinting where we collect public information and building a map of the server or domain objective, without interacting directwith it.</p> <p>Active Footprinting where there is an active target identification through and techniques such as port scanning, and different identifications of services, operating systems and server banners.</p> <p>2.Footprinting tools</p> <p>For applying footprinting techniques we can use tools for obtain domain information such as whois,apply inverse querys from DNS and name servers. Also we can use third services such as robtex and serversniff for obtain more information. We can use public information sources,between these tools we can highlight shodan,scans,zmap and censys</p> <p>3.Port scanning with nmap</p> <p>With nmap we can check ports open for a target ip or domain and with nmap scripts we can check vulnerabilities in open ports For example,if the mysql port is opened,check if the server has some vulnerability relationed with this service.I will show nmap scripts for checking this vulnerabilities.</p> José Manuel Ortega Network tools DNS online tools Robtex Web Archive Nmap Script Engine Nmap scripts Network Footprinting Extract DNS information Netcraft Web Application Security Scanner framework Port Scanning & Network Infrastructure Penetration Testing Tool DNS Check DNS Check Toolbox Whois tools Subdomains Shodan Mr looquer.IPV6 Intelligence SpiderFoot Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 H.1308 (Rolin) openscap_foreman Security & Compliance automation with Foreman & OpenSCAP Security devroom <p>Protecting against today’s relentless and adaptive cyber threats requires continuous monitoring of your networks and systems. Foreman and OpenSCAP address this challenge through centralized security management, configuration scanning, monitoring and remediation. In this talk we will discuss how Foreman and OpenSCAP automatically scan for security gaps, vulnerabilities, and unauthorized changes in security configurations — monitor and remediate problems to restore security controls of your established security configuration.</p> <p>Protecting against today’s relentless and adaptive cyber threats requires continuous monitoring of your networks and systems. Foreman and OpenSCAP address this challenge through centralized security management, configuration scanning, monitoring and remediation. In this talk we will discuss how Foreman and OpenSCAP automatically scan for security gaps, vulnerabilities, and unauthorized changes in security configurations — monitor and remediate problems to restore security controls of your established security configuration.</p> Ondřej Pražák Foreman homepage OpenSCAP homepgae Foreman OpenSCAP plugin Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:20 H.1308 (Rolin) mitm_peap application of EAP state machines from hostap for MITM simulation Security devroom <p>It's a talk about MITM in Tunneled Authentication Protocols and its consequent implementation with a help of hostap project. The research is not original and you may find a deeper overview in the paper: Pieter Robyns, Bram Bonné, Peter Quax, Wim Lamotte, Exploiting WPA2-enterprise vendor implementation weaknesses through challenge response oracles, July 2014.</p> <p>There is a lot of information about hijacking internet connection. The most trivial case is unencrypted (open) wireless connection. But it is still possible if the network is protected with WPA/WPA2-Enteprise.</p> <p>Three days work was sufficient to modify the behaviour of MSCHAPv2 and a bit of PEAP methods in EAP state machine within hostap. In the end, proof-of-concept simulation demonstrates the attack flow.</p> <p>It is reasonable, since this code base is widely spread and up-to-date, what's even more important. Hence, it is a very good sandbox for EAP attacks.</p> Siarhei Siniak simulation code Exploiting WPA2-enterprise Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 H.1308 (Rolin) linux_desktop_versus_windows10 What Gstreamer, Chrome, Tracker and Baloo mean for Linux Desktop security Security devroom <p>Recently Chris Evans published a series of blog posts where he pointed out serious security problems of common Linux Desktop systems. A combination of automatic downloads (from Chrome), automatic parsing of new files by desktop search systems and libraries with a huge attack surface and support for countless file formats cause a very explosive combination. What's wrong with Linux Desktop security and how can we fix it?</p> <p>Recently Chris Evans published a series of blog posts where he pointed out serious security problems of common Linux Desktop systems. A combination of automatic downloads (from Chrome), automatic parsing of new files by desktop search systems and libraries with a huge attack surface and support for countless file formats cause a very explosive combination. What's wrong with Linux Desktop security and how can we fix it?</p> Hanno Böck Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 H.1308 (Rolin) container_spawned_shell Security devroom <p>While there have been many improvements around securing containers, there is still a large gap in monitoring the behavior of containers in production. That’s why we created Sysdig Falco, the open source behavioral activity monitor for containerized environments.</p> <p>Sysdig Falco can detect and alert on anomalous behavior at the application, file, system, and network level. In this session get a deep dive into Falco: - How does behavioral security differ from existing security solutions like image scanning? - How does Falco work? - What can it detect? Building and customizing rules - Next steps</p> Jorge Salamero http://www.sysdig.org/falco/ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 H.1308 (Rolin) smartcard_forwarding Security devroom <p>On a cloud computing environment it is often required to use a user's smart card on a remote server. That is, insert a smart card locally (windows or linux client), ssh to a server, and then utilize the smart card to 'sudo' application or to a TLS application, or to 'kinit' to obtain a kerberos ticket. Other operating systems such as windows provide this functionality via USB-pass-through. The purpose of this talk, is to describe where we are, and what we provide for that problem.</p> Daiki Ueno Git repository Project web page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 H.1308 (Rolin) tls_test_framework How to check if your SSL server is standards compliant and client compatible Security devroom <p>The Transport Layer Protocol is becoming more and more complex. With more than 4 versions deployed side-by-side, the complexity of servers is increasing even faster.</p> <p>To fight this, we've started to work on TLS test framework that hopefully we'll later be able to turn into a dedicated TLS protocol fuzzer. Currently we have a battery of tests for obscure and not so obscure bugs as well as general compliance with RFCs defining the TLS protocol.</p> Hubert Kario Code repository Presentation slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 H.1308 (Rolin) af_ktls Security devroom <p>A Linux kernel module that introduces an AF<em>KTLS socket. AF</em>KTLS socket can be used to transmit data over TLS 1.2 using TCP or DTLS 1.2 using UDP. Currently, there is supported only AES GCM cipher.</p> <p>AF<em>KTLS kernel module introduces an AF</em>KTLS socket. AF_KTLS socket can be used to transmit data over TLS 1.2 using TCP or DTLS 1.2 using UDP. Currently, there is supported AES GCM cipher.</p> <p>The socket does data transmission, the handshake, re-handshaking and other control messages have to be served by user space using appropriate libraries such as OpenSSL or Gnu TLS. AF_KTLS socket is suitable for CPU offloading and use cases where can be omitted user space (buffered-copy) interaction (using sendfile(2) or splice(2)).</p> Fridolín Pokorný Github repository Linux VPN Performance and Optimization Kernel TLS (Transport Layer Security) Socket Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 H.1308 (Rolin) jose_cryptography C and command-line JSON Object Signing and Encryption Security devroom <p>Increased uses of cryptography in web environments, particularly authentication, have driven a set of new RFCs: JSON Object Signing and Encryption. While these standard data formats have dominated web-based applications, they also have further applicability in a wide variety of non-web contexts. This talk will introduce you to José, a plug-able, open source C implementation of these RFCs which provides both an API for direct integration and a usable command-line interface. We will discuss the techniques that we used to keep our API usable across all the possible input parameters and show example of how you can implement José in your own infrastructure. We will also discuss some of our plans for the future, including how you can help contribute.</p> Nathaniel McCallum Project Website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 H.1308 (Rolin) syslog_ng_using using syslog-ng Security devroom <p>Event logging is a central source of information for IT security. The syslog-ng application collects logs from many different sources, performs real-time log analysis by processing and filtering them, and finally it stores the logs or routes them for further analysis. This session focuses on how syslog-ng parses important information from incoming messages, enriches them with additional contextual information, and concludes with demonstrating how all of this can be used for alerting or for dashboards.</p> <p>Event logging is a central source of information for IT security. The syslog-ng application collects logs from many different sources, performs real-time log analysis by processing and filtering them, and finally it stores the logs or routes them for further analysis. In an ideal world, all log messages come in a structured format, ready to be used for log analysis, alerting or dashboards. But in a real world only part of the logs belong to this category. Traditionally, most of the log messages come as free format text messages. These are easy to be read by humans, which was the original use of log messages. However, today logs are rarely processed by the human eye. Fortunately syslog-ng has several tools to turn unstructured and many of the structured message formats into name-value pairs, and thus delivers the benefits of structured log messages. Once you have name-value pairs, log messages can be further enriched with additional information in real-time, which helps responding to security events faster. One way is adding geo-location based on IP addresses. Another way is adding contextual data from external files, like the role of a server based on the IP address or the role of the user based on the name. Data from external files can also be used to filter messages, for example to check firewall logs to determine whether certain IP addresses are contained in various black lists for malware command centers, spammers, and so on. Logging is subject to an increasing number of compliance regulations. PCI-DSS or many European privacy laws require removing sensitive data from log messages. I will demonstrate how logs can be anonymized in a way that they are still useful for security analitics. At the end I would like to introduce you to the basics of syslog-ng configuration, and demonstrate how the collected logs can be used for alerting or visualized on a dashboard.</p> Peter Czanik Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:50 H.1309 (Van Rijn) postgresql_client_auth PostgreSQL devroom <p>This talk explores client authentication in PostgreSQL, ranging from "trust" to SSL certificates and enterprise authentication systems like GSSAPI (Kerberos). We will discuss security and compliance implications, but also the performance impact and operational aspects as password changes. The presentation also includes typical usage scenarios and practical configuration advice.</p> Christoph Moench-Tegeder Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:50 H.1309 (Van Rijn) postgresql_data_types VARCHAR2 or CHAR(255)? PostgreSQL devroom <p>Ever wondered what might be the best data type for a certain use case? Is it better to use INTEGER or BIGINT, and should you use TIMESTAMP or is it better to use TIMESTAMPTZ? When is the last time you migrated a legacy database and wondered what to use as replacement for VARCHAR2 or CHAR(255)? How to store IP addresses or geographical data, does that fit into VARCHAR or is there something more suitable?</p> <p>PostgreSQL 9.6 comes with around 40 different data types preinstalled. This talk looks beyond INTEGER and VARCHAR and dives into some of the lesser known PostgreSQL data types. Use cases and examples show which data type is a good fit for a certain situation.</p> Andreas Scherbaum (ads) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:50 H.1309 (Van Rijn) postgresql_semantic_web PostgreSQL devroom <p>An investigation into how Python's RDFLib and SQLAlchemy can be used to leverage PostgreSQL's capabilities to provide a persistent storage back-end for Graphs, and become the elusive practical RDF triple store for the Semantic Web (or simply help you export your data to someone who's expecting RDF)!</p> <p>Please note that this talk replaces "Replication &amp; Recovery in PostgreSQL 10.0" which was to be given by Simon Riggs.</p> Jimmy Angelakos Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:50 H.1309 (Van Rijn) postgresql_fault_tolerance PostgreSQL devroom <p>PostgreSQL is an awesome project and it evolves at an amazing rate. The talk will focus on evolution of fault tolerance capabilities in PostgreSQL throughout its versions.</p> <p>The talk will cover the topics listed below:</p> <ul> <li>Robustness of PostgreSQL</li> <li>PostgreSQL Fault Tolerance: WAL</li> <li>Transaction? Commit? Checkpoint?</li> <li>Replication Methods for PostgreSQL</li> <li>Physical Replication</li> <li>Standby Modes</li> <li>Streaming Replication and WAL</li> <li>Failover and Switchover</li> <li>Synchronous Commit</li> <li>Managing Timeline Issues: pg_rewind</li> <li>Trigger-based Replication</li> <li>Logical Decoding : BDR and pglogical</li> </ul> <p>There are several ways of how to look at fault tolerance. In this sense PostgreSQL provides different means of achieving fault tolerance and dependability either out of the box solutions or using extensions depending on what are the user’s priorities about their system. General fault tolerance in PostgreSQL is improving over time and I expect this trend to continue.</p> Gülçin Yıldırım Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 01:00 H.1309 (Van Rijn) postgresql_infrastructure_monitoring PostgreSQL devroom <p>The revolt against SQL continues at a steady but considerably slower pace. Bespoke database software seems to crop up daily in the name of performance or functionality. This talk will examine the ever growing field of monitoring systems and their respective databases, and look in depth as to how Postgres can be used in a number of these places. Systems of this nature are typically tasked with collecting and storing metrics from your infrastructure, drawing pretty graphs, and nagging you when things break.</p> <p>Forms of data stored by these systems are nothing to be afraid of - they often include: - Time series metrics - the history of a measurement over time, e.g. temperatures - Logs - unstructured text emitted by applications, operating systems and hardware - Events - schema-less but well structured notifications</p> <p>An assertion of this talk is that for a majority of use cases, Postgres is more than capable of storing all of this data. We will attempt to replace numerous well known pieces of software with just one Postgres database. Of course we are told to use the right tool for the job, but having to learn and operate a single tool is a huge operational advantage.</p> <p>We’ll get quite technical in this talk, take a look the data models and access patterns required, and how this can be fitted into the general purpose environment of Postgres. Additionally, it is always constructive to look at what can be problematic, and not just focus on the positives, and why many turn to other bespoke solutions.</p> Steven Simpson Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:50 H.1309 (Van Rijn) postgresql_backup PostgreSQL devroom <p>The PostgreSQL documentation explains in detail how to do backup and replication, maybe too detailed for beginners or "part-time" DBAs.</p> <p>On the other hand, there are some common misconceptions about data safety.</p> <p>The talk gives a comprehensive, yet brief overview of the different approaches to perform backup/restore, point-in-time recovery and replication, advising on what to use in different scenarios.</p> <p>Some typical misconceptions and pitfalls are addressed as well.</p> Gunnar Bluth (Nick) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:45 H.2213 mobile_testing_with_appium Mobile Testing Future Testing and Automation devroom <p>A huge number of mobile testing tools have been developed in recent years to support mobile development. As more companies are developing mobile products and the marketplace is seeing more devices, platforms, and versions, testing your mobile apps is vital. When it comes choosing what mobile testing tool is right for you, there is a huge array of options, each with different strengths and weaknesses.At same time there are lot of challenges involved in automating a mobile applications like inspecting the objects, parallel testing to make the product custom fit in agile life cycle, Native framework support, Wearables/tvOS support etc. And we are going to see how Appium with the help of other tools handles these problems to steal the future</p> <p>Problems faced by Mobile testers and how Appium provides solution for it.</p> <p>1) Xpath Locator Strategies - completely depending on the xml hierarchy that app renders</p> <pre><code> - Locator strategies are quite improved by replacing the android-bootstrap implementation with actively maintained google’s droiddriver implementation to locate objects effectively - Issue e.g Unable to select individual elements in UIATableView by Xpath -https://github.com/appium/appium/issues/6517 - add invisible elements to uiautomator2 page source https://github.com/appium/appium/issues/4369 </code></pre> <p>2)Inspector:</p> <pre><code>- Limitation of Appium Inspector &amp; Calabsh’s IRB - completely depends on the application page source rendered by either instruments UIAutomation or UIAutomatorViewer which in turn fails on many cases depending on the technology used to develop app,instruments UIAutomation known issues which doesn’t render UITableCollectionviewcells often,not so user friendly,etc - This been overcome by Facebook’s webdriveragent &amp; its inspector which has more control over the device not just the application - appuim inspector isn't maintained. we recommend users inspect via uiautomatorviewer </code></pre> <p>3)UIAutomation support is over from Xcode 8 beta:</p> <pre><code>- Apple has lifted their support of UIAutomation from Xcode 10 hence automation libraries or tools depending on native framework won’t work from iOS 9.Apple has an alternative solution of XCUITests to automate app’s but the API’s of XCUITests are completely broken on many cases - Facebook’s WDA uses XCUITest for automation which fixed many of broken XCUITest API’s - Appium has already adopted FB’s WDA which inturn support’s future iOS automation through XCUITest Driver called appium-xcuitest-driver - Instruments Memory leak will get over with this new approach </code></pre> <p>4)UIAutomator 2 Framework:</p> <pre><code>- Issues in Google’s Framework: UiAutomator V2 finding objects which are not identifiable with UiAutomatorViewer. https://code.google.com/p/android/issues/detail?id=207569 - uiAutomatorviewer not in sync with V2 implementation - project architecture in appium - https://github.com/appium/appium/issues/4869 - https://github.com/appium/appium/issues/4858 - -support Toast Messages on Android -get the text from a password field </code></pre> <p>5)Handling Multiple Sessions at a time</p> <pre><code>- Parallel Execution on iOS real device - Parallel Execution on iOS Simulators (Will be supported in upcoming versions) </code></pre> Srinivasan Sekar Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:55 00:45 H.2213 mutant_testing aka mutation testing with Python and a pinch of Ruby Testing and Automation devroom <p>Mutation testing is a technique in which the software under test is modified in a controlled manner to produce a mutant. Then test cases are executed against each mutant. This helps answer the question "How good is our test suite?". For example if we have made the following change:</p> <pre><code>- if A and B: + if A or B: </code></pre> <p>and our test suite reports a PASS result that means we are not doing a good job at detecting possible errors.</p> <p>I have been using mutation testing for production grade software in both Python and Ruby and I'm also the most active contributor to Cosmic Ray, the mutation testing tool for Python. In this talk I will explain how mutation testing works and what it can be used for. I will give practical examples of code which wasn't tested and how to test it and also examples of bugs that I've found. I will also mention some differences between the Python and Ruby tools.</p> Alexander Todorov Mutation Testing in Patterns Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:50 00:45 H.2213 intro_to_gitlab_ci an introduction at how testing with gitlab CI is advanced, yet simple to manage Testing and Automation devroom <p>Since version 8.0 GitLab has been including GitLab CI as a core functionality. Doing this made the open source project one of the top contenders for self-hosted (often on-premise) environments. Making the integration between gitlab and gitlab CI so strong has allowed the project to take away much of the traditional pain of setting up CI. In this talk we'll look at what GitLab CI has to offer these days.</p> <p>We'll look through how to set up a simple job in a git repository all the way through making it a pipeline that runs jobs in parallel on remote machines in docker containers. We'll look at what the strengths and the weaknesses are and give some tips for running a GitLab CI environment in production.</p> Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:45 00:30 H.2213 failing_strace strace syscall fault injection Testing and Automation devroom <p>strace is a diagnostic, debugging and instructional utility for Linux. It is used to monitor interactions between processes and the Linux kernel, which include system calls, signal deliveries, and changes of process state. In 2016, strace has been extended to tamper with tracees using syscall fault injection, making strace also a syscall fault injection tool, the only unprivileged userspace command-line runtime tool of this kind for Linux.</p> <p>The last summer as a part of strace GSoC 2016 project Nahim El Atmani has implemented a prototype of syscall fault injection - a software testing technique used for improving test coverage of error handling code paths that might otherwise rarely be followed by introducing faults. Now the feature has finally been implemented and is a part of strace 4.15 released in December 2016.</p> <p>In this talk the maintainer of strace will demonstrate the new feature, describe its implementation, and show examples of real bugs found with its help.</p> Dmitry Levin strace homepage source code @sourceforge source code @github fault injection GSoC project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:20 00:10 H.2213 testing_webapps_with_traffic_control in containers Testing and Automation devroom <p>Testing applications is important, as shows the rise of continuous integration and automated testing. In this talk, I will focus on one area of testing that is difficult to automate: poor network connectivity. Developers usually work within reliable networking conditions so they might not notice issues that arise in other networking conditions. I will explain how traffic control on Linux can help to simulate various network connectivity. I will run a demo with Weave Scope showing how an application running in Kubernetes behaves when changing network parameters.</p> Alban Crequy Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:40 00:45 H.2213 declarative_pipeline A new way to define your pipelines in Jenkins Testing and Automation devroom <p>Pipeline is quickly establishing itself as the direction that Jenkins jobs are going, enabling the definition of a complete CD pipeline in a single job; Pipeline as Code via the “Jenkinsfile”; job durability across master restarts; and more. I’ll be talking here about the next evolution for Pipeline that is just now hitting 1.0: a simple, declarative model to define your Pipelines with no need to write scripts. This configuration syntax for Pipeline allows you to automatically configure all stages of your pipeline, the complete build environment, post-build actions, notifications and more. All while providing syntactic and semantic validation before the build actually gets going. We'll also play with the just-released initial version of the Pipeline Editor, built to work with Declarative!</p> Andrew Bayer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:35 00:45 H.2213 want_to_retry Handling and Testing Network Failures Testing and Automation devroom <p>The world is not perfect and network failures do happen. Complaining about instability might not always be enough. Especially when your system depends on multiple networked services and each of them is on a critical path to the final result.</p> <p>This talk will follow a real story of an attempt to implement network errors handling by retries functionality that is inside urllib3 and requests Python libraries. More importantly we will simulate poor network conditions on a local machine using Linux Network Emulator and then will reason on how effective the attempt was and what can be further improved.</p> <p>This is a proper treatment the networked systems should get when they are designed, developed and tested. And it is great that all the tools necessary are already there in most popular Linux distributions.</p> Anton Marchukov Example code and slides on GitHub Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:45 H.2213 infer_a_static_analyzer A static analyzer for catching bugs before you ship Testing and Automation devroom <p>Static analyzers are automated tools that spot bugs in source code by scanning programs without running them. They complement traditional dynamic testing: Where testing allows individual runs through a piece of software to be checked for correctness, static analysis allows multiple and sometimes even all flows to be checked at once. Infer is an open-source static analyzer that is used internally at Facebook to analyze the main apps for Android and iOS, Facebook Messenger, and WhatsApp, among others. Infer reports bugs responsible for app crashes and performance issues, such as accessing null pointers, and leaking resources such as Context instances.</p> <p>Each month, hundreds of potential bugs identified by Infer are fixed by our developers before they are committed to our codebases and deployed to people's phones.</p> <p>This talk will present Infer and show how it can be integrated as part of the development workflow.</p> Jules Villard Infer website Infer on GitHub Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:25 00:45 H.2213 containers_for_building_and_testing Docker, Kubernetes and Mesos Testing and Automation devroom <p>Building and testing is a great use case for containers, both due to the dynamic and isolation aspects, but running in just one machine is not enough and quickly needs to scale to a clustered setup. But which cluster technology should be used? Docker Swarm? Apache Mesos? Kubernetes? how do they compare? All of them can be used to dynamically run a cluster of containers.</p> <p>Building and testing is a great use case for containers, both due to the dynamic and isolation aspects, but running in just one machine is not enough and quickly needs to scale to a clustered setup. But which cluster technology should be used? Docker Swarm? Apache Mesos? Kubernetes? how do they compare? All of them can be used to dynamically run a cluster of containers.</p> <p>The Jenkins platform is an example of dynamically scaling by using several Docker cluster and orchestration platforms, using containers to run build agents and jobs, and also isolate job execution.</p> <p>This talk will cover these main container clusters, outlining the pros and cons, the current state of the art of the technologies and Jenkins support.</p> <p>The presentation will allow a better understanding of using Docker in the main Docker cluster/orchestration platforms out there (Docker Swarm, Apache Mesos, Kubernetes), sharing my experience and helping people decide which one to use, going through Jenkins examples and current support.</p> Carlos Sanchez Previous talks Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:20 00:40 H.2213 testing_docs Testing and Automation devroom <p>Documentation is essential for potential users to understand your awesome coding efforts.</p> <p>But I know that you'd rather get back to coding as soon as possible, so how about automating as much of your documentation as possible?</p> <p>In this presentation I will show you how to automate some of the repetitive tasks involved in documentation and make your colleagues jealous.</p> <ul> <li>Testing docs</li> <li>Spell and grammar checking</li> <li>Generating screenshots</li> <li>Building different versions and formats</li> <li>Notifications</li> <li>Generating videos</li> </ul> <p>I will show you how to build workflows and plugins for several popular documentation editors and CI tools and give you more free time to watch cat videos, complain about important issues, or get replaced by a robot.</p> <p>Documentation is essential for potential users to understand your awesome coding efforts.</p> <p>But I know that you'd rather get back to coding as soon as possible, so how about automating as much of your documentation as possible?</p> <p>In this presentation I will show you how to automate some of the repetitive tasks involved in documentation and make your colleagues jealous.</p> <ul> <li>Testing docs</li> <li>Spell and grammar checking</li> <li>Generating screenshots</li> <li>Building different versions and formats</li> <li>Notifications</li> <li>Generating videos</li> </ul> <p>I will show you how to build workflows and plugins for several popular documentation editors and CI tools and give you more free time to watch cat videos, complain about important issues, or get replaced by a robot.</p> Chris Ward Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:20 00:10 H.2214 geo_intro Geospatial devroom Johan Van de Wauw Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:25 H.2214 geo_weather Geospatial devroom <p>The German Weather Service (DWD) provides over 25 thousand climate time series from meteorological stations across Germany via an FTP server, but it is not always easy to find out which datasets are available. To facilitate file selection and (automated) downloads, I developed an R package that can be used to select, download, read and process weather data. The aim of the package is that researchers can focus on scientific problems instead of data management. At FOSDEM, I would like to present the main instructions for the package, how the FOSS community aided in putting it together, and give a brief outlook on the potential analysis types. The package is FOSS at https://github.com/brry/rdwd#rdwd</p> Berry Boessenkool github.com/brry/rdwd#rdwd Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:25 H.2214 geo_semantic Pulling Schema.org, Dublin Core, Microdata, JSON-LD, HTML and SVG all together. Geospatial devroom <p>Leaflet.annotate aims to transform the BSD-Licensed web mapping library Leaflet into a semi-automatic, semantic authoring environment for creators of geographic web maps. The plugin extends the options for the LeafletJS Standard API elements Marker, CircleMarker, Popup, ImageOverlay and GeoJSON so you can publish these map elements in HTML semantically annotated ‐ and therewith machine readable web maps. While there is quite some effort already around the development of new geospatial data catalogs (which are awesome) this plugin turns the focus onto geographic web maps. Acknowleding that, de-facto, some maps already are data catalogs themselves, they are just not that well represented in HTML so that other programs can extract and re-use the information people collect in them.</p> <p>Leaflet.annotate aims to transform the BSD-Licensed web mapping library Leaflet into a semi-automatic, semantic authoring environment for creators of geographic web maps. The plugin extends the options for the LeafletJS Standard API elements Marker, CircleMarker, Popup, ImageOverlay and GeoJSON so you can publish these map elements in HTML semantically annotated ‐ and therewith machine readable web maps. While there is quite some effort already around the development of new geospatial data catalogs (which are awesome) this plugin turns the focus onto geographic web maps. Acknowleding that, de-facto, some maps already are data catalogs themselves, they are just not that well represented in HTML so that other programs can extract and re-use the information people collect in them.</p> <p>https://github.com/mukil/Leaflet.annotate</p> Malte Reißig Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 H.2214 geo_khartis Geospatial devroom <p>Khartis results from an observation: how can we create easily a statistical map, with a few clicks, without loosing the scientific accuracy and rigor while processing the data? Khartis is not the first mapping tool available online! It is, however, one of the few to propose different perspectives of the world representation among which the cartographer will choose. In order to feed the tool with data, you may want to retrieve from the Khartis website the data used to produce the maps given as examples or to import or copy / paste your own datasets. The base maps are geo-referenced and allow you to work on the proposed entities (countries, regions...) but also on objects identified by pairs of coordinates. You can choose between several projections (besides Mercator) and configure the visual appearance of your data.</p> Paul Girard Khartis tool the presentation slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 H.2214 geo_cityfocus Using City Focus, a web based 2D/3D GIS Geospatial devroom <p>City Focus is a web-based interactive 2D and 3D GIS application to find the best place in a city to live as well as to pass shorter staying. The user can select among different criteria and decide their importance by assigning weights to each of them. The application provides thematic maps displaying insights on the places which better fit the user’s preferences. The resulting map is computed through map algebra by means of Web Coverage Processing Service WCPS provided by RASDAMAN Database Management System. Data visualization is mainly based on NASA Web WorldWind open-source virtual globe. The app exploits exclusively open data as well as Free and Open Source Software (FOSS) for its implementation by enabling continuous improvements while minimizing development costs.</p> <p>City Focus is a work-in-progress application, winner of the MYGEOSS third call for innovative Apps, launched by the European Commission (http://digitalearthlab.jrc.ec.europa.eu/mygeoss/results3.cfm). The call focused on developing applications of European relevance able to provide users with quantitative or qualitative information on the changing environment, taking into account broad environmental or social themes across geographic scales, stressing the use of openly available or crowd-generated data in different domains addressing citizens’ needs (Raglia &amp; Craglia, 2015). City Focus is a web-based interactive 2D and 3D GIS application to find the best place in a city to live, or to pass shorter staying. The user can select among different criteria and decide their importance by assigning weights to each of them. The application provides thematic maps displaying insights on the places which better fit the user’s preferences. The resulting map is computed through map algebra upon a cascade of pre-built raster maps. Users are guided in the requests through a predefined list of criteria including: air quality, precipitation, terrain morphology (e.g. slope, solar exposure, etc.), temperature, proximity to urban facilities (e.g. schools, transportations, sports fields, cultural attractions, healthcare centers, parking lots, shops, etc.), presence of public spaces, land use characteristics (e.g. commercial areas, residential areas, etc.), population density, traffic or internet connection.</p> Carolina Arias Muñoz usermanual application Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 H.2214 geo_gsoc Geospatial devroom <p>Google Summer of Code offers student developers stipends to write code for various open source projects. OSGeo participated as mentor org for 10 years now. We will give an outline of the amazing tools developed during the 2016 edition, by our 22 students. The Open Source Geospatial Foundation, or OSGeo, is a not-for-profit organization whose mission is to support the collaborative development of open source geospatial software, and promote its widespread use.</p> Margherita Di leo Anne Ghisla Main wiki page for OSGeo GSoC 2016 Results of OSGeo GSoC 2016 GSoC homepage Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 H.2214 geo_osmoffline Pros and pitfalls of editing OSM data offline Geospatial devroom <p>Last April OpenStreetMap got a new open-source editor: MAPS.ME. It was a first popular editing application both for iOS and Android phones, with millions of users. Suddenly a quarter of daily editors were maps.me users, who behaved quite differently from regular, hardcore mappers. This talk explains how we made editing OpenStreetMap possible offline, without an access to the constantly updating database, how we and our users repeatedly broke OSM data, and which tools and algorithms there are for fixing the map.</p> Ilya Zverev MAPS.ME source code Change feed from MAPS.ME users MAPS.ME official website Video recording (mp4) Video recording (WebM/VP8) Video recording (YouTube) Submit feedback 12:30 00:25 H.2214 geo_osmalchemy Learn how to create (web) applications using real-world map data with as little resources as possible Geospatial devroom <p>Location-based applications grow in importance, not only for the augmented reality gaming community, but also for businesses adding location-aware functionality to their web applications, mobile apps and the like. We show how to work with the vast set of OpenStreetMap data with minimal Python programming and very little resources using the OSMAlchemy library.</p> <p>In this workshop, we will create a web application that uses the live set of OpenStreetMap data to allow users to review places like restaurants, bars and the like. Doing so, we will use the following technologies:</p> <ul> <li>the Python programming language</li> <li>the Flask micro-framework for web applications</li> <li>an SQLite database</li> <li>the SQLAlchemy object-relational mapper</li> <li>the OSMAlchemy library</li> <li>the Angular.JS framework</li> </ul> <p>When writing applications that use OpenStreetMap, one had to decide whether to only use a really small subset of the data or maintain their own local copy of the whole planet data, which accumulates to more than 1 TB of data and consumes a lot of resources to work with it. OSMAlchemy provides access to the live data through the Overpass API in combination with a local, SQLAlchemy-based cache. It also allows access to the complete set of OpenStreetMap data by simply querying SQLAlchemy, without even caring about Overpass API access.</p> <p>After attending the workshop, you will be able to implement arbitrary applications using whatever OpenStreetMap features you like. You should have some basic knowledge about Python and relational databases. Having heard about Flask, REST and SQLAlchemy gives you an extra bonus, but is not strictly necessary. If you want to try the examples during the workshop, please make sure to have the most recent (stable) versions of Python 3, Flask, Flask-SQLAlchemy, Flask-Restless and OSMAlchemy installed beforehand.</p> Dominik George Eike Jesinghaus Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 H.2214 geo_opennotices A global platform for official notices (planning, licensing etc) Geospatial devroom <p>If OpenStreetMap is about mapping the real world, OpenNotices aims to map official notices (events in time/space). Things like urban planning or licensing of premises.</p> <p>Currently in development, I am hoping to preview this at Fosdem.</p> Richard Pope Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 H.2214 geo_airspace international hangar flying Geospatial devroom <p>More than fifteen years ago airspace-v.com was launched. A web site with map data for general aviation. In the meantime resources for mapping and for aviation information have changed and improved a lot. Web site airspace-v.com is under refurbishment now. It is becoming an application of OpenStreetMap showing information collected from public sources on the net. Here you can see which information is presented on the map and you can learn a few implementation details for efficient database querying of distances and a file based location name lookup that is extremely fast.</p> Thomas Bremer airspacev-com - international hangar flying! Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 H.2214 geo_drone Geospatial devroom <p>With the proliferation of unmanned aerial vehicles (UAV) on the one hand, and the availability of Structure from Motion (SfM) algorithm [1] in the opensource Micmac [2, 3, 4] software suite (French National Geographic Institute, IGN) for generating Digital Elevation Models (DEM) and orthophotos on the other hand, we describe the processing chain to acquire and geoereference DEMs in QGIS. The fast acquisition and very high (sub-meter) resolution are well suited for repeated measurements and assess terrain morphological changes. The processing sequence is</p> <ol> <li><p>fly and acquire georeferenced images. If only a GPS receiver and camera are aboard the UAV, matching time tag with GPS date and time will allow for georeferencing the pictures (exiftool)</p></li> <li><p>identify matching points between adjacent images: the GPS position is used to reduce the number of comparisons and limit the lengthy analysis to nearest neighbors</p></li> <li><p>identify lens properties, bringing the largest cause of uncertainty in the model generation, from various pictures of the same ground feature exhibiting as much height variation as possible,</p></li> <li><p>generate coarse point cloud to assess camera position and matching algorithm consistency</p></li> <li><p>generate dense point cloud, orthophoto and DEM</p></li> <li><p>include the resulting georeferenced pointcloud in QGis, converting the (arbitrary TIF) pixel value to quantitative height (meters).</p></li> </ol> <p>We demonstrate sub-meter resolution DEM generation in vegetation-less environments (urban, glacier moraine) while coarse-acquisition (C/A) single-frequency GPS only allows for 5-m accuracy, hence requiring an additional ground control point matching step for repeated DEM comparison.</p> <p>This presentation is a shortened sequel to the <a href="http://jmfriedt.free.fr/foss4g_2016">FOSS4G presentation given in 2016</a> (in French at the moment) focusing on UAV azimutal images.</p> <p>[1] Nolan, M., Larsen, C. F., and Sturm, M.: Mapping snow-depth from manned-aircraft on landscape scales at centimeter resolution using Structure-from-Motion photogrammetry, The Cryosphere Discuss., 9, 333-381, doi:10.5194/tcd-9-333-2015, 2015</p> <p>[2] J. Lisein, M. Pierrot-Deseilligny, S. Bonnet, P. Lejeune. A PhotogrammetricWorkflow for the Creation of a Forest Canopy Height Model from Small Unmanned Aerial System Imagery. Forests, Volume 4, Issue 4, pp.922-944, dx.doi.org/10.3390/f4040922, December 2013</p> <p>[3] Daakir M., Pierrot Deseilligny M. , Pichard F., Bosser P (2015). &amp; Thom C., UAV photogrammetry and GPS positioning onboard for earthworks, <a href="http://www.int-arch-photogramm-remote-sens-spatial-inf-sci.net/XL-3-W3/293/2015/isprsarchives-XL-3-W3-293-2015.pdf">ISPRS Journal of Photogrammetry and Remote Sensing</a></p> <p>[4] <a href="https://github.com/micmacIGN">Github archive</a> and its <a href="https://github.com/micmacIGN/Documentation">excellent documentation</a></p> Jean-Michel Friedt paper describing some of the results to be discussed article in French describing the processing chain preliminary version of the slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 H.2214 geo_mapboxgl Geospatial devroom <p>This talk will explore how Mapbox GL Native, a hardware-accelerated map rendering engine, can bring beautiful maps made with open data to the open source community. We'll also cover the possibility of bringing Mapbox GL Native to other open source platforms, such as GTK. Lastly, we'll dive into our recently collaboration with the Qt Company to bring the power and flexibility of Qt to Mapbox GL Native.</p> <p>Mapbox GL Native is an open source, cross-platform framework for responsive maps. It provides developers with highly detailed maps, sourced from constantly updated OpenStreetMap data, as well as complete design control over the style and feel of their maps. This is all done using a new, open source on-device vector renderer, which uses OpenGL ES 2.0 technology for pixel-perfect map design. Everything from antialiased fonts to polygon blurring is hardware-accelerated and optimized for mobile devices — all on the fly.</p> <p>This talk will explore how Mapbox GL Native, a hardware-accelerated map rendering engine, can bring beautiful maps made with open data to the open source community. We'll also cover the possibility of bringing Mapbox GL Native to other open source platforms, such as GTK. Lastly, we'll dive into our recently collaboration with the Qt Company to bring the power and flexibility of Qt to Mapbox GL Native.</p> Thiago Santos Project website Mapbox GL on Qt Qt Project guest post Mapbox GL how to port SLIDES! Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 H.2214 geo_go Geospatial devroom <p>I'm going to talk about some features that we've done recently for one of our clients "Namba Taxi":</p> <ul> <li>Show nearest available drivers in our mobile app and moving single car on map</li> <li>Help our partner build traffic jam map based on our data</li> </ul> <p>In my talk I want to reveal:</p> <ul> <li>How we collect GPS tracks from driver apps and save mobile traffic</li> <li>How we implemented lightweight network interaction between the driver app and backend services</li> <li>What solutions were used for high performance on backend</li> <li>How we store GPS tracks for client history</li> <li>How animation of car works inside the client app</li> <li>How to perform monitoring and ensure that service works fine</li> <li>Geocoding problems in developing countries with lack of maps data</li> </ul> Andrew Minkin Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 H.2214 geo_rasdaman Geospatial devroom <p>With the advent of the massive deluge in Earth data, serving them to diverse communities is increasingly promising and challenging alike. A useful abstraction for spatio-temporal raster data (and beyond) is the coverage data model, as standardized by ISO, OGC, and INSPIRE. Rather than zillions of individual image files it provides spatio-temporal "datacubes" for simple, efficient handling through the corresponding service model, the Web Coverage Service (WCS) with its Web Coverage Processing Service (WCPS) geo analytics language - "one cube tells more than a million images".</p> <p>Open-source rasdaman ("raster data manager") is the official reference implementation of both OGC and INSPIRE WCS. It supports easy incremental construction and maintenance of spatio-temporal datacubes, based on the OGC WCS-T standard. Retrieval may use WMS for visual navigation, WCS for data extraction and download, and WCPS for massive server-side processing. On server side, adaptive data partitioning and "tile streaming" processing enables fast query responses. In July 2016, US magazine CIO Review has included rasdaman in its top 100 Big Data technologies list.</p> <p>In this talk we present coverages in terms of concepts, implementation, and large-scale application. Live demos underpin the talk, using publicly accessible sites where the audience can replay and modify the examples. Being editor of the OGC and ISO coverage standard the presenter can give first-hands insights and answers, such as about the new generalized grid model for coverages (CIS 1.1) which OGC has adopted in Fall 2016 as well as the newly adopted INSPIRE-WCS. This is an excellent opportunity to learn about the state of the art and standards in an open, free-of-cost setup.</p> Peter Baumann raster data manager EarthServer: Agile Analytics at Your Fingertips Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:20 H.2214 geo_mysql Geospatial devroom <p>GIS development was ramped up in MySQL 5.7, and we expect GIS support to be greatly improved in the coming versions. MySQL 8.0 is still in development, but we're starting to see the first GIS enhancements pushed into development releases. What is new? In which direction is MySQL going?</p> <p>In this talk, we will look at the plans for GIS in future versions of MySQL, and in MySQL 8.0 in particular. We'll cover the big overarching design decisions, what it means for the future direction of GIS in MySQL, and how it translates into implementation of specific new functionality.</p> <p>This talk is both for those that know GIS and would like to know what MySQL can offer, and for those that know MySQL GIS today and want to know what to expect in future versions.</p> Norvald H. Ryeng MySQL Server development blog Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:20 00:20 H.2214 geo_boost Geospatial devroom <p>Boost.Geometry is a C++ library defining concepts, primitives and algorithms for solving geometry problems. It contains a dimension-agnostic, coordinate-system-agnostic and scalable kernel, on top of which algorithms are built: area, distance, convex hull, intersection, within, simplify and much more. The library contains instantiable geometry classes, but library users can also use their own legacy geometry types. It also contains spatial index allowing to perform spatial and knn queries on a collection of geometries.</p> <p>Boost.Geometry might be used in all domains where geometry plays a role: mapping and GIS, game development, computer graphics and widgets, robotics, astronomy and more. The core is designed to be generic and support those domains.</p> <p>This introductory talk will be followed by a talk discussing the use of Boost.Geometry in GIS domain in more detail as it is used for example in MySQL.</p> Adam Wulkiewicz Boost.Geometry documentation Boost.Geometry GitHub repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:40 00:20 H.2214 geo_boost_geography The Earth is not flat (but it's not round either) Geospatial devroom <p>What is a great circle, a loxodrome or a geodesic? What are the differences between them and which one is more suitable for each GIS application? This talk addresses this kind of questions and how geography is implemented in Boost.Geometry. The library that is currently being used to provide GIS support to MySQL.</p> <p>Following up the introductory talk on Boost.Geometry we discuss the algorithmic, the implementation as well as the user perspective of the development of geography in Boost.Geometry. We define basic geometric objects such as geodesics, and the modeling of the Earth as a sphere or ellipsoid. We try to understand the effect of different Earth models to the accuracy and speed of fundamental geometric algorithms (such as length, area, intersection etc.) by showing particular examples. Finally, we are having a look towards the future of geography in Boost.Geometry.</p> <p><em>Comment: This is an entry-level talk on subjects of GIS, geometric algorithms and Boost.Geometry. Attending the introductory talk on Boost.Geometry will help the audience to have a more detailed understanding of the Boost.Geometry development but it is not considered as a prerequisite.</em></p> Vissarion Fysikopoulos Boost Geometry documentation Boost.Geometry GitHub repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 01:00 H.3227 rust_bof Meeting for Rustaceans at FOSDEM BOFs (Track A - in H.3227) bof <p>Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This Bird of a Feather (BoF) session is an opportunity for people in the Rust community to meet and for new people to ask questions and learn.</p> <p>For questions, head to irc.mozilla.org #rust-newbies or to table topics, head to https://users.rust-lang.org/t/rust-fosdem-2017/6632</p> Ewan Higgs Rust Homepage Rust User Forum Rust Subreddit Rust Github Repository Submit feedback 12:00 00:30 H.3227 rbld_io_bof BOFs (Track A - in H.3227) bof <p>RBLD.IO BOF</p> Submit feedback 13:00 01:00 H.3227 dns_bof BOFs (Track A - in H.3227) bof <p>DNS BOF</p> Submit feedback 11:00 01:00 H.3228 elbe_bof BOFs (Track B - in H.3228) bof <p>ELBE BOF</p> Submit feedback 09:00 00:25 AW1.120 gnucap Electronic Design Automation (EDA) devroom <p>Gnucap, the GNU circuit analysis package, is a flexible mixed-signal circuit simulator with significant technical advantages over SPICE derivatives. One is modularity. Gnucap implements a dynamic loader for extesions adding language support or component models.</p> <p>Recently, some of the extensions for an experimental fork have been adapted to the the main line. An overview over the development progress and available functionality will be provided. This talk will demonstrate the use of geda schematics and verilog device models in Gnucap driven circuit simulations.</p> Felix Salfelder gnucap on savannah homepage and wiki github mirror Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:25 AW1.120 qucs Overview, status and ongoing developments. Electronic Design Automation (EDA) devroom <p>The talk will provide an overview of the features, tools along along with a few examples. I will present the latest developments and plans for the future.</p> Guilherme Brondani Torri Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:25 AW1.120 spice_kicad Electronic Design Automation (EDA) devroom <p>A tutorial for the new Spice simulation features in Kicad (design of a simple analog circuit, SPICE model/simulation setup, analysis of the results).</p> Tomasz Wlostowski Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 AW1.120 analogue_sim_discussion Electronic Design Automation (EDA) devroom <p>A discussion about the current state of the FOSS offerings for analogue circuit simulation, and possible paths moving forward.</p> Guilherme Brondani Torri Wladek Grabinski Tomasz Wlostowski Felix Salfelder Submit feedback 11:00 00:25 AW1.120 spinal_hdl An alternative hardware description langage presentation Electronic Design Automation (EDA) devroom <p>Since too long we use VHDL and Verilog to describe hardware. SpinalHDL is an alternative language which do his best to prove that is time to do a paradigms shift in hardware description.</p> <p>SpinalHDL is a Scala library which allow to describe RTL by using object oriented programming and functional programming. This presentation will present basics of SpinalHDL and then show by which way this alternative approach offer a huge benefit in the code clarity, genericity and reusability.</p> Charles Papon Documentation Github repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 AW1.120 fpga_oss_tutorial Basic course to create a simple FPGA design using OSS tools Electronic Design Automation (EDA) devroom <p>You have no hardware knowledge and want to know how people design chips ? You are a software guy, having heard of VHDL or Verilog but never used it ? In this 25 min tutorial, you will learn the basis of hardware design and how to write a simple FPGA design using only FOSS tools. (This tutorial is not about PCB design, but reprogrammable chips design)</p> Tristan Gingold Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 AW1.120 digital_hw_sw_lessons What can we learn from software development – and what not? Electronic Design Automation (EDA) devroom <p>Traditionally, the goal of digital hardware design has been to produce an ASIC. Ideally one which works perfectly after the first tapeout. Tailored towards this goal are our development and testing processes: strictly following a V-model with separated development and verification teams, long design iterations and code which, once it's known to work, is never touched again. For people coming from the software world, this development approach looks arcane. Where are all the sprints, the agile methods, the quick iterations?</p> <p>With FPGAs being on the rise and available in more and more cloud data centers and possibly bundled with our next Intel processor, we finally get the chance to cheaply make mistakes in digital hardware designs: no more wasted tapeouts, just a new flashing of the FPGA is necessary to fix a bug.</p> <p>Join me in this talk for a look at development processes and tools. Where can we build bridges between the software and hardware development world, and where do we have fundamentally different needs?</p> Philipp Wagner Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:25 AW1.120 floss_high_level_synth Integrating the FPGA into the Operating System Electronic Design Automation (EDA) devroom <p>In this talk, we will provide a brief introduction to the State-of-the-Art of High Level Synthesis for FPGA, utterly dominated by privative &amp; vendor specific solutions but quietly becoming mainstream as algorithm acceleration becomes a must to reach the computational power we need to move system intelligence right to the edge.</p> <p>As an example of how this can be tackled from a FLOSS approach, we will provide a practical example on how to use <a href="http://www.ohwr.org/projects/hdl-make/">HDLMake</a> to merge the FPGA bitstream into the Operating System, handling everything as a single Embedded Linux runtime and providing a convenient abstraction to build &amp; manage production grade Cyber-Physical Systems.</p> Javier D. Garcia-Lasheras Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 AW1.120 hdl_discussion Electronic Design Automation (EDA) devroom <p>A discussion about the current state of FOSS HDL simulation and synthesis tools, and possible paths moving forward.</p> Philipp Wagner Tristan Gingold Javier D. Garcia-Lasheras Charles Papon Submit feedback 13:30 00:25 AW1.120 ruby_libgerbv Display and edit Gerber RS247X files the easy way Electronic Design Automation (EDA) devroom <p>Working with Gerber files today is a task done by CAM personnel using extremely expensive and proprietary software. Until today no easy way exists to edit Gerber files through an API. What only few know is that libgerbv from the Geda project has proper support to not only show but also to edit Gerber files.</p> <p>Using the Ruby bindings for libgerbv it is now possible to edit Gerber files through a simple API.</p> <p>Working with Gerber files within the PCB manufacturing process takes a large chunk of the work as a lot of tasks like panelization are done directly within these files. However, until today there is no easy or an open source way to work with these files.</p> <p>The Geda Team has done a great job with their Gerbv software as it is used worldwide to check Gerber files for correctness before production. What most people do not know is that libgerbv, which is used under the hood, is also capable of editing Gerber files. One of the reasons might be, that libgerbv is not accessible by most software engineers. To overcome this we, i.e. AISLER, have developed a simple Ruby binding for libgerbv. Using the API it is possible to load, edit and save Gerber files with just a few lines of code. Possible use cases are panelization, adding fiducials, receiving design information such as drill count and much more.</p> <p>Right now the libgerbv ruby bindings (which will probably get some more catchy name later) are used within our own PCB manufacturing process at https://go.aisler.net. They'll be published during FOSDEM 2017.</p> Patrick Franken Link to the Gerbv AISLER GO PCB manufacturing using Joseph Joseph Github repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 AW1.120 xorn_geda Electronic Design Automation (EDA) devroom <p>Xorn is a recent addition to the gEDA/gaf project. It implements a value-oriented data model which serves as an interface between core functionality, the user interface, and scripts.</p> <p>This talk provides an overview of what the design principles behind Xorn are, which particular technical decisions followed from these, how this has been implemented in gEDA/gaf so far and what possible paths of development this opens up for both gEDA and other projects.</p> Roland Lutz Getting started with Xorn Xorn developer documentation Design principles behind Xorn Proposed PCB data structures Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 AW1.120 kicad_status Electronic Design Automation (EDA) devroom <p>This talk will discuss the status of the current stable version 5 release of KiCad and road map for the version 6 release of KiCad.</p> Wayne Stambaugh Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 AW1.120 kicad_source Electronic Design Automation (EDA) devroom <p>Let's be sincere, all of us would love to change something in KiCad. I bet you have an idea for a new tool or another killer feature that would make your life so much easier.</p> <p>You know what? You are free to do so! Even more, you are welcome to contribute to the project, and it is not that difficult as one may think. Those who have browsed the source code might find it overwhelming at first, but the truth is: you do not have to know everything to create useful extensions.</p> <p>I would like to invite you for a walk through the KiCad source code to demonstrate how easy it is to add this tool you have always been dreaming about.</p> Maciej Sumiński KiCad project at Launchpad Introduction for KiCad developers Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 AW1.120 footwork PCB designs as code and EDA as code synthesis Electronic Design Automation (EDA) devroom <p>Footwork is an experimental KiCAD footprint (text) editor written in Racket. Footwork takes advantage of Lisp's code-data equivalence to offer a unique approach to PCB design: KiCAD's footprint format becomes a domain specific language embedded in the Racket programming language.</p> <p>Footwork's interface is text first allowing users to make arbitrary edits: their requirements need not be fully anticipated by the user interface. The users still immediately see the effects of their edits through a graphical preview but can use a fully featured general purpose programming languages to generate and modify footprints.</p> <p>Traditional (mouse based) manipulation is being added as calls to scripting. Most interestingly, Racket's Rosette language, an interface to SMT solvers, offers the opportunity to make use of cutting edge techniques in programming synthesis for design automation.</p> Kaspar Emanuel Footwork Source Code Racket Language Rosette Language (slides) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 AW1.120 kitnic_it Making web-enabled EDA tools using Javascript Electronic Design Automation (EDA) devroom <p>1-click BOM is a browser extension that lets you easily buy required parts given a bill of materials. This was first presented at FOSDEM in 2015 and in this talk Kaspar catches us up on the progress since.</p> <p>One of the most exciting bits to come out of this development is the project sharing site Kitnic.it: a registry for open source hardware that makes complete PCB designs easier to replicate.</p> <p>The story of the development of these applications is a tour of the pains and joys of developing electronic design tools for the web with Javascript.</p> Kaspar Emanuel Kitnic.it 1-click BOM Kitnic source code 1-click BOM source code Video recording (mp4) Video recording (WebM/VP8) (slides) Submit feedback 16:30 00:30 AW1.120 pcb_dev_discussion Electronic Design Automation (EDA) devroom <p>A session to discuss the current landscape for FOSS PCB design tools and possible paths moving forward.</p> Kaspar Emanuel Wayne Stambaugh Maciej Sumiński Patrick Franken Roland Lutz Submit feedback 09:00 00:20 AW1.121 osd_why_take_an_interest_in_open_design Thoughts and initiatives to open the creative process Open Source Design devroom <p>We know the expression ‘Open Source’; what about ‘Open Design’? How could we define ‘Open Design’? Design creative process is not disclosed. The secrecy around it is of the utmost importance in order to prevent the original creations from being stolen. The different stages of the process and the techniques used are only known by those involved in the design. How could we call this stance into question and open the creative process? This talk will present existing initiatives and thoughts to make Graphic Design and Open Fonts fields more available to the public.</p> <p>First I will introduce graphic designers and typographers who open their process: why do they share their practice? why is it interesting? how and why is it useful? I will talk about originality and copy: we should not be afraid of copying. Moreover copying can be an opportunity to improve the original design. About Mozilla rebranding: I will point out some suggestions to further that initiative. How could designers take part and get committed? Finally I will give designers food for thought to defend their work, explain and communicate it, and better collaborate with their team and people who are not designers.</p> My Lê Open Design Talk @ Capitole du Libre, Toulouse, France, Nov. 2016 Open Design Talk @ Paris Web, Paris, France, Sept. 2016 Professional website Mozillian profile LinkedIn profile My first article about Open Design Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:20 AW1.121 osd_beyond_fancy_logo Reaping the full benefits of design contributions Open Source Design devroom <p>Slides available at https://belenbarrospena.github.io/fosdem2017</p> <p>The decision of creating a jobs board as part of the Open Source Design project was no doubt an excellent one. Our conversations during the first Open Source Design devroom showed that a place to match designers with FOSS projects was sorely needed. At November 19th, the jobs board has received 53 submissions. I consider this a success, given our limited reach and the small size of the Open Source Design initiative.</p> <p>Going through the content of those 53 submissions shows a clear pattern: the overwhelming majority are looking for graphic designers, and many of them are asking for a project logo.</p> <p>Although graphic design is absolutely fundamental to software, and branding elements such as logos help projects develop and strengthen their identity, user-centered design is much more than that, as the content of our devrooms illustrate. It is also important to understand that good graphic design does not exist in isolation: it is embedded within the work of other user-centered design disciplines and concerns.</p> <p>User research, information architecture, interaction design and content strategy can make valuable contributions to FOSS projects. The question is, how? What needs to change for FOSS projects to identify the need of an information architect or a user researcher? Is it just about building knowledge and awareness about these branches of design? Or do these disciplines require some fundamental changes to the way contributions happen?</p> <p>This talk is more about questions than answers. It will provide a brief introduction to the different "layers" of the user-centered design process as outlined by Jesse James Garrett (http://www.jjg.net/elements/pdf/elements.pdf), and will pose some questions about how to incorporate them into FOSS projects.</p> <p>Finding the answers to those questions is one of the reasons why we need the Open Source Design community.</p> Belen Barros Pena Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:20 AW1.121 osd_mozilla_open_design What we learned in 2016 Open Source Design devroom <p>Mozilla has been doing quite some efforts in 2016 to open up more non-technical contribution areas, including design. What started with Community Design in January 2016, evolved and inspired a new rebranding process of the Mozilla brand, by opening it up to a broader audience who were able to follow and comment on the process step by step.</p> <p>We will have a look back at 2016, what we learned from Open Design at Mozilla and introduce the new Mozilla brand which will roll out throughout 2017.</p> <p>Mozilla has been doing quite some efforts in 2016 to open up more non-technical contribution areas, including design. What started with Community Design in January 2016, evolved and inspired a new rebranding process of the Mozilla brand, by opening it up to a broader audience who were able to follow and comment on the process step by step.</p> <p>We will have a look back at 2016, what we learned from Open Design at Mozilla and introduce the new Mozilla brand which will roll out throughout 2017.</p> Elio Qoshi Mozilla Rebrand Blog Mozilla Open Design Repo Video recording (mp4) Video recording (WebM/VP8) Slides Submit feedback 10:30 00:20 AW1.121 osd_when_cultures_clash Integrating UX with FOSS Development Open Source Design devroom <p>The importance of usability activities in free open source software development has been acknowledged in the research literature and practice. However the decentralized and engineering-driven approach of open source projects can conflict with UX methodologies. As these cultures merge developers and designers may be exposed to situations where the values clash. We will review existing academic papers on UX in open source and discuss how these two philosophies can co-exist in OSS development and how designers can become part of the open source community.</p> Victoria Bondarchuk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:20 AW1.121 osd_designing_in_the_open How does this thing called open source design work, or doesn't work. Maybe? Open Source Design devroom <p>Open source software has always been engineering driven. Most of the people building open source software are engineers with major turn on for features and more features which kind of explains how a lot of open source projects have rich and extremely important features but are a pain to see or work with. This talk aims to deal with this problem of designing in the open which is often neglected. Tools like GitHub, GitLab, etc. can actually become an arena for usability testing and give extremely promising output only if it follows an effective design process. This talk is also a practical guide for budding designers to get started with open source software.</p> Raghu Nayyar I have been an active design contributor to Nextcloud (formally ownCloud) since around 4 years now. I designed and now maintain the most used yet extremely complex Nextcloud application, which the Inc supports. A thorough resource on conducting usability testing in free software Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:20 AW1.121 osd_get_designers_involved 💻 + 🎨 = 🙂 how we do it at Nextcloud Open Source Design devroom <p>Designers are not allergic to open source – it often is just quite difficult and frustrating to get involved. Gladly there are some easy methods to make UX &amp; UI folks feel welcome and get them contributing! :) This talk will show the methods we use at Nextcloud – which successfully helped us build an active and welcoming design team.</p> <p>Some of these methods include: - Describe clearly what your project does - Being welcoming to designers - Involving design from the start - Using design tags in the issue tracker - Have an easy landing page to get involved - Cultivating a culture of design-driven decisions - and more! :)</p> Jan-Christoph Borchardt Thesis: Usability in Free Software Nextcloud Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:10 AW1.121 osd_our_collective + group photo! :) Open Source Design devroom <p>For everyone who doesn’t know what exactly we do, this is a short intro to our collective: We work to raise the profile of good design in open source software, and connect developers &amp; designers to make it happen.</p> <p>For that, we organize design tracks at well-known events like FOSDEM (hello ;) and FOSSASIA, have a job board to get designers involved, provide open design resources to developers &amp; designers, and more.</p> <p>We will also take our GROUP PHOTO during this session! :)</p> Jan-Christoph Borchardt Open Source Design Open Source Design job board Open Source Design events Discussions at Github Twitter @opensrcdesign Funding at Open Collective Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:10 00:10 AW1.121 osd_success_stories Open Source Design devroom <p>Community stats for the past year and a short summary of the success stories from Open Source projects that posted design jobs inside our community and got a designer involved. Talk held by @evalica and @eppfel.</p> Ecaterina Moraru Talk Slides (Stats by @evalica) Talk Slides (Success Stories by @eppfel) Video recording (webm) Video recording (mp4) Submit feedback 12:20 00:05 AW1.121 osd_promoting_to_students Open Source Design devroom <p>Getting HCI MSc students involved in open source software!</p> <p>Whats not to like!</p> <p>I've had agreement from a university in London to propose a number open source software projects to a HCI masters programme for studnets to carry out usability evaluations as part of their MSc in HCI programme.</p> <p>I would like to do a short 10 maybe 15 mins proposal to members of established open source projects which would be able to take the feedback from "the top 2%" of student evaluations and incorporate them into their software.</p> <p>I would outline what the criteria for the projects would be (still to be decided), and also what the students would do for the project and how they would send the recommendations to them.</p> <p>Essentially, it's a gathering of interest exercise. It'll be super quick. Please accept me!</p> <p>I'd be happy to do this at the end of the day combined with something else if necessary.</p> Bernard Tyers Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:20 AW1.121 osd_giving_and_receiving_design_feedback Open Source Design devroom <p>Open discussion about the design feedback process, gathering expectations and guidelines from different open source communities.</p> <p>Every Open Source project is different, every developer and designer is different so hoping that this session would provide a magic answer to our questions is not realistic. Its purpose is to open the discussion and try to gather examples from different communities in the search of drawing some guidelines.</p> <p>In Open Source, the hardest part is to know when a design iteration should stop: after a certain amount of time, after a certain amount of votes, etc. Since there are no real/accountable stakeholders/decision-makers and the majority of decisions are done with voting, it can be hard for a designer to know which voices should be listened when iterating. Also, design is not really like code, so it can be harder to do partial work and just let another designer continue it. Sometimes things need to be redone from scratch (because of style differences, vision, approach, tools, etc.)</p> <p>The purpose of giving and receiving feedback in open source should maximize the input all parties receive, having in mind their interests, availability, experience, commitment, etc.</p> <p>Some questions we could ask: - What can be done when we feel there is no consensus between designer and community or even between community members? - What are the motives for proposing the design work and how much work does it involve? - Should something be accepted just because it's the only proposal? Do we have the luxury to refuse design work? - Should the same rules as in code review be applied? - How do we better match designers and communities in terms of style? - Should people from outside the community be involved in the feedback process? - Are community members the target or representatives for their users?</p> <p>Meeting everyone's expectations needs a better communication and understanding of the topic and that's what this session tries to achieve.</p> Ecaterina Moraru Talk Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:20 AW1.121 osd_accessibility_in_os Accessibility in Open Source Open Source Design devroom <p>There are many accessibility projects in the Open Source (OS) and Open Development (OD) space. Some focus on creating technologies designed to make the web easier for people with disabilities to use, others are exploring ways to make the web itself more accessible.</p> <p>This talk will look at a handful of projects including the Non Visual Desktop Access (NVDA) screen reader, Drupal Content Management System (CMS), Brunel Data Visualization, and other projects making a difference to accessibility, , and the accessibility of the OS/OD space itself.</p> <p>Léonie is Communications director and Principal engineer for The Paciello Group (TPG, co-chair of the W3C Web Platform Working Group and member of the W3C Advisory Board, and Accessibility engineer for Government Digital Service (GDS) working on the Gov.UK platform.</p> <p>Phone: +44.7921168551 Email: tink@tink.uk</p> Léonie Watson Personal Website Paciello Group website (where I work) My Github profile Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:20 AW1.121 osd_dos_and_donts_on_accessibility Open Source Design devroom <p>At the Home Office, UK we designed a set of posters aiming to promote accessibility, raising awareness of various users and conditions through good design practice. By sharing them openly with others, they've become something better, and have been made even more accessible along the way.</p> <p>We'll be discussing how the posters started with an idea and by keeping them open-source, have lead to lots of collaboration, engagement and feedback. We've had requests for translating the posters and learned some things along the way. We're also embarking on an exciting new project with these posters which will be elaborated on.</p> <p>Karwai Pun is an interaction designer at the Home Office, working on making digital public services more accessible.</p> Karwai Pun Blog post promoting Dos and Dont's for designing for accessibility Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:20 AW1.121 osd_finding_user_needs Researching motivations, activities and problems of your users Open Source Design devroom <p>UX Design is often understood as creating an interface and testing if it is usable. But it can also include finding out what would be useful and serves users’ needs.</p> <p>Methods to analyze user needs exits, however, they may assume a lot of resources or don’t consider community driven work.</p> <p>We want to demonstrate methods we used for Wikidata and Mediawiki to * research user needs * use the findings to improve our software</p> <p>We want to particularly highlight</p> <ul> <li>How to do this with few resources</li> <li>How to involve an open source community</li> <li>How to involve team members who are not designers</li> </ul> <p>We hope to enable participants of the session to use the methods in their projects and communities and encourage to develop the methods further.</p> Jan Dittrich Charlie Kritschmar Video recording (mp4) Video recording (WebM/VP8) Slides Submit feedback 14:30 00:20 AW1.121 osd_interviews_as_user_research How I built a public transportation UI using interviews Open Source Design devroom <p>An important aspect of humane interfaces is meeting the needs of a variety of people. They all have different skills, restrictions and whims. How do you figure out what exactly those are?</p> <p>In this presentation I’ll talk about how I used user interviews and personas for that purpose, using them as tools for discussions and implementation of Public Transportation in GNOME Maps. I'll talk about how I interviewed people from both cities and countryside, from both Brazil and Sweden, and how their insights challanged my own perceptions about what people need from a public transportation UI.</p> Andreas Nilsson Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:20 AW1.121 osd_architectural_font_digitalisation Typographic pipeline with Graphviz, Inkscape and Fontforge Open Source Design devroom <p>Numerous works of architecture, furniture, sculptures, illustrations and typography were made during the 1920s by a modernistic style called the Amsterdamse School. A lot of these works are not easily accessible and, even though preservation efforts are being taken, many are deteriorating over time. This talk will elaborate on how FOSS design and typographic tools were developed and used to digitise and extend a century old font under an OFL.</p> <p>To aid the effort of preserving and reuse minimalistic – though often playful – designs from the early 20th century, Stichting z25.org ran a project where an sculpted incomplete typeface was digitised and made available as a font. The focus of this case study was on typographic design, FOSS development and co-funding.</p> <p>This project used contemporary cultural entrepreneurship by combining crowdfunding and public funding to finance this project. As a side-effect, the crowdfunding campaign contributed to local awareness about the existing cultural heritage and more insight to the amount of work required for typographical designs.</p> <p>After completing a study of the original artist's works, a pipeline of several FOSS design tools was set up to meet this challenge. Graphviz was used to categorise and divide the design workload in infographics which also show character interdependencies. Additionally, we show how design work and collaboration can be managed more in Agile environments. The individual glyph designs were done in Inkscape and the font files were generated by using FontForge.</p> <p>FontForge offers sharing guides (lines supporting and accelerating the design process) amongst glyph designs, however Inkscape has no such facility as the individual SVG files are not synchronised for this. We developed a tool in Python to selectively synchronise guides.</p> <p>In this presentation, z25.org will talk you through their adventure of funding, developing, digitising, designing and sharing. The result is a preserved and revitalised typeface called Neude that lay dormant for over a hundred years on impressive statues in the former post office in Utrecht, the Netherlands.</p> Sander van Geloven Stichting z25.org Hellebaard Crowdfunding voordekunst Inkscape guide distribution Font Neude Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:20 AW1.121 osd_designing_musescore My experience with doing UX design with local volunteers Open Source Design devroom <p>I've been running a local meet-up centered around designing for FOSS and doing it thoroughly, choosing MuseScore as our first project. The meet-up has attracted people inexperienced with both UX design and scorewriting and it's been a good learning experience.</p> <p>I'll talk about my experience with running a local meet-up, where we worked on designing MuseScore, an open-source scorewriting program, with a group of volunteers that had little to no prior experience with both the UX design process and with scorewriting. The design process we're going through is rigorous, including stakeholder and user research, persona creation, scenarios, and the like.</p> Miroslav Mazel The Meetup page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:20 AW1.121 osd_gnome_recipe_app From Thinking On to Acting On Open Source Design devroom <p>GNOME Recipe App is all about food. We all love food. We want the recipe app to be community driven. GNOME people all over the world will be entering their favourite recipes and also they will be able to cook delicious things using the GNOME recipes.</p> <p>This is not a new idea. Looking all the way back to 2007, the idea of a GNOME cook book was already around (https://wiki.gnome.org/GnomeCookbook). For one reason or another, we never quite got there. But the idea has stuck around. With the upcoming 20th birthday of GNOME next year, we thought that we should make another attempt at this app, maybe as a birthday gift to all of us. Once we release the app, we will start to collect the content and print as a cookbook.</p> <p>My talk will be shortly about how we decided to build the GNOME Recipe App as a community, how i started to work on mock-ups, how Jakub Steiner (design) designed them based on my mock-ups and how Matthias Clasen (engineering) implemented them.</p> <p>My real motivation with this talk to explain how we had fun while working on the app and encourage designers to contribute open source projects more.</p> <p>You can see the demo video and landing page design on the files screen. Plus you can also visit our wiki page for more details. (https://wiki.gnome.org/Design/Apps/Potential/Recipe%20App)</p> <p>I also want to talk about connecting the user experience, the technical requirements and the business requirements together is important in product discovery and development process. And for this, being a good communicator between teams in an organization is a key to make sure that everybody is on the same page. Many designers divides up building a product into two distinct parts – design and development. There is always some technical questions I’m receiving from Matthias that can heavily influence my design decisions. Those questions should be asked and addressed as early as possible by talking with Matthias and Jakub. Recipe app starts and continues with discussions between design and engineering.<br/> In terms of interaction, visual design and implementation, details reveal themselves as the product is being built. Instead of handing off pixel-perfect designs to the team, it is far more better to design alongside them as we build it.</p> <p>We will keep developing our app!</p> <p>Goals</p> <ol> <li>I want to see all delicious food recipes from all over the world.</li> <li>I want to add recipes from my mum, grandmother</li> <li>I want to select my favourite recipes for later use</li> <li>I want to see what ingredients are needed for the recipe</li> <li>I want to see ingredients photo and explanations in the ingredients page from A to Z</li> <li>I want to keep track of what ingredients you’ve added and steps you’ve completed in each recipe by checking what you’ve done. I want to follow the cooking process from the beginning stage to the end stage. For example which stage I’m at now. Preparing the ingredients, which ingredients are put into the bowl… All things need to be checked when it’s completed. Timer should start when it is in the oven. preparation made simple with step-by-step instructions</li> <li>If I’m following a person I like, I want to see the other recipes he cooked, other recipes he favourited, his origin, his favourite foods (mentioning it by country or by ingredients)</li> <li>On the landing page I should see the recipes that matches the countries I choose, ingredients I choose and my favourites and the people I’m following</li> <li>Want to print the recipes so I can put them on my fridge</li> <li> Make easy recipe adjustments with in substutions and conversions within each recipe</li> </ol> <p>Non-Goals</p> <ol> <li>We won’t build a web site. It will be only a GNOME app for GNOME community</li> <li>There won’t be recipes from cookbooks (Copyright issues).</li> </ol> Emel Elvin Yildiz GNOME Design Wiki Page Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 AW1.121 osd_pitch_your_project Open Source Design devroom <p>The day has been filled by designers doing all the talking, but here we switch and give the stage to software developers.</p> <p>This is a chance to pitch your project to the designers in the room and ask them to contribute. You will be given some time to explain what your project is about, why it's important, and what design work needs to be done. No need to book in advance: just turn up!</p> <p>We have done this session for the past 2 years, and everyboy seems to like it. So we are doing it again.</p> Belen Barros Pena Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:55 00:05 AW1.121 osd_closing Open Source Design devroom <p>Closing remarks for the Open Source Design devroom + Group photo.</p> Ecaterina Moraru Submit feedback 09:00 00:30 AW1.125 personal_cloud Decentralizing the servers with the personal cloud approach. Introduction to the Personal Cloud and Self-data approaches: having your own open-source server, handling your own data locally, with innovative services Decentralised Internet devroom <p>Surveillance: the case for personal Cloud and against GAFAMs</p> <p>The concept of Personal Cloud</p> <p>Demonstrating a personal cloud instance and its innovative usage.</p> <p>Most of the Western population now uses 3 different kinds of computers: PCs, smartphones and Cloud services. Where is the room for Open Source and Free Software in this new world? Software freedom is possible on the PC side, it's already quite challenged on the smartphone world, and too little is being done on the Cloud side. A lot of Cloud services run on open source software, but offer in the end proprietary services that centralize user data. As Edward Snowden's revelations have demonstrated, all of this makes mass surveillance economically possible.</p> <p>What do we do as a community to avoid mass surveillance? What alternative do we build?</p> <p>One possibility is the Personal Cloud movement, where a server (self-hosted or not) runs a platforms that enables personal data collection through connectors in order to run innovative apps relying on that personal data.</p> <p>During this short presentation, we'll see how data centralization leads to mass surveillance and how a personal cloud works.</p> Tristan Nitot Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:30 AW1.125 diaspora The Federation is alive! Decentralised Internet devroom <p>The decentralized social world is on. It's been four years since the project was transferred to its community. Discover with us what we accomplished and where we'd like to go.</p> Antoine Duparay (fla) Official website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:30 AW1.125 caliopen Showing to Caliopen's users how public their private messages are. Decentralised Internet devroom <p>In order to help people keeping control over personal data, the Caliopen project intend to associate with each element of it's user interface, including messages, a "Privacy index" showing as precisely as possible how much that element is at risk of being publicly exposed. We will expose here our problems and leads.</p> <p>The confidentiality of correspondence has been historically characterized by letter exchanges. Think of the stamped royal letter protected with a wax seal. Everyone knows that a letter mailed in a glued envelope is more private than a standard postcard. This confidentiality with easily-understood privacy indicators has disappeared with the advent of digital correspondence.</p> <p>In order to offer the public a better control over their private life, Caliopen proposes to associate a "privacy index" indicator to each element of it's interface. The user will be able to easily improve the level indicated by this index and thus be encouraged to better protect themselves and their contacts.</p> <p>In order to do so, we have to define precise metrics to calculate those indices, that rely as much on technical data (protocol used, encryption...) than on human behaviour. We intend to present how much ambitious this is, the difficulties we face, and the leads we follow to realize that particular goal.</p> Aymeric Barantal Stanislas Sabatier http://caliopen.org Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 AW1.125 matrix_future Decentralised Internet devroom <p>The success of the decentralised internet depends on robust building blocks for decentralised identity, reputation and communication in general. We'll look at how Matrix.org (an open standard for decentralised communication) is attacking these problems - both now and in the future.</p> <p>Matrix is an open source project that publishes a standard and reference FOSS implementations for decentralised communication, primarily focusing on defragmenting all the various communication silos (messaging, VoIP, IoT etc) that users are trapped in today. We believe that no single company or entity should ever have ownership or control a user's conversations - only the user themselves should have control.</p> <p>In Matrix today rooms are replicated over all the servers which participate in a given conversation, decentralising by default similarly to Git or blockchain. Unlike other protocols, rooms have no single point of control on a given domain or entity and conversation history is shared equally over all participants. However, user accounts themselves are currently bound to a single 'home server', meaning that users are currently tied to a single service provider, similarly to email or XMPP.</p> <p>In this talk, we'll discuss Matrix's plans to decentralise accounts too - letting users share their account data across whatever sets of servers they trust; providing account portability as a matter of course. We'll also discuss the related topic of decentralised identity - how to track how email addresses, phone numbers and other identifiers map to a given matrix user... without maintaining a centralised ID mapping database.</p> <p>Finally, we'll explore the critical topic of decentralised reputation. Any decentralised system, whether it's Matrix, Email, XMPP, blockchain etc needs a way of tracking the relative reputation of the participants in the system in order to let users filter undesirable content. We see this as the single biggest challenge remaining for Matrix, and one that is vital to the internet at large - helping users self-curate the content they consume and breaking free of the echo-chamber effect of centralised services. We'll talk about the options we've been looking at with Matrix, and issue a call to arms for the whole community to work on solving this problem.</p> Matthew Hodgson Matrix website Blog from FOSDEM 16 Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:30 AW1.125 cloud_federation sync, share & collaborate in a decentralized cloud Decentralised Internet devroom <p>The internet started as a decentralized network based on Open Standards. Back then everybody could set up his own web server, mail server or news server and communicate with the rest of the world. The last years we saw, that for many users the internet was reduced to a few centralized services used to connect with their friends, to communicate and to store and share all kind of data. Nextcloud wants counteract this development for people who want to store, sync and share their data. It provides a cloud platform based on Open Standards and Free Software. To connect the nodes of self-hosted cloud platforms, Nextcloud is the driving force behind the concept of Cloud Federation. The aim is to provide a Open Standard to share data across multiple cloud servers. At the moment this protocol is not only implemented by Nextcloud but also by Pydio and ownCloud. Together with many partners, Nextcloud works on formalizing the protocols to create a real standard. This talk want to discuss how to restore a free, decentralized and open internet in the area of data sync and share.</p> <p>The internet started as a decentralized network based on Open Standards. Back then everybody could set up his own web server, mail server or news server and communicate with the rest of the world. The last years we saw, that for many users the internet was reduced to a few centralized services used to connect with their friends, to communicate and to store and share all kind of data. This lecture looks at this development from the perspective of a cloud platform which enables people to store, share and sync all kind of data. In this area we saw already the last years a strong push to more decentralized solution, developed as Free Software. This was a important step in the right direction, but at the same time it created a new problem. Everybody who set up his own cloud platform can only collaborate with users on the same server. It become obvious that we need a way to connect all this clouds again. Like with email, for example, it shouldn't make a difference if you communicate with someone on the same server or not. In order to build this bridge, a concept called Cloud Federation was introduced. The aim is to provide a Open Standard to share data across multiple cloud servers. At the moment this protocol connects all Nextcloud, Pydio and ownCloud users. Today Nextcloud is the driving force behind this development and work actively with many partners on formalizing the protocol in order to create a real Open Standard. This talk wants to discuss the development in the world of cloud platforms and how Nextcloud can help to restore a free, decentralized and open internet in this area.</p> Björn Schießle Home of the Nextcloud project Initiative to create a real Open Standard for Cloud Ferderation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:30 AW1.125 cozy Learn the real value of your data, using cozy Decentralised Internet devroom <p>It is probably unnecessary to explain the perils of a GAFAM centralized web in this devroom. But we offer the idea that recentralizing one's data into a personal cloud allows for MORE than only privacy.</p> <p>In today's web our data are kept into silos. Several companies each own a fragment of one's digital identity. Google has the emails, Facebook has friends pictures, mobile providers have a timeline of my location, my events are so mixed up.</p> <p>As FOSS developer, it is our responsibility to provide an open-source alternative to these. But convincing friends and families of the importance of it is not easy, an it is not possible to replace a network-effect system by just doing an open source alternative.</p> <p>We posit a possible first step is to move (or at least copy) our data from the cloud, aka someone's else computer, back to one's computer. And then to use all this data comming from different sources to create mashups that silos cannot provide.</p> <p>In this talk, we will create one such use case, from retrieving some data from a provider, mashing it up against some of user's data and providing a new usage. This app is made as a simple web app, installable.</p> Christophe Thiriot MyAccounts Application Cozy Client JS Cozy The slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:30 AW1.125 freifunk_access_human_right Decentralised Internet devroom <p>For many of us, Internet access seems to be naturally given, but unfortunately in Germany it is still a privilege. This is sad, even the European Court of Human Rights and the European Council ackknowledged: Internet Access is Human Right. In Germany Freifunk activists and initiatives enabled people to access internet and communication, education and information sources in more than 400 facilities since 2012.</p> <p>freifunk.net means more than 15 years of social and technical innovation in free community networks. Beside Germany there are similar projects in more than 30 countries living these ideas. By sharing knowledge on how to build free community networks, freifunk delivers impulses against digital divide and for free internet access.</p> Monic Meisel Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:30 AW1.125 ffdn 5 years of DIY Internet accesss Decentralised Internet devroom <p>This talk will come back on what the FDN Federation achieved since its creation in 2011.</p> Adrien Nader Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:30 AW1.125 guifi An Open, Libre and Neutral Telecommunications Network Based in Commons Decentralised Internet devroom <p><a href="https://guifi.net/en/">guifi·net</a> is a technological, social and economic project built by citizens, which centers its activity in the field of telecommunications. Its purpose is to enable broadband Internet access for everybody, with high quality and for a fair price, by means of developing a telecommunications network based in a model of commons, open, neutral and with unencumbered access. The network counts with <a href="https://guifi.net/ca/node/2413/view/map">more than 32,000 nodes</a> and gives access to an estimated 50,000 people, mostly in Catalonia and the Valencian Country. guifi.net counts on a diverse community of individuals, organizations, companies and public administrations agreeing upon a <a href="https://guifi.net/en/FONNC">common license</a>, with the support of a <a href="https://fundacio.guifi.net/">private foundation</a> that watches over its development and integrity. guifi.net enables a collaborative economy where volunteers and businesses contribute to the development of the common network thanks to governance tools like the compensations system.</p> Ivan Vilata-i-Balaguer guifi.net — Open, Libre and Neutral Telecommunications Network Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:30 AW1.125 self_hosting_privacy Decentralised Internet devroom <p>One of the main issue with centralized internet services is the commercial exploitation of people private datas, and the relative lack of security of those data against states actors among others. Yet, being self hosted and using smaller provider do not automatically grant protection, and few people do have a concrete idea of what steps are needed to efficiently protect the privacy of others when hosting services, inspired by the policy of Mozilla, riseup and several others groups trying to do the right things</p> <p>This talk will mostly speak of the steps required for respecting privacy, with a focus on privacy beyond "The NSA is trying to catch me", showing how even the best intentions do result in problem for some users, and how sysadmins and activists can set their systems to protect users without burdening them, and how things are most often more subtle than we think, in the context of hosting services.</p> Mickael Scherer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 AW1.125 de_google_ify FLOSS: Positive Alternatives to Big-Data centralized Services Decentralised Internet devroom <p>Big data companies (aka GAFAM) have centralized our services, our data and our digital lives. Over the last two years, the French non-profit organization Framasoft has been demonstrating that FLOSS can be used as an ethical and user-respecting alternative to widespread services such as Dropbox, Skype, Facebook, Google Agenda, or even Minecraft. Time has now come to share this experience so that it can spread into a network of data-friendly and user-respectful service hosters.</p> <p>2016 is a milestone: Google Apple Facebook Amazon and Microsoft (also known as GAFAM) are now ranked as the 5 largest companies by market capitalization in the USA. Big Data has become more important and powerful than Big Oil or Big Pharma. Web centralization, profiling advertisement, government enablement to carry out mass-surveillance, shrinking diversity and innovation, and even bevahioural hijacking: here are only a few of the numerous issues that arise with these huge centralizede powers</p> <p>Even though a wider audience is becoming aware of these issues, their answer is always the same: "What else can I use?"</p> <p>Framasoft is a small French non-profit association whose aim is to promote Free-Libre software and culture to the general public through practical projects: a Free-Libre software directory, a user-friendly USB stick filled with portable FLOSS, a publishing house for Free-Libre books… In October 2014, we made public this impossible challenge: over the next 3 years, we would provide Mr. and Mrs. Everyone with more than 30 alternatives to the main GAFAM services, all based upon Free-Libre and Open-Source softwares while respecting the users privacy. We aimed at a triple goal : to inform the general audience of the stakes, to provide viable alternative as a proof of concept to mainstream users, and to spread this experience by promoting self-hosting and helping other data-friendly services hosters to grow.</p> <p>More than two years later, a wider audience is being aware of the data-centralization issues. We are on track to win our bet since only a few services remain to be launched. We are currently initiating CHATONS, a network bringing together hosters who respect privacy and provide ethical services.</p> <p>Here is the story of what we did and how we did it. We would be thrilled if our experience could be useful to non-French speaking projects and communities.</p> Christophe Lafon-Roudier (Pouhiou) Framasoft main website Our EN wikipedia page The de-Google-ify Internet initiative The CHATONS network Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:30 AW1.125 libre_sh Get up and running with libre.sh in 20mins \o/ Decentralised Internet devroom <p>Free Software on the desktop was cool in the 2000s, but nowadays, we need FLOSS as a Service. If you go to dropbox, you signup with your email/password, boom, you get your cloud. If you go to Nextcloud.com, the call to action is "download". We'll never reach the 99%, we need a signup button on every free software landing page. libre.sh is paving the way toward that direction. The first step is to have an infrastructure to orchestrate these softwares.</p> <p>During this presentation, I'll show you how we leverage the power of docker to manage hundreds of containers that deliver FLOSS as a Service for the 99%. I'll quickly explain why we choose docker. Then, I'll dive into showing, live, how to setup a full server with:</p> <ul> <li>HAProxy with let's encrypt</li> <li>Rocket.Chat</li> <li>GitLab</li> <li>ELK (for log collection)</li> </ul> <p>And all in less than 20 minutes. So then, you have no excuses to not host free software for you and/or your organization :)</p> <p>libre.sh in numbers:</p> <ul> <li>installed on 5 servers (4 different organizations) (that I know)</li> <li>running hundreds of containers</li> <li>offering 24 different applications (chat, git, cloud, mail...)</li> <li>with a wide range of different stacks (MySQL, Postgres, Mongo, PHP, Ruby, NodeJS...)</li> <li>and 4 modules (log collection, monitoring, backups, proxy)</li> <li>developped since 2 years</li> </ul> Pierre Ozoux Website of the project libre.sh is used by this project libre.sh could be really useful for chatons \o/ My Blog Photo of the meetup where I already present it. Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:15 AW1.125 openwisp2 a self hosted solution to control OpenWRT/LEDE devices Decentralised Internet devroom <p>OpenWISP2 is a simple web app composed of several reusable python libraries and django apps. Having learnt from the experience with OpenWISP1, the new version of the controller has been redesigned to be more flexible, reusable, modularly built and easier to deploy.</p> <p>Its goal is to make it easier to maintain a network of devices based on OpenWRT/LEDE.</p> <p>Current features</p> <ul> <li>configuration management for embedded devices supporting different firmwares: OpenWRT/LEDE and OpenWISP Firmware</li> <li>support for additional firmware can be added by specifying custom backends</li> <li>configuration editor based on JSON-Schema editor</li> <li>advanced edit mode: edit NetJSON DeviceConfiguration objects for maximum flexibility</li> <li>configuration templates: reduce repetition to the minimum</li> <li>configuration context: reference ansible-like variables in the configuration</li> <li>simple HTTP resources: allow devices to automatically download configuration updates</li> <li>VPN management: easily create VPN servers and clients</li> </ul> <p>Project goals</p> <ul> <li>automate configuration management for embedded devices</li> <li>allow to minimize repetition by using templates</li> <li>make it easy to integrate in larger django projects to improve reusability</li> <li>make it easy to extend its models by providing abstract models</li> <li>provide ways to support more firmwares by adding custom backends</li> <li>keep the core as simple as possible</li> <li>provide ways to extend the default behaviour</li> <li>encourage new features to be published as extensions</li> </ul> <p>You can find the video projected during the talk here: <a href="http://www.youtube.com/watch?v=MY097Y2cPQ0&amp;list=PLPueLZei9c8_DEYgC5StOcR5bCAcQVfR8">http://www.youtube.com/watch?v=MY097Y2cPQ0&amp;list=PLPueLZei9c8_DEYgC5StOcR5bCAcQVfR8 </a></p> Federico Capoano Official website Twitter profile Github organization Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:15 00:15 AW1.125 puffin Free Webapp Hosting for Average Users Decentralised Internet devroom <p>The goal of the project is to allow average, tech-oriented user to run their own server applications, without worrying about maintaining a server. The ultimate aim is to achieve greater decentralization of federated services, such as social networking, file sharing, blog or email, on the net.</p> <p>While many people are looking at containers as a way to run massive applications, automatically scaling to millions of users, Puffin allows running many independent personal lightweight applications on a single physical machine.</p> <p>The first part of the project is a specialized application catalog for Docker, with easy to use interface à la app store, that can be easily run on a personal server. The second part is a common hosting platform which allows running limited number of applications for free.</p> <p>During the presentation I will introduce the ideas behind the project and show a demo.</p> <p>The difference between Puffin and other container management and hosting services such as Docker Cloud or Rancher, is that the applications are curated to achieve optimal efficiency on a small scale and the interface is more friendly towards an average computer user. Docker was chosen as container technology due to its popularity - more and more web applications are providing Dockerfile or even docker-compose.yml themselves, so it's not very difficult to adapt them to include in the package repository.</p> <p>Putting multiple containers on a single machine to reduce hosting costs implies multi-tenancy. Although Docker is not fully secure against accessing host system from a container, I believe the situation will improve in the future or alternatively another container technology will be used for Puffin.</p> Jarek Lipski Puffin Website Source code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:30 AW1.125 freedombox Run your own life. Host your freedom. Connect with people. Decentralised Internet devroom <p>FreedomBox is a consumer device that aims to facilitate free communication among people, safely and securely, in a world where our fundamental rights are under grave threat. FreedomBox will put in people's own hands and under their own control encrypted voice and text communication, anonymous publishing, social networking, media sharing, and (micro)blogging. It is built on top of Debian and is currently available for several single board computers.</p> <p>This talk is aimed at introducing FreedomBox, its goals, current status and future plans. It is also a call for help.</p> <p>Decentralization of the Internet</p> <p>Basic human communication is getting more and more online. Many of us probably already communicate more on the Internet than offline. The communication media are often controlled by few corporate entities who hold immense power. This power that they continue to accumulate is often abused to the determent of their users. Instead of building and relying such centralized entities, we need to build an Internet that is more decentralized and controlled by the people using it.</p> <p>FreedomBox</p> <p>Most people often believe that there is no alternative to using centralized services like Gmail and Facebook. A global network of volunteers are building software that will put back control of communications back into people's hands. In many areas, such software exists but is not easy to use. FreedomBox project aims to build a consumer device that brings these decentralized technologies together for easy usage and maintenance by typical users.</p> <p>Ruben Lubbes has been working with and participating in the project for years, mainly working on translations, product development and persona's.</p> Ruben Lubbes Project Main Page Foundation Homepage Introduction Blog Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:30 AW1.125 yunohost Decentralised Internet devroom <p>YunoHost is a debian-based distribution aimed at making self hosting easier and accessible to a greater number.</p> Laurent Peuch Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:30 AW1.125 internet_cube Decentralised Internet devroom <p>A self hosting server and wifi VPN gateway by YunoHost and the FFDN.</p> Kload Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:25 AW1.126 ogd_computer_games Open Game Development devroom <p>Many people learn to code because they want to write a computer game. More often than not, they want to re-write their favourite game, but making it a little easier! Unfortunately the gap between a personal project, open source game, and professional offering is substantial, with the lack of polish obvious at every turn. In this talk, Steven Goodwin, a game developer of 20 years standing (and 3 books on the subject), dissects each discipline (art, music, writing, and code) to explain where polish should be added and why it’s so rare to see open source games as effective as their commercial counterparts.</p> <p>In theory, an open source game should be much better than a commercial version. After all, as a group, we have more resources at our disposal, over more time, in order to build more assets, write more code, and fix more bugs. But that’s rarely true. Our efforts look rushed and amateur in comparison. After a brief discussion on the meta-problems of open source game development we look at each discipline and demonstrate what needs to be written to improve the game, details of simple, but effective, visual improvements that can be done with very little effort, and how certain functionality can be implemented in order to make a game shine. The talk also includes a checklist of features implemented in Space Bounce that, while you might not have noticed them, you would certainly realize if they weren’t there.</p> Steven Goodwin The sample game Source to the sample game Speakers game bio Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:25 AW1.126 ogd_geolocation With OpenResty, Redis and Docker Open Game Development devroom <p>The case of rapid prototyping of a small prototype for a server backend of a geolocation-based mobile game, using nginx, OpenResty, Redis and Docker will be examined in the talk. Topics will include: why was the technology stack selected, what are the advantages (and some disadvantages), the architecture of the prototype, and how the features of the stack were used in the implementation. Some words will be said on how to keep iterations on the prototype rapid and how to upgrade the project from the prototype to a production system.</p> Alexander Gladysh Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:25 AW1.126 ogd_webcam OpenCV in practice: example for developers and business Open Game Development devroom <p>Introduction to Computer Vision via WebCam game example.</p> <ul> <li>Try WebCam game during presentation</li> <li>Understand, how motion detection works with the help of <code>OpenCV</code> libraries</li> <li>Understand, the problem of low lighting and noise</li> <li>Hear real-world example of using WebCam games</li> <li>Fork and create your own WebCam game</li> </ul> <h3>Who should attend</h3> <ul> <li><em>[Mostly]</em> <strong>Software developers</strong>, especially with the background of <code>C</code>/<code>C++</code> or willing to learn <code>OpenCV</code> – because speaker would be illustrating principles, how his game works, so later you could (fork and) create your own version.</li> <li><strong>Project managers and entrepreneurs</strong>, because some business cases would also be discussed</li> <li><strong>Bored people</strong>, who just want some interactive game during the presentation.</li> </ul> <h3>Back-story for the presentation</h3> <ul> <li>Colleague from HR: <em>I found a video about augmented gaming climbing wall, would it be hard to implement something like it</em>.</li> <li><em>Well... I was playing with similar technology some time ago</em> – answered. Found my <strong>6 years old project</strong> and to my surprise – it <strong>was still working</strong> (actually spent about an hour to install dependencies and fix <code>include</code> values). That is what <em>backward-compatible</em> open source software really means :)</li> </ul> <p><strong>WebCam based games still gives <em>WOW</em> effect</strong> (still trending, still looks new). <strong>But why it is not mainstream after 6 years?</strong> To answer that question, lets dig into some implementation and bussiness use cases.</p> <h3>Content of the presentation/DEMO</h3> <ul> <li><strong>Introduction</strong>: LIVE demonstration of WebCam based game: Yes – audience could play from their seats by moving their hands :)</li> <li><strong>Business case</strong>: Why not mass production? Example: advertisement for IT recruitment and meetups</li> <li><strong>Implementation details</strong>: rocket science or comparing pixels (visual debugging info would be shown, while others are playing)? The problem of lighting and noise.</li> <li><strong>Discussion/question</strong>: Why not mainstream: hardware problems, trend to (not) learn <code>C</code>/<code>C++</code>, difficulty of <code>OpenGL</code> lighting (if there would not be other questions)</li> </ul> Aurelijus Banelis Video: Demo of the software OpenCV library OpenGL library Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 AW1.126 ogd_drawing_game_design Open Game Development devroom <h2>Draw, play, erase, correct, scan &amp; play anew!</h2> <p>In this talk, we will share our experience in designing games that revolve around interactive drawings (felt pen on paper, graff on walls, colored syrup on waffles...). How does such games work? First a camera captures the drawing, then we analyze it, use that information in our game, then we project back the rendered game on the drawing to close the loop.</p> <p>First we will discuss the implications of such an analogical and free-form input in term of user experience and possible gameplays. Then we will present the tech we have been developing to ease the development process. This implied working both on software (a library, the PTX system) and hardware (a kit for easy setup).</p> Roman Miletitch Papertronics's website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 AW1.126 ogd_living_orb Tangible game console. Open Game Development devroom <p>Tangible game console, controlled through its rotation, and producing light patterns in return.</p> <p>Living Orb is a tangible game console. Play by rotating it in your hands. The screen is its surface, composed of leds all around.</p> <p>This talk will present the device, the construction of the first prototypes, the hardware and software involved in them, and some games that were developed.</p> Jonathan Giroux Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 AW1.126 ogd_0xff Drawing games for a DIY console Open Game Development devroom <p>Create a complete game for the bitbox DIY console with GIMP on a single 256x256, 256 color image, and use the hardware (or an emulator) to play your (small) multi level platformer with custom levels, sounds and unique enemy behaviours.</p> Xavier Moulet (Makapuf) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 AW1.126 ogd_open_ems_stim Open-source muscle stimulation for interactive experiences & games Open Game Development devroom <p>The openEMSstim, a hardware board based on an Arduino Nano that modulates the amplitude of Electrical Muscle Stimulation (EMS) signals. These muscle stimulation signals can be used for games, interactive art, etc. The approach is based on medical rehabilitation hardware and openEMSstim makes it approachable for researchers to use it safely. The project aims at providing a comprehensible and open-source starting point to experiment with muscle stimulation and learn how to keep it safe. openEMSstim provides not only hardware but also the software that communicates with the board and controls it (for Unity3d, Python, Processing, Android and Node.Js). This board is controllable via Bluetooth and compatible with any BLE device (such as your smartphone) or controllable via USB.</p> <p>Project is fully accessible at: https://github.com/PedroLopes/openEMSstim</p> <p>The openEMSstim has been created in collaboration between Pedro Lopes (at Hasso Plattner Institute / University of Potsdam) and Max Pffeifer Leibnitz University in Hannover (responsible for the original version). The openEMSstim has been used in the ACM UIST'16 conference by 20 teams of students that used it to create innovative prototypes.</p> <p>The openEMSstim, a hardware board based on an Arduino Nano that modulates the amplitude of Electrical Muscle Stimulation (EMS) signals. These muscle stimulation signals can be used for games, interactive art, etc. The approach is based on medical rehabilitation hardware and openEMSstim makes it approachable for researchers to use it safely. The project aims at providing a comprehensible and open-source starting point to experiment with muscle stimulation and learn how to keep it safe. openEMSstim provides not only hardware but also the software that communicates with the board and controls it (for Unity3d, Python, Processing, Android and Node.Js). This board is controllable via Bluetooth and compatible with any BLE device (such as your smartphone) or controllable via USB.</p> <p>Project is fully accessible at: https://github.com/PedroLopes/openEMSstim</p> <p>The openEMSstim has been created in collaboration between Pedro Lopes (at Hasso Plattner Institute / University of Potsdam) and Max Pffeifer Leibnitz University in Hannover (responsible for the original version). The openEMSstim has been used in the ACM UIST'16 conference by 20 teams of students that used it to create innovative prototypes.</p> <p>The openEMSstim is also a project that aims at informing people on how to build such devices. Rather than building devices by hacking existing devices or building dangerous circuits from scratch, we intentionally designed it in a way that it recycles existing medical stimulators, which are safe to use. This way, the openEMSstim is actually just a big (wireless and cool) potentiometer that adjusts the intensity of the medical devices stimuli. The project keeps on growing and aims at finding new form-factors, smaller PCB, simpler hardware components, wifi integration, etc.</p> Pedro Lopes repository tutorial #1: intro to openEMSstim tutorial #2: basics of EMS tutorial #3: python Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:25 AW1.126 ogd_gpl_assets Open Game Development devroom <p>Open source games are even more open source if not only the source of the game engine itself is available, but also all the other assets, such as sprites, samples, soundtracks et cetera also have their source available. What is source in the context of multimedia assets? And how can we create those assets in a more source-like way?</p> <p>In this talk I will briefly point out the importance of source code, and why this is also important for multimedia assets. I will show some file types, and discuss whether or not they are source, and if not what would be their source. Finally, I'll give a real example of creating music in the way a programmer would write C or Python code, and compile the source of this music with a makefile into an Ogg Vorbis file. I hope this will bring more awareness about the need for source code of multimedia to game developers, and hopefully it will inspire others, including programmers that think they are not artistic, to create those assets, to share them, and to be able to learn from and modify them.</p> Guus Sliepen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 AW1.126 ogd_includo Lessons learned making games about diversity for the IncLudo project Open Game Development devroom <p>In the IncLudo project, we are making open source games to promote diversity in the workplace. After a year of building and testing game prototypes, we want to share what we've learned about bias, empathy, icebreakers, taboos, and board games while pursuing this important but challenging goal.</p> Jesse Himmelstein IncLudo project Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 AW1.126 ogd_hellink Creating a "real" game to raise awareness among students Open Game Development devroom <p>Hellink is an educational video game about information literacy. Being produced by an university library, it heavily focuses on the business model of scientific information, and the various ways to promote more freedom in this domain, especially Open Data. Discover the creative process behind the project, and how to raise awareness about complex subjects through videogames!</p> <p>The project was launched by the Library of the Université Pierre et Marie Curie, which is the biggest scientific university in France. We had multiple goals: create a "real" game, with engaging gameplay, artistic direction and storyline; teach the basics of information literacy and train the audience's critical eye; raise awareness about the business of scientific information and Open Data, which is the heart of our theme.</p> <p>We will work from a few questions helping us to understand, from both a diplomatic and a creative point of view, how to effectively engage the audience with Open Data through the means of videogames: how to create an "activist" game into the constrained context of a public institution, especially a university with commercial links with some of the entities criticised by the game? And how to speak about complex subjects with video games: what can be expected and what shouldn't?</p> <p>Video game can be a powerful tool, if well handled! Come talk with us to understand together how to better use it for promoting open data!</p> Thomas Planques Slideshare presentation of Hellink Beta version of the game (French language only) Submit feedback 14:00 00:25 AW1.126 ogd_tablexia Cognitive Training for Children with Dyslexia Open Game Development devroom <p>Tablexia is an app for children with dyslexia in secondary schools available for free in Czech, Slovak and German language for iOS and Android. Tablexia aims to support the development of cognitive abilities (e. g. working memory, spatial orientation, phonological discrimination).</p> <p>Tablexia is an educational app for children with dyslexia in secondary schools. The results of dyslexia are problems with reading and writing. It is caused by weakened cognitive abilities such as a working memory, attention, spatial orientation or phonological processing. Tablexia aims to support the development of those abilities, which can help to improve the reading and writing skills. Tablexia is an open source game developed by the CZ.NIC association. It is available on Google Play and App Store for free in Czech, Slovak and German language. The app contains 8 games. Each focuses on one of the cognitive abilities. All the games are connected with a detective theme. Young detective learns how to become an expert in chasing the robbers or remembering the right order of the sounds from a crime scene. A part of the app is also an Encyclopedia, where kids can learn about dyslexia and find useful tips how to overcome the troubles by reading and writing.</p> Andrea Šíchová Project Page Google Play App Store Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 AW1.126 hero_coli Open Source, Open Data, Open Science Open Game Development devroom Raphael Goujet Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 AW1.126 ogd_snap Interactive visual programming Open Game Development devroom <p>"Snap is Scheme disguised as Scratch"</p> <p>Snap is the programming language used in UC Berkeley’s introductory CS course named “The Beauty and Joy of Computing” (BJC). As part of the BJC curriculum, Snap is currently being disseminated nationwide across the U.S. to support the new AP CS-Principles course created by the College Board. The NSF has awarded longstanding grants to bring Snap and BJC to every high school in New York City, the largest school district in the U.S.</p> <p>Snap is Scheme disguised as Scratch, a free and open web browser based visual programming language aiming to support a technically rigorous introductory CS curriculum at the college and high school level. Snap has been translated into 39 languages and is used around the world, both as a teaching environment and in research projects.</p> <p>Snap borrows from Scratch its graphical LEGO blocks grammar and its 2D cartoon themed microworld around a stage with sprite actors, costumes, events, and parallelism, combining it with Scheme’s dynamically typed and lexically scoped variables, first-class lists, lambda (closures), first-class continuations and proper tail recursion, encouraging programmers to create their own control structures (loops, catch/throw, higher-order functions such as map/filter/reduce) tail recursively without having to worry about stack overflows. Snap supports nested sprites and lets programmers turn arbitrary JavaScript code into graphical blocks. Its “codification” mechanism can transcompile graphical scripts into arbitrary textual code, offering a two-way transition between blocks and text.</p> <p>Snap is implemented in JavaScript using HTML5 APIs. It has been renamed from BYOB to Snap since version 4.0. Snap’s development has been supported by two NSF grants.</p> Jens Mönig Bernat Romagosa http://snap.berkeley.edu Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 AW1.126 ogd_polymorph A libre game engine based on Ogre3D and Puredata Open Game Development devroom <p>Polymorph, a libre videogame platform.</p> <p>We produce art installation and video games using a tailor-made libre game engine based on Ogre3D (visuals) and Puredata (sounds).</p> <p>Polymorph has been started in July 2016.</p> <p>The first projects we are working is Tuning Game, in collaboration with Contredanse asbl, and PEEL, a 3d puzzle game.</p> <p>It is open to visual artists, designers, academics, musicians, developers et enthusiasts focused on experimental video games, programming and interactive applications.</p> <p>It is a place dedicated to exploration of video game medium, aesthetically, theorically, artistically and technically.</p> <p>We are also careful about the influence of the tools on the work we do. Therefore, we choosed to work with a libre software suite, including blender, gimp and inkscape for content creation and Ogre3D, Puredata, Bullet and other libraries for the game engine. Other libre engines are welcomed.</p> <p>We are providing the game engine as a complete package, ready to install with installation procedure and examples.</p> Zajéga François polymorph website polymorph on bitbucket Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 AW1.126 ogd_monogame Creating a game with Monogame and other open source software Open Game Development devroom <p>Goal Rush is a fast paced arcade game where two-robots team will face each other to score the maximum of goals during short matchs.</p> Garry Williams Monogame Gameplay video Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 AW1.126 ogd_escoria "Oh, it looks just like SCUMM!" -- Tim Schafer Open Game Development devroom <p>The Godot community has released a full-featured point'n'click adventure game framework based on Godot Engine. It is fully open source (MIT licensed) and comes with a great open source manual and demo game written by Ariel Manzur, the Escoria creator, and the FLOSS Manuals FR community. This presentation aims at showcasing Escoria, its features and the basics of using it, to give attendants a good starting point for creating their own point'n'click games.</p> <p>Back when they kickstarted their Godot Engine-powered point'n'click adventure game <a href="http://store.steampowered.com/app/330420/">The Interactive Adventures of Dog Mendonça and Pizzaboy</a>, its developers had promised that they would release the framework they developed under a free and open source license. This finally happened in October 2016, after some important refactoring to make it suitable for any kind of point'n'click game. At the same time, a great open source manual and demo game (see links) were released, written by Ariel Manzur, the Escoria creator, and the FLOSS Manuals FR community.</p> <p>The free and open source world has therefore an advanced point'n'click framework at the ready with both source code, demos and documentation, only waiting for game designers and artists to create awesome adventure games (both open source and proprietary, the engine license is not restrictive). To give an idea of the tool's maturity, Tim Schafer of LucasArts and Double Fine Productions said of it, when visiting the developers of The Interactive Adventures of Dog Mendonça and Pizzaboy, that "it looks just like SCUMM!" (the engine used by LucasArts for their classic adventure games). Escoria is based on the 2D and 3D Godot game engine, and can thus leverage many features that are not common in point'n'click adventure games, which allows for the creation of interesting hybrid genres.</p> <p>In this presentation, we will showcase the features of Escoria, how to setup a new project with it and use its scripting language to create classic point'n'click scenes. Basic knowledge of Godot's interface is not mandatory, as we will try to explain also what features are specific to Escoria and which ones are specific to Godot. The presentation will reuse elements of the existing manual and demo in attempt to be as clear as possible, and to allow attendants to continue their discovery of Escoria using resources they are already familiar with.</p> Rémi Verschelde Julian Murgia Source code of Escoria FLOSS Manual about Escoria Escoria in Daïza demo game (source code) The Interactive Adventures of Dog Mendonça and Pizzaboy on Steam Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:40 K.3.201 globalisel LLVM Toolchain devroom <p>The Global Instruction Selection framework has been prototyped for the AArch64 backend for a while and is slowly getting ripe for early adoption by other targets. This talk will try to present an overview of the framework as well as the status of the implementation on targets that have started experimenting with it.</p> Diana Picus Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:45 00:40 K.3.201 ldc_d_optimization Implementation and Benefits LLVM Toolchain devroom <p>Profile-Guided Optimization (PGO) is an optimization technique which uses information about the runtime profile of an application. PGO is an area of active development in LLVM. In this talk I discuss how PGO was implemented in LDC, the LLVM-based D compiler, and which speedup the use of PGO can give.</p> <p>Profile-Guided Optimization (PGO) is an optimization technique which uses information about the runtime profile of an application. The binary of an application is instrumented to collect data like number of times a function is called. This additional information is used to apply advanced optimizations to the application. PGO is an area of active development in LLVM. A recent update of LDC, the LLVM-based D compiler, is able to use PGO. In this talk I discuss which additonal IR code must be generated for PGO and how it was implemented in LDC. I also show the effect of PGO on a test application and the compiler itself.</p> Kai Nacke Information about PGO in LDC Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:40 K.3.201 llvm_16_bit LLVM Toolchain devroom <p>LLVM has a great track record for being able to target a large range of processors, both large 32/64-bit devices and deeply embedded 8/16-bit processors. From most perspectives, from Clang through to code generation, the size of most operations do not make much difference to the ease of implementation. However there are some assumptions that are baked deeply into the compiler; one of which is the memory access width, more specifically that it is addressible in 8-bit words. This however is not always the case, many embedded DSPs can only access memory with 16-bit addressibility, and trying to teach LLVM about this proves to be a challenge.</p> <p>In this talk, we will present our first explorations in this area, and share our thoughts on how we can make LLVM more memory agnostic for all targets with non-8-bit memory.</p> Simon Cook Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:15 00:40 K.3.201 lld LLVM Toolchain devroom Peter Smith Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:40 K.3.201 clang_formal_verification_tool_frontend LLVM Toolchain devroom <p>ESBMC is a SMT-based context-bounded bounded model checker that aims to provide bit-precise verification of both ANSI-C and C++ programs. The presentation will briefly introduce the tool and then show the usage of libtooling as a frontend for the tool, including the problems we had during the development and what we hope for the future.</p> <p>On the first half of the talk, I'll describe the tool and present some examples of its usage, including the verification of concurrent programs.</p> <p>I'll then focus on the tool's new frontend, which generates the AST of the program using clang's libtooling and converts it to an internal format that's used for the verification. This second half of the presentation will be focused on the development of the C frontend and the yet to be C++ frontend, including how we had to adjust to the libtooling API.</p> <p>The aim of the talk is to present the difficulties that we faced when moving away from our frontend to clang, including limitations we found during the development. I'll end the talk with what we hope for the future, as users of clang, which translates to easier access to some of clang's internals (specially the static analyser).</p> Mikhail Gadelha http://http://www.esbmc.org/ http://https://github.com/esbmc/esbmc Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:45 00:40 K.3.201 lnt LLVM Toolchain devroom <p>Last year, at the 2016 LLVM dev room, I presented ideas on how to improve LNT to make performance tracking of LLVM generated code easier. We've implemented most ideas since, and we're happy to see that our ideas work out in practice: quite often, understanding the root cause for a performance regression now takes about 5 to 10 minutes of work, whereas before it typically took us half a day to produce all data that is now recorded automatically.</p> <p>I intend to give a demo of how we use LNT at ARM's LLVM teams. I'll also discuss how LNT is useful for other projects that need to track performance of generated code. LNT is starting to be used by at least also some GCC, java jit and even a Verilog-to-C++ compiler teams.</p> <p>I'll also give the necessary pointers on what you need to get started on LNT for your own projects.</p> <p>You can find a preview of the kind of things I plan to demo at http://blog.llvm.org/2016/06/using-lnt-to-track-performance.html</p> Kristof Beyls Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:40 K.3.201 mutation_testing Leaving the Stone Age LLVM Toolchain devroom <p>For decades developers try to build a bug free software. Numerous techniques and metrics were developed. However, there is still a need in an approach that can both assert program domain and provide some reliable metrics. And such approach exists. It is called Mutation Testing. Here is a brief overview:</p> <p>There is a function and a test for that function. Any semantic change in the function (so called 'mutant') should break the test ('kill mutant'). If that's not the case, then mutant is considered as survived. No mutants should survive ever. If they are, then either the test is bad or the function is not correct.</p> <p>Research in this area exists since 70's. However, this approach is not widely adopted. The computational cost is one of the blockers. Another one, is the way such systems are implemented: most of them do mutations at the AST level, hence they are tightly coupled to the particular languages.</p> <p>We want to present you Mull: our implementation of Mutation Testing system. We use JIT and runtime compilation to speedup the system and make it accessible for everyday usage. Besides that we go down to the IR level, making the system applicable for any LLVM-based language such as C, C++, Rust, Objective-C, and many others.</p> <ul> <li>https://github.com/mull-project/mull</li> </ul> <h3>Abstract</h3> <p>For decades developers try to build a bug free software. Numerous techniques and metrics were developed. However, there is still a need in an approach that can both assert program domain and provide some reliable metrics. And such approach exists. It is called Mutation Testing. Here is a brief overview:</p> <p>There is a function and a test for that function. Any semantic change in the function (so called 'mutant') should break the test ('kill mutant'). If that's not the case, then mutant is considered as survived. No mutants should survive ever. If they are, then either the test is bad or the function is not correct.</p> <p>Research in this area exists since 70's. However, this approach is not widely adopted. The computational cost is one of the blockers. Another one, is the way such systems are implemented: most of them do mutations at the AST level, hence they are tightly coupled to the particular languages.</p> <p>We want to present you Mull*: our implementation of Mutation Testing system. We use JIT and runtime compilation to speedup the system and make it accessible for everyday usage. Besides that we go down to the IR level, making the system applicable for any LLVM-based language such as C, C++, Rust, Objective-C, and many others.</p> <ul> <li>https://github.com/mull-project/mull</li> </ul> <h3>Brief Outline</h3> <ul> <li>General introduction into Mutation Testing</li> <li>Overview of our Mutation Testing system</li> <li>High-level overview of the system design</li> <li>Results and findings from LLVM's test suite</li> <li>Future work</li> <li>Q&amp;A</li> </ul> Alex Denisov Source Code System Overview Tool Report (slightly outdated) Video recording (mp4) Video recording (WebM/VP8) Video recording (Youtube) Submit feedback 15:15 00:40 K.3.201 security_enhanced_llvm LLVM Toolchain devroom <p>Security is an every increasing concern across the computing industry, most recently in the emerging Internet of Things market. The compiler is the one tool that sees just about every piece of code, and is a position to both check for security and improve security. LLVM cannot magically write secure code, but it can help a professional programmer write really good secure code.</p> <p>In this talk we will introduce our joint research program with Bristol University to add such features to LLVM. This project is still in its early stages, but we will present our initial work and discuss our future plans. A particular goal is community feedback on the priorities for this research program.</p> <p>Security is an every increasing concern across the computing industry, most recently in the emerging Internet of Things market. LLVM cannot magically write secure code, but it can help a good programmer write secure code.</p> <p>The Leakage Aware Design Automation project is an EPSRC funded programme running over four years at Bristol University led by Elizabeth Oswald and Dan Page. It is looking at how all aspects of software tooling can improve security of systems, particularly by minimizing information leakage. An important part of this project is extending compiler technology, and the programme includes a postdoctoral post to research this area.</p> <p>Embecosm are the "industrial supporters" of this project. Our role is to take the research ideas and make them work in real compilers - including LLVM. Some of this will be about guiding the programmer - warning of coding styles that are insecure. The other part of the project is providing assistance to the programmer in implementing advanced cryptographic techniques.</p> <p>Many of the areas the compiler can warn about are related to information leakage which can be detected by variation in power usage, program timing or memory access. Where we see control flow, cycle times or memory accesses which depend on critical variables (such as cryptographic keys). Such variables can be marked with a "sensitive" attribute and the compiler warn if they or their aliases are involved in control flow, impact cycle timing or affect memory access.</p> <p>There are a great many techniques that users can adopt to make their code more secure. Some of these are straightforward for the compiler to implement. For example ensuring that critical functions clear their stack frame on return or longjmp.</p> <p>It is not difficult to slice the top off a memory chip and use a scanning electron microscope to read values. A (relatively) easy way to scan for candidate cryptographic keys. Bit-splitting defends against this, but scattering individual bits of critical values throughout memory, combining them on the fly for a calculation and scattering them back out to memory. By hand this is laborious in the extreme, but the compiler can reduce this to a simple "bit-split" attribute on a variable.</p> <p>Other attacks use intense radiation to disrupt a processor or memory. The hope is that a critical variable will be impacted. To fix this, code will often repeat important operations. A standard compiler optimizer will promptly remove such operations, so such code is used unoptimized. But it would be much better to tell the compiler which bits of code to leave in place. Or even better to identify code at danger and let the compiler insert the duplicate operations automatically.</p> <p>There are many other techniques which we hope to explore in this project, including - atomicity - balancing control flow paths to minimize information leakdave - shuffling - varying the time at which particular instructions are executed - algorithmic variation - using different algorithms at random to perform operations. - machine learning and superoptimization to minimize information leakage? - automated identification of instruction set extensions to improve cryptographic robustness?</p> <p>Some of these techniques are not new, but none are yet in mainstream compilers. We plan to add these features and new ideas which our academic colleagues are researching. The project is still in its early stages and the purpose of this talk is to raise awareness and get community feedback on some of the areas we will be working on, and suggestions for other areas to consider.</p> Jeremy Bennett Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:05 K.3.201 convergent_functions SPMD semantics for GPU programs LLVM Toolchain devroom <p>The <code>convergent</code> function attribute has been in LLVM for some time now to model restrictions e.g. on barrier intrinsics for GPUs. Recently, we've become aware of some additional restrictions that are required for the arguments of certain intrinsics in GPU code. The use of the <code>convergent</code> attribute on function parameters has been proposed for this purpose.</p> Nicolai Hähnle Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:10 00:05 K.3.201 llvm_at_red_hat How and where is LLVM used in the Red Hat ecosystem LLVM Toolchain devroom Dodji Seketeli Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:45 00:10 K.3.401 om_intro Open Media devroom <p>Presentation of the talks of the schedule of this year.</p> Christophe Massiot Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:25 K.3.401 om_celebrating What's been done, what's next? Open Media devroom <p>After 10 years, and hundreds of thousands of deployments in over 120 countries, Kaltura is growing strong both in capabilities, stability and users. Enabling developers to build video experiences and media workflows, and to integrate rich video experiences into existing applications, business workflows and environments. Kaltura eliminates all complexities involved in handling video at scale: ingestion, transcoding, metadata, playback, distribution, analytics, accessibility, monetization, security, search, interactivity and more. This session will provide a Community and Software 10 year summary of Kaltura, and an outlook to the roadmap of what's to come. Join me on this 10th year celebration of the open source video platform, review the contributions and people behind it, and discuss the exciting developments ahead. If you're building video workflows at scale from internal video portals through surveillance applications - this session will expose you to the swiss army knife of video applications. The only end-to-end open source platform used by hundreds of thousands of organizations globally.</p> Zohar Babin Kaltura Platform Repository Kaltura Install Packages Kaltura Community Videos Portal Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:25 K.3.401 om_kaltura Open Media devroom <p>The session will walk attendees through configuring <a href="http://nginx.org">Nginx</a> with the <a href="https://github.com/arut/nginx-rtmp-module">RTMP module</a> and the <a href="https://github.com/kaltura/mwembed">Kaltura HTML5 player</a> to achieve a fully functional, end to end, FOSS, live streaming solution.</p> <p>During the session, we will review the various components needed for the solution and conclude with a demo consisting of streaming to <a href="http://nginx.org">Nginx</a> over RTMP using <a href="http://ffmpeg.org">FFmpeg</a> and playing the stream using the <a href="https://github.com/kaltura/mwembed">Kaltura HTML5 player</a>.</p> Jess Portnoy Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:25 K.3.401 om_ttml Status Quo and Outlook Open Media devroom <p>Since the talk "Open source tools for new subtitle standards" at Fosdem 2015 important subtitle standards like the Timed Text Markup Language have got more attraction because of adoption in open source projects.This includes reference material, DASH packager, video players, live subtitle frameworks or reference renderer. The talk will give an overview what is available, the maturity of implementations and how you can make use of them in your media workflow.</p> Andreas Tai imscJS ebu-tt-live-toolkit Timed Text Toolkit (ttt) Subtitle Conversion Framework (SCF) IRT EBU-TT-D Application Samples TTML Profiles for Internet Media Subtitles and Captions 1.0 (IMSC1) TTML 1 EBU-TT Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:25 K.3.401 om_transcoding Ffmpeg, PHP, NodeJS, Jquery Open Media devroom <p>The speaker will explain how to create a transcoding workflow that can compare with professional solutions.</p> Emmanuel Aldeguer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:25 K.3.401 om_gstreamer The last 2 years and the future Open Media devroom <p>This talk will give an overview over the last 2 years of the GStreamer project and gives an outlook into the future. It is targeted at both application developers and anyone interested in multimedia on the Linux desktop and elsewhere.</p> <p>GStreamer is a highly versatile plugin-based multimedia framework that caters to a whole range of multimedia needs, whether desktop applications, streaming servers or multimedia middleware; embedded systems, desktops, or server farms. It is also cross-platform and works on Linux, *BSD, Solaris, macOS, Windows, iOS and Android.</p> <p>Since the last GStreamer status updated at FOSDEM in 2014, there were 4 new major releases of GStreamer, packed with lots of new features and other improvements for everybody, making the life of application developers, GStreamer plugin developers and also end-users easier and hopefully better.</p> <p>Join us to find out more and why you should care!</p> Sebastian Dröge (slomo) GStreamer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:25 K.3.401 om_gpac Open Media devroom <p>This talk will focus on the creation, delivery and playback of tiled video content. It explores state of the art of research, standardization activities, and open-source software at the GPAC team.</p> Ahmed JELIJLI Ahmed Rida SEKKAT GPAC SRD blog article HEVC Tile-based adaptation guide Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:25 K.3.401 om_upipe Open Media devroom <p>Upipe is a flexible dataflow framework with multiple structural innovations which have been discussed in previous FOSDEM talks. In this talk, the speaker will give an overview of the available modules, with real-life use cases from television broadcast professionals.</p> Christophe Massiot Upipe main website Major Upipe application Major Upipe application Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:25 K.3.401 om_mediainfo How we check media files Open Media devroom <p>In this talk, MediaArea founder and technical lead Jérôme Martinez provides a global view of the different tools we use (or facilitate use of) for media analysis. We will cover the following: Metadata extraction and review with <strong>Mediainfo</strong>; file format validation and local policy conformance checking with <strong>MediaConch</strong>; embedding and editing of audio metadata with <strong>BWF MetaEdit</strong>; and audiovisual quality control tool developed for analysis of digitized analog video files with <strong>QCTools</strong>, with support from <strong>FFmpeg</strong>. MediaArea is an open source software company focused on digital media analysis. We develop and support tools that aid developers in integrating digital media file investigation into their work.</p> Jérôme Martinez MediaInfo MediaConch BWF MetaEdit QCTools MediaTrace Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:25 K.3.401 om_kaitai Open Media devroom <p>Media file formats grow progressively more and more complex every year and supporting them all requires tremendous effort of all the FOSS developers. It's a problem that concerns not only low-level library developers, but higher level software as well: for example, audio sequencer or video editor developer will still need solid understanding of underlying media file format structure to be able to debug any problems with it (like non-standard chunks inserted by some properitary software). We'd want to present Kaitai Struct, a new free/open source solution for file format dissecting, visualization and parsing. It is "write one - run everywhere" solution, where one needs to specify declarative file format spec once, and then compile it into ready-made parsing library in a large variety of supported target languages. And our visualization tools make Kaitai Struct work like "Wireshark for media files".</p> <p>Kaitai Struct started as an in-house tool in 2014 and was initially released as open-source project to public at March-April, 2016, supporting only 2 target languages: Java and Ruby. Since then, we've collected 400+ stars a GitHub, hundreds of praising testimonials, got about a dozen of contributors, implemented support for 8 languages, got a handful of useful tools, like console visualizer, GUI visualizer, <a href="https://kt.pe/kaitai_struct_webide/">Web IDE</a>, etc.</p> <p>Kaitai Struct is frequently compared to proprietary template-enabled hex editors (like 010 Editor, Synalize It! or Hexinator), but goes one step forward: it's not only about highlighting entities in hex dump, but also it can automatically generate working API from spec, which accelerates work of file formats considerably and greatly reduces human factor errors when developing parsers by hand. One's guaranteed to get exactly the same parsing result both in visualizer and using the compiled API. And, what's important, it's free and open source.</p> <p>Some other comparable projects include BinPAC (but it's C++ only), Preon (which is Java-only), PADS (which targets only C &amp; Haskell), and Construct (Python only). In comparison, Kaitai Struct offers cross-language support, and includes visualization tools.</p> <p>For media file dissection, we have a growing collection of well-known media file formats (including MP4 / QuickTime .mov, AVI, GIF, JPEG, PNG, TIFF, etc), and other interesting file formats (like executables, byte-code, network protocols, etc, etc). We hope that open media software developers would find Kaitai Struct to be a helpful ally in their arsenal of tools to deal with the diverse world of modern file formats.</p> Mikhail Yakshin (GreyCat) Kaitai Struct homepage main GitHub project online compiler (pure client-side, in JavaScript) web IDE and visualizer for Kaitai Struct Kaitai Struct user guide Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:25 K.3.401 om_av1 Progress, expected features and encoding gains Open Media devroom <p>For a long time the multimedia world has had to pay attention to whom the intellectual property of a codec or tool belonged to such that they could pay royalties for each and every device or program using it. In 2012 the standardization of Opus changed that for audio through the combined effort of several individuals who were part of the free software community and large companies bringing together their research and patents and offering it for free use by everyone. By avoiding existing patents, interesting new techniques for efficient audio compression were invented. Now, in the effort to make a royalty free video codec in the same spirit as Opus, even more companies have joined into the "Alliance for Open Media" organization, with its first codec titled "AV1". Starting from the codebase of Google's VP9 codec, AV1 has currently over 45 experimental coding tools contributed by its member companies with the hopes that many will make it into the final version of the codec. This talk will serve as an update to the overall progress of the codec as well as to briefly explain the principles of operation of several coding tools expected to make it into the final version.</p> Rostislav Pehlivanov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:25 K.3.401 om_fuzzing Keeping media processing secure and stable Open Media devroom <p>The talk gives an overview of fuzzing of media formats based on our experience in Google Chrome. Besides those tips and tricks, we will also share how Open Media developers may join a recently announced OSS-Fuzz project to use a powerful (thousands of CPU cores) and automated fuzzing infrastructure for free.</p> <p>In this talk, we will be speaking about guided in-process approach to fuzzing of Media-processing projects. We will explain advantages of continuous fuzzing using libFuzzer fuzzing engine, different memory tools such as AddressSanitizer and others fuzzing engines as well.</p> <p>Media processing is always a complex thing. An appropriate and fine-tuned fuzz testing is a great way to uncover lots of security and stability issues. Just remember <a href="https://en.wikipedia.org/wiki/Stagefright_%28bug%29">Stagefright</a> or <a href="https://security.googleblog.com/2014/01/ffmpeg-and-thousand-fixes.html">FFmpeg and a thousand fixes</a>, for example.</p> <p>At the end of the talk, we will share success stories of libFuzzer application for fuzzing of Media processing in Chromium browser and other projects.</p> <p>Also we will present OSS-Fuzz project aimed to help Open Source Software to have continuous fuzzing at scale.</p> <p>The talk is meant for C/C++ developers and test engineers working on Media-processing projects. After the talk, attendees will be able to write libFuzzer-based fuzzers, will know how to analyze performance of their fuzzers, how to improve them, and, finally, will be able to increase test coverage of their projects by adding of continuous fuzz testing.</p> Max Moroz Guided in-process fuzzing of Chrome components OSS-Fuzz project announcement libFuzzer workshop Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:25 K.3.401 om_aes67 Open Media Standard for Pro-Audio Networks Open Media devroom <p>Note: here AES refers to the Audio Engineering Society, not the Advanced Encryption Standard. The growing field of pro-audio networking has recently seen demand for movement away from proprietary technologies towards open standards. One of the most significant resulting standards is AES67 which covers high quality audio transport over IP networks. This talk covers the motivations driving the standardization efforts and the basic details of the standard itself.</p> <p>Over the past decade, the use of IP networks for pro-audio has seen significant growth. These networks transport high quality uncompressed audio at low latency and they have been adopted in situations ranging from studios to churches to TV broadcasts. While this field has been dominated by proprietary technologies such as Dante and Ravenna, there is now a growing interest in moving to open standards driven by a need for compatibility and interoperability. This talk covers one of the standards resulting from this effort: AES67 for audio transport.</p> Conrad Bebbington Media Networking Alliance (AES67) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:25 K.3.401 om_aes70 Open Control Standard for Pro-Audio Networks Open Media devroom <p>Note: here AES refers to the Audio Engineering Society, not the Advanced Encryption Standard. The growing field of pro-audio networking has recently seen demand for movement away from proprietary technologies towards open standards. AES70 has emerged as a means to control audio devices over the network. This talk covers the motivations driving the standardization efforts and the basic details of the standard itself.</p> <p>Over the past decade, the use of IP networks for pro-audio has seen significant growth. These networks incorporate many types of audio devices, from input amplifiers to full mixing desks. Recently, there has been interest in moving to an open standard to control these devices. This has resulted in the AES70 standard which addresses device control with a focus on audio specific controls.</p> Conrad Bebbington OCA Alliance (AES70) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:25 K.3.401 om_wrapup What's next? Open Media devroom <p>The Open Media devroom addresses the topics as found in broadcast (radio/TV) and Web media technologies such as video/audio encoding, playout, streaming, broadcasting, metadata. Information of related activities to this topic. This session is a discussion with attendees on ideas for future events.</p> Christophe Massiot Kieran Kunhya Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:05 K.4.201 welcome Perl devroom <p>Very happy to see you again!</p> Claudio Ramirez Wendy G.A. van Dijk Submit feedback 09:05 00:20 K.4.201 schema Database Documentation Through Introspection Perl devroom <p>Schema (http://schema.seyman.fr/bugzilla) is a web application that generates HTML documentation for the database schema of any version of Bugzilla, a web-based general-purpose bugtracker and testing tool. It leverages a number of well-known Perl modules (DBIC, Plack, Template, Dancer, ...) to do its job. Long-term goals are making Schema generic enough to cover the database schema of any application (not just Bugzilla) and show schema changes between any two versions.</p> Emmanuel Seyman Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:25 00:40 K.4.201 containers_in_pure_perl Perl devroom <p>This will be a practical talk showing you how you can containerize/sandbox your applications without resorting to either LXC or Docker. You will learn how to use the combination of chroot, Linux::Unshare and Linux::Prctl to create simple yet powerful isolation for your applications. Finally you will also see how to enter in LXC/Docker containers without resorting to external applications. The main goal is to show you the steps you have to follow in order to make sure you build a good isolation.</p> Marian HackMan Marinov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:05 00:40 K.4.201 perl6_first_lang Perl devroom <p>So far most presentations of Perl 6 I have seen are addressed to people that already know Perl and that are pretty advanced programmers. I want to learn Perl 6 myself, and I also want to create material that can be used to raise passion for the language when it's used as a first(ish) language. So I have convinced my daughters to create a study group where I will prepare materials and follow a project-based and design-thinking approach to learn Perl 6. My intention is also to find the way towards a more gender-balanced, inclusive community and test new ways of learning computer programs by eating my own dog food (as presented in other conferences).</p> <p>During the talk, which will be a dialogue, and maybe staged as a play, we will present our experience, what we have learned from it, what we haven't learned from it (hope Perl 6 is not in this category) and how others might benefit from it. I am uploading the material to http://github.com/JJ/perl6em, where you can see it's still a work in progress.</p> The Merelo Family Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:45 00:40 K.4.201 tau_station Perl devroom <p>In creating Tau Station, we're trying to do more than just create a text MMORPG in Perl. We're trying to create an online universe you can live in, complete with jobs, education, a social network, and, of course, galactic exploration. This talk will cover some of the fun things we've built to make this happen.</p> Curtis 'Ovid' Poe Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:25 00:20 K.4.201 docker_for_perl A Ridiculously Short Introduction Perl devroom <ul> <li>"What problem does Docker solve for Perl 5/6?"</li> <li>"What? There is a problem?"</li> </ul> Claudio Ramirez Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:45 00:40 K.4.201 informal_dsl Perl devroom <p>The phrase ""Domain Specific Language"" can be used to describe a set of syntactic constructs which either form an independent language, or are part of a more general language. Informal DSLs arise from particular communities, evolve over time and often lack formal specifications. Examples include: templating languages, micro web frameworks, and various wiki markup languages. Perl 6 provides a number of mechanisms for parsing and interpreting such informal DSLs, including custom operators, grammars, and slangs. In this talk, we examine these mechanisms and demonstrate how they can be applied to specific DSLs.</p> Brian Duggan Video recording (mp4) Video recording (WebM/VP8) Slides Submit feedback 12:25 00:40 K.4.201 ntheory Perl devroom <p>Number theory is the basis for much of modern cryptography, but it is also provides many interesting small problems for programmers to solve. From one of the oldest algorithms to some new ones, we'll look at some ways to implement them in Perl 6 and how the language helps makes this easier for us. Some of the topics covered will be primality, prime generation, factoring, and RSA.</p> Dana Jacobsen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:05 00:20 K.4.201 image Perl devroom <p>Beginning of this century, because of perceived stagnation in development, and flamewars, and obfuscated Perl, and the rise of other programming languages, and other reasons, the attitude towards Perl became negative. We noticed and cared, so we stopped the flamewars and the obfuscated code, we organised more and better conferences, workshops and hackathons, we made sure we are more friendly and helpful to newbies (and oldies), and in general we become more visible. Things changed so much, we nowadays even get compliments at open source conferences! I will talk about our booths and devroom at FOSDEM, and our Perl-presence at other open source conferences, and our own Perl-swag.</p> Wendy G.A. van Dijk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:25 00:40 K.4.201 parsing_perl6 Parsing Perl 6 *in* Perl 6 Perl devroom <p>Witness the life cycle of a single Perl 6 module from creation to adulthood, learning some tips and tricks on the way as we dodge some bullets and fall headlong into cleverly-concealed traps. We'll talk about Perl 6 coding style, code layout, and some of the compromises you have to make during development.</p> Jeffrey Goff Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:05 00:40 K.4.201 damnit_stevan Perl devroom <p>Perl has been described in many ways; a Shinto Shrine, executable line noise, a Swiss Army Chainsaw, the Duct Tape of the Internet, etc. But I think Perl is more like a old pop star, always reinventing itself to stay relevant, never truly leaving our consciousness, always just a melody away. What is the state of Perl today? Will Perl 6 be the big comeback? Will 2017 be the year we make Perl great again?</p> Stevan Little Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:45 00:40 K.4.201 webdev_perl6 Perl devroom <p>Long before Perl 6 was declared stable, people have started exploring web related technologies. They have started to write libraries and frameworks. This talk gives an overview of what's there, what's missing and how to bridge the holes.</p> Stefan Seifert (nine) Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:25 00:40 K.4.201 faaaaster Perl devroom <p>I will discuss some of the types of optimisations that I performed on the Rakudo Perl 6 Core to make Rakudo Perl 6 about 3x faster in 2016 for many applications. How some optimisations became less necessary because of optimisations in MoarVM and/or nqp, but still made sense to do in the end. How a lot of optimisations were just about cutting out unnecessary intermediate steps that would make sense in any programming language. And how readability and elegance of the code suffered. No C code was involved, so basic Perl skills should be enough to follow this presentation.</p> Liz Mattijsen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:05 00:40 K.4.201 perl5_future Perl devroom <p>Perl 5 is doing well in its latest stable version: 5.24. It will soon see it's newest version: 5.26. So why is 5.24 exciting, why will 5.26 be even more exciting, and what can we expect of future versions of Perl 5?</p> Sawyer X Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:45 00:15 K.4.201 announce_and_talk_fast Perl devroom <p>Announce and talk fast!</p> Claudio Ramirez Wendy G.A. van Dijk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:05 K.4.401 desktops_welcome_2017 Desktops devroom Christophe Fergeau Pau Garcia Quiles (pgquiles) Philippe Caseiro Submit feedback 09:35 00:20 K.4.401 desktops_kde_slimbook_q_a Desktops devroom <p>Presenting the KDE SlimBook laptop and answering any questions the audience may have.</p> <p>Please note this talk replaces "Assumptions made when porting to a modern display server" by Brandon Schaefer, who got sick with the flu.</p> Harald Sitter Aleix Pol Gonzalez (apol) KDE Slimbook KDE Slimbook Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:10 00:30 K.4.401 desktops_bundling_kde Where does KDE land in the Snap and Flatpak world? Desktops devroom <p>How we are integrating the Snap and Flatpak packaging systems into Plasma and what steps we've had to take to get KDE applications packaged and working on Flatpak and Snap.</p> <p>KDE is present on different platforms, but most notably on GNU/Linux and it's here where we're seeing recently the most changes lately. In this presentation I'll explain how we are integrating the Snap and Flatpak packaging systems into Plasma and then what steps we've had to take to get KDE applications packaged and working on Flatpak and Snap.</p> Aleix Pol Gonzalez (apol) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:45 00:30 K.4.401 desktops_retro_desktops_for_retro_commputers From 8-bit to Atari, Amiga & friends Desktops devroom <p>Got an 8 or 16-bit antiquity in your cupboard? You can find a Free Software desktop for it! From Contiki to MiNT, AROS and others, there's one for every machine.</p> <p>C64, Apple II... those old machines gathering dust can run Free Software. The Contiki Operating System even provides a multitasking desktop and a web browser.</p> <p>Likewise, the Atari and Amiga 16-bit machines all have FLOSS OSes and desktops you can try (or "almost" like RiscOS (non-commercial license)), and FLOSS applications like the NetSurf web browser to run on them.</p> François Revol The Contiki Operating System Retro resources about Contiki SpareMiNT, an RPM-based MiNT distribution AROS Research Operating System NetSurf browser Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:20 00:30 K.4.401 desktops_haiku_desktop_still_learn_from No, you didn't steal all our ideas yet ;-) Desktops devroom <p>Haiku, a free software OS, includes its own desktop, largely inspired by the BeOS. While it has a quite classic look, it still has some unique features.</p> <p>Despite being 15 years old, Haiku still has some nice things to show off and inspire others.</p> <p>From x-ray navigation to multithreaded-by-default applications, Haiku is meant to be responsive even on older machines.</p> <p>We will also discuss how Haiku can relate to XDG standards, considering it doesn't use X11, is not a Unix clone, and also has its share of legacy.</p> François Revol Haiku homepage Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:55 00:30 K.4.401 desktops_zorin_desktop The Past, Present and Future of Zorin OS and a Vision for the Linux Desktop Desktops devroom <p>This talk will highlight the lessons learned from creating Zorin OS and the Zorin Desktop environment, how various optimisations have made our Linux desktop even more approachable and how the wider community can work together to spread the power of Linux to new classes of users around the world.</p> <p>Over the past 25 years Linux has slowly dominated nearly every class of device – from the ubiquitous smartphone to the servers that run the world. However, the desktop computer has remained the elusive form factor for Linux.</p> <p>The Linux desktop has matured over the years to be more user-friendly, but it has yet to fully cross the threshold to become a true mainstream platform. Is this because we need to work more on the technology, or is it that we need to ask ourselves different questions about the goals behind our FLOSS desktop projects?</p> Artyom Zorin Zorin OS Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:40 K.4.401 desktops_corporate_webdesk Building the next corporate applications Desktops devroom <p>Learn how to create a Corporate Web Desktop combining HTML, .NET, OAUTH2 and Container technologies</p> <p>Join us to discover how we combined HTML, .NET, OAUTH2 and Containers technologies to create a Corporate Web Desktop, composed by several applications that can interact as one, big, mainframe system.</p> <p>In this talk the attendees will discover: 1. How we evolved from Server-side rendering (ASP.NET...) to Client-side rendering, with Angular 1.X and Bootstrap, leveraging current skills. (And how our developers loved the change) 2. How we leveraged existing .NET knowledge to create simple REST Services that runs in Windows, Linux and Mac, thanks to Microsoft's Open Source effort with .NET Core and Docker support. 3. How easy Identity Server project (http://identityserver.github.io/) can handle the most common authentication and authorization relaying on OAUTH2. 4. How you can combine those four technologies to create a Corporate Web Desktop, with centralised access and login, dashboard/widgets and much more.</p> Sergio Sisternes Identity Server Project ASP.NET Core Project AngularJS Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:15 00:40 K.4.401 desktops_free_and_open_source_in_european_public_administrations HOWTO open source in public administration Desktops devroom <p>This talk gives an overview of how public administrations in the European Union are embracing free and open source software solutions</p> <p>The presentation will present high-level actions that can be taken by public administrations and stakeholders to increase their uptake of free and open source software.</p> <p>The talk outlines the major results of the European Commission's Open Source Observatory and Repository (OSOR.eu) project. The OSOR project aggregates news and studies on European public administrations that jointly develop, share and re-use such software solutions.</p> Gijs Hillenius Presentation OSOR Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 K.4.401 desktops_classic_applications_in_confined_ecosystem Using libertine to run deb-packaged, X11 applications in an all-snaps Ubuntu Desktops devroom <p>Libertine is an application suite for installing and running classic applications in a confined environment. Using libertine allows us to use everyday applications which have not been ported over to a new packaging format or don't work natively with a new display server. Libertine has allowed us to take advantage of classic apps such as Firefox and LibreOffice in Ubuntu Touch, a version of Ubuntu for devices based on click packaging and Mir/Unity8. Ubuntu developers have recently unveiled snappy, a new kind of packaging system which keeps an application confined to a readonly filesystem with all of its dependencies managed internally. Since migrating applications to snaps is a manual process, we've been working on a libertine snap to give us the ability to use non-snap applications in an all-snaps Ubuntu.</p> <p>This lecture will start with an overview of why libertine is a necessary component for managing and launching deb-based applications on both a classic Mir/Unity8 system and a completely confined all-snaps Ubuntu. Then there will be a review of how libertine works in general through container management and application launching. Finally, these topics will come together with an explanation of the infrastructure required for libertine to operate in an all-snaps environment. There will be light code and tooling examples throughout, as well as a live demonstration of deb-based X applications running in a snap environment.</p> Larry Price (larryprice) Canned recording of the presentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:35 00:30 K.4.401 desktops_from_gtk_to_qt_subsurface_mobile The continuation of the original talk from Dirk Hohndel and Linus Torvalds about the port of Subsurface from Gtk to Qt, now with mobile in mind. Desktops devroom <p>As subsurface evolved from a Gtk Application to a Qt one, cutting a quarter of the codebase while still gaining new functionalities, a new development proposal was done: "How do we get this desktop based application and run it on mobile, on a unified codebase?"</p> <p>How do we get a kernel developer application writed in kernel-style code for the desktop and make it universal, running in any operating system, mobile and desktop?</p> <p>On this talk I'll present you piece-by-piece history on what we had when Subsurface started, the chalenges that kernel hackers faced when creating a desktop application and why the choice was made to port away from Gtk into Qt - even tougth the main developer of subsurface back then loathed C++.</p> <p>After the initial port to Desktop a new era began, the era of Mobile Applications, and Qt had launched it's new Qml language that promissed good integration on mobile and even desktop with minimal effort. We wanted to give it a try. At the same time the KDE hackers launched a new idea "Kirigami", a library build on Qml to simplify development of Qml based software, and since we where already on the bleeding edge of things, why not give it a try?</p> <p>This is the tale of Subsurface, From Gtk to Qt to Mobile, from one of it's main hackers.</p> Tomaz Canabrava Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:10 00:30 K.4.401 desktops_electron_solving_cross_platform Solving our cross-platform dreams? Desktops devroom <p>Electron is a framework for building desktop applications using HTML5 technologies. It has enjoyed massive success with developers looking to create cross-platform applications. Can it deliver?</p> <p>In this presentation I will look at the ever-present desire to create cross-platform applications with the same code base. I will look at frameworks that have come before and then look at Electron and how it allows you to create applications for Windows, Mac and Linux with HTML5 technologies.</p> <p>How do you use it, how well does it work and what can you do with it? Let's investigate.</p> Chris Ward Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:45 00:30 K.4.401 desktops_open_source_behind_web_request explaining a web request through open source software Desktops devroom <p>In this talk, we will go through an end-to-end web request. Based on an open source web application deployed in a hosting company, we will analyze many open source software that composes a web request.</p> <p>Using Chromium as the user browser, we will understand what it does when a URL is typed and how it resolves the domain. DNS and UDP protocols will be explained in order to get the server IP. The IP received from DNS will be used to create a TCP connection to the server and we will understand how the three-way handshake works for that matter. Instead of using only the HTTP protocol, this connection will use HTTPS and we will analyze the TLS handshake as well.</p> <p>From the user local network to the hosting server, there are many routes to follow and we will analyze some of them. Getting to the server we will understand how the web server receives the request and forward to the web application. Web application talks to the web framework and your application that creates the HTML response. Everything will be assembled and return to the web browser that will process and render everything.</p> <p>Throughout the entire process, we will point to open source code whenever possible.</p> <h2>Audience</h2> <p>Everyone that knows a little bit about internet and has done some development for the it</p> Willian Molinari (PotHix) Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:20 00:30 K.4.401 desktops_kube_next_generation_communication_collaboration_client The next generation communication and collaboration client Desktops devroom <p>Kube is beautiful, modern communication in a reliable, high-performance native groupware application for your desktop, laptop and mobile devices</p> <p>Kube is a next-gen communication and collaboration client built with QtQuick on top of a high performance, low resource usage core. It provides online and offline access to all your mail, contacts, calendars, notes, todo's and more.</p> <p>With a strong focus on usability, the team works with designers and UX experts from the ground up, to build a product that is not only visually appealing but also a joy to use.</p> <p>While the initial focus is on Linux, the desktop and email, the platform is built to run on all desktop systems as well as on mobile devices. It will eventually evolve into a full collaboration client including contacts, calendars, notes, todos, instant messaging etc.</p> <p>This talk is giving an overview of what Kube is and strives to be, along with some history why this effort has been started in the first place.</p> <p>The talk will go into some technical detail, but is suitable for anyone interested in an alternative to the currently existing groupware clients.</p> Christian Mollekopf Kube Website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:45 K.4.601 luartcserviceskamailio Build scalable VoIP services with Lua Lua devroom <p>Kamailio is an open source SIP (RFC3261) server that can be used for building real time communications systems for IP telephony, instant messaging or presence. Seeral years ago it introduced a Lua embedded interpreter to allow more flexibility in routing calls. Recently, it was extended to allow entire RTC routing logic to be written in Lua. This talk focuses on showing the insights of implementing the LUA RTC API in Kamailio, tips and tricks discovered to make it as fast as the native pre-compiled routing language, and the benefits it bring to enhance RTC systems and integrate with third party services, such as social networking platforms (e.g., sending a Twitter DM on a missed call).</p> <p>Real time communications has evolved at a fast pace in the last decade. From what it used to be direct voice calls or testing via classic or mobile telephony, nowadays everyone connects through a multitude of channels, dedicated messaging systems or other social media channels. Kamailio is an open source SIP server developed since 2001, with an initial focus on scalability for IP telephony services. To allow more flexibility and easier integration with other RTC services, an embedded LUA interpreter was added to it and with a recent development, the entire SIP routing logic can be written in Lua. The presentation will reveal insights of implementing the LUA RTC API in Kamailio, tips and tricks discovered to make it as fast as the native pre-compiled routing language, and the benefits it bring to enhance RTC systems and integrate with third party services, such as social networking platforms (e.g., sending a Twitter DM on a missed call).</p> Daniel-Constantin Mierla Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:45 00:45 K.4.601 smalllanguagepanel GNU Guile devroom <p>Small languages update and discussion</p> Christopher Webber Ludovic Courtès Etiene Dalcol Justin Cormack Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 K.4.601 guixintroduction GNU Guile devroom <p>This talk introduces the functional package manager GNU Guix and the underlying concept of functional package management to a general audience.</p> Ricardo Wurmus Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:30 K.4.601 guileappuserinterface GNU Guile devroom <p>The guile implementation of scheme provides a Turing complete language enabling any computable problem to be solved. In the community however there is a perception that scheme is not suited to user interface applications. This talk discusses why that perception exists, and aims to counter it by presenting an example of graphical user interface application using guile-ncurses which may be used to configure and install the GuixSD operating system on a bare computer.</p> <p>The structure of the program will be briefly presented, how it uses the guile-ncurses library and issues which were encountered during its development</p> John Darrington http://gnu.org/s/guile-ncurses http://gnu.org/s/guile http://gnu.org/s/guix Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:30 K.4.601 guilerepl Or how I stopped worrying and learned to love the REPL GNU Guile devroom <p>A more informal talk about how to use Emacs &amp; Geiser, or the commandline REPL to hack on Guile projects. We cover enabling readline for the REPL, we mention the colorized REPL project by Nala Ginrut, and then a good setup with Emacs. After this I want to open up the platform to get people to suggest some of their favourite REPL based workflows.</p> Alex Sassmannshausen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:45 K.4.601 composingsystemservicesinguixsd or how we came to wonder what a "system service" really is GNU Guile devroom <p>What's a "system service"? How do we model that in GuixSD?</p> <p>In most people’s mind, system services are a bunch of daemons that simply need to be started at boot time, or whenever they are actually needed. Possibly services form a dependency graph, and possibly they are actions other than spawning a daemon, such as mounting a file system.</p> <p>As always, the devil is in the detail, and reality is that “system services” on a modern GNU/Linux system—with udev, dbus, polkit, along with more traditional Unix services—include lots of different “activities”, with lots of interactions among them. That naive picture of a graph of services no longer works.</p> <p>This talk is going to tell the story of system services in GuixSD. GuixSD started from the naive visions of a “dependency graph of actions” to evolve into a generic model of service composition. I will describe what makes GuixSD’s service composition model unique, and how it helps users and sysadmins reason about the whole system.</p> Ludovic Courtès GNU Guix & GuixSD Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:30 K.4.601 guixpackages Distributing software with Guix GNU Guile devroom <p>In this talk I will share the great experience we have of packaging, deploying, publishing and distributing software via GNU Guix of a complex web service that has multiple servers under http://genenetwork.org/. I will also discuss the work we are now executing on creating 'channels', reproducible build-systems and non-root installations and moving forward on putting Guix in containers, using work flow engines, so that jobs can run on distributed systems, such as Arvados.</p> Pjotr Prins Pjotr's talk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:15 00:45 K.4.601 networkfreedom GNU Guile devroom <p>Explore Guile's role in advancing network freedom! This talk covers recent advancements in asynchronous tooling in Guile, as well as live demonstrations of Guile used to power federation via the ActivityPub and ActivityStreams standards through Pubstrate.</p> <p>Much has happened over the last year in terms of advancing network freedom both within and external to Guile. We'll see a live demonstration of Pubstrate, a federated social networking toolkit as well as reference implementation for <a href="https://www.w3.org/TR/activitypub/">ActivityPub</a> and <a href="https://www.w3.org/TR/activitystreams-core/">ActivityStreams</a>, written in and for GNU Guile.</p> <p>Asynchronous programming has also gotten much more interesting in the last year for Guile hackers, with improvements in Guile core and new libraries such as 8sync, A-Sync, and Fibers. An overview of these systems will be given, as well as suggestions on how you can get hacking towards liberating network users today!</p> Christopher Webber Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 K.4.601 naturalscriptwritingguile The newest step on my path towards the perfect script writing syntax GNU Guile devroom <p><em>I have to cancel my attendance for health reasons. Sorry :(. The organizers are informed: <strong>Christopher Allan Webber will take over</strong> (thank you!).</em></p> <p>Let’s do a play with GNU Guile.</p> <p>import : examples enter-three-witches</p> <pre><code>Scene I : Submitting the proposal Enter : Arne Babenhauserheide The Jury Arne Babenhauserheide :enthusiastically: I want to present the newest step on my path towards the perfect text RPG scripting syntax. The Jury What is special about it? Arne Babenhauserheide It does away with ceremony by following the format used to write for human actors without sacrificing any of the power of writing in a real programming language. The Jury Did you not hint at a prototype of such a system at FOSDEM 2016? Arne Babenhauserheide Yes, and now it works well! </code></pre> Arne Babenhauserheide Wisp syntax in Guile provides the foundation The first sketch of the work presented Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:30 K.4.601 guixsdbootstrap An attempt at dissolving [GuixSD's] bootstrap binaries GNU Guile devroom <p>Mes aims to create an entirely source-based bootstrapping path. The target is to [have GuixSD] bootstrap from a minimal, easily inspectable binary --that should be readable as source-- into something close to R6RS Scheme.</p> <p>We will show the current state of Mes, some interesting things found on the path so far, and Q&amp;A on `Why Scheme?' and its future.</p> Jan Nieuwenhuizen (janneke) Mes at Gitlab Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:30 K.4.601 guixhurd Porting Guix and GuixSD to GNU/Hurd GNU Guile devroom <p>This presentation will be a guided tour of porting Guix and its package collection to a new platform, with the specifics of GNU/Hurd. We will discuss the current status of the project. Next we will raise the problems we faced and how we solved them. Finally we will present the current status and a road map of porting GuixSD, the standalone system distribution on GNU/Hurd.</p> <p>This presentation will be a guided tour of porting Guix and its package collection to a new platform, with the specifics of GNU/Hurd. We will discuss the current status of the project. Next we will raise the problems we faced and how we solved them. Finally we will present the current status and a road map of porting GuixSD, the standalone system distribution on GNU/Hurd.</p> Manolis Ragkousis Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:30 K.4.601 guixworkflowmanagement GNU Guile devroom <p>Combining programs to perform more powerful actions using scripting languages seems a good idea, until portability and parallel execution on computing clusters become the main concerns of the script. GNU Guix used GNU Guile as a domain-specific language to describe software packages. In the same way, the components that make up a workflow description can be expressed using GNU Guile.</p> <p>In this talk I would like to present the work I have done to implement a simple workflow language and a workflow execution engine (both in GNU Guile) to run programs on computing clusters.</p> Roel Janssen Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:30 K.4.601 guilewiredtiger GNU Guile devroom <p>wiredtiger is a NoSQL database engine. Often dubbed key/value store, we will see that indeed it can be used like leveldb, bsddb or GNU dbm as a simple (ordered) hashmap but also as a (performant) framework for data persistence that can replace your favorite SQL queries with Scheme goodness (and pieces of minikanren).</p> Amirouche Boubekki (amz3) Submit feedback 16:30 00:30 K.4.601 futureofguix GNU Guile devroom <p>A discussion on the future of GNU Guix and GuixSD.</p> Christopher Webber Ludovic Courtès Pjotr Prins Ricardo Wurmus Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:45 UA2.114 (Baudoux) glusterd2 The next generation of GlusterFS management Software Defined Storage devroom <p>GlusterD-2.0 (GD2) is a new implementation of the GlusterFS management daemon, which attempts to fix a lot of issues with the current management daemon.</p> <p>This talk will give the listeners an overview of the problems that GD2 is attempting to solve and how it solves them.</p> <p>GlusterFS is a highly modular distributed filesystem. The translator model used by GlusterFS allows new filesystem features to be easily developed and included in GlusterFS.</p> <p>But the GlusterFS management daemon, GlusterD, makes it hard for developers to actually get their new features into the hands of end users. Almost any new filesystem feature needs to have code written for it in GlusterD to ensure it is actually available for use. GlusterD, unlike the rest of GlusterFS, is a single monolithic, with a very large, undocumented and hard to navigate code base. This makes it very hard for feature developers to integrate their feature in GlusterD. In addition to this, GlusterD makes it harder for GlusterFS to scale, harder to integrate with external projects and takes up a lot of maintenance effort.</p> <p>GlusterD-2.0 (GD2) is a ground up re-implementation of the management daemon, designed from the beginning to overcome the above problems. GD2 and its internal frameworks are designed to be flexible, extensible and pluggable. GD2 makes it easier for developers to integrate their newer features into GlusterFS as well as allow easier integration of GlusterFS and other projects. In this talk, we'll be covering how GD2 and the new frameworks work to solve the problems above.</p> <p>This talk will be useful for developers interested in working on/with GlusterFS, users who want to understand how GlusterFS manages itself and people with a general interest in management and distributed systems.</p> Kaushal M The Gluster Community website The GD2 development repository Slides (online) Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:45 00:45 UA2.114 (Baudoux) cephintro Software Defined Storage devroom <p>Ceph is a highly available distributed software defined storage, providing object, key/value and file-system interfaces. Ceph Rados Gateway (Radosgw) provides HTTP REST API that is S3 and openstack swift compatible. This talk will cover cloud object storage concepts and how Ceph implementation of cloud object storage (Radosgw). This talk will also present the newest features and our plans for the future.</p> Orit Wasserman Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:45 UA2.114 (Baudoux) lizardfsstorage Software Defined Storage devroom <p>Cheap commodity servers, which you might want to call the garbage collectors for, can lead a new live as a part of a distributed filesystem capable to scale rapidly following immediate needs in storage capacity.</p> <p>This is an open source project which plans to repeat Red Hat success in successful monetizing an expertise in building and maintaining open source projects, aimed to improve developers' and business IT environment.</p> Michal Bielicki LizardFS Homepage LizardFS Documentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:15 00:45 UA2.114 (Baudoux) cephglustercommunity Software Defined Storage devroom <p>An overview of Ceph and Gluster community activities.</p> <p>This talk is a replacement for the 'Ceph User Committee' talk by Wido den Hollander who was unable to make it to FOSDEM this year due to personal reasons. We hope he can join us next year!</p> Niels de Vos scuttlemonkey Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:45 UA2.114 (Baudoux) hdfsnvme NVM HBase acceleration Software Defined Storage devroom <p>Non-Volatile-Memory express (NVMe) standard promises and order of magnitude faster storage than regular SSDs, while at the same time being more economical than regular RAM on TB/$. This talk evaluates the use cases and benefits of NVMe drives for its use in Big Data clusters with HBase and Hadoop HDFS.</p> <p>First, we benchmark the different drives using system level tools (FIO) to get maximum expected values for each different device type and set expectations. Second, we explore the different options and use cases of HBase storage and benchmark the different setups. And finally, we evaluate the speedups obtained by the NVMe technology for the different Big Data use cases from the YCSB benchmark.</p> <p>In summary, while the NVMe drives show up to 8x speedup in best case scenarios, testing the cost-efficiency of new device technologies is not straightforward in Big Data, where we need to overcome system level caching to measure the maximum benefits.</p> Nicolas Poggi Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:45 UA2.114 (Baudoux) cephusb Software Defined Storage devroom <p>Exposing Ceph RADOS Block Device (RBD) images for access via an embedded USB storage gadget can solve a number of factors limiting adoption, namely:</p> <ul> <li>Ceph storage can now be consumed by almost any system with a USB port</li> <li>Ease of use</li> <li>Configure once, then plug and play anywhere</li> <li>Security</li> <li>Encryption can be performed on the USB device itself, reducing reliance on transport and cluster security and access control</li> </ul> <p>This presentation will introduce and demonstrate a Ceph USB storage gateway prototype, running on an embedded Linux ARM board.</p> David Disseldorp Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:45 UA2.114 (Baudoux) openattic Software Defined Storage devroom <p>openATTIC is a web-based Open Source Storage management system for Linux. It supports the most popular NAS/SAN protocols like CIFS/NFS and iSCSI/Fibre Channel, including clustering and mirroring of data using DRBD®.</p> <p>openATTIC is a web-based Open Source Storage management system for Linux. It supports the most popular NAS/SAN protocols like CIFS/NFS and iSCSI/Fibre Channel, including clustering and mirroring of data using DRBD®.</p> <p>openATTIC development is sponsored by SUSE.</p> <p>In addition to managing "traditional" storage, the openATTIC project is also working on adding management and monitoring functionality for the Ceph distributed storage system.</p> <p>In this talk, Lenz will give an overview about openATTIC's architecture and technology, highlighting the functionality and features currently available. It will also give an insight into the ongoing and future development plans and the community resources that support the project.</p> Lenz Grimmer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:15 00:45 UA2.114 (Baudoux) glusterselinux Software Defined Storage devroom <p>GlusterFS is an open source, software defined scale out distributed filesystem which resides in user-space and typical runs on any commodity hardware. It has a stackable architecture so that it is very easy to introduce a new feature. When storage (in any sort) comes into picture, security and privacy are two important features which are of concern to everyone. SELinux is one among the trending facilities which provides both. From the server-side view GlusterFS works well in SELinux environments, but this does not address SELinux support for the contents stored on Gluster volumes. This presentation will cover one step further; how an end user can use SELinux context over Gluster volumes. In the world of Storage As a Service this is a feature that everyone will love to have.</p> <p>This talk will cover two open source technologies SELinux and GlusterFS. GlusterFS is software defined storage. SELinux otherwise known as Security Enhanced Linux is security module available in linux kernel through which security policies can be defined. Although it is widely used in linux world , no one has tried it with a distributed file system.So why it is important for software defined storage or in distribute storage ? The user specific security options available for end user is always limited(one of them is acl). First of all it is an additional security flavor for the end user. From a point of storage as a service, it is one of the key security feature which an end user can directly use. There are different clients which tries to provide this facility. In case of NFS, Labeled NFS is effort put on nfsv4 protocol which avails the same.</p> <p>The entire talk covers how SELinux feature can be implemented in a distributed file system, taking GlusterFS as an example. GlusterFS has a stackable architecture so that we can easily plug this feature. Each layer in this stack is known as translator. In case of SELinux a new translator will introduced at server side. The SELinux context are stored at backend as extended attributes named as "security.selinux". So this translator will handle all the getxattr/setxattr calls from the clien. Another important point to be noted is there will SELinux context for gluster process in Linux environments. So this contexts should be mess up with files stored in gluster volumes.</p> <p>This project is planned for gluster 3.10 release. So it will be a good platform to get early feedback/suggestion/contribution for this feature.</p> Jiffin Tony Thottan patch for selinux support patch for setting selinux context on bricks Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:45 UA2.114 (Baudoux) cephsalt Software Defined Storage devroom <p>DeepSea is an extensible collection of Salt files for automatic discovery, configuration, deployment and management of Ceph clusters. The goal is to keep the complexities inherent to Ceph deployments tameable and reduce the room for errors, while still offering the flexibility of Cephs architecture.</p> Jan Fajerski DeepSea Ceph Salt Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:45 00:45 UA2.114 (Baudoux) glustercontainer Software Defined Storage devroom <p>While containers themselves are stateless many applications still have requirements on storage that should persist across containers and instances of containers. Many such storage solutions require an administrator to set up a storage solution on hardware outside their existing container platforms. GlusterFS changes all that.</p> <p>GlusterFS is a software-defined, distributed, and scale-out filesystem. Recent developments have made it possible to deploy GlusterFS as a containerized application on your existing container platform (e.g. Kubernetes, OpenShift) thus allowing for a hyper-converged storage solution that only requires having storage devices attached to your nodes.</p> <p>In this session we will cover how GlusterFS was containerized, how to deploy it, and how it can provide persistent storage for other containerized applications.</p> Jose Rivera Mohamed Ashiq Hyper-Converged GlusterFS on Kubernetes Gluster Project heketi - GlusterFS RESTful Volume Management API Gluster container definitions Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:30 UA2.114 (Baudoux) cephoverview Software Defined Storage devroom <p>Ceph is a highly available distributed software defined storage, providing object, key/value and file-system interfaces. Ceph Rados Gateway (Radosgw) provides HTTP REST API that is S3 and openstack swift compatible. This talk will give a brief Radosgw architecture overview, present the newest features and our plans for the future.</p> Orit Wasserman Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:45 UA2.220 (Guillissen) kubernetes101 Orchestration doesn't have to be difficult Linux Containers and Microservices devroom <p>Abstract: So you’ve containerized your application, and now you want to deploy it scalably across a cluster. Maybe you’ve looked at Kubernetes but you can’t figure out how to use it. In one short session, we’ll teach you enough to get started.</p> <p>Abstract: So you’ve containerized your application, and now you want to deploy it scalably across a cluster. Maybe you’ve looked at Kubernetes but you can’t figure out how to use it. In one short session, we’ll teach you enough to get started. We’ll cover:</p> <p>What is Kubernetes? Configuring your apps Creating a deployment Tools to help: Ansible, Kompose and OpenCompose Scaling an application Failover and HA A Kubernetes GUI: Cockpit</p> <p>Container orchestration doesn’t have to be hard; let me give you a push in the right direction.</p> Josh Berkus Submit feedback 09:50 00:45 UA2.220 (Guillissen) containerdevops Linux Containers and Microservices devroom <p>Containers are great in terms of application packaging and delivery, but there’s a lot of noise in the space. But when it comes to multi-container applications, most production setups use advanced container orchestration technologies like Kubernetes, Openshift, Mesos/Marathon, which are not that developer friendly.</p> <p>Developers prefer docker-compose for its simplicity. This talk will showcase our ongoing efforts at Red Hat, Skippbox and Google to bridge this gap between deploying containers in development to production, and the need to standardize a multiple container definition spec which works seamlessly across different environments and container orchestration platforms.</p> <p>Containers are everywhere now a days. We want to use containers during development, in staging, in production, etc. However, it’s not that straight forward, thanks to the plethora of container runtimes and toolchains. Some are developer friendly, whereas, others, which are battle tested for production, are not that developer friendly. In this talk we’ll walk you through the current state of things for containers in various environments: development, production, etc., the disparity between container technologies usually used in development and production, how to take things from development to production, etc. This will showcase how Red Hat, Skippbox and Google have been working to solve this problem, and the result of that work is a CLI tool called Kompose, https://github.com/skippbox/kompose. Kompose takes in docker-compose file format and generates Kubernetes and OpenShift artifacts. However, is it enough? We need a standardized specification to define multi container applications that works seamlessly across multiple container runtimes and orchestration tools.</p> <p>This talk will be organized as follows:</p> <p>Developer workflow with containers Container technologies preferred in production What it takes to have a production like environment for development? So much to learn! Pushing application to production with 0 (or little) learning curve Kompose: Tool to move from docker-compose to Kubernetes What next? A standard specification to define multi-container application Road to container Utopia</p> Ratnadeep Debnath Kompose, Tool to move from docker-compose to Kubernetes Using your Docker-compose files with Kubernetes Submit feedback 10:40 00:45 UA2.220 (Guillissen) grpc101 Linux Containers and Microservices devroom <p>gRPC is a high performance, open source, general RPC framework that puts mobile and HTTP/2 first. gRPC is based on many years of Google's experience in building distributed systems - it is designed to be low latency, bandwidth and CPU efficient, to create massively distributed systems that span data centers, as well as power mobile apps, real-time communications, IoT devices and APIs. It's also interoperable between multiple languages.</p> <p>But beyond that fact that it's more efficient than REST, we'll look into how to use gRPC's streaming API, where you can establish server-side streaming, client-side streaming, and bidirectional streaming! This allows developers to build sophisticated real-time applications with ease.</p> <p>In addition to learning about gRPC and HTTP/2 concepts with code and demonstrations, we'll also deep dive into integration with existing build systems such as Maven and Gralde, but also frameworks such as Spring Boot and RxJava. - Configuring projects to generate gRPC stub code - Using Protobuf3 to define services - Creating synchronous and asynchronous services, with streaming. - Load balancing - Interceptors</p> <p>gRPC is a high performance, open source, general RPC framework that puts mobile and HTTP/2 first. gRPC is based on many years of Google's experience in building distributed systems - it is designed to be low latency, bandwidth and CPU efficient, to create massively distributed systems that span data centers, as well as power mobile apps, real-time communications, IoT devices and APIs. It's also interoperable between multiple languages.</p> <p>But beyond that fact that it's more efficient than REST, we'll look into how to use gRPC's streaming API, where you can establish server-side streaming, client-side streaming, and bidirectional streaming! This allows developers to build sophisticated real-time applications with ease.</p> <p>In addition to learning about gRPC and HTTP/2 concepts with code and demonstrations, we'll also deep dive into integration with existing build systems such as Maven and Gralde, but also frameworks such as Spring Boot and RxJava. - Configuring projects to generate gRPC stub code - Using Protobuf3 to define services - Creating synchronous and asynchronous services, with streaming. - Load balancing - Interceptors</p> Ray Tsang Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:40 00:45 UA2.220 (Guillissen) kubeoperators Managing Complex Software with Software Linux Containers and Microservices devroom <p>The Kubernetes container orchestrator can scale and connect stateless applications quite easily. Stateful applications require more work. Databases, caching systems, and file stores are harder to dynamically manage with data intact, and sometimes come with their own notion of clustering. Operators automate these tasks. Operators are Kubernetes agents that know how to deploy, scale, manage, and even upgrade complex applications.</p> <p>The Kubernetes container orchestrator can scale and connect stateless applications quite easily. Stateful applications require more work. Databases, caching systems, and file stores are harder to dynamically manage with data intact, and sometimes come with their own notion of clustering. Operators automate these tasks. Operators are Kubernetes agents that know how to deploy, scale, manage, and even upgrade complex applications.</p> <p>In this talk, we'll illustrate the Operator concept, showing how Operators are built atop the Kubernetes third-party resources mechanism with a close examination of the open source etcd Operator. We'll demonstrate the Operator in action, deploying an etcd key-value store cluster atop Kubernetes, then scaling and replicating etcd pods in response to load and in the face of pod and node failures. The audience will learn how to deploy the etcd Operator and how to begin developing Operators to manage their own stateful applications.</p> Josh Wood Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:35 00:10 UA2.220 (Guillissen) magnumcern Scaling container clusters to thousands of nodes Linux Containers and Microservices devroom <p>Magnum is an OpenStack service offering Container Clusters as a service, with support for Docker Swarm, Kubernetes, Mesos or DC/OS. Users of the service can deploy clusters of thousands of nodes in minutes, and access them securely using their native APIs.</p> <p>In the first part of this talk we introduce the Magnum service. We present its basic and more advanced features, including support for heterogeneous clusters, cluster upgrades, cluster drivers and the ongoing effort to make it rock solid.</p> <p>Next, you can get idea if how Magnum is integrated in CERN’s cloud infrastructure. How it started as a pilot service, the efforts done to add missing features and how CERN’s users benefit from it. CERN’s use cases include end user physics analysis, web services, continuous integration, infrastructure services and more.</p> <p>Finally, such a complex service needs to be tested and benchmarked in depth, so the last section includes the results of a series of tests done in CERN cloud infrastructure and the CNCF testing infrastructure scaling the different container orchestration engines to thousands of nodes. Specifically, we report results of running several thousand containers in Kubernetes and scaling a service to millions of requests a second.</p> Spyros Trigazis OpenStack/Magnum wiki OpenStack/Magnum Developer's Documentation OpenStack/Magnum Installation Guide Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:45 00:05 UA2.220 (Guillissen) kubegluster Lightning Ver. Linux Containers and Microservices devroom <p>You can now deploy GlusterFS on Kubernetes, and have your Kubernetes applications access hyper-converged persistent storage. Ashiq and Jose will explain how.</p> <p>AMENDMENT: Replacement for "The Easiest Way to Deploy OpenShift", which had to be cancelled due to speaker travel issues.</p> Jose Rivera Mohamed Ashiq Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:50 00:05 UA2.220 (Guillissen) layervsdependency Linux Containers and Microservices devroom <p>An introduction to graph based dependency management for containers.</p> <p>Managing dependencies properly is tricky, especially when you consider both the libraries used in your applications and the ones that are provided by your OS.</p> <p>In this talk, I'll explain how this was done manually, with configuration management systems, layer based systems (such as docker), and graph based systems, such as <a href="https://nixos.org">nixos</a>, Chef's <a href="http://habitat.sh">habitat.sh</a> and Google's <a href="https://bazel.build/">bazel</a>.</p> <p><em>UPDATE</em>: Recorded video: http://bofh.nikhef.nl/events/FOSDEM/2017/UA2.220/layervsdependency.mp4</p> Maarten Hoogendoorn NixOS Habitat.sh Bazel Recorded video Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:55 00:10 UA2.220 (Guillissen) cnjavadev Patterns and Principles for Designing Kubernetes Applications Linux Containers and Microservices devroom <p>Kubernetes is awesome! But what does it takes for a Java developer to design, implement and run Cloud Native applications? In this session, we will look at Kubernetes from a user point of view and demonstrate how to consume it effectively. We will discover which concerns Kubernetes addresses and how it helps to develop highly scalable and resilient Java applications.</p> <p>In more details, we will explore the following patterns and principles:</p> <ul> <li>Containerizing Applications</li> <li>Interacting with Kubernetes</li> <li>Observable Interior</li> <li>Life Cycle Conformance</li> <li>Dynamic Placement</li> <li>Declarative Deployment</li> <li>Centralized Configurations</li> <li>Service Discovery &amp; Load Balancing</li> <li>Scheduled Batch Job</li> <li>Singleton Service</li> <li>Resiliency with Kubernetes</li> </ul> Bilgin Ibryam Video recording (mp4) Video recording (WebM/VP8) Slides Submit feedback 13:05 00:05 UA2.220 (Guillissen) crikube Linux Containers and Microservices devroom <p>Kubernetes is a cluster orchestration system that runs all applications inside containers. However, Kubernetes itself doesn't know anything about containers, but instead defers to a container runtime to do all the heavy lifting. This talk will describe the Container Runtime Interface, a new internal API that allows Kubernetes to be extended to integrate with other container runtimes than Docker.</p> <p>(Please note that the speaker has changed from Jonathan Boulle.)</p> <p>Kubernetes is a cluster orchestration system that runs all applications inside containers. However, Kubernetes itself doesn't know anything about containers, but instead defers to a container runtime to do all the heavy lifting. This talk will describe the Container Runtime Interface, a new internal API that allows Kubernetes to be extended to integrate with other container runtimes than Docker.</p> Luca Bruno Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:25 00:45 UA2.220 (Guillissen) singularityhpc The Inner Workings of Securely Running User Containers on HPC Systems Linux Containers and Microservices devroom <p>Singularity is an open source container solution being developed specifically for HPC environments. With Singularity, HPC users can safely bring their own execution environments to the cluster. Unlike other container solutions, Singularity does not require root level permissions to run containers, which allows users to freely control what software stack they wish to use. Provisioning of a container image can be done locally on the user's machine or on Singularity Hub. The resulting image can then be securely executed on any machine with Singularity installed. Reproduction of results has never been easier: a user can now share a single Singularity image file that will ensure a consistent execution environment wherever it is run.</p> <p>This presentation will provide an in-depth look at how Singularity is able to securely run user containers on HPC systems. After a brief introduction to Singularity and its relationship to other container solutions, the details of Singularity's runtime will be explored. The way that Singularity leverages Linux features such as namespaces, bind mounts, and SUID binaries will be discussed in further detail as well.</p> <p>Singularity is an open source container solution being developed specifically for HPC environments. With Singularity, HPC users can safely bring their own execution environments to the cluster. Unlike other container solutions, Singularity does not require root level permissions to run containers, which allows users to freely control what software stack they wish to use. Provisioning of a container image can be done locally on the user's machine or on Singularity Hub. The resulting image can then be securely executed on any machine with Singularity installed. Reproduction of results has never been easier: a user can now share a single Singularity image file that will ensure a consistent execution environment wherever it is run.</p> <p>This presentation will provide an in-depth look at how Singularity is able to securely run user containers on HPC systems. After a brief introduction to Singularity and its relationship to other container solutions, the details of Singularity's runtime will be explored. The way that Singularity leverages Linux features such as namespaces, bind mounts, and SUID binaries will be discussed in further detail as well.</p> Michael Bauer Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:45 UA2.220 (Guillissen) cgroupv2 Linux Containers and Microservices devroom <p>cgroupv1 (or just "cgroups") has helped revolutionise the way that we manage and use containers over the past 8 years. A complete overhaul is coming -- cgroupv2. This talk will go into why a new control group system was needed, the changes from cgroupv1, and practical uses that you can apply to improve the level of control you have over the processes on your servers.</p> <p>We will go over:</p> <ul> <li>Design decisions and deviations for cgroupv2 compared to v1</li> <li>Pitfalls and caveats you may encounter when migrating to cgroupv2</li> <li>Discussion of the internals of cgroupv2</li> <li>Practical information about how we are using cgroupv2 inside Facebook</li> </ul> Chris Down Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:20 00:45 UA2.220 (Guillissen) troubleshootkube Linux Containers and Microservices devroom <p>Kubernetes is a tremendous system for orchestrating your containers onto physical infrastructure. But troubleshooting Kubernetes can be incredibly challenging due to the dynamic and isolated nature of the containers it orchestrates. Sysdig leverages the powerful concept of container-aware system events and correlates each one of them with super rich metadata Kubernetes.</p> <p>In this session we’ll go deep into a real Kubernetes issue involving wget, search domain, glibc, SkyDNS and etcd, and we’ll see how to track them down using Sysdig.</p> <p>Kubernetes is a tremendous system for orchestrating your containers onto physical infrastructure. But troubleshooting Kubernetes can be incredibly challenging due to the dynamic and isolated nature of the containers it orchestrates. Sysdig leverages the powerful concept of container-aware system events and correlates each one of them with super rich metadata Kubernetes.</p> <p>In this session we’ll go deep into a real Kubernetes issue involving wget, search domain, glibc, SkyDNS and etcd, and we’ll see how to track them down using Sysdig.</p> Jorge Salamero https://sysdig.com/blog/sysdigkubernetes-adventure-part-1-kubernetes-services-work/ https://sysdig.com/blog/a-sysdigkubernetes-adventure-part-2-troubleshooting-kubernetes-services/ Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:10 00:45 UA2.220 (Guillissen) virtcontainers Linux Containers and Microservices devroom <p>The idea of running virtual machines inside containers is surprisingly old and was used due to several reasons. They include willingness to run VM-s in container orchestration engines like Kubernetes or Borg, or packaging IaaS cloud software like OpenStack in containers. In this presentation, I am going to describe these use cases and two main different approaches of containerizing VM-s - putting every qemu(-kvm) process in a separate container (like Borg or Rancher OS are doing) and putting libvirtd process in container (like OpenStack Kolla or Stackanetes are doing)</p> Michal Rostecki Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 02:00 UB2.147 cert_lpi_3 Certification certification <h3>LPI offers discounted certification exams at FOSDEM</h3> <p>As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost <strong>50% discount</strong>.</p> <p>For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>.</p> LPI Team Submit feedback 12:00 01:00 UB2.147 cert_libreoffice_1 Certification certification <p>LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs.</p> <p>In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals.</p> <p>The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute.</p> LibreOffice Team Submit feedback 13:30 01:00 UB2.147 cert_libreoffice_2 Certification certification <p>LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs.</p> <p>In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals.</p> <p>The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute.</p> LibreOffice Team Submit feedback 15:00 01:00 UB2.147 cert_libreoffice_3 Certification certification <p>LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs.</p> <p>In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals.</p> <p>The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute.</p> LibreOffice Team Submit feedback 09:00 00:45 UB2.252A (Lameere) what_does_monitoring_mean Monitoring and Cloud devroom <p>Monitoring can mean very different things to different people, and this often leads to confusion and misunderstandings. There are many offerings both free software and commercials, and it's not always clear where each fits in the bigger picture. This talk will look a bit at the history of monitoring, and then into the general categories of Metrics, Logs, Profiling and Distributed tracing and how each of these is important in Cloud-based environment.</p> Brian Brazil Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:50 00:45 UB2.252A (Lameere) monitoring_cloud_qa Monitoring and Cloud devroom <p>Please note that this replaces 'Alerting with Time Series' which will now take place at 12:35.</p> Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:40 00:45 UB2.252A (Lameere) trace_everything When APM meets SysAdmins Monitoring and Cloud devroom <p>Transaction tracing is typically thought of something that only developers do when they need to troubleshoot a piece of their software. And lately, it’s also been used for tracing microservice-based transactions too.</p> <p>These are really useful capabilities, but what if you could profile everything? Yes everything - software functions, microservice calls, file access, network requests, even bash scripts. How would this change your view on your systems? How would this enable you to better understand what your software is actually doing?</p> <p>In this talk I’ll show you how to trace everything using open source sysdig. We’ll cover: - How to trace everything from a method in your software, a service call, a network request, a shell command execution, a script, and more - How to report on your traces to make the most sense of the data - Use real-world examples of tracing that show its benefits</p> Jorge Salamero https://github.com/draios/sysdig/wiki/Tracers Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:40 00:45 UB2.252A (Lameere) graphite_at_scale Monitoring and Cloud devroom <p>This is a story about dealing with metrics at scale. A lot of metrics.</p> <p>This is our story of the challenges we’ve faced at Booking.com and how we made our Graphite system handle millions of metrics per second.</p> <p>If you attend to this session, you will learn about one of the most high load Graphite stacks, the problems it poses and the challenges in maintaining it and scaling it further, pushing Graphite to its limits and beyond.</p> <p>This is a story about dealing with metrics at scale. A lot of metrics.</p> <p>This is our story of the challenges we’ve faced at Booking.com and how we made our Graphite system handle millions of metrics per second.</p> <p>If you attend to this session, you will learn about one of the most high load Graphite stacks, the problems it poses and the challenges in maintaining it and scaling it further, pushing Graphite to its limits and beyond.</p> <p>Pre-requirements: this session can be interesting if you do a monitoring (especially graphs), especially if you already use graphite in your project. It also might be interested as an approach to improve a complex open-source system.</p> Vladimir Smirnov Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:35 00:45 UB2.252A (Lameere) alerting_with_time_series Monitoring and Cloud devroom <p>In a Cloud Native infrastructure, component failure is normal and expected. The loss of a single node or a dozen hard drives is automatically handled by the systems running a datacenter, removing the need to page someone at 4am. This calls for an alerting system that understands service availability at a global scope, yet is still able to give detailed reports if and when there is a service-impacting incident. Prometheus achieves this by defining alerting conditions directly on time series data. The resulting alerts are grouped and aggregated into comprehensive and meaningful notifications. Fabian will walk through the philosophy of time series based alerting, the Prometheus architecture behind it, and how practical anomaly detection can be implemented.</p> <p>This talk was previously scheduled for 09:50.</p> Fabian Reinartz Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:25 00:45 UB2.252A (Lameere) grafana_past_present_and_future Monitoring and Cloud devroom <p>Why was Grafana born and what problem is it trying to solve? How do we try to solve these problems? We will look into some of the recent changes in Grafana that makes it easier to create, share and work with your dashboards. I'm also going to look into the future and talk about how we see the future of Grafana and talk a little bit about of software design philosophy.</p> Carl Bergquist Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:45 UB2.252A (Lameere) monitoring_kubernetes_with_omd_labs Monitoring and Cloud devroom <p>Prometheus is an open source monitoring tool - unlike traditional tools like Nagios, Prometheus implements a white-box monitoring approach: Applications actively provide metrics, these metrics are stored in a time-series database, the time-series data is used as a source for generating alerts. Prometheus comes with a powerful query language allowing for statistical evaluation of metrics. Many modern infrastructure components have Prometheus metrics built-in, like Docker's cAdvisor, Kubernetes, or Konsul. Prometheus' service discovery mechanisms make monitoring these components very easy.</p> <p>The OMD Labs Edition is a collection of proven monitoring tools like Nagios or Icinga together with newcomers like InfluxDB and Grafana to provide a best-practice monitoring platform with advanced features like multi-tenancy. OMD Labs Edition bundles exclusively open-source tools and is itself developed open-source.</p> <p>By adding Prometheus to its stack, OMD Labs Edition is also ready for cloud-native applications. As such it eases the integration of traditional monitoring with the needs of dynamic cloud monitoring.</p> <p>This talk gives an introduction on how to integrate Kubernetes monitoring using Prometheus into the OMD Labs Edition.</p> Michael Kraus Homepage of the OMD project Sample configuration repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:20 00:45 UB2.252A (Lameere) social_aspects_of_change Monitoring and Cloud devroom <p>This talk will cover lessons learned when migrating to Prometheus and how to get people from teams as diverse as NOC, product management and accounting excited about something as technical as monitoring.</p> Richard Hartmann Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:10 00:45 UB2.252A (Lameere) deploying_prometheus_at_wikimedia_foundation Monitoring and Cloud devroom <p>Over the last few months the Technical Operations team at Wikimedia Foundation has been experimenting with Prometheus for operational monitoring. The talk will cover the deployment of Prometheus for MySQL, Kubernetes and machine monitoring. We will discuss what we've learned so far and what our plans are for the future of this project.</p> Filippo Giunchedi Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:35 UD2.119 (Moved from AW1.124) community_closing_loops Concluding discussions in non-face-to-face communities Community devroom <p>How do we decide when a discussion is complete? How do we know we've heard from enough people, or that the topic isn't dead yet? Deciding how to take decisions in a community is hard - in this talk, I'd like to ways to handle it.</p> <p>Figuring out when to close a discussion is really hard - and more so if all the participants are only using forums/mailinglists/chat rather than being face-to-face. Knowing that you've heard from the right people, trying to ensure quiet voices are heard, and making sure you're not cutting the discussion too early (or too late) really matters. In this "talk" I'd like to bring some examples of such discussions from our community (e.g. things which caused conflict, things which caused communications blocks, and so on), talk about how we handled them, and discuss ways in which we could improve - hopefully to the benefit of everyone present.</p> Greg Sutcliffe The Foreman website Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:35 00:35 UD2.119 (Moved from AW1.124) community_datascience_for_communitymanagement Community devroom <p>We will present some typical community management worries about community health, productivity and visibility and how some open source tools could be used to face them. Open source development transparency allows community to behave as data scientists and extract valuable information.</p> <p>During last years, we have seen the growth of an specific position in many companies and OSS foundations. You might have seen them as “community managers”, “developer advocates”, “developer relations”, etc. All of them share some goals / responsibilities in common with their communities: health, productivity and visibility. How to achieve them?</p> <p>It has been said that “without data, you are another person with an opinion”, and management shouldn’t rely in opinions but facts. This path increases transparency, trust and reduces conflicts, since usually “numbers speak louder than opinions”.</p> <p>If we look around in our daily live many of us are already working with tools for similar goals in different areas of life. We can wear heart rate monitors, check our activity in github or jira and play with zillions of marketing campaigning tools.</p> <p>In OSS communities people “contribute” for a goal. So, we should start by looking at where people are contributing, and here starts the “community manager nightmare”. People contribute in a lot of places: github, gerrit, jira, mailing lists, slack, meetup, etc. It seems obvious which data sources we have and since most of us are technical people, we might build our own tools for tracking them. Have you already gone through that path? Some of our best friends have gone, wasting 80% taking data instead of taking decisions. Lots of places to look at, mainly silos of data you need to massage to get information out of them, and limited amount of time understand and manage your project.</p> <p>During this talk, we will present some community managers typical questions and how tools OSS, like for example GrimoireLab, could be used to answer them, allowing the community to behave as data scientists extracting valuable information from within and be a data driven community.</p> <p>These kind of tools represent a new ecosystem for “Open Development Analytics”, where communities can (and probably should) rely on open tools to ensure transparency on such important process like “measuring the community”.</p> Manrique Lopez Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:10 00:35 UD2.119 (Moved from AW1.124) community_getting_your_issues_fixed Community devroom <p>You think you hit a bug in open source project. Now what? In this talk we will go over everything from where to get support when you hit an issue, through submitting a useful bug report, to how to contribute a fix that will get accepted quickly. I will also talk a bit about my work as a maintainer.</p> <p>Key takeaways include:</p> <ul> <li>Finding the best support channels and getting help on them - which in many cases may be enough to solve your issue.</li> <li>How you can write a useful bug report that will help the project developers create a fix for your issue.</li> <li>Sometimes, the fastest way to fix an issue is to write the patch yourself - what best practices will lead to a better chance of success in getting a patch accepted, while reducing the work needed by both you and the project maintainers.</li> <li>A glimpse into the life of project maintainers and the problems we sometimes face.</li> </ul> <p>The talk is based on examples from the <a href="https://theforeman.org">Foreman</a> project, of which I am one of the maintainers, but will be general enough to apply to any open source project.</p> Tomer Brisker Submit feedback 10:45 00:35 UD2.119 (Moved from AW1.124) community_handle_conflict_like_a_boss Community devroom <p>Conflict sucks! The free software community is full of passionate people with many, many differing ideas on how to achieve our shared goals. Disagreements seem inevitable, but what if they could be handled rationally, in a way that left everyone feeling at least OK about the outcome? It's possible. You can learn to cut to the heart of the disagreement, mediate and move forward.</p> <p>Many of us avoid dealing with tricky situations or let conflict avoidance keep us from accomplishing amazing things together. Conflict can be handled -- without flamethrowers -- and the process will often make your community stronger. It just takes time, a slightly relaxed ego and a willingness to see the best outcome for the most people. This talk covers when to handle conflict, strategies for both one-on-one situations and group situations and tips on how to scale your conflict resolution skills, like a boss.</p> <p>Conflict sucks! The FOSS community is full of passionate people with many, many differing ideas on how to achieve our shared goals. Disagreements seem inevitable, but what if they could be handled rationally, in a way that left everyone feeling at least OK about the outcome? It's possible. You can learn to cut to the heart of the disagreement, mediate and move forward.</p> <p>Many of us avoid dealing with tricky situations or let conflict avoidance keep us from accomplishing amazing things together. Conflict can be handled -- without flamethrowers -- and the process will often make your community stronger. It just takes time, a slightly relaxed ego and a willingness to see the best outcome for the most people. This talk covers when to handle conflict, strategies for both one-on-one situations and group situations and tips on how to scale your conflict resolution skills, like a boss.</p> Deb Nicholson Submit feedback 11:20 00:35 UD2.119 (Moved from AW1.124) community_mentoring_101 How to be a great community mentor Community devroom <p>In this presentation, Brian Proffitt will explain best practices for being a good community mentor, setting up scope-appropriate projects, and troubleshooting when things start going off the plan.</p> <p>Google's Summer of Code, Mozilla's Winter of Security, and Outreachy... all fantastic open source mentoring programs for up-and-coming developers, just to name a few. But participating in these projects is more than just tossing in some candidates for a small sub-project you've got going on and letting them do all the work. To get a real benefit for your interns and your project, positive, active mentoring must take place.</p> <p>Mentoring is a complex exercise for both the mentors and the mentored. It's not "management"--it's guidance. It's setting the mentored on a path that will not only solve a specific problem but share information and knowledge gained by the mentor over years of experience. In this presentation, Brian Proffitt will explain best practices for being a good mentor, setting up scope-appropriate projects, and troubleshooting when things start going off the plan.</p> Brian Proffitt Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:55 00:35 UD2.119 (Moved from AW1.124) community_strategy_for_developer_outreach Community devroom <ul> <li>We're sorry that this talk has been cancelled. *</li> </ul> <p>I look at how to create a developer outreach strategy that is suitable for community-led projects and commercially led products, including:</p> <ul> <li>setting goals</li> <li>creating programmes</li> <li>segmentation: who are you speaking to?</li> <li>choosing the right mix of activities</li> <li>content marketing measurement.</li> </ul> <p>You can eat and drink for free any night of the week in London. All you need are a meetup.com account and a tolerance for pizza.</p> <p>In offices, co-working spaces and conference rooms across the city, groups of software developers are listening to talks, participating in workshops and hacking together. Taking time from their evenings, they’re investing in their careers, having fun and spending time with friends.</p> <p>If you want to get their attention, you’ll need more than just a better set of pizza toppings.</p> <p>Software developers have been sharing code, tools and ideas with each other ever since Ada Lovelace and Charles Babbage gave their seminar about the Difference Engine at the University of Turin.</p> <p>That sharing of ideas amongst peers is ingrained in hacker culture and it is how git, Docker, nodeJS and many other projects grew to massive adoption. Advocacy works because, usually, developers share only the tools that did a good job of solving a real world problem. In that context, traditional marketing can seem contrived and inauthentic.</p> <p>The flipside, of course, is that even really great tools can go unnoticed.</p> <p>In this talk, I’ll look at how to prepare for and create a developer outreach strategy that is suitable for community-led open projects or commercially led products that are aimed at developers. We’ll look at:</p> <ul> <li>setting goals</li> <li>creating programmes</li> <li>segmentation: who are you speaking to?</li> <li>choosing the right mix of activities</li> <li>content marketing</li> <li>measurement.</li> </ul> <p>It sounds a bit like marketing right? Well, let’s keep this between just us, but it actually is marketing. It’s just a kind of marketing where we can choose to do the right thing.</p> <p>(Please note that this talk replaces 'The Business of Community' by VM (Vicky) Brasseur.)</p> Matthew Revell Submit feedback 12:30 00:35 UD2.119 (Moved from AW1.124) community_overcoming_culture_clash Community devroom <p>We are all a product of our experiences. Different communities around the world have different core assumptions about behaviour, how decisions are made, the role of the individual in a group, and more. What makes up culture, and can we have better community experiences by understanding it?</p> <p>We are all a product of our experiences. Different communities around the world have different core assumptions about behaviour, how decisions are made, the role of the individual in a group, and more. Sociologist Geert Hofstede defined six dimensions of culture, covering values, the relationship of the individual to a group, respect for hierarchy, and attitude to change. In addition to these, there is a wide variation in communication styles related to the use of physical gestures, attitudes to silence, the need for context.</p> <p>By understanding what makes up culture, you will have tools to question your own cultural assumptions, increase your empathy for other participants from different cultures, and avoid misunderstandings as soon as they occur. Can we have better community experiences by understanding the culture participants are coming from? Can we give tools to current community members to be more culturally sensitive and welcoming? And can we also give better advice to people joining the project for the first time, which meets them where they are, rather than expecting them to fit in with the community culture on day one?</p> Dave Neary Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:05 00:35 UD2.119 (Moved from AW1.124) community_contributed_now_what This talk will be about methods to improve contributor retention rates in your FOSS community. Community devroom <p>For any FOSS community, newcomer onboarding is important but retaining them is critical. Since past one year, I have been working with the Fedora Community Operations team on community-oriented metrics and on improving contributor retention rates in Fedora. During this talk, I would like to share the findings from my work.</p> <p>For any FOSS community, newcomer onboarding is important but retaining them is critical. Since past one year, I have been working with the Fedora Community Operations team on community-oriented metrics and on improving contributor retention rates in Fedora. During this talk, I would like to share the findings from my work.</p> <p>This talk will discuss about the methods FOSS communities can adopt to improve contributor retention rates. I will explain different community-oriented metrics we use at Fedora to understand community health like contributor engagement metrics, contributor onboarding and retention rates etc. I will then share some insights derived from finding common patterns in contribution activity of long-term active contributors i.e. Are long-term active contributors involved in many different areas of their projects? What are some good measures to predict longetivity of contributors ? What is the magic element X that makes people stay ? I will talk on how a community can apply the insights generated from these metrics to devise methods/guidelines to improve contributor retention rates and how an individual interested in contributing can ensure their prolonged interest in the FOSS project/organization.</p> <p>In the end, I will also share my experience as a newcomer and contributor to Community Operations team of Fedora and have a brief QnA session about the steps FOSS communities apart from Fedora are taking to improve their contributor retention rates.</p> Bee Padalkar This will be an extension of the talk I gave at FLOCK. Since then I have worked on some new metrics and generated new insights which will be presented first at FOSDEM. I mainly want to present this talk to FOSDEM audience as I want to have a wider impact on the poor contributor retention rates in FOSS communities. Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:40 00:35 UD2.119 (Moved from AW1.124) community_open_source_is_just_about_the_source_isnt_it Community devroom <p>Your project's code base is rock solid, you are rolling releases early and often, your test suite is comprehensive and running regularly, your code is well performing without any glitches. Everything is in place that defines a successful open source project - or isn't it?</p> <p>This talk tries to highlight some of the key questions software developers will quickly be faced with when dealing with open source: In addition to coding skills, topics like people management, naming, trademark enforcement, licensing, patents, pr and more become topics to deal with.</p> <p>After years of using open source projects, running my own projects, founding meetups and conferences, watching others thrive or fail I believe that coding skills alone aren't sufficient to turn a "private play ground code base" into an open source project that other's can rely on.</p> <p>Inspired by 140 characters of truth published here: https://twitter.com/janl/status/... the talk will focus on what topics that are usually not taught as part of programming courses will cross your way when dealing with open source - either as a user or as a contributor:</p> <ul> <li><p>People: Is the project willing and able to attract more contributors? Is it able to survive if the leader looses interest or time to continue contributing? How does the project deal with requests coming from the user base? How easy is it for users to get their issues fixed?</p></li> <li><p>Trademarks: Why should you care about trademarks from the beginning? How do you deal with others infringing on your trademarks?</p></li> <li><p>Copyright: Why should you care, exactly which license you choose?</p></li> <li><p>PR: While writing release notes is common practice and composing changelogs is pretty easy, the resulting documents are hard to grok for editors and won't get you on the front page of any magazine. Nor will they help you get visibility on common social media systems that might be key in informing your users about recent releases.</p></li> </ul> <p>While being excellent at all topics isn't vital from the start, answers to governance questions decide what a project looks like a few years from it's start.</p> Isabel Drost-Fromm Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:15 00:35 UD2.119 (Moved from AW1.124) community_building_an_accessible_community Community devroom <p>What happens when you stop looking at diversity and instead put accessibility into the core of an event? This talk will be about the experience of doing exactly that. We will be looking into some of the solutions WordCamp London came up with and the cost of building accessibility into a project.</p> <p>We talk about accessibility a lot when we write code, whether that is writing good documentation, comment blocks or creating a good user experience. When it comes to our user groups and events, accessibility is not usually on the forefront of our minds.</p> <p>At WordCamp London, the organising team made accessibility the key goal of the event. We wanted to see how far we could push being accessible and how much effort it would take.</p> <p>This talk is for any event organisers, community evangelists or managers who are looking for solutions to help grow their communities. Wong will be talking about the challenges of organising an accessible event, including how they degendered content, added child care facilities and helped the hard of hearing. We will look at the cost of each accessible feature, explore the unexpected benefits of an accessible event and discuss the lessons were learnt on the way.</p> Jenny Wong WordCamp London 2016 WordCamp London 2017 Human Made Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:50 00:35 UD2.119 (Moved from AW1.124) community_like_the_ants turn individuals into large contributing community Community devroom <p>Complex Adaptive Systems are everywhere in nature, but they can also guide us to build large contributor groups. Learn how to apply their 6 key strategies to create a global self-sustaining community, which were successfully used in evolution of the Google Developer Groups to a global movement.</p> <p>Ever wondered if your project has a potential to engage a large, global contributor community? Well, likely it has. You just have to follow the nature! So consider ant nests, Amazon rainforests or financial markets… what do have these in common with global developer communities? All share the same key principles enabling their relatively limited individual members to interact, create emergent projects and co-evolve these ecosystems to massive scale in a distributed, boss-less way. When building developer communities, we can learn a lot from natural systems about how to create a similar self-sustained ecosystem of people, contributing to a larger cause. The key principles have been well described by the complex adaptive theory, but let’s be very practical today. On the example of building <a href="https://developers.google.com/groups/">Google Developer Groups</a> from few contributors 9 years ago to today’s massive global volunteer movement running one meetup event approximately every hour, we’ll show how <em>you</em> can apply the very same principles to <em>your</em> community or volunteer based project and grow your ecosystem big, yet still actionable.</p> Dan Franc Google Developers communities programs Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:25 00:35 UD2.119 (Moved from AW1.124) community_visualize_your_code_repos_and_more_with_gource Community devroom <p>Why settle for boring numbers and static graphs to describe your project when you can dynamically display the movements and activity within your project? Gource is a flexible open source tool that can be used to display activity from your repositories using a video visualization that people love!</p> <p>Gource is an amazing and flexible open source tool that can be used to display activity from your repositories using a video visualization that people love!</p> <p>With this flexibility comes a dizzying array of options and configurations. This talk will show some of the more useful options within Gource to help you select the ones that will work best for your project. Gource can also be used to display non-repository information (bug trackers or mailing lists) using the custom log format. Other topics include related tools, generating video files, and more.</p> <p>The goal is for you to walk away from this talk with ideas and techniques for how to create awesome videos showing the activity within your open source projects and communities.</p> Dawn Foster GitHub Repo with examples Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:30 UD2.119 (Moved from AW1.124) community_roundtable_discussion Community devroom <p>Discussion on the Community Dev Room, feedback and suggestions for next year</p> Submit feedback 16:30 00:30 UD2.119 (Moved from AW1.124) community_sharing_power_in_our_communities Designing and implementing better spaces for everyone Community devroom <p>Building safer spaces for everyone can be hard if the wrong questions are answered. I will show how, by working on the root causes of the issues we face, we can be successful in creating better spaces for everyone to participate.</p> <p>We often think about our Free and Libre Open Source communities as being built on egalitarian principles of meritocracy and do-ocracy: anyone with the will and the skills can be involved and have their work recognized.</p> <p>However, without awareness of how power is distributed and how social interactions take place, those communities are very likely to reproduce patterns leading to excluding people. Even when we are aware of the need and benefits of building better and safer spaces for everyone, implementations are not that easy and one might despair of not being successful.</p> <p>In this talk, I will present some key principles learned from my experience to show how, by working on the root causes of the issues we face, we can be successful in creating better spaces for everyone to participate: what power patterns are involved in our social interactions; what can go wrong with the politics of “Inclusion and Diversity”; how we can concretely improve our personal and collective practices for a better good.</p> Stéphanie Ouillon Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:00 00:30 UD2.120 (Chavanne) python_pandas Introduction to the open source data analysis and manipulation library Python devroom <p>This talk will be based on open source data manipulation and analysis python library – Pandas. It will mainly focus on exploring the most commonly used features of the library like – integrated indexing using DataFrame objects, slicing and subsetting of large data sets, merging, joining and size mutability of data structures, hierarchical axis indexing to work with high-dimensional data in a lower-dimensional data, flexible reshaping and pivoting of data sets etc.</p> <p>This talk will be based on open source data manipulation and analysis python library – Pandas. It will mainly focus on exploring the most commonly used features of the library like – integrated indexing using DataFrame objects, slicing and subsetting of large data sets, merging, joining and size mutability of data structures, hierarchical axis indexing to work with high-dimensional data in a lower-dimensional data, flexible reshaping and pivoting of data sets etc.</p> Sahil Dua Video recording (mp4) Video recording (WebM/VP8) Submit feedback 09:30 00:30 UD2.120 (Chavanne) python_solid Python devroom <p>Python and "the SOLID principles". This is an introduction to the first five principles named by Robert C. Martin (uncle Bob). These principles are the foundation of a good software architecture. We will have a look at how this applies to Python code. We will have a look at abstract base classes, dependency inversion and so on.</p> <p>Python and "the SOLID principles". This is an introduction to the first five principles named by Robert C. Martin (uncle Bob). These principles are the foundation of a good software architecture. We will have a look at how this applies to Python code. We will have a look at abstract base classes, dependency inversion and so on.</p> Jonathan Slenders Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 00:30 UD2.120 (Chavanne) storing_metrics_gnocchi The Python based time series database Python devroom <p>Gnocchi is a time series database written in Python, that has been created in the context of the OpenStack cloud computing project. It offers highly-scalable data storage for measurements and provides access to its data via a REST API. In this lecture, we'll discuss the features the project is offering to its users, and how they can easily be leveraged in any application. In a second part, we'll see how the project has been built to scale, how Python was leveraged and made scalable.</p> Julien Danjou Gnocchi documentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:30 00:30 UD2.120 (Chavanne) python_selinon Distributed dynamic task flow management with Python Python devroom <p>Selinon is a project that is based on popular Python project Celery. Celery is a distributed task queue that offers one to run tasks. Selinon gives one a power to define flows and dependencies in flows, schedule tasks based on results of workers, success or any external events, handle errors, trace flow state and actions in a distributed environment. Its main goal is to split task logic (code) and persistence logic from data and time dependencies between tasks in flows that are stated in simple YAML configuration files.</p> <p>Selinon is an advanced flow management above Celery project (an asynchronous distributed task queue) written in Python3, that allows you to dynamically schedule tasks based on results of previous tasks, group tasks to flows, schedule flows from other flows, store results of tasks in your storages and databases transparently, validate results against defined JSON schemas, track flow progress via the build-in tracing mechanism, complex per-task or per-flow failure handling with fallback tasks or fallback flows and run the whole system in a distributed environments orchestrated by OpenShift or Kubernetes.</p> Fridolín Pokorný Github repository Project homepage and documentation Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 00:30 UD2.120 (Chavanne) python_steppy a step sequencer in Python Python devroom <p>If you're making electronic music in 2017, you're likely to have seen or used one of Native Instrument's "Maschine", "Maschine Jam", Novation's "Circuit", or Ableton's "Push"... These pad-based devices allow musicians to trigger samples, and create rhythms intuitively by the means of a "step sequencer". The said step sequencer is implemented in the box and stays in it...</p> <p>Thanks to "mido" and "portmidi" libraries, I designed a lightweight open source software sequencer (without a GUI), exposing abstractions for python programmers to use their existing MIDI-enabled hardware. My MiniNova, Launch Control and Quneo devices were hacked this way to create new functionality together.</p> <p>The talk starts with a quick explanation of MIDI and step sequencing, then describes the benefits and challenges of using Python in this context, as well as the choice of gevent against other async frameworks. It ends of course with a live demo!</p> Yann Gravrand Project source code Video example Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:30 00:30 UD2.120 (Chavanne) python_grimoirlab a Python toolset for software development analytics Python devroom <p>The talk will explain how to analyze software development repositories of common use in the free software community with [GrimoireLab tools][http://grimoirelab.github.io], a toolset for software development analytics writting in Python. It will start by explaining how to retrieve data from git, Bugzilla, GitHub, mailing lists, StackOverflow, Gerrit, and many other repositories by, and organizing it in a database. The talk will later explain how this database can be exploited with several components of the toolset, for different purposes. In this context, special attention will be given to how to extract useful information from it using Python/Pandas and iPython/Jupyter Notebooks; and how to use ElasticSearch/Kibana to deploy actionable dashboards that show data in all its glory.</p> <p>Many free / open source software (FOSS) projects feature an open development model, with public software development repositories which anyone can browse. These repositories are normally used to find specific information, such a certain commit or a particular bug report. But they can also be mined to extract all relevant data, so that it can be analyzed later to learn about any specific or general aspect of the project. This talk will explain the GrimoireLab method for doing that, which is based on organizing all that information in a database, which can be later analyzed. This approach allows for minimal impact on the project infrastructure, since data is retrieved only once, even if it later analyzed many times. It allows as well for efficiency and comfort when mining data for an analysis, since the results are readily available, databases can be shared and replicated at will, and queried them with any kind of tools is easy.</p> <p>The tools that retrieve information from the repositories are grouped in the GrimoireLab toolset. It includes mature, widely tested programs capable of extracting information from most repositories used by FOSS projects of any scale. Many of them are agnostic with respect to the database used, although currently ElasticSearch is the best supported.</p> <p>The produced databases can be exploited in several ways, of which two will be explained during the talk: using Python/Pandas to produce iPython/Jupyter Notebooks which analyze some aspect of the project; and using Python to feed a ElasticSearch cluster, with a Kibana front-end for visualizing in a flexible, powerful dashboard.</p> <p>All these approaches can be used to understand general aspects of the project, such as how efficient are the code review or bug fixing processes, how diverse are contributions to the git repository, or how conversations in mailing lists or StackOverflow are shaped. But they can be used as well to drill down, and analyze the contributions by a certain developer, or the longer code review processes, or the contents of the most lively email and QA threads.</p> <p>The talk will explain the whole process from data retrieval to visualization, and will show some specific cases of real world use, such as the dashboards produced for Eclipse, OPNFV, MediaWiki and many others. Some of the contents of the talk are described in detail in the online book GrimoireLab Training.</p> Jesus M. Gonzalez-Barahona GrimoireLab GrimoireLab Training Eclipse GrimoireLab Dashboard OPNFV GrimoireLab Dashboard Wikimedia GrimoireLab Dashboard Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 00:30 UD2.120 (Chavanne) python_weboob Yes we can use the Web outside of Browsers Python devroom <p>Weboob is a python framework for web scraping, providing command-line tools and GUI applications. It supports several types of websites, from video collections to bug trackers, online banking or parcel tracking.</p> <p>The framework handles many types of website <em>capabilities</em> through various modules. The command-line tools allows scripting easily with several <em>formaters</em> (JSON, CSV...), but we can also use it as a python framework.</p> <p>Writing modules to support more websites is also very easy with the new Browser2 API.</p> François Revol Weboob homepage Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:30 00:30 UD2.120 (Chavanne) python_data_structures list, dict: how does CPython actually implement them? Python devroom <p>When writing Python code, you might find yourself using lists and dictionaries pretty often. But do you really know how they work? Fortunately, their implementation as well as their history are (really) well documented. In this presentation, we will dive into CPython 3.6 internals, explain how these data structures have been designed, how they behave (and why).</p> Flavien Raynaud CPython 3.5 source code 2010 PyCon talk on dict - Brandon Rhodes Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 00:30 UD2.120 (Chavanne) cloud_native_python The road to being a first-class Kubernetes application Python devroom <p>Serverside applications are more and more likely to need to run in dynamic cloud environments where they can automatically scale as required. One rightfully popular approach is to run the application as a Docker container inside a Kubernetes cluster, giving you a lot of operational benefits thanks to the Kubernetes folks.</p> <p>For the most part it is rather easy to make your Python application work inside a Docker container. But there are a number of common patterns one can follow to save time by delegating more things to the runtime environment. Furthermore you can start adding a few simple non-intrusive features to your application which will help improve the application live-cycle in the cluster, ensuring smooth hand-over when migrating the container to different nodes or scaling it up or down.</p> <p>This talk will discuss how to write a Python application which will behave well in this environment, starting with the basics steps you can rely on the runtime for, covering logging and all the way to supporting the service life-cycle, health checking and monitoring in a Kubernetes environment. You will see that building a cloud-native application is not very hard and something you can gradually introduce.</p> Floris Bruynooghe Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:30 00:30 UD2.120 (Chavanne) python_gdb Python devroom <p>When things go wrong in production, it can be necessary to troubleshoot problems where they occur, instead of in a development environment. In those situations having a working knowledge of GDB, GDB Python Extensions, and strace is very helpful. You will see some simple techniques to get insight into those situations. This talk outlines several techniques for connecting to an already running, "stuck", or deadlocked Python process using GDB for debugging.</p> <p>During the talk, we will:</p> <ul> <li>inspect the current state of threads with</li> <li>use and demo the GDB macros for Python</li> <li>inspect a locally running process and a core dump collected from a remote machine</li> <li>use strace to gather system call information about a process</li> <li>discuss the SIGTRAP handler as a proactive way to make rpdb available in production.</li> </ul> <p>I have had to debug several hard-to-find bugs that were very infrequent deadlocks using Python. Furthermore it was happening on remote machines I could not have network access to. This technique was invaluable in those situations.</p> <p>Everything is in the abstract</p> Brian Bouterse Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 UD2.120 (Chavanne) python_coroutines A gentle introduction Python devroom <p>A talk about async programming, touching briefly on the history &amp; Python3.4 before moving on to introducing async/await in Python3.5 (and how to test) Briefly mentions curio by DaBeaz.</p> Ewoud Van Craeynest Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:30 UD2.120 (Chavanne) python_raspberry_pi Physical computing, GPIO, HATs and IoT with Python Python devroom <p>Introducing Python developers to the world of physical computing and IoT using Python on the Raspberry Pi.</p> <p>There's great fun to be had using the Pi's GPIO pins to connect with the real world for home automation and IoT projects. Python libraries like GPIO Zero, Picamera and Sense HAT provide a simple interface to GPIO devices, HATs and more.</p> <p>I will demonstrate the possibilities and show the power of Python in this environment.</p> <p>The Raspberry Pi Foundation is working to put the power of digital making in the hands of people all over the world, and is well known for its series of small, cheap single board computers.</p> <p>The Raspberry Pi runs a well supported Linux distro based on Debian, which ships with a variety of programming tools and educational software. Python is the main supported language on the platform, used in many educational resources, and many Python libraries exist for making the most of the Pi platform with other devices.</p> <p>I will cover:</p> <ul> <li>Raspberry Pi Foundation mission</li> <li>Raspberry Pi hardware specs</li> <li>Raspbian desktop</li> <li>GPIO pins</li> <li>GPIO Zero (Python library)</li> <li>Picamera</li> <li>Astro Pi (ESA space mission) &amp; Sense HAT</li> <li>More HATs</li> <li>Pi projects</li> <li>Raspberry Pi community</li> </ul> Ben Nuttall GPIO Zero Raspberry Pi Sense HAT Astro Pi HATs My previous talks on speakerdeck List of my talks Talk slides Picamera GPIO Zero GitHub pinout.xyz Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:30 UD2.120 (Chavanne) python_stable_benchmark Python devroom <p>Working on optimizations is a task more complex than expected on the first look. Any optimization must be measured to make sure that, in practice, it speeds up the application task. Problem: it is very hard to obtain stable benchmark results.</p> <p>The stability of a benchmark (performance measurement) is essential to be able to compare two versions of the code and compute the difference (faster or slower?). An unstable benchmark is useless, and is a risk of giving a false result when comparing performance which could lead to bad decisions.</p> <p>I'm gonna show you the Python project "perf" which helps to launch benchmarks, but also to analyze them: compute the mean and the standard deviation on multiple runs, render an histogram to visualize the probability curve, compare between multiple results, run again a benchmark to collect more samples, etc.</p> <p>The use case is to measure small isolated optimizations on CPython and make sure that they don't introduce performance regression in term of performance.</p> Victor Stinner Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:30 UD2.120 (Chavanne) python_prompt_toolkit two years later Python devroom <p>Two years ago at Fosdem 2015, I presented prompt_toolkit, a library for building command line applications. A lot of progress was made, and it became the foundation for the UI in many tools, including IPython, http-prompt, xonsh and others.</p> <p>During this talk, we'll have a look at how prompt_toolkit progressed, how it became successful, how it created a community/ecosystem of many new command line applications, and the future.</p> <p>Two years ago at Fosdem 2015, I presented prompt_toolkit, a library for building command line applications. A lot of progress was made, and it became the foundation for the UI in many tools, including IPython, http-prompt, xonsh and others.</p> <p>During this talk, we'll have a look at how prompt_toolkit progressed, how it became successful, how it created a community/ecosystem of many new command line applications, and the future.</p> Jonathan Slenders Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:30 UD2.120 (Chavanne) python_asynctest easier testing of asyncio code Python devroom <p>asynctest enhances the standard python package unittest with features for asyncio. This talk aims at presenting asynctest and discuss various practices around unit testing of code using asyncio.</p> <p>This talk aims at presenting asynctest, a library written on top of the standard unittest module. asynctest provides features for writing tests for libraries and programs using asyncio.</p> <p>We will discover handy features like:</p> <ul> <li>how asynctest.TestCase reduces boilerplate and offers safeguards around subtle mistakes in an asynchronous code,</li> <li>how asynctest.Mock objects helps to mock coroutines, and how patch decorators are enhanced to handle coroutines,</li> <li>how one can control the event loop's clock.</li> </ul> <p>I will also discuss the future of asynctest and planned features.</p> Martin Richard Slides of a previous similar talk Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:30 UD2.120 (Chavanne) optimization_with_pulp Python devroom <p>Computer Aided Scheduling using Linear Programming with PuLP</p> Marc-André Lemburg Video recording (mp4) Video recording (WebM/VP8) Submit feedback 10:00 01:00 UD2.218A terrible_bsp Working with jurassic vendor kernels, missing pieces and buggy code Embedded, mobile and automotive devroom <p>System-on-Chip vendors typically provide a board support package (BSP) which should be a good starting point to develop the software for an embedded Linux system. However they often seem to misunderstand what the software designers want, and deliver something that makes their life harder without any apparent benefit.</p> <p>In this talk Luca will share some of his experiences with such vendor BSPs, featuring jurassic kernels, non-working drivers, non-existing bootloaders, code of appallingly bad quality, ineffective customer support and Windows-only tools.</p> <p>You will discover why he spent weeks in understanding, fixing and working around BSPs instead of just using them. The effects on the final product quality will be described as well.</p> <p>Luca will also discuss what the options are when you face such a BSP, and what both hackers and vendors can do to improve the situation for everybody's benefit.</p> Luca Ceresoli Video recording (mp4) Video recording (WebM/VP8) Submit feedback 11:00 01:00 UD2.218A open_source_car_control Embedded, mobile and automotive devroom <p>This fall my team launched the Open Source Car Control (OSCC) project, a by-wire control kit that makes autonomous vehicle development accessible and collaborative to developers at every level. In this presentation, we discuss the project and its implications on the development of autonomous cars in a vertically integrated and traditionally closed industry.</p> <p>A primary barrier to entry in autonomous vehicle development is gaining access to a car that can be controlled with an off-the-shelf computer. Purchasing from an integrator can cost upwards of $100K, and DIY endeavors can result in unreliable and unsafe solutions. The OSCC project acts as a solution to these problems. OSCC is a kit of open hardware and software (based on Arduino) that can be used to take control of the throttle, brake, and steering in modern cars. The result is a fully by-wire test car that can be built for about $10K (USD), including the vehicle. In this discussion, we unpack the impetus and development of the OSCC project, challenges we encountered during development, and the role projects like OSCC have in a necessary “flattening” of the automotive industry.</p> Josh Hartung Open Source Car Control website Open Source Car Control code repository Video recording (mp4) Video recording (WebM/VP8) Submit feedback 12:00 01:00 UD2.218A kernel_dlc_metrics Embedded, mobile and automotive devroom <p>SIL2LinuxMP strives to qualify a defined GNU/Linux subset for the use in safety-related systems by "assessment of non-compliant development". To demonstrate that the kernel has achieved suitable reliability and correctness properties basic metrics of such properties and their statistic analysis can be used as part of the argument. While IEC 61508 Ed 2 always pairs testing and analysis, we believe that for a high complexity system traditional testing is of relatively low effectiveness and analytical methods need to be the primary path.</p> <p>In this talk we outline the used methods and give examples as well as key findings.</p> <p>SIL2LinuxMP strives to qualify a defined GNU/Linux subset for the use in safety-related systems by "assessment of non-compliant development". To demonstrate that the kernel has achieved suitable reliability and correctness properties basic metrics of such properties and their statistic analysis can be used as part of the argument. Linux has a wealth of analytical tools built-in to it which allow to extract information on compliance, robustness of development, as well as basic metrics on complexity or correctness with respect to defined properties. While IEC 61508 Ed 2 always pairs testing and analysis, we believe that for a high complexity system traditional testing is of relatively low effectiveness and analytical methods need to be the primary path. To this ends we outline some approaches taken:</p> <ul> <li>Bug-age analysis</li> <li>Bug-rates and trend analysis</li> <li>Code-complexity/bug relationship</li> <li>Brain-dead correctness analysis</li> <li>Interface and type-correctness analysis</li> <li>API compliance analysis</li> <li>Analysis of build-bot data</li> </ul> <p>While much of the data points to robust and mature code there also are some areas where problems popped up. In this talk we outline the used methods and give examples as well as key findings. FLOSS development has reached a quite impressive maturity, to substantially go beyond we think it will need the use of quantitative process and code metrics - these results from SIL2LinuxMP may be a starting point.</p> Nicholas Mc Guire Video recording (mp4) Video recording (WebM/VP8) Submit feedback 13:00 01:00 UD2.218A loco_positioning_crazyflie Presentation with a demo of autonomous Crazylfie 2.0 quadcopter Embedded, mobile and automotive devroom <p>Positioning in robotics has alway been a challenge. For outdoor, robots GPS is solving most of the practical problems, but indoor, precise localization is still done using expensive proprietary systems mainly based on an array of cameras.</p> <p>In this talk, I will present the loco positioning system: an open source Ultra Wide Band radio-based local positioning system, why we need it and how it works. I will also speak about its usage with the Crazyflie 2.0 open source nano quadcopter, of course ending with an autonomous flying demo.</p> <p>I am Arnaud Taffanel, co-founder of Bitcraze. Bitcraze is designing and making the Crazyflie 2.0 nano quadcopter, a flying open source development platform. We are designing, making and selling hardware platforms and releasing all software as open source projects on Github.</p> <p>From the beginning of the Crazyflie project, when it was still an after-work fun project, we were dreaming of a Local Positioning System that would allows us to fly the quadcopter autonomously. For years, the only viable solutions where very expensive camera-based motion capture systems. We have been assisting researchers using the Crazyflie with this kind of system but it was out of our reach and out of reach for most of the community.</p> <p>About a year ago, we discovered that a company, Decawave, had released an ultra-wide-band radio module that would allows us to build an Local Positioning System for a fraction of the price of the motion captures system. This became the Loco Positioning System and it is still under heavy development with the help the community. The Loco Positioning System hardware has been released last summer in "early access" which means that the hardware was finished and tested but that much of the software and algorithm were still under development.</p> <p>We now have a flying system. With the help of researchers and industrials, we are starting to have state-of-the art algorithm for position estimation and autonomous flight. Currently the main users for the LPS and Crazyflie are universities for research and education, technical artists for shows and industrials for research and tech demos. In the future, technologies and algorithm developed for the LPS will be used for even-more affordable positioning system (for example based on webcams) to allow anyone to play with autonomous flying platforms.</p> Arnaud Taffanel Description of the system with a video of me presenting its setup Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:00 00:30 UD2.218A succes_failure_autonomous_driving Embedded, mobile and automotive devroom <p>On FOSDEM 2014, Tilmann Ochs, Daniel Wagner and I presented research activities to define, motivate and implement a software platform for autonomous driving systems using open-source software. On FOSDEM 2017, we re-evaluate this effort and critically review its progress, its success and its failure. We discuss on-going software development activities, technical influences for selecting the communication middleware and the operating system, and the economics of automotive software development with implications on use and development of open-source software.</p> <p>Since 2013, Tilmann Ochs, Daniel Wagner and I have been working on research activities to define, motivate and implement a software platform for autonomous driving systems using custom-off-the-shelf open-source software. On FOSDEM 2014, we presented our understanding of future automotive software and our plans to use pre-existing open-source software for implementation of a collaborative automotive base platform.</p> <p>Now, three years later, it is time to re-evaluate this effort and critically review its progress, its success stories and its failures. In this talk, we present our main assumptions in 2013, and give some insights in on-going software development activities supporting our ideas. Then, we evaluate to which extend we were successful to implement these ideas, to which extend we could improve our understanding, and how this has refined our plans.</p> <p>On the technical side, we discuss the factors that influence the selection of the communication middleware and the underlying operating system of an automotive platform for autonomous driving systems. On the business side, we discuss the economics of automotive software development and implications on use and development of open-source software in the automotive domain that we encountered.</p> Lukas Bulwahn Slides: Research on an Open-Source Software Platform for Autonomous Driving Systems Paper: Research on an Open-Source Software Platform for Autonomous Driving Systems Slides: An Open-Source Software Platform for Autonomous Driving Systems Video recording (mp4) Video recording (WebM/VP8) Submit feedback 14:30 00:30 UD2.218A device_specific_compositors Embedded, mobile and automotive devroom <p>In this talk, I will give an introduction into the QtWayland Compositor framework and show how to use it to create a Wayland compositor from scratch. The QtWayland Compositor API is rather new and just got its first stable release with Qt 5.8. It can be used to create Wayland compositors from scratch within only a few hours and completely adapt them to the UI concept of your embedded device. My talk focus on how to use the framework within a complex multi-application automotive scenario.</p> <p>Wayland is today's standard to perform window compositing on embedded Linux devices. In cars, one typically uses the automotive specific "IVI" protocol extension to talk to the compositor. This works well if you have a UI with only limited window dynamics or animations, like a static display of windows from different processes (e.g. display consisting of a radio control window, a climate control window...). But if you want to add fancy window animations and/or have a certain complex workflow for your UI in mind, the IVI protocol shows its limits. However, writing your own Wayland compositor is no option in such a case due to the amount of work and the introduced complexity/bugs. In this talk, I will explain why and when the QtWayland Compositor Framework provides you with a new alternative.</p> <p>The QtWayland Compositor API, which only recently entered the realm of stable released Qt API, makes it almost trivial to create your own Wayland compositor. Even adding your own protocol extensions, for which your UX designers can add any fancy (QtQuick) animation you can dream of, is simple. In my talk, I will give an introduction into the QtWayland Compositor framework and show how to use it to create a Wayland compositor from scratch. I will focus on my own experience as an embedded device developer from using the framework in real-life automotive scenarios. However, like most people in the embedded world, I cannot directly talk about my projects, but instead will talk about a hypothetical "Kitchen HMI" project, which yet will cover the full complexity of a multi-application device. Specifically, this Kitchen HMI will feature the following:</p> <ul> <li>The windows from different example applications (clock app, tea cooking timer app, egg cooking timer app) will be composed in a uniform UI by a QtWayland based Wayland compositor.</li> <li>The compositor provides a custom protocol extension for alarming ("hey, your tea is ready!").</li> <li>The windows will have nice animations, actually you can handle them the same as QtQuick items in the canvas of a QtQuick application.</li> </ul> <p>Attending the talk will provide you with the required knowledge to do all of the above on your own and specifically show that window handling in a QtWayland compositor "feels" the same like doing simple declarative QtQuick UI development.</p> Andreas Cord-Landwehr Demo Code Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:00 00:30 UD2.218A lava_laboratory (in less than 30 minutes) Embedded, mobile and automotive devroom <p>Linaro Automated Validation Architecture (LAVA) is without a doubt one of the best currently available tools for managing board farms. It is proven to be quite a handy tool for both developers and tests automation engineers. Although it is provided together with extensive documentation, creating first own laboratory might be a challenging task. Does it have to be for every newcomer? During this talk Paweł will guide through the process of setting up own LAVA instance. Starting from LAVA installation, through common post-install tasks, up to running first tests on a brand new board farm.</p> <p>This talk will provide an introduction to setting up and maintaining LAVA laboratory. Presentation aims at breaking barriers between novice users and the technology itself. Paweł will also present how to manage LAVA configuration and how to easily make deployments automated and reproducible. Materials shared during this talk focus on providing starting points for both beginners and experienced LAVA administrators.</p> Paweł Wieczorek Video recording (mp4) Video recording (WebM/VP8) Submit feedback 15:30 00:30 UD2.218A testing_with_volcanoes Embedded testing going distributed Embedded, mobile and automotive devroom <p>LAVA and Fuego are great tools individually already. Combining and extending them allows for a much broader test coverage than each tool alone can provide. In this presentation, Jan-Simon Möller will present the features of the combined infrastructure and highlight the tools and work done to integrate both tools. Also in focus is how to distribute the test infrastructure across multiple sites to include more boards. In the end we'll discuss the lessons learned and future developments.</p> <p>The focus of this talk is to share the experiences made and lessons learned so ppl can integrate such tools better in their own environment. It also raises the pain-points and open issues when setting up a distributed environment.</p> <p>Especially for Automotive, Long-Term-Support, CIP or Consumer Electronics, advancing the Test-harness is essential to raise the bar and strengthen the confidence in our embedded platforms. Automated testing can improve our ecosystem from two sides: during development (feature does work <em>and</em> does not break things) and during maintenance (no regressions through backports).</p> Jan-Simon Möller Slides Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:00 00:30 UD2.218A lowpan_embedded Embedded, mobile and automotive devroom <p>Adding support for IEEE 802.15.4 and 6LoWPAN to an embedded Linux board opens up new possibilities to communicate with tiny devices. The mainline kernel supports the wireless protocols to connect such devices to the internet, acting as border router for such networks.</p> <p>This talk will show how to add the needed transceiver to existing hardware, how to enable and configure the kernel subsystems to use it and how to communicate between Linux and IoT operating systems like RIOT or Contiki.</p> <p>Adding support for IEEE 802.15.4 and 6LoWPAN to an embedded Linux board opens up new possibilities to communicate with tiny, IoT type of, devices.</p> <p>Bringing IP connectivity to devices, like sensors, with just a few kilobytes of RAM and limited battery power is an interesting IoT challenge. With the Linux-wpan and 6LoWPAN subsystems we get Linux ready to support the needed wireless standards as well as protocols that connect these tiny devices into the wider internet. To make Linux a practical border router or smart home hub for such networks.</p> <p>This talk will show how to add the needed transceiver hardware to an existing hardware and how to enable and configure the Linux-wpan and 6LoWPAN mainline subsystems to use it. The demonstration will include setting up the communication between Linux and other popular IoT operating systems like RIOT or Contiki as well.</p> Stefan Schmidt Linux-WPAN homepage Linux-WPAN GitHub repos Video recording (mp4) Video recording (WebM/VP8) Submit feedback 16:30 00:30 UD2.218A openpowerlink_over_xenomai Embedded, mobile and automotive devroom <p>Industrial Ethernet is a successor of classic field bus such as CAN, MODBUS or PROFIBUS. POWERLINK was created by B&amp;R Automation and provides performance and real­time capabilities based on standard Ethernet hardware. openPOWERLINK is open source and runs on lots of platforms such as Linux, Windows, various RTOS and dedicated hardware (FPGA). We will explain how to use openPOWERLINK on top of Xenomai 3, a powerful realtime extension for Linux kernel based on co-­kernel technology.</p> <p>Current version of openPOWERLINK runs on Linux with (or without) PREEMPR_RT patch.</p> <p>Xenomai is an alternative to PREEMPT_RT. It's not a single patch for the Linux kernel but runs as a dual kernel (Linux and Cobalt) on top of a micro-kernel (ADEOS/I-pipe).</p> <p>This is the 2nd version of conference about openPOWERLINK/Xenomai as the port works now on the famous BeagleBone Black board running Linux (Buildroot based distro) or Android.</p> <p>This presentation will introduce openPOWERLINK as an alternate - and open source - solution to proprietary products such as EtherCAT.<br/> We will introduce Xenomai and explain how to integrate the openPOWERLINK stack with Xenomai 3.0. Finally we will compare Xenomai and PREEMPT_RT version running on the same hardware.</p> <p>http://xenomai.org/ http://openpowerlink.sourceforge.net/web/</p> Pierre Ficheux Submit feedback 14:00 02:00 UD2.Corridor keysigning Keysigning keysigning <p>The FOSDEM 2017 PGP Keysigning</p> <p>The keysigning event takes place in the corridor on the second level of the U building. There is no fixed end time. Previous editions last for approximately one hour per 100 keys on the list. You must register before the conference to take part. Please bring the printed list, a pen and appropriate form of identification with you the event.</p> <p>Please note that registrations are now closed. Only people who registered in advance may take part. (The deadline was about a week before the conference.)</p> Submit feedback 11:30 00:45 J1.106 openchrom_bof BOFs (Track C - in J1.106) bof <p>OPENChrom BOF</p> Submit feedback 14:00 01:00 J1.106 zerocat_org BOFs (Track C - in J1.106) bof <p>zerocat.org BOF</p> Submit feedback 15:00 01:00 J1.106 nixos_bof_community_meet_up NixOS-BOF BOFs (Track C - in J1.106) bof <p>You're all more then welcome to join this community meet-up about NixOS in general</p> <p>You're all more then welcome to join this community meet-up about NixOS in general</p> Submit feedback