FOSDEM 2018

FOSDEM 2018 ULB (Université Libre de Bruxelles) Brussels 2018-02-03 2018-02-04 2 09:00:00 00:05:00 09:30 00:25 Janson keynotes_welcome Welcome to FOSDEM 2018 Keynotes keynote FOSDEM welcome and opening talk. Welcome to FOSDEM 2018! FOSDEM Staff Submit feedback 10:00 00:50 Janson osi Consensus as a Service Twenty Years of OSI Stewardship Keynotes keynote The Open Source label was born in February 1998 as a new way to popularise free software for business adoption. OSI will celebrate its 20th Anniversary on February 3, 2018, during the opening day of FOSDEM 2018. The presentation will summarize the evolution of open source licences and the Open Source Definition (OSD) across two decades, explain why the concept of free open source software has grown in both relevance and popularity and explore trends for the third decade of open source. Open source software is now ubiquitous, recognized across industries as a fundamental component to infrastructure, as well as a critical factor for driving innovation. Over the past twenty years, the OSI has worked to promote and protect open source software, development, and communities, championing software freedom in society through education, collaboration, and infrastructure, stewarding the Open Source Definition (OSD), and preventing abuse of the ideals and ethos inherent to the open source movement. The “open source” label was created at a strategy session held at the start of February 1998 in Mountain View, California. That same month, now almost twenty years ago, the OSI was founded as a general educational and advocacy organization to raise awareness and adoption for the application of free software in an open development process. Some of the largest forces in business today — consumer-facing companies like Google and Facebook, business-facing companies like Salesforce and SUSE, companies outside the tech industry such as BMW, Capital One, and Zalando, even first-gen tech corporations like Microsoft and IBM — all increasingly depend on open source software. Governments too, including the European Union, France, India, the United Kingdom, the United States, and many others have discovered the benefits of open source software and development models. Successful collaborative development of software and infrastructure used by these organizations is enabled by the safe space created when they use their IP in new ways... to ensure an environment for co-creation where the four essential freedoms of software are guaranteed. As open source adoption has expanded, we have seen changes in the assumptions surrounding licensing, governance and development of open source projects. We will document that evolution and look ahead to see what trends and pressures face the global free and open source software movement as it expands beyond ICT to wireless, distributed devices and beyond. Simon Phipps Italo Vignoli Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 11:00 00:50 Janson next_generation_internet Next Generation Internet Initiative An opportunity to fix the internet Keynotes keynote The new Next Generation Internet initiative could be the first real opportunity to put large scale public funding to work to really fix the internet. With an order of magnitude of hundreds of millions of euro in research, development and engineering effort it can actually be a major step toward reaching the post-Snowden internet we want. NLnet Foundation and Gartner Europe that wrote the strategic vision for the Next Generation Internet initiative will present the work they did in a unique collaboration which sought the expertise of key organisations and communities in the field - like RIPE (the European regional internet registry), GÉANT (research networks), the European assocation of country domain name organisations, ISP associations, the internet exchanges, the open source community (FSFE), the digital civil rights community (EDRi) and Internet Society. So not just the separate communities that operate different 'layers' (or rather slices) of the technology but also what we consider 'ethical guardians' of the internet. 2018 celebrates the fifth anniversary of the Edward Snowden revelations. Full details about covert mass scale surveillance at internet scale stripped the internet naked of every romantic assumption we held about it. The news sent a transformative shock throughout the global technology community. We were all convinced the internet would soon fix these horrible security shortcomings now that we knew - although naivity was destroyed and the internet would never be the same again. The world has fast forwarded itself five years. We must conclude - with some sadness - that the internet was not fixed for us. We are still waiting for major structural change. To the regular end user, a safe and secure 'post-Snowden' internet is far away: in day to day usage they still by and large have to use the same unfixed and insecure internet we had before. In fact, things in some areas have gotten worse as other actors besides foreign state agencies have gained immense powers over us. We are now asked by social networks to turn all our nude pictures over to them voluntarily so they may protect us. One reason for this sad state of affairs, is that it has take time to follow up the Snowden revelations by adequate political measures. And to be frank, it took a while for public funding organisations in Europe to even understand their crucial role in this. The internet is not going to fix itself. Many of the more promising efforts in this realm have been 'bottom up' efforts from individuals or small teams, but these isolated efforts miss critical mass to actually scale up and change the mainstream internet. The new Next Generation Internet initiative could be the first real opportunity to put large scale public funding to work to really fix the internet. With an order of magnitude of hundreds of millions of euro in research, development and engineering effort it can actually potentially change the balance of power. The Europen Commission (where the money for NGI originates) did not try to invent such a strategy by: it invited NLnet Foundation and Gartner Europe to write a strategic vision for the Next Generation Internet and identify what needs to be done to really move the internet forward. NLnet Foundation is an independent public benefit organisation which was set up by pioneers of the European internet in the eighties, and which has been funding key open source initiatives for over two decades. Gartner Europe is an equally independent consulting company that knows what is being decided in board rooms before anyone else. In a unique collaboration they sought the expertise of key organisations and communities in the field - like RIPE (the European regional internet registry), GÉANT (research networks), the European assocation of country domain name organisations, ISP associations, the internet exchanges, the open source community (FSFE), the digital civil rights community (EDRi) and Internet Society. So not just the separate communities that operate different 'layers' (or rather slices) of the technology but also what we consider 'ethical guardians' of the internet. The NGI initiative has learned from the enormous failures of the past five years. Gone will be the need to create artificial consortia. Gone will be a lot of the bureaucratic paperwork. There is a clear vision. There is a plan. And there is money to fund the right things. Open source is seen as the key mechanism to make it actually happen, and the first calls for funding from the NGI initiative are out. Now what is needed is the developers to seize the opportunity to scale up and more importantly to connect their initiatives. Fixing the internet is a 'moonshot plus' effort: the internet is the largest technical structure man has ever made, and the task at hand is to vastly improve its very operating fabric with 3 billion + people using it on a daily basis. This may essential to our daily operations, but it is equally or even more important for upholding our human values and basic human rights in Europe. In addition to new open source technology this will also require a larger political agenda of Europe as an integral part of the approach too - in some cases regulating the most predatory behaviour from bad actors might be necessary to restore health back to the internet. Rob van Kranenburg Michiel Leenaars Marietje Schaake Georgios Tselentis More background info on NGI initiative The NGI.eu website The vision behind NGI FOSDEM interview Michiel Leenaars FOSDEM interview Rob van Kranenburg Slides Michiel Leenaars Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:50 Janson unix_evolution Unix Architecture Evolution from the 1970 PDP-7 to the 2018 FreeBSD Important Milestones and Lessons Learned History maintrack Based on a <a href="https://github.com/dspinellis/unix-history-repo">GitHub repository</a> recording the history of the Unix code from 1970 until today, we look at the most significant elements and milestones of the system's architectural evolution and the lessons we can learn from it. The Unix operating system has had a profound influence on the development of open source software and associated communities. Many of today's systems trace their code or design to a 1970 unnamed operating system kernel, implemented in 2489 lines of PDP-7 assembly language. This evolved into the Unix operating system, whose direct descendants include today's BSD systems and intellectual heirs form the various GNU/Linux distributions. How did the architecture of Unix evolve over the past half century? Based on a <a href="https://github.com/dspinellis/unix-history-repo">GitHub repository</a> recording the system's history from 1970 until today, a <a href="https://dspinellis.github.io/unix-history-man/index.html">database recording the evolution of provided facilities</a>, and the reconstruction of the <a href="https://github.com/dspinellis/unix-v3man">Third</a> and <a href="https://github.com/dspinellis/unix-v4man">Fourth</a> Edition Unix manuals, we will examine the most significant milestones of this development and the lessons we can learn. Many architectural features, such as layering, system calls, devices as files, an interpreter, and process management, were already visible in the 1970 version. Other ideas followed quickly: the tree directory structure, user contributed code, I/O redirection, the shell as a user program, groups, pipes, and scripting. Later versions added domain-specific languages, environment variables, a documented file system hierarchy, software packages, virtual memory support, optimized screen handling, networking, storage pools, dynamic tracing, and a packet capture library. Based on a record of facilities documented over the years we will see areas in which evolution continues at an unchanged pace and areas where it appears stalled. We will also see how one measure of code complexity has followed a self-correcting path. Lessons we can derive from this amazing ride include the durability of early architectural features, the value of establishing conventions over the imposition of rigid mechanisms, the importance of additions made after the system's gestation, and the increasing difficulty of bringing about ground-breaking changes as Unix ages. Diomidis Spinellis First Research Edition architecture diagram Modern FreeBSD architecture diagram Evolution of Unix facilities dataset The Unix History Repository A visualization of Unix evolution Reconstrution of the Third Edition Manual (nroff) Reconstrution of the Fourth Edition Manual (troff) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:50 Janson alternative_histories The circuit less traveled Investigating some alternate histories of computing. History maintrack Retrocomputing, lost lessons of software design, a quarter of a century of failed progress - and how learning from the past could lead to the next generation of computers. There are many now-forgotten OSes and languages that could do things that modern systems can't even approach, but they are long gone, out-competed by inexpensive commodity computers and lowest-common-denominator software. This talk discusses some of that forgotten history, and how what we did instead has landed has landed us with significant problems... and some possible ways that we could escape these problems and find new ways forward. It will touch upon Plan 9 and Inferno, Taos and Intent/Elate, the Dandelion machines and Mesa, Oberon, OpenGenera, Movitz, ChrysaLisp, Urbit, the Canon Cat, the original Newton OS and Dylan, and more besides. It will also examine the next big transition that we're facing, one that almost nobody has noticed and which existing OSes are ill-suited to handle -- and how learning from the past could help improve the future. Liam Proven Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 Janson digital_archaeology Digital Archaeology Maintaining our digital heritage History maintrack In a few years time, it will be impossible to study the history of retro-computers since its software was either proprietary, closed-source, written in a now-obsolete language, or encumbered by software “protection” to prevent copying. Furthermore, the hardware upon which it ran is dying, and the cassette tapes holding the software are physically disintegrating. This talk covers a ten-point plan outlining the primary issues in digital archaeology. It covers the methods necessary to preserve our computing legacy, the use of emulation, and how open source can help with this endeavour. We end with an overview of some projects that will inspire you, and help you preserve your own slice of history! Steven Goodwin Digital Heritage em.ulat.es Emulation as a service Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:50 Janson edsac Reimagining EDSAC in open source An valve computer reimplemented using FPGAs, Arduinos, 3D printing and discrete electronics History maintrack We have recreated one of the first modern computers using a low cost FPGA board, Arduinos, 3D printing and simple discrete electronics. Aimed at schools and hobbyists, this open source project allows a new generation to experience the operation of a computer from 1948. This talk will tell the story of the project, culminating in the three day extravaganza that was ChipHack 2017. I will be demonstrating all the components of the system: the delay line, the 3D printed peripherals and the processor core on FPGA. At the end of this talk, I hope you will understand more about this historic computer and be inspired to build your own EDSAC. Chip Hack was run as part of the Wuthering Bytes Technology Festival 2017. To celebrate the 60th anniversary of the British computer society, EDSAC was recreated on the myStorm FPGA boards. The Verilog implementation was written by Hatim Kanchwala, a Google Summer of Code student from India. The key EDSAC peripherals were reimagined and interfaced with the FPGA boards. Sir Prof Maurice Wilkes designed EDSAC and built it with the University of Cambridge. Instead of trying to make the computer the fastest or smallest, he wanted EDSAC to be useable so that everyone at the University could have access to a computer for their research. EDSAC stands for electronic delay storage automatic calculator and was based on EDVAC, a binary stored-program computer. Punched tape was used to read in the programs. The tape was written using 5-bit wide code. In the reimagined version of EDSAC punched tape was read by reflecting light off of the paper as it was fed through by a motor. The amount of light reflected corresponded to the colour of the tape therefore a hole, substituted for by a black dot, could be found. An extra line of dots down the middle worked as a clock line. Once the program was completed successfully the output would be sent to a teleprinter, a typewriter like electro-mechanical machine. To simulate this, a thermal printer that was able to communicate with an Arduino was interfaced with myStorm Verilog EDSAC. The thermal printer was also used to print the punched tape. When EDSAC was turned on, a series of instructions had to be read into the machine. This was error prone and took a very long time to do. To fix this problem, rows of switches were added to the front panel of the computer. This meant that the initial instructions could be boot-strapped in upon start up. Due to the price of toggle switches, the reimagined front panel used two rows of headers and connectors. The bottom row of headers was always positively charged. Each set of headers were connected to an Arduino pin. Therefore, when a header pair was connected the pin is pulled high. The last peripheral reimagined were the delay lines. These were used as part of EDSAC logic to hold multiple words of information. A short word was 18 bits long and the long word was 36 bits long. Due to problems with the logic system, the last bit for each word was lost and so a short word is usually seen to be 17 bits long and the long word is 35 bits long. To store the word, pipes full of mercury had series of pulses send from the top to the bottom of the tubes. A logic circuit would be able to convert the signal received upon every clock pulse to binary and send it back to the top of the tube to be sent down again. To simulate the mercury delay lines, a material that was safer and cheaper was used to fill the tubes, air. Similar to the original design, a series of pulses held by a 4 kHz carrier was sent down the tube. An Arduino was able to reassemble to series of pulses at the bottom of the tube and resend the information down the tube. Due to travel issues the tubes had to be short so only a few bits could be held in the tube at any one time. All materials used were open source because the teaching resource created was designed to be easily used in classrooms and maker spaces. All reimagined peripherals use OpenSCAD and a RepRap 3D printer for the 3D printed components. Overall, Chip Hack was a great success. Everyone who came learned something about Verilog and enjoyed the talks about the history behind EDSAC. It is quite difficult to get the pacing correct when designing a course for beginner and expert so a lot of people needed to spend extra time on the tutorials. Mary Bennett Chip Hack website Tutorial GitHub Peripheral GitHub One of Hatim's FOSSi blog post Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:50 Janson mysql_scaling MySQL: Scaling & High Availability Production experience for the last decade Performance maintrack Percona are known as the MySQL performance experts, and with over 4,000 customers, we have a list of how to scale and ensure your application is highly available. Come learn from our playbook, and leave this talk ensuring your MySQL database is running faster and more optimised than before. Peter Zaitsev Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:50 Janson elasticsearch Elasticsearch (R)Evolution You Know, for Search... Performance maintrack Elasticsearch is a distributed, RESTful search and analytics engine built on top of Apache Lucene. After the initial release in 2010 it has become the most widely used full-text search engine, but it is not stopping there. The revolution happened and now it is time for evolution. We dive into the following questions: <ul> <li>How did leniency help the initial adoption, but why and how do we lean more on strictness today?</li> <li>How can upgrades be improved to avoid any downtime even when changing major versions?</li> <li>How can new resiliency features improve recovery scenarios and add totally new features?</li> <li>Why are types finally disappearing and how are we are trying to avoid the upgrade pain as much as possible?</li> <li>What are examples for some clever performance improvements?</li> <li>How can you shrink and (finally) split shards in a highly efficient way?</li> </ul> Attendees learn both about new and upcoming features as well as the motivation and engineering challenges behind them. Philipp Krenn Slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:50 Janson optimizing_sds Optimizing Software Defined Storage for the Age of Flash Performance maintrack High-performance flash storage like NVMe SSDs are becoming commonplace in production environments. In this age of fast storage, inefficiencies in storage software stacks that were previously acceptable with slow spinning devices, are no longer tolerable. There are even faster technologies, like NVDIMMs, on the horizon. These developments are particularly challenging for distributed storage solutions like Gluster and Ceph, where network latencies are a fact of life. This talk is on performance analysis and troubleshooting tools and techniques for this age. In this talk, we will share some of our experiences in driving performance improvements in gluster to enable it to better deliver the performance of fast hardware devices to applications that need it. We will cover our performance analysis methodology and some of the common problem areas we see as we try to scale in performance. We will discuss some of the tools available for troubleshooting performance bottlenecks, like perf and mutrace. But tools alone are insufficient to troubleshoot performance issues and we will share some of the techniques that we employ to get the needed insights from our tools. We will present examples for how instrumentation in the code is sometimes invaluable in identifying performance issues. Krutika Dhananjay Manoj Pillai Raghavendra Gowdappa Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:50 K.1.105 (La Fontaine) python3 Python 3: 10 years later Looking back at Python evolutions of the last 10 years Python maintrack Python 3.0 was released 10 years ago. It's time to look back: analyze the migration from Python 2 to Python 3, see the progress we made on the language, list bugs by cannot be fixed in Python 2 because of the backward compatibility, and discuss if it's time or not to bury Python 2. Python became the defacto language in the scientific world and the favorite programming language as the first language to learn programming. Draft of the talk: <ul> <li>Growing populary of the Python programming language <ul> <li>Defacto language in the scientific world, replacing other closed source and more specialized but limited language</li> <li>Favorite programming language used as the first language to learn programming</li> </ul> </li> <li>Port Python 2 code to Python 3 <ul> <li>Port Python 2 code to Python 3 <ul> <li>No: "Add support for Python 3", don't loose Python 2 support</li> </ul> </li> <li>Port Python 3 code to Python 2</li> <li>Python changes to make the transition smoother: <ul> <li>PEP 414: u"syntax" reintroduced in Python 3.3</li> <li>PEP 461: bytes % args, Python 3.5</li> <li>More "Py3k" warnings added to Python 2.7.x</li> <li>Linters like flake8 detect some issues</li> <li>six, futures, modernize, 2to6, etc.</li> </ul> </li> </ul> </li> <li>Analysis of the transition <ul> <li>Good: At Pycon US 2014, Guido van Rossum announced that the Python 2.7 support was extended from 2015 to 2020 to give more time to companies to port their applications to Python 3.</li> <li>Bad: 2to3: "drop Python2 support at once", don't work when you have dependencies.</li> <li>If done again, would it be different? Yes, obviously.</li> <li>Python 4 will be different than Python 3: no more "break the world" release, but a "regular deprecation period" release, as any other release. Break things, one by one :-)</li> </ul> </li> <li>Bugs that won't be fixed in Python 2 anymore <ul> <li>Some bugs cannot be fixed without breaking the backward compatibility</li> <li>Unicode Support</li> <li>Python 2 I/O stack bugs: rely on libc stdio.h</li> <li>Security: hash DoS, enabled by default in Python 3.3, Python 3.4 now uses SipHash</li> <li>subprocess is not thread-safe in Python 2. Python 2 subprocess has many race conditions: fixed in Python 3 with a C implementation which has less or no race condition. Handling signals while forking in complex.</li> <li>threading.RLock is not "signal safe" in Python 2</li> <li>Python 2 requires polling to wait for a lock or for I/O. Python 3 uses native threading API with timeout and has asyncio.</li> <li>Python 3 uses a monotonic clock to not crash on system clock update (ex: DST change).</li> <li>Python 3 has a better GIL.</li> <li>Python 2 inherits file descriptors on fork+exec by default. Python 3 don't: PEP 446.</li> <li>Functions can fail with OSError(EINTR) when interrupted by a signal, need to be very careful everywhere. SIGCHLD when a child process completes, SIGWINCH when using ncurses. Python 3.5 restarts the interrupted system call for you.</li> </ul> </li> <li>Performance <ul> <li>Python 3.6 is now faster than Python 2.7</li> <li>https://speed.python.org/</li> </ul> </li> <li>Evolutions of the Python language <ul> <li>Python 3.5 <ul> <li>PEP 492: async/await "keywords" for asyncio. (Really keywords in Python 3.7.)</li> <li>PEP 461: bytes % args and bytearray % args</li> <li>PEP 465, a new matrix multiplication operator: a @ b.</li> <li>PEP 448: Generalized unpacking: <code>head, *tail = list</code> <code>mylist = [1, 2, **other_list]</code> <code>mydict = {"key": "value", **other_dict}</code></li> </ul> </li> <li>Python 3.6 <ul> <li>PEP 515: <code>million = 1_000_000</code></li> <li>PEP 498: f-string: <code>name = "World"; print(f"Hello {name}!")</code></li> <li>PEP 526, syntax for variable annotations.</li> <li>PEP 525, asynchronous generators.</li> <li>PEP 530: asynchronous comprehensions.</li> </ul> </li> </ul> </li> <li>Bury Python 2? <ul> <li>"Python 3 only"</li> <li>https://pythonclock.org/</li> <li>http://www.python3statement.org/</li> <li>Fedora 23, Ubuntu 17.10: no python2 (/usr/bin/python) in the base system</li> <li>2017, April: IPython 6.0</li> <li>2017, December: Django 2</li> </ul> </li> </ul> Victor Stinner Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:50 K.1.105 (La Fontaine) pythran Surviving in an Open Source Niche: the Pythran case a compiler for scientific kernels written in Python, six years later Python maintrack Pythran is an open source compiler for scientific kernels written in Python. Its goal is to turn scientific kernels written in Python into native modules that runs much faster, take advantage of SIMD instruction units, multi-cores, get rid of the GIL without sacrifying high-level programing. As such it understands a strict subset of the Python language, keeping 100% backward compatibiliy with the original language. Looks cool? It is. But the target niche is small (high performance computing in Python and several great tools already exist (Cython, Numba). How have Pythran survived in the OSS jungle for 6 years while gathering a small but living community? The following points will be discussed: <ul> <li>making reasonable technical choices</li> <li>targeting a niche</li> <li>sharing the joy</li> <li>surviving the Python3 switch</li> <li>building a community</li> <li>surviving the bus factor</li> <li>finding funding</li> <li>not becoming a workaholic</li> </ul> Serge Guelton (serge-sans-paille) official doc source code sample talk at pyparis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:50 K.1.105 (La Fontaine) cython Lift your Speed Limits with Cython Fast native code for Python Python maintrack The Cython compiler is the most widely used static compiler for Python. It is used to speed up Python code and to extend the CPython runtime with fast native extension modules that process huge amounts of data all around the world. This talk by one of the core developers gives a quick intro into the compiler, the language, and some of its main applications in the Python big-data ecosystem. Cython is not just a Python compiler or a native code wrapping tool, but also a programming language in its own right that mixes the Python language with C and C++ data types. The fact that you can simply drop Python code into it and compile it gives a very low entry level into performance optimisation by statically compiling your critical code and then tuning it into fast C to make it run faster. In this talk, I will guide you through some examples where the compilation of regular Python code leads to faster execution, and present ways how to make the code run much faster. Stefan Behnel cython.org Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 K.1.105 (La Fontaine) molotov Load testing web services at Mozilla with Molotov http://molotov.readthedocs.io/ Python maintrack This talk presents the different challenges Mozilla faces when deploying web services for millions of users, and how load testing is used to prevent the most common pitfalls, through the usage of Molotov. Molotov (http://molotov.readthedocs.io/) is a custom load testing tool the Mozilla QA team created and uses to stress applications that get deployed for Firefox. This talk will present the following: <ul> <li>the different types of applications Mozilla deploys in the cloud</li> <li>the most common bottlenecks and how to detect and correct them</li> <li>the existing load testing tools</li> <li>Molotov features and examples</li> <li>Continuous Load Testing principles</li> </ul> By the end of the talk, attendees should have a good understanding of how an application should be stressed. Tarek Ziade Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:50 K.1.105 (La Fontaine) elektra Configuration Revolution Why it Needed 13 Years and How it Will be Done Miscellaneous maintrack Free software is proud of its diversity, choices, and resulting variety, including but not limited to configuration. In this talk we will reflect on the last 13 years of experiences based on a user survey (286 answers), code analysis of 16 projects (comprising about 50 million lines of code), and our experience with Elektra. Elektra aims at keeping the diversity and modularity of the FLOSS ecosystem but also unifies configuration access by abstracting access to any configuration source using key/value pairs. Participating applications do not use any hard-coded configuration. Developers, maintainers, and system administrator can declaratively specify location and syntax of configuration files, how to validate configuration, and how to derive default values. Elektra follows the trend to a more declarative no-futz system (a system where no experimental tinkering or fiddling is needed). Getting and setting a configuration value is trivial, and possible in any programming language. Elektra currently supports C++, Python, Haskell, Lua, Shell, Ruby, Puppet, and Java. It fulfils necessities long overdue, not only for configuration management, but also for better defaults. We provide many essential utilities for system administrators and developers, such validation before serializing and command-line tools with support for tab completion of configuration. But no worries: Elektra still leaves developers the fun parts, like inventing new configuration file formats. Markus Raab Elektra Website Latest Release (22st Dec 2017) Rawdata of survey Sources of CC-licensed book in Attachments above Interview Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:50 K.1.105 (La Fontaine) ipc IPC in 1-2-3 Everything you always wanted from a network, but were afraid to ask Miscellaneous maintrack We introduce the Ouroboros prototype, a user-space system for synchronous and asynchronous inter-process communication (IPC). Ouroboros simplifies creating networked applications by providing a single abstraction that unifies IPC and networking APIs. Ouroboros provides a powerful networking subsystem that allows building secure overlay networks on top of UDP/IP and Ethernet. To increase scale and scope, overlays can be added on top of previously created overlays. Management of applications running on top of Ouroboros, such as making a server application available on a certain overlay, can be done on-the-fly and with great ease. This lecture will explain the basic principles underlying the overall design and inner workings of Ouroboros, combining concepts from operating systems (IPC and microkernels) and networking (packet switching) to achieve a minimal, elegant yet powerful IPC and network system. The key objective of Ouroboros is, above all, simplicity. From an administrator's perspective, the three step process to connect processes (register / bind / allocate or bind / register / allocate) greatly simplifies the way one manages server applications. From a programmer's perspective, the library provides a very simple API (allocate/accept/deallocate, read/write) on top of a naming system that abstracts away the details how IPC is achieved, making writing distributed applications effortless. Asynchronous I/O is done by a scalable event system modeled on BSD's kqueue. The system is configured using a single call based on the well-known ioctl/fcntl calls and configurations for integrating TLS-like security are being implemented. As it is a lot more than just a library, the Ouroboros network subsystem integrates a fully distributed packet-switched network that can be bootstrapped on top of a UDP network or on top of Ethernet if a suitable interface is found on the system (raw sockets on Linux, BPF on FreeBSD and OSX, or netmap if installed). Finally, we will end with some future directions in research and steps that are needed to bring the Ouroboros implementation beyond its current prototype state. Ouroboros is under active development at Ghent University - imec and written in C for POSIX-compliant operating systems. It is Free Open Source Software and available under the LGPL (library) / GPL license (network subsystem) at ouroboros.ilabt.imec.be Dimitri Staessens Sander Vrijders The main ouroboros website(under construction) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:50 K.1.105 (La Fontaine) riscv Igniting the Open Hardware Ecosystem with RISC-V SiFive's Freedom U500 is the World's First Linux-capable Open Source SoC Platform Miscellaneous maintrack The RISC-V open standard ISA has been gaining traction in both academic and commercial circles over the last year, during which we've gotten our ports of binutils, GCC, and Linux merged upstream. Additionally, SiFive has announced a Linux-capable, 64-bit, quad core development board which will be available in Q1 2018. This talk discusses the history of the ISA, SiFive's open source RTL implementations of RISC-V, the state of RISC-V software, and our plans for the upcoming year. The RISC-V instruction set architecture is an open standard originally designed for computer architecture research that, over the past few years, has been gaining widespread popularity in industry: for example, the RISC-V Foundation, which governs the standard, now claims over 100 members. SiFive recently announced the U54 processor IP, a 64-bit, quad core, Linux-capable processor. The Freedom U500 is based on Rocket Chip, an open source processor generator written in Chisel, a HDL implemented as a Scala embedded DSL. This talk will discuss the RISC-V ISA, and the Rocket Chip processor generator. As the author is a maintainer of the RISC-V ports of binutils, GCC, Linux, and glibc, the main focus of this talk will be on the state of the RISC-V software ecosystem. If everything goes well, the first version of glibc that contains RISC-V support will release right at the start of FOSDEM and I'll be able to announce that the core software is upstream. We have a handful of distribution partners (Debian, Fedora, and OpenEmbedded) actively working on distributions based on our pre-release ports right now, so with any luck we'll also be able to announce early distro support :). This talk will be followed by a BOF for open discussions about RISC-V ecosystem in room J1.106 Palmer Dabbelt Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:50 K.1.105 (La Fontaine) terra_bruciata Terra Bruciata where bugs cannot survive Miscellaneous maintrack In this talk I'm going to present Terra Bruciata, an open source initiative aimed to bring hi-integrity techniques in the world of open source with the objectives of (i) providing to the world bug-free software (ii) developing hi-integrity techniques suitable for open source and (iii) showing to the world that bugs are not unavoidable... Software bugs are everywhere and they brings much harm. History is sprinkled with software horror tales: race condition in radiation therapy machine Therac-25 caused deaths and injuries, badly written automotive software caused unintended acceleration, bugs in the entertainment system allowed an attacker to take remote (full) control of a car, software glitches caused (many times) chaos in the stock market and so on... Unfortunately many think that bugs are like bad weather: annoying, but unavoidable, so that the only solution is to have patience and bear with them. However, I agree with late Robert Dewar when he says that <a href="https://www.businesscomputingworld.co.uk/software-glitches-why-we-shouldnt-put-up-with-them/">we should not put up with them</a>. With the future advent of IoT, putting up with glitches it is an open invitation for the Software Apocalypse. Therefore, I decided to start Terra Bruciata, an open source initiative whose goal of is to bring a software correctness mentality in the open source community. We will try to adapt to an open source context procedures and good practices from standards like DO-178 and using techniques such as formal checking. We will initially concentrate on libraries for network protocols. Although this choice can seem strange, it has its rationale. First, network protocols are pervasive nowadays and a bug in a network library can easily become a security hole. Moreover, the IETF has the desire to improve the involvement of open source communities and academia in protocol developments and this initiative could be an interesting channel for that. The initiative just started and as first protocol we choose <a href="https://tools.ietf.org/html/rfc7252">CoAP</a>, the Constrained Application Protocol, a kind of lo-weight HTTP, developed having in mind small devices IoT-style (yes, it is fashionable...) Riccardo Bernardini Online-version of the slides http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:15 H.2215 (Ferrer) easy_gnupg Easy GnuPG Shell scripts to make GnuPG more accessible and easier to use Lightning Talks lightningtalk There are scads of options presented by GnuPG, which are all part of making it the flexible and powerful an encryption framework that it is. But it's extremely complicated to get started with, and that quite reasonably puts people off. EasyGnuPG is a wrapper script that tries to simplify the process of using GnuPG. In order to simplify things, it is opinionated about the "right" way to use GnuPG. The philosophic goals here are these: <ol> <li>Make GPG as easy to use as possible. The more people using strong encryption, the better for everyone. One of the big hang ups right now is that the GPG tools are difficult to use - more so than they strictly have to be.</li> <li>Make the interface itself auditable. This is why this is presented as shell scripts rather than a web service or a GUI. If you're concerned about what egpg does, open up the files and read them, or have someone you trust read them.</li> <li>Build a guide forward. The simplified interface provided here should be good to get started with, and with luck many users will find they never need anything beyond what egpg provides. If you find that you need to do something more, though, the goal is that you have a foundation to start with, and some direction on how to proceed.</li> <li>Make it customizable. If it doesn't fit your workflow, adapt and extend it to fit your way of doing things. Share your extensions with the others too.</li> </ol> Dashamir Hoxha https://slides.com/dashohoxha/easy-gnupg https://github.com/dashohoxha/egpg https://wiki.debian.org/SummerOfCode2018/Projects/EasyGnuPG Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:15 H.2215 (Ferrer) bulletinboard_dht BulletinBoard DHT and wireguard-p2p Lightning Talks lightningtalk A introduction to BulletinBoard, a internet-wide general-purpose distributed-hash-table to store key/value pairs and wireguard-p2p, a tool for setting up WireGuard VPN connections from peer to peer. Manuel Schoelling BulletinBoard DHT wireguard-p2p Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:40 00:15 H.2215 (Ferrer) nakadi Nakadi Event Broker An event broker with a REST API, on top of Kafka-like queues Lightning Talks lightningtalk Nakadi is an open source event broker, built on top of Kafka-like queues, that provides a REST API for easy integration with microservices. In this talk, we will introduce Nakadi, and demonstrate one of its most important features: timelines. Timelines is a feature of Nakadi that allows administrators to transparently move queues between different clusters, without interrupting producers or consumers. This is useful to move between clusters, possibly using different technologies, but also as a fail-over for publishers in case of downtime on a cluster. Timelines can also be used to move event types between brokers on the same cluster, which is an alternative to rebalance operations. Contrary to rebalance operations, using timelines does not require additional data copy between brokers, which can slow them down. Future plans include using timelines for re-partitioning, i.e. changing the number of partitions in an event type. Nakadi is used at Zalando, to produce around 15 terabytes and consume around 40 terabytes of data daily. Lionel Montrieux Nakadi website and documentation Nakadi code repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:15 H.2215 (Ferrer) flogo Connecting the Edge Project Flogo as Ultra-lightweight IoT Apps framework Lightning Talks lightningtalk There are few things in today’s technology landscape that promise to be more transformational than the emergence of an estimated 20 billion IoT edge devices by 2020.One of the well understood impacts of the edge as it emerges is that it will unleash a data tsunami. The evidence is already out there—a connected car can produce up to 5 terabytes of data hourly, an oil and gas drilling rig can produce 7 to 8 terabytes of data daily. Waiting for all of this data to be sent to the cloud and acted upon won’t cut it for many applications in industrial or consumer domains. Even for edge analytical applications, conventional big data architectures that involve forwarding everything to the cloud to be stored and analysed doesn’t make sense—what you likely need are Machine Learning and streaming analytics capabilities at the edge. Project Flogo is an 100% open source light weight engine which enables developers in building the broadest open IoT community. Project Flogo functions as one the first design bots for IoT edge application development, with a tile-based, zero-code environment for building and deploying integration and data processing directly onto connected devices. Its design bot and Web-based UI bring the best of TIBCO’s design environments to the IoT, with prepackaged building blocks for building applications, integration, data processing, and microservices, as well as error handling, including the first-ever auto-stepback debugger. Project Flogo brings this power to many of the smallest connected devices, with an average installed footprint that is up to 20 times lighter than Node.js and 50 times lighter than Java. Anshul Sharma Flogo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:15 H.2215 (Ferrer) freepbx PBX on a non-specialized distro How and why we included an easy FreePBX setup in NethServer Lightning Talks lightningtalk Installing FreePBX and Asterisk on a general-purpose system has a lot of hidden traps and requires sysadmin skills. But sometimes we don't want to use a specialized distro for several reasons. This talk is about why we have chosen to provide a ready-to-use PBX on NethServer and how we dealt with problems that you face when you try to install cutting edge FreePBX and Asterisk releases on a standard distro (CentOS 7 in our case) that has to work in production environment providing also other services. Installing FreePBX and Asterisk on a general-purpose system has a lot of hidden traps and requires sysadmin skills. But sometimes we don't want to use a specialized distro for several reasons. This talk is about why we have chosen to provide a ready-to-use PBX on NethServer and how we dealt with problems that are faced when trying to install cutting edge FreePBX and Asterisk releases on a standard distro (CentOS 7 in our case) that has to work in production environment providing also other services. Issues solved are: PHP version required by FreePBX > than CentOS upstream, missing or outdated RPMs, Installation scripts Vs RPMs, backup and restore, HTTPD instance that runs as asterisk user, security issues and keeping kernel modules up-to-date with upstream kernel. After this talk, you'll know how to package and maintain FreePBX, Asterisk and their dependencies for your favorite distro, and how to overcome issues you can usually encounter when packaging webapps. Stefano Fancello main package source distribution web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:40 00:15 H.2215 (Ferrer) urbit Urbit: the personal server A clean-slate decentralized software stack. Lightning Talks lightningtalk The internet has failed to decentralize. What started as a network of nodes in people's homes turned into a network of server farms largely owned by a handful of tech giants. Flaws in the internet's design and implementation allowed for an online world to form where a few large services control nearly all users. Social networks don't put you in touch with your friends. They put you in touch with a server that helps with that... at the cost of privacy and community. Urbit aims to solve this and many other problems by providing a decentralized network of personal servers. These come with a personal identity and an operating system that provides an immutable global namespace and all the infrastructure needed for making decentralized applications. <hr /> <hr /> The internet has lost its way. What was promised to be an open cyberspace where digital communities could form and flourish has turned into a landscape of unmovable monoliths. It may not have wanted this, but flaws in the design of its infrastructure and software set it up to fail. Security is hard, but the defaults aren't helping. Without diving into often complicated configurations and the inner machinations of your system, the best you're going to get is an unencrypted connection and passwords stored in plain text. Sysadmins can do this. Your parents probably can't. Social networks don't put you in touch with your friends. They put you in touch with a server that helps you talk to your friends. It's difficult to form cohesive communities when you see everyone through a filtered stream of data, rather than getting to exchange content directly. Wheels are being re-invented over and over again. WhatsApp, iMessage, Facebook Messenger, Telegram... can you still tell them apart? They fulfill nearly the exact same purpose, using practically identical interfaces. Why can't I message my friends on Twitter using Signal? Everyone has a ton of accounts for all kinds of redundant services. You're just one person, and yet you're forced to juggle many different online identities. Password fatigue is at an all-time high precisely when people need to start caring more. Software isn't helping them care. Trolls and spammers have no problem with creating many different identities though. They do their thing, and if they get banned, they just spin up a new account to continue their shady practices on. What if the internet had been built with good, secure defaults? What if machines on that network could talk directly to each other, without requiring a sysadmin skillset? What if there was a general-purpose software stack for communication between individuals? What if everyone had their own, personal address on the network? What if the barrier to entry was just high enough to keep spammers out? What if we had Urbit? Urbit is a re-imagining of the internet. It paves over all our existing infrastructure and builds its own brand-new stack on top of it, solving the problems it has seen arise at the root. In doing so, it aims to deliver generic infrastructure for a decentralized network of personal servers to grow on. The Urbit virtual machine runs a sort of assembly language called Nock. Nock is so simple, its official specification fits on a t-shirt. But just like nobody is expected to write raw assembly, nobody is expected to write raw Nock. Urbit has invented Hoon, a vaguely Lisp-like functional programming language. Though its syntax may seem alien at first, this up-front complexity is the price it pays for semantic simplicity. When it comes down to it, Hoon is quite a dumb language. It has recently been deemed mature enough to be handed off to the community for further development and maintenance. The Urbit operating system, Arvo, is implemented entirely in Hoon. It uses a handful of kernel modules to give rise to a functional, decentralized network of personal servers. At all times, the state of these servers is the sum of all events they have ever received. Arguably the most important of the kernel modules is Ames, the networking module. Packets it sends are encrypted by default, only readable by the intended recipients. The network it creates is hierarchically ordered, with higher-order nodes being responsible for peer discovery and software updates for their children. In the event a parent's child misbehaves, it can get kicked out. In the event a child is unsatisfied with the service its parent provides, it can find another node willing to adopt it. This way, digital cities can form. Not around centralized servers, but around communities on the network. All of this already exists. Urbit is very much a functional piece of software. Though still operating on a testnet, it has managed to gather a vibrant community of users and developers alike who are fed up with the ever increasing centralization of the internet. It's not yet ready to replace the internet, however. Things will start off a bit smaller than that. Urbit is starting to prove itself very useful for API aggregation: managing and mirroring all your existing online identities in one single place. Eventually, this can seamlessly transition into using Urbit's generic, decentralized messaging bus instead of the traditional services themselves. Personal publishing is another application you can use your Urbit for. People are already hosting blogs on their Urbits, and incoming changes are going to make this even better. The internet has lost its way, so let's build it right this time. Mark Staarink Website Whitepaper Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:15 H.2215 (Ferrer) making_electronics Making electronics How to assemble open source electronics projects Lightning Talks lightningtalk Open source electronics is only useful if you actually know how to make and assemble a given design. In this lightning talk Kaspar will walk through the build of an electronic circuit assembly: from ordering or making the board, getting the parts and soldering them on to get to a working project. Kaspar Emanuel Awesome Electronics - A curated list of resources for electronic engineers and hobbyists Kitspace - A free and open source site to share open source hardware designs (slides) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:20 00:15 H.2215 (Ferrer) ppci Introduction into the ppci project Lightning Talks lightningtalk Ppci is a compiler written entirely in Python. This allows for easy compiler development, portability and installation. The compiler is able to process C code into WASM, WASM into xtensa code, but there are more possible code paths. During this session a demo will be shown on how to compile some webassembly to the riscv platform. The ppci project was started by the need for a better system level programming language then C. The compiler is implemented in python, and hence is not very fast. On the other hand, the compiler is portable and is easier to develop due to being implemented into a higher level language. Currently it supports msp430, x86, xtensa, avr, arm, open risc and stm8 computer architectures, in various levels of maturity. The supported languages are C3 and brainfuck. Language support for C is a work in progress. The C3 language was the starting point for the compiler, aiming at being a better version of C. It has no header files, but features a more modular approach like C# and java. Furthermore its syntax is context free, making it easier to parse using standard compiler tools. The backend of the compiler consists of a code generator featuring both instruction selection and register coloring algorithms. The output of the compiler is an instruction stream, which can be serialized as text or in binary form. Possible uses of this library are: <pre><code>Compile code and include it into the currently running python instance Create ctypes bindings for C code by making use of the C parser frontend Create a programming language using ply/textx and generate machine code from it using ppci </code></pre> During this session, we will explore the various parts of the ppci library and have a good overview what it is capable of. Windel Bouwman Documentation page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:40 00:15 H.2215 (Ferrer) i3 i3 window manager A tiling wm for developers Lightning Talks lightningtalk i3 is a tiling window manager aimed at developers for maximizing their productivity and control on their windows appearance, while maintaining maximum simplicity. The idea behind tiling window managers is to give full control over the arrangement and placement of windows with minimal efforts, only displaying what's required and wanted. The talk will introduce the project and its core principles, as well as a demonstration of how it works and some little hacks for customizing your setup. At the end of the talk, I hope you're eager to install and try i3! Emeric Planet Official website Github repository Presentation slides / resources Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:15 H.2215 (Ferrer) godot3 Godot 3, libre gamedev for everyone The 2D and 3D game engine you've waited for! Lightning Talks lightningtalk Community driven and fully FOSS, Godot Engine has established itself as the main 2D and 3D game engine in the FOSS ecosystem, and one of the key players in the game development industry as a whole. Its third installment brings 18 months of hard work from over 400 contributors, and so many features that we can't possibly showcase them all during a lightning talk - still, we will give a quick overview of the engine, its strength and the most striking features that may light in you the spark of game development using FOSS tools! The award-winning 2D and 3D FOSS game engine Godot got its bigger release so far in January 2018, and after 18 months of intensive development (10 to 20 pull requests a day!) it is ready to shine as the best game engine in the free software ecosystem, and one of the best even against proprietary engines, gathering a lot of interest from the game development industry. Godot 3 brings state-of-the-art rendering features such as PBR shading (Physically Based Rendering), real-time global illumination, GPU particles and many more. It runs flawlessly on the Web using WebAssembly and WebGL 2.0 (even the editor itself, which is a Godot game!), and also exports to most desktop and mobile platforms (including of course Linux, *BSDs and even Haiku). On the scripting side, Mono/C# is added together with VisualScript and GDNative, an interface to use native code in Godot, paving the way to support languages such as Python, Nim, D, Rust and others. It ships with Bullet as physics engine, and a completely overhauled audio engine with advanced sound engineering effects. And many more features which can't all be listed here, but which the overenthusiastic Godot developers spread all over the FOSDEM campus will gladly tell you about at length! This lightning talk will give a fast overview of what Godot is and the awesome features packed in its third installment. The presentation "slides" will even be a Godot game themselves, allowing to showcase game examples and special effects directly during the presentation. Rémi Verschelde Godot Engine website Godot Engine source code Video preview of Godot 3.0 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:20 00:15 H.2215 (Ferrer) leuven_run i++: run your FOSS off Automatically counting laps at the 24 hour run in Leuven Lightning Talks lightningtalk Once a year, the students of Leuven congregate to run like hell. Teams of students compete against each other in a 24 hour relay race. ULYSSIS is a student organisation that voluntarily provides many IT services for other students, like providing the automatic lap counting system at the 24 hour run, using their own software called i++. This talk will describe how this lap counting system works and describe the dream I have of a cheap user-friendly system using free and open source software, that would enable other organisations to organise similar events. Roel Standaert ULYSSIS i++ GitHub repository 24 hour run website (in Dutch) 10 hour run in Antwerp (in Dutch), lap counting system also provided by ULYSSIS Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:15 H.2215 (Ferrer) drlm_in_action AMENDMENT DRLM in Action! GNU/Linux Disaster Recovery, the open source way Lightning Talks lightningtalk Disaster Recovery is a commonly ignored topic, only considered when something serious happen. Then, usually, is too late to react efficiently. The consequences? generally money loss and reputation, sometimes is also the beginning of the end for a company. This short session will show you, how easy is to use ReaR and DRLM, two open source projects that, together, provide a great and flexible solution for Disaster Recovery, system migrations and OS deployments. The whole session is a live demo, showing how easy is to: <ul> <li>Install ReaR and all of it's requirements on a system from DRLM.</li> <li>Take a DR backup of that system using DRLM.</li> <li>Break the system.</li> <li>Recover from the disaster using DRLM.</li> </ul> All this in just few minutes! During the session, conducted by Didac Oliveira, co-founder and maintainer of DRLM project, the attendees will see how easy is to have an open source DR solution for their GNU/Linux systems. Questions and doubts will be answered during the session and/or at the end of it. Note that this replaces "Integration of Bikeshare Information into an Open-source Transportation App Google Summer of Code 2017" by Rodrigo Carvalho who is no longer able to attend the event. Didac Oliveira Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:15 H.2215 (Ferrer) starviewer Starviewer: FOSS DICOM Medical Imaging Software Over 10 years fulfilling the daily needs of clinicians and researchers Lightning Talks lightningtalk Starviewer is a user-friendly diagnosis application. Thanks to its versatility, it is able to combine, in the same environment, the day to day diagnosis interface with a more specific research application. The platform is the result of combining research knowledge of Graphics and Imaging Laboratory technicians, from the University of Girona, with the experience of the radiologists from Institut de Diagnòstic per la Imatge, a prestigious imaging institute located in the main Catalan public hospitals. Starviewer has been in use for more than 10 years and has about 600 daily active users. Starviewer integrates in the same environment basic and advanced image analysis techniques to assist radiologists in diagnosis. The modular design of the platform supports the integration of new funcionalities designed to diagnose any kind of pathology. Starviewer is a GPLv3+ multi-language and cross-platform application available on Windows, macOS and GNU/Linux. It supports the DICOM standard and IHE profiles. DICOM (Digital Imaging and Communications in Medicine) is a standard for the transmission, storage and visualization of medical images and data. This standard is widely adopted by device manufacturers, storage servers and visualization software. Thus, the medical imaging ecosystem is not a walled garden. Starviewer is developed in C++ making use of several open source libraries like Qt, VTK, ITK, DCMTK, GDCM and ThreadWeaver. It has modules for 2D and 3D visualization, and for DICOM printing. Additionally, there are several research modules focused on segmentation, registration, etc. which are not intended for daily use. Our main goal is to provide a medical image viewer focused on the image diagnosis process that is quick and efficient, and covers most of the daily needs. Marc Ruiz Adria Julia (adriaj) Starviewer website Starviewer GitHub repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:20 00:15 H.2215 (Ferrer) automotive_floss War Stories from the Automotive FLOSS Front fun and pain doing FLOSS in the car Lightning Talks lightningtalk We (Elektrobit automotive) do FLOSS based production projects in various car brands for several years. We’d like to entertain some of our most delightful encounters of the third kind in the automotive world and tell why we love bringing FLOSS on the road, where some aspects of FLOSS challenge all of us, and why we have lots of fun. fun stories trying to turn automotive industry open source, e.g. <ul> <li>GENIVI - MISRA Checker auf Kernel 8-o</li> <li>Dilemma: automotive safety vs open source <ul> <li>excursion safety vs security</li> <li>"Tyrant devices" & GPL3 vs safety</li> <li><a href="https://archive.fosdem.org/2014/schedule/event/safety_critical_devices/">that's old news btw</a></li> </ul> </li> <li>Cars are sold for 8 years, last 15 years. Does Linux? <ul> <li>leverage Layering, containers, kernel ABI stability, ... ?</li> </ul> </li> </ul> Susanne Oberhauser-Hirschoff Stefan Potyra https://www.elektrobit.com/products/ecu/eb-corbos/linux/ Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:40 00:15 H.2215 (Ferrer) gasdotto GASdotto: a platform for ethical purchasing Matching freesoftware with ethical economy Lightning Talks lightningtalk Introduction to "ethical purchasing groups", presentation of the GASdotto application, and a call to extend the model in other countries. "Ethical purchasing groups" are an established reality in Italy: groups of people purchasing goods collectively, usually from local producers, to sustain local economy, pay a fair price, and obtain fresh and healthy products. GASdotto is a free and opensource web-based accounting application developed to manage their particular economic flow (quite different from an usual "e-commerce"). The purpose of this talk is to inspire more people, especially outside Italy, to explore this purchasing model and to leverage the GASdotto platform for use in other countries. Roberto Guido Main Website GASdotto on GitHub Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:15 H.2215 (Ferrer) xwiki Addressing the long tail of applications Lightning Talks lightningtalk Every day we imagine some new apps we'd love to have: having an application to allow people to submit talks, to register new holiday requests, expense reports, simply get data from one site and combine it with data from another site and display that, etc. This is the <a href="http://platform.xwiki.org/xwiki/bin/view/Main/SecondGenerationWiki">long tail of application</a>. However in most cases we just drop the idea and continue with our life because we know it would take days or weeks to be able to develop that quickly before you could reap the benefits. What if there was a way to have these apps developed and working in just a few minutes! We'll demonstrate how a next generation wiki platform allows to do just that by using the <a href="http://xwiki.org">XWiki open source project</a> as an example. Vincent Massol Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:20 00:15 H.2215 (Ferrer) open_food_facts Open Food Facts: the wikipedia of food products What if you could freely analyse all the food and cosmetic products in the world? Lightning Talks lightningtalk Open Food Facts is a free, online and crowdsourced database of food products from around the world, licensed under the Open Database License (ODBL). It was launched in 2012, and today it is powered by 5000 contributors who have collected data and images for over 380 000 products in 178 countries. Scan a product using your phone, take a picture, and you're already part of the Open Food Facts revolution ! In this talk we'll show how Open Food Facts leverages open source technologies such as Perl, MongoDB, Pastec.io, Android, Swift as well as the great power of communities to open data of public interest for health & science, as well as unforeseen applications in your daily life. We will also introduce you to the recently launched Open Beauty Facts, for freeing your cosmetic cupboard: shampoos, toothpastes, lipsticks, etc. <h3>How does it work?</h3> Using our Android or iPhone app, you can easily scan the barcode of products from your home or local stores, to either check them out at a glance (thanks to the decoding and comparison tools) or to contribute them by uploading pictures of their labels. The same can also be done from the website, where additional tools are available to fill in the product details from the labels, navigate the database based on various criteria, make statistics and chart visualisations, or access APIs and raw data to make your own tools and analyses. <h3>Open all the way</h3> Open Food Facts is developed and managed by a community of open source, open data and food enthusiasts and is organised as a non-profit association. All its creations are open: <ul> <li>the collected data is published as Open Data,</li> <li>the software running the server(s) is open source and reusable (it was also used to create the Open Beauty Facts database),</li> <li>the mobile applications are open source as well.</li> </ul> Anca Luca Open Food Facts Website Open Beauty Facts Website GitHub Twitter Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:40 00:15 H.2215 (Ferrer) litops LitOps: literature-as-software Briging DevOps culture to the creation and production of books Lightning Talks lightningtalk Book production, from inception to publication, is still very much trapped in writing-correction-production cycles that resemble how software was made much earlier. However, productivity would be very much increased if the writing-correction-publication would be taken a step (or two forward) to a continuous integration/continuous delivery DevOps-like environment where you define by software the whole pipeline a book is going to follow from writing to publication. LitOps is a transpiling of the DevOps culture to book production, using mainly software development tools, and rigging them so that you can produce and publish quality-checked books using as many automation tools as possible. Although most arts make extensive use of automation tools, from textures in comic to automatic motion generation tools in 2 or 3-d animation, writing a book, whatever its class, technical or fiction, gives the word manuscript its full meaning, since the most advanced tool used is the spell and maybe grammar checker. This leads to long development cycles, with new editions published after long rewriting-edition-production cycles. Nowadays, authors can publish directly using a variety of places, from Leanpub to Kindle Direct Publishing, and there are all kind of tools available for doing that kind of thing. Still, this has not lead to fast production cycles where new editions are produced as soon as "bugs" are found and fixed and all formats are published at the same time. My personal history in this area started when I decided to write a book from the first line using GitHub. That lead to using continuous integration, and it kind of ballooned from here. Nowadays I have created a full automation suite, in Perl6 and Python, that produces "printed" versions (shortening and expanding URLs), checks for line bleeds, and produces several high-quality formats from a Markdown source; time from change to new publication-ready version takes a few seconds. The only thing missing is an API for publication sites that would allow to make an automatic deployment. However, even without that final steps, the LitOps concept that codifies book production pipelines using scripts, including error checks and the rest, actually might mean a sea change in how fiction and non-fiction is produced, using LitOps teams and adopting the rest of the patterns of the software industry: forking, hackathons and linting, and finally taking manuscripting to this century. Juan Julián Merelo Repo for Python book produced using LitOps techniques Perl6 book, with Perl6 tools for production Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:15 H.2215 (Ferrer) eu_bug_bounties EU-FOSSA 2 OSS bug bounties sponsored by the EU Lightning Talks lightningtalk The EU-FOSSA project developed by European institutions is aiming at improving the security of Open Source Software. The next iteration of the project, EU-FOSSA 2, is continuing in 2017-2019 with a higher budget of 2.6 M€ and a novelty, the bug bounties. Information about the planning and status of the project will be given during this talk. The EU-FOSSA project is aiming at improving the security of Open Source Software. The first iteration of the project was executed during 2015-2016. This project: <ul> <li>developed a methodology to perform code reviews at the EU institutions,</li> <li>performed an inventory of Open Source Software used in the European Commission,</li> <li>reviewed code of Apache HTTP Server Core and KeePass, with the help of an external company.</li> </ul> In the new iteration of the project, running during 2017-2019 with a total budget of 2.6 M€, we explore the possibility of using public money to fund bug bounties. This way the European institutions intend to improve the security of major Open Source Software to reduce the risk of a new major incident like Heartbleed. We also intend to convince everyone that this should become a permanent activity of the European Union. We are also planning other activities, like more active communication and direct collaboration with open source communities. The peak of activities is expected during Q3/2018 - Q2/2019. The timing of FOSDEM18 is a perfect opportunity to inform everyone interested in the project about the status and the activities planned. Marek Przybyszewski Project home page on Joinup Prior Information Notice - upcoming Call for Tenders Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:20 00:15 H.2215 (Ferrer) open_source_finance Tips & Tricks to finance an Open Source Project without selling your soul Lightning Talks lightningtalk In this lightning talk the objective is to share actual implemented ideas that have helped financed the XWiki and Cryptpad open source projects without external capital. For now 14 years, XWiki has been able to self finance writing Open Source code and sharing it with the community. We will quickly share what has worked or not, what has proven difficult, what is tricky in order to keep the Open spirit and what has been miraculous ! In this lightning talk the objective is to share actual implemented ideas that have helped financed the XWiki and Cryptpad open source projects without external capital. For now 14 years, XWiki has been able to self finance writing Open Source code and sharing it with the community. We will quickly share what has worked or not, what has proven difficult, what is tricky in order to keep the Open spirit and what has been miraculous ! XWiki is and Open Source software created 14 years ago by Ludovic Dubost and developed under the LGPL licence. The XWiki software is used by thousands of companies to help them organize information. CryptPad, created by the XWiki team in 2016, is a realtime encrypted pad allowing to share information without exposing your content to your cloud provider. These software have been possible by finding ways to have the XWiki team paid to write open source software, which we will share in this lightning talk. Ludovic Dubost XWiki Cryptpad Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:40 00:15 H.2215 (Ferrer) fossology FOSSology - OSS Project for License Compliance Lightning Talks lightningtalk FOSSology is a popular tool for the end-to-end analysis of software components in a single Web server application. It can scan source code for: a) License information, b) Copyright notices, c) Export control relevant statements. It makes software analysis more efficient by offering high precision, greatly reducing overhead costs. FOSSology lets users generate compliance documentation according to the organization's needs, in a variety of data formats, emphasizing SPDX tag-value and RDF documents. FOSSology is Open Source Software licensed under GPL-2.0 and a Linux Foundation collaboration project. In the past year, FOSSology has improved in many areas such as reporting, license management and data exchange capabilities. This talk provides and update about The SPDX Import and Export Functionality. License proliferation, the growing number of open source components and the heterogeneity within large open source components require thorough license analysis. Text or regular expression scanners are often not enough to get a precise picture of the licensing situation. Precise license analysis can occur when legal cases arise as well as when important product decisions must be made. The trade-off is the effort to invest in order to achieve a precise analysis. FOSSology is a component analysis for license, copyright and ECC statements analysis, offering a high recognition precision. It allows for capturing exact license text wording for SPDX reporting. At the same time, aggregated views provide efficiency. Automation functionality enables effective workflows. Most recent points are the SPDX export functionality and the recently added the SPDX import. FOSSology is an open source project since 2008, originally contributed by HP. It is licenses under the GPL-2.0 and is freely available for all, companies, organization and open source projects. Michael Jaeger Maximilian Huber Project Website Github Website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 H.1301 (Cornil) dpdk_microservices The path to Data-plane micro-services Software defined network functions are changing! SDN and NFV devroom Embracing containers and micro-services with their scaling model and resiliency is the new frontier in software packet processing. This talk will describe the reasons, the challenges and opportunities of this trend. DPDK revolutionized software packet processing initially for discrete appliances and then for Virtual Network Functions. Containers and micro-services technologies are extensively used as a means to scale up and out in the Cloud. Containers and micro-services now include Comms Service Providers among their advocates, and embracing these technologies with their scaling model and resiliency is the new frontier in software packet processing. However there are challenges in decomposing Software Network Functions into Data-plane Micro-Services. This talk will describe:- 1. The challenges of enabling robustness and scaling, while still meeting data-plane performance goals. 2. The use cases, the trends and the timelines. 3. The enabling work to date in DPDK and FD.io VPP, and the next steps. Ray Kinsella Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 H.1301 (Cornil) opendaylight OpenDaylight as a Platform for Network Programmability SDN and NFV devroom Software Defined Networking (SDN) may have started as the separation of the control plane and the data plane, but the true power lies in the ability to communicate with the network through well defined interfaces using standard protocols. This session provides a brief intro to SDN in general, and more specifically to OpenDaylight, an open source platform for programmable SDN. Next we dive into network programmability, including why we need it and the role of NETCONF, YANG, and RESTCONF. Then we put the theory into practice as we install OpenDaylight as use it a platform for programming a sample network. Charles Eckel Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 H.1301 (Cornil) ligato Ligato: a platform for development of cloud-native VNFs SDN and NFV devroom The talk will present Ligato - an open source platform for creating cloud-native VNFs. We will give the motivation and background for developing Ligato, describe its the architecture, and provide examples or real-world use cases. We will compare the performance and scale of Ligato-based VNF deployments with performance and scale of VNFs deployed in other environments, such as OpenStack. A virtual network function (or VNF), as commonly known today, is a software implementation of a network function that runs on one or more virtual machines (VMs) on top of the hardware networking infrastructure — routers, switches, etc. Individual virtual network functions can be connected or combined together as building blocks to offer a full-scale networking communication service. A VNF may be implemented as standalone entity using existing networking and orchestration paradigms - for example being managed through CLI, SNMP or Netconf. Alternatively, an NFV may be a part of an SDN architecture, where the control plane resides in an SDN controller and the data plane is implemented in the VNF. A cloud-native VNF is a VNF designed for the emerging cloud environment - it runs in a container rather than a VM, its lifecycle is orchestrated by a container orchestration system, such as Kubernetes, and it's using cloud-native orchestration paradigms. In other words, its control/management plane looks just like any other container based 12-factor app. to orchestrator or external clients it exposes REST or gRPC APIs, data stored in centralized KV data stores, communicate over message bus, cloud-friendly logging and config, cloud friendly build & deployment process, etc., Depending on the desired functionality, scale and performance, a cloud- native VNF may provide a high-performance data plane, such as the VPP. Ligato (https://github.com/ligato) is a Golang platform for building cloud-native microservices. Although it was originally intended for development/implementation of custom management/control plane agents for cloud-native Virtual Network Functions (VNFs), it can be used to develop any microservice. Each management/control plane app built on top of the CN-Infra platform is basically a set of modules called "plugins", where each plugin provides a very specific/focused functionality. Some plugins are provided by the platform itself, some are written by the app's implementors. In other words, the Ligato platform itself is implemented as a set of plugins that together provide the platform's functionality, such as logging, health checks, messaging (e.g. Kafka), a common front-end API and back-end connectivity to various KV data stores (Etcd, Cassandra, Redis, ...), and REST and gRPC APIs. The platform is modular and extensible. Plugins supporting new functionality (e.g. another KV store or another message bus) can be easily added to the existing set of Ligato platform plugins. Moreover, Ligato based apps can be built in layers: a set of app plugins together with platform plugins can form a new platform providing APIs/services to higher layer apps. This approach was used to create a management/control plane agent for VPP (https://FD.io). The VPP Agent is basically a set of VPP-specific plugins that use the core Ligato platform to interact with other services / microservices in the cloud (e.g. a KV data store, messaging, log warehouse, etc.). The VPP Agent exposes VPP functionality to client apps via a VPP-specific model-driven API. Clients that consume this API may be either external (connecting to the VPP Agent via REST, gRPC API, Etcd or message bus transport), or local Apps and/or Extension plugins running on the same CN-Infra platform in the same Linux process. Jan Medved Ligato github repository FD.io (VPP) home page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 H.1301 (Cornil) networking_vpp Networking-VPP A fast forwarding vSwitch/vRouter for OpenStack SDN and NFV devroom Goal of this presentation is to explain what is FD.io/VPP and how it is integrated with OpenStack neutron. VPP is a fast network data plane, part of the Linux Foundation FD.io project. It is designed on top of DPDK to run network workloads at ludicrous speeds using vector packet processing technology. Networking-VPP is a VPP network driver for Neutron designed to take advantage of VPP’s performance. VPP brings the performance; Networking-VPP brings the resiliency, simplicity, security and scalability required to make it useful in OpenStack environments. We’ll talk about what VPP is and why it’s a good choice for network workloads, particularly demanding ones such as NFV applications; how the ML2 driver is put together and why you can trust it to hold up in cloud environments (and even debug it); and the performance we see when we put the two together in a real world OpenStack deployment. Jerome Tollet Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 H.1301 (Cornil) onap ONAP – A road to network automation SDN and NFV devroom ONAP (Open Network Automation Platform) is an open source software platform that delivers capabilities for the design, creation, orchestration, monitoring, and life cycle management of <ul> <li> Virtual Network Functions (VNFs)</li> <li> The carrier-scale Software Defined Networks (SDNs) that contain them</li> <li> Higher-level services that combine the above</li> </ul> ONAP provides for automatic, policy-driven interaction of these functions and services in a dynamic, real-time cloud environment. ONAP is not just a run-time platform; it includes graphical design tools for function/service creation. This talk will introduce ONAP as a whole and walk through a specific use case (vCPE) from design to VNF onboarding and runtime. Eventually, how we can leverage ONAP to enable open/closed loop automation of Virtual Network Functions. Gervais-Martial Ngueko Christophe Closset Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 H.1301 (Cornil) vde NFV a' la VDE way SDN and NFV devroom vSwitches, vRouter, vGateway can be transparently deployed on the hosts of a LAN using VDE based Networks of Namespaces (NoN). A Network of Namespaces (NoN) interconnects network namespaces running on different hosts as if they were on the same (virtual) Local Area Network. It is possible to set up and maintain NoN using VLANs, veth, kernel bridge definitions,… but it would be a daunting work for system administrators. VXVDE and VXVDEX implement zero-configuration NoN. Starting a namespace connected to a NoN it is as simple as typing a command like: “vdens vxvde://“. This new approach is fast (about the same performance figures of VXLAN’s kernel implementation) and it runs on vanilla Linux kernels. Several protection features can be added to support different usage scenarios: VXVDEX provides NoN with access control, and the agnostic encryption (meta) plugin can protect any kind of VDE implementation from eavesdropping. Renzo Davoli github repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:30 H.1301 (Cornil) opnfv_xci Integrating cloud and container projects in the OPNFV community: Cross Community CI In this talk we will explain about the OPNFV community, and how it interacts with other communities, such as Kubernetes or OpenStack, to offer a platform for cross-project CI. SDN and NFV devroom This talk will explain the tight relationship between the OpenStack and OPNFV communities, using as a base the Cross Community CI project, and the benefits that both communities get from it. Initially the OPNFV CI was based on the consumption of stable artifacts, including stable versions of OpenStack. Developers were not able to work with master versions, causing lack of testing and delay on delivering projects. Cross Community CI project (XCI) enabled testing based on master versions of the different upstream components (OpenStack , OpenDaylight...). This caused to significantly cut the time of development and identify bugs earlier. In this talk we will introduce that concept, and we will also explain the tooling used to achieve it (bifrost, openstack-ansible, ansible-opendaylight), showing how a deployment goes from end to end, how to reuse this project for your own needs, and how to start integrating your own project into XCI if that fits into the scope. Fatih Degirmenci Yolanda Robla Mota Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:30 H.1301 (Cornil) barometer Barometer: Taking the pressure off of assurance and resource contention scenarios for NFVI SDN and NFV devroom If fixed function appliances are going to be replaced and complemented by a mix of physical and virtualized appliances, the manageability and service assurance capabilities need to remain consistent or improve on what is available today. The ability to monitor the Network Function Virtualization Infrastructure (NFVI) where VNFs are in operation will be a key part of Service Assurance within an NFV environment. It is vital to monitor systems for malfunctions that could lead to users' application service disruption and promptly react to these fault events to facilitate improving overall system performance and user experience. The relevant events and metrics must be reported to higher level fault management systems, to detect violations (and enforce SLAs), as well as faults or degradation in the performance of NFVI resources. Additional statistics facilitate more resilient and performant telco/NFV clouds. By exposing system statistics to collectd, there is more data available, which can be used for monitoring, performance analysis, fault detection, failure prediction, etc. using OPNFV, action can then be taken to negate the effects of any faults in the deployment. This talk will include: - a short overview of the Barometer (NFVI Service Assurance) project in OPNFV - A demo of how quickly you can start monitoring the NFVI with Barometer. - How OPNFV and ONAP are taking these changes on board Emma Foley Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 H.1301 (Cornil) xdp The challenges of XDP hardware offload SDN and NFV devroom To improve the historically mediocre performances of the Linux kernel regarding high-speed networking, the community has been working hard over the last years. In particular, eBPF (extended Berkeley Packet Filter) programs, when attached to XDP (eXpress Data Path) hooks at the driver level, provide a fast in-kernel programmable data plane. Because XDP is so low-level, the only way to move packet processing further down to earn additional performances is to involve the hardware. In fact, it is possible since kernel 4.9 to offload eBPF programs directly onto a compatible NIC, thus offering acceleration while retaining the flexibility of such programs. Building the compatible NIC, and optimising the offload process are not trivial. The objective of this talk is to present the current state of eBPF offload, the challenges that have been overcome, and the ones that lay ahead. Quentin Monnet Netdev 1.2 (October 2016) - eBPF/XDP hardware offload to SmartNICs (Jakub Kicinski, Nic Viljoen) Netdev 2.2 (November 2017) - Comprehensive XDP off‌load-handling the edge cases (Jakub Kicinski, Nic Viljoen) Resources on eBPF hardware offload on the Open-NFP platform Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:30 H.1301 (Cornil) af_xdp Fast Packet Processing in Linux with AF_XDP SDN and NFV devroom Deep Packet Inspection (DPI) and other specialized packet processing workloads are often run in user space due to their complexity and/or specialization. With the increase of Ethernet speeds from 40, 100 to 200 Gbits/s, the need for high-speed raw Ethernet frame delivery to Linux user-space is ever increasing. In this talk, we present AFXDP (formerly known as AFPACKET V4) designed to scale to these high networking speeds through the use of true zero-copy, lock-less data structures, elimination of syscalls and other techniques, while still abiding to the isolation and security rules of Linux. AF_XDP is currently an RFC on the Linux netdev mailing list with the goal to get it accepted upstream. In our evaluation, AFXDP provides a performance increase of up to 40x for some microbenchmarks and 20x for tcpdump compared to previous AFPACKET (raw socket) versions in Linux. To illustrate the approach, we have implemented support for Intel I40E NICs and veth, but it should hopefully be easy to port to other NICs and virtual devices as well. AFXDP is designed as an extension to the existing XDP support in Linux so that XDP enabled devices will be able to use this. We also show how SW networking libraries and SDKs such as DPDK can benefit from AFXDP to achieve increased robustness, ease-of-use and HW independence. Name: Magnus Karlsson, Intel, Stockholm, Sweden <pre><code> Björn Töpel, Intel, Stockholm, Sweden </code></pre> Bio Magnus Karlsson: Magnus Karlsson has worked with low-level SW and microprocessor design for most of his life. Started in academia as a post-doc, but for the past 11 years he has been working "in the real world". Currently, his main interests lie in Linux networking, telecom systems and hypervisors. He is an avid cook, skier and runner, and dreams of becoming a wine grower or beer brewer at some point in his life. Bio Björn Töpel: Björn Töpel has dabbled in all kinds of networking stacks, ranging from Skype's peer-to-peer stack, high-frequency trading platforms all the way down to Ethernet device drivers. For the moment, most of his time is spent in the Linux kernel. He's a coffee addict, avid runner and wannabe librarian. Magnus Karlsson Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:30 H.1301 (Cornil) netmdev netmdev: mediated net_device Clean native userland access to net_devices from VPP, ODP, DPDK... SDN and NFV devroom Unbinding Linux kernel drivers to allow userland IO through VFIO has a number of disadvantages such as another large touchy code base to deal with the hardware, loss of standard Linux tools (ifconfig, ethtool, tcpdump, SNMPd...) and impossibility to accelerate container networking. Mediated device introduced in Linux kernel 4.10 for GPUs and provisions for additional devices hold the promise of collaboration between kernel drivers and userland application in need of direct datapath steering. Packet frameworks such as OpenDataPlane, DPDK, VPP and Netmap may benefit from leveraging mediated devices. This sessions intends to discuss the practicalities and security aspects of such an approach and how ODP and DPDK communities may collaborate on userland IO. Topics covered: - slides: brief review of IOMMU, IOMMU groups and default group, DMA API and VFIO - slides: An overview of the proposed approach and challenges will be presented in the form of slides. - demo: crypto IO from userland and selected code walk through (generic device access) - demo: network IO from userland and selected code walk through (net_device specific extensions) François-Frédéric Ozog Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 H.1301 (Cornil) lua_snabb How to write your own NIC device driver (and why) Our experience writing 10G/100G drivers for Snabb in Lua (without NDAs) SDN and NFV devroom We will explain the value of writing your own Ethernet device drivers from scratch and how we do this in Lua for the Snabb project. Asumu Takikawa Luke Gorrie Snabb Mellanox Adapter Programmer's Reference Manual Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 H.1301 (Cornil) vnf_vpp High performance network functions with VPP SDN and NFV devroom Vector Packet Processing is a high performance data-plane running on commodity hardware. VPP is a framework for building bespoke network functions. This talk will give an introduction to VPP architecture and function and give examples of how virtual network functions can be built with VPP. Ole Trøan Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:30 H.1301 (Cornil) virtio Virtio 1.1 What's new in the next version of the Virtio standard SDN and NFV devroom Virtio is a common framework for IO virtualization in hypervisors. It is part of DPDK accelerated Open vSwitch and allows for hardware abstracted VNFs. The virtio OASIS standard is going into the next round and the focus will be on performance improvements. We aim to make it work better on the underlying hardware but also allow for hardware implementations of virtio. This talk will give an update on the current developments and the progress made towards version 1.1. We will look into some of the new features, some benchmarking results and how these help with improving performance. Jens Freimann Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:30 H.1301 (Cornil) srv6 SRv6 Network Programming on FD.io VPP and Linux SDN and NFV devroom SRv6 Network Programming on FD.io VPP and Linux Tittle: SRv6 Network Programming on FD.io VPP and Linux Description: Segment Routing is a new network architecture that leverages the source routing paradigm to remove state from the network. The IPv6 instantiation, allows to deliver a so called network program, where a packet traverses the network executing functions on different nodes of the network. This functions can be NPU-related functions, or it can be complex VNFs running in containers. In this way, we can leverage SRv6 for overlays, underlays and service chaining all from one single protocol. In this session we want to give a brief overview on SRv6, cover the SRv6 implementation in FD.io VPP, as well as showcase how to create your own network functions in VPP. Also, we would like to showcase how to develop SRv6 functions in Linux, and show the first-ever SRv6-aware app in the world: SERA, an advanced SR aware firewall, capable of taking stateless actions programmed in the SRH (Segment Routing Header). Speaker: This workshop will be lead by two speakers. Speaker 1: Pablo Camarillo is a software engineer in Cisco CTAO. He's one of the members of the core SRv6 architecture team and has developed the SR implementation in FD.io VPP. Prior joining Cisco, he was a research engineer at IMDEA Networks institute, where he prototyped a BGP route server in ExaBGP and researched on the algorithmic of TI-LFA (SR Topology Independent Loop Free Alternates). Speaker 2: Ahmed Abdelsalam is a PhD student at Gran Sasso Science Institute researching on SRv6 for SFC in Linux. During his PhD he successfully completed an internship at Cisco Systems. He is CCNA, CCNP and CCAI certified. Pablo Camarillo SR website FD.io VPP SRv6 in VPP SRv6 in VPP documentation SRv6 Network Programming IETF draft Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:50 H.1302 (Depage) de_mystifying_contributing_to_postgresql De-mystifying contributing to PostgreSQL PostgreSQL devroom PostgreSQL is a great community. They are open-minded, friendly, agreeable and so on. You feel like helping them. The problem is you are shy and you look at community people as gods. On top of that you don't want to mess up with their work or bother them with obvious and silly (to them) questions! This conference talk is based on my own true story. I will tell you about how I submitted my very first patch to the community. After some background presentation about how the community works, I will try to answer the following questions: <ul> <li>What can I do to help (and you'll see that even without coding you can do a lot!) ?</li> <li>What's a contribution ?</li> <li>What's a patch ? How can I create one?</li> </ul> And I hope that sooner or later you'll come and join the community and you'll feel so proud of yourselves! Lætitia Avrot Video recording (mp4) Video recording (WebM/VP9) Talk on the FOSDEM PGDay website (may include slides) Submit feedback 12:00 00:50 H.1302 (Depage) postgresql_a_crash_course PostgreSQL -- A Crash Course PostgreSQL devroom A crash course to get you up and running with PostgreSQL. We will cover: <ul> <li>Installation from binaries and source</li> <li>Cluster initialization, startup, and session management</li> <li>Basic configuration - postgresql.conf and pg_hba.conf</li> <li>psql use/hints</li> <li>SQL syntax and quoting</li> <li>Data types</li> </ul> Joe Conway Talk on the FOSDEM PGDay website (may include slides) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:50 H.1302 (Depage) postgresql_replication_in_2018 PostgreSQL Replication in 2018 PostgreSQL devroom The world of PostgreSQL replication has come a long way from the days of manually compiling and installing erServer. The options are new, and there are many of them, directed at solving different problems. This talk takes a look at some of the options available today and tomorrow. Magnus Hagander Talk on the FOSDEM PGDay website (may include slides) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 H.1302 (Depage) jiting_postgresql_using_llvm JITing PostgreSQL using LLVM PostgreSQL devroom In a number of workloads, primarily of analytical nature, several parts of postgres' query execution are limited by CPU speeds. One way to address that is by allowing queries to be processed by more than one core at a time; which the project started to enable with 9.6, extended a lot in version 10, with significant additional features expected in 11. But that does not address the efficiency / economics of overall query execution. This talk will focus on increasing the efficiency of query execution by just in time compiling parts of queries. That is, instead of having roughly interpreter like code to execute the queries, emit native code doing precisely the work needed for a specific query. The current goal of the project is to use LLVM to perform JIT of two main parts of query execution: <ul> <li>expression evaluation (WHERE clause, aggregates, GROUP BY clauses, etc)</li> <li>tuple deforming (converting on-disk tuples into a more efficiently accessible in-memory representation)</li> </ul> and to integrate as much of that work as possible into PostgreSQL 11. We'll discuss: <ul> <li>how the above parts of the system were identified as the primary bottlenecks</li> <li>how JIT compilation can help resolve them</li> <li>which structural changes to postgres were required to allow for JIT compilation</li> <li>how JIT compilation is currently implemented, including the current development state</li> <li>the problems faced using LLVM for this task, and which improvements to it could make it better for the use-case</li> </ul> Depending on the available time, we'll also discuss possible future avenues for optimization. Andres Freund Slides Video recording (mp4) Video recording (WebM/VP9) Talk on the FOSDEM PGDay website (may include slides) Submit feedback 15:00 00:50 H.1302 (Depage) blue_elephant_on_demand_postgres_kubernetes Blue elephant on-demand: Postgres + Kubernetes PostgreSQL devroom So, you've chosen Postgres to manage your data; next challenge is where to run it at scale? Want to avoid vendor lock-in and take advantage of the latest Postgres features and popular extensions not available in managed services from commercial vendors? Need to integrate your Postgres databases with existing monitoring and deployment tools? Interested in building your own database as a service? In fact, you can do it with existing open-source components. Our talk is a story of how the database team at Zalando created company-wide database-as-a-service based on Postgres, Kubernetes and various open-source tools we developed on our own. We will share how we run hundreds of high-availability Postgres clusters on Kubernetes and automate routine operations using our open-source Postgres operator, providing developers easy-to-use tools to create, manage and monitor their database instances. We are going to cover, among other things: <ul> <li>Kubernertes Postgres operator</li> <li>Postgres HA with Patroni</li> <li>Postgres web-based realtime monitoring</li> <li>Postgres pam authentication with Oauth2 tokens</li> </ul> and other open-source components. We will also show a live demo. Oleksii Kliukin Jan Mussler Video recording (mp4) Video recording (WebM/VP9) Talk on the FOSDEM PGDay website (may include slides) Submit feedback 16:00 00:50 H.1302 (Depage) the_fabulous_destiny_of_0000000200000008000000bb The Fabulous Destiny of 0000000200000008000000BB PostgreSQL devroom Hi, soon, i will be a WAL file. I am not born yet, but everything is ready for me. I have high expectations for my life, but what will it be? I may end up in a lonely server after a very long work, or I may finish frozen in the archives of a cold tape band. But what I really want is to be part of a replication stream, I want to travel! Some call me "transaction log", some others go with "Redo log", PostgreSQL community has chosen WAL. But whatever you name me, come to listen to all the lifes I could have! Patrick Francelle Video recording (mp4) Video recording (WebM/VP9) Talk on the FOSDEM PGDay website (may include slides) Submit feedback 10:30 00:30 H.1308 (Rolin) stateofgo The State of Go What's new in Go 1.10 Go devroom Go 1.10 is planned to be released in February 2018 and this talk covers what's coming up with it. Francesc Campoy Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 H.1308 (Rolin) delve Advanced Go debugging with Delve Go devroom Learn how to utilize the Delve debugger to dig into and solve complex bugs in your code. Delve is a powerful yet simple open source debugger for the Go programming language. In this talk, I will discuss what makes both Go and Delve different from other languages / debuggers, and then dive into real world usage. I will begin by introducing the tool, and showing the basics of how it works. From there I will use specific example problems to show how to use some of the most powerful features of Delve to solve even the most complex bugs. This talk will be beneficial to beginners and advanced users alike. Learn how to utilize the Delve debugger to dig into and solve complex bugs in your code. Delve is a powerful yet simple open source debugger for the Go programming language. In this talk, I will discuss what makes both Go and Delve different from other languages / debuggers, and then dive into real world usage. I will begin by introducing the tool, and showing the basics of how it works. From there I will use specific example problems to show how to use some of the most powerful features of Delve to solve even the most complex bugs. This talk will be beneficial to beginners and advanced users alike. I will start with a deep dive into the Go programming language. Topics of discussion will include the runtime, DWARF, scheduler, and more. From there, I will introduce Delve and discuss how it is different from other debuggers and walk through basic usage. After that I will switch over to a terminal where I will work through several pre-made bugs, highlighting certain features of Delve. The goal of this talk is to equip users with all of the knowledge and confidence they need to use Delve to effectively debug their programs. Derek Parker Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 H.1308 (Rolin) networking Networking deepdive From net.Dial to gRPC Go devroom In this talk we'll discuss networking in Go. We start off with a review of the stdlib net package and its sub-packages and then walk through common use cases, patterns and challenges. In the second part we focus on best practices using the stdlib and community-provided frameworks such as gorilla/websocket and gRPC. In this talk we'll discuss networking in Go. The goal is to provide beginners with a comprehensive overview of what the stdlib offers as well as what packages outside of the stdlib exist that can be used for networking. More advanced users can benefit from networking best practices and guidance for implementing distributed systems. The talk is has two parts: <h2>Part 1: Basics</h2> We start off with a review of the stdlib net package and its sub-packages, walk through common use cases, patterns and challenges: <ul> <li>Discussion of net and sub-packages (main types, interfaces, understanding what is available)</li> <li>Socket-level programming</li> <li>Timeouts, retries</li> <li>Security</li> <li>DNS</li> </ul> <h2>Part 2: Best practices and beyond stdlib</h2> In the second part we focus on best practices using the stdlib and community-provided frameworks for networking: <ul> <li>Best practices writing networked applications</li> <li>Review of non-stdlib packages useful for networking: golang.org/x/net/websocket, gorilla/websocket, gRPC</li> </ul> Michael Hausenblas Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 H.1308 (Rolin) testing_and_automation_in_the_era_of_containers Testing and Automation in the Era of Containers (with Go) Go devroom As containers and orchestration technologies went from niche to necessary tools to build modern distributed systems, traditional testing is no longer enough. e2e cases represent a great solution, but it's often easier said than done. In this talk, I will share my experience of building a testing framework for distributed systems, revisiting common mistakes, how to avoid them, and showing how to take advantage of the power of Go to make sure our systems behavior match our original expectations, with scalability in mind through automation. Containers are everywhere. Whether teams decide to use bare containers, orchestrators or enterprise solutions built on top of these technologies, the result is the same in terms of testing. With rolling updates and fault-tolerant clusters getting more popular every day in organizations of all sizes, availability issues are now easier to handle, whereas the complexity of reliability in our systems stays the same or even increases. Given the nature of distributed systems, a traditional approach towards testing is not enough. Smoke, integration and unit tests should be only the entry point, while e2e tests are no longer a luxury item in our developer toolset. However, writing and running them with scale and time constraints in mind is a task that is easier said than done. Since Go was born with tools for developers in mind, it's a great language thatenables productivity, which sometimes is cited as an excuse to avoid writing stronger e2e cases. In this talk, I will share my experience of building a testing framework for distributed systems, revisiting common mistakes, how to avoid them, and I will show how to take advantage of the power of Go to write reliable e2e tests to make sure our systems' behaviors really match our original expectations, with scalability in mind through automation. Verónica López Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 H.1308 (Rolin) upspin Upspin and a future of the Internet My vision of Rob Pike's Upspin as a basis for a decentralized Internet Go devroom Upspin is both a protocol and a reference implementation for a global name space for network-accessible files that comes with permissions and end-to-end encryption. With simplicity at its core (the protocol is just 10 methods), it is very versatile and can be a building block for a decentralized Internet Last October, Rob Pike published the Upspin manifesto on his blog - command center. This manifesto is centered around a concept I care for: the separation of the producers and the consumers of data. I had been willing to create web services that could freely inter-operate and Upspin is a wonderful tool for that. Since then, I have been working on a collection of Upspin client and servers to prove the concept. In this talk I will present: - the basic concepts and architecture of Upspin - my implementations of Upspin client and servers (directory and storage) - my thoughts about what can be done with Upspin Gildas Chabot Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 H.1308 (Rolin) dep Dep Deep Dive! Go devroom This talk dives into github.com/golang/dep, the “official experiment” and precursor to a new approach to dependency management in the go toolchain itself. To help you get the most out of dep, we’ll cover both the essential workflows, and dep’s core design principles. This talk will cover the essential mechanics of dep, combined with an explanation of the main ideas behind dep’s design. It makes sense to explain these together, as dep is an opinionated tool with a spare interface: if people don’t understand dep’s basic way of thinking about dependency management, then they may find themselves “holding it wrong,” and having a difficult time. The benefit of dep’s spare design is that doesn’t take long to cover the essentials, and attendees will be able to walk away with a clear sense of how to leverage dep to their advantage. Sam Boyer dep project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:30 H.1308 (Rolin) networking_swiss_knife Networking Swiss Army Knife for Go Go devroom Creating and managing network devices, Traffic Control, routing and iptables, introspecting and manipulating network packets. That normally involves a lot of low level C programming, which introduces a huge gap between frontend (web and service oriented) and backend needs (systems programming). Go is excellent in bridging this gap in general, and thanks to the great work of the Go community, networking tasks are very easy to solve too. This session will introduce a set of libraries which form a comprehensive Swiss Army Knife to tackle almost any network related task on Linux with Go. Roman Mohr Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:30 H.1308 (Rolin) interface The case for interface{} When and how to use empty interface Go devroom The empty interface (interface{}) is one of the most interesting, powerful, and easily abused features of Go, but there are use cases for which it is uniquely and excellently suited. In this talk for the Go devroom, I will propose a set of rules which can be used to see if your use of interface{} will be the elegant and simple API that interface{} promised, or merely lead to a maintainability nightmare down the road. Sam Whited Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 H.1308 (Rolin) observability Google’s approach to distributed systems observability for Go Go devroom The progression of microservices in the industry resembles me the way microservices progressed at Google. First, a common container format. Then, a way to express complicated systems in terms of containers. Then, tools to deploy them and services to schedule them. Then, core networking services to support the complicated networking requirements of our highly large systems with complex dependencies. Then, observability: collecting diagnostics data not just to recognize and debug production problems, but also to provide critical signals about usage to our highly adaptive and scalable environment. Jaana Dogan (JBD) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:30 H.1308 (Rolin) gopherjs Creating GopherJS Apps with gRPC-Web Go devroom This presentation will introduce gRPC, gRPC-Web and GopherJS to attendees. At the end of the presentation, they will know how to create a GopherJS frontend and leverage GopherJS gRPC-Web bindings for the communications with a generic Go gRPC backend. I'm the author of the <a href="https://github.com/johanbrandhorst/protobuf">GopherJS gRPC-Web bindings</a>. The library is based on the <a href="https://github.com/improbable-eng/grpc-web">TypeScript gRPC-Web library by Improbable</a>. It allows the user to define the frontend-backend interface as a proto3 protobuf file and generate a Go-gRPC-client-like interface for the GopherJS frontend to consume. In addition, it allows the user to write GopherJS frontends for generic gRPC servers, with the use of a proxy developed by Improbable. For more information about gRPC-Web see <a href="https://improbable.io/games/blog/grpc-web-moving-past-restjson-towards-type-safe-web-apis">Improbable's blog post</a>. My library further extends the capabilities of the Improbable library by adding client side and bidirectional streaming over a websockets with a custom Go proxy library. I have developed a demo for the library, available on <a href="https://grpcweb.jbrandhorst.com">https://grpcweb.jbrandhorst.com</a>. The presentation will start with a quick introduction to Protobuf, gRPC and gRPC-Web, then introduce GopherJS and my GopherJS gRPC-Web bindings and walk through development of a small web app using GopherJS, the GopherJS gRPC-Web bindings and a generic Go gRPC backend server. I have previously delivered a lightning talk to the London Go User Group on the topic of this library, <a href="https://skillsmatter.com/skillscasts/10924-using-grpc-web-to-connect-gopherjs-apps-to-grpc-backends">recording available</a>. For this talk I will be able to talk more about the implementation details and walk through getting started with developing a GopherJS web app. I will wrap up with a summary of what we've discussed. Johan Brandhorst Demo of library in use Library repo Blog post introducing library Blog post introducing bidi streaming support Lightning talk about library Example app built with library Boilerplate repo Slides for talk YouTube video of talk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:30 H.1308 (Rolin) datastore Building and testing a distributed data store in Go Go devroom This talk covers my experiences designing, building and testing a open-source distributed metrics store in Go. I'll explain: <ul> <li>the system architecture and the trade-offs involved in distributed systems</li> <li>how the design evolved</li> <li>how Go is well-suited to high throughput distributed systems</li> <li>useful libraries for building such systems in Go</li> <li>using pprof to identify performance bottlenecks</li> <li>how data structures affect garbage collection in high-throughput systems</li> <li>testing strategies and failure injection</li> </ul> Matt Bostock Timbala source code Video recording (mp4) Video recording (WebM/VP9) Slides Timbala project kanban board Timbala architecture docs Timbala decision records Submit feedback 16:00 00:30 H.1308 (Rolin) gocv Computer Vision Using Go And OpenCV Go devroom It is easier to see what comes next for the Internet of Things (IoT) when you have eyes on the world. Computer Vision (CV) software, in particular the powerful open source OpenCV (<a href="http://opencv.org">http://opencv.org</a>) has made big leaps in power and usability, and is ready to come into its own as a key part of an advanced IoT solution. At the same time the Go programming language aka Golang has won over fans with clean code, high-performance, and portability. But there has not been any way to unlock the most state-of-the-art CV libraries using the most state-of-the-art programming language... until now. Introducing GoCV (<a href="https://gocv.io">https://gocv.io</a>) a new package for letting Go programmers create computer vision applications using OpenCV. In this talk I will show how to use GoCV to build the next generation of computer vision applications, with live code demonstrations. It is easier to see what comes next for the Internet of Things (IoT) when you have eyes on the world. Computer Vision (CV) software, in particular the powerful open source OpenCV (<a href="http://opencv.org">http://opencv.org</a>) has made big leaps in power and usability, and is ready to come into its own as a key part of an advanced IoT solution. At the same time the Go programming language aka Golang has won over fans with clean code, high-performance, and portability. But there has not been any way to unlock the most state-of-the-art CV libraries using the most state-of-the-art programming language... until now. Introducing GoCV (<a href="https://gocv.io">https://gocv.io</a>) a new package for letting Go programmers create computer vision applications using OpenCV. In this talk I will show how to use GoCV to build the next generation of computer vision applications, with live code demonstrations. Ron Evans GoCV website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 H.1308 (Rolin) faster Make your Go go faster! Optimising performance through reducing memory allocations Go devroom This talk will preset a set of techniques to make your Go programs run faster. Starting with CPU profiling, moving through memory allocation profiling, to escape analysis, we will point out some less-well-known corners of the runtime, how they impact performance, and how to mitigate this impact. Often, the single biggest drain on performance in a Go program is the garbage collector. Each release of the Go runtime comes with a slightly faster collector, but you can make much bigger performance improvements by not creating garbage in the first place: if you can rework your code to make fewer heap allocations, then the garbage collector will run less often and have less work to do. Examples will be drawn from real-world experience optimising the Open Source container visualisation project <a href="https://github.com/weaveworks/cortex">Weave Cortex</a>. Bryan Boreham Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:30 H.1308 (Rolin) devops Distributing DevOps tools using GoLang and Containers, for Fun and Profit! Go devroom A look at our approach to distributing DevOps tools between many teams (and CI), using a GoLang app to launch containers. We needed a way to reduce the overheads associated with onboarding new starters, so instead of a document giving a list of software that needed to be downloaded, e.g. Chef Development Kit, Terraform, Docker etc. etc. they could just download a single thing which gave them a ready made development environment whether they used Mac or Linux PCs. Initially we used Vagrant for this, but that ended up not being the best tool for the job. Then along came Docker for Mac, and we quickly realised that, by manipulating the GoLang Docker SDK, we could just run everything in containers. Because we wrote this in Go, we could also interact with other Go SDKs for products and services we look after, like AWS and Hashicorp Vault, to prepare an environment for these containers. This worked really well! Too well, in fact, as people from across the company started asking us "can you add XYZ to this tool?". We didn't want our tool to become bloated, so we open-sourced the guts of our tool for other teams to create their own versions, with the tools they needed. Lucy Davinhart Cali Source Code LU(cy) CLI Code Staticli Code Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:30 H.1308 (Rolin) dna_sequencing AMENDMENT DNA sequencing performance in Go, C++, and Java Go devroom While Go is not primarily designed for parallel programming, it nevertheless has features that end up being beneficial for parallelism as well, especially the inclusion of a work-stealing scheduler for goroutines and a concurrent, parallel garbage collector. For this reason, we have recently included Go as one of several candidate programming languages in an evaluation of their suitability for expressing sequencing pipelines. Other programming languages we have evaluated were C++ and Java. Go hits a sweet spot of performing very close to the best results with little programming effort and few compromises in terms of safety and generality. This talk will present highlights of this experiments and the most important insights. A DNA sequencer takes a DNA sample, such as human tissue, and applies chemical processes to eventually read small fragments of the DNA sample and output them as large files. These files are then fed into software pipelines that reconstruct the original DNA sequence from those fragments, among other things. Such sequencing pipelines need large amounts of storage, on disk and/or in RAM, and can strongly benefit from parallel execution to improve runtime performance. Data sets for human DNA samples are usually in the order of several hundreds of GB of uncompressed data, and runtimes are typically in the order of several hours for single samples. Go is usually presented as a language designed for concurrent applications, and it is usually stressed that support for parallel programming was not a major design goal. It may therefore be surprising to a larger audience that Go actually fares very well for parallel programming tasks, with relatively little effort. This talk may encourage Go developers to explore the language for application areas that can benefit from parallelism, beyond the domains where Go is typically used. Please note that this talk replaces one entitled "Writing a structured syslog parser in Go" that was due to have been given by Brian Knox, who has sent his apologies but is now unable to attend FOSDEM this year. Pascal Costanza A paper about the original implementation of elPrep in Common Lisp, which we have now ported to Go. The source code for elPrep. The source code for Pargo, a library for parallel programming in Go that we implemented. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 01:00 H.1308 (Rolin) lightning Go Lightning Talks Come speak! Go devroom The last hour of the day will be dedicated to lightning talks. Come watch great short talks, or come present yours! Francesc Campoy Maartje Eyskens Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:25 H.1309 (Van Rijn) om_html5 video - It's a lot more than just a HTML5 tag Things to consider when building a video enabled site Open Media devroom The <video> element was first proposed by Opera Software in February 2007. Opera also released a preview build that was <a href="http://coolastory.blogspot.co.uk/2007/03/sv-web-builders-event-world-premier-of.html">showcased</a> the same day and a <a href="http://www.wiumlie.no/2007/video">manifesto</a> that called for video to become a first-class citizen of the web. Integrating video elements into the HTML5 standard has changed the world forever and for the better and enabled us to gradually rid ourselves from the proprietary, exploitable and often slow FLASH technology. However, the means to embed video in HTML5 enabled web pages is only the tip of the iceberg. In this session, we will discuss other crucial aspects of handling and serving video. This session will cover in detail the following aspects and how we handle them in the Kaltura Open Source Video Platform: <ul> <li>Video ingestion [uploading, encoding/transcoding]</li> <li>Content distribution and Caching</li> <li>Redundancy</li> <li>Metadata cataloging and Searching</li> <li>On-the-fly repackaging of MP4 files into DASH, HDS and HLS</li> </ul> We will conclude with an end-to-end demo of the Kaltura Video Platform. Jess Portnoy Submit feedback 11:30 00:25 H.1309 (Van Rijn) om_imscjs Rendering of subtitles in HTML5 with imscJS Open Media devroom The TTML Profile for Internet Media Subtitles and Captions (IMSC) is the most promising candidate for a long awaited harmonized subtitle format for the Web. The open source library imscJS is not only a polyfill to render IMSC subtitles in the browser: as an open reference implementation it is a blueprint how to integrate IMSC subtitles in other open source projects e.g. in video players. The presentation will show how imscJS parses and renders IMSC subtitle files, where imscJS is already used and how the open source ecosystem for subtitles could benefit from it in the future. Andreas Tai Github Repository of imscJS Version 1.0 of IMSC Draft of the version 1.1 of IMSC DASH JS as an example how IMSC is used in other Open Source Projects Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:25 H.1309 (Van Rijn) vlc An update on VLC and the VideoLAN community VLC 4.0, VLC.js, VLC-VR? Open Media devroom This talk will present some updates on the VideoLAN community and on VLC. We will notably discuss about VLC 4.0 (the next release); VideoLAN infrastructure, including security; and other projects like VLC.js or VLC-VR. We will also speak about the status of other VideoLAN software, like libbluray, libdvdcss or x264; and other part of our community. Jean-Baptiste Kempf Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:25 H.1309 (Van Rijn) om_kodi Kodi v18 features and improvements What we've been busy with Open Media devroom A short walk through of what we have been doing past year since v17 release and what we are still planning to do. During the time we worked towards the final release of v17 some of our developers already took a head start for v18. During past year developers in and outside of the Kodi Team have been steadily refactoring and working on new features that will be included in the upcoming V18. Various parts have already been published in articles on our website though we will also sum up some parts that are in the pipe line. In total will try to do a brief rundown on what we hope will be included. Martijn Kaijser Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 H.1309 (Van Rijn) om_gstreamer What's new in GStreamer? Open Media devroom This talk will take a look at what's been happening in the GStreamer multimedia framework as of late and what shiny new features you can expect to land in the near future. It will be fairly high-level and is targeted at both application developers and anyone interested in multimedia on Linux and elsewhere. GStreamer is a highly versatile plugin-based multimedia framework that caters to a whole range of multimedia needs, whether desktop applications, streaming servers or multimedia middleware; embedded systems, desktops, or server farms. It is also cross-platform and works on Linux, *BSD, OS/X, Windows, iOS and Android. Whether WebRTC, RTP, RTSP, SRT or RTMP, decoding or encoding, streaming or recording, we have it all! Join us to find out what's new! Tim-Philipp Müller Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 H.1309 (Van Rijn) om_gst_embedded Update on GStreamer for Embedded Devices Open Media devroom GStreamer is the de-facto multimedia framework used for embedded Linux systems. I will focus on recent improvements relevant to the embedded community. In particular, I'll explain our progress in making it easy to do zero-copy pipelines using DMAbuf to connect all the components of the multimedia pipeline, from V4L2 capture, to OpenMAX based codecs to Wayland or KMS based sinks. I'll also give a short overview of the improvements into the OpenGL stack, in particular for embedded platforms. GStreamer is a highly versatile plugin-based multimedia framework that caters to a whole range of multimedia needs, whether desktop applications, streaming servers or multimedia middleware; embedded systems, desktops, or server farms. It is also cross-platform and works on Linux, *BSD, Solaris, macOS, Windows, iOS and Android. This talks targets everyone who cares about Free and Open Source multimedia on embedded systems. GStreamer is the standard multimedia framework, not only on the Linux desktop, but most importantly, in embedded Linux products. Olivier Crête Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:25 H.1309 (Van Rijn) om_gst_dbg Modern tools to debug GStreamer applications Open Media devroom GStreamer is a framework to develop multimedia applications such as media players, transcoders or video editors. Recent GStreamer releases gained new tools making it easier to debug and gather data about the running pipeline. In this talk I'll present GStreamer's tracing system and existing tracers (from gst core and third party such as gst-shark). I'll show how GStreamer's leak tracer can be an easier and faster alternative to Valgrind to track memory leaks in your GStreamer application. I'll also present my new log parsing library, written in Rust, to very easily extract and process data from GStreamer's log system. Guillaume Desmottes blog post about the leaks tracer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:25 H.1309 (Van Rijn) om_upipe What's new in Upipe Open Media devroom This presentation will go over all the recent additions to Upipe, what's coming, how easy it is to add new modules and why it is the best multimedia framework in the universe. Upipe is a recent multimedia framework coming from the mastermind behind the original VLC. It was designed to solve a lot of shortcomings in the existing multimedia frameworks and comes with all you need to create live low-latency professional television software. Learn how we're creating the core infrastructure for broadcasting live television to millions of people all around the globe, 188 bytes at a time. We'll briefly present the latest modules additions to the framework and what we're currently working on. Rafaël Carré Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:25 H.1309 (Van Rijn) om_gpac GPAC: Support for High Efficiency Image Format (HEIF) Open Media devroom This talk will focus on the High Efficiency Image Format. HEIF is an image format based on HEVC compression technology, and standardized by MPEG. The GPAC team is a contributor and provides tools to support it. Ahmed Rida Sekkat GPAC support for HEIF Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:25 H.1309 (Van Rijn) om_matroska Matroska Low-Latency streaming Why Matroska is (always) Better Open Media devroom Low-Latency video over HTTP using Matroska (or all the features of Matroska you never heard about) I'd like to show a demo of very latency streaming using Matroska for an adaptive streaming use case and compare with existing solutions like framgemted MP4 or MPEG-TS. Steve Lhomme Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:25 H.1309 (Van Rijn) om_rawcooked RAWcooked Compress your DPX and revert without losing any metadata Open Media devroom RAWcooked encodes RAW audio-visual data into the Matroska container (MKV), using the video codec FFV1 for the image and audio codec FLAC for the sound. The metadata accompanying the RAW data are preserved, and sidecar files, like MD5, LUT or XML, can be added into the Matroska container as attachments. This allows to manage these audio-visual file format in an effective and transparent way (e.g. native playback by VLC), while saving typically between one and two thirds of the needed storage, and speeding up the back-up on LTO cartridges. When needed, the source is retrieved bit-by-bit. Jérôme Martinez RAWcooked project page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 H.1309 (Van Rijn) om_vcodec Current meta of video compression and probable futures ...or how to hammer things until they work better Open Media devroom Video compression has been around for many years now yet the basic structure of a video codec remains largely similar. And although the basis remains similar compression keeps improving. How long can this be worked on and improved before its simpler to start with something radically different. What technology would still work in a hypothetical new codec? What technology would still realistically work in a hypothetical new codec? Do software complexity, hardware area, feature needs and overall possible compression always balance out when creating video codecs? This talk shall attempt to answer most of these questions. Rostislav Pehlivanov Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:25 H.1309 (Van Rijn) om_av1 AV1 Codec Update Open Media devroom An update on the status of the AV1 codec, from the Alliance for Open Media. Tim Terriberry Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:25 H.1309 (Van Rijn) om_fm_radio The UoC Radio Station Project Technical overview of an FM radio station based on open source and DIY Open Media devroom In this talk we will present the technical challenges we have encountered while building an FM & web radio station from scratch and the innovative solutions that we have applied to them, utilizing open source software, and - where possible - hardware, as well as developing our own components, such as our software FM MPX signal generator, our producer-friendly GTK desktop application and many more. Furthermore, we will elaborate on the technical processes of building a music and sample library using open-source software and services, and how we utilize this library to produce an automated broadcast using our custom GStreamer-based audio clip scheduler. The University of Crete (UoC) Radio Station is a non-profit, community-driven radio station developed primarily by students and alumni of the University of Crete, in the university’s campus. The station, as a community, is founded on the concepts of DIY and Open Source in all of its aspects, from the operation & organizational structure of the community to the very technical problems, where we choose to use open source, community-driven software, hardware and services and build things ourselves from scratch where it’s possible. George Kiagiadakis Main Website Github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:30 H.1309 (Van Rijn) om_ffmpeg FFmpeg - The Media Swiss Army Knife Manipulate Media from the comfort of your shell Open Media devroom FFmpeg is a FOSS, cross-platform, solution to record, convert and stream audio and video. This session will focus on using the CLI tools included in this project [ffmpeg and ffmprobe] to accomplish everyday video manipulation and streaming tasks. The session will include a live demo showing how to achieve the following goals: <ul> <li>Extract metadata from video and audio files</li> <li>Convert between different media types</li> <li>Live Stream over RTMP</li> <li>Record screen display</li> <li>Basic editing operations [concatenation of several video files into one, extracting the audio track from a video, etc]</li> </ul> Jess Portnoy FFmpeg Home Submit feedback 18:30 00:25 H.1309 (Van Rijn) om_restful AMENDMENT Handling media - the RESTful approach How we integrated media content in textual API Open Media devroom In Kaltura we use REST API for every external and internal interaction and integration. As online video platform we work with media files combined with textual REST API and we would like to share the lessons learned. Please note that this talk was originally scheduled at 11:00. How to upload media files using textual REST API? How to download video, audio, images, close-caption and other media content using REST API? How to manipulate video and images using REST API? Johnathan Amit-Kanarek Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:45 H.2213 robotframework_bosch A real life story about product testing with robotframework Lessons learned testing IoT devices with robotframework. Testing and automation devroom The residential heating division of Bosch thermotechnology is developing products for domestic hot water and central heating in homes. These products include an app (iOS and Android) connected smart room thermostat and a control unit for controlling a boiler appliances. During this presentation, we want to share our lessons learned by explaining our testing strategy and the usage of robotframework. Specifically we will share our story about: <ul> <li>Our usage of robotframework to test the mobile apps we develop. Show framework architecture for combined on target and simulator testing. How to test on several different real phones.</li> <li>The testing of the internet connected room thermostat with robotframework. How to handle (stub, mock or fake) the different (radio) interfaces.</li> <li>How we setup robotframework to test the embedded software with accelerated time. Show the architecture of the embedded software and how we can run this on both target and PC platform. How the modelled system dynamics were used during testing.</li> <li>Do's and dont's when testing a product during development.</li> </ul> About the authors: <ul> <li>Alex van de Schootbrugge is an embedded software engineer working on the smart room thermostat.</li> <li>Windel Bouwman is an embedded software engineer working on the control units for boiler appliances.</li> </ul> Alex van de Schootbrugge Windel Bouwman Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:25 00:45 H.2213 remote_embedded_testing Piece of cake testing remote embedded devices made easy with MuxPi Testing and automation devroom Designing custom hardware, though might seem intimidating at first, can simplify many activities. It solves certain issues, but often raises many others. Paweł will present a fresh open hardware approach at providing remote access (including device flashing, debugging and power management) to embedded devices - <a href="https://wiki.tizen.org/MuxPi">MuxPi</a>, successor of <a href="https://wiki.tizen.org/SD_MUX">SD MUX</a> board (showcased during FOSDEM 2016 and Embedded Linux Conference 2016). Presentation will introduce novices to the topic of testing on remote embedded devices and previous attempts to do so. It will focus on software components of the new Tizen GNU/Linux distribution's testing laboratory (currently in the process of being published open source): <ul> <li>Boruta - board farm management system,</li> <li>Weles - LAVA-compatible testing framework,</li> <li>Perun - binary image testing system.</li> </ul> Advanced capabilites of presented hardware (MuxPi) are discussed during talk in <a href="https://fosdem.org/2018/schedule/event/testing_remote_devices/">Embedded, mobile and automotive devroom</a>. This talk will hopefully encourage discussion on this topic or inspire attendees to try those components out in their own setups and share feedback on what can be further improved. Paweł Wieczorek Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:45 H.2213 advanced_testing_java Advanced testing in action on a Java project Demonstrating testing practices using Java, Maven, Docker and Jenkins. Testing and automation devroom This talk will demonstrate advanced testing practices used by the <a href="http://xwiki.org">XWiki open source project</a>, and using Java, Maven, Docker and Jenkins: <ul> <li>Testing for <a href="http://massol.myxwiki.org/xwiki/bin/view/Blog/ByeByeCLIRRWelcomeRevapi">backward compatibility with Revapi</a> and an <a href="http://massol.myxwiki.org/xwiki/bin/view/Blog/BackwardCompatibilityStrategy">associated strategy</a></li> <li>Testing for coverage with Jacoco and defining a viable strategy for slowing improving the situation</li> <li>Testing the quality of your tests with <a href="http://massol.myxwiki.org/xwiki/bin/view/Blog/MutationTestingDescartes">Descartes Mutation testing</a></li> <li>Automatically enriching your test suite with <a href="https://github.com/STAMP-project/dspot">DSpot</a></li> <li>Testing various configurations with <a href="http://massol.myxwiki.org/xwiki/bin/view/Blog/DockerJenkinsConfigurationTesting">Docker containers and Jenkins</a></li> </ul> Vincent Massol Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:15 00:25 H.2213 loadtesting_locust Load testing with Locust Testing and automation devroom This lightning talk will cover our team's efforts at Bloomberg to run a set of performance tests using Locust, an open source Python-based user load testing tool. The talk will review our motivation for running performance tests, how we set up our testing environment in a distributed fashion so that we can generate a high load, how Locust helps with this, and how to automate this testing process. The talk will also cover how testing can prevent potential risks when releasing new software to your client base. Kubilay Kahveci Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:45 H.2213 contributor_automation Simplifying the contribution process for both contributors & maintainers A case study of the GitHub integration in EasyBuild Testing and automation devroom Despite platforms like GitHub & co, several hurdles remain for wannabe contributors, on top of whatever skills were required to puzzle together the contribution, especially for people that are not software developers themselves. Examples include: <ul> <li>minimal experience with the VCS used by the project (Git, Mercurial, ...);</li> <li>some familiarity with the platform where the project repository is located (GitHub, GitLab, Bitbucket, ...);</li> <li>being aware of the project-specific contribution policy (for example feature & target branches, how to ;</li> </ul> Although these hurdles can be overcome with a reasonable amount of effort, for example by reading the project's documentation or following some basic tutorials, they turn out to be a showstopper for some people. Possible reasons include: <ul> <li>limited interest in getting familiar with all required details, especially for first-time or infrequent contributors;</li> <li>a lack of time to learn how to overcome these hurdles;</li> <li>becoming demotivated quickly because of problems encountered while following the contribution process;</li> </ul> This can result in a significant amount of (potentially very useful) lost contributions... In addition, project maintainers often lack the time required to process all incoming contributions. Doing so not only requires a visual review of the code changes, but also testing, enforcing code style requirements, providing feedback, etc. In this talk, I will outline the extensive GitHub integration that has been implemented in EasyBuild, a framework implemented in Python for building and installing (scientific) software on High Performance Computing (HPC) systems. The EasyBuild command line interface has been extended to add support for: <ul> <li>previewing pull requests by comparing with current state of the project repository;</li> <li>fully automatically creation of new pull requests (covering both the Git workflow & GitHub interface);</li> <li>updating existing pull requests to resolve problems or implement suggestions made by maintainers;</li> <li>testing contributions by pulling in the changes from GitHub for local testing;</li> <li>uploading test reports back into pull requests to efficiently communicate whether the contribution works on other systems;</li> <li>reviewing pull requests by cross-referencing with existing relevant files (if any);</li> <li>merging pull requests after checking that all requirements are met (approval by Travis CI, successful test report, visual review by a maintainer, correct target branch, milestone set, ...)</li> </ul> In addition a bot was implemented to automatically notify contributors & maintainers that the Travis CI build for a pull request is failing (which is not supported by Travis CI itself). These features have been implemented by leveraging the GitPython library, the GitHub REST API, and the Travis CI API. They have proven invaluable for both contributors (regardless of experience) and EasyBuild maintainers, by streamlining the contribution process. In addition, this has resulted in: <ul> <li>significantly reduced effort to contribute (even for experienced contributors);</li> <li>an increase in contributors & contributions;</li> <li>better consistency in contributions;</li> <li>less time spent by maintainers to process contributions.</li> </ul> I hope this talk can motivate other projects (large & small) to implement similar features to simplify their contribution process, since this is a critical part of building a community around a software project. The EasyBuil features that are outlined can also be implemented in other projects, regardless of the programming language being used and the scope of the project. Kenneth Hoste EasyBuild website (http://easybuilders.github.io/easybuild/) Documentation on GitHub integration in EasyBuild (http://easybuild.readthedocs.io/en/latest/Integration_with_GitHub.html) GitPython documentation (https://gitpython.readthedocs.io) GitHub API documentation (https://developer.github.com/v3/) Travis API documentation (https://docs.travis-ci.com/api/) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:05 00:45 H.2213 validating_spark Testing and Validating distributed systems with Apache Spark and Apache Beam Testing and automation devroom As distributed data parallel systems, like Spark, are used for more mission-critical tasks, it is important to have effective tools for testing and validation. This talk explores the general considerations and challenges of testing systems like Spark through spark-testing-base and other related libraries. With over 40% of folks automatically deploying the results of their Spark jobs to production, testing is especially important. Many of the tools for working with big data systems (like notebooks) are great for exploratory work, and can give a false sense of security (as well as additional excuses not to test). This talk explores why testing these systems are hard, special considerations for simulating "bad" partioning, figuring out when your stream tests are stopped, and solutions to these challenges. Holden Karau Slides one slideshare Talk feedback to Holden Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:45 H.2213 pairwise_testing Testing Red Hat Enterprise Linux the Microsoft way Diving into Pairwise (a.k.a. all-pairs) test case generation techniques Testing and automation devroom Pairwise (a.k.a. all-pairs) testing is a test case generation technique that is based on Microsoft's observation that most faults are caused by interactions of at most two factors. Pairwise-generated test suites cover all combinations of two therefore are much smaller than exhaustive ones yet still very effective in finding defects. I have taken the pairwise approach and applied it during an entire release cycle of Red Hat Enterprise Linux. I've made an experiment where I have reduced the test matrix for 9 product variants and 4 CPU architectures to a size suitable for execution by a single person. In this talk I will explain: - what is the background of the product and how it was traditionally tested - how I've constructed my experiment - how many test cases I was able to remove from the test matrix - how the results and risk level compare to the standard exhaustive test suite! I will also talk about bugs found and bugs missed by the two approaches. Alexander Todorov blog post about the experiment Pairwise testing community website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:55 00:35 H.2213 integration_testing_at_gitlab Building an integration testing framework Integration testing framework we are building to test GitLab using Docker and Kubernetes Testing and automation devroom Microservices are becoming very popular recently. But how to run automated end-to-end tests against your product when your architecture and deployment processes are complex? How to orchestrate your test environment when your product is a SaaS application but can also be installed on-premises on bare metal or deployed into the cloud on to your Kubernetes cluster? Using containers to automatically test your application is a great use case, but sometimes running tests only against containers might not be enough. We decided to create a click-driven, black-box integration testing framework, using Ruby, headless Chrome, Docker and Kubernetes, to test GitLab. This talk is a story about building this integration testing framework. It is about obstacles we had to overcome, essential complexity that we had to embrace, but also about problems that we still need to solve and our hopes for the future. Grzegorz Bizon Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:50 00:15 H.2213 systemtestportal SystemTestPortal A web application for managing manual system tests Testing and automation devroom While test automation is desirable in every software project, not all tests can be automated well, e.g. testing software that requires specific hardware. Furthermore, manual system tests often unveil unexpected faults simply because humans are more sensitive in this regard. Actually, almost every developer does this kind of manual tests "somehow". However, due to the lack of a proper tool support, these tests happen in an unplanned, unsystematic way and without documentation. As a result, it is hard for users to find out which features of a product were tested in which environment, on which hardware, and with which result. We are working on a novel web application named SystemTestPortal for creating, running and analyzing manual system tests. The tool aims at being useful for developers, testers, test managers, and end-users. It is lightweight, written in Golang, available under the GPLv3 license, and developed in a student project. Many of its planned features are working already and it's getting steadily closer to a mostly complete 1.0 release. This lightning talk will give a brief introduction and demo how the tool can be used to test a typical free software application. Daniel Kulesz website development page, issue tracker etc. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:35 H.2214 cypher_evolving_query_language Cypher: An evolving query language for property graphs A discussion of new extensions to Cypher Graph Processing devroom Cypher is a property graph query language that provides expressive and efficient querying of graph data. Originally designed and implemented within the Neo4j graph database, it is now being used by several industrial database products, as well as open-source and research projects. Since 2015 Cypher has been an open, evolving language, with the aim of becoming a fully-specified standard with many independent implementations. We provide a brief introduction to Cypher, the property graph model and the openCypher project, and then describe extensions – either actively being developed or under discussion – which will be incorporated into Cypher in the near future. These include (i) making Cypher into a fully compositional graph query language, by supporting multiple graphs and allowing graphs to be returned from queries; (ii) allowing for more complex patterns (based on regular path queries) to be expressed; and (iii) allowing for different pattern matching semantics – homomorphism, relationship isomorphism (the current default) or node isomorphism – to be configured at a query-by-query level. Stefan Plantikow The openCypher website The openCypher repository Slides for the presentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:35 H.2214 cypher_for_apache_spark Cypher for Apache Spark Graph Processing devroom <h3>Abstract</h3> Graph pattern matching is one of the most interesting and challenging operations in graph analytics. Query languages like openCypher, implemented in systems like Neo4j, SAP HANA Graph and Redis Graph, allow the intuitive definition of graph patterns including structural and semantic predicates. For now, graph query languages are most prominent in graph database systems such as Neo4j. However, we think that many systems can benefit from having such a language in their toolbox. One of these systems is Apache Spark, which is one of the most popular open source frameworks in the context of distributed processing of large data volumes within complex analytical workloads. To bring the benefits of Cypher from the graph database realm into the world of Big Data, we at Neo4j started developing Cypher for Apache Spark (CAPS). CAPS is primarily focused on graph-powered data integration and graph analytical query workloads within the Spark ecosystem. In addition, CAPS is our testbed for Cypher language extensions as specified in the openCypher project; for example, multiple graphs, graph transformations and construction, and query composition. In our talk, we want to motivate use-cases for CAPS and give an overview of new querying capabilities which we demonstrate using Apache Spark and Apache Zeppelin. Furthermore, we briefly present the internal architecture highlighting the main differences between Neo4j and CAPS. <h3>Intended audience and goal of the talk</h3> Developers and analysts, trying to express graph queries on distributed graphs <h3>Links to background information on the given talk for the hungry and impatient</h3> <ul> <li><a href="http://www.opencypher.org/">OpenCypher</a></li> <li><a href="https://neo4j.com/">Neo4j</a></li> <li><a href="https://spark.apache.org/">Apache Spark</a></li> </ul> <h3>Links to previous talks, code snippets or repositories</h3> <ul> <li><a href="https://github.com/opencypher/cypher-for-apache-spark">CAPS</a></li> </ul> Martin Junghanns Max Kießling Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:35 H.2214 computer_science_of_modern_distributed_database The Computer Science behind a modern distributed data store Graph Processing devroom What we see in the modern data store world is a race between different approaches to achieve a distributed and resilient storage of data. Most applications need a stateful layer which holds the data. There are at least three necessary ingredients which are everything else than trivial to combine and of course even more challenging when heading for an acceptable performance. Over the past years there has been significant progress in respect in both the science and practical implementations of such data stores. In his talk Max Neunhoeffer will introduce the audience to some of the needed ingredients, address the difficulties of their interplay and show four modern approaches of distributed open-source data stores. What we see in the modern data store world is a race between different approaches to achieve a distributed and resilient storage of data. Most applications need a stateful layer which holds the data. There are at least three necessary ingredients which are everything else than trivial to combine and of course even more challenging when heading for an acceptable performance. Over the past years there has been significant progress in respect in both the science and practical implementations of such data stores. In his talk Max Neunhoeffer will introduce the audience to some of the needed ingredients, address the difficulties of their interplay and show four modern approaches of distributed open-source data stores. Topics are: <ul> <li>Challenges in developing a distributed, resilient data store</li> <li>Consensus, distributed transactions, distributed query optimization and execution</li> <li>The inner workings of ArangoDB, Cassandra, Cockroach and RethinkDB</li> </ul> The talk will touch complex and difficult computer science, but will at the same time be accessible to and enjoyable by a wide range of developers. Michael Hackstein Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:45 00:35 H.2214 analzying_blockchain_transactions_in_apache_spark Analzying Blockchain transactions in Apache Spark Graph Processing devroom I will show the Blockchain analysis in Jupyter interactive notebook using the external Spark cluster running in Kubernetes, everything dockerized. The talk will briefly describe how Blockchain transactions work, but most of the time would be the demo. In the demo I will show how we can run various queries on the publicly available Blockchain data, graph algorithms such as PageRank for identifying significant BTC addresses and more. Intended audience: intermediate, analysts, Bitcoin/Altcoin enthusiasts Jiří Kremser Spark on OpenShift easily the code GraphX GraphFrames slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:35 H.2214 gcore_query_language G-CORE: The LDBC Graph Query Language Proposal Graph Processing devroom The talk will present G-CORE and its most striking features. G-CORE is a graph query language proposal developed by Linked Data Benchmark Council (LDBC). It is a closed graph query language that includes graph pattern matching, inclusive extended regular path expressions, graph construction (graph projection and graph aggregation), and (weighted) shortest path finding. The query language queries graphs and returns a graph. Hence, it supports views and correlated sub-queries, which have proven their worth in the relational databases. To ensure that the query language is practically usable on large data, G-CORE builds on previous complexity results and carefully select useful features, but restricted in such ways that the resulting language is polynomial in data complexity. As such, G-CORE connects the practical work done in industrial proposals with the foundational research on graph databases; in fact, it can be considered as a bridge between these two worlds. Hannes Voigt Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:15 00:35 H.2214 efficient_graph_algorithms_neo4j Efficient Graph Algorithms in Neo4j Graph Processing devroom We recently released a graph algorithms library for Neo4j. You can use these graph algorithms on your connected data to gain new insights more easily within the transactional database and to improve query results from your graph data, for example by focusing on particular communities or favoring popular entities. We developed this library as part of our effort to make it easier to use Neo4j for a wider variety of applications. Many users expressed interest in running graph algorithms directly on Neo4j without having to employ a secondary system. We also tuned these algorithms to be as efficient as possible in regards to resource utilization as well as streamlined for later management and debugging. In this session, we'll look at some of these graph algorithms and the types of problems that you can use them for in your applications and the implementation choices we made. Michael Hunger Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:35 H.2214 handling_billion_edges__in_graphdb Handling Billions Of Edges in a Graph Database Graph Processing devroom The complexity and amount of data rises. Modern graph databases are designed to handle the complexity but still not for the amount of data. When hitting a certain size of a graph, many dedicated graph databases reach their limits in vertical or, most common, horizontal scalability. In this talk I'll provide a brief overview about current approaches and their limits towards scalability. Dealing with complex data in a complex system doesn't make things easier... but more fun finding a solution. Join me on my journey to handle billions of edges in a graph database. The amount and complexity of data rises. The need for a database capable of dealing with those requirements is rising as well. Modern graph databases are designed to handle the complexity but what about the increasing amount of data? When hitting a certain size of a graph many dedicated graph databases reach their limits in vertical or most common horizontal scalability. In this talk Michael will address the glitches and most important the solutions on the journey to a scalable and distributed graph database. The main topics of this talk are: <ul> <li>Modern architectures in graph databases</li> <li>Scaling a graph: Bottlenecks in read and write performance</li> <li>Index free adjacency or hybrid indexes for graphs?</li> <li>Dealing with billions of edges: A graphy journey to London with ArangoDB</li> </ul> Michael Hackstein Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:45 00:35 H.2214 multi_level_graph_index It's a Trie... it's a Graph... it's a Traph! Designing an on-file multi-level graph index for the Hyphe web crawler Graph Processing devroom Hyphe, a web crawler for social scientists developed by the SciencesPo médialab, introduced the novel concept of web entities to provide a flexible and evolutive way of grouping web pages in situations where the notion of website is not relevant enough (either too large, for instance with Twitter accounts, newspaper articles or Wikipedia pages, or too constrained to group together multiple domains or TLDs...). This comes with technical challenges since indexing a graph of linked web entities as a dynamic layer based on a large number of URLs is not as straightforward as it may seem. We aim at providing the graph community with some feedback about the design of an on-file index - part Graph, part Trie - named the "Traph", to solve this peculiar use-case. Additionally we propose to retrace the path we followed, from an old Lucene index, to our experiments with Neo4j, and lastly to our conclusion that we needed to develop our own data structure in order to be able to scale up. <h2>Speakers</h2> <ul> <li>Paul Girard</li> <li>Mathieu Jacomy</li> <li>Benjamin Ooghe-Tabanou</li> <li>Guillaume Plique</li> </ul> Guillaume Plique Hyphe Hyphe Demo The Traph sources Hyphe's paper at the 10th International AAAI Conference on Web and Social Media (ICWSM-16) SciencesPo's médialab Online slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:35 H.2214 graph_based_analysis_javascript_repos Graph-based analysis of JavaScript source code repositories Graph Processing devroom JavaScript is one of the decade’s most trending languages. It ranked <a href="https://insights.stackoverflow.com/survey/2017#most-popular-technologies">#1 in popularity in Stack Overflow questions</a> and is consistently featured in the <a href="https://www.tiobe.com/tiobe-index/">top 10 languages of the TIOBE Index</a>. Originally intended for client-side scripting, the language is now widely used to build complex desktop applications, write server-side code and program IoT devices. The latest standards of the language are released yearly under the <a href="http://www.ecma-international.org/memento/TC39.htm">ECMAScript trademark</a> and contain sophisticated features and syntactical constructs. Static analysis is a software testing approach that is performed without compiling and executing the program itself. This allows developers to catch programming errors before building, testing and deploying the code. There is a wide range of static analysis tools: linters and code style analysers repeatedly perform checks in IDEs, while more complex analyzers, such as type checkers, run as part of the continuous integration (CI) process. As JavaScript is a dynamic language, static analysis approaches are particularly useful: they can detect erroneous type usages that would not be revealed by building the code, but only occur during thorough testing or even worse, at production. Thanks to the popularity of the language, there are already numerous approaches for static analysis available, such as <a href="http://ternjs.net/">Tern</a>, Facebook’s <a href="https://flow.org/">Flow</a> and <a href="http://www.brics.dk/TAJS/">TAJS</a>. However, none of these fitted all of our requirements: <ul> <li>Utilise both linter-style and complex global analysis rules.</li> <li>Evaluate rules in real-time, i.e. in sub-seconds upon each “save” operation.</li> <li>Allow users to easily extend the analysis rules.</li> </ul> As none of the current approaches satisfied these requirements, we built our own solution that uses a property graph query engine to represent the code graphs used for analysis and graph queries to evaluate the analysis rules. Compared to other static analysis frameworks, the novelty of our solution is twofold: <ul> <li>We continuously maintain code graphs based on the latest changes on the source code.</li> <li>We use the declarative openCypher language to define the static analysis and graph maintenance rules.</li> </ul> Using declarative queries, our tool is able to perform the complex analysis queries quickly, including: <ul> <li>Detecting asynchronous method calls with missing await statements (a common issue in the <a href="http://callbackhell.com/">callback hell</a>).</li> <li>Detecting unreachable code, i.e. code parts that cannot be reached through the control flow.</li> </ul> The analysis can be easily extended by custom analysis rules defined in the openCypher language. Building the system on openCypher also allows us to use different query engines: both mature databases, such as Neo4j, and also experimental engines, such as our own <a href="http://docs.inf.mit.bme.hu/ingraph/">ingraph engine</a>. The latter is our research prototype that supports live query evaluation for Cypher queries, which allows near instant answers even for complex analysis rules. In this talk, we give an overview of the steps involved in transforming the source code file to a syntax graph and converting it to a call flow graph. We demonstrate how openCypher queries can be used to capture complex analysis rules in a concise way, and how ingraph allows us to continuously evaluate these queries. Intended audience: Developers of static analysis tools, users looking for a flexible analysis framework Speaker biography. Gabor Szarnyas is a researcher working on graph processing techniques. His core research areas are live graph pattern matching, benchmarking graph queries, and analyzing large-scale networks. His main research project is <a href="http://docs.inf.mit.bme.hu/ingraph/">ingraph</a>, an openCypher-compatible query engine supporting live query evaluation. His research team was the first to <a href="http://cyprusconferences.org/adbis2017/acceptedpapers.html">publish</a> a <a href="https://link.springer.com/chapter/10.1007/978-3-319-66917-5_13">formalisation that captures the semantics of a core subset of the openCypher language</a>. Gabor works at the Budapest University of Technology and Economics, teaching system modelling and database theory. He conducted research visits at the <a href="https://www.york.ac.uk/">University of York</a>, <a href="http://www.mcgill.ca/">McGill University</a> and the <a href="https://uwaterloo.ca/">University of Waterloo</a>. He is a member of the <a href="http://www.opencypher.org/ocig">openCypher Implementers Group</a> and the <a href="http://ldbcouncil.org/">LDBC</a> <a href="http://ldbcouncil.org/developer/snb">Social Network Benchmark</a> task force. He received 1st prize in the ACM <a href="https://src.acm.org/candidates/2017">Student Research Competition</a> at the MODELS 2016 conference. He is also a frequent speaker at industrial conferences (<a href="https://archive.fosdem.org/2017/schedule/event/graph_incremental_queries_open_cypher/">FOSDEM</a>, <a href="http://graphconnect.com/speaker/gabor-szarnyas/">GraphConnect</a>) and meetups (<a href="https://www.meetup.com/nycneo4j/events/243464557/">openCypher meetup NYC</a>, <a href="https://www.meetup.com/neo4j-budapest-users/events/240363389/">Budapest Neo4j meetup</a>). Gabor Szarnyas Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:15 00:15 H.2214 graphdevroom_immm Etienne Saliez - A look at “Natural Intelligence” IMMM Interactive Medical Mind Maps Graph Processing devroom Up to now many medical record softwares were not mach more than narrative reports of what did appen at some time in the past in some specific context. Student can find much static knowledge on internet, but have to learn a “medical methodology” about how to use this large amount of knowledge. Evolution to a “task oriented model”, to help to solve patients health problems. Visual support of "Natural Intelligence". Focus on the relations between medical concepts. Intended for the training of students. Mind synchronisation between the members of care teams across Internet Michael Hunger Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 01:00 H.3227 gnu_radio_bof GNU Radio Meeting Let's talk about the future of GNU Radio BOFs (Track A - in H.3227) bof This is your chance to meet with key GNU Radio developers and help guide the future directions of GNU Radio development Philip Balister Submit feedback 10:30 00:20 AW1.120 ode_odf_toolkit Status of the Apache ODF Toolkit (incubating) Open Document Editors devroom Svante Schubert Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:50 00:20 AW1.120 ode_odf Working in the ODF TC Open Document Editors devroom The talk introduces you to the work of the ODF TC. This includes insights into day-to-day work and also takes into account the developers' relationship to the ODF standard. Regina Henschel Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:10 00:30 AW1.120 ode_signature_lines Improvements around document signatures and encryption Signing and encrypting with OpenPGP, adding signature lines Open Document Editors devroom Samuel Mehrbrodt Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:40 00:20 AW1.120 ode_doc_convergence Documentation convergence project for LibreOffice Make just one documentation for all Open Document Editors devroom LibreOffice like other office suites, is a sophisticated, ubiquitous and complex end-user application, that demands good documentation to continue its strive. The current situation for LibreOffice documentation is that producing contents is still a lenghty and hard task, often requiring rework depending on different sort of publiccation needed. In this presentation, we will summarize the efforts done so far within the LibreOffice ecosystem and make the point on the need for a different approach to make the LibreOffice documentation an element of communty gathering and contribution, extending the range of the quality of the software. Complex softwares for end-users like office suites or desktop environment, to name a few, are impacted in their adoption because of the need to educate and train users to the new tools. Undocumented software raise a set of issues that prevents broad adoption by the organizations or governments, and leave brilliant ideas and features into obscrurity. The Document Foundation and it's flagship software LibreOffice, as well as other FOSS communities needs to address the issue of making the end-user documetnation broadly available and updated. On the other hand, end users being part of the software community, are often eager to collaborate and contribute to the software documentation, but hit a quite steep entry barrier because of the development skills need in editing software help files or on advanced word processing skills for editing a guide with the software. Also, Q&A-shaped web services, wikis and dynamic multimedia documentation also bring challenges to documentation because of the need for accuracy and update. The purpose of the presentation is to deliver a vision on the optimal documentation production for complex end-user softwares, that will address several documentation issues existing in the FOSS business and community envoronment. We call this Project Convergence. Here is waht we foresee: <ul> <li>Address the reduction of documentation rework, issues by the multiple publishing medias, such as online reading, printed guides or multimedia documents</li> <li>Have its contents editable by a large set of contributors, under proper security, and with the easiest way to add contents, so new contributors can quickly add contents instead of learning obscure features of the file markup.</li> <li>Be computer-aided-translation (CAT) friendly, to reach the broader public around the world in whatever language.</li> <li>Synchronized with the latest developments of the software, thus reducing the gap between development and documentation.</li> </ul> We will also present our latest development in the documentation tools of LibreOffice, in the effort to evolve technologically and benefit of the develpment of the web and invite for discussion all documentation leaders of similar software projects. Olivier Hallot Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:20 AW1.120 ode_localization Anatomy of the OpenOffice localization process And how to improve it in future Open Document Editors devroom Even a simple typo correction has to travel a long journey from the OpenOffice User Interface to the source code, to the translation team and all the way back into the new release. We will explore the involved process, tools and how the process can be streamlined. Andrea Pescetti Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:30 AW1.120 ode_antipatterns Antipatterns in OpenOffice Code How can we ensure better Code Open Document Editors devroom Whenever I tried to look through Open Office Code I see the same Issues in Code I see in my consulting work. I would like to go with the Audience through some of the basic Antipatterns of coding. In a presentation I will define those basic Antipatterns. I will give some reasons I have seen in my professional work why they occur and they seem to be true in Open Office, too. In the last phase we will transit into a discussion about how avoid these issues, and how we can reflect on these Issues. My Idea is to have 15 Minutes Presentation and 15 Minuts discussion. Language will be in english, as good as my english is. :) Peter Kovacs Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:50 00:20 AW1.120 ode_base BaseDocumenter LibreOffice Base applications: how to document them, how to manage and analyze impacts of changes Open Document Editors devroom BaseDocumenter will be published (under the GPLV3 license) during the first half of 2018 as an extension/plugin of LibreOffice. The software scans Base applications (tables, queries, forms, scripts, ...) and collects everything useful to support the application designer and to improve the dialog with the end-user. A special focus is set upon impact analysis, i.e. how to cope with design changes and what-if situations. SQL and Basic scripts are parsed. An SQL beautifier is also included. The documentation is made available as a set of static HTML pages. All dependencies between objects ("query X uses table Y", "table Y is used by query X") are made visible by hyperlinks. This makes browsing thru the documentation particularly efficient. Jean-Pierre Ledure Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:20 AW1.120 ode_accessibility Accessibility 101 (not only) for LibreOffice developers Open Document Editors devroom This talk will take you through the basics of a11y in a desktop application, using LibreOffice as an example. Starting with basic terminology (mnemonic widget? accessible label?), we'll discover building blocks of a11y in desktop environment, have a look at the sources of most common mistakes developers make when they don't include a11y-awareness into their development process and how to fix them. We'll also show the ways how anyone (even those with little or no knowledge of programming) can contribute to improving a11y ... not only in LibreOffice. Thorsten Behrens Katarina Behrens Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:50 00:20 AW1.120 ode_testing Maintaining accessibility through testing? Open Document Editors devroom Accessibility in free software has been much improved between 2004 and 2009 thanks to Sun, which massively invested for it. Since it has disappeared, big free software projects have experienced many regressions in this matter. Some of their maintainers consider that there is not enough money to deal with the matter. Given the complexity of code such as Libreoffice, and given the status of accessibility of software in modern society, it becomes impossible to invest millions of euros to pay for someone who would fix current bugs and track future ones in millions of code lines, through hundreds of commits, and permanently. All the more since beyond this task, a paid expert should rather work about improvements of assistive technologies themselves and pipes (at-spi, atk), instead of fixing miscoding of unaware developers. So, to hope a free and accessible software, major projects need to take responsibility of this. Non-regression tests could be a way to make this duty lighter, even if not a complete solution. What kind of tests could be set? Samuel Thibault Hypra company supporting the work Slides and stuff Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:20 AW1.120 ode_customizing Maximizing UX for Customizing Improving user experience and accessibility of LibreOffice's Customize dialog Open Document Editors devroom Past, present, and the future of LibreOffice's Customize dialog. You can customize menus, toolbars, context (right-click) menus and keyboard shortcuts in LibreOffice, add new menus and toolbars, and assign macros to events. In the past, the Customize Dialog was providing many ways to change how LibreOffice looks and behaves, but it was not very usable, and it was in need of a revamp. Starting with GSoC 2017, we started a journey to modernize the Customize dialog to make it more usable, fully accessible, and less buggy. I will try to present a summary about the journey so far, and the plans for the future. Muhammet Kara GSoC Final Submission report: Revamp the Customize Dialog Initial proposal by the LibreOffice Design Team Design Session for GSoC’17 Customization Dialog Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:20 AW1.120 ode_fonts Proposal for better font handling in LibreOffice Open Document Editors devroom The LibreOffice' bugtracker lists hundreds of tickets regarding fonts. Besides rendering issues many tickets are related to what is bundled, how missing fonts are substituted, and how to deal with installed fonts. The talk will give an overview of the problems, shows how competitors solve it, and presents a proposal to improve LibreOffice. Heiko Tietze Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:50 00:20 AW1.120 ode_gtk3 Native GTK3 UI progress from gtk3 themed vcl widgets to native gtk widgets Open Document Editors devroom Caolán McNamara Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:10 00:30 AW1.120 ode_uri LO URI 101 Open Document Editors devroom This talk will be a short refresher on the various functionality available in LibreOffice for (textual) URI processing. For historical reasons, that functionality is more arcane and error-prone than it needs to be. We will be looking at the typical pitfalls and fixes. Stephan Bergmann Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:20 AW1.120 ode_draw_part2 Hidden Gems in Draw/Impress Part 2 Functionalities you didn‘t even know that you might need or did exist Open Document Editors devroom The Open Office Editors have a long history and mighty tools in their Draw/Impress applications. Due to the long development history, and the always changing UI of software, some of these mighty tools/helpers are pretty hidden nowadays. The Presentation gives an introduction over very useful Tools/Helpers in the current LibreOffice and how to use them to your advantage. There will be a short, abstract overview, but the main part will be demonstrating/presenting these tools in direct usage. This presentation is an advanced version of the original presentation held at the LibreOffice conference 2016 in Brno. Due to the huge echo I got from the first presentation, I decided to refine it and offer it at FOSDEM this year. Armin Le Grand Link to original slides Link to original video Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 AW1.120 ode_arithmetic Calc: The challenges of scalable arithmetic how threading can be challenging Open Document Editors devroom We had a number of interesting problems threading the Calc computation core, come and see how we addressed many of them and checkout the result. Come and hear the story of how we threaded the Calc core to get some great efficiency wins on the new deeply threaded Ryzen era. Hear about the rather complicated Calc-ulation core, and see how we used tool to profile and optimize from cachegrind, oprofile, perf and many others. Discover some of the challenges of spreadsheets, why it's perhaps not quite as simple as you might hope, see how we tried to make this maintainable and test-able. <pre><code>Checkout the feeds and speeds, and help advise us on how we </code></pre> can improve concurrency and scalability for your particular use-case and how you can involved contributing to Calc. Michael Meeks Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:20 AW1.120 ode_epub_export EPUB export in LibreOffice Writer Open Document Editors devroom LibreOffice Writer was always capable of exporting your document in a portable way in the form of the PDF filter. Today in the age of tablets, smart phones and e-readers, many users read reflowable content in EPUB, which is the new PDF to some extent. LibreOffice Writer 6.0 has now basic and 6.1 will have improved EPUB export support. This work is done by integrating the libepubgen Document Liberation library and by improving both the library and LibreOffice itself along the way. Come and see how it's implemented, where are the still rough edges and how you can help. Miklos Vajna Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:50 00:20 AW1.120 ode_dialog Dialog tunneling in LibreOffice Online Open Document Editors devroom Come and hear how we are bringing the advanced LibreOffice desktop functionality to the Online! LibreOffice on the desktop is very feature packed office suite. One of the complaints that power users make in Online is that it lacks many of them: they cannot add colored borders in their paragraphs, manage tracked changes/comments, correct the spelling and grammar in the document, etc. The question is how do we bring these functionalities to the cloud at your disposal in your browser tab? We at Collabora decided to come up with a plan to just tunnel all the hard work that developers have done for the past couple of decades: come up with appropriate infrastructure to open the dialog in headless mode, paint it as a bitmap in the backend, and tunnel the image to you in the browser. And then add life to them by tunnelling your mouse/key events back which will invalidate and update the new image you see in the browser. Of course we are not sending the whole dialog image back to your browser every time - only the part that needs updating in the dialog is sent back to the browser saving us precious time and network bandwidth improving your UX. Jan Holesovsky Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:10 00:20 AW1.120 ode_haiku LibreOffice for Haiku Port status Open Document Editors devroom A short overview of what Haiku is, history of how this LibreOffice port came to be, challenges involved and what is its current status. Kacper Kasper Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:20 AW1.120 ode Good things come to those who wait - BorderFrames and WriterGraphics Armin will hold this talk Open Document Editors devroom Thorsten Behrens Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:50 00:20 AW1.120 ode_overview LibreOffice QA - One Year Overview What have happened between FOSDEM17 and FOSDEM18 Open Document Editors devroom Xisco Fauli Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:10 00:20 AW1.120 ode_automatic_updater LibreOffice's automatic updater work A progress report Open Document Editors devroom Work on the automatic updater for LibreOffice has progressed and daily builds with the updater are provided already for Windows and Linux. However, the updater will not be available in the 6.0 major release. We will explain how the updater works, which problems have been addressed already and what still needs to be done. The LibreOffice automatic updater currently under development is based on the Mozilla mar updater code. The integration of the code was started as a GSoC project in 2015 and has seen more work since the end of 2016. Since mid of 2017 daily builds are available that contact the new LibreOffice update server and provide automatic updates. The distributed updates include full updates as well as differential updates depending on the age of the builds. During the talk we will start by discussing the updater server infrastructure and show how the new code allows to collect a number of metrics that help the whole project. Next, the client side with the integration of the mozilla based mar code will be discussed. This includes the already existing features and an explanation how existing updater builds are already generated. Finally, the challenges that are still ahead will be shortly outlined, including a short demo showing the new MSI update file generation code. Markus Mohrhard Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:30 00:30 AW1.120 ode_lightning_talks Lightning talk session Come and tell us your most recent hack - in 5 mins! Open Document Editors devroom Thorsten Behrens Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:25 AW1.121 debugging_tools_cachegrind CANCELLED Simulating Multilevel Caches in Cachegrind Modelling L2 and L3 CPU caches separately in Cachegrind for both x86 and ARM architectures for performance profiling of Isambard HPC system Debugging tools devroom Please note that this talk has been cancelled as the speaker is no longer able to attend FOSDEM. See http://staff.bath.ac.uk/masjhd/MattColes.html for more background on the project. Systems with large amounts of multi-level cache available require the ability to profile cache performance at each layer, as there remains a significant performance disparity between L2 and L3 caches. An example of such a system and the focus of this work is the new Cavium ThunderX2 supercomputer at the GW4 Isambard project. This paper intends to detail the methodology used to extend the capabilities of the Valgrind tool: Cachegrind. This extension will enable it to model both the L2 and L3 caches separately, as opposed to as a single last level cache. This support will be added for both the ARMv8 architecture, in order to model performance on the Isambard supercomputer, and in addition x86_64, for comparative purposes. As a result of this extension, the Isambard project will be able to optimise frequently used programs, in order to reduce CPU time used and therefore improve throughput on the system. 1) Current state of Valgrind, Cachegrind (possibly state of ARM?) 2) Adding the extra cache layer 3) State of Thunder X2 valgrind/cachegrind Matthew Coles Submit feedback 11:00 00:25 AW1.121 debugging_tools_valgrind_regalloc Valgrind register allocator overhaul Debugging tools devroom Register allocator is a key component in Valgrind's VEX subsystem. Superficially it only translates virtual registers to the real ones. But is that really all? What actually happens under the covers, what algorithms are at play here and what are the constraints under which it operates? Last year, a major overhaul of the Valgrind VEX register allocator has been done, resulting in a new version v3 which is now used by Valgrind. In addition to a new design, new register allocation algorithms have been also implemented, producing faster and smaller code. A brief introduction to Valgrind VEX subsystem will be given, to put the register allocator component and its interfaces into context. Then the operation of register allocator v3 will be presented in an illustrative way, including major data structures. Code snippets from amd64 and aarch64 architectures will be used for examples. Brief comparison with v2 will be also given. After that, several algorithms will be described which contribute to the success of v3; again showing their operation on graphics. Finally there will be some time for discussion and feedback gathering. Ivo Raisr Video recording (mp4) Video recording (WebM/VP9) Live slides Submit feedback 11:30 00:40 AW1.121 debugging_tools_memcheck Valgrind's Memcheck tool vs Optimising Compilers Keeping the false positive rate under control Debugging tools devroom The ongoing work to improve the accuracy of definedness tracking in the face of newer more aggressively optimizing compilers. Valgrind's Memcheck tool reports various kinds of errors. One of the most important ones are those where an if-conditions or a memory address uses undefined data. To do this, it tracks the definedness of every bit in the process, and "follows" any undefinedness through arithmetic operations (Add, Sub, Mul, Or, Xor, etc). This tracking is expensive and so Memcheck makes compromises, trading off exactness for speed. That has worked well for many years. However, as compilers become more aggressive, this works less and less well. In particular, Memcheck now often reports false errors in optimised code from GCC 6, Clang 4, and later versions. This is a problem because one of Memcheck's main strengths is the accuracy of its analyses. In this talk I'll present my ongoing work to improve accuracy of definedness tracking. I'll mostly talk about various examples involving integer addition and comparisons, and will avoid gory details of Memcheck's internals. I'll also show two problems to which I have no solution. The talk should be accessible to anyone with some familiarity of basic integer arithmetic (add, sub, and/or/xor, etc) and is curious about how undefinedness "flows" through these operations. If you like maths and proving simple theorems, you might enjoy this talk too -- and we'd like to talk to you! Julian Seward Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:40 AW1.121 debugging_tools_gdb_tools gdb tools: duel and @PrettyPrinter Debugging tools devroom This talk will describe two python extensions for gdb: @PrettyPrinter decorator — an easy approach to writing new pretty printers for your data, and DUEL — a high level data exploration language, a very powerful but easy way of examining complex data structures. Sergei Golubchik Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:05 00:40 AW1.121 debugging_tools_stracing_build Debug your build by tracing and reversing stracing your build from sources to binaries Debugging tools devroom Can you tell exactly which source files are built into your binaries? Any sufficiently large build feels a bit like magic! Join me to explore how you can debug your build by stracing it and rebuilding a build graph of files and tools transformations. Some applications for this knowledge: <ul> <li>better control of which subset of the code you use and depend on.</li> <li>general build hygiene and debugging such as pruning obsolete or dead code.</li> <li>build optimization</li> </ul> And answer some questions such as: <ul> <li>if a file is really used or not and where it is used and what for.</li> <li>how it was compiled and combined</li> <li>what are your build dependencies.</li> </ul> I will present a TraceCode, a FOSS tool that uses build-time syscalls tracing to reconstruct your build graph. Using build tracing with strace (disclaimer: I am a small-time contributor to strace ), you capture a complete trace of all the systems calls happening during your build. The trace is then parsed and processed to reconstruct the build graph of your binaries as a directed graph of files transformations over tools such as code generators, scripts, compilers, assemblers, linkers, etc. This requires NO modification of your build at all. The graph can then be analyzed for fun and profit, including creating fancy dot graphic visualizations and can help understand exactly which files were built, by what and how they were transformed in multiple steps from sources to your final binaries. As a bonus, I will also present new FOSS extension that perform similar build reversing but using static analysis only. Philippe Ombredanne TraceCode AboutCode projects Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:50 00:25 AW1.121 debugging_tools_strace_features strace: new features Debugging tools devroom strace is a diagnostic, debugging and instructional utility for Linux. It is used to monitor and tamper with interactions between processes and the Linux kernel, which include system calls, signal deliveries, and changes of process state. In this talk the maintainer of strace will describe new features implemented since FOSDEM 2017. In 2017, several interesting features were implemented within strace project, including * syscall specification improvements: new syscall classes, regular expressions, conditional expressions; * detailed parsers of netlink protocols; * advanced syscall filtering syntax; * advanced syscall tampering and filtering with Lua; * asinfo: advanced syscall information tool; * gdbserver backend. In this talk the maintainer of strace will describe these new features and demonstrate what kinds of problems they help to solve. Dmitry Levin strace homepage source code @sourceforge source code @github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:25 00:25 AW1.121 debugging_tools_ftrace Debugging realtime application with Ftrace Debugging tools devroom Introducing Ftrace and using it for Linux realtime application Ftrace (Function Tracer) is a very famous tracing/debugging tool. It is built directly into the Linux kernel and most of standard distributions already have various configurations of Ftrace enabled in their most recent releases. One of the benefits that Ftrace brings to Linux is the ability to see what is happening inside the kernel with a large number of 'tracers' (function or events) . <ul> <li>kernel function calling tree and timestamps</li> <li>kernel events (such as processus wakeup or switch)</li> </ul> As such, this makes finding problem areas or simply tracking down that strange bug more manageable. Ftrace's ability to show the events that lead up to severe problem gives a better chance of finding exactly what caused it and can help the developer a lot. API to talk with Ftrace is located in a Debugfs file system. typically mounted at /sys/kernel/debug. You can also use 'trace-cmd' utility for easier access. After a brief history and introduction about tracing tools (SystemTap, eBPF, LTT-ng, ...) we will (briefly) talk about Ftrace internals and describe main features : <ul> <li>installing it on embedded distribution such as Buildroot or Yocto (ARM platform)</li> <li>tracing kernel functions (function, function_graph)</li> <li>kernel messages (trace_printk)</li> <li>markers (trace_marker)</li> <li>events</li> </ul> After describing a simple use-case for a kernel driver we will focus on events and use trace-cmd on "realtime" application running on standard Linux then PREEMPT_RT (ARM). We will compare performances of a POSIX based periodic task using SCHEDFIFO or SCHEDOTHER on both kernel and finally generate graphs with GNU-plot. Pierre Ficheux https://www.kernel.org/doc/Documentation/trace/ftrace.txt https://elinux.org/Ftrace Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:55 00:40 AW1.121 debugging_tools_dtrace DTrace for Linux Debugging tools devroom DTrace for Linux DTrace is a dynamic tracing tool that allows kernel and userspace tracing in operating systems. It was first implemented for Sun's Solaris and later adopted by other operating systems (Mac OS X, BSD). The Linux port is still ongoing. In this talk, I would like to introduce the D language and its features. After a brief introduction the talk will focus on the architecture of the DTrace itself. Last part of the talk will be focused on the current status of the project. DTrace is able to process data directly in kernel like eBPF. This allows us to perform some actions at the time an event has occured rather than during post processing of the records later in userspace. It allows also more precise selection of events of interest. It is possible to use DTrace in many use cases: <pre><code>- A kernel hacker may precisely monitor the Linux kernel - A system administrator might use DTrace as an underlying technology for observing system behavior. - Participation in distributed tracing of complex scenarios </code></pre> I would like to show some real life examples how DTrace can be used to inspect running system or as source for external telemetric system. There are many tracers in the Linux world today with different aproaches to achive their goals. One way to group them depends on when the data processing happens. DTrace is a predecessor of eBPF. The difference is that eBPF alone is not easy to handle from user perspective. For that purpose a BCC project has started that provides compiler and runtime libraries based on llvm to allow end users write tracing tools in high level languages (C/Python). DTrace is based on D language (DTrace own language) and has its own compiler built-in. This does not require any high-level language skills or extra tools to start using DTrace. Tomáš Jedlička Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:40 AW1.121 dwarfpieces AMENDMENT DWARF Pieces And Other DWARF Location Woes Debugging tools devroom Some issues with the handling of DWARF locations, particularly DWARF pieces, will be outlined. Some of GDB's bugs in this area, both fixed and open ones, will be discussed. The talk mainly addresses developers of DWARF consumers such as GDB. Please note that this talk replaces one entitled "Introduction to kmemleak" that was due to have been given by Thierry Escande, who has sent his apologies but is now unable to attend. <ul> <li>Outline / goals: <ul> <li>explain subtleties with DWARF pieces;</li> <li>outline GDB's DWARF piece handling issues, both fixed and open;</li> <li>touch on some other DWARF location issues;</li> <li>discuss thoughts on how to fix the remaining GDB issues.</li> </ul> </li> </ul> Andreas Arnez Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:40 AW1.121 debugging_tools_dwarf5 DWARF5 and GNU extensions New ways to go from binary to source Debugging tools devroom After several years a new DWARF debugging standard, DWARF5, has been released that incorporates various GNU extensions that allow to better express how to map various binary constructs created by optimizing compilers back to the original source code while reducing the size of the debugging information. This results in more expressive debuginfo, but also introduces more complexity that DWARF consumers need to deal with. We will go over the existing GNU Extensions to DWARF, how they were adopted by DWARF5, and describe how debug consumers can take advantage of them. To reduce space a lot of different strategies are being used. Separate .debug files, .gnu_debuglink, build-ids, compressed ELF sections, debug types in ELF COMDAT sections, the Dwarf Compressor DWZ .multi files, DWARF Supplementary Object Files, GNU Debug Fission, split-dwarf .dwo files, DWARF Package Files .dwp files. The basic structure of describing a program with a tree of Debug Information Entries (DIEs) with attributes per compile unit augmented with some auxiliary data structures to map to source files, describe macros used in the source and get call frame information hasn't fundementally changed between DWARF version 2 and version 5. But the hierarchy of the representation and where the bits are stored has become much more complex. It is no longer possible to just see the DWARF descriptions as a fancy symbol table which can be simply indexed through some offsets. It has also become much more expressive than that. Mark Wielaard DWARF GNU Extensions DWARF Debugging Standard Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:15 00:40 AW1.121 debugging_tools_rust Rust versus DWARF versus LLVM Debugging tools devroom Rust presents new challenges for the debugging ecosystem. This talk will cover some debugging peculiarities of Rust and how we plan to solve them. Rust is a new systems programming language from Mozilla. Debugging Rust requires new capabilities from LLVM, from debuggers, and even DWARF. This talk will cover some of the difficulties presented by Rust, and will describe ongoing work to fix these problems in DWARF, LLVM, lldb, and gdb. Tom Tromey Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:40 AW1.121 debugging_tools_infinity Infinity Debugging tools devroom Infinity is a platform-independent system for executables and shared libraries to expose functionality to debug, monitoring, and analysis tooling. It grew from a need to be able to debug multithreaded applications without requiring libthreaddb. Other systems exist that use the libthreaddb paradigm, for example librtld_db and OPMD; Infinity was designed to replace this entire class of library-tool interface with something more portable and robust. Covers: * What is Infinity? * Motivation for creating it * Status of tooling and glibc/GDB integration * Mini code walk through (libthread_db vs Infinity) * Demonstrations! * Potential future uses Gary Benson Video recording (mp4) Video recording (WebM/VP9) Slides (HTML) Submit feedback 10:30 00:30 AW1.125 ada_arrival Arrival & Informal Discussions Ada devroom Feel free to arrive early, to start the day with some informal discussions while the set-up of the DevRoom is finished. Dirk Craeynest More info on Ada-Belgium web site Submit feedback 11:00 00:05 AW1.125 ada_welcome Welcome Ada devroom Welcome to the Ada Developer Room at FOSDEM 2018, which is organized by Ada-Belgium in cooperation with Ada-Europe. Ada-Belgium and Ada-Europe are non-profit organizations set up to promote the use of the Ada programming language and related technology, and to disseminate knowledge and experience into academia, research and industry in Belgium and Europe, resp. Ada-Europe has member-organizations, such as Ada-Belgium, in various countries, and direct members in many other countries. More information on this DevRoom is available on the Ada-Belgium web-site. Dirk Craeynest More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:05 00:45 AW1.125 ada_introduction An Introduction to Ada for Beginning and Experienced Programmers Ada devroom An overview of the main features of the Ada language, with special emphasis on those features that make it especially attractive for free software development. Ada is a feature-rich language, but what really makes Ada stand-out is that the features are nicely integrated towards serving the goals of software engineering. If you prefer to spend your time on designing elegant solutions rather than on low-level debugging, if you think that software should not fail, if you like to build programs from readily available components that you can trust, you should really consider Ada! Jean-Pierre Rosen More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:50 AW1.125 ada_drivers Making the Ada_Drivers_Library: Embedded Programming with Ada Ada devroom The Ada programming language was designed for embedded programming and it is well known in the aerospace domains and in general every domain where failure is not an option. Unfortunately it is not used a lot in the embedded FOSS community. In the past two years, AdaCore worked to promote the use of Ada in the FOSS community, in particular for embedded programming with the "Make with Ada" blog post series, my "Programming is Too Difficult for Humans" interview for the Embedded.fm podcase, "Ada Driver Library" blog posts on "ARM Community", or the "Make with Ada" embedded software project competition. In this 45 minutes lecture I will: give a short introduction of Ada for embedded and how its features (programing by contract, strong typing, representation clauses (hardware mapping), OOP, static compiler checks and optional run-time checks) can help improving the development time, maintenance and quality of FOSS embedded projects; present the AdaDriversLibrary project, where we put all those features in practice to develop micro-controller device drivers in Ada; make a quick getting started demo; present some of the best projects from the "Make with Ada" competition. Fabien Chouteau More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:20 AW1.125 ada_parallel Shared Memory Parallelism in Ada: Load Balancing by Work Stealing Ada devroom Tasking in Ada provides an effective tool for shared memory parallelism. For coarse grained regular parallelism, load balancing works with one single job queue. For finer grained and irregular parallelism, work stealing balances the load with multiple job queues. The programming concepts will be illustrated with examples of algorithms in polyhedral geometry. The demonstrated code belongs to the free and open source PHCpack, at https://github.com/janverschelde/PHCpack. Jan Verschelde More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:20 AW1.125 ada_safety Ada, or How to Enforce Safety Rules at Compile Time Ada devroom This is a real life story of a mixed criticality system, where a proper usage of Ada's features for controlling visibility allowed a provable enforcement of the segregation rules at compile time: any violation would simply not compile. Jean-Pierre Rosen More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 AW1.125 ada_contracts Contract-based Programming: a Route to Finding Bugs Earlier Ada devroom Contract-based programming is a software development technique, where you include assertions of program properties as a part of the compiled source text. In the strict form, the assertions are checked at compile-time, but in this presentation I will focus on the more common, less strict, form, where at least some of the assertions aren't checked until run-time. Ada gives us a lot of help, so we can write the our assertions about the program properties once, and then have the compiler insert actual run-time checks wherever there is a possibility that the assertion is violated. This presentation will focus on how we can write these contracts in Ada in a way that make them effective at ensuring that our source text does what we intend it to and allow the compiler to generate efficient checks of the assertions. The intended audience is anybody with enough programming experience to know concepts like types, encapsulation and packages. Having tried to write Ada before will be a benefit, but it isn't a requirement. Jacob Sparre Andersen More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:50 AW1.125 ada_spark SPARK Language: Historical Perspective & FOSS Development Ada devroom SPARK started in 1987 as a restricted subset of Ada 83, defined by its own grammar rules. The overhaul of the language and toolset starting in 2010 increased greatly the language subset, dropping in effect the need for separate grammar rules. Since then, SPARK has progressively adopted most of the Ada features, to a point where the last remaining non-SPARK significant Ada feature today is pointers. We have started work on including safe pointers in SPARK, borrowing the ideas of pointer ownership from Rust. So one can legitimately wonder what difference remains between SPARK and Ada. In the first part of this talk, I will lay out the principles that have guided us through the inclusion of language features in SPARK since 2010. I will describe in particular the trade-offs that we considered for support of important features like recursion, types with non-static constraints, generics, object orientation, concurrency. I will give a preview of the support envisioned for pointers in SPARK. So that the distinction between Ada and SPARK appears clearly: it's not about quantity, it's about safety and security. In the second part of this talk, I will give a tour of FOSS projects which are using SPARK today: Aida, Certyflie, Muen, PolyORB-HI, Pulsar, StratoX, Tokeneer. For each one, I will describe at which level of assurance SPARK is used, with how much efforts and for which benefits. Then I will focus on the largest one, Muen, an x86/64 separation kernel for high assurance. Finally, we will look at the resources which are available to the community for FOSS development in SPARK. Yannick Moy More info on Ada-Belgium web site Download SPARK Discovery Try SPARK Online Learn SPARK SPARK User's Guide SPARK 2014 site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:50 AW1.125 ada_restapi Writing REST APIs with OpenAPI and Swagger Ada Ada devroom The OpenAPI specification is an emerging specification to describe RESTful web services. The Swagger suite is a collection of tools to write such API descriptions and have the code generated in more than 29 languages, including Ada. The presentation will describe how to write a REST operation with OpenAPI, generate the Ada client with Swagger Codegen and use the generated code to interact with the server. We will also describe the generated Ada server code and how to implement the server side and run a complete REST server. Stephane Carrez More info on Ada-Belgium web site Swagger Ada (GitHub) Todo client and server in Ada (GitHub) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:50 AW1.125 ada_gnoga Browser-as-GUI and Web Applications with Gnoga Ada devroom Gnoga is an all-Ada library that uses the features of modern web browsers as a portable GUI. The program may run on the same computer as the browser, or on a server over the internet. Participants will be introduced to using Gnoga to create such programs. A singleton version of the Random_Int demo program will be used to demonstrate the use of Gnoga as the GUI for a program running on the same computer as the browser. Random_Int is a very simple program that generates (pseudo)random integers in a user-specified range. The Chattanooga demo is a text-chat server program allowing people to chat on line. It demonstrates the use of Gnoga to create web applications. A secure version of Chattanooga can sometimes be accessed at https://chat.gnoga.com/. (The certificate for this site has expired, but can still be used to ensure encrypted communication with the site.) After installing Gnoga, the demos are available in the demo directory. More information about Gnoga may be found at gnoga.com, especially the Tools page. Jeffrey R. Carter More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:20 AW1.125 ada_tooling Easy Ada Tooling with Libadalang Ada devroom A lot of developers consider that a language is only as good as the tooling that accompanies it. Ada has been conceived as a language pretty well amenable to tooling, yet the tooling offer besides AdaCore's is not very extensive, at least when compared to other languages like Java, despite the existence of the ASIS project (Ada Semantic Interface Specification). One of Libadalang's aims is to help solve that by providing an easy way to build new Ada-aware tools. Libadalang is a library that allows the user to query information about Ada code, including: Syntactic information. Query the token stream, the syntax tree, find syntax patterns, etc. Semantic information, such as which declaration an identifier references, the type of expressions, all references to a declaration, etc. In addition, one of the aims is to allow the users to modify the trees, and propagate the changes to the source. This talk will go over what Libadalang can already do today, how it differs from ASIS, future plans for the library, and potential exciting use cases. Raphaël Amiard Pierre-Marie De Rodat More info on Ada-Belgium web site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:30 00:30 AW1.125 ada_wrapup Informal Discussions & Closing Ada devroom Informal discussion on ideas and proposals for future events. Dirk Craeynest More info on Ada-Belgium web site Submit feedback 10:30 00:25 AW1.126 microkernel_mh_everything_is_a_device Everything is a device! Lessons learned from experimenting with MH Microkernels devroom MH is a personal effort to build systems based on a single, almost arbitrary, abstraction: the device. The original idea was that having a system with a limited, but easily understandable interface would allow to build systems that are easy to grasp and fun to extend. This talk will tell about the experience of designing MH, the lessons learned, errors made, and what using and playing with such system looks like. Gianluca Guida The MH microkernel Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:05 00:30 AW1.126 microkernel_genode_gpu_multiplexing GPU resource multiplexing in component based systems Microkernels devroom Through the introduction of new hardware features in recent GPUs it becomes feasible to implement proper isolation between different graphics applications. In this talk we will present a user space GPU multiplexer solution for Intel Gen8+ that takes advantage of those hardware features. It supports the concurrent execution of multiple 3D applications, while still retaining a low code complexity. Furthermore, we will give an holistic overview of the inner workings of a modern graphics stack. Sebastian Sumpf Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:45 00:30 AW1.126 microkernel_hurd_pci_arbiter Hurd's PCI arbiter Microkernels devroom One of Hurd's goals is to isolate hardware drivers, to provide flexibility and safety, by isolating drivers' possibly erratic behavior, delegating driving hardware to unprivileged users, etc. We are thus currently working on a PCI arbiter, which allows to let different userland drivers access PCI devices concurrently, while paving the way for fine-grain per-user, per-session, etc. permission management over PCI access, the use of IOMMUs allowing to do that very safely. Samuel Thibault http://hurd.gnu.org/ http://www.debian.org/ports/hurd Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:25 01:00 AW1.126 microkernel_genode_live_sculpting Live sculpting a Genode-based operating system Microkernels devroom The talk demonstrates the Genode-based operating system as routinely used by the Genode developers. The starting point is a generic and fairly minimalistic base system, which is then live shaped into different forms using a plain text editor. Along the way, many features of Genode come into play, eventually forming a usable system. Over the past decade, the Genode OS Framework has evolved from a research prototype to a practical operating-system foundation. This is evidenced by the Genode developers who use the system day to day. Being a component-based system designed after the principle of least privilege from the very beginning, it breaks with many concepts that we take for granted in traditional operating systems, e.g., the central role of files. Instead, Genode introduces a novel way of composing system scenarios out of building blocks where the building blocks are able to cooperate without ultimately trusting each other. The composition of Genode systems used to be defined at system-integration time before booting the system. However, Genode also allows completely dynamic compositions where the system's behavior and structure can be changed at runtime. This ability is the basis for the use of Genode as a general-purpose OS. The talk introduces Sculpt, which is the designated blue-print for interactive and fully dynamic Genode systems. Norman Feske Genode OS Framework Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:35 00:45 AW1.126 microkernel_era_of_datra_centric_computing Microkernels in the Era of Data-Centric Computing Microkernels devroom During the history of digital computers, the majority of mainstream computer systems we designed as CPU-centric. All the data that the computer processed always passed through the main memory in one way or the other and the code running on the CPU manipulated with the data, directly on indirectly. Even DMA controllers, co-processors, GPUs and intelligent NICs were used just as slave peripherals, although with some degree of computational off-loading in the recent years. One of the reasons for keeping the same basic architecture despite its drawbacks such as the ever-widening memory barrier (i.e. the difference between the latency of the CPU and the RAM) was arguably its conceptual simplicity. However, trends for a major change in the status quo are finally emerging into the mainstream. These new architectures, often called data-centric computing or near-data processing, propose to turn an ordinary computer into a distributed system where the distinction between the CPU, main memory and peripherals is much more blurry. Components such as individual DRAM chips, flash memory chips and NICs should have autonomous computing capabilities and the possibility to interchange data between other components without the involvement of the main CPU. This talk will present a brief overview of the concepts and discuss the consequences for operating system designs, especially regarding microkernels. Martin Děcký Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 AW1.126 microkernel_toro_reducing_cpu_usage Reducing CPU usage of a Toro Appliance Microkernels devroom Toro is a x64 kernel that dedicates all system resources to the embedded user application. The result of the compilation of Toro is an image that contains both the kernel and the application. The kernel image can be booted by all majors hypervisors Hyper-V, KVM, VMWare ESXi, and emulators Qemu, VMWare WorkStation, VirtualBox. In these environments, the application runs directly inside the kernel without the need of a general purpose operating system. In this talk, I will present recent experimentation in which the scheduler of Toro is optimized to reduce the CPU usage of a VM. It has been identified three cases in which the scheduler can be optimized to reduce the impact of idle loops. To validate these techniques, I will present the impact of the improvements on a live running Toro VM on top of QEMU and Hyper-V. Open questions are welcome throughout the session to discuss the benefits and drawbacks of this approach but also take-away lessons. Matias Vara Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:10 00:35 AW1.126 microkernel_l4re_rust Rust On L4Re Safe Language Meets Safe Microkernel Microkernels devroom Rust is a modern systems programming language with compiler-enforced memory-safety guarantees, safe concurrency and a powerful type system. L4Re offers safety features on the operating system level through isolation and virtualisation. Both together can form a unique combination for reliable and secure services. In this talk, I will present my port of Rust to L4Re and discuss some of the challenges of integrating the compiler Rustc into a different build system. I will also discuss future work on how to apply Rust's strong type system to L4Re IPC. Sebastian Humenda Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:55 00:30 AW1.126 microkernel_lightning_talks AMENDMENT Lightning talks Microkernels devroom Random microkernel-related lightning talks to replace the canceled talk 'Rux: Development of a Hobbyist Rust Microkernel' <ol> <li>Philipp Eppelt: EXPLOIDS</li> <li>Jiří Zárevúcky: WebAssembly as a safe universal platform</li> <li>Matias Vara: Toro running on the cloud (demo)</li> </ol> Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:35 00:45 AW1.126 microkernel_helenos_capabilities Towards capabilities in HelenOS The elephant in the room Microkernels devroom Capabilities can be found in most modern microkernel-based systems. Sometimes the capability pattern is masqueraded under a different name though. In this talk I will tell the story of how HelenOS unwittingly started with a primitive capability system embedded in its IPC, how it evolved into the present state in which capabilities are used as task-local names for an increasing amount of user-visible kernel objects and where this might lead in the future. Jakub Jermář HelenOS home page HelenOS on GitHub Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:45 AW1.126 microkernel_genode_user_level_networking User-level networking on Genode Microkernels devroom Networking became a prominent aspect in Genode over the years. As common for microkernel-based systems the whole networking infrastructure, down from the drivers up to the socket implementation resides in the userland and comes in cleanly separated building bricks. Today, the framework provides various such building bricks to be combined into an individual solution for each use case. This includes components like an L2/L3-router component with NAT and DHCP functionality, a network-bridge component, a socket-filesystem server using VFS, NIC and Wifi-drivers, as well as libraries like the Lightweight IP and the Linux IP stack. The talk shall give an overview about the design of this ecosystem, how it can be used, how it evolved, and, last but not least, discuss its future. Martin Stein Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:20 00:40 AW1.126 microkernel_l4re_hw_vs_os Why hardware and operating system engineers need to talk Microkernels devroom We want to share a couple of stories where hardware design choices designed to improve system security actually turn out to provide the contrary. This especially becomes prevalent in modern microkernel systems where the workaround for these design choices strongly contradicts the goal to reduce complexity. Matthias Lange Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 K.3.201 pulp3 Pulp 3 - Simpler, Better, More awesome Package Management devroom Pulp is a platform for managing repositories of software packages, but it can store any kind of binary data (e.g. cat photos). The core provides a REST API and manages files, but the real value for users is delivered by the plugins which allows core to manage a content type like a cat photo. The upcoming 3.0 release of Pulp includes a relational database, a new REST API, and a semantically versioned plugin API. This talk is going to briefly explain how Pulp is used, highlight the technologies under the hood, demonstrate the REST API, and show off the plugin API that will be included in Pulp 3.0. Dennis Kliban Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 K.3.201 conan Packaging C/C++ libraries with Conan Package Management devroom Managing C/C++ dependencies has always been a pain, especially for cross platform projects. Conan is a portable package manager, mainly intended for C/C++, that makes library packaging possible (even pleasant!). After a brief presentation of Conan, I'll show how we're using it to deal with our new C++ project's dependencies. Last time I had to rebuild dependencies (for the new MSVC release) was horrible, it took me (only) a week! There were no build scripts for most of them, and I was a real newbie in dependency management. After hitting a lot of walls (e.g. MT vs MD, building Autotools-based projects on Windows, etc...), I swore never to go through that process again. I've decided to give Conan a try when a new project was announced. Within a couple of weeks, I've managed to build binaries for x86/x64, Debug/Release (including proper PDB packaging), shared/static, Windows/macOS/Linux. Integrating Conan to our CI system was trivial, upgrading a dependency is now a matter of minutes. First, I'll show how to create, upload, and install packages before diving into cross-compilation with Conan. Théo Delrieu Conan's documentation Conan github page Conan Website Tanker Website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 K.3.201 bazaarsandcathedrals The package bazaars and the cathedrals Compare and contrast distro and app package and dependency management practices and tools Package Management devroom A distro package environment such as Debian and a language-focused package environment such as npm may seem very similar at first. But underneath, they are very different in their goals, features and approach to create packages and manage dependencies. Some package management environments are bazaars and some are cathedrals. What does this mean? Join me for a tour of horizon to compare and contrast the goals and ways of key package package management environments: What's their purpose? How we use then and how they are meant to be used? How do they deal with dependencies differently and why? Who creates and uses the packages? A clear answer to these questions can help to better leverage these package environments, management tools and repositories or registries. Philippe Ombredanne AboutCode projects Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 K.3.201 debianopenbuild Open Build Service in Debian It is impressive how much time and resources a team can save Package Management devroom It is impressive how much time and resources a team can save by using the OBS to manages their packages creation and distribution. OBS is a generic system to build and distribute packages from sources in an automatic, consistent and reproducible way. Andrew Lee will cover the benefits of using OBS, explain some of it features and workflow for all your packaging and releasing needs, like automatically build package from scratch on multiple target distros and architectures, easy access through QA to the developer's repo to generate new images with the changes for testing before integration into the production repo, vcs-like workflow as branch code, send merge requests and review submissions and flexible to connect additional resources to empower the backend worker(builders) even with different architectures. At the end tips on how to setup and optimize OBS will be provided. Andrew Lee Open Build Service package in Debian. Previous talk at OSSNA Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 K.3.201 flatpak Introduction to Flatpak Package Management devroom Flatpak uses unprivileged Linux containers to install and sandbox desktop apps. It resembles traditional packaging systems like dpkg and RPM in some ways, but is very different in other ways. This talk will introduce Flatpak's model for packaging, how and why it differs from traditional packaging systems, and how Linux operating systems can benefit from having both. Traditional packaging systems like dpkg work with small, granular packages with a web of interdependencies. Flatpak is intended for user-facing GUI apps ("leaf packages"), which each have a single dependency: a "runtime" that collects all the libraries that the app needs and doesn't bundle. Key topics: <ul> <li>The problems Flatpak sets out to solve: why traditional packages aren't always a good fit</li> <li>How Flatpak mitigates the problems associated with bundled libraries</li> <li>Avoiding data duplication and wasted space</li> </ul> This talk is intended for an audience of developers and sysadmins familiar with traditional packaging systems, but perhaps not the details of Flatpak. The same speaker will be giving a follow-up talk on Flatpak's relationship to distributions, in the Distributions devroom on Sunday. Simon McVittie Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 K.3.201 packagequalityassurance Package quality assurance Package Management devroom Today open-source is used in almost any software development cycle. We're able to deliver the best product to our customers faster than ever before. At the same time, nobody wants to sacrifice quality or the pace of production. We know a lot about software quality assurance, and we have tools to produce higher quality software. Could we use them to ensure the quality of the open-sourced solutions as well?A couple of years ago, I created a tool called Ossert. An experiment to asses the quality of every Ruby gem. While developing Ossert, I thought a lot about the quality of the open-source software. In this talk, I'll talk about my experience in making the quality of OSS measurable: how could it correlate with project maturity stage? The patterns of its community behaviour? Finally, I'll share the set of practices I created to asses the quality of open-source development processes. Dolganov Sergey Ossert experiment Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:30 K.3.201 spack How compilers affect dependency resolution in Spack Package Management devroom Spack is a general-purpose package manager, used on machines ranging from laptops to high performance computing (HPC) clusters. It supports packages in C, C++, Fortran, as well as many other languages, and it allows users to build many different versions of packages with different compilers, build options, dependencies, patches, and target architectures. Swapping a new compiler into a build may seem trivial, but this and other features in Spack add subtle constraints and complexities to the dependency model. We'll talk about modeling compiler runtime libraries in the DAG, compilers depending on other compilers, and how dependency resolution has to change for cross-compiling. We'll also touch on why all this is necessary for HPC environments, and how packaging has helped to enable new collaborations and software reuse across the scientific computing community. Todd Gamblin Spack website Spack github page Spack documentation with tutorial slides Recent podcast on OSS and supercomputing Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:25 K.3.201 packagemanagementovertor Package management over Tor Package Management devroom Tor has become a popular choice for privacy-oriented services such as the Debian project or Tails. Unfortunately, not many package management systems integrate Tor. In this talk, we will try to address this issue as we will walk through Tor-aware setup using pkgsrc from NetBSD. You will learn how to "go under the radar" when building packages from source and installing binary packages from your own hidden service. Alexander Nasonov Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 K.3.201 usingguix The many ways of using Guix packages A guide to which ways might suit you Package Management devroom The GNU Guix package manager offers some useful and exciting features and properties, but with this comes some options about how to make use of these. This talk will explore different ways in which Guix packages can be used, and what these different ways offer in terms of distributing, reproducing, versioning and isolating packages. Christopher Baines Guix website Slides and notes Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 01:00 K.3.201 packagemangementunites Package Management Unites Us All Package Management devroom This talk will present a high-level, consistent view of the properties of programming languages that are relevant to the design of language package (dependency) managers - and the communities that form around them. The talk is drawn from my experience in leading the efforts around Go's package management, and the ongoing and evolving efforts to take language package management from an incidental thing that languages "just have," up to a domain of inquiry and engineering that is about programming languages, but also independent of them (much like compilers). Writing I have already done (https://medium.com/@sdboyer/so-you-want-to-write-a-package-manager-4ae9c17d9527) is considered by a lot of folks who work in this area to be foundational in this new phase; I hope to have a number of new thoughts and writing to present by the time FOSDEM 2018 comes around. Sam Boyer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 K.3.201 purl Meet purl: a "mostly" universal software package URL that purrs. Or how to indentify & locate software packages reliably across tools, DBs, APIs and languages with an expressive and simple package URL. Package Management devroom Let's debabelize the way we identify and locate software packages across tools, databases and APIs with the new purl aka. package URL! We build and release software by massively consuming and producing software packages such as NPMs, RPMs, Rubygems, etc. Each package manager, platform, type or ecosystem has its own conventions and protocols to identify, locate and provision software packages. When you need to track and store information for various packages, it is difficult to reference these across tools and package "ecosystems" in a clear and uniform way. The purl aka. "mostly universal" package URL is born from a grass-root initiative to provide a simple spec and libraries and solve this problem: standardize existing approaches to reliably identify and locate software packages. A purl is based on the expressive syntax of familiar URL strings: these are easy to grok for humans and machines alike and can work consistently across programming languages, package managers, packaging conventions, tools, APIs and databases. A purl could be useful: <ul> <li>To reliably reference the same software package across inventory and scanning tools, .</li> <li>In cross-system metadata indexing, aggregation or alerting systems that collect, catalog and monitor packages information such as versions, dependencies, licensing, etc. across multiple package managers,</li> <li>When tracking known vulnerabilities of a package or its dependencies, and eventually relate the multiple incarnations of a code package across packaging systems,</li> <li>And many other kinds of analysis, such as building dependency graphs of packages, etc.</li> </ul> Philippe Ombredanne Main purl org page purl spec A purl parser in Go A purl parser in Python Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 K.3.201 how_to_make_package_managers_cry How To Make Package Managers Cry Package Management devroom In this talk, I will outline how (primarily scientific) software developers have found ways to complicate the job of the people who are responsible for compiling, installing and/or packaging their software, mainly in the context of multi-user high-performance computing environments. Next to an overview of the commonly used techniques, the motivations behind them, and the excuses that software developers can use to get away with it, I will showcase a couple of examples of software applications that have done a great job to make the life of package managers (in the broad sense) as miserable as possible. If you too want to make package managers cry (even more than they may already do), don't miss this talk! Kenneth Hoste Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 01:00 K.3.201 paneldiscussion Package Management Panel Discussion Future of Package Management Package Management devroom Panel discussion with some of the speakers from the Package Management Devroom throughout the day, discussion the future of package management. Mike McQuaid Philippe Ombredanne Sam Boyer Todd Gamblin Homebrew package manager Mike McQuaid, Homebrew maintainer Go dep Sam Boyer, Go dep maintainer Spack package manager Todd Gamblin, spack maintainer Libraries.io Andrew Nesbit, Libraries.io maintainer ScanCode & AboutCode projects Philippe Ombredanne, AboutCode maintainer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 K.3.401 the_freebsd_fundation_how_we_can_change_the_world The FreeBSD Foundation and How We Are Changing the World BSD devroom The FreeBSD Foundation was founded in 2000, initially to own the FreeBSD trademarks and intellectual property. Over the past 17 years, we’ve grown from being run by 3 volunteer board members, to a team of 9 staff members, and 8 volunteer board members. My presentation will cover a little bit of our history, what’s our purpose, the key areas we focus on and why, and how we are making this a better world, by supporting FreeBSD, the community, and the overall open source ecosystem. The purpose of my talk is to tell the BSD community about the work we are doing, and what we can do to help them. I will address the key areas we focus on and highlight the work we did in 2017, and why it was important to keeping FreeBSD relevant and innovative. I will have a Q&A session at the end, so attendees can ask questions about the Foundation, and what they'd like to see us working on in 2018. This will be a good opportunity to have a face-to-face dialogue with community members we don't normally get to talk to in person. Deb Goodkin FreeBSD Foundation website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:05 00:45 K.3.401 netbsd_and_mercurial NetBSD and Mercurial The challenges of a long history BSD devroom Migrating from CVS to a modern VCS is challenging for old and large projects. When limitations of older hardware join, the true fun begins. This talk explores some of the issues found while evaluating Mercurial as new VCS for NetBSD and how they got resolved. The NetBSD project has been developing an Operating System for almost 25 years now. It is one of the oldest users of CVS still around and there is a strong desire to change that. Such a migration is challenging and requires acceptance from the active developers and infrastructure changes. One central aspect for the buy-in from the community is the scalability of the new system and its limitations. The talk starts with an overview of the existing work on migrating the NetBSD repository to modern VCS. The performance of important operations will be compared and bottlenecks identified. Based on the results, reasonable target requirements are identified. An in-depth analysis of critical parts of Mercurial will be presented and how those bottlenecks were addressed. Jörg Sonnenberger Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:55 00:35 K.3.401 bsd_from_scratch BSD from scratch - from source to OS with ease on NetBSD BSD devroom NetBSD has had support for cross compilation for some time now. This talk covers the features and changes in NetBSD enabling a new comer to set out from obtaining a copy of the NetBSD source code and pkgsrc to building an OS & Firmware for an ARM board from scratch on an operating system of their choice. NetBSD has had support for cross compilation for some time now. This talk covers the features and changes in NetBSD enabling a new comer to set out from obtaining a copy of the NetBSD source code and pkgsrc to building an OS & Firmware for an ARM board from scratch on an operating system of their choice. This was leveraged as the basis for a series of workshops aimed at introducing the NetBSD operating systems to hardware ethusiasts. The workshops covered: Introducing project rescources (source repo & documentation) Cross compilation with ease The Lua subsystem - a highlevel language interface to the system Working locally using simulation Rapid prototyping with rump Tamper resistence with veriexec Sevan Janiyan Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:35 00:50 K.3.401 pot_container_framework pot: another container framework based on jails and ZFS A personal/educational project to run containers with the power of FreeBSD BSD devroom The initial idea of pot was to imitate containers, like docker, but using FreeBSD technologies, like jails and ZFS. The goal was to run several "pots" on my laptop to serve my needs and, at the same time, to learn how to manage them efficiently, especially in term disk usage. Instead of using/extending existing tools, like ezjail or iocage, I decided to reinvent the wheel and to write myself a new tool. After some time, I realized that making pot more generic and available to everyone could be a good idea and that's what I intend to present. I also show some interesting use cases and, hopefully, a live demo. Luca Pizzamiglio The github repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:50 K.3.401 cbsd_isolation_manager CBSD, Isolation manager How to manage jails, bhyve VMs and Xen via CBSD, while keeping it all simple BSD devroom CBSD is able to manage bhyve, jails and xen on a cluster of hosts while keeping dependencies reasonably low. It is able to configure network interfaces and firewall rules dynamically, whether you use PF, IPFW or IPFILTER. This talk will cover main CBSD features, implementation details, future plans and growth of CBSD as well as ecosystem around it. Management of Xen, VMs and jails on FreeBSD becomes increasingly tedious job especially with technologies like ZFS and VNET (just to mention few) which add on the number of alternative ways one can run FreeBSD based infrastructure. Combining that with multiple options for a firewall and the requirement for VMs to connect to jails and vice verse, makes FreeBSD very versatile. It is also very hard to choose the right set of tools. CBSD strives to unify management of jails and VMs while not taking away any options, and keeping UI and code simple as possible. Goran Mekić Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:25 00:30 K.3.401 pkgsrc_on_chromeos pkgsrc on ChromeOS BSD devroom pkgsrc (the NetBSD package collection) supports more than a dozen platforms. On a Chromebook in Dev Mode, you can install "arbitrary" Linux software. Obviously, pkgsrc is the perfect fit for that! However, things are not quite as easy. First, you must get a C compiler, and then there are a lot of idiosyncrasies on the platform. This talk gives an overview of how to get started, and shows the grossest hacks I had to do to get a working pkgsrc setup. Benny Siegert Video recording (mp4) Video recording (WebM/VP9) Slides http:// Submit feedback 15:00 00:30 K.3.401 openbsd_base_system_maintenance_made_easy syspatch(8) OpenBSD base system maintenance made easy BSD devroom While installing and upgrading OpenBSD releases has always been a breeze, keeping a stable installation up-to-date with security and reliability patches required fetching and applying cvs(1) diffs then build a new release which had to be deployed on every maintained systems. In this talk I will introduce a new base system utility: syspatch(8). It is used to fetch, verify, install and revert OpenBSD "binary" patches. I will also describe the patch building process which is completely privileged separated and explain how and why several parts of the build system had to be changed. As a teaser let me give you a couple of examples. At OpenBSD we believe that doing full builds for each patch if the proper way to go, even though it takes more time and effort. Indeed, an important thing for building patches are deterministic builds. That is especially true if the patch tarballs aren't built on the system the original release was created. Another challenge is static binaries. These need to be re-linked every time we patch a library that's a dependency, so if you don't do a full build all the time, you have to keep a list of these binaries and manually force re-build them which is error prone. Antoine Jacoutot syspatch(8) manual page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:35 00:45 K.3.401 openbsd_alarm_system OpenBSD as house alarm system Openbsd is not only good for network related projects BSD devroom since 1998 I've developed an alarm system based on the velleman K8000 kit. I've first build it with Linux (slackware), in 2010 I've moved to OpenBSD. I'll describe why OpenBSD is better matching my needs than Linux. <ul> <li>I'll present the need: IR captors, integration with SMS, web interface</li> <li>what were the problem with linux</li> <li>how I've setup OpenBSD with a read only file system</li> <li>Why OpenBSD is perfectly matching those needs</li> <li>future plans</li> </ul> Some elements are on my blog: http://vincentdelft.be/post/post_20160710 Vincent Delft Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:25 00:45 K.3.401 zfs_advanced_integration ZFS: Advanced Integration Server, Laptop, Embedded, or Appliance -- ZFS is the Answer BSD devroom How to apply various FreeBSD technologies and features in combination with ZFS to get the most out of a system, be it a Server, Laptop, Embedded, or an Appliance. ZFS is an advanced filesystem, but that doesn't mean it is complicated or hard to understand. After an overview of the basics of what ZFS is and how it works, we'll delve into how to integrate ZFS into a system or product. Topics to include: * Boot Environments and how to use them - new boot environment management tool and library from Google Summer of Code - case studies / use cases * Advanced Boot Configuration (zfsbootcfg/nextboot) - Boot the new system image only once - Fall back to previous version if new system image fails to stay up for 5 minutes three consecutive times * Automated Boot Recovery (Appliance style failover/failsafe) - Fall back to rescue image if system fails to boot repeatedly (required for environments like Amazon where there is no console) * GELI Encryption Support - Improvements to allow unattended booting * Appliance Upgrading with ZFS (including zpool checkpoints) - Create a checkpoint before upgrading an appliance, revert to checkpoint if upgrade is not completely successful. Checkpoints can undo things that a snapshot cannot, like renaming or destroying an entire filesystem. Techniques discussed will be of interest to most everyone, from users and developers for laptops and servers, to appliance manufacturers, and embedded products. Allan Jude Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:15 00:45 K.3.401 configuring_build_base_on_freebsd Configuring build base on FreeBSD Making things easy for the user BSD devroom FreeBSD has some knobs to set in order to build the base system or to avoid building some parts of the system. This way the build process could be optimized to avoid wasting time. With this procedure, the user has an easier way of configuring how to build the target system The first implementation allows the user to set, unset and check the dependencies of the option that can be set to build the base system. Lots of users uses this kind of options to speed up the process of building the base system but there are some dependencies that might not be taken into consideration and the user could realize of this changes when the build process is finished, wasting a lot of building time. More than a lecture about this approach, this event is meant to be a demonstration of "how can it be done". RoberFern Bug report with patch Diff review patch Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:05 00:45 K.3.401 reflections_on_reaching_unix_class_with_freebsd Reflections on Teaching a Unix Class With FreeBSD Lessons learned on both sides BSD devroom I've been teaching an undergraduate "Unix for Software Developers" class at the University of Applied Sciences, Darmstadt, Germany for a number of years now. The last three years of them in English to allow exchange students to participate as well. I am using FreeBSD in my class and the lab exercises. Topics of the class include an introduction to the Unix shell, editors, filesystems (with a big focus on ZFS), shell programming, grep/sed/awk and since 2017, I also added Ansible. In this talk, I want to reflect on what I learned interacting with the students of various (Unix) backgrounds. I also want to discuss with the audience how to improve the class with relevant topics so that the students get the most out of the class and for their later Unix careers. I'll provide an insight into my labs and what we do there with FreeBSD, too. Benedict Reuschling Webpage for Unix for Software Developers Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:25 K.4.201 cad_spice FOSS/H EDA tools for SPICE modeling CAD and Open Hardware devroom EspoTek’s Labrador is a tiny yet powerful device that transforms a PC into a fully featured electronics lab, complete with an oscilloscope, signal generator, logic analyzer, multimeter and power supply. Qucs (Quite Universal Circuit Simulator) is an integrated circuit (IC) simulator which allow to setup a circuit with a schematic entry graphical user interface (GUI) and simulate the large and small-signal (DC, AC, S-parameter, Harmonic Balance and noise analysis) of the microelectronic circuit. Both hardware and software are 100% open-source (FOSS). Both tools will be used to illustrate complete flow of the measurements, characterization and SPICE modeling of the semiconductor devices for EDA IC design applications. EspoTek’s Labrador and Qucs cointegrations thru embedded Octave scripts will be discussed as well. Guilherme Brondani Torri EspoTek’s Labrador Qucs Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:55 K.4.201 cad_gnucap Gnucap, and analog and mixed signal simulation CAD and Open Hardware devroom This talk will present an overview of analog(ue) and mixed-signal simulation, with a focus on Gnucap .. the GNU Circuit Analysis Package. I will introduce the basis of simulation, the basic "SPICE" methods (DC, AC, and transient analysis), mixed-signal (event driven) simulations, and "Fast-Spice". Also, some derived methods, including Fourier analysis, Harmonic Balance, and Periodic Steady State will be introduced. Along with this, I will review where the Free simulators (Gnucap, Qucs, NGspice, Xyce) stand. I will also present the plugin based architecture of Gnucap, and how it encourages contributions and fast deployment without sacrificing quality of the base work. Al Davis Gnucap wiki Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:25 K.4.201 cad_fpga_intro Tutorial: my first FPGA design Basic course to create a simple FPGA design using OSS tools CAD and Open Hardware devroom You have no hardware knowledge and want to know how people design chips ? You are a software guy, having heard of VHDL or Verilog but never used it ? In this 25 min tutorial, you will learn the basis of hardware design and how to write a simple FPGA design using only FOSS tools. (This tutorial is not about PCB design, but reprogrammable chips design) This is the same talk as the one of FOSDEM'17. As the room was full, some people were not able to attend so I propose to do it again. Tristan Gingold Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:25 K.4.201 cad_fpga_gui Graphic design tools for Open Source FPGAs Learn about the Apio and Icestudio projects CAD and Open Hardware devroom Nowadays we have low-level tools to control Open Source FPGAs but these are only for experts who know hardware description languages. There is a challenge in making this technology accessible and easy to use by everyone. In this talk I will present the project Apio, a multiplatform cli toolbox, and Icestudio, a high-level visual editor that allows to create and synthesize graphic designs into Open Source FPGAs. Connecting high-level description languages with real hardware implementations enables a lot of new ideas, new research branches, new capabilities. We have begun to explore the surface but there is still a long way to go! Jesús Arroyo Torrens Icestudio Apio FPGAwars Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 K.4.201 cad_os_fpga Funny digital electronics with Open Source FPGAs CAD and Open Hardware devroom Is it possible for non-tech people or even kids to create digital circuits? Thanks to the <a href="http://www.clifford.at/icestorm/">Icestorm project</a> we all have open source FPGAs. We have develop both Free/libre hardware and software for making it very easy for the non-tech people or kids to start learning and playing with digital circuits. We will show in a demo how the <a href="https://github.com/FPGAwars/icestudio">Icestudio</a> and the <a href="https://github.com/FPGAwars/icezum/wiki">Icezum Alhambra</a> FPGA board works. With very few clicks the digital circuits are synthesized and uploaded into the FPGA. It opens the way for teaching hardware thinking and digital circuits without pain and learning concepts while building circuits Juan Gonzalez-Gomez (Obijuan) ICEstorm project Icezum Alhambra FPGA board Icestudio: Experimental graphic editor for open FPGAs. Built on top of the Icestorm project. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 K.4.201 cad_os_asic The open source EDA tool chain for the Chips4Makers project Is an ASIC made with fully open source tool chain possible ? Is it affordable ? CAD and Open Hardware devroom The Chips4Makers project tries to make low volume ASICs possible for makers and hobbyists. The talk will start with a summary and vision of the Chips4Makers project. In a second part of the talk the current state of the used tool chain will be discussed. With the Retro-uC project this tool chain is tested and it will be presented what worked and what is candidate for improvement. I do hope I can get feedback from the public and get more inspiration to improve the toolchain in use for future user projects. The Retro-uC chip itself - a microcontroller with the right instruction set for a retrocomputing enthusiast - is discussed in a talk in the retrocomputing devroom. Staf Verhaegen The Chips4Makers blog Hackaday Retro-uC project page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:25 K.4.201 cad_3d_asic Automated system partitioning based on hypergraphs for 3D stacked integrated circuits CAD and Open Hardware devroom With the evolution of integrated circuits (ICs), 3D integration is becoming a short and middle term viable solution to increase the system performance, functional density per unit area and reduce system power, as an alternative to costly sub 7nm CMOS technologies. However, as trendy as it may turn, there is no viable Electronic Design Automation (EDA) toolchain that allows to design ICs in 3D. Our work aims at developing tools that could be used in standard 2D EDA chains to deal with 3D ICs. Such tools will automatically transform any 2D design into an optimized 3D architecture by extracting a graph from the DEF file coming out from 2D synthesis and place&route flow. Afterward, this graph can be partitioned automatically using state-of-the art graph partitioning tools. In order to create the toolchain, we developed a custom DEF parser to answer specific and limited needs that existing solutions such as Verilog-perl or PyVerilog did not allow. The software scans the DEF to find all the gates, pins and nets in the given design. When analyzing nets, it also parses the routing information to determine the total length of the net, which will be needed in the partitioning phase. In parallel with the DEF parsing (design input), the LEF technology file (technology input) is also parsed to fetch the characteristics of the gates that will be used later on in the clustering and partitioning steps. Once the design has been parsed, it can be clusterized to reduce the problem complexity and the output is formatted to extract the underlying hypergraph. The extraction makes use of standard Python structures such as dictionaries in order to quickly find links in the design and establish references between the vertices (i.e. clusters or gates) and edges (i.e. nets). When building the hypergraph, some metadata are linked to each vertex/edge (e.g. area, power, total length, total connections) to later set their weights that will be needed in the partitioning phase. As soon as the design has been converted into a hypergraph, it is formatted in such a way so that it can be fed to the hMETIS package. Using the weights sets extracted during DEF/LEF parsing phase, hMETIS partitions the graph. The output is processed into TCL directives that are then interpreted by a proprietary tool handling the 3D P&R, or they can be used to automatically partition the post-synthesis gate-level netlist and thus be used with any EDA flow, including the open-source ones. Quentin Delhaye, Dragomir Milojevic, Université libre de Bruxelles, Brussels, Belgium Quentin Delhaye hMETIS package developed by Karypis Lab Hypergraph extraction DEF parser Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:25 K.4.201 cad_kicad_v5 KiCad Version 5 New Feature Demo CAD and Open Hardware devroom A demonstration of the new features in version 5 of KiCad, along with a quick state of the union, by KiCad's project leader. Wayne Stambaugh Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:25 K.4.201 cad_pcb_code Designing PCBs with code Designing circuits with code instead of CAD CAD and Open Hardware devroom An overview and history of various tools and languages that allow you to use code rather than CAD software to design circuits. For anyone used to expressing their ideas with code using a CAD tool to design electronics can be an even more frustrating exercise than normal. If you are a programmer thinking about getting into designing circuits or if you have ever thought "I could easily solve this with a for-loop" when using KiCad then this talk is for you. We will cover the history of ideas of using code to describe electronic circuits and culminate in the presenter's own experiments in this area. Kaspar Emanuel PHDL - Printed Circuit Board Hardware Description Language SKiDL - Extends Python with the ability to describe KiCad netlists Electro Grammar - A lightning fast parser of electronic component descriptions pycircuit - Use python for designing circuits, including footprints and layout replicad - Use JS to describe circuits (slides) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:25 K.4.201 cad_horizon horizon - a new star on the EDA sky CAD and Open Hardware devroom Horizon is a from-scratch EDA package with focus on useful parts management and rule-driven design. Even though it's still work in progress and some features are missing, it's already usable for small to medium-sized projects. This talk covers my motivation for starting a new EDA package in 2016 and the main ideas behind horizon as well as some important implementation details. I'll also go into my short- and long-term plans for the project. Lukas Kramer horizon on github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:25 K.4.201 cad_librepcb Introduction to LibrePCB A new, powerful and intuitive EDA tool for everyone CAD and Open Hardware devroom This talk will give you a short introduction to LibrePCB, a new software for designing printed circuit boards. The goal of the LibrePCB project is to create a modern, powerful and easy-to-use EDA package for everyone. The project is still in a quite early development stage, but is already usable for creating simple PCBs. In addition to a short live demonstration, I'd like to talk about the motivation behind LibrePCB, explain some of its concepts and what plans we have for the future. Urban Bruhin Website GitHub repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 K.4.201 cad_dr_format Proposal for an open and democratic Design Rule format A missing piece in the open source EDA world CAD and Open Hardware devroom In the topic of Electronic-Design-Automation (EDA) Design Rules are used to validate a drawing against constraints usually set by the manufacturer. In this talk I'd like to introduce a (file-)format proposal for such Design Rules focused on the usage in PCB design. In the past the definition of Design Rules has been a mess. Most EDA software provider (e.g. Autodesk, Altium, Cadence) have their own set of Design Rules which neither match the expectations of the users nor the requirements from the PCB manufacturers. Beside that the Design Rules are often misleading as they do not allow to describe what really breaks production or not. Because of that most PCB manufacturers give too loose rules which often break production for the customers. An open and democratic format for Design Rules could solve this. We face the issue that at least three parties are involved in these rules which I believe can only be solved by an open source format. Because of this I talked to EDA software supplieres, PCB manufactures and users and asked what they are missing and expect from it. Using this feedback I'd like to introduce our proposal and ask if and if yes, how work should be further organized. Depending on the projects schedule an practical implementation in Gerbv could be presented. Patrick Franken Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:25 K.4.201 oshw_laptop Developing an Open Source Hardware Laptop with KiCAD Using FOSS tools for designing an OSHW laptop CAD and Open Hardware devroom A presentation on the design of the TERES Do-It_Yourself laptop, fully designed with KiCad. Tsvetan Usunov https://www.olimex.com/Products/DIY-Laptop/ https://github.com/OLIMEX/DIY-LAPTOP Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:15 K.4.201 oshw_shenzen Component Sourcing for Design and Manufacturing in Shenzhen An augmentation of Bunnie Huang's "Guide to Shenzhen": what you should know and how you should have designed the PCB and selected the components.... BEFORE making the trip to Shenzhen CAD and Open Hardware devroom Bunnie Huang's "Guide to Shenzhen" is absolutely invaluable, but it assumes that you know exactly what you need to get, before you actually get it. If this isn't clear, for an example of exactly what the problem is, try an Internet search for "Laptop trackpad supplier". Did you find one? Did you find a source of trackpads for use in that laptop that you're thinking of designing? Or did your search queries instead get completely and utterly swamped with thousands upon thousands of aliexpress pictures of the EXACT SAME Apple Trackpad for a 13in Macbook Pro? What about LCDs? Do you even know what type of LCD is commonly available right now? Were you aware that MIPI is Cartelled? Or that the people telling you that eDP is "The Future" are trying to push a much higher-power-consumption design at you and they forgot to invite China-based Manufacturers to the closed-door meeting. How can you actually find which LCDs are commonly manufactured and available in Shenzhen, so that you can begin the design right now before you take that expensive trip abroad. And what about components? If you've looked on taobao or aliexpress, you'll know that many of them are rip-offs, there's absolutely no datasheets, the vendors make pittance so they're extremely unlikely to answer your questions... so what actual use is this resource, to anyone? This talk will help answer the paradox of bridging the gap between Shenzhen market prices and the Western and Libre mindsets for hardware design, allowing attendees to take proper advantage of the lower pricing of Shenzhen-sourced parts, and to avoid the nightmare scenario of designing a PCB only to find that its parts went End-of-Life in the Shenzhen markets many years ago, and that the last remaining parts available must be bought from Digikey and IMPORTED (back into China from where they originated!) with a whopping lead time and huge import tariffs of up to 40 percent. Luke Kenneth Casson Leighton Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:50 00:25 K.4.201 oshw_openseamap An Open Platform for Collecting data for OpenSeaMap The Proposed Platform Comprises Open Soft- & Hardware CAD and Open Hardware devroom The OpenSeaMap project is part of the OpenStreetMap project family and aims at leveraging crowd sourced information for leisure captains. As it targets a sepcific user and application group it also relies on additional data on top of traditionally used positional data. This presentation is about an effort to create a hard- and software platform capable of collecting the needed data for the OpenSeaMap project. We share early results yield with a prototype implementation of the proposed platform. This presentation focusses on the hardware part of a platform prototype used for collecting data on a ship of a participant of the crowd sourced OpenSeaMap project. In combination with the software running on the proposed hardware platform and additional software parts running on the host of an participant and the server side software of the OpenSeaMap project the data is collected, processed, rendered and provided for download and use by the leisure boat captains. The platform is based on a RaspBerry PI and a HAT as well as a professional depth ranger. The project aims at developing a dedicated HAT for the purpose of OpenSeaMap data collection. However, the current state of development, namely a productively used prototype and the plans for the next steps as well as some early results are shared with the audience. Further ideas and recommendations for improvements and next steps are very welcome. Ulrich Langenbach GNUBoat Website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:20 00:40 K.4.201 oshw_wikilab Wikilab, architecture & CNC Collaborative architecture and construction with FreeCAD CAD and Open Hardware devroom This talk will showcase how FOSS design tools such as FreeCAD were used during the WikiLab project in São Paulo, Brazil, and how this can change the game in the construction field. The <a href="https://wikilab.blog.br/">WikiLab</a> is a collaborative construction based on the <a href="https://wikihouse.cc/">WikiHouse</a> project, that started in São Paulo, Brazil, in 2017 and is still occurring, being a continuous experience. The construction was done mostly by a team of volunteers, it mixes architecture, CNC manufacturing, collaborative planning, construction and management, ecological, technological and social research, and the whole design was done completely with free software, mostly <a href="http://www.freecadweb.org">FreeCAD</a>. In this talk, I'll try to showcase how the use of free software had a very special impact on the project design and construction, how this reaches areas where no commercial software entered before, and how this can change the way we do architecture. Yorik van Havre the WikiLab project FreeCAD Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:25 K.4.401 apitrace Graphics Performance Analysis with FrameRetrace A Responsive UI for ApiTrace Graphics devroom FrameRetrace is the first fully open-source graphics performance analysis tool for OpenGL on Linux platforms. It enables rapid experimentation with shaders, state, uniforms and experiments, to find and fix performance or rendering problems in a frame. This talk will describe the current state of FrameRetrace, and why it is a compelling tool for OpenGL application and driver developers. A demo of FrameRetrace will illustrate and fix a performance problem in the mesa driver. In Linux 4.13, GPU performance counters were added to the kernel, dramatically expanding the information available to understand GPU performance bottlenecks on Intel platforms. FrameRetrace exposes these counters in a responsive UI, providing a detailed cost analysis for every aspect of a frame's rendering. The following live experiments allow a developer to alter the frame and immediately see the impact on both performance and rendering: <ul> <li>shader editing and recompilation</li> <li>changes to GL state settings</li> <li>changes to uniforms values</li> <li>experiments (simple shader, disable render)</li> </ul> Because FrameRetrace is built on top of ApiTrace, it can analyze most OpenGL applications. It can also provide parallel analysis of the same frame on Windows and Linux platforms, to highlight driver differences. This key feature makes FrameRetrace especially powerful when enabling new hardware that has a well-supported driver for Windows. Hardware teams from AMD and Broadcom have expressed interest in FrameRetrace for enabling their platforms. The current feature set of FrameRetrace is compelling, and Mesa driver team has already fixed many driver issues based on findings from the tool. I would like to encourage wider use of FrameRetrace, and solicit help in adding features -- especially support for AMD hardware. Source and documentation available at: https://github.com/janesma/apitrace/wiki/frameretrace-branch Mark Janes project wiki project sources Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:50 K.4.401 intel_ci Intel GFX CI and IGT Motivation, what services we provide, and how do we integrate with development? Graphics devroom In this talk, we highlight how important automated testing is to sustain the upstream development model of Linux, especially when products are involved. We will then give you a tour of our system, how it integrates with the developer's workflow, what we are working on, and we managed to grow from a couple of thousands tests executed per week to over 4 millions! We will also present the changes we have done to the IGT test suite to become less Intel-specific and serve the needs of multiple drivers. Upstream development requires never regressing the features that were already present in previous versions. We believe that this is not only the right thing to do, it is also increasing in relevance as more and more products move towards this model. To embrace this model, we try to catch unintentional regressions as early as possible through our CI system. This improves the productivity of our developers (fewer bugs coming months after the code was committed), and provide users with a smoother upgrade path (either through the product manufacturer or by upgrading the kernel themselves). The Intel GFX CI has grown massively in the past 1.5 years: the number of machine doubled; the test coverage went from 260 tests/machine up to over 4k; the number of tests executed went from 100k/week to over 4M; pre-merge testing time dropping to an average of 30 minutes despite the increased usage. We will then tour the audience through our different services, how they integrate with the developers' workflow, and how we manage to keep track of failures (and file them). Finally, we will share what are our current developments, our goals, and what we are doing to the IGT test suite in order make it useful for more drivers than Intel. Martin Peres Arek Hiler Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:55 00:50 K.4.401 spirv ARB_gl_spirv: bringing SPIR-V to Mesa OpenGL Bringing SPIR-V to Mesa OpenGL Graphics devroom <h1>arbglspirv: bringing SPIR-V to Mesa OpenGL</h1> Since OpenGL 2.0, released more than 10 years ago, OpenGL has been using OpenGL Shading Language (GLSL) as a shading language. When Khronos published the first release of Vulkan, almost 2 years ago, shaders used a binary format, called SPIR-V, originally developed for use with OpenCL. That means that the two major public 3D graphics API were using different shading languages, making porting from one to the other more complicated. Since then there were efforts to allow making this easier. On July 2016, the extension ARBglspirv was approved by Khronos, that allows a SPIR-V module to be specified as containing a programmable shader stage, rather than using GLSL, whatever the source language was used to create the SPIR-V module. This extension is now part of OpenGL 4.6 core, making it mandatory for any driver that wants to support this version. This talk introduces the extension, what advantages provides, and explain how it was implemented for the Mesa driver. Alejandro Piñeiro Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:50 00:25 K.4.401 pixel_formats A pixel format guide to the galaxy A tool for interpreting pixel format definitions Graphics devroom The Pixel Format Guide is a collection of documents and an accompanying python tool which aim to help people interpret and manipulate the pixel format definitions used by the various graphics APIs and projects. In this talk we will describe the Pixel Format Guide and the capabilities of the accompanying tool, provide examples of how it can be used to automate many tasks involving pixel format definitions and explore future directions. Every graphics API and project has its own way of describing and naming pixel formats — the different flavors used by Vulkan, OpenGL, Mesa, Gallium, Wayland, DRM, GBM, Pixman, Mir and SDL are just a few of the beasts one can encounter in the graphics wilderness. The Pixel Format Guide aims to become a comprehensive reference for pixel format definitions used by such APIs and projects, describing aspects as component bit order and dependence on system endianness. The guide provides both a collection of documents describing how to interpret the definitions, and a python tool and library (called pfg) that allows automatic interpretation of pixel format definitions and operations on them. The Pixel Format Guide currently supports 12 pixel format families for a total of 541 format definitions. The pfg python library allows users to leverage all the information and capabilities of the tool to create their own custom scripts. A prime example of such a script would be the automatic production of code to convert between pixel formats definitions belonging to different format families. Alexandros Frantzis Project page Project code repository Blog post about project Another blog post about project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:25 K.4.401 nouveau Nouveau Status Update Graphics devroom Brief update on the Nouveau project. We want to talk about what we have done on over the past year(s) and what we are planning to work on in the near future. Main topics will be power management, Nvidia and community. Martin Peres Pierre Moreau Karol Herbst Freedekstop Nouveau wiki Video recording (mp4) Video recording (WebM/VP9) How to test SPIR V support in clover How to test OpenCL support for Nouveau Submit feedback 13:50 00:50 K.4.401 mir Mir 2018 The state of Mir Graphics devroom A review of the progress of, and plans for the Mir project. After Canonical dropped support for Unity8 priorities for the Mir project changed. While Canonical's professed interest is in IoT there is potential for Mir to be used by others. This meeting starts with a presentation of the work done to support such projects and seeks help in setting priorities for future efforts. Alan Griffiths Mir discussion forum Mir project homepage Submit feedback 14:50 00:50 K.4.401 graphic_tablets Generic Graphics Tablets in Linux Hardware peculiarities, software challenges, and how to make them work Graphics devroom Presentation on the DIGImend project's efforts to improve Linux support for generic graphics tablets. Wacom graphics tablets are very well supported by Linux, thanks to the efforts of several core developers and many contributors, including Wacom engineers. However, the story is not so great for tablets from other manufacturers. Those range from the minimal 4.5" signature pads to full-blown 22" tablet monitors. Usually developed by OEMs in Taiwan, those tablets can be accompanied by very poor attempts at Linux kernel drivers, but most of the time no Linux support at all. This talk is going to present the DIGImend project's efforts to improve support of such graphics tablets in Linux, the hardware peculiarities, software and organizational challenges, and what it takes to make one supported. Because of their low price, generic graphics tablets are very attractive to artists just starting out, or living in developing countries. Same artists, who, for the same reason, would rather use Linux and Open-Source software, if only their graphics tablet worked with it. One of the aims of the DIGImend project is to support such artists. Nikolai Kondrashov DIGImend project website Slides at slides.com Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:45 00:50 K.4.401 kodi Kodi and Embedded Linux Moving Towards Common Windowing and Video Acceleration Graphics devroom In a world where a new single board computer (SBC) comes out every month it has become impossible to maintain all the proprietary methods that are used with the boards. A movement towards a unified windowing method and unified decoding methods has started. For Kodi version 18 a Direct Rendering Manager / Kernel Mode Setting (DRM/KMS) windowing method has been implemented. This allows any device that has a Linux kernel DRM driver to run kodi. The next step is video decoding, where each SBC has it's own specific decoder and software to run it. The Linux kernel implements a Video4Linux2 (V4L2) subsystem where drivers can register a decoder to be used under a common API. Kodi needs to be able to use a zero-copy path in order to display these decoded frames on the screen. For this to happen we need to use DRM-PRIME buffer sharing and specific EGL extensions to present the frames. All this together will allow Kodi 18 to run on a vast variety of SBCs that have DRM driver and a V4L2 driver available. In order for Kodi to present decoded frames along with the GUI multiple hardware planes are needed. To use multiple planes we will make use of the DRM subsystem. Atomic DRM allows control over each page flip and what is presented by each plane within one atomic commit. In Kodi this allows showing the Kodi GUI in the overlay plane and the decoded video frames in the primary plane. The decoded video frames exit the decoder in a semi-planar YUV format called NV12 (other formats may be possible as well). These NV12 frames can be presented directly in the primary plane and the DRM subsystem handles the scaling and rotation. Presenting directly to a DRM plane has some downsides that need to be addressed. Depending on the DRM driver things like scaling and deinterlacing may not be supported. In these cases a separate rendering method has to be used. This other rendering method is entirely done in OpenGLES using the EGL extension EGL_EXT_image_dma_buf_import. This method allows directly importing the NV12 video frame into OpenGLES and manipulation can be done from there via GLSL shaders. Kodi already implements shaders that do the YUV to RGB conversion needed to output the image to the display. These shaders also implement scaling via various methods (lanczos, spline36, etc) and deinterlacing via bobbing. All this together will allow SBCs such as NXP i.MX6, Allwinner H3, Rockchip 3288 and 3328, Qualcomm Dragonboard 410c, and many more to work with Kodi without implementing any new methods. This work is underway is largely merged into Kodi master already. Lukas Rusak DRM/KMS pull request Atomic DRM pull request DRM Prime atomic support pull request Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:40 00:25 K.4.401 amd_graphics The AMD Linux graphics stack, 2018 edition Graphics devroom Several years ago, AMD embarked on a long-term project to produce a first-class open-source graphics stack. While there is always more work to be done, the vast majority of our Linux users are now happily using the result of this effort. I will give a short look back at some milestones and present a non-technical overview of the components of our graphics stacks as they are today, with an emphasis on the open-source side. The talk will include an introduction to the recently open-sourced AMDVLK Vulkan driver. Nicolai Hähnle Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:05 00:25 K.4.401 radeonsi Shaders in radeonsi an update on dynamic linking and NIR Graphics devroom I will give an update on two topics involving shaders in radeonsi, the OpenGL driver for modern Radeon GPUs: the dynamic linking of shader parts, and the transition to the NIR intermediate representation. Managing shader compilation in an OpenGL driver is challenging, because the final shader binary may depend not only on the shader source, but also on other state in the OpenGL pipeline such as framebuffer state, blending, and vertex array. When a shader is used in a new pipeline configuration, the driver may have to recompile it. This could cause noticeable stalls in some games. While on-disk shader caches can alleviate the problem somewhat, they cannot cover all cases. The approach taken by radeonsi is to split shaders into multiple parts, such as a prolog, a main part, and an epilog. In many cases, the effects of changing OpenGL states can be captured by only recompiling the prolog and epilog, which is sufficiently faster to virtually eliminate stalls. The .text segments of these shader parts, which the driver originally gets in ELF format from the LLVM backend, are simply pasted together. This means that we cannot currently use most of the features of ELF which are taken for granted in the CPU world. Most interesting to us would be: putting large constant data into a .rodata segment, and representing LDS memory (a fast on-chip memory) as a proper ELF data segment. I will present a plan to introduce a proper ELF-based dynamic linking step into the driver to enable these features. I also plan to present a brief update on the transition from TGSI to NIR as intermediate representation. Nicolai Hähnle Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:35 00:25 K.4.401 remote_kernel Kernel Graphics Development on Remote Machines Accessing machines remotely with Open Source tools Graphics devroom Availability of bleeding-edge and prototype hardware is always scarce. Local access to hardware is not always convenient to arrange when multiple members of a team are working on the issue across country and timezone borders. It would also be inefficient to allow much sought after hardware to idle when one team is not actively using it out of office hours for example, as traditionally happens when hardware is shipped. The author, who is currently working as one of the maintainers the Intel graphics i915 Linux kernel driver, has sought for an efficient solution when working as a home based employee for multiple companies. Some off-the-shelf solutions exist, but they're far off in the price range to be suitable for an average Open Source contributor. This talk will walk you through the gotchas in setting up an environment for your project and a demo of one system can be presented optionally. Joonas Lahtinen Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:05 00:25 K.4.401 wayland_client Wayland client basics How to natively speak Wayland in your application, from the bottom up Graphics devroom Wayland, the next-generation display server protocol, is slowly but surely taking over the Linux desktop. Preexisting and new applications will have to adapt to this new environment that is fundamentally different from how things used to work on X11 for a long time. This talk gives you the basics of programming native Wayland clients in 2018: the Wayland architecture and protocol world including recent developments, what you can and cannot do, the steps to get something visible on the screen, and why you might not want to do a native application after all. The presentation is intended to give a conceptual overview of things that any Wayland client programmer will have to look at. The architecture and design of Wayland will be shown and compared to X11. However, rather than porting applications from X11 to Wayland, the focus here will be on building native Wayland programs from the ground up. The Wayland ecosystem and relevant compositors will be described and suggestions for testing will be given. Furthermore, the process of getting a surface to the compositor for drawing it on the screen will be explained and all basic protocols needed for this such as the global registry, shared memory, surfaces, and shell surfaces including xdgwmbase will be introduced. The talk will not go too deeply into programming specifics and the libwayland C API, but some common pitfalls and best practices will be mentioned. Philipp Kerling Official Wayland documentation Slides (with notes and source) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:35 00:25 K.4.401 kms_dp A Journey through Upstream Atomic KMS to achieve DP compliance Black Screens and how to prevent them from upsetting Linux Users Graphics devroom Ever hooked up a Linux Computer to a monitor only to experience...nothing? DP is far from being a dumb cable and requires that the entire graphics stack works together to gracefully handle mode failures and recover them. Achieving DP compliance requires that the kernel drivers, hotplug events and the userspace compositors all work together to render every frame at requested rate e.g by handling link failure. The Linux Kernel's atomic modesetting infrastructure on the other hand is a daunting beast of its own and understanding how all the pieces interact is a challenge itself. In this talk Manasi will present the ultimate technical solution for DP compliance ensuring a successful modeset that is recently upstreamed in Linux kernel (4.12) as well as Xserver (1.19.3) If you’ve ever hooked up a Linux computer to a DisplayPort monitor or daisy chained multiple DP MST monitors and encountered only a flickering or blank screen, then the recent Linux Kernel update will fix it for you. DP is far from being a dumb cable and requires that the entire graphics stack works together to gracefully handle mode failures and recover them. Achieving DP compliance requires that the kernel drivers, hotplug events and the userspace compositors all work together to render every frame at requested rate e.g by handling link failure. The atomic kernel modesetting infrastructure is based on an underlying assumption that "Atomic check guarantees the requested mode and that commit should never fail". Although this holds good in case of all GPU parameters checks and commits, it does not validate the DP physical cable and DP link training failure can result in an atomic commit failure resulting into black screens. This talk will educate folks on the fix that was required to handle these atomic modeset failures in case of display port and how that was implemented across the entire graphics stack making it display port compliant. This solution was upstreamed to Linux kernel 4.12 and Xserver 1.19.3. through this talk Manasi will also share her journey through iterating designs and working together with upstream maintainers, collaborating with X-server community and finally designing and upstreaming a solution that is used by i915 and can be incorporated by all other open source DRM drivers. Manasi Navare Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:15 K.4.601 community_welcome_remarks Community DevRoom Welcoming Remarks Community devroom devroom In which Leslie and Laura welcome everyone to the Community DevRoom 2018 Laura Czajkowski Leslie Hawthorn Submit feedback 10:50 00:25 K.4.601 community_italy_most_hacker_friendly_country Italy: the most hacker-friendly country? Developers Italia, what happens when a nation goes Open Community devroom devroom The Digital Transformation Team was born to build the "operating system" of the Italy, a series of fundamental components on top of which they can build simpler and more efficient services for the citizens, the Public Administration and businesses, through innovative digital products. Among the critical infrastructures, there's the way software is developed. Italy is betting hard on open practices, by not only opening the source code of the country, but also turning citizens and hackers into first-class participants of the digital transformation, giving them the power to develop and maintain software which impacts their daily life. To sustain this switch, the Team is building hackerspaces throughout the country, to increase awareness of open practices, and is turning all developers paid with public money into open source contributors. After this talk, you will know how to "hack your government", how to participate in this change (even if you are not Italian!) and how we are working to spread this idea throughout all of Europe. Riccardo Iaconelli Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:20 00:25 K.4.601 community_media101_communities Media 101 for Communities Community devroom devroom In a world of constant news cycles, getting the word out about your project seems nearly impossible. You've got a web site, a Twitter and a Diaspora account, and still it seems like no one is showing up at your virtual doorstop. But there is one old-school toolset at your disposal that can help you and your project be recognized for the awesome you know it to be: the media. In a world of constant news cycles, getting the word out about your project seems nearly impossible. You've got a web site, a Twitter and a Diaspora account, and still it seems like no one is showing up at your virtual doorstop. But there is one old-school toolset at your disposal that can help you and your project be recognized for the awesome you know it to be: the media. There's a whole industry of people out there who are looking for stories to tell about the new and the innovative. You just have to know how to cultivate relationships and tell your stories in a way that will make your project interesting to more people. Brian Proffitt, a journalist and editor with over a quarter century of experience, will walk you through techniques to get your story out, including crafting a press release, targeting media outlets, and building trustworthy relationships with journalists (yes, it can be done). Topics List: <ul> <li>Targeting media outlets</li> <li>Writing your own press releases</li> <li>Becoming a knowledge expert</li> <li>Working with the press</li> </ul> Brian Proffitt Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:50 00:25 K.4.601 community_engaging_corporate_philanthrop_foss Software Philanthropy for Everyone Engaging corporate philanthropy in free and open source software Community devroom devroom All large companies use free and open source software. Many of them contribute to free and open source software, and some of them publish their own free and open source software. All of this is good, and should be encouraged to continue. In addition to that, though, many large companies have philanthropic arms; charitable foundations either operated by the company or closely aligned with the company, and primarily funded by the company. These foundations generally have focus areas, which include almost every conceivable charitable cause except... free and open source software! This presentation will talk about Bloomberg's journey to add software philanthropy to its global charitable contributions, including the mundane aspects of running volunteer coding events, soliciting mentors/leaders to participate, organizing employee (and non-employee) participation, and others, but also how this type of philanthropy can be included in 'employee giving' and similar programs. Anyone who runs an Open Source Program Office, or similar group, within a company that also has a philanthropic arm should consider including free and open source software contributions in their plans, and this talk will help you get started. Kevin P. Fleming Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:25 K.4.601 community_creating_contributor_relationship Your Open Source Community Metrics Should be Tracking More than Code Community devroom devroom Metrics, when used wisely, allow you to make informed decisions about how to grow your open source community and how to better assess its health. But your community is about more than code. Who’s joining and leaving? Who's really active and really helpful? Who should you be encouraging? In this presentation, Jeremy will explain why your metrics should track more than just code. Open source ecosystems are really about people, which is why we're creating a Contributor Relationship Management system. Jeremy Garcia Measure GitHub Repo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:50 00:35 K.4.601 community_karoke Community Karoke Community devroom devroom We'll do community karaoke using not much but a laptop and the mic in the room. If you have a song you want to karoke, tell us where you can find the music online and come prepared to sing. Those who do not wish to sing or listen are welcome to use this time to go have lunch. Laura Czajkowski Leslie Hawthorn Submit feedback 13:25 00:25 K.4.601 community_passing_the_batton_foss_leadership Passing the Baton: Succession planning for FOSS leadership Community devroom devroom As we look at the next horizon for FOSS, we must consider who will take us there. While we have these founders in our midst, we must take the time to do succession planning for free and open source leadership. While sharing of and collaborating on software has been around as long as there's been code, the open source concept and movement only came into being in the late 1990s. There are many who remember a time before open source. Of those, most helped to shape the philosophy, laws, governance, and policies which are the foundation of the free and open source movement we enjoy today. But what happens when these people decide to retire? Who will carry the baton and lead the movement? Thankfully these people are still with us, helping to craft and lead FOSS, but there are very few younger individuals among their ranks. As we look at the next horizon for FOSS, we must consider who will take us there. While we have these founders in our midst, we must take the time to do succession planning for free and open source leadership. This talk will cover: <ul> <li>Succession planning: what it is & why we need it</li> <li>What new leaders must know & learn</li> <li>Steps we can take to develop the FOSS leaders of the future</li> </ul> VM (Vicky) Brasseur Video recording (mp4) Video recording (WebM/VP9) Slides with speaker notes (PDF) Slides without speaker notes (PDF) Internet Archive page for this talk (videos and slides) Submit feedback 13:55 00:25 K.4.601 community_what_can_community_learn_marketing What community can learn from marketing Community isn't marketing but there are things that developer community organisers can learn from marketing. Community devroom devroom It's true, community isn't marketing. But we should adopt and adapt good ideas when they have the power to make us more effective. In this talk I'll look at how both non-commercial and commercial developer communities can use some of those ideas from the world of marketing to create, implement, measure and report on a strategic plan that provides a clear path from newcomer to community leader. Not only that, I'll also show how to measure and then report that effectiveness to commercial sponsors and the community itself. There are three great lessons we can borrow from our friends in the marketing world: <ul> <li>Have a strategic plan.</li> <li>Measure, measure and measure again.</li> <li>It didn't happen unless you told someone.</li> </ul> It's true, community isn't marketing. But we should adopt and adapt good ideas when they have the power to make us more effective. In this talk I'll look at how both non-commercial and commercial developer communities can use some of those ideas from the world of marketing to create, implement, measure and report on a strategic plan that provides a clear path from newcomer to community leader. Not only that, I'll also show how to measure and then report that effectiveness to commercial sponsors and the community itself. If there's a FOSS community that you love and you want to see it become more effective, come and join me in the community dev room. Matthew Revell Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:25 00:25 K.4.601 community_explaining_faq You’ve Got Some Explaining to Do! So Use An FAQ! Community devroom devroom Doing something controversial? Have lots of stakeholders with conflicting needs? Changing course in a way that makes people suspicious or concerned? Write an FAQ! If you can answer the hard questions publicly, honestly, and confidently, you’ll foster trust and build good will even when your audience does not hear the exact answers they want. What’s more, the feedback will give you the input you need to correct any errors you have in fact made. We’ll use real world examples to look at some best practices, including Sun’s comprehensive FAQ for open sourcing Java. Perhaps you’re in a company, trying to engage developers, leverage the FLOSS development model, and participate in communities important for your business. Maybe you’re part of a developer community eager to further your progress, and intent on changing your contract with contributors and downstream users. When you’re in the development and FLOSS world, inevitably you’ll have complicated, controversial, or unpopular news to deliver as things move forward, and skeptics ready to believe the worst! A comprehensive, transparent, honest FAQ document can help in ways you might not expect. In this talk, we’ll look at how to use an FAQ to: o Organize the effort. o Force decision makers and leaders to decide on goals, craft a coherent strategy, and understand and accept the tradeoffs. o Internally sell transparency and scrupulous honesty as essential to success. o Help the legal team be a partner, instead of just saying “no”. o Simplify and accelerate communications and make the Marketing Department an ally. We’ll be using a bit of FLOSS history to illustrate our points - Sun’s Open Source Java Initiative. Java wasn’t always Free Software. By 2005, Sun was making a lot of money with its staunchly proprietary Java platform. Richard Stallman called it a seductive “trap”. Under pressure from FLOSS community leaders to open source Java and turn it into a compelling example of the new model, Sun listened. Those of us on the Java team were just as surprised as the rest of the software world by the announcement. Immediately, the questions started pouring in: Which license? How to encourage and manage contributions? What happens to the brand, and to Java’s “Write Once, Run Anywhere” compatibility promise? How does Sun continue to make money with Java, when the code is out there for anyone to use without paying a fee? Sun didn’t know the answers. And these questions were in the minds of Sun’s customers, competitors, and knowledgeable FLOSS leaders. We needed a way to: o Answer the hard questions consistently and in one place so everyone would know. o Get the whole company on board, including management, lawyers, salespeople, engineers, and marketing personnel. o Communicate the answers successfully to diverse internal and external audiences. o Convince skeptics on both sides that this initiative would succeed in future-proofing Java’s business while keeping the platform relevant and exciting. Thus was born the “Open Source Java FAQ”, which was inspired by an earlier FAQ done for the Debian community, and grew to 200 questions. It would prove to be a key tool in solving these problems. Simon Phipps Rich Sands Original Sun Open Source Java FAQ - as archived by the IcedTea project. Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 14:55 00:25 K.4.601 community_technical_writing_non_writers Technical Writing for Non-Writers Community devroom devroom You need to write (technical) texts now and then? But you are not sure how to structure them, how to phrase your content, or how to best address your readers? This workshop shows you how to optimize texts to make them easier to understand (and translate). Get to know universal principles that can be applied to a wide variety of text types - including release notes, bug reports, error messages, or e-mails. Tanja Roth Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:25 00:25 K.4.601 community_patching_people_side A Bug in Your Ear Patching the People Side Community devroom devroom You notice a bug (problem or opportunity for improvement) and then you put a bug (metaphorical insect) into someone's ear. Most people don't like bugs (actual insects) so have you successfully bugged (bothered) them or have you done A Good Thing? When you find yourself with access to someone who could make things better for people who don't feel comfortable speaking up, how do you use this power in a way that contributes to real improvement without eclipsing other people's input? You also want to make sure that you aren't betraying confidences or triggering backlash to yourself or others. It seems like a tricky line to walk, but with a little diplomacy and lot of benefit of the doubt you can make tangible improvements to your corner of the free software community. You notice a bug (problem or opportunity for improvement) and then you put a bug (metaphorical insect) into someone's ear. Most people don't like bugs (actual insects) so have you successfully bugged (bothered) them or have you done A Good Thing? When you find yourself with access to someone who could make things better for people who don't feel comfortable speaking up, how do you use this power in a way that contributes to real improvement without eclipsing other people's input? You also want to make sure that you aren't betraying confidences or triggering backlash to yourself or others. It seems like a tricky line to walk, but with a little diplomacy and lot of benefit of the doubt you can make tangible improvements to your corner of the free software community. This talk will cover specific trouble-spots like unwelcoming behavior, the "we always done it this way" disease and how to coax your esteemed project lead (read: occasional control freak) into loosening their grip -- at least a little. It's also helpful to implement some solid "nothing's on fire today" systems for maintaining low temperature group dynamics, a culture of openness and transparency around shared goals. For anyone who cares about the success of free and open source software, this work is critical in both the wider community and inside our individual projects. So, what things could we stand to fix around here and what are the best strategies for fixing them? The best way to start a bug report is with a description of the expected or desired behavior. Filing great bug reports on the people side that leave you, your project and the wider community in a better place requires just a little additional finesse. Maybe you'll let me put a bug in your ear about it? Deb Nicholson slides http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:55 00:25 K.4.601 community_oss_in_small_company XWiki: a case study on managing corporate and community interests 14 years of Open Source in a Small Co. Community devroom devroom In this talk we will look at how XWiki SAS has been able over 14 years to build XWiki as Open Source and also launch recently the CryptPad project while keeping an honest community open and a fair Open Source model. What has been the challenges to make this happen and what questions have been asked internally. We will also discuss what criteria are or not compatible with an Open Source project and an fair and honest community oriented process. XWiki: a case study on managing corporate and community interests In this talk we will look at how XWiki SAS has been able over 14 years to build XWiki as Open Source and also launch recently the CryptPad project while keeping an honest community open and a fair Open Source model. What has been the challenges to make this happen and what questions have been asked internally. We will also discuss what criteria are or not compatible with an Open Source project and an fair and honest community oriented process. XWiki is and Open Source software created 14 years ago by Ludovic Dubost and developed under the LGPL licence. The XWiki software is used by thousands of companies to help them organize information. CryptPad, created by the XWiki team in 2016, is a realtime encrypted pad allowing to share information without exposing your content to your cloud provider. Ludovic Dubost XWiki XWiki SAS Cryptpad Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 K.4.601 community_balancing_community_corporate_needs Moby Project and Docker Inc — Balancing community and corporate needs Community devroom devroom Many open source projects are backed by commercial entities and this can lead to complications between the needs of the community and those of the corporations. This can be especially tricky for fast-growing projects where there are competing voices, pull-requests, and directions — all growing exponentially. Docker, Inc. is one such example that created the very popular open-source 'docker engine'. To help meet the needs of both commercial and open-source constituents, Docker announced in April 2017 that the open source work would happen under the banner of the Moby Project. This talk looks at the the different needs that drive an open source project and a product-based corporation. I'll cover what the Moby Project is and how it relates to Docker's commercial products and I'll highlight some of the experiences we had during and after the transition. See slides at: https://speakerdeck.com/amirmc/moby-project-and-docker-inc Amir Chaudhry Moby Project site Docker blog post announcing Moby Project Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 17:00 00:25 K.4.601 community_decision_making_why_how Asynchronous Decision Making - why and how How Asynchronous Decision Making works and why it's essential Community devroom devroom The Asynchronous Decision Making techniques commonly used in open source projects enable efficient remote collaboration, in teams which have no boss, no schedule and often no cultural consistency yet produce world-changing software. This talk describes the key elements and tools of the Asynchronous Decision Making process, based on concrete examples from the Apache Software Foundation and from federated governments, which, interestingly, work in a similar way. We'll reflect on how Asynchronous Decision Making supports the efficiency of our projects, and how to refine it to be even more efficient. If our Open Source projects required synchronous meetings to make decisions, everything would grind to a halt. Even remote digital meetings are very hard to setup in our environments where there's no boss, no schedule, often no common culture and varying expectations and goals. Yet, many our projects produce world-changing software, making many decisions every week without having to interrupt people when they are "in the zone" and without wasting everybody's time with spoken rehashes of things they already know. Our way of making decisions asynchronously obviously works. What are the key tools that enable it, and how can we make the best use of those tools while staying inclusive and keeping the fun level high and aggravation low? In this talk we'll discuss concrete examples of Asynchronous Decision Making at various scales ranging from small projects to the Apache Software Foundation's Board of Directors and to federal governments which use similar techniques. Although we'll focus on software projects, it's interesting to note that these techniques apply to most types of projects, and don't even require computers. Focusing on the key elements and tools will help us get to the essence of Asynchronous Decision Making, which should help us make better use of these techniques in our projects. Bertrand Delacretaz Apache Software Foundation blog post opensource.com article Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:25 K.4.601 community_analyzing_dev_network_community Analyzing developers network in a community Community devroom devroom According to Wikipedia, Community is "a small or large social unit (a group of living things) who have something in common". If we want to analyze any Open Source development community, it's key to understand the relationships of the people that define that community. Open Source communities provide many ways for peers collaboration beyond participation in forums and mailing lists. In any case, people graph or network analysis is one the methodologies used for social interaction analysis. During this talk, I'll show social network analysis with a free, open source software Kibana <a href="(http://dlumbrer.github.io/kbn_network">plug-in</a> integrated in <a href="http://grimoirelab.github.io">GrimoireLab</a>. I started this project during my degree thesis, 6 months ago, and once it was released everything has changed. People started to download the plugin and contribute to it. Now, the repository hosting the plugin has more than a hundred thousand clones and a hundred of daily visits. The talk will show how to use the <a href="http://dlumbrer.github.io/kbn_network">Network plugin</a> in order to analyze open source projects. I'm going to show data retrieved from an open source project and I will show that with differents types of networks/graphs. This <a href="http://dlumbrer.github.io/kbn_network">Kibana Network plugin</a> has, as the main aim, the integration of visualization systems of social networks in complex systems of visualization and data interaction based on open source. It relies on Kibana as a complex system of data visualization and ElasticSearch as the database. In order to integrate these visualization systems, a Kibana plugin has been developed to visualize this data in a social network way. The plugin is an open source project, uses open source libraries, and it is completly integrated in Kibana (using its components). Hence, it's integrated in GrimoireLab to allow social network analysis in open source development communities. The talk will show how to use, and create graphs with it. I will show how to import open source project data (e.g., commits, usernames, repositories, organizations, etc.) to ElasticSearch form GitHub (or other sources) using <a href="https://grimoirelab.github.io">GrimoireLab</a>. I will build a graph visualization from scratch, showing its features and usability. You will see how simple it is to create a network that relates users with repositories, organizations, etc. in order to show how a community is related in their own projects. Finally, the talk will explain how a graph/network can be integrated into a dashboard with other visualizations, and how to deal with real time data and filters in order to show what it's happen in the community instantly. Since I started its development, many people contributed, tested and downloaded it. As a consequence, the plugin has evolved and adapted to the community needs. The plugin has had a big impact in the ElasticSearch and Kibana community, and currently it has more than a hundred thousand clones and it receives a hundred of daily visits. Kickstarting and managing this open source project has been a great experience for me, and now I understand more how to contribute, get involved and improve a project in a big open source community. And I hope you can find it useful for your communities too. <ul> <li><a href="http://dlumbrer.github.io/kbn_network">Network plugin</a></li> <li><a href="https://github.com/dlumbrer/kbn_network">Network plugin Repo</a></li> <li><a href="https://grimoirelab.github.io">GrimoireLab</a></li> </ul> David Moreno Network plugin Network plugin Repo GrimoireLab Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:25 K.4.601 community_cooperative_communities Cooperative Communities Do we really have to set up a new community for every cause? Community devroom devroom This talk will explore mistakes everyone makes when trying to bring one or more communities together. Instead of starting from scratch, and creating a new community for every single cause, this talk will explore how existing communities can be brought together, if there is room for cooperation between projects and if the founders are ready to set their egos aside. It be based on the case study of the Social-Digital Innovation Initiative, which aims at bringing social good and tech together, also through communities. Bringing communities together worldwide is hard, and it's especially hard to bring two completely different communities together. We at the Social-Digital Innovation Initiative are doing it step by step, country by country, region by region, trying to build bridges between people trying to solve social problems (i.e. social entrepreneurs - the word social doesn't refer to social networks here) and those who know how tech could help. All this happens offline at barcamps and online, on our discourse. But is this really the most efficient way? Do you always have to set up a new community for a cause or a project? Or is it inevitable because people need to feel like they belong - and projects need to measure their impact? What if we stopped trying to set up communities for each and every little project, put the founders' egos aside and teamed up? Could we bring existing communities together cooperatively and help them cross-pollinate? Regina Sipos http://discourse.sdinnovation.org Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:25 00:25 K.4.601 community_why_people_dont_contribute_to_your_project Why People Don't Contribute To Your Open Source Project Community devroom devroom How to help users progress from filing bad issues to filing good issues to making simple contributions to making complex contributions to maintaining your open source project. Talks about the open source contribution funnel through which people progress and the best tips for maintainers and contributors to attract and retain more of them on a given project. Mike McQuaid Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:55 00:05 K.4.601 community_devroom_closing Community DevRoom Concluding Remarks Community devroom devroom In which Leslie and Laura provide the concluding remarks for the day. Laura Czajkowski Leslie Hawthorn Submit feedback 10:30 00:30 UA2.118 (Henriot) mozilla_state_moss Mozilla Open Source Support (MOSS) How Mozilla is helping open source projects like yours Mozilla devroom Please note that this talk has been cancelled as Gervase Markham is no longer able to attend due to sickness. Our apologies for this inconvenience. Mozilla Open Source Support (MOSS) is Mozilla's program for supporting open source projects financially and with security audits. Find out about our successes so far, and how you can apply for help for your project. There are 3 main tracks in MOSS - "Foundational Technology" for projects Mozilla already uses, "Mission Partners" for projects doing work in line with Mozilla's mission, and "Secure Open Source", where we provide professional code-read security audits for key pieces of open source software. So if your software is used by Mozilla in any way (part of Firefox, deployed in our infra, used on desktops, or any other way you can think of), or if your project does something you think furthers Mozilla's mission (check the manifesto, and our current work and where we are focussed), and money would help you do what you do better or faster, you should find out about MOSS and consider applying. We don't accept applications directly for the Secure Open Source track, but you are welcome to come and make your case to the presenter as to why giving your project a free code-read security audit from a professional audit firm would make the world a better place. So, come to the presentation to find out about our successes so far, our plans for the future, and how you can apply for help for your project. Gerv Markham Main MOSS website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 UA2.118 (Henriot) mozilla_creating_inclusive_teams_tech Creating Inclusive Teams in Tech Skills that could transform your teams Mozilla devroom In order to retain talent in teams one important thing that has to exist is the feeling of belonging, and that can manifest itself through creating an inclusive atmosphere at work. The world is evolving into a global village. Various tools and products enable collaboration with people across the world. While this is a great thing that we should consider a blessing, the associated exchange of diverse ideas comes with some challenges. Join me to find out some of the key skills that could transform your team into a more inclusive place. Gloria Dwomoh Submit feedback 11:30 00:30 UA2.118 (Henriot) mozilla_webextensions_api_status_fx57 WebExtensions API status after Firefox 57 Mozilla devroom An year ago I done a talk about WebExtensions and how much they are a cool, a year later and after Firefox 57/Quantum what is waiting to devs and users of the most customizable browser? Let's see together what is happened and what is coming to us! Starting from the actual APIs, what you can do right now, what is missing and how you can help to improve the extensions API. Daniele Scasciafratte Slide Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 01:00 UA2.118 (Henriot) mozilla_tour_firefox_developer_tools A tour with Firefox' developer tools Mozilla devroom A lot happened in Firefox' devtools this year. Follow along with us for a tour of what changed this year, and how you can help ! This talk will be split in 2 parts: <ol> <li>This will be a general tour about the tools: what happened this year. This part will be more focused on the console, the inspector, the netmonitor, the debugger. (by Nicolas Chevobbe, developer in the Console)</li> <li>How to read a performance profile recorded with the Gecko Profiler, using perf-html.io. (by Julien Wajsberg, developer for perf.html)</li> </ol> Julien Wajsberg Nicolas Chevobbe Link to the slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 UA2.118 (Henriot) mozilla_tomorrows_js_debugger Tomorrow's JavaScript Debugger How to shape your own JS debugger in 2018 Mozilla devroom These days, Mozilla is rewriting Firefox's devtools using a new and shiny technology stack. Anyone can join easily - the code is on Github, and it's just a matter of 2 commands in your terminal to get a local debugger running! The debugger is universal - it can debug any browser, node and mobile. The feature list is innovative and aimed to be the best debugging experience for React, Angular, Ember, RxJS and more types of apps. In addition, making contribution to the debugger together with top notch developers from all around the world is an exciting experience! By the end of this talk you will have the tools to get into hacking on Firefox's debugger. I will introduce architecture and process of development, and make you feel comfortable to approach a world class open source project, and become a contributor to tomorrow’s JavaScript debugger. Amit Zur Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:30 UA2.118 (Henriot) mozilla_story_firefox_quantum Making a browser fast The story of Firefox Quantum Mozilla devroom Making a browser fast will speak about the numerous changes that happens under the hood of Firefox during 2017 and how Mozilla made his browser much more reactive to the user. This presentation will explain how a browser works, then go into more details about: - Quantum Compositor - Quantum Style (Stylo) - Quantum Flow and will explain in details some of the major changes that happens under the hood of Firefox during 2017. Jean-Yves Perrier Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:30 UA2.118 (Henriot) mozilla_how_ship_quality_software Firefox: How to ship quality software 8000 new patches, a release every 6 weeks, how Mozilla does it? Mozilla devroom Developed by a huge community of developers and users, Firefox is one of the biggest software ever created. In every release, a crazy number of patches (~8000) lands into the code base. The changes can be C, C++, Java, Rust, Javascript, XML, HTML, CSS, etc. In order to avoid regressions, over years, Mozilla created a number of tools, method and process to make sure the release in a good shape at release day. This talk will present the various strategy deployed to reach the best quality possible. We will present a wide range of techniques like manual QA, automated tests, code coverage, static analysis, fuzzers, crash detection and managements, etc. Sylvestre Ledru Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 UA2.118 (Henriot) mozilla_photon_performance Photon Performance How We Made Firefox Faster Mozilla devroom I'll share things we've learned while working on improving browser front-end performance. Techniques, best practices, what to definitely avoid, etc. There won't be a deep dive into any specific tool, but examples of how we measured performance and avoided / eliminated regressions during the Quantum / Photon development cycle, and what things we learned along the way. Florian Quèze Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:30 UA2.118 (Henriot) mozilla_future_internet The future of the internet from a Mozilla perspective Brought to you by Mozilla's executive chairwoman Mozilla devroom Mitchell Baker, executive chairwoman of the Mozilla Foundation and Mozilla Corporation, will share the organization's vision on the future of the internet. Mitchell Baker Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:30 UA2.118 (Henriot) mozilla_web_faster_js_binary_ast Making the web faster with the JavaScript Binary AST Mozilla devroom Large websites and webapplications commonly provide pages that require loading of Megabytes (sometimes tens of Megabytes) of JavaScript code. That's bad both for the network and for the loading speed of the page. While source code minifiers can help, they make the code harder to read and debug, and sometimes slower to load. The JavaScript Binary AST is an ongoing work to extend the JavaScript Virtual Machines with a novel compression format that should make the code both smaller and faster to parse, without making it hard to read and debug. We'll present the JavaScript Binary AST, as well as the tradeoffs we need to make between parsing speed and file size to guarantee safety and make it compatible with future versions of JavaScript. David Teller Blog description Slides (Markdown) Slides (formatted) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 UA2.118 (Henriot) mozilla_mdn_browser_compat_data_project The MDN Browser Compat Data Project Mozilla devroom The MDN team is creating a rich data set for browser compatibility information at https://github.com/mdn/browser-compat-data Learn how you help curating this data and where it could be embedded. Florian Scholz https://github.com/mdn/browser-compat-data Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 UA2.118 (Henriot) mozilla_beyond_screen Beyond the screen WebXR: when immersive content enters the Web Mozilla devroom VR works on the web and it takes 10 lines of pseudo HTML to start, it IS that simple. Yet, that's not enough, you might not just want to make a web page immersive, you might want to pull 3D interactive and animated content outside of your screen. This and more is what the new WebXR specifications is all about! During this short lecture you will discover how simple it is to make VR or AR experiments. Yes you might need to code but you might quickly discover that this is just an excuse to learn on pretty much any topic! From programming to 3D to mathematics to spacial sound... as long as you can quickly test your result (which is very simple with the web) then each little step becomes an exciting exploration. Fabien Benetou (Utopiah) Slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:30 UA2.118 (Henriot) mozilla_deepspeech_common_voice_projects Mozilla's DeepSpeech and Common Voice projects Open and offline-capable voice recognition for everyone Mozilla devroom The human voice is becoming an increasingly important way of interacting with devices, but current state of the art solutions are proprietary and strive for user lock-in. Mozilla’s DeepSpeech and Common Voice projects are there to change this. In contrast to classic STT approaches, DeepSpeech features a modern end-to-end deep learning solution. Based on Baidu's Deep Speech research paper, it trains a model by machine learning techniques. This model directly translates raw audio data into text - without any domain specific code in between. To train systems like DeepSpeech, an extremely large amount of voice data is required. Most of the data used by large companies isn’t available to the majority of people. That's why Mozilla launched Common Voice, a project to help make voice recognition open to everyone. Introduction (10 min) Talk: - A short history of automatic speech recognition (ASR) - What is the motivation behind project DeepSpeech? - How does DeepSpeech work? - How good is DeepSpeech compared to other solutions? Using DeepSpeech (10 min) Demo: - How to voice-enable a project using DeepSpech - How to translate audio data into text - Looking into the demo code About data (10 min) Talk: - What kind of data is required to train a model? - Which corpora are we currently using to train our models? - Common Voice: What is it and how to contribute? - Unboxing first version of Common Voice corpus Demo: - How to import (corpus) data - How to create a simple corpus from own samples - How to augment samples with noise Training a DeepSpeech model (10 min) Talk: - How does training work? - What are train, dev and test data-sets used for? - What are the required software components? - What are the hardware requirements? Demo: - How to train a simple model Roadmap (5 min) Talk: - What's our roadmap for 2018+? Q&A (15 min) Tilman Kamp Homepage of the DeepSpeech project Common Voice landing page Common Voice corpus download page Mozilla Reaserch Machine Learning homepage Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:30 00:30 UA2.118 (Henriot) mozilla_moving_policy_to_action Moving from policy to action: Learning to live by our Community Participation Guidelines Mozilla devroom Discussion of how and why we've revised our Community Participation Guidelines and how you might want to revise your own community guidelines or codes of conduct too. Larissa Shapiro Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:30 UA2.118 (Henriot) mozilla_eu_copyright_reform_end_floss The current EU copyright reform proposal: the end of FLOSS in Europe? Mozilla devroom The current EU copyright reform proposal puts pressure on platforms to monitor and filter all content, including uploaded FLOSS software, for copyright infringement (article 13), proposes a new 20-year license for news snippets (article 11), and limits who can access datasets -- including open data. Any of these would be terrible outcomes. Let's demand better copyright reform. “In the near future, it will become possible to book a commercial space flight — a sub-orbital trip to any destination you like. Think of how complex the laws will have to be when space flight goes from something done only by a few, to anyone, and eventually everyone. Now imagine if we decided to govern that industry by taking the Highway Traffic Act and adding the words “in space”. This is a lot like how we’ve updated copyright law for the web. Mostly, we just took the old law, and added the words “digital” and “online”. And that's worked out just about as well as you’d expect it to." (Ryan Merkley, CEO of Creative Commons) The current EU copyright reform proposal puts pressure on platforms (which is badly defined, so includes sites like Gitlab, Github and SourceForge) to monitor and filter all content for copyright infringement (article 13), proposes a new 20-year license for news snippets (article 11), and limits who can access datasets -- including open data. Any of these would be terrible outcomes. Let's demand better copyright reform. In this session, representatives from Mozilla's Policy team will tackle the following questions: <ul> <li>What's happening with the EU Copyright Reform?</li> <li>How will Articles 11 + 13 affect the Internet experience in Europe?</li> <li>How will the proposed reform affect the FLOSS ecosystem in Europe? The rest of the world?</li> <li>Why is this happening?</li> <li>What is Mozilla doing about it, and what can we do about it?</li> </ul> Why should you care? Because we believe in "default open"; because we want to grow the open source community, and because the internet continues to be in danger of being ruled by politics. (Disclaimer: we won't be discussing the right of governments or the EU Parliament to propose or enforce internet regulation. We're working within the existing system, not against it at the moment.) Please note that this talk was originally scheduled to be given by Melissa Romaine who is no longer able to attend. It will now be given by Giannis Konstantinidis and Gervase Markham. Giannis Konstantinidis Gerv Markham Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:30 00:30 UA2.118 (Henriot) mozilla_bugmark Bugmark a futures market for software bugs and tasks, on the blockchain Mozilla devroom Bugmark is a market that connects people who want better software to people who can build it. In order to make open collaboration more effective, we are using simple market mechanisms to add incentives to do useful work. With Bugmark, users can: <ul> <li>Put financial value directly in the hands of the people who can fix the software issues that are most important to you.</li> <li>Discover which issues really matter to yoru project's users.</li> <li>Work with open source practices and not against them. Solve part of a problem and still get paid, instead of contending to claim credit for a bounty payment.</li> </ul> Don Marti Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 02:00 UB2.147 cert_bsdcg BSDCG Exam Session Certification certification The BSDA certification is designed to be an entry-level certification on BSD Unix systems administration. Testing candidates with a general Unix background and at least six months of work experience as a BSD systems administrator, or who wish to obtain employment as a BSD systems administrator, will benefit most from this certification. The successful BSDA candidate is able to complete common administrative and troubleshooting tasks and has a good understanding of general BSD Unix and networking principles. In addition, the successful candidate demonstrates basic skills with these BSD operating systems: Dragonfly BSD, FreeBSD, NetBSD and OpenBSD. This does not mean that the candidate needs to learn the complete details of four operating systems. It does mean that the candidate is aware of the basic utilities common to these operating systems, and where specified in the exam objectives, of features unique to some of the BSD operating systems. BSDCG Team Submit feedback 13:00 02:00 UB2.147 cert_lpi_1 LPI Exam Session 1 Certification certification <h3>LPI offers discounted certification exams at FOSDEM</h3> As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost 50% discount. For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>. LPI Team Submit feedback 15:30 02:00 UB2.147 cert_lpi_2 LPI Exam Session 2 Certification certification <h3>LPI offers discounted certification exams at FOSDEM</h3> As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost 50% discount. For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>. LPI Team Submit feedback 10:30 00:45 UB2.252A (Lameere) vai_convergence_of_virt_and_container Convergence of your virtualization and container infrastructures with KubeVirt Virtualization and IaaS devroom In order to run containers and virtualization, admins need to take care of two infrastructure stacks. KubeVirt is one way to converge both stacks. Virtualization is here, and Containers are on the rise. And Admins are having fun because they need to take care of two infrastructure stacks. Sometimes they are built on each other, but that effectively leaves you still with two control planes and APIs, one for containers and one for virtualization. How would it be if you could manage your containers and VMs through the same API, and both of them would share the same infrastructure? Single API to perform automation, no need to duplicate monitoring, logging and authentication management. It’s the same if you add KubeVirt to a Kubernetes cluster, in order to teach it to run virtual machines. This talk is about the idea by and implementation of KubeVirt the virtualization API and runtime for Kubernetes. Fabian Deutsch github.com/kubevirt Submit feedback 11:15 00:45 UB2.252A (Lameere) vai_kvm_on_hyperv A slightly different nesting: KVM on Hyper-V Virtualization and IaaS devroom This may come as a surprise but it is already possible to run nested KVM inside Hyper-V VMs (and this includes several instance types on Azure). Such workloads, however, may not always perform very well. Some limitations come from x86 architecture and conceptual differences between KVM and Hyper-V, other issues could be dealt with within KVM. In this talk Vitaly will go through different performance bottlenecks of nested KVM-on-Hyper-V deployments. The presentation will mainly be focused on low-level features: hardware support for nested virtualization, clocksources and clockevents, virtual device drivers. Benchmark data and general thoughts on the usefulness of such deployments won't be missing too. In the talk Vitaly will try to highlight challenges in heterogeneous nested virtualization, namely the current status, issues and future work for running KVM on top of Hyper-V. The talk is intended for everyone interested in virtualization technologies. Less experienced people may learn about the very basics of virtualization in nested environments (and, actually, virtualization in general), experienced developers may find something interesting in learning about 'non-traditional' nesting, review the suggested approaches or even suggest a solution. Vitaly Kuznetsov Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:45 UB2.252A (Lameere) vai_ovirt_openstack_k8s_schedulers Will it blend? Comparison of oVirt, OpenStack and Kubernetes schedulers Virtualization and IaaS devroom This talk should explain the internal mechanisms and differences between three schedulers that are currently used to plan workload placements in today’s datacenters and clusters. The scheduling part of cluster management is commonly perceived to be complicated and close to dark magic. My goal is to describe the really simple concepts all three schedulers are based upon. I will then focus on the significant differences and strong and weak points of each of them in hope that I will uncover features worth of sharing between schedulers. This talks should shed some light on how cloud and cluster scheduling works and facilitate the idea exchange in the scheduling area; both in the developer community and between developers and users. Martin Sivák Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:45 00:45 UB2.252A (Lameere) vai_securing_embedded_systems Securing Embedded Systems using Virtualization Virtualization and IaaS devroom Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach. Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach. The topic will cover content such as: * Why virtualisation in embedded * Hypervisor architectures on ARM and a quick roundup of examples * Relevant security technologies * Specific requirements for embedded systems * Example usage of FOSS based hypervisors in embedded * Challenges such as safety certification and how this may be approached Lars Kurth Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:45 UB2.252A (Lameere) vai_power_of_unikernels Unleashing the Power of Unikernels with Unikraft Virtualization and IaaS devroom Unikernels have been shown to provide incredible performance benefits, including boot times of a few milliseconds, low CPU utilization, throughput in the range of 10-40 Gb/s and memory footprints of a few MBs or even KBs, to name but a few metrics. The clear downside is development time: it can take several months or longer to produce a working, optimized unikernel, and up until now, the process needed to be repeated for each target application. There was no shared research and development on the building and creation of unikernels. In this presentation we will introduce Unikraft, a new, open source Xen Project sub-project under the auspices of the Linux Foundation that seeks to automate the development process for unikernels. Unikraft decomposes operating systems and libraries into elementary modules called libraries (e.g., schedulers, memory allocators, drivers, filesystems, network stacks, etc) and then allows users to quickly pick and choose, through a menu, which components to use when building a unikernel. Once done, Unikraft builds one image per target “platform” (e.g., Xen, KVM or Linux user-space), severely reducing unikernel development time. We will show a brief demo on how to use Unikraft, and cover the basics of the system including how to contribute to it. We have spent quite a bit of our time over the last few years developing unikernels – specialized virtual machine images targeting specific applications. We have been particularly interested in them since because of their fantastic performance benefits: tiny memory footprints (hundreds of KBs or a few MBs), boot times comparable to those of processes, and small migration times, to name a few metrics. Despite the fact that this work and work from several others is proof of their potential, unikernels have yet to see massive adoption. One of the main showstoppers is development time: for instance, developing Minipython [4], a MicroPython unikernel, took the better part of 3 months to put together and test. ClickOS [5], a unikernel for NFV, was the result of a couple of years of work. What’s particularly bad about this development model besides the considerable time spent is that each unikernel was basically a “throwaway”: every time we wanted to create a new unikernel targeting a different application, we would start more or less from scratch. One thing we did do to try to re-use the work a bit more was to create a separate repo consisting of a “toolstack” that would contain functionality useful to multiple unikernels, mostly platform-independent versions of newlib and lwip (a C library and network stack intended for embedded systems). That got us thinking that we should take that a (much bigger) step further: wouldn’t it be great to be able to very quickly choose, perhaps from a menu, the bits of functionality that we want for a unikernel, and to have a system automatically build all of these pieces together into a working image? It would also be great if we could choose multiple platforms (e.g., Xen, KVM, bare metal) without having to do additional work for each of them. The result of that thought process is Unikraft. Unikraft decomposes operating systems into elementary pieces called libraries (e.g., schedulers, memory allocators, drivers, filesystems, network stacks, etc.) that users can then pick and choose from, using a menu, to quickly build images tailored to the needs of specific applications. Simon Kuenzer Unikfraft sources Tech Blog Wiki Webpage Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:15 00:45 UB2.252A (Lameere) vai_leveraging_sdn_for_virtualization Leveraging Software Defined Network for virtualization Virtualization and IaaS devroom Software Defined Networking seems to be a natural fit for virtual data centers. Centralized management along with flexibility and speed of provisioning are traits of both virtualization and SDN. The oVirt team aims at making this a reality with OVN, a new network virtualization extension to Open vSwitch. The integration is accomplished by the "network provider for OVN", which uses OVN through an OpenStack Neutron-like API, allowing the use of OVN through Neutron abstractions. This concept is already being used in the oVirt project, and there's work in progress to implement it in the ManageIQ project The session will look into utilising Software Defined Network concepts in a virtualization project through the oVirt perspective. The presentation will consist of 4 parts: - What is SDN and OVN - Overview of the network provider for OVN - Overview of how the provider is used in oVirt - Live demo: OVN in oVirt Marcin Mirecki Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:45 UB2.252A (Lameere) vai_keeping_it_realtime Keeping It Real (Time) Real-Time Support in OpenStack Virtualization and IaaS devroom Real-time in OpenStack is a thing now. Let's explore what this actually looks like to a user, and (in brief) how it works under the hood. Since Juno, OpenStack projects like nova have been on a steady march towards adding the features and capabilities that users with NFV and HPC workloads really need from their cloud. The latest of these nova features builds upon earlier work to finally make real-time workloads in an OpenStack cloud a reality. In this talk, we take a peek under the nova hood to see how this feature works and how it ties into earlier work in this area (hint: KVM + libvirt do most of the heavy lifting). We then demonstrate why this matters and how you can use this feature and others like it in your own applications. Stephen Finucane Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:45 00:45 UB2.252A (Lameere) vai_distributed_file_storage Distributed File Storage in Multi-Tenant Clouds using CephFS Virtualization and IaaS devroom OpenStack deployments are increasingly embracing distributed file storage solutions for virtual servers to provide fault-tolerance, mobility, and shared state between servers. The Ceph distributed file system (CephFS) has taken aleading role in providing this as a cache-coherent, horizontally scalable, and POSIX-compatible file store for OpenStack operators, leveraging Ceph's dominance and flexibility in OpenStack deployments where it already provides object and block storage solutions. The OpenStack Shared File Systems service, Manila, provides a modular framework for securely exporting file shares to tenants in the cloud. In this session we will describe how Manila has been extended to support export of shares backed by CephFS via the NFS protocol to tenant VMs. We’ll discuss reasons for using NFS instead of or in addition to doing native CephFS exports and cover current and planned approaches to such issues as multi-tenancy, performance, and scale out of services. This talk will be of immediate practical interest to cloud operators who have or are planning use Ceph clusters for object and block storage and want to use the same cluster for shared file services as well as to those more generally interested in Manila, distributed file systems, or Ceph evolution. OpenStack deployments are increasingly embracing distributed file storage solutions for virtual servers to provide fault-tolerance, mobility, and shared state between servers. The Ceph distributed file system (CephFS) has taken a leading role in providing this as a cache-coherent, horizontally scalable, and POSIX-compatible file store for OpenStack operators, leveraging Ceph's dominance and flexibility in OpenStack deployments where it already provides object and block storage solutions. The OpenStack Shared File Systems service, Manila, provides a modular framework for securely exporting file shares to tenants in the cloud. In this session we will describe how Manila has been extended to support export of shares backed by CephFS via the NFS protocol to tenant VMs. We’ll discuss reasons for using NFS instead of or in addition to doing native CephFS exports and cover current and planned approaches to such issues as multi-tenancy, performance, and scale out of services. This talk will be of immediate practical interest to cloud operators who have or are planning use Ceph clusters for object and block storage and want to use the same cluster for shared file services as well as to those more generally interested in Manila, distributed file systems, or Ceph evolution. Patrick Donnelly Patrick Donnelly is a software engineer at Red Hat, Inc. working as the project team lead for the Ceph distributed file system. In 2016 he completed his Ph.D. in computer science at the University of Notre Dame with a dissertation on the topic of file transfer management in active storage cluster file systems. He has given talks at conferences including IEEE CCGrid, IEEE CloudCom, IEEE/ACM Supercomputing, and LinuxCon Vault. Ramana Raja Ramana Raja is an upstream contributor currently working on integrating CephFS with OpenStack Manila. He's been involved in the Manila project since the Juno release. Besides the OpenStack project, he's contributed to other popular open source projects such as Ceph and Gluster. Victoria Martinez de la Cruz Software engineer at Red Hat, FOSS passionate and tech in general enthusiast. Former Zaqar and Trove core reviewer. Currently working on Manila. OpenStack Outreachy and Google Summer of Code coordinator. Eager to learn about new technologies, to contribute to different open-source projects and to get new people involved with open-source philosophy. Tom Barron Tom leads the Red Hat OpenStack Platform Manila development team and is a leader and active core core team member in the upstream Manila development community. He started working on OpenStack Cinder during the Juno release and maintains a keen interest in cross-project initiatives. Today he focuses on hardening Manila as an enterprise quality orchestration and abstraction layer regardless of the storage back ends used, and on helping enable use of CephFS to provide a 100% open source distributed file system solution with Manila for open source clouds. John Spray Christian Schwede Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:45 UB2.252A (Lameere) vai_pci_emulation Moving PCI emulation inside of Xen Reasons and implementation of a PCI emulation layer inside of Xen Virtualization and IaaS devroom The talk will explain the reasons of the ongoing work to add PCI emulation support inside of Xen. This purpose of the PCI emulation layer is to allow passthrough of PCI devices from Xen to guests without involving a third entity in the system (so far this was done using QEMU). This should allow transparent PCI passthrough to guests without requiring a QEMU device model. Roger Pau Monné Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:15 00:45 UB2.252A (Lameere) vai_qemu_in_uefi QEMU in UEFI Virtualization and IaaS devroom UEFI is a firmware specification created by Intel with portability in mind. The UEFI way of doing that was to provide special UEFI byte code (EBC). Unfortunately nobody really cared so compiler, firmware support and providers of EBC option roms ceased and basically every UEFI option rom today contains native x86(_64) machine code. If you now want to plug a PCIe card into your shiny ARM server, that means even though firmware would be compatible it still can't execute the option rom. Until you add QEMU to the mix. Join me in exploring the depth of UEFI binary interfaces, marshalling between different architecture's function call ABIs on the fly and learn how to integrate all of this into a working firmware, running on real hardware, driving a real PCIe adapter. UEFI is a firmware specification created by Intel with portability in mind. The UEFI way of doing that was to provide special UEFI byte code (EBC). Unfortunately nobody really cared so compiler, firmware support and providers of EBC option roms ceased and basically every UEFI option rom today contains native x86(_64) machine code. If you now want to plug a PCIe card into your shiny ARM server, that means even though firmware would be compatible it still can't execute the option rom. Until you add QEMU to the mix. Join me in exploring the depth of UEFI binary interfaces, marshalling between different architecture's function call ABIs on the fly and learn how to integrate all of this into a working firmware, running on real hardware, driving a real PCIe adapter. Alexander Graf slides (interactive) slides (PDF) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:45 UB2.252A (Lameere) vai_affordable_vdi Keys to deploy affordable virtual desktops with IsardVDI VDI solution from scratch optimizing all components while lowering costs Virtualization and IaaS devroom We decided to build one solution from scratch that fully adapts to our needs and lets us take control over all layers involved. We tuned network, storage, hypervisors performance and viewers, focusing in desktops templates quick deployment. In this talk we will focus on the experience over the past years developing our own VDI system that brings virtualization at Escola del Treball in Barcelona with over 1k users and 2k desktops created. We had a low budget so we used gaming hardware and cheap second hand hardware that we had to optimize. IsardVDI is an open source project that is currently deploying desktops quickly while using low cost servers and network infrastructure. We had to optimize that hardware, from storage IOPS to real time UI events, while keeping in mind network traffic and system reliability. We use NVME to do write-cache, 10 Gbps copper networks, gaming mainboards, mainstream processors, raspberry pi and old computers as thin clients. We built NAS in cluster systems with pacemaker and drbd, incremental qcows disk storage to lower storage footprint. Hypervisor statistics about use and resource consumption brings orquestration oriented to desktop performance. IsardVDI can be quickly deployed with docker containers. Some of the technologies used are Libvirt, Spice, EnhanceIO, Pacemaker, DRBD, Python3, WebSockets, RethinkDB, ... Josep Maria Viñolas repo website videos Presentation in RedIRIS (national research and education network for Spain) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:40 UD2.119 opensource_idm_in_enterprise Migrating to Red Hat IdM in a large Linux Environment Identity and Access Management devroom This talk will discuss how Red Hat IT is moving from a centralized LDAP and kerberos setup to a Red Hat IdM setup for all of our Linux users and hosts. As you'd expect, Red Hat IT has a very large Linux user base. For over a decade our associates have relied on Red Hat Directory Server (standard LDAP), MIT kerberos and some homegrown automation for most of their identity information and authentication. As we've grown overtime we have desired a more integrated and featureful solution. Red Hat IdM/FreeIPA is this solution. This talk will go over what our old infrastructure was and what we are moving to. More importantly, it will cover all the snags we've hit along the way and what we did about them. Dustin Minnich Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:30 UD2.119 idm_aedir Æ-DIR -- Authorized Entities Directory from paranoid user management to secure system management Identity and Access Management devroom This talk will introduce Æ-DIR, a paranoid identity and access management (IAM) system based on pure OpenLDAP. The talk will detail the data model used for delegated administration and its use e.g. for a strictly authorizing SSH proxy. Furthermore it introduces OATH-LDAP, a OATH-based OTP authentication system with pure LDAP backend and the enrollment process used for secure initializing yubikey tokens. The conclusion of the talk will highlight want else will be done with the data and role model in the near future. Æ-DIR and OATH-LDAP are free software projects. This talk will present a concept and real-world implementation of a privileged identity and access management system (IAM, PAM) purely based on OpenLDAP. The main goal of Æ-DIR (besides challenging Unicode handling in various software with its name) is to follow the delegation, need-to-know and least-privilege principles as strict as possible. The visibility of user, group, sudoers, etc. is limited by OpenLDAP’s set-based ACLs. All systems and services, no exception(!), have to individually authenticate to be authorized to access Æ-DIR. The talk will give some additional information about the secured base configuration of OpenLDAP, tools developed and some experiences made when migrating/attaching 7000+ servers to this user management. Furthermore the architecture of a SSH gateway is shown which uses the very same access control data to authorize SSH connections passing through the gateway. Finally the talk will outline some additional to-dos, and rough ideas how to further develop this system. OATH-LDAP defines a schema, a functional model and a LDAP-based enrollment for OATH-based authentication tokens. It is designed to be used with any LDAP server, but especially is ready-to-use integrated with Æ-DIR. It is actually used combined with a highly secure enrollment process (no QR code displayed!) for two-factor HOTP authentication with yubikey tokens. Michael Ströder Æ-DIR -- Authorized Entities Directory OATH-LDAP -- OATH-based authc with LDAP backend Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:50 00:30 UD2.119 ansible_freeipa freeIPA installation using Ansible Description and examples of freeIPA client and server installations using ansible-freeipa. Identity and Access Management devroom The talk will describe freeIPA client and server installations using anisble-freeipa with examples. The client installation and configuration using ansible-freeipa provides some simplifications and extensions of the normal installation process like for example the possibility to install several clients, a simple use of one time passwords, enhanced server discovery and also the repair mode. The server installation and configruation part is currently work in progress, but should be complete for the talk. Thomas Woerner ansible-freeipa github repo http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:25 00:30 UD2.119 keycloak Easily Secure Your Front and Back End app with Keycloak Identity and Access Management devroom A presentation of the Open Source IDM server : Keycloak. Some slides to give the big picture followed by a live coding session where we will set up a keycloak server and then secure a front app and some backend ends applications. Sébastien Blanc Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 UD2.119 idm_midpoint Identity governance and data protection with midPoint Identity and Access Management devroom This talk will present new data protection and identity governance capabilities of midPoint. MidPoint is open source identity management (IDM) and identity governance (IGA) system. MidPoint has all the features of a traditional identity management system. However, this talk will focus on data protection and identity governance. We will explain what identity governance is and how it can handle the challenges of data protection legislation such as European GDPR regulation. We will show how to use midPoint to set up identity management and governance policies and how midPoint can be used to maintain them in the long run. The talk will show how to manage data protection, entitlements and security policies in one unified system and how to consistently apply that to employees, students, contractors ... and all other identities in all your systems. This talk is intended for identity administrators, security officers and all security practitioners in general. Overall goal: Overview of midPoint as an open source identity management and governance system. Especially focused on the governance part, as that is very unique in the open source world. Demonstration how midPoint can be used for data protection (e.g. GDPR). <ul> <li>Very quick overview of midPoint - what it is, a bit of history, etc.</li> <li>Basic demonstration of RBAC, role request process, approval and so on. Just few minutes to warm up the audience and get everybody at the same level of understanding of the IDM basics.</li> <li>Identity governance: Explanation of how midPoint policy rules and data protection scopes work. How they can be used to set up data protection policies (such as GDPR lawful basis management). Little bit of theory. But mostly practical.</li> <li>Short demonstration of the policy set up in midPoint. E.g. show how midPoint can report the problems with GDPR compliance.</li> </ul> MidPoint is a comprehensive open source IDM system. Project is running since 2011 and it is very active: https://github.com/Evolveum/midpoint Katarina Valalikova and Radovan Semancik are both core developers of midPoint. Expected duration: 40+10min Radovan Semancik Katarina Valalikova midPoint home midPoint GitHub page Evolveum Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:35 00:30 UD2.119 hashicorp_vault Implementing a safe and auditable access to customer instances of your SaaS for the support staff with HashiCorp Vault Identity and Access Management devroom SaaS are for a lot of us an unavoidable part of our day to day workflows. Unfortunately, sometimes things goes wrong and you need an hand from the support team to get you back on track. This talk will explore how, as a SaaS provider, you can implement an access to independent customer instances for your support staff and guarantee accountability and auditability using only free software tools like HashiCorp Vault. A rough outline of the talk would be: * Challenges of doing support as a SaaS provider in terms of access management * Evaluation of solutions and their shortcoming * Introduction to the secret manager tool HashiCorp Vault * Implementation of a solution that guarantee accountability and auditability. There will be a bit of PKI and Golang. * Live demo using the <a href="https://www.tuleap.org/solutions/mytuleap">myTuleap</a> cloud service as an example Thomas Gerbet Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:40 UD2.119 samba_ad_it_works SaMBa-AD, it works stories of battles fought and won Identity and Access Management devroom Samba Active Directory is now battle ready for enterprise identity and access management. We want to share with your some stories of how Samba Active Directory is used daily on large setups with many hundreds or thousands of users and PCs. You'll discover that the thing is used in Ministries, large universities, research center, state governments ... even central banks !! Our aim is to inspire you to take Samba-AD back home with you and make it an ingredient of your own success as enterprise identity managers. Vincent Cardon Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:55 00:30 UD2.119 samba_ad_in_fedora Samba AD in Fedora The long road to AD Identity and Access Management devroom Samba AD is a free software implementation of Microsoft's Active Directory solution. It took more than five years to port Samba AD to MIT Kerberos and now it is a part of Fedora 27 release. However, the work does not stop here. Active Directory is a complex set of technologies and one of driving factors behind Fedora Server work is to make them easier to deploy and manage. The talk will go into details what is needed to be done to make Fedora a preferred distribution to deploy Samba AD. Andreas Schneider Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:35 UD2.119 samba_authentication_authorization Samba authentication and authorization Introduction to Active Directory Auth protocols and winbind as an AD member Identity and Access Management devroom Active Directory is Microsoft's implementation of the LDAP, DNS and Kerberos protocols. It is highly popular in corporate environments. Samba as an SMB server needs to integrate into AD to participate in the Active Directory Authentication and Authorization mechanisms. This talk will give an overview of the aspects of Active Directory that Samba utilizes and gives an introduction into winbind, the main component of Samba responsible for AD integration. Volker Lendecke Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:10 00:30 UD2.119 smartcards_postgresql Using Cryptographic Hardware Identity and Access Management devroom This presentation explains how cryptographic hardware allows the use of private keys while preventing them from being viewed or copied. It focuses primarily on the use of Yubikey cryptographic hardware, in both piv and gpg modes. It explains how to use this hardware with popular software like openssh and Postgres. Bruce Momjian Using Cryptographic Hardware Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:45 00:30 UD2.119 smartcards_in_linux Smart Cards in Linux and why you should care Do you want to know how Smart Cards can help you improve security and work efficiently? Identity and Access Management devroom Do you want to know how Smart Cards can help you improve security and work efficiently? Smart cards are among us for decades, but they are still not widely used on daily basis by most of us, even though they provide significant advantages for both security and usability and all the tools are open source in Linux. Smart cards are no longer only credit-card sized cards, but also more practical USB dongles which are frequently combined with other features such as OTP or U2F, which can take this even further. I will go through architecture of smart cards and show you how they can be used to simplify your work. <ul> <li>Anatomy of Smart Card and software using it <ul> <li>project OpenSC</li> </ul> </li> <li>Practical examples <ul> <li>Atomic operations with OpenSC tools</li> <li>Using smart cards with high-level tools such as OpenSSH, Firefox</li> <li>Debugging Smart Cards problems</li> </ul> </li> </ul> Jakub Jelen Submit feedback 17:20 00:30 UD2.119 idm_sssd SSSD: From an LDAP client to the System Security Services Daemon Identity and Access Management devroom SSSD is known in the OSS world as a client towards different LDAP-like databases. However, recently, we have started taking SSSD beyond its bread and butter LDAP client role to provide services that are usable in a broader context, as an application gateway or to a local machine. As a result, you might soon see SSSD enabled and running in your favourite distribution by default or quietly running on the background of another service. In the talk I will demonstrate what enhancements we already did in SSSD, such as how to use SSSD as a gateway between an application and a user database or why should you let SSSD manage your Kerberos credential caches . I'll also illustrate things we are working on for the future such how to add and access extra attributes of your local users or why it makes sense to let SSSD handle smart card logins even for local users. The talk will be useful to system administrators, mainly those who deal with user account management, but also to developers who work on services that integrate with user databases. The talk will deal with topics including: - why we enabled SSSD in Fedora and in RHEL on all systems by default, even those that have no connection with a remote user database - why are we moving features like smart card management or even Kerberos cache management to SSSD - what are the interfaces that SSSD exports towards the system, both on the operating system level and the programming level - how can you use SSSD to fetch data from a remote data store to your application Jakub Hrozek Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:55 00:30 UD2.119 session_recording User Session Recording in Cockpit Introducing User Session Recording support in Cockpit - a server management Web UI Identity and Access Management devroom Have you ever wished you could see how exactly a user broke your server? Have you wished to see how the user stumbled upon the problem they just reported? Would you like to have such a power within your easy reach, right in your browser, without the need for a pesky command-line setup? Wish no more, because we're going to handle that with User Session Recording support in Cockpit! As part of our User Session Recording project, Red Hat Common Logging team is working with developers of Cockpit, a server management Web UI, to implement support for configuring recording, searching, correlation, and playback of users' terminal sessions, all in your browser! On this session we are going to introduce the new effort, show what's working already, present further plans for development, answer your questions, and eagerly listen to any feedback you might have! The Red Hat's User Session Recording project is aiming at building an enterprise-ready solution for centralized recording of user sessions, for audit, forensics and compliance purposes. The solution involves integration with Linux audit logging system, FreeIPA identity management, Elasticsearch storage, and integration into UIs of various management solutions, such as OpenShift, CloudForms, etc. As part of developing our playback and correlation UI component, we're implementing Session Recording support in Cockpit. Cockpit is a feature-rich server management Web UI with a new twist: it doesn't take over your system and doesn't force you to relinquish direct control over your system. Instead it lets you jump freely between the command line and the browser at any time you want. You can immediately see the changes you did on the command line in your browser and vice versa. That facilitates gradual learning and simplifies complicated tasks. Cockpit supports a variety of Linux distributions and releases, does its own releases very frequently, and achieves that via advanced and comprehensive continuous integration system, which is a wonder on its own. Nikolai Kondrashov User Session Recording Project Cockpit Project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:30 00:30 UD2.119 fleetcommander Fleet Commander: The efficient way of managing the Desktop profiles of your fleet! A brief description of the project and its internals! Identity and Access Management devroom This talk will go through what Fleet Commander is (and, consequently, what Fleet Commander is not intended for), which are the solutions proposed by the project, how Fleet Commander interacts with SSSD and freeIPA and, plans for the future and finally provide a Demo of the current state of the project. The talk will be divided basically in 4 parts: 1) Describing what Fleet Commander is (and what it's not intended for): Fleet Commander is an integrated solution for large Linux desktop deployments that provides a configuration management interface that is controlled centrally and that covers desktop, applications and network configuration. Last but not least, Neither Ansible nor Puppet could solve the core problems of Desktop Session Configuration Management, which is what drove the Fleet Commander development. 2) Describing Fleet Commander interaction with freeIPA and SSSD: Fleet Commander relies on freeIPA, which provides a standalone plugin for desktop profile management, to store the profile data and its assignments to users, groups and hosts from the administrator point-of-view. From the client point-of-view, Fleet Commander relies on SSSD to fetch the the profile data at users' login time and notify Fleet Commander whenever new profiles have to be applied. 3) A short Demo about the current status of the project: This will be the first time that Fleet Commander project will be Demo'ed after the freeIPA/SSSD integration. 4) Plans for the future: A quick discussion about what are the plans for the future, including a way to manage profile data in case of direct integration between Linux clients and Active Directory servers (GPO is the key here!) Fabiano Fidêncio Oliver Gutiérrez Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 UD2.120 (Chavanne) declarative_extensions_for_kubernetes_in_go Declarative Extensions for Kubernetes in Go Monitoring and Cloud devroom Declarative systems, like Kubernetes are nice. Instead of forming the state of the system command-by-command, one just posts a set of declarative requirements. The system will try to adapt. While it easy to understand how to use such a system from the user perspective, it requires a complete rethinking for us engineers on how to integrate with such a system. Based on the experiences with extending Kubernetes for KubeVirt with the Kubernetes-Go-SDK, this session gives a short and concise overview on what is required to implement declarative flows in general and particularly in Kubernetes. Real-world examples and pitfalls included. Declarative systems, like Kubernetes [1] are nice. Instead of forming the state of the system command-by-command, one just posts a set of declarative requirements. The system will try to adapt. While it easy to understand how to use such a system from the user perspective, it requires a complete rethinking for us engineers on how to integrate with such a system. Based on the experiences with extending Kubernetes for KubeVirt [2] with the Kubernetes-Go-SDK [3], this session gives a short and concise overview on what is required to implement declarative flows in general and particularly in Kubernetes. Real-world examples and pitfalls included. [1] https://kubernetes.io/ [2] https://github.com/kubevirt/kubevirt [3] https://github.com/kubernetes/client-go Roman Mohr Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:10 00:30 UD2.120 (Chavanne) performance_analysis_and_troubleshooting_methodologies_for_databases Performance Analysis and Troubleshooting Methodologies for Databases Monitoring and Cloud devroom Have you heard about USE Method (Utilization - Saturation - Errors), RED (Rate - Errors - Duration) or Golden Signals (Latency - Traffic - Errors - Saturations) ? In this presentation we will talk briefly about these different, but similar “focuses” and discuss how we can apply them to the data infrastructure performance analysis troubleshooting and monitoring. We will use MySQL as example but most of the talk will apply to other database technologies as well. Have you heard about USE Method (Utilization - Saturation - Errors), RED (Rate - Errors - Duration) or Golden Signals (Latency - Traffic - Errors - Saturations)? In this presentation we will talk briefly about these different, but similar “focuses” and discuss how we can apply them to the data infrastructure performance analysis troubleshooting and monitoring. We will use MySQL as example but most of the talk will apply to other database technologies as well. Peter Zaitsev Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:50 00:30 UD2.120 (Chavanne) monitoring_legacy_java_applications_with_prometheus Monitoring Legacy Java Applications with Prometheus Monitoring and Cloud devroom Prometheus is often associated with modern architectures, cloud-native applications, and dynamic container platforms. While new applications can be designed to integrate well with cloud infrastructure and monitoring, most organisations also have to operate legacy applications that do not fit well into these environments. This talk shows how to monitor legacy Java applications with Prometheus. The goal is to have Prometheus as a central monitoring tool that integrates both, modern cloud-native applications as well as legacy Java EE applications. Fabian Stäber Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 UD2.120 (Chavanne) google_go Google’s approach to distributed systems observability for Go Monitoring and Cloud devroom Jaana Dogan (JBD) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:10 00:30 UD2.120 (Chavanne) observability_and_the_development_process Observability: not just an Ops thing Monitoring and Cloud devroom Historically, monitoring has been thought of as an afterthought of the software development cycle: something owned by the ops side of the room. But instead of trying to predict the various ways something might go sideways right before release and crafting dashboards to prepare, what might it look like to use answers about our system to figure out what to build, and how to build it, and whom for? Observability is the practice of understanding the internal state of a system via knowledge of its external outputs -- and is something that should be built into the process of crafting software from the very beginning. Christine Yen Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:50 00:30 UD2.120 (Chavanne) the_lttng_approaches_to_solving_complex_problems The LTTng approaches to solving complex problems Monitoring and Cloud devroom The LTTng kernel and user-space tracer can help solve a wide variety of problems (especially those hard to reproduce ones). There are four main ways of extracting and processing an LTTng trace, and each of them addresses a different use-case. In this presentation we will demonstrate these modes and present real-world situations where they can be used. If you already know how to use LTTng you will learn new ways this tool can help you, and if you don't, you will probably discover a new way to address these complex problems. The modes we will demonstrate are: post-processing mode (default), snapshot mode, live mode and the new rotation mode. All of these modes have their pros and cons in a context of monitoring and cloud and we will be happy to discuss with the crowd to see how to address their particular use-cases and help them gain a full-system insight. The intended audience is devops engineers having to deal with complex problems and look for a way to scale their monitoring and debugging method on a small or large fleet of servers. Here is a summary of the modes we will demonstrate and their main use-cases: <pre><code>- post-processing mode (default): gather as much data as possible and take the time to investigate (debugging, logging); - snapshot mode: when an error is detected, extract the last trace buffer from memory (fault investigation, sampling, low impact monitoring); - live mode: continuously monitor a stream of events (logging, monitoring); - rotation mode: periodically, or on a specific trigger, process a chunk of trace without stopping the tracing (monitoring, logging, archiving sampling). </code></pre> Julien Desfossez Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 UD2.120 (Chavanne) the_red_method The RED Method: How To Instrument Your Services. Monitoring and Cloud devroom The RED Method defines three key metrics you should measure for every microservice in your architecture; inspired by the USE Method from Brendan Gregg, it gives developers a template for instrumenting their services and building dashboards in a consistent, repeatable fashion. In this talk we will discuss patterns of application instrumentation, where and when they are applicable, and how they can be implemented with Prometheus. We’ll cover Google’s Four Golden Signals, the RED Method and the USE Method. We’ll also discuss why consistency is an important approach for reducing cognitive load. Finally we’ll talk about the limitations of these approaches and what can be done to overcome them. Tom Wilkie Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:10 00:30 UD2.120 (Chavanne) evolving_prometheus_for_the_cloud_native_world Evolving Prometheus for the Cloud Native World Monitoring and Cloud devroom As the industry moves towards more cloud based and containerised solutions such as Kubernetes, monitoring tools have to keep up. These new environments are far more dynamic than the hand-maintained machines of old, requiring more sophisticated and scalable approaches. This talk will look at how Prometheus has evolved over the past 5 years to be better able to cope with these challenges, including the 2.0 release and practices that we encourage in a cloud native world. This talk will cover the dynamic nature of cloud-based services, and how approaches that worked when everything had a dedicated machine no longer work out both technically and in terms of human operational effort. This includes the dynamic nature of cloud-based environments where there can be high churn due to releases potentially several times an hour, heterogeneous performance of replicas and complex micro-service dependency graphs. There will be a quick overview of the history of the TSDB of Prometheus, giving context to the new storage engine in the 2.0 release and how it helps with the above technical problems. Following that will be a look at service discovery to find what to monitor in dynamic environments, the aggregation abilities of PromQL and how these can be combined to perform symptom rather than cause based alerting using techniques such as the RED method. Brian Brazil Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:50 00:30 UD2.120 (Chavanne) graphite_at_scale_at_criteo_biggraphite Graphite at Scale at Criteo: BigGraphite Bye bye whisper ! Monitoring and Cloud devroom Graphite meets Cassandra to Scale Monitoring at Criteo This talks is about the BigGraphite project: https://github.com/criteo/biggraphite People love or hate Graphite (https://graphiteapp.org/, https://github.com/graphite-project), and whatever might be your take on it, it's huge part of the open source monitoring ecosystem. Graphite store data in it's own database, called whisper. But managing whisper at scale can become a challenge. BigGraphite original goals where to reduce the human cost of maintaining Graphite at scale by allowing SRE teams to easilly add and remove machines. This talk will explain how we did it, how we use Graphite at Criteo, and our future plans for BigGraphite. See the deck of slides to know more: https://docs.google.com/presentation/d/17opE2U2aIe1TFYJgr0Z8Dd2fJhy2x0YbReCVeCz6uhA/edit?usp=sharing The talk will be shortened to fit in 25min (+5 min questions). Corentin Chary Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 UD2.120 (Chavanne) graylog_for_java_developers GrayLog for Java developers Monitoring and Cloud devroom For developers, application logs are critical to figuring out what’s going on inside the apps we create. We tail them. We search them. We analyze and graph them.In this talk I will show Graylog as an open source log management tool, providing central storage, processing, and analysis of log messages powered by Java,MongoDB and ElasticSearch These could be the talking points: 1.GrayLog architecture The Graylog log server is based on Java and offers a means for combining several server nodes in a cluster for high availability and scalability. Graylog uses Elasticsearch as database for the log messages as well as MongoDB for application data. 2.Searching and analyzing: Graylog Web Interface Graylog also has a web interface for searching and viewing Graylog messages. Filters can be applied and saved into logical “streams”, allowing you to look at a slice of your data. 3.Use case:Configure graylog in java projects with maven As a standard for log events, Graylog promotes usage of the Graylog Extended Log Format (GELF) I will show a use case configuring graylog inside java project with the GELF appender. 4.Integrating GrayLog with LogStash In order to create a full log solution it is suitable to combine Graylog with Logstash with a little modification of Logstash and a custom Graylog Plugin. José Manuel Ortega Graylog official page Documentation Github repository Docker image Official Graylog Docker image GrayLog marketplace The Graylog CLI dashboard Logback Gelf for java Logback Gelf FAQ graylog Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:10 00:30 UD2.120 (Chavanne) grafana_tips Grafana Tips & Tricks & Whats New in v5 Monitoring and Cloud devroom Torkel Ödegaard slides http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:50 00:10 UD2.120 (Chavanne) openmetrics OpenMetrics - an industry standard for metrics Standing on the shoulders of titans Monitoring and Cloud devroom Prometheus' exposition format is great, but its adoption is limited, in part, by political considerations. Creating an industry standard which is detached from Prometheus will hopefully help alleviate this issue. Richard Hartmann Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:05 UD2.120 (Chavanne) structured_logging_with_serilog Beyond string-based logging Structured logging with Serilog Monitoring and Cloud devroom Traditional logs are okay for humans to read, but when the sheer volume of information generated is too much to be processed by a human being everything falls apart ... add distributed systems into the equation and you are pretty close to hell. Structured-logging proposes to take a bit more time when writing logging statements to make it easier to extract and process all this crucial information. Thanks to the rich log entries, new insight can be reached to understand the systems. In this talk I will talk about structured-logging and show how useful. Will cover : - limitations of string-base logging - different approach : structured logging Thibaud Desodt Serilog home page Serilog Github Repo MessageTemplates.org Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:10 00:05 UD2.120 (Chavanne) whats_new_in_graphite_11 What's new in Graphite 1.1 Monitoring and Cloud devroom I'm going to talk about new features of upcoming Graphite 1.1 release - what's new and why it's still usable in 2018. The talk will be useful for current (and former) Graphite users and all persons interested in metrics/TSDB area. Graphite was one of the first "kick-ass" tools which helped to start #monitoringsucks/#monitoringlove movement. In 2018 it's a bit outdated, but still alive and kicking. Upcoming Graphite 1.1 will have some nice features: * Tag support (with (upcoming) Prometheus and Grafana integrations) * Python 3 support * Custom (user defined) functions * "pipe" function chaining syntax * Updated cluster request handling * xFilesFactor-in-functions support * overhauled aggregation functions * msgpack support and many others. Denys Zhdanov Link to Presentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:20 00:05 UD2.120 (Chavanne) ovirt_metrics_and_logs_in_a_unified_solution oVirt Metrics and logs - in a unified solution Monitoring and Cloud devroom We think Metrics and logs are not that different. Do you agree? This was our statement when searching for a unified monitoring solution with real-time analytics, for the oVirt data center virtualization project. This talk gives an introduction on how to integrate oVirt metrics with the EFK stack on top of OCP. Attendees of this session will be able to get an in depth look into the stack architecture and ways to utilize it in open source projects. We think Metrics and logs are not that different. Do you agree? This was our statement when searching for a unified monitoring solution with real-time analytics, for the oVirt data center virtualization project. Using Elasticsearch and its native visualization layer, kibana, we aspire to provide the oVirt project users a fully functional monitoring solution. When combining this stack, built on top of OpenShift Container Platform (OCP), with client side daemons such as collectd and fluentd, we get an end-to-end powerful open source solution. This talk gives an introduction on how to integrate oVirt metrics with the EFK stack on top of OCP. Attendees of this session will be able to get an in depth look into the stack architecture and ways to utilize it in open source projects. Shirly Radco Slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:30 00:05 UD2.120 (Chavanne) grafanalib_dashboards_as_code Grafanalib - Dashboards as Code Monitoring and Cloud devroom A lightning-fast introduction to Grafanalib, a small Python library that lets you create dashboards as code. Target audience for the library is people using and amending Grafana dashboards, but the underlying idea is of interest to anyone doing Ops or DevOps. <a href="https://github.com/weaveworks/grafanalib">Grafanalib</a> is an Open Source Python library that lets you create dashboards as code. Once your dashboards are code you can check them in, PR them and have a CI/CD pipeline - GitOps! Talk will cover: <ul> <li>Basic primitives in the library - YAxis, Graph, Tooltip and so on</li> <li>Higher-level components such as QPSGraph</li> <li>Build your own components such as a LatencyGraph or a REDRow.</li> <li>How to deploy dashboards created using Grafanalib</li> </ul> Bryan Boreham Grafanalib Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:25 00:05 UD2.208 (Decroly) java_devroom_welcome Welcome! Free Java devroom Welcome to the 2018 edition of the Free Java DevRoom! Mario Torre Andrew Haley Submit feedback 10:30 00:45 UD2.208 (Decroly) state_openjdk The State of OpenJDK Free Java devroom A review of the past year in the life of the OpenJDK Community, and a look at what's ahead. A review of the past year in the life of the OpenJDK Community, and a look at what's ahead. Mark Reinhold Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:20 00:25 UD2.208 (Decroly) openjdk_dev_exp The OpenJDK Developer Experience Free Java devroom Much has happened in the last year for developers contributing to OpenJDK: - the repositories have been consolidated into a single repository - the run-test make target has been introduced - the JTReg (and jcov, asmtools and jtharness) build have been greatly improved - there is now a binary build of OpenJDK that can be used as --boot-jdk (on Linux x86-64) The situation for HotSpot developers has also improved over the years: - the HotSpot build system was converted to the "new" build system - a proper unit test framework for C++ code (googletest) was added - debug symbols are no longer zipped by default - the JDK and HotSpot JTReg testlibraries were combined into one This talk will show how all these changes make the OpenJDK developer experience a lot smoother. The speakers will also share their personal tips and tricks on how to work even faster on OpenJDK! We also realize that the OpenJDK developer experience is far from optimal, and would therefore like this talk to initiate a discussion on what could be improved and how people can get involved. Roman Kennke Erik Helin Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:50 00:25 UD2.208 (Decroly) jam_futures AMENDMENT JVM Futures Free Java devroom Strap in for a high-speed deep dive into JVM features now on the drawing board, which will benefit Java and all other languages that run on the JVM. John Rose Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:25 UD2.208 (Decroly) zgc The Z Garbage Collector - An Introduction Free Java devroom The Z Garbage Collector, also known as ZGC, is a new garbage collector optimized for low latency and very large heaps. We've developed ZGC internally at Oracle so far, but we're now open-sourcing it so as to broaden the base of both contributors and users. It was recently accepted as an official project under OpenJDK where future development will be happening. This talk will give an overview of how ZGC works, how it scales to multi-terabyte heaps and how it maintains very low GC pause times. We'll present the goals, current status and what to expect going forward. We'll also give a quick primer on how to get started using ZGC on your workloads. Per Liden Stefan Karlsson Submit feedback 12:50 00:25 UD2.208 (Decroly) duke_debugging Rubber 'Duke' Debugging Free Java devroom In the spirit of Jon Bentley(not the top gear dude), we will take this chance to talk about everybody’s favorite pastime...debugging! As programmers, we spend most of our time debugging. I know I know, most of us never 'write' any bugs(it's ALWAYS your pesky colleagues). Still, somebody has to clean it all up. And yet, there's very little literature about debugging. Fewer conference talks still. But that's about to change. This talk will be a collection of real-life bug micro-mortems. Proving now more than ever, that for want of a nail, kingdoms can really be lost... Mahmoud Abdelghany Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:25 UD2.208 (Decroly) method_handles MethodHandles Everywhere! Free Java devroom The MethodHandle API was added in Java 7, as a way to programmatically build up smart function pointers. Far more powerful than simple reflection, handles JIT and optimize like Java code, producing a fast, direct, type-safe callable. And the API has continued to evolve: in Java 9, you can now embed atomic semantics, array views, loops and "finally" logic, and much more. Come learn how flexible and useful MethodHandles can be! Charles Nutter Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:50 00:25 UD2.208 (Decroly) evaluate_gc Top Ten Metrics for Evaluating your Garbage Collector Free Java devroom There's an old joke about a new bride who prepares her first big dinner for her new husband. She's making her mother's brisket recipe which starts by cutting the ends off of the roast. Her husband asks her why she cuts the ends off. She says she does it because that's the way her mother always did it. She asks her mother and her mother says "That's the way your grandmother always did it". She asks her grandmother and her grandmother says "That's the only way it would fit in my pan". There's a lot of folklore and myth surrounding Java garbage collection performance, most of which is obsolete, irrelevant to your application, or was never really right in the first place. So how do we evaluate a GC algorithm? We can measure various metrics: end to end run time, maximum pause time, average pause time, percentage of the cpu given to the Java threads, memory footprint, micro benchmarks, ... This talk will focus on ten (give or take) metrics/tools we can use to evaluate garbage collection performance. This isn't a comparison of OpenJDK collectors, it's a discussion of what characteristics are important in a good garbage collector and how to measure them. Christine H Flood Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:20 00:25 UD2.208 (Decroly) graal Graal: How to use the new JVM JIT compiler in real life Free Java devroom With JEP 317: Experimental Java-Based JIT Compiler it is very likely that Graal will be part of JDK 10. In fact, Graal is already available in JDK 9 due to JEP 243: Java-Level JVM Compiler Interface. Graal is itself written in Java and that brings some new properties and behavior to the table which we haven’t seen with existing HotSpot JIT compilers. This talk will show how to use Graal with JDK 9, how to compile an upstream Graal version and what to look out for when using it for benchmarking or even in production. Christian Thalinger Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:50 00:25 UD2.208 (Decroly) jvm_startup JVM startup: why it matters to the new world order Free Java devroom The software development world has changed. With trends like continuous integration and cloud scaling of workloads, deployments come fast and furious (and frequent!). Is Java too big and slow to play in the new world? Never fear! Learn how the Eclipse OpenJ9 JVM has been approaching these challenges using SharedClasses, dynamic AOT now and some of the projects future directions.</div> OpenJ9's SharedClasses cache is similar to OpenJDK's CDS but takes a more dynamic approach. This talk will introduce some of the feature of the Eclipse OpenJ9 JVM that help it provide high performance while making efficient use of memory. This session will explain why these tradeoffs are critical for cloud deployments Daniel Heidinga Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:20 00:25 UD2.208 (Decroly) class_metadata Class Metadata: A User Guide Free Java devroom The OpenJDK JVM eats class bytecode and spits out Java heap objects and machine code as part of normal execution. However, the JVM manages more data than just bytecode, Java objects JITted code. In order to manage heap memory and to ensure correct execution, the JVM and JITted code need to retain and, occasionally, interrogate details of the loaded class base. Bytecode is not a very 'efficient' representation for this purpose, nor does it include details of runtime-derived info like class and method implementation dependencies, compile history and JITted code status, or execution profiles. So, the JVM throws away most bytecode after parsing, in its place constructing and maintaining its own 'efficient' in-memory (C++) data structures which model both the loaded class and method base and runtime-derived state. This is what is known as Class Metadata. Class Metadata is a significant component of the Native Memory storage allocated and managed by the JVM, alongside JIT Compiler Metadata, GC Metadata, Thread Metadata, etc. For small applications that don't create a large number of Java objects Metadata can constitute a large portion of a Java application's resident memory set. This talk will begin by describing how to use the jcmd tool to measure summary JVM Native Memory storage costs, including overall Class Metadata costs. It will also show how to use jcmd to obtain a detailed breakdown of the latter costs, splitting the overheads along two axes: firstly, by class; and secondly, dividing per-class costs into separate sub-costs associated with different component subsets of the class model: classes per se, constant pools, methods and annotations. I will go on to explain how Class Metadata is carved out of the memory regions managed by the JVM's Native Memory allocation routines and detail the memory layout of the various C++ types which define the elements of the Class Metadata model, thereby clarifying some of the more detailed statistics available in jcmd output. Real-life use cases will be employed to explain how specific costs arise from code design choices and to suggest how alternative choices might increase or decrease Class Metadata costs. Andrew Dinn Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:50 00:25 UD2.208 (Decroly) java_world_containers Java in a World of Containers Free Java devroom Container technologies such as Docker are rapidly becoming the de-facto way to deploy cloud applications, and Java is committed to being a good container citizen. This talk will cover some of the new the tools and techniques for reducing container size (jlink, Alpine/musl support), for improving startup time and sharing of data between JVMs (AppCDS and ahead-of-time compilation), and the recent work that has gone into interacting with container resource limitations. Mikael Vidstedt Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:20 00:25 UD2.208 (Decroly) class_data_sharing Class Data Sharing Sharing Economy in the HotSpot VM Free Java devroom Class Data Sharing (CDS) is a feature that was introduced in Java 5 to improve startup performance and reduce the memory footprint of the JVM by sharing the metadata of system classes between virtual machines running on the same host. During the last years, this feature has been constantly improved. In OpenJDK 10 CDS will be extended by AppCDS which additionally allows the sharing of application classes between VM instances (see JEP 310: Application Class-Data Sharing [1]). In this talk I will briefly introduce CDS and AppCDS. After demonstrating its various use cases, I will do a short deep-dive into the implementation details and challenges. Finally I will briefly describe how Strings and Symbols can be stored in the CDS archive and shared across VM as well since OpenJDK 9. After the talk, the audience should have a better understand of the CDS/AppCDS feature and be able to decide whether it makes sense to use it for their own applications. [1] http://openjdk.java.net/jeps/310 Volker Simonis Jep 310 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:50 00:25 UD2.208 (Decroly) hairy_security Hairy Security the many threats to a Java web app Free Java devroom Hairy Security It's getting dangerous out there, it's all over the news, IT security is simply no longer something one can ignore. In this session we'll model all the threats to a typical web application powered by a Java back-end. We’ll have fun, state the obvious, debate and debunk a few security myths, because, remember, It’s not a question of 'if' but 'when' you’ll be hacked, at the end of this session, you’ll decide for yourself if it's really time for this Java web app to go live ! It's a fun, pragmatic, very instructive talk we've been doing in the past (well received at Devoxx France for instance) It's getting dangerous out there, it's all over the news, IT security is simply no longer something one can ignore. In this session we'll model all the threats to a typical web application powered by a Java back-end. We’ll have fun, state the obvious, debate and debunk a few security myths: <ul> <li>Yes, strong security comes at price, it requires a brain,</li> <li>No, strong security does not mean crappy user experience,</li> <li>No, there is no silver bullet, be pragmatic,</li> <li>Yes, they are many standards and frameworks (saml, oauth, jwt, 2-way-ssl ...) ** we'll showcase a few and debate when to choose what</li> <li>Yes, SELinux and the Java SecurityManager can be your friends</li> <li>Yes, Security needs to be baked into all your automation and continuous integration. Secret Management is key</li> </ul> Remember, It’s not a question of 'if' but 'when' you’ll be hacked, at the end of this session, you’ll decide for yourself if it's really time for this Java web app to go live ! It's a fun, pragmatic, very instructive talk we've been doing in the past (well received at Devoxx France for instance) Romain Pelisse Damien Plard Barbus & Barbare (french) Github Romain Pelisse Github François Le Droff Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:20 00:25 UD2.208 (Decroly) hacking_jvm Hacking the JVM from Java Free Java devroom The JVM contains many interesting features that are frequently overlooked, not exposed through the Java standard library, or typically only accessible from native code. In this talk we will walk through a few of these features, and how they can be used from plain old java code. For example we will see how to access local variables from calling methods, as well as powerful ways to monitor what the JVM does when executing our code. Free Java allows us access to these features, as well as the ability to contribute towards improving their implementation and make them publicly available to other users. Together we can influence the direction of Java and help get more powerful features into the standard JDK. Tobias Lindaaker Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:50 00:25 UD2.208 (Decroly) g1 G1 - Not^H^H^HNever Done! Free Java devroom In JDK 9 we made the G1 garbage collector the default OpenJDK garbage collector. Does that mean G1 is done? Definitely not! The Oracle GC team is working on exciting changes to improve throughput, latency and memory footprint for the G1 garbage collector for the next JDKs. We are excited to give you a heads up on a few of them: <ul> <li> Faster Card Scanning</li> <li> Parallel Full GC in G1</li> <li> Rebuild Remembered Sets Concurrently</li> <li> Abortable Mixed Collections</li> <li> Automatic Thread Sizing</li> </ul> Of course, this is just what we are currently working on; we would also like to share a few interesting ideas that would be interesting to pick up and contribute. :) Thomas Schatzl Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:20 00:40 UD2.208 (Decroly) gb_qa OpenJDK Governing Board Q&A Free Java devroom An open Q&A session with members of the OpenJDK Governing Board. An open Q&A session with members of the OpenJDK Governing Board. Mark Reinhold Mario Torre Andrew Haley Georges Saab Doug Lea John Duimovich Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 UD2.218A stm8 The free toolchain for the STM8 Getting into first place when non-free tools had years of head start. Embedded, mobile and automotive devroom The STM8 is STMicroelectronics' current 8-bit microcontroller architecture. In recent years a free toolchain or the STM8 architecture appeared and quickly surpassed the non-free ones. The central part of the toolchain is the Small Device C Compiler (SDCC), which features some optimizations suited to highly irregular architectures such as the STM8 The talk introduces all parts of the free toolchain for the STM8 and also discusses remaining gaps. The STM8 is a popular 8-bit architecture by ST Microelectronics commonly used in household electronics, automotive application and industrial controls. For quite a while there were no free tools, and the irregular architecture makes it hard to support in GCC or LLVM. In recent years free tools for it started to appear and now form a free toolchain that surpassed preexisting non-free ones. The most important part is the Small Device C Compiler (SDCC). New tree-decomposition-based algorithms from recent compiler research have been implemented in SDCC, including a new register allocator particularly suited to irregular architectures with few registers. SDCC quickly surpassed the non-free compiler in standard compliance and OS support and generates substantially faster integer code. Programs can be flashed by stcgal (via a serial link on STM8 devices that have a bootloader) and stm8flash (via the SWIM interface of ST-LINK hardware). OpenOCD and GDB allow on-target debugging via the ST-LINK. IDEs complete the development environment. However, stcgal still needs non-free binary blobs for use with some devices and the ST-LINK has non-free firmware. SDCC still falls short in floating-point performance. While there are some ports of free RTOSes that use the free toolchain for the STM8, more would be desirable. Philipp Klaus Krause Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 UD2.218A rt_linux_with_yocto Building RT Linux distribution with Yocto Embedded, mobile and automotive devroom The conference will describe how to use PREEMPT_RT and Xenomai with Yocto build system - building image and SDK - developing simple application - testing performances Yocto is the most famous build system for embedded Linux. Today most of BSPs are provided as Yocto "recipes" and/or metadata. They are several extensions providing RT capabilities to the Linux kernel. Number one is PREEMPTRT, maintained by Thomas Gleixner and supported by the Linux foundation since 2015. Second one is Xenomai mainly based on a co-kernel architecture (such as RTLinux). It was created by Philippe Gerum, a french RT expert and is maintained by a small group of contributors. Current version is 3.0.5 and can be used in dual kernel mode (Cobalt) or on top of PREEMPTRT in a single kernel approach (Mercury). Using RT extension with Yocto is not that easy because linux-yocto-rt kernel is not usable on main embedded target such as ARM (as it works on QEMU target only). Using Xenomai is much more complicated as it needs several steps (patching the kernel, installing user-space libraries, building an extended SDK). During the conference we will decribe how to build a Yocto Linux image using PREEMPT_RT for famous boards such as Pi 3 or BeagleBone Black. Some Xenomai support is provided by meta-eldk from DENX but it supports only Xenomai 2.6. We will describe meta-xenomai as we maintain it for our customers (available on GitHub). That new meta-xenomai layer is based on Xenomai 3.x and very recent kernel. Then we will explain how to build a simple Xenomai application based on a periodic task. Finally we will compare performances of both extension (PREEMPT_RT and Xenomai) on same hardware. Pierre Ficheux Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 01:00 UD2.218A linux_up_and_running How to keep your embedded Linux up and running? Paint Your L[inux|awn] Green Embedded, mobile and automotive devroom Userspace software is imperfect and we all know about this. Running it for 5 minutes seems to be easy but what about days or weeks? This problem already gave server guys a lot of sleepless nights. Nowadays also IoT and embedded Linux world is facing very the same problem. Unfortunately solutions known from server world (Nagios and friends) usually cannot be directly applied. During this talk Krzysztof will discuss problems related to monitoring and "healing" embedded Linux distribution. First, most common server approaches will be described. After that, Krzysztof will try to identify key problems of applying this solution to embedded platform. Then Krzysztof will introduce faultd - small but extendable daemon for system monitoring and CPR;). How to use it? What can it do? What are the advantages and disadvantages? All those questions should be answered in this part. Last part is going to be a discussion on a presented idea and experience sharing. Krzysztof Opasiak Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 UD2.218A automating_lights Automating Your Lights with Open Source Combining Open Source Hardware with Free and Open Source Software Embedded, mobile and automotive devroom This presentation will reveal the exact steps for making a low-cost lightning solution that combines open source hardware with free and open source software. It will cover a wide range of topics from designing a printed circuit board with KiCAD to software support and integration with the popular open source home automation platform Home Assistant through the machine-to-machine protocol MQTT. We will review the designing process of open source hardware embedded devices that control 12V RGB LED strips and collect data from I2C sensors for light, temperature, humidity, color and gesture recognition. We will compare and highlight the differences between the software implementation of MQTT client with brightness and color control of the lights using pulse-width modulation (PWM) on embedded Linux through an add-on board for Raspberry Pi and a device powered by the low-cost microcontroller with Wi-Fi ESP8266. The talk will also provide information about open source hardware licenses, KiCAD getting started guidelines, tips for avoiding common hardware pitfalls and mistakes. Furthermore, we will discuss the challenges of prototyping and low-volume hardware manufacturing. The talk is appropriate for anyone interested in combining open source hardware with free and open source software. No previous knowledge is required. The presentation will try to encourage more people to grab the soldering iron and start prototyping entirely open source products. The open source hardware movement is becoming more and more popular. In this presentation, Leon Anavi will share his experience how to use free and open source software for making high-quality entirely open source low-cost lighting solutions using 12V RGB LED strips. Unlike Phillips Hue or IKEA Trådfri, the open source hardware lighting solutions are more flexible and developer friendly. They can be easily integrated with various free and open source software platforms for home automation such as Home Assistant. The practical examples in this presentation will be based on the open source hardware Raspberry Pi add-on board ANAVI Light pHAT available at GitHub under CC BY-SA 4.0 license and a work in progress device with ESP8266. Both devices have 2 layer printed circuit boards made with the free and open source software electronics design automation suite KiCAD. Tips for avoiding common pitfalls and mistakes as well as recommendations for optimization of the SMT and THT assembly with be shared. Home Assistant is written in Python 3 and runs perfectly on a Raspberry Pi. Out of the box it supports popular mass market Internet of Things such as IKEA Trådfri, Philips Hue, Google Assistant, Alexa / Amazon Echo, Nest, KODI and many more. Furthermore it allows straight-forward integration of other embedded devices that support the machine-to-machine protocol MQTT using the so called MQTT JSON Light component. MQTT broker, such as the open source Mosquitto, is required to distribute the messages in real time among all hardware devices in the lighting solution. The presentation is appropriate for open source enthusiasts, engineers, students and even beginners interested in combining open source hardware with free and open source software. Leon Anavi KiCAD Home Assistant ANAVI Light pHAT for Raspberry Pi MQTT client application for Raspberry Pi that controls RGB LED strip and collects data from I2C sensors MQTT client that controls RGB LED strip and collects data from I2C sensors as Arduino sketch for ESP8266 Open-source client implementations of MQTT Submit feedback 13:30 00:30 UD2.218A qt_automotive Qt in Automotive What does the Qt Automotive Suite do? Embedded, mobile and automotive devroom The Qt Automotive Suite solves a number of automotive problems, but these are not unique to our industry. We have a look at how to measure and understand start-up timing and performance, how to use the Qt Application Manager Wayland compositor, how to generate platform APIs and more. We also take a quick look at the tools provided, e.g. QMLLive for rapid prototyping and GammaRay for deep introspection. The Qt Automotive Suite is built on top of the general Qt framework and takes Qt from an app creation framework to a platform creation framework. It consists of both tools and libraries. We see that the QMLLive tool is enjoying usage outside the automotive space and hope that the other components will find users outside of the industry as well. Come here to learn what we do and why. Johan Thelin Qt Automotive Suite documentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:30 UD2.218A android_in_production Android Real Life experience in Production How an application developer can survive in the chaotic Android ecosystem Embedded, mobile and automotive devroom Nowadays one of the most powerful and used OS is also a pain for the developers. Too many devices and customizations makes the management of your app in production a very tough job: users are increasingly demanding, and time to market is required to be at flash speed. How to manage all this madness? How to get information of a particular device that you don't own in order to reproduce the problem and fix it? Is there a global solution? Well, we'll share our experiences gained with an application that is distributed to more than 40000 users, and we'll show some interesting cases we faced with. Our intent is to share some problematic situations we got developing an android application for a home automation product. In particular we faced issues concerning the following fields: real-time audio/video performances, networking, mobile network operator reliability, device customizations. Often the issues comes from Google market reviews, making very hard to reproduce the same context of the user (device owned, application's set, space available on flash etc..). For each case, we will show the problem, how we faced it and how we solved it using tools and strategies refined with on the field experience. Teodoro Vadalà Alberto Panizzo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 UD2.218A trustworthy_mobile_devices Componolit - a component-based open-source platform for trustworthy mobile devices Deprivileging the Google software stack. Embedded, mobile and automotive devroom Google <a href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/">tracks you</a> even with location service disabled. Your smartphone can be taken over remotely <a href="https://blog.exodusintel.com/2017/07/26/broadpwn/">via WiFi</a>. Opening media files remains an (unpredictable risk)[https://en.wikipedia.org/wiki/Stagefright_(bug)]. Despite all the effort put into mitigation techniques we don't seem to make good progress with the privacy and security of our mobile devices. We present our vision of Componolit, an open-source platform for trustworthy mobile devices. Based on the Genode OS framework, the component-based system will provide strict isolation between apps, services and drivers. The platform will enable users to run arbitrary unmodified Android apps without giving up control of their devices. This is realized by trustworthy policy objects implemented and formally proven in the SPARK language. Alexander Senier Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:30 UD2.218A logging_iot Logging IoT Know what your IoT devices are doing Embedded, mobile and automotive devroom Logging events is important for every device connected to the Internet or a network. The syslog-ng application is an enhanced logging daemon, with a focus on portability and central log collection. It collects logs from many different sources, processes and filters them, and finally it stores them or routes them for further analysis. IoT developers can get started with it quickly, as its configuration language is similar to programming languages. Logging events is important for every device connected to the Internet or a network. The syslog-ng application is an enhanced logging daemon, with a focus on portability and central log collection. It collects logs from many different sources, processes and filters them, and finally it stores them or routes them for further analysis. IoT developers can get started with it quickly, as its configuration language is similar to programming languages. From this session you will learn how to use logging for collecting usage statistics, monitoring, security, or debugging running applications, using examples from syslog-ng. We will discuss some interesting use cases from a wide range IoT devices: consumer devices, like the Amazon Kindle or the BMW i3 electric car IT appliances, like NAS and network devices industrial uses, like National Instruments devices In addition to acting as a logging agent, syslog-ng can be your logserver and collect data from IoT devices. The syslog-ng application can parse incoming data for interesting information, anonymize it if required by compliance, and route results to the proper destination. Other than saving logs locally, you have many possibilities, including visualizing logs using Graphite, creating alerts using Riemann, analyzing them in Kibana, or saving them to Hadoop HDFS for long term storage. Peter Czanik Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:30 UD2.218A testing_remote_devices Piece of cake - testing remote embedded devices made easy using open-hardware MuxPi Embedded, mobile and automotive devroom Designing custom hardware, though might seem intimidating at first, can simplify many activities. It solves certain issues, but often raises many others. Paweł will present a fresh open hardware approach at providing remote access (including device flashing, debugging and power management) to embedded devices - <a href="https://wiki.tizen.org/MuxPi">MuxPi</a>, successor of <a href="https://wiki.tizen.org/SD_MUX">SD MUX</a> board (showcased during FOSDEM 2016 and Embedded Linux Conference 2016). This talk will introduce novices to the topic of testing on remote embedded devices and previous attempts to do so. Presentation will also introduce components of the new Tizen GNU/Linux distribution's testing laboratory (currently in the process of being published open source): <ul> <li>Boruta - board farm management system,</li> <li>Weles - LAVA-compatible testing framework,</li> <li>Perun - binary image testing system.</li> </ul> It will focus on hardware aspects of proposed solution (MuxPi). Software stack design is discussed in detail during talk in <a href="https://fosdem.org/2018/schedule/event/remote_embedded_testing/">Testing and automation devroom</a>. Presentation will hopefully encourage discussion on this topic or inspire attendees to try this open hardware design out in their own setups and share feedback on what can be further improved. Paweł Wieczorek MuxPi SD MUX Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 UD2.218A agl_apps Industrialisation of applications build in embedded environment How to build AGL (Automotive Grade Linux) applications with Jenkins pipeline and X(cross) Development System (XDS)? Embedded, mobile and automotive devroom In order applications to reach an industrial production grade level, a significant effort for automation build and test is required. This lecture provides an overview of necessary architecture to automate AGL applications build using Jenkins pipeline and XDS (X(cross) Development System) in a multi targets environement. The main purpose of this talk is to present an architecture to build and test embedded applications automatically. <ul> <li>An overview of Jenkins architecture and latest features.</li> <li>Focus on Jenkins V2 and the advantages in using pipelines.</li> <li>A quick overview about X(cross) Development System tool.</li> <li>How to pipeline and XDS to build an application, test it, publish it.</li> </ul> Frederic Marec Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 UD2.218A updating_complex_systems Facing the Challenges of Updating Complex Systems Putting it all together Embedded, mobile and automotive devroom Over the past three years, the growing zoo of Open Source update frameworks made updating an embedded Linux system much easier. But, the availability of a robust update tool solves only one step in the complex chain from a software artifact to an updated and working system on your devices. Starting with a modern system consisting of a recent bootloader, kernel, init system and update tool, this talk ventures beyond the basic and already solved topics of A/B redundancy, atomicity, or simple update verification. Enrico will present strategies for creating a robust update chain from automated testing up to full rollout management and show how to solve these challenges with recent Open Source software such as barebox, RAUC, systemd, hawkBit, casync and labgrid. You will learn how to deal with more modular and complex system setups, restricted systems, error recovery, product variants, resigning for deployment, updating the bootloader itself and interaction with verified boot. Enrico Jörns RAUC GitHub page RAUC project website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 01:00 UD2.218A multitasking_on_cortexm Multitasking on Cortex-M class MCUs A deep-dive into the Chromium-EC OS Embedded, mobile and automotive devroom We're gonna look at multi-tasking on small Cortex-M class MCUs like the ARM Cortex-M0. After a brief general overview of the Cortex-M0 programming model, exception handling and other basics required, we'll start our deep-dive into one specific implementation in the Chromium-EC firmware. We'll look at startup code, how tasks are implemented, how to deal with priorities and peripheral interrupts. The Chromium-EC firmware is a little (RT)OS that runs (mostly) on ARM cores of the Cortex-M class (M0/M3/M4), and powers Google's Chromebooks as well as other devices (Project Sulfur SDR). It's permissive license makes it attractive for (ab)use in other projects, since Kernel and U-Boot integration are already existing. Moritz Fischer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:00 00:30 UD2.218A chromium_to_wayland The Chromium project's Way to Wayland Embedded, mobile and automotive devroom Wayland is the most advanced X11-alternative display protocol, shipping today in a variety of desktop and embedded environments. Although the Chromium browser on Linux still defaults to use the X11 window system, there have been efforts to port it to different environments. This effort happens in various fronts, including the development and stabilization of Ozone, an abstraction layer for graphics and input events, and the transitioning of some ChromeOS-oriented solutions to Linux, for example Chromium's new "UI service". Igalia has been actively contributing to this multi organizational collaboration, aiming at getting a full fledged Chromium browser running natively on Wayland. The work happens on Chromium's upstream repository so that the greater Chromium community can benefit from it. This presentation intends to show the Chromium project's way to Wayland. Maksim Sisov Downstream work with current patches, that are being upstreamed at the moment. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 18:30 00:30 UD2.218A gstreamer_for_tiny_devices GStreamer for tiny devices Making GStreamer small Embedded, mobile and automotive devroom GStreamer is a complete Open Source multimedia framework, and it includes hundreds of plugins, including modern formats like DASH, HLS or the first ever RTSP 2.0 implementation. The whole framework is almost 150MB on my computer, but what if you only have 5 megs of flash available? Is it a viable choice? Yes it is, and I will show you how. Starting with simple tricks like only including the necessary plugins, all the way to statically compiling only the functions that are actually used to produce the smaller possible footprint. Olivier Crête Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 05:30 J1.106 global_diversity Global Diversity CFP Day Advance registration needed. Global Diversity CFP Day maintrack On Saturday 3rd February 2018 there will be numerous workshops hosted around the globe encouraging and advising newbie speakers to put together your very first talk proposal and share your own individual perspective on any subject of interest to people in tech. Mozilla and the Mozilla TechSpeakers will bring this global event to Brussels during the first day of FOSDEM, and during the workshop will also provide CFP help and mentoring to any of the FOSDEM participants. <a href="https://www.globaldiversitycfpday.com/">Global Diversity CFP Day</a> is an event happening across the globe, simultaneously in 40+ cities on the 3rd of February. The <a href="https://www.globaldiversitycfpday.com/events/50">Brussels event</a> is organized at FOSDEM as the libre conference/community gathering and the GDCFPDay dates coincide happening on the same weekend. The Brussels event is organized by the Mozilla TechSpeakers, a community program by Mozilla for empowering and improving the skills of community public speakers in Mozilla's open-source community. <h3>Registration</h3> Attending the CFP workshop is completely free but subject to <a href="https://ti.to/mozilla-techspeakers/global-diversity-cfp-day-2018-brussels/">registration</a>. Please get your workshop ticket from the workshop ticket registration, and please don't forget to fill out the ticket-questionnaire, so we can make sure we can provide you with the best workshop experience with minimal distractions so you can concentrate on your improvement! If the initial tickets run out, don't worry, we are reserving some workshop places for first-time speakers and members of under represented groups, so be sure to apply for the waitlist ticket and keep an eye on your mailbox, we will get back to you when we have some extra spots open up. <h3>Mozilla TechSpeakers CFP-help</h3> Cannot make it to the workshop? Just have some questions about public speaking or writing conference proposals? Drop by on Sunday between 09:30 and 11:30 in J.1.106 or at the Mozilla Booth between 14:00 and 16:00 and talk to some seasoned veteran Mozilla TechSpeakers about public speaking, or ask them questions about public speaking/cfp-s in general or your talk (idea). <h3>Code of Conduct</h3> All Mozilla events are governed by the <a href="https://www.mozilla.org/en-US/about/governance/policies/participation/">Mozilla Community Participation Guidelines</a> and this GDCFPDay workshop is no exception. The Community Participation Guidelines (CPG for short) of Mozilla contains the general conduct required of all Mozilla community events and serves as a Code of Conduct for all events organized by Mozillians, and events where Mozilla (and thus, Mozilla TechSpeakers) are represented. By attending the GDCFPDay even you accept to read, understand and act in compliance with regard to the expectations set forth in the CPG (the short version of which is "Be excellent to each other and treat each other with respect and care.", but please do read the "long version"). These expectations will be observed and proper conduct will be enforced, without exception, by the organizing team. Any infringements or issues can (and should) be reported at the coc@tchspk.rs e-mail address or to the following people (in person or via the contacts listed below: * Istvan Szmozsanszky ("Flaki") - flaki@mozilla.hu / +1-929-433-7980 / <a href="https://twitter.com/slsoftworks">@slsoftworks</a> on twitter & <a href="https://telegram.me/slsoftworks">telegram</a> * Havi Hoffman - hhoffman@mozilla.com Mozilla TechSpeakers About the Global Diversity CFP Day The Brussels event page Workshop registration page Mozilla CPG (Code of Conduct) Submit feedback 18:00 01:00 J1.106 riscv_bof RISC-V Meeting Open discussions about RISC-V ecosystem after Palmer Dabbelt talk BOFs (Track C - in J1.106) bof We will have open discussions about RISC-V ecosystem after Palmer Dabbelt talk: Igniting the Open Hardware Ecosystem with RISC-V. David Abdurachmanov Submit feedback 10:00 00:50 Janson sancus Sancus 2.0: Open-Source Trusted Computing for the IoT Security and Encryption maintrack I will talk about Trusted Computing, what it can do, where the limitations are, and why we need trusted computing architectures to be open-source. Special emphasis will be on the Sancus architecture, which brings Trusted Computing to embedded domains such as the IoT or safety-critical control systems. An important but often neglected safety aspect of our society's critical infrastructure involves the security of embedded software in contexts such as the Internet of Things, smart cities or the smart grid. In this talk I will present an approach to the security-conscious design of embedded control systems. Our work is based on Sancus, a lightweight Trusted Computing platform and Protected Module Architectures (PMA, think of Intel SGX, but for 16-bit MCUs) and guarantees authenticity, integrity and confidentiality properties of event-driven distributed embedded applications. Relying on a hardware-only Trusted Computing Base (TCB), Sancus makes it possible to protect individual software modules of an application against attacks from other modules or even from a malicious or misbehaving operating system. Component isolation further leads a reduction of the size of these system's (security-) critical software stack, which allows us to analyse, test and even to formally verify critical modules in isolation. We have worked on a number of compelling use cases for this technology, focusing on smart grid infrastructure and on an AUTOSAR-compliant security framework for automotive bus systems. In these scenarios we observe a substantial reduction of the runtime software TCB (from 50 kLOC to less than 1 kLOC) while maintaining real-time responsiveness and adding protection against a wide range of network and software attacks. Sancus is the only open-source Trusted Computing architecture currently available; hardware descriptions as well as infrastructure software are freely available. We believe that this is essential to allow for the independent validation of the underlying security primitives and to establish trust in the platform and in systems built on top of it. Jan Tobias Muehlberg Sancus Website Sancus on Github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:50 Janson tpm Using TPM 2.0 As a Secure Keystore on your Laptop It's not as difficult as you think! Security and Encryption maintrack For decades, all laptops have come with a TPM. Now with Microsoft forcing the transition to the next generation, Linux faces a challenge in that all the previous TPM 1.2 tools don't work with 2.0. Having to create new tools for TPM 2.0 also provides the opportunity to integrate the TPM more closely into our current crypto systems and thus give Linux the advantage of TPM resident and therefore secure private keys. This talks will provide the current state of play in using TPM 2.0 in place of crypto sticks and USB keys for secure key handling; including the algorithm agility of TPM 2.0 which finally provides a support for Elliptic Curve keys which have become the default recently. This talk will provide an overview of current TSS (Trusted computing group Software Stack) for TPM 2.0 implementation on Linux, including a discussion of the two distinct Intel and IBM stacks with their relative strengths and weaknesses. We will then move on to integration of the TSS into existing crypto system implementations that allow using TPM resident keys to be used with common tools like openssl, gnutls, gpg, openssh and gnome-keyring. We will report on the current state of that integration including demonstrations of how it works and future plans. The ultimate goal is to enable the seamless use of TPM resident keys in all places where encrypted private keys are currently used, thus increasing greatly the security posture of a standard Linux desktop. James Bottomley Recent state of TPM2 support in Linux State of TPM2 integration with gnome-keyring and openssh Current build repository for experimental Linux TPM2 cryptosystem integration Presentation OpenSSL Engine for TPM 2.0 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:50 Janson cryptsetup Data integrity protection with cryptsetup tools what is the Linux dm-integrity module and why we extended dm-crypt to use authenticated encryption Security and Encryption maintrack The talk describes the architecture of data integrity protection with cryptsetup on Linux systems and the following steps that need to be achieved to have encrypted block-level authenticated storage. The full disk encryption is a well-known way to achieve confidentiality of data. Unfortunately, it usually does not provide any integrity protection of data because of its length-preserving nature (plaintext is the same size as ciphertext; there is no space for data integrity tags). Since Linux kernel 4.12 and cryptsetup2 we can configure new Linux kernel dm-integrity and dm-crypt devices that support data integrity protection over block devices (by emulating sector data integrity extensions over standard disks). We will explain the architecture of such integrity-protected block devices (with the support of new integritysetup tool) and also a possibility to use cryptographically sound data integrity protection (authenticated encryption) in combination with disk encryption. We will also shortly introduce new LUKS2 on-disk format that is designed to integrate these features into existing Linux disk encryption toolset easily. Milan Broz Cryptsetup upstream Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:50 Janson monero Inside Monero The world's first fungible cryptocurrency Security and Encryption maintrack While many in the tech industry are familiar with Bitcoin and the many altcoins that have forked off its code base, fewer are aware of Monero. Monero is evolved from CryptoNote, which is a completely independent code base from Bitcoin emphasizing privacy as opposed to Bitcoin's transparent blockchain. Like Bitcoin, Monero is fully open source. The project is driven entirely by volunteers. The Monero team has developed further innovations over the CryptoNote code base making it the most private cryptocurrency ever, and the first in the world with true fungibility. The talk includes a brief introduction to cryptocurrencies and their strengths and weaknesses. The main point of the talk is the additional features Monero has incorporated to preserve privacy and the consequences of using non-private cryptocoins. Howard Chu Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 Janson security_theatre Security Theatre The (mostly) unknown OSI Layer 8 Security and Encryption maintrack Security is but a feeling. A feeling that the admin has when he's leaving at beer o'clock. And mostly the biggest risks for the assets he has to protect are not of technical nature. This talk is full of examples, findings and revelations of twenty years of training, consulting, and being an investigative journalist. From passwords to Kerberos servers, from VPNs to the Dark net and anonymity, the hack in the German Bundestag and why it will happen again. Why Google is afraid, why modern hardware sucks, why most VPN services are not worth a cent. How to circumvent the great firewall of China. Eight years in Journalism have given me lots of anecdotes to tell. All these stories have one thing in common: The biggest security risk sits in front of the computer. OSI Layer 8, and pretty often you can achieve more working on this layer. Almost always the same amount of time and money is better invested here, but there's so many myths around. Oh, and did I mention why responsible disclosure is bullshit? And of course, management comes in. I will explain the terms "Blameware" and "backdoor-friendly" (a retronym for proprietary). Markus Feilner Video recording (mp4) Video recording (WebM/VP9) MdEP Julia Reda to the Geeks Submit feedback 15:00 00:50 Janson satnogs SatNOGS: Crowd-sourced satellite operations Satellite Open Source Ground Station Network Space maintrack An overview of the SatNOGS project, a network of satellite ground station around the world, optimized for modularity, built from readily available and affordable tools and resources. We love satellites! And there are thousands of them up there. SatNOGS provides a scalable and modular platform to communicate with them. Low Earth Orbit (LEO) satellites are our priority, and for a good reason. Hundreds of interesting projects worth of tracking and listening are happening in LEO and SatNOGS provides a robust platform for doing so. We support VHF and UHF bands for reception with our default configuration, which is easily extendable for transmission and other bands too. We designed and created a global management interface to facilitate multiple ground station operations remotely. An observer is able to take advantage of the full network of SatNOGS ground stations around the world. Nikos Roussos website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:50 Janson upsat The story of UPSat Building the first open source software and hardware satellite Space maintrack During 2016 Libre Space Foundation a non-profit organization developing open source technologies for space, designed, built and delivered UPSat, the first open source software and hardware satellite. The presentation will be covering the short history of Libre Space Foundation, our previous experience on upstream and midstream space projects, how we got involved in UPSat, the status of the project when we got involved, the design, construction, verification, testing and delivery processes. We will also be covering current status and operations, contribution opportunities and thoughts about next open source projects in space. During the presentation we will be focusing also on the challenges and struggles associated with open source and space industry. Pierros Papadeas UPSat website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:00 00:50 Janson closing_keynote Exploiting modern microarchitectures Meltdown, Spectre, and other hardware attacks Keynotes keynote Recently disclosed vulnerabilities against modern high performance computer microarchitectures known as 'Meltdown' and 'Spectre' are among an emerging wave of hardware-focused attacks. These include cache side-channel exploits against underlying shared resources, which arise as a result of common industry-wide performance optimizations. More broadly, attacks against hardware are entering a new phase of sophistication that will see more in the months ahead. This talk will describe several of these attacks, how they can be mitigated, and generally what we can do as an industry to bring performance without trading security. Jon Masters Video recording (mp4) Video recording (WebM/VP9) Submit feedback 17:50 00:10 Janson closing_fosdem Closing FOSDEM 2018 Keynotes keynote Some closing words. Don't miss it! FOSDEM Staff Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:50 K.1.105 (La Fontaine) cyborg Cyborg Teams Training machines to be Open Source contributors Miscellaneous maintrack A purely human team does not scale past a certain complexity point. In the Cockpit project we’ve done something amazing: We’ve built a team that’s part human and part machine working on an Open Source project. In the Cockpit project we’ve done something amazing: We’ve built a team that’s part human and part machine working on an Open Source project. “Cockpituous”, our project’s #5 commit contributor, is actually our automated team members. Bots do the mundane tasks that would otherwise use up the time of human contributors. During the talk you can see them self-organizing, doing continuous integration, finding issues, contributing code changes, making decisions, releasing the software into Linux distros and containers. They work in a completely distributed, organic way, and run in containers on Kubernetes. We’ll talk about how humans are training the bots, and how bots are using machine learning to learn from the humans. The project and its pace would be unthinkable otherwise. Treating the bots as team members is fundamental to achieving this. I’m excited to show you how to pull that off. Stef Walter Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:50 K.1.105 (La Fontaine) android_graphics Running Android on the Mainline Graphics Stack Miscellaneous maintrack Finally, it is possible to run Android on top of mainline Graphics! The recent addition of DRM Atomic Modesetting and Explicit Synchronization to the kernel paved the way, albeit some changes to the Android userspace were necessary. The Android graphics stack is built on a abstraction layer, thus drm_hwcomposer - a component to connect this abstraction layer to the mainline DRM API - was created. Moreover, changes to MESA and the abstraction layer itself were also needed for a full conversion to mainline. This talk will cover recent developments in the area which enabled Qualcomm, i.MX and Intel based platforms to run Android using the mainline graphics stack Robert Foss Blog Blog: Related Posts Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:50 K.1.105 (La Fontaine) libreoffice Re-structuring a giant, ancient code-base for new platforms Making LibreOffice work well everywhere. Miscellaneous maintrack Come and hear how LibreOffice is meeting the challenges of new platforms both hardware and software, adapting to new constraints & shining. LibreOffice has faced a lot of challenges recently, from hardware providing ever more threading resource to the need to provide an online version in the browser. These bring some interesting solutions. Come and hear the story of how we're bringing the code-base up-to-date, from providing a ~constant-time threaded XML parser, to parallelising the guts of Calc's calculation engine. Catch the latest in Online innovation, optimization and scalability work as well as its growing integration with lots of other Open Source projects. Hear how we're starting to bring dialogs both to your browser, and to your native Linux desktop toolkit. Finally catch up with the latest and greatest feature/function improvements coming in LibreOffice 6.0 - our next major release timed to co-incide with FOSDEM release, and find out how you can best get involved with LibreOffice. Michael Meeks Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:50 K.1.105 (La Fontaine) automated_driving OpenADx – xcelerate your Automated Driving development Leveraging open collaboration and open source to accelerate development of Automated Driving Community maintrack The Bosch Automated Driving division faces among many the challenge that the toolchain for developing automated driving solutions becomes more complex by every level of automation. Well established tools are not well integrated for the use cases needed and it is easy to detect gaps in the overall toolchain for dedicated tasks. Instead of solving these challenges alone, wasting lots of money on the path, the Bosch division together with partners from the industry but also from other domains builds up a community to solve the toolchain challenge together in the OpenADx initiative. With this the partners expect a substantial saving on toolchain costs but also a better integration within organization and especially at the interfaces between cooperating organizations. This talk will present the approach and the current state of the community. Automated driving solutions introduce a new complexity into the development of embedded systems in a car. This complexity rises with each level of control and autonomy of the automated driving systems. New tool categories have to be added like machine learning, but also existing technologies, like simulation, are stretched to their current limits. E.g., it is expected that the validation of a fully automated driving solution requires to do test drives in the amount of millions of kilometers. This results in the need for very complex simulation as part of the validation as well as the handling of extensive amounts of data in order to ensure quality at a realizable effort. The toolchain for such challenges is complex and the integration of all the tools coming from different domains cost a lot of effort without a real competitive advantage towards the automated driving solution. Therefore, the Bosch Automated Driving division, together with Microsoft, is currently building up an ecosystem of companies within the industry including OEMs, tier 1 suppliers, tool vendors, research organisations but also partners from other industries like the IT industry. The intiative called OpenADx is supported by the Eclipse Foundation as a host for the activities. The goal of this endeavor is to stop wasting money on the introduction of a proprietary toolchain in each of the companies and to share the development costs for the toolchain with partners from the industry. Besides the benefit of sharing the costs, the expected result is a better integration of the toolchain within the organizations, but especially also at the interface between cooperating organizations. For tool vendors and research organizations, the advantage of the approach is in the existence of an integration backbone which allows the provider to easily integrate new technology or tools into a working environment that runs in a multitude of customer organizations, instead of providing proprietary solutions for single customers. The goal of the initiative is not to replace existing tools. There are many tools and technologies, be they commercial or open source, that solve perfectly their job and should do so in the future. The goal is to define development workflows and to support the integration of tools along those workflows as well as to fill gaps identified and not solved by existing tooling. This integration glue will be provided as open source software under the umbrella of the Eclipse Foundation. The current state of the initiative is that it is currently searching for interested parties throughout the world. The goal is to make this an industry effort not driven by single partners that is big enough to propose and realize an industry standard for automated driving solution development. To get the ecosystem running with only a limited commitment necessary, the initiative starts small. Through a series of so-called Hackfests, i.e., 5 to 10 day Hackathon events, the interested parties get the chance to make first hand experience in the collaborative approach. Additionally, the members get to a common ground on the technologies available and the development approaches at hand in order to identify common integration goals which build the basis for first open source projects spanned from the ecosystem. Based on the experiences of these Hackfests, the members of the initiative will furthermore decide on topics like how to go public officially or how the intiative will be structured. At the time of the talk, the first Hackfests have taken place in which we will have provided prototypical solutions for the area of closed-loop simulation of automated driving functions with a perfect perception and the handling of massive amounts of data in the toolchain. The results of these Hackfests will be shown in the presentation as well as an outlook on the further activities. Lars Geyer-Blaumeiser Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 K.1.105 (La Fontaine) nextcloud Why I forked my own project and my own company ownCloud to Nextcloud Community maintrack This talk will describe the reasons why ownCloud was founded as an open source project. The good and bad things when it was turned into a venture capital founded company, the thing that Frank and the core team does differently with Nextcloud and how the business model, licensing and community relations improved. Frank Karlitschek founded the ownCloud open source project in 2010 and co-founded a company named ownCloud Inc. late 2012. After being the maintainer for over 6 years and CTO of ownCloud Inc. for over 4 years Frank decided to start over. Leave his own project and company to create a fork called Nextcloud. This talk will describe the reasons why ownCloud was founded as an open source project. The good and bad things when it was turned into a centure capital based company, the thing that Frank and the core team want to do differently with Nextcloud and how the business model, licensing and community relations improved. This talk covers insights into different open source business models and how to create a win win situation for a company and a community. Frank Karlitschek Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:50 K.1.105 (La Fontaine) international_development Sustainability of Open Source in International Development A new approach from the United Nations Foundation Community maintrack Today’s global climate of international development funding cuts, along with growing challenges in sustainability of FOSS projects generally, means we need to focus on co-investment in shared resources for those projects -- the mission of the DIAL Open Source Center. Duplication of effort, flawed funding models, and overall lack of project maturity has led to the failure of most free & open source software projects in the international development space. In this talk, we'll discuss the new Open Source Center at the Digital Impact Alliance (DIAL), an initiative of the United Nations Foundation. The Center's aim is to help increase those projects' maturity, quality, and reach -- with a goal of advancing an inclusive digital society using FOSS for the poorest places on the planet. Over the past decade, the international development community has been exploring how the use of modern technology — including tools like the mobile phone, the Internet, as well as free & open source software — can extend the reach of its work. At the same time, these same organizations have struggled to leverage FOSS in an effort to make their work more participatory, sustainable, and effective. Mainstream software often used in wealthier markets do not always fully meet the specialized needs of international development projects and the areas in which those projects are undertaken. Other fields have demonstrated the FOSS development model as a proven viable model to leverage global collaboration to share costs across institutions, increase the quality of products, and more rapidly innovate. In the international development community, the results have been mixed. Relatively few of these FOSS projects have endured & matured — when successful, enabling improved and sustained access to information and services that previously were out of reach for marginalized populations. Many efforts have failed, often due to preventable reasons. These FOSS digital development projects usually struggle with lack of long-term investments in key focal areas such as community effectiveness & product development. Without emphasis of these key considerations, they can rarely match the functionality and quality of their proprietary competitors. As a result, these FOSS projects can’t grow to the more advanced levels of maturity needed for widespread adoption throughout the development field. In collaboration with partners around the world, the Digital Impact Alliance (DIAL) at the United Nations Foundation is launching its Open Source Center, a multilateral participatory program designed to be a global focal point of FOSS digital development projects. In this talk, you’ll learn: <ol> <li>Why we believe this type of program is key to ensuring the maturity & sustainability necessary for long-term success of digital development FOSS projects,</li> <li>What we believe are the 4 key pillars to mature tech-for-development FOSS projects, and</li> <li>The five areas of services which will be provided to participants, and our thoughts on translating our approach to other sectors.</li> </ol> We’ll also discuss our systems for governance, evaluation of participating projects, and financial sustainability strategies for the program. If you’re interested in cross-project collaboration to advance the impact of free & open source software in a specific area of work, come learn about our plans to transform the international development FOSS space, and share your feedback! Michael Downey DIAL Open Source Center United Nations Foundation Digital Impact Alliance (DIAL) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 K.1.105 (La Fontaine) community_and_business AMENDMENT Community & Business Two worlds, one galaxy Community maintrack While open source software thrives with a community, a community also thrives from business. Open source is simply a way of doing things, providing transparency and other key factors such as the ability to modify its functionality. This talk provides insight for communities and how an open source project can really develop itself into a profitable project (not just fiscally). Open source projects do well rooting their funding backends from corporations which deliver enterprise-level support and more. Basically most meaningful software projects in the open source world has some company in the back, delivering true value also back to the project itself. Based on the example of Kopano and its community as a great community with a true open source company this talk highlights the ways of interaction with the community and how to provide real value to the project you are involved. Please note that this talk replaces "Love What You Do, Everyday!" by Zaheda Bhorat who has fallen ill. We wish her a speedy recovery. Michael Kromer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:15 K.1.105 (La Fontaine) email_address_quiz AMENDMENT So you think you can validate email addresses A journey down RFC5321 Miscellaneous maintrack Too often, developers think they know the right way to validate email addresses, which often leads to bad UX and frustrated users whose legitimate addresses are not accepted. This presentation will show you your true level of email validation skill via a simple and fun quiz, whose accuracy often approaches that of Cosmo quizzes. You think you know how to validate email addresses? You don't. Please note that this talk replaces "Love What You Do, Everyday!" by Zaheda Bhorat who has fallen ill. We wish her a speedy recovery. Stavros Korokithakis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:15 H.2215 (Ferrer) fix_the_internet Let's Fix The Internet Lightning Talks lightningtalk The Internet today is plagued by many problems. From viruses and spam, to identity theft and piracy. We can solve those problems. With a virtual operating system that runs the cloud, using blockchains to secure identities and data, a virtual network layer to protect agains unauthorized network access, and a virtual machine to sandbox untrusted code. This talk will describe Elastos, an Operating System for the smart web. It will explore the approach that Elastos takes to achieve these goals, and gives a vision of a possible future internet. Elastos is an ongoing open source OS project, which facilitates the new generation of universal apps running anywhere, such as in AR/VR headsets, IoT gateways, game consoles, phones, PCs, TVs, and cloud servers (see Windows 10 UWP). Programmers can use any of three kinds of languages to develop applications: C/C++, Java and HTML/JS. Elastos is different from an Android-like OS in at least four aspects: <ol> <li>Elastos has a complete set of novel C/C++ APIs and frameworks, which correspond to the Java APIs and frameworks of Android. With better performance and a smaller footprint, Elastos is a better fit for embedded systems and machines with wireless peripherals. Elastos also supports almost all Android Java and JS APIs and frameworks. POSIX APIs are deprecated.</li> <li>Elastos has a distributed OS runtime to guarantee end-to-end security and integrity across the Internet. With built-in metadata-driven reflection technology, Elastos can automatically generate code to bridge programming modules across languages and machine boundaries. In other words, applications, services and IoT devices are prohibited from sending/receiving network packets directly, in order to fence off network attacks initiated from third party software and hardware.</li> <li>Elastos runtime has a pioneering, service-oriented architecture, designed ideally for containers/virtual-machines. An Elastos runtime can be thought of as a CppVM (vs. JavaVM) without a leaking bottom, i.e., there are no Java-Native-Interface (JNI) equivalent mechanisms to expose the underlying physical machine or host OS. This prevents the possibility of malicious code penetrating into the system layer.</li> <li>Elastos is decentralized across the Internet, and utilizes blockchains to authenticate user IDs, application IDs, as well as machine IDs. To build a flourishing ecosystem, anybody may freely implement their own markets, social apps, search engines, location-based services, advertisement agents, and so on, while being rewarded with Elastos coins.</li> </ol> Martin Bähr Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:20 00:15 H.2215 (Ferrer) python_regex_derivatives Regular Expression Derivatives in Python Lightning Talks lightningtalk Regular expressions are commonly implemented using a backtracking algorithm, or by converting them into a nondeterministic finite automata using Thompson's construction. An alternate approach is to use Brzozowski derivatives to directly generate deterministic finite automata. This talk describes an implementation of Brzozowski derivatives in Python, based on a paper by Owens, Reppy and Turon. This implementation is used for generating efficient Unicode lexers. Owens, Reppy and Turon [1] describe how Brzozowski derivatives may be used to convert an extended regular expression into near optimal deterministic finite state automaton. They observe that "RE derivatives have been lost in the sands of time, and few computer scientists are aware of them". Despite that, this technique is simple, elegant and straightforward to implement. The author has used Brzozowski derivatives to build a lexer generator in Python that supports Unicode. The structure of the talk is: <ol> <li>Overview of partial derivatives of regular expressions.</li> <li>How to deal with large character sets.</li> <li>Key design decisions for a Python implementation.</li> <li>Quick tour of the Python code.</li> <li>Real world results.</li> </ol> [1] Owens, S., Reppy, J. and Turon, A., 2009. Regular-expression derivatives re-examined. Journal of Functional Programming, 19(2), pp.173-190. Michael Paddon Source Code Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:40 00:15 H.2215 (Ferrer) htop Adding performance counters to htop Lightning Talks lightningtalk Typical userspace process monitoring tools usually show some general metrics like CPU% usage, Memory%, CPU time and so on, which have been around for a long time. In this lightning talk, I will discuss some other performance measurements available in modern systems, like hardware performance counters, and talk about their inclusion in htop, in hopes that these powerful metrics will reach a wider audience. htop is an interactive process viewer for Unix systems. Typical userspace process monitoring tools, either textual or graphical, usually show some general metrics like CPU% usage, Memory totals and percentages, CPU time and so on. These are essentially the same set of metrics which have been around for a long time, since the days of the original Unix top. However, newer process metrics have become available over the years, usually "hidden" in more advanced tools such as systemtap and perf-events. In this lightning talk, I will discuss some of these performance measurements available in modern systems, such as Hardware Performance Counters, and talk about their inclusion in htop, in hopes that these powerful metrics will reach a wider audience. Hisham Muhammad http://hisham.hm/htop/ Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:15 H.2215 (Ferrer) emitter Emitter: Scalable, fast and secure pub/sub in Go Scalable and real-time networking for IoT, web apps and gaming. Open source or cloud based. Lightning Talks lightningtalk Emitter.io is a real-time messaging service for connecting online devices. It is a scalable, fast and secure pub/sub in Go. Emitter.io is a real-time messaging service for connecting online devices. - scalable: Built to handle millions of messages per second and to scale horizontally. - Fast: Designed to ensure reliable, speed-of-light message delivery and high throughput. - Secure: Supports TLS encryption, binary messages, expirable channel keys and permissions. - Open source: Source code is available on GitHub and packaged as a docker container. - Persistant: Messages can be stored for a period of time and sent to subscribers on demand. - No more limits: Uses standard MQTT protocol, supports message filtering. Tom Marechal Emitter Homepage Emitter on Github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:20 00:15 H.2215 (Ferrer) linux_test_project Linux Test Project introduction Lightning Talks lightningtalk Introduction into the Linux Test Project - large kernel+libc testsuite from the upstream maintainer. I would like to sum up shortly where we came from, what is the current status and where we are heading for the future. Linux Test Project (LTP) is a large collection of tests related mostly to the Linux kernel and libc. Historically the tests varied a lot in quality and because of that LTP earned quite a bit of bad reputation. However the quality of code and the project as a whole has improved a lot in recent years which is something I would like to present to the wider audience as well as outline the direction where we are heading for the future. Cyril Hrubis Linux Test Project pages Linux Test Project repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:40 00:15 H.2215 (Ferrer) lizardfs_opennebula LizardFS and OpenNebula, a petabyte cloud the simple way How to move OpenNebula into the Petabyte space with LizardFS Lightning Talks lightningtalk A demonstration of the new Open Nebula connector to LizardFS on a PB Filesystem. Nodeweaver and LizardFS would like to release our common new Open Nebula connector at FOSDEM 2018. To honour the occasion we would like to demonstrate an OpenNebula system running on a 1.4 PB LizardFS, fully integrated and ready for use. The connector will be than released to the community. The demo will be on a live system and show how easy it is to run your own Cloud in the petabyte scale with OpenNebula and LizardFS. Michal Bielicki Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:15 H.2215 (Ferrer) grimoirelab GrimoireLab: free software for software development analytics Lightning Talks lightningtalk The talk will explain how to analyze software development with <a href="http://grimoirelab.github.io">GrimoireLab</a>. It will show with simple code how easy it is to retrieve data from git, Bugzilla, GitHub, mailing lists, StackOverflow, Gerrit, IRC, Slack, and many other repositories. Then, with the same toolkit, the data will be organized in ElasticSearch indexes, visualized in actionable dashboards, and summarized in reports. Some advanced analysis will also be presented on how to exploit the data using Python/Pandas and IPython/Jupyter Notebooks. The talk will be complemented with interesting insights on real FOSS projects. Many free / open source software (FOSS) projects feature an open development model, with public software development repositories which anyone can browse. These repositories are normally used to find specific information, such a certain commit or a particular bug report. But they can also be mined to extract all relevant data, so that it can be analyzed to learn about any aspect of the project. This talk will explain the GrimoireLab method for doing that, which is based on organizing all that information in a database, which can be later analyzed. This approach allows for minimal impact on the project infrastructure, since data is retrieved only once, even if it later analyzed many times. It allows as well for efficiency and comfort when mining data for an analysis, since the results are readily available, databases can be shared and replicated at will, and queried them with any kind of tools is easy. The tools that retrieve information from the repositories are grouped in the GrimoireLab toolset. It includes mature, widely tested programs capable of extracting information from most repositories used by FOSS projects of any scale. Many of them are agnostic with respect to the database used, although currently ElasticSearch is the best supported. The produced databases can be exploited in several ways, of which two will be explained during the talk: using Python/Pandas to produce IPython/Jupyter Notebooks which analyze some aspect of the project; and using Python to feed a ElasticSearch cluster, with a Kibana front-end for visualizing in a flexible, powerful dashboard. All these approaches can be used to understand general aspects of the project, such as how efficient are the code review or bug fixing processes, how diverse are contributions to the git repository, or how conversations in mailing lists or StackOverflow are shaped. But they can be used as well to drill down, and analyze the contributions by a certain developer, or the longer code review processes, or the contents of the most lively email and QA threads. The talk will explain the whole process from data retrieval to visualization, and will show some specific cases of real world use, such as the dashboards produced for Eclipse, OPNFV, MediaWiki and many others. Some of the contents of the talk are described in detail in the online book GrimoireLab Training. GrimoireLab is on of the systems produced by the CHAOSS Collaborative Project. <ul> <li><a href="https://grimoirelab.github.io">GrimoireLab</a></li> <li><a href="https://www.gitbook.com/book/grimoirelab/grimoirelab-training">GrimoireLab Training</a></li> <li><a href="https://opendaylight.biterg.io">OpenDayLight GrimoireLab Dashboard</a></li> <li><a href="http://opnfv.biterg.io">OPNFV GrimoireLab Dashboard</a></li> <li><a href="http://wikimedia.biterg.io">Wikimedia GrimoireLab Dashboard</a></li> <li><a href="http://chaoss.community">CHAOSS Collaborative Project</a></li> </ul> Jesus M. Gonzalez-Barahona GrimoireLab GrimoireLab Training Tutorial OpenDayLight GrimoireLab Dashboard CHAOSS Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:15 H.2215 (Ferrer) perceval Perceval: Software Project Data at Your Will OSS development tools data extraction Lightning Talks lightningtalk Software development projects, in particular Open Source ones, heavily rely on the use of telematic tools to support, coordinate and promote development activities. Despite their paramount value, project data is scattered on the Internet, making them difficult to retrieve, collect, clean, link and analyze, challenging the achievement of insightful analytics for both practitioners and researchers. This talk presents Perceval, a tool able to perform automatic and incremental data gathering from almost any tool related with contributing to Open Source development (e.g., source code management, issue tracking systems, mailing lists, forums). It hides the technical complexities related to data acquisition and eases the definition of analytics. Perceval is an industry strong free software tool that has been widely used in Bitergia, a company devoted to offer software analytics of open source software projects. The arise of the Internet has radically changed how software is being developed. Over the years, platforms like GitHub, StackOverflow and Slack have became important tools to support, coordinate and promote the daily activities around software. This is specially true for Open Source projects, which rely heavily on distributed and collaborative development. Beyond being successfully and increasingly adopted by both end-users and development teams, these telematic tools offer relevant data sources, which can be exploited by practitioners and researchers to describe, predict, and improve specific aspects of software projects. However, accessing and gathering this data is often a time-consuming and an error-prone task, that entails many considerations and expertise. It may require to understand how to obtain an OAuth token (e.g., StackExchange, GitHub) or prepare storage to download the data (e.g., Git repositories, mailing list archives); when dealing with development support tools that expose their data via APIs, special attention has to be paid to the terms of service (e.g., an excessive number of requests could lead to temporary or permanent bans); recovery solutions to tackle connection problems when fetching remote data should also taken into account; storing the data already received and retrying failed API calls may speed up the overall gathering process and reduce the risk of corrupted data. Nonetheless, even if these problems are known, many practitioners tend to re-invent the wheel by retrieving the data themselves with ad-hoc scripts. This talk introduces Perceval, a tool that simplifies the collection of project data by covering more than 20 popular tools and platforms related to contributing to Open Source development, thus enabling the definition of software analytics. Perceval is an industry-strength tool, that (i) allows to retrieve data from multiple sources in an easy and consistent way, (ii) offers the results in a the flexible JSON format, and (iii) gives the possibility to connect the results with analysis and/or visualization tools. Furthermore, it is easy to extend, allows cross-cutting analysis and provides incremental support (useful when analyzing large software projects). Valerio Cosentino Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:40 00:15 H.2215 (Ferrer) distros_relevant Are distributions still relevant? Lightning Talks lightningtalk With flatpaks, snaps, and more - do we even still need distributions? What makes a distribution and how can package maintainers reconcile the fact that they have learned the hard ways of packaging for their distribution with the ease of use of distribution-agnostic packages? This talk covers distribution-agnostic "apps", whether they are a good idea, why there is often such a backlash against them, and who benefits the most from them. Sanja Bonic Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:15 H.2215 (Ferrer) freebsd_pkg_provides FreeBSD : pkg provides A plugin for querying which package provides a particular file Lightning Talks lightningtalk pkg-provides is a plugin for querying which package provides a particular file, we use this example to introduce peoples to the art of writing plugins to FreeBSD pkg tool. Rodrigo Osorio Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:15 H.2215 (Ferrer) packaging Wrap it Up! Packaging from Pots to Software Lightning Talks lightningtalk Big changes are well underway in how software gets packaged and delivered. But even relatively modern takes on packaging goods and services for sale and consumption go back hundreds of years. In this talk, I'll take you on a whirlwind tour of packaging. What forms has packaging taken? What problems were being solved? What kinds of trade-offs need to be made? What lessons can we learn? How has packaging evolved from the utilitarian to the experiential? And, critically, the trade-offs between prescriptive proprietary bundles and the sort of open-ended unrestricted choice that open source software can enable. Gordon Haff Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:40 00:15 H.2215 (Ferrer) vis_editor Vis Editor: Combining modal editing with structural regular expressions Lightning Talks lightningtalk The vis editor extends vi's modal editing with built-in support for multiple selections and combines it with sam's structural regular expression based command language and Lua scripting capabilities. The intention is not to be bug for bug compatible with vi(m), instead we aim to provide more powerful editing features based on an elegant design and clean implementation. Marc André Tanner Vis Editor Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:15 H.2215 (Ferrer) viva Viva, the NoSQL Postgres ! Jsonb history and roadmap Lightning Talks lightningtalk PostgreSQL is the first relational database, which recognized the need of non-atomic data types to support developers of applications from science to Web. Jsonb in Postgres is the attractive feature for modern application developers, who want to work with json documents without sacrificing a strong consistency and ability to use all the power of proven relational technology. Finally, SQL world has recognized the NoSQL and released the new SQL-2016 standard, which includes specification of SQL/JSON data model and path language, as well as SQL commands for storing, publishing and quering JSON data. I will present the implementation of this standard in Postgres based on existing jsonb data type and discuss some future extensions. I will also present the results of well recognized in NoSQL world the YCSB benchmarks for PostgreSQL, MongoDB. Oleg Bartunov Slides from PGConf.eu 2017 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:20 00:15 H.2215 (Ferrer) designing_riscv64_soc AMENDMENT Designing a Libre Embedded / Mobile RISCV64 SoC Distillation of the best features and pin-multiplexing of commercial embedded / mobile processors Lightning Talks lightningtalk Please note that this replaces the talk by Rik Lempens on SiriDB - Time Series Database In reaching out to the India Shakti RISC-V team the opportunity presented itself to put a proposal to them of a mobile / embedded RISC-V 64-bit SoC that would meet their requirements: low cost, libre, and suitable for four markets: smartphone, tablet, laptop / netbook and embedded industrial purposes. Six years ago the author attempted to create an SoC pinmux: it took over two months. Learning from that experience and instead writing a python program to represent the pinouts, adding new test scenarios instead took about an hour each, including altering the pinouts to best match the new scenario whilst still maintaining access to functions needed for all other scenarios as well. Assuming the market assessments were correct, the design - which only requires a 300-pin BGA package - can be said to have been proven to successfully meet all four target markets. Crucially with this approach, potential customers can be approached with the preliminary design, for their input and feedback before committing huge sums to design and tape-out actual silicon. The output of the python program is a simple markdown page that can be used, without alteration, as the Reference Documentation should the SoC ever be created. In addition to the pinouts, the source of the design inspiration and guides utilised in the design has also been documented, so as to provide not just Reference Schematics and parts that are easily available in the Shenzhen / China markets, but also a logical justification for the actual choice of interfaces in each of the target usage scenarios. Ultimately, it helps explain why low-cost embedded and mobile-class processors are designed the way that they are. Also included is links to numerous sources of BSD-licensed and compatible LGPL-licensed hard macros (VLSI / VHDL) such as the ORSOC Graphics Accelerator, so that, if utilised, apart from the DDR3 hard macros (which the Shakti team plan to implement under a libre license) the entire SoC's full hardware-design source code is completely available under Libre Licenses. With absolutely no proprietary firmware required whatsoever it has the potential to be one of the world's first ever mass-volume mobile-class quad-core 28nm 2.5ghz embedded SoCs that will be entirely libre right down to the bedrock. Luke Kenneth Casson Leighton Main page for the proposed processor Pinouts including pinmux Example schematics helping guide PMIC and Peripheral Selection python program source for the pinmux generation, confirmation, and reference documentation. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:40 00:15 H.2215 (Ferrer) nosql NoSQL Means No Security? Lightning Talks lightningtalk New systems are always interesting targets since their security model couldn’t mature yet. NoSQL databases are no exception and had some lurid articles about their security, but how does their protection actually look like? We will take a look at three widely used systems and their unique approaches: <ul> <li>MongoDB: Widely criticized for publicly accessible databases and a common victim of ransomware. Actually, it provides an elaborate authentication and authorization system, which we will cover from a historic perspective and put an emphasis on the current state.</li> <li>Redis: Security through obscurity or how you can rename commands. And it features a unique tradeoff for binding to publicly accessible interfaces.</li> <li>Elasticsearch: Groovy scripting has been a constant headache, but the new, custom-built scripting language Painless tries to take the pain away literally.</li> </ul> Philipp Krenn Slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:15 H.2215 (Ferrer) datacenter_build Your Build in a Datacenter Remote Caching and Execution in Bazel Lightning Talks lightningtalk Projects such as ccache and distcc drastically lower the duration of C/C++ builds by caching and distributing the work on many servers. These programs are focused on C++ or C-like languages. Bazel, Google's open source build system, is multi-language and has been used with a distributed caching and execution service for almost ten years inside of Google. Recently Google and others have built on that experience to design an open-source remote caching and execution system for Bazel. This talk will introduce remote caching and execution in Bazel, and the BuildFarm project, a distributed remote caching and execution backend that is open source and available for everyone to use. Jakob Buchgraber Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:20 00:15 H.2215 (Ferrer) privacyidea Enroll 2FA to thousands of users with privacyIDEA Automating processes with privacyIDEA Lightning Talks lightningtalk privacyIDEA is an Open Source Multi Factor Authentication System. It supports a wide variety of 2nd factor types like Smartphone Apps, key fob tokens, U2F, YubiKeys, Nitrokeys but also managing SSH keys and x509 certificates. Important features are several simple ways to automate processes and thus easily enroll, personalize or revoke authentication object in existing workflows. privacyIDEA is a flexible two factor solution, which can integrate into any network. Users are read from any user repository like flat files, SQL databases, LDAP or Active Directory. <h2>REST API</h2> privacyIDEA runs as a central authentication server in your network. All actions can be accessed via a <a href="http://privacyidea.readthedocs.io/en/latest/modules/api.html">REST API</a>. E.g. to enroll a Smartphone App like the Google Authenticator an administrator would have to issue an authentication request to receive an authorization token: <pre><code>http POST https://your.privacyidea.com/auth username=administrator password=******** </code></pre> Then the administrator you enroll a token: <pre><code>http POST https://your.privacyidea.com/token/init serial=123456 genkey=1 type=totp authorization:<authorizationtoken> </code></pre> The request would aleady return a QR Code image to be scanned with the smartphone. Of course privacyIDEA provides a modern UI based on bootstrap and Angular, but this API already gives you an idea about the possibilities of automation. <h2>Event Handler</h2> In addition to this privacyIDEA comes with extremly flexible <a href="http://privacyidea.readthedocs.io/en/latest/eventhandler/index.html">event handler framework</a>. This allows the administrator to hook new actions to any event. These actions may only trigger based under certain conditions. Triggered actions can be notifications, any kind of token events, federations with other privacyIDEA instances or any arbitrary shell script receiving certain parameters from privacyIDEA. The talk will give you an idea, how you can use the privacyIDEA event handler framework to add privacyIDEA and 2FA management in your existing automated processes. Cornelius Kölbel Project website Documentation Forum Documentation on event handlers Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:15 H.2215 (Ferrer) sympa The future of Sympa from mailing lists to social networks Lightning Talks lightningtalk sympa is just 20 years old, it has a world wild large base and a small community of developpers. as a member of the community, i will explain the features that makes sympa worth to be actively developped and what are the next steps. Marc Chantreux Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:15 H.2215 (Ferrer) static_infrastructure_status Static Infrastructure Status with Jekyll and GitHub Pages Lightning Talks lightningtalk Infrastructure services fail – At least from time to time. Providing users with a central point of information is vital in particular when your usual ways of communication (e.g. your website) are broken. While there are dedicated services, it can also be done using Jekyll and its data and collections features on GitHub Pages. Infrastructure services fail – At least from time to time. Providing users with a central point of information is vital in particular when your usual ways of communication (e.g. your website) are broken. When disaster strikes, updates must be published quickly and with little effort. Credentials must be known, templates available and the full service inventory and its interdependencies externally documented. While there are dedicated services, it can also be done using Jekyll and its data and collections features on GitHub Pages. This Lightning Talk will explain how we implemented the approach for the DARIAH-DE Research Infrastructure services. Carsten Thiel Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:20 00:15 H.2215 (Ferrer) snabb Snabb - A toolkit for user-space networking Lightning Talks lightningtalk Snabb is a toolkit for developing user-space network functions. A network function (filtering, NAT, encapsulation) is any program that manipulates network traffic. Snabb eases the effort to write such programs. Snabb fits in the category of user-space networking. Snabb by-passes the Linux kernel talking directly to the hardware. This makes Snabb a very convenient tool for high-performance networking. Unlike other user-space toolkits such as DPDK or VPP, Snabb is entirely developed in Lua which significantly lowers the adoption barrier. In this talk I introduce the Snabb toolkit. Through real-world examples you will learn how Snabb works and even how to start prototyping your own network functions. Diego Pino Snabb explained in less than 10 minutes Practical Snabb Github repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:40 00:15 H.2215 (Ferrer) fosdem_infrastructure_review FOSDEM Infrastructure Review Lightning Talks lightningtalk FOSDEM infra review Richard Hartmann Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:15 H.1301 (Cornil) introductiontothedecentralizedinternetpart Introduction to the decentralized internet part Decentralised Internet and Privacy devroom Welcome to the Decentralized Internet Devroom (DID) This is the second edition of this Devroom, which has been extended its topic to include privacy-related projects. During this session, we'll discuss two topics: 1 - Why do we need do redecentralize the Internet? 2 - How and with who will we do it? Tristan Nitot Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:15 00:15 H.1301 (Cornil) ripeatlas Can we measure the (de)centralisedness of the Internet with RIPE Atlas? Decentralised Internet and Privacy devroom We are looking into how RIPE Atlas probes in networks with the majority of end-users for a given country. We measure the path between them and infer if these networks are directly connected or not. With this information we can estimate how centralised the Internet is for a given country (in terms of who has access to user2user IP communication channels) This can be useful information for people who want to develop a more decentralised internet. (see abstract) Emile Aben Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:30 H.1301 (Cornil) eufunding Get your decentralized project some EU funding EU calls free software developers for "Future Hyper-connected Sociality" Decentralised Internet and Privacy devroom Free software projects for decentralization have been plagued with a lack of funding. We set up the Public Universal Base: Libre Infrastructure Consortium to respond to EU calls and bring funding to our community. We'll show you how to participate in the project and get some funding for your free software social media project. For over five years, a group of people have been working on ways to amplify and coordinate action of free software projects in Europe in the field of decentralized and distributed social media. From the P2P Meeting in Berlin, 2012, to the Umbrella project that gave birth to the Center for Cultivation of Technology, we've made serious advances towards our goal to find sustainable ways to promote and fund critical free software projects for the Federation, P2P social media, and privacy-by-design projects. It's now time to bring EU funding to free software! With H2020/ICT-28 EU call for "Future Hyper-connected Sociality", we have a serious opportunity to bring funding to our community. We've setup the Public Universal Base: Libre Infrastructure Consortium (PUBLIC) to respond to ICT-28. PUBLIC is an EU Consortium to promote adoption of free software in Europe to build a lasting public infrastructure. In this presentation we propose to introduce the EU consortium and our goals, and to explain how free software projects can participate to boost their finances. Via a procedure of "Open Calls", PUBLIC will be able to distribute funding to selected projects. We'll tell you how to best respond to those calls. We'll ask from you how to best frame the project to respond to your needs. Outline: - What is ICT-28 - What is PUBLIC & PUBLIC's goal - Open Calls & how to respond to them - Questions hellekin (how) H2020 Work Programme 2018-2020 Placeholder for the PUBLIC site EU Migration Project Group Our work platform PUBLIC Coordinator PUBLIC Preliminary Presentation Technique en liberté, présentation au Capitole du Libre Video recording (mp4) Video recording (WebM/VP9) Cited Book: Jacob Rabinowitz, "The Unholy Bible" Submit feedback 10:00 00:30 H.1301 (Cornil) mazitoolkit Urban places as nodes of a decentralized Internet The MAZI toolkit and the Openki.net platform Decentralised Internet and Privacy devroom The MAZI toolkit, http://mazizone.eu/toolkit, is a DIY networking toolkit for installing, customizing, and deploying self-hosted applications on a Raspberry Pi as local web server (in a sense, a YunoHost focusing on small-scale community networks and a PirateBox opening up to self-hosted applications) that can help to create a wide variety of local networks effectively and democratically designed and governed by local communities. Such a tool can bring closer together self-hosted software and community networks, making both more accessible to a wider audience. Openki, http://openki.net, is a FLOSS platform for self-organized education that facilitates the creation of collaborative learning groups in the city. In this talk I will explain how these two can be combined to help build a decentralized Internet anchored in urban spaces and facilitate learning and trust building processes that are necessary for privacy, among others. <ul> <li>Presentation of the MAZI toolkit, including demo</li> <li>Presentation of Openki.net, including demo</li> <li>Discussion on how they can be combined toward a more decentralized and privacy respecting Internet</li> </ul> A related high-level talk is available online here: https://www.youtube.com/watch?v=G_fMfX7oigQ. Panayotis Antoniadis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 H.1301 (Cornil) retroshare The Generic Data Distribution System of the Retroshare Network An attempt to solve the problem of perfectly decentralized data distribution Decentralised Internet and Privacy devroom Because of their static topology and limited connectivity friend to friend networks represent a challenge in the distribution of data. We present GXS: a generic data distribution system suitable for friend-to-friend networks, that is in the heart of the Retroshare software. The presentation will start with a short overview of the Retroshare software. We will then cover the technical aspects of GXS, its architecture and concepts, and will describe a few existing decentralized services based on this system. Finally, a call to developers will be made, based on a generic example, while proposing multiple ideas of distributed services to be developped on top of it. The detailed plan for the presentation will be the following. Each line indicates the approximate cumulated time duration and number of slides. The presentation is tuned to approximately 20 mins. A - overview of the Retroshare platform B - the GXS system <pre><code> - overview of the system and data distribution paradigm - technical description: services, groups, messages, circles. - spam control - file transfer </code></pre> C - open problems and call for contributions <pre><code> - step by step example of creating a service - ideas of GXS services </code></pre> D - conclusion+contacts (1 min, 1 slide) Cyril Soler Retroshare project home page Developer blog post of the Retroshare project Technical report Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 H.1301 (Cornil) ring Ring as a free universal distributed communication platform. The state of the project in 2018. Decentralised Internet and Privacy devroom Ring, a free universal distributed communication platform gets its first stable version in July 2017. This project is based on OpenDHT, which manages communications through a p2p network. In this talk, after a short demonstration, we will describe what is the state of the platform now, what is new since the last FOSDEM, and what will be embedded during the next months. <a href="https://ring.cx">Ring</a> is a free, universal and distributed communication platform respecting user freedoms and privacy developed by Savoir-Faire Linux in Montréal. Unlike a lot of communication technologies, this project works without any central server and uses a peer-to-peer network transport library which can be used by any application: <a href="https://opendht.net/">OpenDHT</a>. In 2017 Ring has seen a lot of improvements, and gets its first stable version last July, which provides a lot of new features . The project is available on a lot of platforms (Linux, BSD, Windows, UWP, MacOs, Android and iOS) and also supports SIP calls. During the last year, the communication reliability has been improved as well as the user experience. The OpenDHT library was enhanced in order to function via a proxy which offers the ability to easily work with HTTP requests. Ring and OpenDHT's developers describe how this technology works. What problems they encountered and what solutions are implemented. After a demonstration of Ring, developers will explore several questions: <ul> <li>What is Ring in February 2018?</li> <li>What is a Distributed Hash Table and how OpenDHT works?</li> <li>How developers can use OpenDHT for their projects?</li> </ul> Finally, the talk goes beyond to look at the 2018's roadmap and to describes the work planned for improving the user experience and the possibilities for Ring. Sébastien Blin Ring project's website OpenDHT project's github page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 H.1301 (Cornil) matrix Building Decentralised Communities with Matrix Introducing Matrix Communities (and more!) as a decentralised alternative to Slack Teams or Discord Servers Decentralised Internet and Privacy devroom Over at Matrix.org we've spent a lot of the last year refining the Matrix protocol for open, secure, decentralised communication to make it more usable for larger scale usage. One of the major recent additions has been the ability to group together sets of users and rooms into 'Communities' - equivalent to Slack Teams or Discord Servers, which give a way for existing projects and communities to give their users a much more focused and friendly environment for decentralised communication with Matrix. In this talk we'll explain how Communities (aka Groups) work, how they're implemented, and how FLOSS projects in particular are using them and other recent features to escape the centralised tyranny of proprietary alternatives! Everyone should be painfully familiar with the sinking feeling of their favourite online community (be that FLOSS or any other topic) fragmenting and getting trapped in proprietary communication technologies. Matrix exists to defragment these silos and provide an open standard with open source implementations as a decentralised alternative. One of the main improvements over the last year has been the introduction of Communities - a new feature in Matrix which provides a much-needed ability to define decentralised sets of users and groups alongside other community metadata (profile page, avatar, etc) to create a friendly home in Matrix for existing organisations of any kind. This makes it way easier to migrate from proprietary silos into Matrix for communication and collaboration within a community, as rather than users being thrown head first into the open ocean of Matrix, anyone can now produce curated landing pages for given communities which users can participate in... without having to constantly sign up for new accounts or having communities locked into proprietary platforms. Meanwhile bridges lets Matrix connect through to IRC, Slack, Discord, Telegram and others to fix the fragmentation problem. We'll be showing off how folks like NextCloud, OpenSource Design, Status.im and Cosmos are using Communities already, and how they work under the hood. Meanwhile, lots of other stuff has landed in Matrix this year focused on improving usability: entirely new UX for managing end-to-end encryption; all new native desktop clients (e.g. Nheko from the community); the addition of Widgets to embed arbitrary webapps into Matrix rooms; integrating with Jitsi for video conferencing and more! Alongside Communities we'll show off the latest stuff and demonstrate how Matrix clients like Riot are becoming an increasingly viable open source alternative to Slack and friends. Matthew Hodgson Matrix.org The Matrix.org spec Introducing Matrix Communities in Riot Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 H.1301 (Cornil) peertube The emPeerTube strikes back Let's decentralize YouTube ! Decentralised Internet and Privacy devroom Presentation of PeerTube, a decentralized video streaming platform using P2P (BitTorrent) directly in the web browser and ActivityPub to federate servers. Attended audience is technical people, or decentralization enthousiasts. Today, you can't offer an real alternative to Youtube: costs for storage or Internet bandwidth would be so huge that only a few societies can afford it. Some free softwares exist to host your own videos but they don't address the money issue when too much videos are uploaded to your server, or if a video goes viral. That's where PeerTube comes up! Servers are federated with ActivityPub, a federating protocol built by the W3C (already used in Mastodon) and they send the videos to web browsers with the help of WebTorrent (Bittorrent over WebRTC). The videos are indexed accross federated servers so people can watch a video from instance A on the instance B's web interface. Here's the disk storage cost-killer: just upload your videos on your own instance or one you trust! When viewers are watching the same video at the same time, thanks to WebTorrent, you don't get the videos only from the instance which hosts the video but from the other watchers too. And that's for the bandwith issue. We will present the project, its technical background and its future developments. Outline of the talk or goals of the session: <ul> <li>Issues with YouTube and why it's hard to offer an alernative (costs)</li> <li>General concepts of PeerTube (federation + P2P) which resolve this issue</li> <li>In-depth explaination of the federation (with ActivityPub handling videos metadata like torrents links, thumbnails, names…)</li> <li>Future eventual developments -> redundancy of videos with webseed</li> <li>Call for developers! Join the revolution!</li> </ul> Luc Didry (Framasky) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 H.1301 (Cornil) contributopia Contributopia De-google-ifying is not enough Decentralised Internet and Privacy devroom For the past 3 years, the French non-profit Framasoft has been leading a campaign to "De-google-ify Internet", hosting 32 free-libre alternatives to Google (and GAFAM) services, educating users to change their digital habits and creating a French network of free-libre and ethical services hosters. In October 2017, Framasoft launched a new campaign: Contributopia. 12 actions over 3 years sharing the same goal: let's create the digital tools to equip the "contributors society" in order to interest them into contributing to free-libre and open-source software. Over 3 years of campaigning to De-Google-ify Internet (and doing it), we learned a few lessons: <ul> <li>Open source software are doing great, while free-libre projects desperately need contributions;</li> <li>There are lots of non-digital communities that share the free-libre ethics, but havn't heard about FLOSS;</li> <li>Building tools and giving talks against Big Data companies works, thinking out of their box to propose another way of seeing our future works better.</li> </ul> We concluded that proposing 30 free-libre and data-friendly alternatives to the most used web-services (during the 2014-2017 Degoogleify Internet campaign) was not enough... This proof of concept (used today by about 400 000 monthly French-speaking users) is just a start. Here is our plan for the 3 years to come: include users in the making of the most politically (and technically)-sensitive web services, document our experimentations and meet our peers so they can be adapted and reproduced. And finally imagine and create the tools to facilitate access to open knowledge and digital independency. This won't happen if we don't go and build bridges between the free-libre software communities and all the people who share these ethics in other domains. There are new worlds to explore, and we hope more and more will join us on this journey. Christophe Lafon-Roudier (Pouhiou) official website the De-google-ify Internet website Contributopia website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 H.1301 (Cornil) tor Peeling onions: understanding and using the Tor network Decentralised Internet and Privacy devroom Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. There is in fact a lot of information that can be still learned by just observing encrypted communications. Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. This talk is going to present what Tor is and how it works. We are also going to present new features we have been developing lately. Finally we are going to explain how you can build applications that use Tor. Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. Encryption only prevents the content of the communication between Alice and Bob from becoming known. There is in fact a lot of information that can still be learned by just observing encrypted communications. For example, it is always possible to guess certain information by learning some properties of the conversation beyond just the content, such as the length of the conversation, or who was involved, or even guessing a group of people that communicate with a certain frequency. These properties are called metadata and can be used to describe information even when the full data is not available. Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. For the Tor network to function properly and to satisfy users' needs, we need a certain degree of diversity. We need diversity in the nodes comprising the network and in the user population sending traffic through it. Lately, we have been introducing new traffic scheduling features in the network in order to solve problems, reduce congestion and improve overall performance. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. Other applications can also make use of the Tor network to be more secure. In this case Tor can provide bi-directional anonymity by making it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. The next generation onion services have been recently launched in alpha and we are excited to touch on some of the new features that have been introduced on the old hidden service design. Silvia Puglisi (Hiro) Tor Project website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 H.1301 (Cornil) securedroppresentation Anonymous Whistleblowing with SecureDrop Decentralised Internet and Privacy devroom This session will introduce SecureDrop, a free and open source whistleblowing platform. We will describe how it addresses the critical need for a way for journalists and sources to communicate securely and anonymously. Many large news organizations including the Associated Press (AP), the Guardian, the Washington Post and the New York Times are all now running SecureDrop in their newsrooms to preserve an anonymous tip line in the presence of increasing surveillance powers by governments and corporations. We will describe how SecureDrop works, how you can install it, and how you can contribute to the project. <ul> <li>Motivation and history of the project</li> <li>Walkthrough of the current workflow from the perspective of sources and journalists</li> <li>Overview of the current decentralized deployment strategy</li> <li>Deployment/installation considerations for news organizations</li> <li>Architecture overview: how SecureDrop uses Tor onion services everywhere to protect the anonymity of users</li> <li>Leveraging Qubes for VM-based isolation in the journalist workflow to compartmentalize sources and submissions</li> </ul> Talk will be 20 minutes with 10 minutes questions Jennifer Helsby (redshiftzero) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:25 H.1301 (Cornil) i2p The Invisible Internet Project An overview and guide to the technology Decentralised Internet and Privacy devroom In this talk I will discuss what is the Invisible Internet Project (I2P), why I2P network is needed, will provide an insight on how the I2P network works, how it is different from Tor. Some use cases and safety tips will be discussed as well as discussion on some new features. Intended audience: everyone interested in I2P. <ul> <li>What's wrong with modern Internet? What were original goals of its creation and how modern challenges are handled.</li> <li>Tor as the first generation of world wide overlay network.</li> <li>I2P as the second generation of overlay networks.</li> <li>The I2P design: <ul> <li>I2P layers, tunnels and garlic routing.</li> <li>Decentralized Network databased and addressing scheme.</li> <li>I2P Cryptography.</li> <li>I2P Protocol stack.</li> </ul> </li> <li>Available implementations.</li> <li>Usage tips and examples.</li> <li>Privacy considerations and best practices.</li> </ul> Andrew Savchenko (bircoph) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:25 H.1301 (Cornil) encryptedmortals Encrypted communication for mere mortals superheroes welcome, too Decentralised Internet and Privacy devroom The LEAP Encryption Access project is dedicated to giving all Internet users access to secure communications. Our focus is on adapting encryption technology to make it easy to use and widely available. Not only end users deserve useable programs, the barriers to entry for aspiring service providers are pretty high. LEAP's goal is to transform the existing frustration and failure into an automated and straightforward process. We are currently working on two services: <ul> <li>VPN, to protect the internet connection of the users and be able to circumvent internet blockages. bitmask (the leap client) makes easy to set up the VPN connection and configuring a firewall to prevent IP leaks (over DNS, IPv6 or others), routing all the traffic of the computer over the VPN</li> <li>email, encrypting the emails on transit and at rest. Making key discovery and usage trasparent to the user at the same time that is compatible with the existing clients using OpenPGP. As well as encrypting the email storage in the client so the provider or a mitm can't access them.</li> </ul> In this talk we'll give: <ul> <li>an overview of our architecture and why we believe this federated model is the way to go for the masses</li> <li>the current state of our project and upcoming work/focus</li> <li>give a short walkthrough on how to run such a service provider with your local hackerspace/NGO/ISP/friends & family</li> </ul> kwadronaut LEAP.se project website Bitmask, end user client Submit feedback 15:00 00:25 H.1301 (Cornil) securedroparchitecture Improving the SecureDrop system architecture Good useability in a high security environment Decentralised Internet and Privacy devroom SecureDrop is designed to address a threat model including nation state adversaries. Journalists and system administrators understand the tradeoff and are ready to make significant efforts because usability is difficult to improve without sacrificing security. We explore novel approaches to deploy the recommended hardware that significantly improves usability without compromising security. When employees of an intelligence agency follows Snowden's footsteps, they boot tails in a coworking space and submit to the SecureDrop Tor Hidden Service. SecureDrop is the only whistleblower framework that addresses a threat model with a nation state adversary. The journalist then uses one machine to get the documents from the server. And moves them to an airgap machine to decrypt and read the documents. The server itself is made of two machines, one of them running the Tor Hidden Server and the other running OSSEC to monitor it. They sit behind a carefully configured firewall and are controlled from an admin workstation running Ansible. The physical separation between machines is an essential part of the SecureDrop security. They are non trivial to setup and use for both the journalist and the system administrator of the news organization. We will present alternatives designed to improve the usability for both of them while preserving a reasonable level of security. Eric Hartsuyker (heartsucker) SecureDrop Freedom of the Press Foundation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:25 H.1301 (Cornil) privacyscore Measuring security and privacy on the Web The idea and use of PrivacyScore.org Decentralised Internet and Privacy devroom PrivacyScore.org (in public beta since June 2017) is an automated website scanning platform that allows anyone to investigate websites for privacy and security issues. Users can use PrivacyScore to compare related websites (e.g., of all political parties in a country). We will present insights from running the platform, interesting results, and discuss future plans for the platform with the audience. We present our approach for making the Web a safer place: by making privacy invasions and security mishaps more transparent to users, web site operators, and data protection authorities. This lead us to the creation of PrivacyScore. PrivacyScore is a website scanning platform that simplifies the process of comparing security and privacy aspects of websites. PrivacyScore focuses on lists of websites, while existing scanners such as Webbkoll, Mozilla Observatory, Track the Trackers by Fraunhofer SIT, securityheaders.io, etc. focus on single sites. Furthermore, PrivacyScore is non-commercial and available as open source software. All recorded data is made available publicly for research purposes. We believe that public benchmarks are a useful tool to improve security and privacy in the long run. On the one hand, such benchmarks can help with raising awareness of users, on the other hand a benchmarking platform like PrivacyScore can be of use for data protection agencies that want to or have to audit content providers in their jurisdiction, which will become more widespread in 2018 with the European general data protection regulation. The generated datasets are also of value for researchers: For instance, we are interested in analyzing whether public "blaming and shaming" poor performance within a peer group of sites creates an incentive for site operators to implement additional security and privacy measures. In our talk we will present insights on the effectiveness of the public shaming approach that we have gained from running PrivacyScore in public since June 2017. We (and other users) have already created several lists to analyze security and privacy aspects of more than 18,000 sites. In some cases we were able to observe how web site operators react when they learn how their site ranks in comparison to their competitors. Tobias Mueller PrivacyScore Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:25 H.1301 (Cornil) cryptpad CryptPad Encrypted collaborative editing without trusting the server Decentralised Internet and Privacy devroom CryptPad is the world's first web based realtime collaborative editing platform where the server never sees the plaintext content. The realtime synchronization happens entirely in the client and the content is encrypted so that the server cannot read it. This lecture will present the encryption and key-management model, the sandboxing architecture which prevents a majority of CryptPad code from accessing the secret keys and some research into a solution to prevent backdoors in the javascript sent from the server. There will also be a discussion of how to reuse the CryptPad architecture (and source code) in developing other security/privacy conscious webapps. CryptPad was created to show the world that end-to-end encryption can be as easy to use as any ordinary webapp. CryptPad allows anonymous collaboration similarly to Etherpad but the URL contains a key after the # (which is never sent to the server). CryptPad also allows registration and then organization of pads in a "CryptDrive" which is itself encrypted using a key derived from the username and password. The result of this is no plaintext content is ever sent to the server. Because the server is unaware of any of the content which is being edited, all operational transformation and realtime synchronization must happen on the client side. This was achieved using a library called ChainPad which uses a Merkel DAG (simplified block chain) in order to seek consensus on the official version of the document without the server's help. The server is little more then a dumb message relay. However, one still must trust the validity of the javascript which is hosted on the server. In order to mitigate the risk of javascript vulnerabilities leaking the secret keys from CryptPad, the browser's Cross Origin Policy is leveraged with a novel use of cross-domain iframes. Attacks are also limited using Content Security Policy, a new feature which is present of modern browsers. Still, the integrity of the javascript sent by the CryptPad server remains of great importance. Cryptography software is traditionally installed as an application which theoretically receives independent code review at each release. Unfortunately this defeats the simplicity and ease of adoption of a webapp. We are studying a possible solution using notarized code signing with a browser extension to validate it. CryptPad is a research and development effort to explore new ways of improving security in collaborative web applications while maintaining the usability that people demand. This architecture is not confined to use only for realtime editing, it can be extended to many types of application. When you design the next privacy-conscious technology consider whether you should be requiring your users to install it. Caleb James DeLisle Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 H.1301 (Cornil) etesync Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! Decentralised Internet and Privacy devroom Servers can't be trusted! Whether it's because of a malicious company, a rogue employee, a government agency, a random hacker or malware, your data is not safe if it's just sitting there exposed on a server. Luckily, there are ways to mitigate some of the threats, for example by making your server more secure, using a server you trust (self-host) and using end-to-end encryption, so the server doesn't have access to this information. While these are great, the server can still successfully manipulate your data, this is where tamper-proof journals come into play and help reducing even that. In this talk Tom will show some of the threats your data is facing on servers even when self-hosting and using end-to-end encryption, explain what tamper-proof journals are, how they can mitigate these threats, and how they are used by <a href="https://www.etesync.com">EteSync</a> to better secure your data. Audience: <ul> <li>People interested in securing their personal data, especially address books and calendar events.</li> <li>People interested in learning about the limitations of some of the widely used approaches for securing data.</li> <li>Developers creating, maintaining or developing secure solutions who will benefit by exposing themselves to more potential privacy issues and how to solve them.</li> </ul> Tom Hacohen EteSync's website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:25 H.1302 (Depage) installing_software_for_scientists Installing software for scientists on a multi-user HPC system A comparison between conda, EasyBuild, Guix, Nix & Spack HPC, Big Data, and Data Science devroom Before scientists can use HPC systems for their research, they need to get the tools and applications installed that they require. Until recently, this was a (perhaps surprisingly for some) painful process, especially for scientists that lack sufficient experience with compiling software and dealing with dependencies. Recently, several projects have emerged that aim to facilitate this process, each of which with a particular focus: performance, flexibility, reproducibility, ease of use, support for multiple platforms, etc. In this talk, I would like to present an objective comparison of the different tools that are most prevalent currently, including: <ul> <li>conda</li> <li>EasyBuild</li> <li>Guix</li> <li>Nix</li> <li>Spack</li> </ul> Although I intend to focus on the use case of installing (scientific) software on multi-user HPC systems, I will also highlight particularly interesting features that fall outside that scope. Kenneth Hoste conda website (https://conda.io) EasyBuild website (http://easybuilders.github.io/easybuild/) Guix@HPC website (https://guix-hpc.bordeaux.inria.fr) Nix website (https://nixos.org/nix/) Spack website (https://spack.io/) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:25 H.1302 (Depage) llnl_spack Binary packaging for HPC with Spack HPC, Big Data, and Data Science devroom Spack is a package manager for cluster users, developers, and administrators, rapidly gaining populartiy in the HPC community. Like other HPC package managers, Spack was designed to build packages from source. However, we've recently added binary packaging capabilities, which pose unique challenges for HPC environments. Most binary distributions assume a lowest-common-denominator architecture, e.g. x86_64, and do not take advantage of vector instructions or architecture-specific features. Spack supports relocatable binaries for specific OS releases, target architectures, MPI implementations, and other very fine-grained build options. This talk will introduce binary packaging in Spack and some of the open infrastructure we have planned for distributing packages. We'll talk about challenges to providing binaries for a combinatorially large package ecosystem, and what we're doing in Spack to address these problems. We'll also talk about challenges for implementing relocatable binaries with a multi-compiler system like Spack. Finally, We'll talk about how Spack integrates with the US exsascale project's open source software release plan, and how this will help glue together the HPC OSS ecosystem as a whole. Todd Gamblin CV with links to prior talks and presentations Spack website Spack github Recent podcast on OSS and supercomputing Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:25 H.1302 (Depage) guix_workflows Tying software deployment to scientific workflows Using Guix to make software deployment a first-class citizen HPC, Big Data, and Data Science devroom Package management, container provisioning, and workflow execution are often viewed as related but separate activities. This talk is about using Guix to integrate reproducible software deployment in scientific workflows. In HPC, tools usually focus exclusively on one of these aspects: Spack or EasyBuild manage packages, Singularity or Shifter deal with containers, and SLURM, CWL, or Galaxy mostly leave it up to users to deploy their software. While the initial tooling of GNU Guix is about package management, we have grown it into a toolkit that, broadly speaking, allows developers to integrate reproducible software deployment into their applications—as opposed to leaving it up to the user. In this talk I will illustrate the benefits of this approach with examples from recent work from the Guix-HPC effort. This ranges from the “guix pack” container provisioning tool, to the Guix Workflow Language (GWL), which incorporates deployment as a key aspect of workflow management. I will discuss how we could make these tools key components of broader reproducible scientific workflows as demonstrated by projects such as ActivePapers, ReScience, or NextJournal. Ludovic Courtès Guix-HPC GNU Guix Guix Workflow Language Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:25 H.1302 (Depage) computecanada Combining CVMFS, Nix, Lmod, and EasyBuild at Compute Canada HPC, Big Data, and Data Science devroom One of the challenges in HPC is to deliver a consistent software stack that balances the needs of the system administrators with the needs of the users. This means running recent software on enterprise Linux distributions that ship older software. Traditionally this is accomplished using environment modules, that change environment variables such as $PATH to point to the software that is needed. At Compute Canada we have taken this further by distributing a complete user-level software stack, including all needed libraries including the GNU C library, but excluding any privileged components. I will describe our setup, which combines Nix for the bottom layer of base components, EasyBuild for the top layer of more scientifically inclined components, Lmod to implement environment modules, and the CernVM File System (CVMFS) to distribute it to Canadian supercomputers. Expected prior knowledge: knowing how to use the command line and environment variables. Bart Oldeman Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:25 H.1302 (Depage) hpc_uclouvain Behind the scenes of a FOSS-powered HPC cluster at UCLouvain Ansible or Salt? Ansible AND Salt! HPC, Big Data, and Data Science devroom With the advent of the DevOps and Infrastructure as Code movements, tools have emerged that allow building a complete HPC solution from scratch based only on open source software. At UCLouvain, one of our clusters, and the services on which it depends, is built on a full FOSS stack. From the operating system, to the deployment tools, monitoring, scheduling, and user software installation, everything is built from open source software that inter-operate gracefully. For instance, for deployment/provisioning, we use a combination of Ansible and Salt which we find work perfectly together even if they are often considered to be mutually exclusive. This talk will share our experience with making FOSS software co-operate smoothly and will offer our point of view on choosing the right tool for the right job. It will also present some of the contributions we have made to the open source community. Our software stack for the cluster is based on Slurm, OpenLDAP, Easybuild, Zabbix, with many side-services running on virtual machines in OpenStack. Management is performed with a trilogy of tools: Cobbler, Ansible and Salt, for production, and Openstack and Vagrant for development and staging. Our contributions to the open source community include somme tools for Slurm, a web wizard for building submission scripts, and a tool that orchestrates the interplay between the LDAP system and the job submission program (Slurm). Damien François Behind the scenes CISM Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:25 H.1302 (Depage) deeplearning_osm How DeepLearning can help to improve geospatial DataQuality , an OSM use case. HPC, Big Data, and Data Science devroom How DeepLearning, and semantic segmentation, can be an efficient way to detect and spot inconsistency in an existing dataset ? OpenStreetMap dataset took as an use case. DataQuality is a must, but a gageure. And any technique on any help to improve DataQuality is then more than welcome. Machine and DeepLearning can succeed to tackle some old issues, in a far more convenient and efficient way than ever before... For instance DeepLearning, with aerial imagery semantic segmentation can detect features from an aerial image and allow us to check dataset consistency. In this presentation we will focus on how an OpenStreetMap subset dataset (for instance roads and buildings on an area), can be evaluated to produce a quality metric, and to spot areas where obvisously dataset is still far to be complete. On a DataScience point of view, we wanna focus on: <ul> <li>DeepLearning vision, and specific Satellite imagery considerations (high and lower resolutions, multispectral dimensions, dataset aggregation...)</li> <li>How to qualify a good enough labelled DataSet (to allow supervised learning)</li> <li>PostgreSQL/PostGIS integration with Python ML/DL framework</li> <li>Concrete solution for efficient treatments for wide coverages</li> </ul> On a OpenData, point of view we will consider, how this kind of solution could be integrated with OSM project Assurance Quality policy. Olivier Courtin Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:10 H.1302 (Depage) modules_v4 Modules v4 Pushing forward user environment management HPC, Big Data, and Data Science devroom Typically users initialize their shell environment when they log in a system by setting environment information for every application they will reference during the session. The Modules project, also referred as Environment Modules, provides a shell command named <code>module</code> that simplifies shell initialization and lets users easily modify their environment during the session with configuration files called modulefiles. The Modules project has a long history as its development was started in 1991. At that time, the concept of the <code>module</code> command was laid down to dynamically and atomically enable environment configurations during a shell session. Since then, this concept has become a standard practice, especially among the scientific community where people share same computing resources but all have a specific software and version requirement. After an almost 5-year release hiatus, Modules with its version 4 is back into the environment management game. The intend is to further improve the modulefile standard and the module command capabilities, with proven concepts applied to similar fields like software package management. After briefly explaining the root concept behind the module command, this talk will cover the major changes between versions 3.2 and 4 at both software and project level. Then focus will be put on some of the recent or upcoming new features: * virtual modulefiles * extend the module command at your site * sharing code across different modulefiles * dependencies management between modulefiles * new ways to query or change the environment state The audience for this talk is anyone who is interested in user environment management. From the system administrator, who has to provide access to a software catalog, to the end-user of shared computing system, who need to juggle with different workloads combining software elements. Xavier Delaruelle Modules website Modules source repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:10 00:10 H.1302 (Depage) distributed_in_memory_systems Scale Out and Conquer: Architectural Decisions Behind Distributed In-Memory Systems HPC, Big Data, and Data Science devroom Distributed platforms, like Apache Ignite, rely on horizontal scalability. More machines in the cluster means greater performance of the application. Do we always get twice the speed after adding the second machine to the farm? Ten times faster after adding ten machines? Is that [always] true? What is the responsibility of the platform? And where do engineers’ responsibilities begin? In this talk attendees will learn about the compromises and pitfalls architects face when designing distributed systems: • Advantages and disadvantages of different data-sharding algorithms. • Effective data models for distributed environments. • Synchronization and coordination in distributed systems. • Local scalability issues of speeding up local processing on cluster nodes. Akmal Chaudhri Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:10 H.1302 (Depage) modular_mahout The Magnificent Modular Mahout An extensible library for distributed math and HPC HPC, Big Data, and Data Science devroom Open source big data engines as well as HPC libraries seem to be proliferating at an increasing rate. Technical debt can be incurred with statistical and machine learning algorithms that require a highly specialized knowledge of the algorithm at hand as well as the distributed engine / HPC library which the method has been written against. The Apache Mahout project presents a highly modular stack which introduces levels of abstraction between the mathematical implementation of the algorithm (an R-Like Scala DSL) and the execution of the code. Users are able to interchange Apache Spark, Apache Flink (batch), and H2O distributed engines, as well as ViennaCL for OpenCL on GPU and OpenMP, and CUDA native solvers. Users can also port high level algorithms to new distributed engines or native solvers by defining a handful of BLAS operations. Audience members will ideally have some concept of distributed engines such as Apache Spark, and a basic under standing of BLAS packs and linear algebra. (Basic understanding of linear algebra meaning they remember that things like matrix times matrix, matrix times vector, matrix transposed, and matrix decompositions are things that exist). Current research is being done on creating a quantum BLAS pack for Apache Mahout, which will be a prototype of the next generation of High Performance Computing- however trying to even begin to explore the topic of quantum computing in 20 minutes is observed, and so research and progress at the time of the conference will be mentioned in passing only. Trevor Grant Apache Mahout Spark Distributed Engine Bindings Flink Distributed Engine Bindings H2O Distributed Engine Bindings ViennaCL Native Solver OpenMP (ViennaCL) Native Solver CUDA Native Solver Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:10 H.1302 (Depage) large_scale_repo_analysis Tools for large-scale collection and analysis of source code repositories Open source Git repository collection pipeline HPC, Big Data, and Data Science devroom There are 10s of millions Git repositories publicly available over the Internet, but what kind of tools would one need to be able to treat all this code as a Big Dataset? I will talk about new and existing OSS tools that were built and used, in order to allow collection and analysis of millions of Git repositories on commodity hardware clusters. Alexander Bezzubov Babelfish project source{d} Engine Borges Rovers Siva go-git enry Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:40 00:10 H.1302 (Depage) slurm Slurm in Action: Batch Processing for the 21st Century HPC, Big Data, and Data Science devroom This talk will give an overview over how we use Slurm to schedule the workloads of over 6000 scientists at NERSC, while providing high throughput, ease of use and ultimately user satisfaction. With the emergence of data-intensive applications it was necessary to update the classic scheduling infrastructure to handle things like user defined software stacks (read: containers), data movement and storage provisioning. We did all of this and more through facilities provided by Slurm. In addition to these features we will discuss priority management and quality of service and how that can greatly improve the user experience of computational infrastructures. This talk will be a walkthrough of the features that make Slurm great, using a supercomputing site as an example. All of the introduced interfaces are not specific to the site in question and can be used by the broader community. After an a brief introduction of the workings of a workload manager/scheduler in general and Slurm in particular, we'll go into some of the features and how those open up possibilities for frictionless working with all kinds of use-cases, way beyond classical HPC workloads: - Container integration - Data staging - On-demand filesystem provisioning - On-the-fly job rewriting - Cluster federation - and a healthy plugin ecosystem No previous knowledge of high performance computing or batch processing required. Georg Rath NERSC Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 H.1302 (Depage) julia_trilinos_integration The Julia programming language A look at arrays and Trilinos integration HPC, Big Data, and Data Science devroom The Julia programming language is a high-level language, primarily developed for scientific computing. It uses just-in-time compilation to get a performance level that is comparable to C/C++. It was designed to overcome the “two-language problem”, where a proof-of-concept in a high-level language needs to be translated to a compiled language by specialists to get the required performance. In this talk, the main features of the language will be highlighted from the perspective of a “convert” coming from C++ and with a focus on scientific programming aspects. As an application, arrays and the work on making parts of the Trilinos library available will be discussed. In the first part of the talk, a general overview of Julia will be presented. Julia is a typed language, where users can build their own types and write functions that operate on them. In this system, there are no “privileged” types, i.e. user defined types are treated equally to predefined types. A central concept in the system is “multiple dispatch”, where the function that is to be called is decided based on the passed arguments, thus making it possible to overload existing functions for new types. The decision on what function to call can happen both dynamically and at compile time, depending on the information available at compile time. As will be shown, this system, while very simple on the surface, results in surprisingly elegant and fast code. In the second part, a concrete example, based on my Trilinos.jl package, will illustrate how an existing HPC library can be leveraged from within Julia. Current focus is on making the Belos solvers from Trilinos available, using the Tpetra sparse matrix stack. Views into the C++ data are available using the native Julia array syntax. As a concrete example, we have a 2D laplace example that demonstrates low-level linear system assembly using Julia but at the same speed as C++. Bart Janssens The Julia language Trilinos.jl package Slides repository with images Login and clone the above repository to run Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 H.1302 (Depage) data_security_vs_hpc Does data security rule out high performance? Is it possible to maintain the anonymity of people contributing their data while not hindering ambitious science? HPC, Big Data, and Data Science devroom Traditionally HPC systems assume they are in a secure, isolated environment and as many barriers as possible are removed, in order to achieve the highest possible performance. While these assumptions may still hold for traditional simulation codes, many HPC clusters are now used for heterogeneous workloads. Such workloads increasingly involve the integration of input data from a variety of sources, notably in the life sciences. Scientists are now operating at the population scale, where datasets are ultimately derived from real people. In this talk we discuss some of the restrictions placed on the usage of such datasets, how those restrictions interfere with the goal of high performance computing, and some alternative strategies that meet the data requirements while not hobbling the speed of analytical workloads. HPC systems are by definition optimised to run user codes at the fastest possible speed. Many of the normal safeguards and security procedures of Linux systems are removed in furtherance of this goal. For example, firewalls are often disabled and password-less SSH is usually enabled between nodes. The parallel filesystems required for high performance often dictate further security compromises. Normally these systems will be placed on an isolated network, mitigating the risk to the wider infrastructure. In some commercial organizations, an entire compute node will be dedicated to a user. Conversely, the norm in academic clusters is for different users to share the nodes. While the jobs running on these clusters were simulations, or were using data without access concerns, none of the above approaches were problematic. Simple POSIX permissions were sufficient to provide basic security and isolation. These assumptions used to hold for life sciences HPC jobs too, where they were operating on data obtained in vivo or from non-human organisms. In recent years there have been a variety of efforts to obtain human data, often at population scale. Examples include UK Biobank, the 100,000 Genomes project, and The Cancer Genome Atlas (TCGA). A quotation from the latter illustrates the ambitions of these sorts of initiatives: "The Cancer Genome Atlas (TCGA) is a comprehensive and coordinated effort to accelerate our understanding of the molecular basis of cancer through the application of genome analysis technologies, including large-scale genome sequencing." https://cancergenome.nih.gov/ Scientists wishing to use TCGA data need to register and comply with access policies: https://wiki.nci.nih.gov/display/TCGA/Access+Tiers As an example, I facilitated the download of 800TB of TCGA data on eMedLab, and careful attention was needed to ensure that collaborators with the lab that had signed the TCGA agreements were not able to see those data. The 100,000 Genomes project organised by Genomics England only allows analysis via their strictly controlled 'embassy' system: https://www.genomicsengland.co.uk/the-100000-genomes-project/data/ https://www.genomicsengland.co.uk/about-gecip/for-gecip-members/data-and-data-access/ UK Biobank, which contains various data sources from 500,000 individuals, also has strict data access policies: http://biobank.ctsu.ox.ac.uk/showcase/exinfo.cgi?src=accessingdataguide In some cases, researchers have to travel to specific locations where there are physically isolated computers, in order to gain access to data. Clearly these policies are directly in conflict with the barrier-free approach that is normal in HPC facilities. In this presentation we discuss possible approaches to compliance with data licensing and security requirements, while allowing good performance for researchers working on increasingly large-scale analyses. Adam Huffman Talk at FOSDEM 2017 Talk at RCUK Cloud Working Group Workshop 2016 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:25 H.1302 (Depage) cratedb CrateDB: A Search Engine or a Database? Both! How We Built a SQL database on top of Elasticsearch and Lucene HPC, Big Data, and Data Science devroom In this talk, I will give an introduction to CrateDB, its architecture, and demo a few things that people have built with it. Search engines are databases that specialize in retrieving information from a data corpus. Compared to traditional databases like PostgreSQL, search engines allow you to work with text and other unstructured data very efficiently. Projects like Xapian and Lucene can perform efficient indexing and querying of large amounts of documents. Projects like Solr and Elasticsearch have added clustering and distributed query execution to scale out the search features. The most obvious gap between traditional databases and search engines is the query language. Whereas relational databases can typically be queried with SQL, search engines usually implement a custom search API. At CrateDB, we don’t think you should have to give up SQL just because you’re using search engine features. That’s why we created a fully-functional SQL interface on top of Elasticsearch and Lucene. You get all the benefits of traditional databases, as well as the features of a distributed search engine. Do you want to store huge amounts of data and search it in real time? Do you have unstructured and structured data? Do you want to run distributed joins? Do you want to add nodes and scale your cluster horizontally? Do you want to leverage the power of SQL? If so, CrateDB is a great match. Maximilian Michels CrateDB GitHub project Personal Website Twitter My GitHub Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:25 H.1302 (Depage) hopshadoop Scaling Deep Learning to hundreds of GPUs on HopsHadoop HPC, Big Data, and Data Science devroom Scaling out deep learning training is the big systems challenge for the deep learning community. Backed by a high performance distributed file system (HopsFS) and the support for GPU sharing and management in the cluster manager (HopsYarn), the HopsWorks platform provides different flavors of Tensorflow-as-a-Service and it offers several possibilities for parallelizing and scaling out deep learning. In this talk we are going to present how data scientists can use the Hops to perform parallel hyperparameter searching, or how they can run traditional distributed Tensorflow on a big data cluster with the TensorflowOnSpark framework. In particular, during the talk, we are going to focus on the last generation of distributed Tensorflow architectures which borrow topology and communication pattern from the HPC field. In the Ring-AllReduce architecture, workers are organized in a ring topology and communicate gradients updates without incurring in the communication bottleneck with the parameter server(s) that traditional distributed Tensorflow suffers from. Ring-AllReduce has been used by Facebook and IBM to reduce the training time on Imagenet from 2 weeks to ~45minutes/1 hour. Finally, we will show how you can recreate the popular game "Quick, Draw!" using HopsWorks and Tensorflow services provided the platform. The code is available on Github at https://github.com/hopshadoop Fabio Buso Github repositoriy of the project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:25 H.1302 (Depage) utensor AI on Microcontrollers uTensor brings Deep-Learning to MCUs HPC, Big Data, and Data Science devroom The deployment of Deep learning technology today normally limited to GPU clusters, due to their computational requirements. For AI to be truly ubiquitous, its cost and energy efficiency needs to be improved. With the recent developments made in algorithms and MCUs, we introduce a deep-learning inferencing framework which runs TensorFlow models on MCU powered devices (with Mbed). In comparison to GPUs and mobile CPUs, MCU based devices are much more cost and power efficient. We believe this will open a new paradigm to AI and edge computing. uTensor is a Machine Learning framework designed for IoT and embedded systems. Base on Mbed and TensorFlow, it is possible to run deep-learning models on an RTOS with memory requirement less than 256kB. Its binary size, ~50kB, is a desirable trait to most cost-sensitive systems. In comparison to a typical ML environment today, running on GPU and APUs, the resource reduction uTensor offers is significant. This is achieved with techniques such as: quantization, garbage collection, minimal code dependency and network-architecture design. The current frameworks consist of: Operators: quantized kernels where most of the computations take place Tensors: data structure and memory abstraction Context: graph definition and resource management Code generator: an TensorFlow to uTensor export (WIP) The framework serves as an environment to test out the latest idea in edge-computing, and, eventually hope to empower developers to create next generation smart-devices. Currently, the framework is able to run a 3-layer MLP on MNIST dataset with an accuracy of 97.1%. More operators, tools and optimizations are at the work. This talk aims to share the architecture, design decisions and backstories during the development. We hope the information will help those who wish to contribute to or build similar projects in the future. Neil Tan hackernews hackaday GitHub Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:25 H.1302 (Depage) portable_format_analytics Productionizing Spark ML Pipelines with the Portable Format for Analytics HPC, Big Data, and Data Science devroom The common perception of machine learning is that it starts with data and ends with a model. In real-world production systems, the traditional data science and machine learning workflow of data preparation, feature engineering and model selection, while important, is only one aspect. A critical missing piece is the deployment and management of models, as well as the integration between the model creation and deployment phases. This is particularly challenging in the case of deploying Apache Spark ML pipelines for low-latency scoring, since the Spark runtime is ill-suited to the needs of real-time predictive applications. In this talk I will introduce the Portable Format for Analytics (PFA) for portable, open and standardized deployment of data science pipelines and analytic applications. I will also introduce and evaluate Aardpfark, a library I have created for exporting Spark ML pipelines to PFA, as well as compare it to other open-source alternatives available in the community. Nick Pentreath Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:25 H.1302 (Depage) big_data_outside_jvm Accelerating Big Data Outside of the JVM Adventures with Apache Arrow, Spark, BEAM, Flink, and friends HPC, Big Data, and Data Science devroom Many popular big data technologies (such as Apache Spark, BEAM, Flink, and Kafka) are built in the JVM, and many interesting tools are built in other languages (ranging from Python to CUDA). For simple operations the cost of copying the data can quickly dominate, and in complex cases can limit our ability to take advantage of specialty hardware. This talk explores how improved formats are being integrated to reduce these hurdles to co-operation. Many popular big data technologies (such as Apache Spark, BEAM, and Flink) are built in the JVM, and many interesting AI tools are built in other languages, and some requiring copying to the GPU. As many folks have experienced, while we may wish that we spend all of our time playing with cool algorithms -- we often need to spend more of our time working on data prep. Having to copy our data slowly between the JVM and the target language of computation can remove much of the benefit of being able to access our specialized tooling. Thankfully, as illustrated in the soon to be released Spark 2.3, Apache Arrow and related tools offer the ability to reduce this overhead. This talk will explore how Arrow is being integrated into Spark, and how it can be integrated into other systems, but also limitations and places where Apache Arrow will not magically save us. Holden Karau Talk feedback to Holden Slides on slideshare Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 H.1302 (Depage) nexmark_benchmarking_suite Nexmark A unified benchmarking suite for data-intensive systems with Apache Beam HPC, Big Data, and Data Science devroom NEXMark is an unpublished research paper that introduced a benchmarking suite for streaming systems. The Apache Beam community implemented (and enhanced) the examples of this paper as a series of benchmarks on top of Beam that can be run on different open source distributed processing engines e.g. Apache Spark, Apache Flink, etc. This talk discusses this experience and expects to engage new contributors to bring more ideas so we can eventually have a unified and semantically rich benchmarking standard for batch and streaming data-intensive systems a la TPC. Ismaël Mejía Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:10 00:25 H.1308 (Rolin) mysql_ecosystem The MySQL Ecosystem - understanding it, not running away from it! MySQL and Friends devroom MySQL is unique in many ways. It supports plugins. It supports storage engines. It is also owned by Oracle, thus birthing two branches of the popular opensource database: Percona Server and MariaDB. It also spawned a fork: Drizzle. You're a busy DBA having to maintain a mix of this. Or you're a CIO planning to choose one branch. How do you go about picking? Supporting multiple databases? Find out more in this talk. MySQL is a unique adult in many ways. It supports plugins. It supports storage engines. It is also owned by Oracle, thus birthing a branch and fork of the popular opensource database: Percona Server and MariaDB Server. You're a busy DBA thinking about having to maintain a mix of this. Or you're a CIO planning to choose one branch over another. How do you go about picking? Supporting multiple databases? Find out more in this talk. Also covered is a deep-dive into what feature differences exist between MySQL/Percona Server/MariaDB Server. Within 20 minutes, you'll leave informed and knowledgable on what to pick. A base blog post to get started: https://www.percona.com/blog/2017/11/02/mysql-vs-mariadb-reality-check/ Colin Charles Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:40 00:25 H.1308 (Rolin) beyond_where_groupby Beyond WHERE and GROUP BY MySQL and Friends devroom We've been writing SQL queries with WHERE, GROUP BY, ORDER BY, HAVING for decades. But nobody is using DOS 3.2 or Windows 1.0 anymore - why limit yourself to SQL:86? The latest versions of MariaDB support the features of SQL:99 (common table expressions), SQL:2003 (window functions), SQL:2011 (system-versioned tables), and SQL:2016 (JSON), which allows you to build more complex (for example, hierarchical) models data and write simpler and faster queries. Sergei Golubchik Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:10 00:25 H.1308 (Rolin) mysql8_innodb MySQL 8.0 Performance: InnoDB Re-Design MySQL and Friends devroom MySQL 8.0 brings many fundamental changes in InnoDB design. This talk will cover several of them, including new REDO and CATS. MySQL 8.0 brings many fundamental changes in InnoDB design. This talk will cover several of them, including new REDO and CATS. Dimitri Kravtchuk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:40 00:25 H.1308 (Rolin) mysql8_roles MySQL 8.0 Roles Giving direction to MySQL privilege system MySQL and Friends devroom MySQL 8.0 introduced roles: a new security and administrative feature that allows DBAs to simplify user management and increases security of multi-user environments. The syntax for roles requires some adaptation. This talk will guide users through the intricacies of the new feature. MySQL 8.0 introduced roles: a new security and administrative feature that allows DBAs to simplify user management and increases security of multi-user environments. Using roles is easy, once you have digested all the documentation. For the uninitiated, though, the approach could be disappointing, and even give the feeling of not working at all. This quick demo will show some examples of how to deal with roles for several scenarios, how to assign roles to users, and how to use them effectively. Since there are several ways of assigning roles, the examples will cover both the roles granted as default and the cases where users can switch from one role to another within a session. Giuseppe Maxia Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:10 00:25 H.1308 (Rolin) mysql_histogram Histogram support in MySQL 8.0 MySQL and Friends devroom In MySQL 8.0, you can create histograms over column values. Histograms will improve the selectivity estimates used by the query optimizer, especially for conditions on columns that are not indexed. This presentation will cover the types of histograms you can create, and discuss best practices for using histograms. The presentation will contain many practical examples of how histograms improve query execution plans. Øystein Grøvlen Histogram support in MySQL 8.0 (video) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:40 00:25 H.1308 (Rolin) db_optimizers Let's talk database optimizers MySQL and Friends devroom Whenever you write a SQL query, the database query optimizer tries to find the best possible plan to retrieve your data. The question is, what can it do and how does it do it? In this talk we will look at recent developments in query optimizers from the major database providers. With a focus on the MySQL world, we will be looking at ways to "help" the query optimizer to come up with better plans. Vicentiu Ciorbaru Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:10 00:25 H.1308 (Rolin) tls_mysql TLS for MySQL at large scale MySQL and Friends devroom At the Wikimedia Foundation we aim for perfect privacy of our users. That means not only enforcing TLS (https) between our users and the datacenters but all intermediate steps, including database access. When you are a top 5 website with hundreds of thousand of queries per second and billions of users but a very limited budget, that is not easy, specially for MySQL. This is a description of our experience, including operational and performance pain points, of rolling out encryption. Jaime Crespo Slides (pdf) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:40 00:25 H.1308 (Rolin) mysql_innodb_cluster MySQL InnoDB Cluster MySQL HA Made Easy! MySQL and Friends devroom MySQL InnoDB Cluster provides a built-in High Availability solution for MySQL. It tightly integrates MySQL Server, Group Replication, MySQL Router and MySQL Shell providing an easy-to-use full stack solution for HA. MySQL Shell main goal is to provide a natural interface for all 'DevOps' tasks related to MySQL, by supporting scripting with development and administration APIs. To allow an easy and straightforward configuration and administration of InnoDB Clusters, the Shell provides a scriptable API - the AdminAPI. This API hides the complexity associated with configuring, provisioning and managing everything without sacrificing power, flexibility or security. Join this session to understand the key points of MySQL InnoDB Cluster and to learn how to use the Shell and the AdminAPI to configure and manage InnoDB Clusters. Miguel Araújo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:10 00:20 H.1308 (Rolin) mysql8 AMENDMENT Why We’re excited about MySQL 8 MySQL and Friends devroom There are many great new features in MySQL 8, but how exactly can they help your application? This session takes a practical look at MySQL 8 features and discusses which limitations of previous MySQL versions are overcome by MySQL 8 and what you can do with MySQL 8 that could not have been done before. Please note that this talk replaces one entitled "Experiences with testing dev MySQL versions and why it's good for you" that was due to have been given by Simon Mudd, who has sent his apologies but wasn't able to deliver it. There are many great new features in MySQL 8, but how exactly can they help your application? This session takes a practical look at MySQL 8 features and discusses which limitations of previous MySQL versions are overcome by MySQL 8 and what you can do with MySQL 8 that could not have been done before. Peter Zaitsev Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:40 00:25 H.1308 (Rolin) mysql_test_framework MySQL Test Framework for Support and Bugs Work MySQL and Friends devroom MySQL Test Framework (MTR) provides unit test suite for MySQL. Tests in the framework are written by MySQL Server developers and contributors and run to ensure build is working correctly. I found this is not the only thing which can be done with MTR. I regularly use it in my Support job to help customers and verify bug reports. With MySQL Test Framework I can: <ul> <li>Create complicated environment in single step and re-use it later</li> <li>Test same scenario on dozens of MySQL/Percona/MariaDB server versions with single command</li> <li>Test concurrent scenarios</li> <li>Test errors and return codes</li> <li>Work with results, external commands, stored routines</li> </ul> Everything with single script which can be reused on any machine any time with any MySQL/Percona/MariaDB Server version. In this session I will show my way of working with MySQL Test Framework and I hope you will love it as I do! Sveta Smirnova GitHub repository with scripts which I use together with MTR Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:25 H.1308 (Rolin) proxysql_gtid AMENDMENT ProxySQL - GTID Consistent Reads Adaptive query routing based on GTID tracking MySQL and Friends devroom This talks about the very new development of ProxySQL including GTID coordination ! Breaking News !! Please note that this talk replaces one entitled "Instant ADD COLUMN for InnoDB in MariaDB 10.3+ " that was due to have been given by Valerii Kravchuk, who has sent his apologies but is now unable to attend. René Cannaò Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:40 00:25 H.1308 (Rolin) mysql_vitess Turbocharging MySQL with Vitess MySQL and Friends devroom Vitess has been in development since 2010, and has recently started gaining traction in the community. In this session, we'll cover the three major problems it solves: protecting MySQL instances, moving to the Cloud, and scaling indefinitely. Sugu Sougoumarane Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:10 00:25 H.1308 (Rolin) orchestrator_raft Orchestrator on Raft: internals, benefits and considerations MySQL and Friends devroom Orchestrator operates Raft consensus as of version 3.x. This setup improves the high availability of both the orchestrator service itself as well as that of the managed topologies, and allows for easier operations. This session will briefly introduce Raft, and elaborate on orchestrator's use of Raft: from leader election, through high availability, cross DC deployments and DC fencing mitigation, and lightweight deployments with SQLite. Of course, nothing comes for free, and we will discuss considerations to using Raft: expected impact, eventual consistency and time-based assumptions. orchestrator/raft is running in production at GitHub, Wix and other large and busy deployments. Shlomi Noach orchestrator/raft documentation orchestrator repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:25 H.1308 (Rolin) myrocks_roadmap MyRocks roadmaps and production deployment at Facebook MySQL and Friends devroom We recently finished migrating from InnoDB to MyRocks in our user database (UDB) at Facebook. We have been running MyRocks in production for a while and we have learned several lessons. In this talk, I will share several interesting lessons learned from production deployment and operations, and will introduce future MyRocks development roadmaps. We recently finished migrating from InnoDB to MyRocks in our user database (UDB) at Facebook. We have been running MyRocks in production for a while and we have learned several lessons. In this talk, I will share several interesting lessons learned from production deployment and operations, and will introduce future MyRocks development roadmaps. Yoshinori Matsunobu Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:10 00:25 H.1308 (Rolin) proxysql_internal ProxySQL's internal: implementation details to handle millions of connections and thousands of servers MySQL and Friends devroom ProxySQL is a MySQL protocol aware, reverse proxy for database servers using the MySQL protocol, ranging from standalone MySQL/MariaDB/Percona, to clustering solution like Galera/PXC and Group Replication, to cloud platforms like RDS and Aurora. It is designed to handle millions of distinct users, millions of connections, and thousands of servers. In this session we will cover the internals that allow to efficiently handle traffic of large scale-out MySQL deployments. Specifically we will cover: - threading model and connections handling - non-blocking, async network I/O - state machine related to session tracking and management - traffic routing - backends monitoring René Cannaò Submit feedback 16:35 00:25 H.1308 (Rolin) mysql_pointintime MySQL Point-in-time recovery like a rockstar! Accelerate MySQL point-in-time recovery for large workload MySQL and Friends devroom Point-in-time recovery can be very long when a large amount of binary logs must be replayed. During this session I will show how this can be accelerated without using any special external tool and how we can benefit from MySQL replication improvements even on a stand-alone server Frédéric Descamps Submit feedback 09:00 00:20 H.1309 (Van Rijn) build_skype Build your own Skype... in the browser A background to WebRTC Real Time Communications devroom In this session, Steven Goodwin will practically demonstrate the various "moving parts" necessary to build a WebRTC application, by creating one live on stage. It will provide a better understand of how WebRTC applications work under the hood, what the API provides, and serve as a guide as to what is (and what is not) possible for developers to deliver using WebRTC, and what other technologies are needed for a full-blown solution. The talk covers: <ul> <li>History and scope of WebRTC</li> <li>The connection flow</li> <li>API functionality (e.g. stats)</li> <li>Creating signalling</li> <li>Server-side work</li> <li>The browser problem</li> </ul> It also details the business logic cases of how to take a basic WebRTC app and then to build a purely online VoIP product, such as a call centre, thereby demonstrating the extra work required to work with WebRTC, beyond the promotional blurb. Steven Goodwin The sample app Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:25 00:15 H.1309 (Van Rijn) janus Writing a Janus plugin in Lua C can be a scary world, let us come to the rescue! Real Time Communications devroom Janus is written in C, and so are its plugins. That said, we recently implemented a Janus Lua plugin, that allows developers to use Lua scripts to drive the media/application logic instead. Janus is a general purpose and modular WebRTC server. It can be easily extended by writing new plugins, whether for new transports for the Janus API, or for handling the media related to a PeerConnection in a custom way. Out of the box, Janus ships several plugins implementing different features (e.g., an SFU, an audio MCU, a SIP gateway, etc.), but developers interested in adding custom functionality can write their own plugins to handle media their own way. That said, Janus is written in C, which means that plugins are typically expected to be written in C as well. This can be an impediment for those not proficient with C as a programming language. As such, we recently released a new Janus plugin that acts as a bridge between the C code and Lua scripts: developers can write their logic in Lua, while leaving the media manipulation and routing to C helper methods that are exposed as Lua functions scripts can take advantage of. This presentation will introduce this plugin, how it works, and how it can be used to write custom logic with different Lua scripts: a couple of real use cases will be presented as a proof of concept. Lorenzo Miniero Janus demos and docs Janus Lua plugin (PR) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:45 00:20 H.1309 (Van Rijn) xmpp_innovation XMPP as the road to innovation Real Time Communications devroom Contrary to basic logic and common misconceptions, the “X” in XMPP does not stand for “eXtra” or “eXtremely awesome” but for “eXtensible”. This actually tells you a lot about a protocol built to provide reasonable, solid set of of basic features but also a platform for innovative solutions tailored to the project’s needs. The extension mechanism is the heart of this philosophy and also the focus of this talk. We will explore real-life use cases and scenarios where extended XMPP served as a base for a dedicated solution - both for commercial and open-source projects. We will examine different functionalities and components (e.g. inbox, MUCLight, token based reconnection), share experiences, discuss best practices and dissect it all in MongooseIM platform. This talk is not going to take long. As you know, extending XMPP is kinda easy. Bartłomiej Górny Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:10 00:20 H.1309 (Van Rijn) kamailio Kamailio - Pick Your SIP Routing Scripting Language Real Time Communications devroom Kamailio is an open source SIP server that uses a scripting language for its configuration file to enable flexibility in deciding the routing of SIP messages. Starting with version 5.0, besides its native scripting language, Kamailio allows writing the routing logic in several other programming languages such as Lua, JavaScript, Python and Squirrel. This presentations aims to reveal the benefits and drawbacks of using any of these scripting languages for building scalable real time communication systems and services. Real time communications evolved at a high pace in the last decade, no longer being an isolated service used primarily for voice and text sessions. Connectivity with other social media channels, integration of artificial intelligence or interaction with smart home or work environments requires lot more flexibility inside the SIP routing engine. Current version of Kamailio tries to cover the needs from fast routing needs of a performant load balancer, with a self designed scripting language, to the fast prototyping and development of innovative features, with a new scripting framework that allows leveraging the large set of extensions and libraries offered by languages such as Lua, JavaScript or Python. This presentation focuses on the Kamailio Embedded Interface (KEMI) framework, going through the supported scripting languages, their benefits and drawbacks. Doors are now open to write Kamailio extensions also for people familiar with these programming languages, no longer only for C programmers, diversifying the sources of developers that can join the community of the project. Daniel-Constantin Mierla Kamailio Project Website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:35 00:15 H.1309 (Van Rijn) asterisk Asterisk Project: Do I see video in the future? Real Time Communications devroom Haven't heard about what's new in the world of Asterisk or missed Astricon this last year? This is your opportunity to get filled in on what's happening and try to figure out how you can utilize new features in Asterisk in your network. Plan is to cover what's happened since the last major release of Asterisk and cover what will be going into the next one. This talk should cover topics ranging from what's happened in the last year with the project to what is on the horizon for the next big release of Asterisk. Should cover the what's been introduced into Asterisk since the 14.0.0 was released all the way up to what will (probably) be going into the 16 release. Prepare to be amazed! Matthew Fredrickson Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:55 00:15 H.1309 (Van Rijn) jitsi Speech-to-Text in Jitsi Meet Is it possible to provide WebRTC meeting transcriptions? Let's find out! Real Time Communications devroom In this talk I want to present my work for GSoC 2016 and 2017, which involved implementing speech-to-text APIs in Jitsi Meet. The goal was to be able to provide real-time subtitles for hearing-impaired as well as a way to deliver a transcript afterwards. Nik Vaessen Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:20 H.1309 (Van Rijn) webphone webPh.one - connect community cellular networks using WebRTC and PWA Open Source , WebRTC and Web technologies for community communication infrastructure Real Time Communications devroom How do we in 2017 create a mobile, cross-platform App to connect people in the internet to community GSM networks for calls and texts with a small team and limited time? SayCel and Rhizomatica, together with Altermundi and other individual contributors, have created an open source WebRTC dialer as Progressive Web App and a WebRTC gateway to solve this not so trivial problem. Community Cellular (GSM) networks usually connect to the PSTN through SIP trunks that are connected via an Internet back-haul. For outgoing calls, PSTN termination costs have to be paid, and for incoming calls the caller usually tediously needs to enter the extension after connecting to a dial-in number, and it's not possible to directly send text messages. This project uses WebRTC and Progressive Web App (PWA) technologies, implemented with the open source Kamailio+rtpEngine WebRTC gateway, SEMS, and an Angular app to connect people around the world on their smartphones and laptops directly to the users on the community cellular network for calls and texts. The open source webPh.one dialer is also an interesting technology base for other projects that need an App to connect to a SIP network. The talk gives a short intro to the two community cellular networks that have been connected (17 villages in Oaxaca, Mexico; PearlCel in Nicaragua), the problems that had to be solved and technologies used while doing so, and the solution this project created. It also gives our experience where today the limits of a pure PWA are, and shows our efforts to create docker-compose images for the infrastructure part. About Rhizomatica: Through efforts around the world, Rhizomatica uses new information and communication technologies, especially mobile telephony, to facilitate community organization and personal and collective autonomy. Rhizomatica's approach combines regulatory activism and reform, development of decentralized telecommunications infrastructure, direct community involvement and participation, and critical engagement with new technologies. Rhizomatica works with TIC AC in Mexico, operating community communications networks of 17 indigenous villages in Oaxaca. About SayCel: SayCel is a research and development company dedicated to creating communications and infrastructure solutions for developing communities. SayCel currently works with local governments on Caribbean Coast of Nicaragua to increase the mobile communications services in the region. SayCel installs wifi data backhaul, rural fiber, and ethernet over coax. SayCel provides maintenance and training and in return, local governments are able to have a sustainable communications utility that they can use to lower the cost of communication for citizens, increase efficiency in their local government process, improve security through a local 911 service, and assist in growing their local economies. SayCel was supported by NYU's RiskEcon Lab and UNICEF Innovation Fund for the development of this project. Stefan Sayer webPh.one main project page webPh.one source code repository SayCel - Low cost communications for the developing world Rhizomatica - Community Telecommunications Infrastructure project TIC AC - Telecomunicaciones Indígenas Comunitarias Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:40 00:20 H.1309 (Van Rijn) education_im Kids and Schools and Instant Messaging Experiences with free communications among kids and in education Real Time Communications devroom We want to discuss experiences, issues, and ideas concerning the use of free/open IM services among children and in education. Instant Messaging is the one means of communication children and adolescents use in their free-time, and gets more important in education while classmates (or even worse, teachers) create chatrooms for their classes on non-free, privacy-unaware services. Teckids e.V. is tackling this issue in Germany, and we want to share our experiences in doing so. What makes children use IM? What do they want or need? What are the difficulties in switching to a free/open service? What tools did we try, and how do they fit in? We also want to listen to other people's experiences, and share thoughts on what developers of tools might need to take into account in order to make existing tools ready for use by children and in education. Dominik George Niels Hradek Philipp Stahl Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:05 00:20 H.1309 (Van Rijn) opendht OpenDHT: make your project distributed Use cases, new and upcoming features Real Time Communications devroom OpenDHT provides an simple way to build distributed software by providing an easy to use but powerful API in C++11 and Python 3. We will present OpenDHT and its possibilities to easily build fully or partially distributed software. We will also present new OpenDHT features and use cases and discuss about future developments. OpenDHT is a kademlia distributed hash table (DHT) library written in C++11, used by the Ring distributed communication platform. It's published under the GPL licence, version 3 or higher (GPLv3+). We will present OpenDHT and it's API, and show how you can use it to build distributed applications. We will present new OpenDHT features since last year, such as the implemented DDOS protections strategies, the new easy to use systemd service and the REST API to use OpenDHT from Web apps. Finally, we will discuss the future of OpenDHT and upcoming features. Adrien Beraud https://opendht.net Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:20 H.1309 (Van Rijn) matrix_webvr Open communication in WebVR with Matrix! Where Matrix.org meets The Matrix... Real Time Communications devroom VR/AR has a huge problem: there isn't any standard way to communicate with other people. This talk will demo how Matrix can be used as an open signalling layer for establishing WebRTC voice, video and 3D video calls in WebVR on anything from a Cardboard to a Vive: providing a decentralised communication ecosystem to build an open metaverse! One of the most fun areas Matrix.org has worked on this year has been adding interoperable WebRTC calling to WebVR using matrix-js-sdk, A-Frame and the latest WebVR browser support and hardware (Cardboard, Rift & Vive). Rather than communication in WebVR being fragmented into different silos and websites, we hope that Matrix will provide an open decentralised ecosystem to power communication within a decentralised metaverse of WebVR environments. We'd like to show off our demo of full-mesh end-to-end encrypted videoconferencing in WebVR, as well as interoperability with the rest of the Matrix ecosystem. Finally, we're hoping to demonstrate some of our work in transmitting 3D camera depth-buffer and mesh data over WebRTC media & datachannels in order to bring 3D video calling in VR to life! Matthew Hodgson Matrix.org Current WebVR demo Opening up cyberspace with Matrix and WebVR! Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:55 00:20 H.1309 (Van Rijn) scaling_xmpp Scaling messaging systems XMPP server MongooseIM and it's scalability options Real Time Communications devroom When it comes to messaging servers, scalability is the key and knowing how to fit more users and achieve better latency is the most important trick in your bag. In this talk we’re going to explore different ways of scaling an open source XMPP server - MongooseIM. XMPP servers can handle hundreds of users basically out of the box. Really good ones can easily go to a few thousands. The fun starts when your app gets traction and all of the sudden you have to handle tens of thousands, then hundreds, and with a blink of an eye - millions of online users. MongooseIM is built with scaleability in mind exactly for that case - your app starts small and then grows to match your imagination. Let’s explore the many ways in which you can make it scale. We will cover the impact of using bigger machines, different clustering techniques, benefits and challenges of multi-cluster setups. All those options have their traps and limitations, which we will explore in detail. You will also learn what we do on daily basis to monitor, maintain and improve MongooseIM's scalability. Michał Piotrowski MongooseIM documentation MongooseIM repository MongooseIM product page MongooseIM on twitter Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:20 H.1309 (Van Rijn) aiosip aiosip: the efficient swiss-army knife of SIP Real Time Communications devroom In the SIP world, you have mainly B2BUA like (Asterisk, Freeswitch..) and Proxies (Kamailio, OpenSER...) But contrary to the HTTP world, you have few implementations in a pure high-level language like Python, Ruby... With several concrete examples in testing, benchmarking, and call control (uaCSTA), we hope to show the interest to be able to re-use a programming language ecosystem. Our goal with aiosip isn't to re-implement a full-monty SIP proxy like Kamailio nor a B2BUA like Asterisk, but to show that it can be easy to have custom SIP dialogs. The main interest to have a pure implementation in a specific programming language is that, if you are developing in this language, it's easier to manipulate and modify SIP packets. Ludovic Gasc aiosip Github repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:45 00:20 H.1309 (Van Rijn) webrtc_gateway Building a WebRTC gateway Hacking with WebRTC native API Real Time Communications devroom Gateway calls using WebRTC on the server side for bridging calls to traditional VoIP. (including transcoding) After experimenting and reaching the point where we can send and receive samples from a native app running, it seems feasible to use WebRTC to create gateway to bridge calls. Using the native API this can be done without forking using a webRTC audio device module. We can already demo the work in progress with using an audiodevicemodule to play and record. The second leg of the call bridge could potentialy be implemented using WebRTC, by using the API to disable RTCP MUX, DTLS and controlling ICE. another alternative using MediaStreamer2/oRTP could be used. The signaling gateway part will be rudimentary and and example using a provided rudimentary Kamailio module is provided. Julien Chavanton Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:20 H.1309 (Van Rijn) whisper Whisper and Swarm Protocol for RTC Decentralised, Distributed and Deniable, Communication. Real Time Communications devroom Whisper is the “plausibly deniable routing” protocol within Ethereum. We will outline its intended use cases, it’s advantages, topology and the uses to which it is being put today. When it comes to pear to pear and person to person communication in an untrusted network cryproeconomicly incentivised and decentralised system are a viable alternative to altruistic services like Tor or proprietary systems like whatsapp etc. The Swarm protocol (which is largely designed for the storage and dissemination of larger amounts of data) contains PSS (Postal Service over Swarm) with the following Goals <pre><code>Enable messaging between nodes that are not directly connected through IP. Allow full, partial and no disclosure of addresses of communicating nodes. ("luminosity") Asymmetric and symmetric encryption using ephemeral keys. Transparent implementation of devp2p protocols over pss. Decentralized storage of undelivered messages. (mailserver) Create a fully decentralized end-user messaging platform that's end-to-end encrypted. </code></pre> Status, is an ethereum light client for Android and iOS (and soon for desktop) which uses Whisper for text based chat applications. Conceived as a mobile OS for Ethereum, status now combines a messenger, a browser and a chatbot interface that can act as a chat like, command line tool. Status is a user friendly, privacy respecting, gateway for everyday smartphone users to begin consuming, routing and serving Ðistributed Application on ethereum. In the serverless model that ethereum uses one method that distributed applications can use for machine to machine communication is ethereum’s Whisper protocol. Whisper may be the appropriate protocol if your use case: Needs to preserve a level of anonymity or plausible deniability for either or both message originators and recipients. Your Dapps need to coordinate before sending a final transaction. For example a decentralised market or token exchange where two clients may need to settle a deal before actually initializing a transaction, or sensors of some kind aggregating data or updating one another. Publish small amounts of information that don’t need to persist but instead live for a limited amount of time. From minutes to several days. If your data needs to live for longer than that, then nodes can be incentivised (from outside the protocol) using a token model for example to store and forward messages. You wish to propagate time bound but non time critical updates to n recipients. For instance, tweets, weather updates, traffic reports, IOT metrics etc. <h1>Some specifics of the Whisper protocol are:</h1> The API is only exposed to contracts, never to user accounts. Low-bandwidth: Only designed for smaller data transfers. Unpredictabe latency: Not designed for real-time communication of data. 1-1 or 1-N communication. PoW (spam throttling) in Whisper <pre><code> Whisper messages (envelopes) undergo a process called “sealing”, which basically incentivises users to spend computational resources prior to sending the message. Internally, sealing involves hashing contents of the message repeatedly into the smallest possible number. What this means to you as a developer is that if you want your messages to have priority over others on the network, you’ll need to spend more computational resources “sealing” them. You can specify this through the `work` parameter when posting a new message. The more work that you perform locally, the faster your message will propagate through the network. Note that there is no way to specify exact latency times, rather you can only estimate based on how much work you perform during the “sealing” process. </code></pre> <h1>TTL</h1> TTL is the amount of time your messages live on the network, specified in seconds. Filtering Whisper is low-level, meaning that it is identity-based instead of application-based. Messages, therefore, can be sent directly to another participant by using the recipient’s public key. Listeners on the other hand, can filter messages by specific senders or specific topics. With <code>web3</code> you can listen for Whisper messages like this: <h1>Swarm</h1> Whisper in action for RTC. Case study - Status.im There is a clear trend towards mobile first computing and chat applications are the dominant medium for personal communication on mobile. To provide a decentralised and distributed infrastructure that is private, robust and sustainable (even in a hostile network) requires the balancing of incentives between ‘providers’ and ‘consumers’. Status uses a token model to incentivises the existence of Nodes that store and forward Whisper messages to subscribers who fund their data acquisition through micropayments of ERC20 tokens. Status Road Map Nick (ethereumnick) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:35 00:20 H.1309 (Van Rijn) rtpbleed The RTP bleed and what can we do? Real Time Communications devroom Peter Lemenkov RTP bleed disclosure RTPproxy wiki:NAT presentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:15 H.1309 (Van Rijn) opensips Real Time Clustering with OpenSIPS Nodes of a feather gossip together Real Time Communications devroom An in-depth view of the feature set of the upcoming OpenSIPS 2.4 clustering support (release due March 2018!). Built with targets in mind such as flexibility, robustness, stability and ease-of-use while also being easy to provision and reuse by higher-level modules, the latest OpenSIPS cluster is better than ever! Join this talk if you want to get a good understanding on what the OpenSIPS clustering support is and how it works. Starting with the architecture and requirements of the communications system as a whole, the presentation will continue with the runtime behavior for the cluster. This will teach you what to expect from an OpenSIPS cluster, how to dynamically resize it and how it behaves in the eventuality of cross-site network link failures. In the second half, we will dissect a natural use case for the clustering support: a distributed SIP user location service. There are a couple of interesting problems associated with this type of service (NAT traversal, SIP contact pinging, etc.), both of which become a lot more straight-forward to solve using an underlying clustering engine. Razvan Crainea Liviu Chircu http://opensips.org/ Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:20 00:15 H.1309 (Van Rijn) homer HOMER 7 Introducing the latest HOMER 7 Real Time Communications devroom HOMER 7 is the latest generation of our FOSS RTC and VoiP Capture Framework, focused on integration, modularity and multi protocol support. HOMER 7 is the latest generation of our FOSS RTC and VoiP Capture Framework, focused on integration, modularity and custom protocol support. Ships statistics and custom detections via direct integration with Elasticsearch, InfluxDB, Prometheus, Graylog and many more. Allows handling multiple protocols, including custom onesusing the new dynamic JSON HEP types and auto-mapping and indexing features in the new nodejs backend. Modularize your setup to provide the functionality you need and distribute the capture overhead. Lorenzo Mangani SIPCAPTURE Project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:15 H.1309 (Van Rijn) cgrates Using CGRateS as online Diameter/Radius AAA Server Real Time Communications devroom Diameter and Radius are protocols heavily used by operators in today's communication networks (LTE, WiFi, etc). In this talk Dan will review CGRateS architectural components needed to create a complete and generic Diameter/Radius Authorization and Accounting server solution. CGRateS is a battle-tested Enterprise Billing Suite with support for various prepaid and postpaid billing modes. Dan Christian Bogos Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:20 H.1309 (Van Rijn) linphone SIP based group chat with Linphone A discussion on how Linphone implements SIP RFCs to achieve text based group communication. Real Time Communications devroom For many years, Linphone has been one of the most active free communication software. Originally focused on voice, aditionnal functionalities were rapidly added like video, instant messaging and presence. From the beginning, Linphone follows IETF's standards, for both media and signaling. On the signaling part, Linphone does implements many SIP based RFC for call establishment, presence and instant Messaging. Today, group chat function is widely available on most popular communication applications, specially in the closed source world. As a free SIP communication application, Linphone aims to provide a free alternative for group communication. On SIP world, Group chat is handled as a particular case of realtime group communication. The basic RFC is the https://tools.ietf.org/html/rfc4353, Rich Communication Service (RCS) endorses many conferencing RFCs to specify how group functions shall be implemented. For Linphone, we decided to follow the same path, but with always keeping in mind to avoid complex development not bringing essential functionality. Resulting implementation can be defined as an "Adhoc pager mode conferencing" with the idea of Long Term Conference leveraging on SIMPLE IM for message transport instead of MSRP. This discussion will focus on both interpretation we made of existing SIP standards, implementation challenges and future extensions. Simon Morlat Link to Linphone's Wiki Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:25 00:20 H.1309 (Van Rijn) fundraising Fundraising and Crowdfunding for FreeRTC Community discussion about fundraising Real Time Communications devroom Which projects would like to raise funds? What are the most important things you could achieve if people donate? Could we share the effort of running a crowdfunding campaign? Daniel Pocock crowdfunding discussion from FOSDEM 2017 Daniel Pocock's blog Planet FreeRTC RTC Quick Start Guide Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:40 H.2213 intro_swift_object_storage Introduction to Swift Object Storage Understanding the architecture and use cases Software Defined Storage devroom Object Storage is a "relatively" new storage architecture being widely used in cloud computing. This talk will introduce object storage concepts and use cases and how they are different from block and file storage. As an example, we will provide an overview of Openstack Swift, its main features as well as talk about what's in the works for future releases. Swift is a highly available, distributed, eventually consistent object store. It is used at organizations like Wikipedia, OVH, Ebay and many more across the globe to store lots of data efficiently at a massive scale. It provides a RESTful API for data access, making it ideal for use with web applications. This talk will also provide a demo usage of Swift. <h2>Outline</h2> <ul> <li>Introduction <ul> <li>Different types of data</li> <li>Differences between block/file/object storage</li> </ul> </li> <li>Use Cases <ul> <li>What use cases is Swift object storage built for?</li> </ul> </li> <li>Requirements <ul> <li>What are the requirements for a modern object storage system</li> </ul> </li> <li>Swift <ul> <li>Community</li> <li>Swift architecture</li> <li>Swift features</li> <li>Future work</li> </ul> </li> <li>Questions</li> </ul> Length: 30+5 Thiago da Silva Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:45 00:40 H.2213 gluster4_and_gd2 Gluster-4.0 and GD2 Learn what's in Gluster's future Software Defined Storage devroom The new Gluster-4.0 release with GlusterD-2.0 makes Gluster easier to scale, manage, integrate and develop for. Learn how this benefits users and developers. <a href="https://www.gluster.org/">Gluster</a> is free and open source software scalable network filesystem. Gluster can be installed and easily configured on commodity hardware to provide a general purpose, posix-compliant storage system. Gluster can be accessed from anywhere using the traditional NFS and SMB protocols, or with the native Gluster client. A more complete overview of Gluster and its capabilities can be found <a href="http://docs.gluster.org/en/latest/Install-Guide/Overview/">here</a>. Gluster-4.0 is the new upcoming major release of GlusterFS, planned for very early 2018. Gluster-4.0 brings in many new changes and features, the biggest being GlusterD-2.0. GlusterD is the native distributed management framework of Gluster. It is a core part of the Gluster experience. GlusterD-2.0 is a ground-up reimplementation of the management framework for Gluster-4.0, that is more scalable, easier to use and easier to integrate with than before. This presentation will provide a attendees with an overview of Gluster, Gluster-4.0 and GlusterD-2.0. New users will get to know what Gluster is, and how it can help their storage needs. Existing users will get to know what to expect when upgrading to Gluster-4.0, and prepare for it. Developers will get to know how they Gluster-4.0 and GD2 make it easier to develop for and integrate with Gluster. Kaushal M Gluster home page GD2 development repository Slides (online) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:40 H.2213 lizardfs LizardFS - a year in development Software Defined Storage devroom Community Update and Roadmap for the next 12 months including an interactive presentation of the most important new features. LizardFS is a fault tolerant, distributed, parallel and easy to use POSIX file system LizardFS has had a massive push in the last 12 months. <ul> <li>NFS and pNFS</li> <li>ACL</li> <li>AD/LDAP support</li> <li>Hadoop Module</li> <li>New Client Library</li> <li>Major performance improvements</li> <li>multiple small changes for more security and better handling</li> </ul> The presentation includes what has been used to implement those new features and how you can utilize them. There will be time for questions and we will try to answer them all. At the end we will present the plans for the next 12 months of development. Michal Bielicki Community Pages Forum Github repository Documentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:40 H.2213 geo_distributed_swift_clusters Geographically distributed Swift clusters Software Defined Storage devroom The OpenStack Swift object storage service achieves high availability and durability by replicating object data across multiple object servers. If one disk or object-server fails then its data is always available on other object servers. Swift is able to apply this principle to not just disks and object servers but also independent availability zones and regions. This enables the deployment of so-called Global Clusters which provide a single object namespace spanning multiple geographically dispersed data-centres, each offering independent local access to object data. This talk will describe some of the mechanisms that Swift provides for configuring and optimising Global Clusters. We will briefly describe how Swift's consistent hashing Ring maps objects to object servers and how that mapping algorithm can be configured to distribute copies of each object across data-centres. We will show how Swift's read and write affinity settings can be used to optimise WAN traffic in a Global Cluster. Finally we will discuss some of the challenges we faced when implementing Global Cluster support for erasure coded objects, and how those were overcome by enhancements to the Ring and the erasure coding write path. Talk outline: <ul> <li>Why global clusters?</li> <li>the Ring - regions, zones</li> <li>replica placement - trade off between dispersion and balance</li> <li>read/write affinity options - when (not) to use them</li> <li>new feature: per-policy affinity settings</li> <li>illustrate with typical global replication policy</li> <li>Global erasure coding (EC) <ul> <li>overview of Swift EC support</li> <li>briefly cover what EC is with an example policy</li> <li>Describe problem statement with EC and global cluster</li> <li>Show how EC lib performance degrades as parity count increases</li> <li>Describe solution: duplicated fragment scheme Composite Rings</li> </ul> </li> <li>Future work <ul> <li>optimise the search for an EC fragment set to avoid fetching duplicates</li> <li>make reconstructor rebuild more efficient by becoming region aware</li> </ul> </li> </ul> Alistair Coles Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:40 H.2213 cas_openebs Container Attached Storage (CAS) with OpenEBS A different approach to container storage Software Defined Storage devroom The OpenEBS project has taken a different approach to storage when it comes to containers. Instead of using existing storage systems and making them work with containers; what if you were to redesign something from scratch using the same paradigms used in the container world? This resulted in the effort of containerizing the storage controller. Also, as applications that consume storage are changing over, do we need a scale-out distributed storage systems? The OpenEBS project has taken a different approach to storage when it comes to containers. Instead of using existing storage systems and making them work with containers; what if you were to redesign something from scratch using the same paradigms used in the container world? This resulted in the effort of containerizing the storage controller. Also, as applications that consume storage are changing over, do we need a scale-out distributed storage systems? Also, as we in effect have a storage instance per containerized applications, what other benefits could we get? Is there something we can do now that we have a one to one mapping between application and controller? We like to think so and will go over a couple. Finally, how can we make enterprise-class like storage features (i.e., snapshots, clones, compression, replication, etc.) available in a typical container in such a way, that we do not depend on OS and or cloud provider specifics? Jeffry Molanus Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:45 00:25 H.2213 debuggin_gluster_live Debugging A Live Gluster File System Using .meta Directory Software Defined Storage devroom Meta is a client side xlator which provide an interface similar to the Linux procfs, for GlusterFS runtime and configuration. The contents are provided using a virtual hidden directory called .meta which is inside the root of GlusterFS mount. .meta is an efficient way to extract information from a live running mount process with out using gdb , systemtap or any such tools. This doesn't require any prior knowledge about any tools, the information's are given as directory / file tree structure. So for a users this is the most simplest way to start looking to complicated problems and developers can get information with out disturbing the cluster. I will be covering the following topics * What is .meta layer and current state of meta layer, * Information's that can be fetched through .meta directory * Debugging with .meta directory (for both developers and users) * How to debug graph related issues * latency and mallinfo * Fop history and fuse history using meta * Current running frames or pending frames * Enhancement planned for meta layer * Other troubleshooting options like statedump,io-stat, etc Rafi KC Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:15 00:40 H.2213 ceph_mgmt_openattic Ceph management with openATTIC Software Defined Storage devroom openATTIC is an Open Source Management and Monitoring System for the Ceph distributed storage system. Various resources of a Ceph cluster can be managed and monitored via a web-based management interface. It is no longer necessary to be intimately familiar with the inner workings of the individual Ceph components. Any task can be carried out by either using openATTIC’s clean and intuitive web interface or via the openATTIC REST API. openATTIC itself is stateless - it remains in a consistent state even if you make changes to the Ceph cluster's resources using external command-line tools. If you're interested in the dramatic changes and improvements we made since last year and you want to take a look at the newest version of openATTIC, this is the right talk for you. <ul> <li>What is openATTIC</li> <li>Architecture and the services behind</li> <li>What has changed since last year?</li> <li>Live-Demo of the current development snapshot</li> <li>Open discussion about missing features or what could be improved</li> </ul> Kai Wagner Slides openATTIC Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:40 H.2213 app_development_w_swift_storage Developing applications with Swift as Storage System Learn about the API features to power up your application Software Defined Storage devroom Swift comes with a wide variety of API features to build extremely scaleable and durable applications. It uses an RESTful API, making it easy to use and embed in your own applications. One of the great characteristics of (web) applications using Swift as a backend is the separation between application logic and data path. This helps a lot to write lightweight apps in a scaleable way. During this talk we'll give you an overview about the included features, how to use them and examples how implementations might look like. An example web application walktrough & demo will showcase why all of these features help you to build your own application. <ul> <li>Authentication: token-based, or using forms when uploading and signed URLs when downloading objects</li> <li>Listing containers with additional helpers like limits, markers and end markers</li> <li>Usage of large objects, that can be unlimited in size (theoretically - practically until your cluster is full)</li> <li>how to use Swift within webapps using CORS requests</li> <li>Using range requests to get only the needed data</li> </ul> Christian Schwede Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:45 00:25 H.2213 ceph_and_elk Ceph & ELK Use the power of the ELK stack to know more about your Ceph Cluster! Software Defined Storage devroom Ceph is a distributed storage platform that is a contender to become the future of software defined storage, providing unified access to block, object and file interfaces. However like any complex systems there are various subsystems that may fail and analyzing logs is generally the first line of action. This is where the ELK stack comes in; to search, analyze and process logs and metadata. From the Kraken release of Ceph, Ceph's Object Storage (Radosgw/RGW) has integration for metadata search using ElasticSearch making it very easy to get much needed insights into how the object storage is being used for operators and users alike. Ceph is a distributed storage platform that is a contender to become the future of software defined storage, providing unified access to block, object and file interfaces. However like any complex systems there are various subsystems that may fail and analyzing logs is generally the first line of action. This is where the ELK (ElasticSearch LogStash & Kibana, often referred to as "ELK stack" or "elastic stack") stack comes in; to search, analyze and process logs and metadata. From the Kraken release of Ceph, Ceph's Object Storage (Radosgw/RGW) has integration for metadata search using ElasticSearch making it very easy to get much needed insights into how the object storage is being used for operators and users alike. We will cover topics such as: * Current status of ELK and Ceph * Ceph logging and cluster log parsing with Logstash * Future of the ELK for Analyzing and Alerting for Ceph * RGW Metadata export to Elasticsearch - RGW Metadata Search * A few interesting elasticsearch queries on object storage Abhishek Lekshmanan Denis Kondratenko Ceph & ELK slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:15 00:40 H.2213 cephfs_gateways CephFS Gateways Distributed Filesystem Access via NFS and Samba Software Defined Storage devroom This talk will cover how NFS-Ganesha and Samba can be used to export CephFS to NFS and SMB clients such as Windows, macOS, etc. Challenges, including active-active clustering, failover, cross-protocol caching and access control lists will be discussed, with a look at current and future solutions. David Disseldorp Supriti Singh Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:40 H.2213 backup_ceph_at_scale How to backup Ceph at scale Software Defined Storage devroom In this talk I would like to share my experience with large-scale backups of RBD images in Ceph clusters at OVH. I will talk about challenges that we have faced when developing such solution and provide some practical guidelines for everyone willing to implement similar solution. This talk is intended for everyone who would like to be extra safe with their software defined storage. <ul> <li>Why backup Ceph if it's already replicated?</li> <li>Estimating resources needed for backup</li> <li>Challenges of implementing backup at large scale</li> <li>Hot/cold backup strategy</li> <li>Some backup-related numbers at OVH</li> </ul> Bartłomiej Święcki Ceph website Duplicity website Restic - promising duplicity alternative OVH Homepage Ceph managed by OVH Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:45 00:15 H.2213 nfs3_to_nfs4 Reasons to mitigate from NFSV3 to NFSV4/4.1 Software Defined Storage devroom This talk will cover the differences between NFSv3 and NFSv4.What’s the Problem with NFSv3 and How NFSv4 is better suited to a wide range of datacenter and high performance compute than its predecessor NFSv3.This talk will also covers the advantages of extended capabilities of NFSV4 i.e NFSv4.1 and NFSv4.2 and its support with Gluster NFS-Ganesha NFS is a well known and venerable network protocol which a network abstraction over a file system that allows a remote client to access it over a network in a similar way to a local file system. NFSv4 has been a standard file sharing protocol since 2003 which superseded NFS Version 3, but still NFSV4 has not been widely adopted.While there have been many advances and improvements to NFS, some IT organizations have choosen to continue with NFSv3. This talk will cover the differences between NFSv3 and NFSv4.What’s the Problem with NFSv3 and How NFSv4 is better suited to a wide range of datacenter and high performance compute than its predecessor NFSv3.This talk will also covers the advantages of extended capabilities of NFSV4 i.e NFSv4.1 and NFSv4.2 and its support with Gluster NFS-Ganesha Manisha Saini Video recording (mp4) Video recording (WebM/VP9) http:// Submit feedback 09:00 00:25 H.2214 rust_introduction Why you should take a look at Rust? Insights into a modern, safe, fast language Rust devroom Today, many new programming languages have been created in order to simplify at the extreme the art of programming (Golang), to boost the performance of their human readable application (Nim), to secure the way to make and run programs with zero-cost abstraction (Rust), or just to propose a new exiting way to write programs (Scala, Swift), etc. Each of those new programming languages has its own features, goals, attendance, and community. Today, it may become hazardous to develop with a new programming language, especially for a company or for a full-time personal project, due to the lack of stability, libraries, IDE features for this programming language, a too small or strict community, or many other obvious reasons. The goal of this presentation is to introduce the concepts of Rust, its pros and cons, and how Rust differs from the others programming languages. The target audience is mainly for developers who are reluctant to launch themselves into Rust, or project managers and CTOs who are looking for stable and exciting new technologies. This talk is intended to emphasize Rust rationale, and will explain clearly and precisely why Rust wants to be the programming language of the next ten years. Antonin Carette Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:25 H.2214 rust_idiomatic Idiomatic Rust Writing concise and elegant Rust code Rust devroom Rust is a big language and it gets bigger every day. Many beginners ask: "What is idiomatic Rust?". This talk will highlight simple tips to make your Rust code more elegant and concise, and introduce you to my peer-reviewed collection of articles/talks/repos for writing idiomatic Rust code. Coming from dynamic languages like Python, JavaScript or Ruby, many Rust beginners are missing some guidelines on how to write elegant and concise Rust code. For this purpose, I started a project called "Idiomatic Rust", which is a peer-reviewed collection of articles/talks/repos which teach the essence of good Rust. In this talk I will introduce the project and show you some quick tips on how to make your Rust code more idiomatic. I will cover error handling (e.g. Option to Result conversions, the failure crate), efficiently working with (built-in) traits, and some more. Matthias Endler Example content - Smart Pointers in Rust Idiomatic Rust Project Sample code from the talk http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:25 H.2214 rust_memory_management_intro Rust memory management A short intro Rust devroom A quick introduction to the unique memory management concepts of Rust. Rust is a systems programming language that focuses on safety and performance at the same time. Most people new to Rust, often struggle with memory management. The goal of this talk is to give a very quick overview of Rust's memory management. Zeeshan Ali Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:35 00:20 H.2214 rust_gtk_rs Introducing gtk-rs Making the unsafe safe Rust devroom The goal of this talk is to provide an introduction to the gtk bindings in Rust through the gtk-rs organization. It'll be mainly about how we made it and how we keep making it better. <ul> <li>Presentation of gtk-rs (before it was even an organization) <ul> <li>Beginning: rust <-> C direct binding, no indirection, almost no safety</li> <li>Generation of signals through (old) macro system</li> <li>Old closures system to allow callbacks</li> <li>Short (old) code demonstration</li> </ul> </li> <li>Creation of gtk-rs <ul> <li>multi-repository</li> <li>easier to maintain, more difficult to release</li> <li>licensing issues: keeping docs in their own repository and write a tool to put it back</li> </ul> </li> <li>New gtk-rs era: automatic generation <ul> <li>GIR crate</li> <li>Parsing gir files and automatically generate as much as possible</li> <li>Presentation of the crate, how it works and the hierarchy</li> <li>A lot of things are simplified: doc generation, website, releases</li> </ul> </li> <li>gtk-rs growth <ul> <li>more members</li> <li>(semi) automatic release process</li> <li>a lot more of bindings (sourceview, pangocairo, webkit...)</li> </ul> </li> <li>gtk-rs environment <ul> <li>a few projects (process viewer, EDI, tools...)</li> <li>relm crate to easily write GTK UIs</li> <li>GNOME-class</li> <li>gstreamer-rs</li> </ul> </li> <li>Future of gtk-rs <ul> <li>async</li> <li>tutorials</li> <li>more projects</li> <li>more rust in GNOME libraries (librsvg already started this port)</li> </ul> </li> </ul> Guillaume Gomez Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:25 H.2214 rust_gstreamer GStreamer & Rust Fast, safe and productive multimedia software Rust devroom GStreamer is a highly versatile, cross-platform, plugin-based multimedia framework that caters to the whole range of multimedia needs. It can be used basically everywhere, from embedded devices like phones, TVs or drones to desktop applications or on huge server farms. This talk will focus on how and why Rust looks like the perfect programming language for evolving GStreamer and provide a safer but still performant and even more productive development environment than C. Both GStreamer application development in Rust, and GStreamer plugin development will be covered. What is possible today already, for which applications can Rust be perfectly used already and which parts are still missing? How does it feel like to write an application in Rust compared to doing it in C? And how and why would one write GStreamer plugins in Rust to extend the framework and all applications with support for new codecs, filters or anything else? Afterwards there will be a short outlook into the future of Rust in the GStreamer project itself and for GStreamer application and plugin development. Sebastian Dröge GStreamer website GStreamer Rust Bindings GStreamer Rust Plugin Writing Infrastructure Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:25 H.2214 rust_av Introducing rust-av A pure-Rust approach to multimedia Rust devroom Multimedia development is mainly done in C+assembly since speed is important and such combination of languages traditionally gives the best control over the hardware. Rust is considered a mature system language that provides strong warranties about memory access (and more) without sacrificing runtime speed. Multimedia libraries are plagued by classes of bugs that Rust actively prevents at compile time, thus this talk is about leveraging Rust to have a multimedia framework that is nice to use and at the same time more trustworthy. Target audience is people with some Rust knowledge and some experience with multimedia libraries and concepts. Luca Barbato Github Repos for the project Mind maps used during the presentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:25 H.2214 rust_vulkan_gfx_rs Portable graphics abstraction in Rust Bringing Vulkan everywhere with gfx-rs Rust devroom Graphics abstraction is an important part of maturing Rust ecosystem. gfx-rs has been the basis of many graphics applications since 2013, but as of this year it undergoes a total rewrite with the new vision, set of goals, and talented contributors. In this talk, I want to explain what this means to existing users, Mozilla, and the world. Intended audience: people interested in Rust ecosystem foundational libraries, graphics and game development, Vulkan. Dzmitry Malyshau Markus Siglreithmaier Project code Project blog First talk about gfx-rs (in 2014) Talk about three-rs October 2017 status report Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:25 H.2214 rusty_robots Rusty robots Programming a self-balancing robot in Rust Rust devroom Are we embedded yet? I'd say yes! In this talk I'll show you how I programmed a self-balancing robot from scratch. I'll cover IO abstractions, motion sensors, motor drivers, filters, control stuff, bare metal multitasking, logging, etc. And I'll explain how some of Rust features made development easier and made the program more correct. The talk will cover the following topics (as time allows): <ul> <li>Dynamics of the inverted pendulum</li> <li>Motion sensors <ul> <li>Accelerometer</li> <li>Gyroscope</li> <li>Sensor fusion: computing the tilt angle from the sensor readings</li> </ul> </li> <li>Motors <ul> <li>Dynamics</li> <li>H bridge: controlling direction</li> <li>Pulse Width Modulation (PWM): controlling speed</li> <li>Rotary encoder: sensing speed</li> </ul> </li> <li>Controller architecture</li> <li>Implementation <ul> <li>Sensor interfaces</li> <li>IO abstractions & pin distribution</li> <li>Fixed Point Arithmetic</li> <li>Sensor noise</li> <li>Filter design</li> <li>Sensor calibration</li> <li>System characterization</li> <li>Tasks</li> <li>Multitasking</li> </ul> </li> <li>Logging <ul> <li>Communication over bluetooth</li> <li>Binary (de)serialization</li> </ul> </li> <li>Performance evaluation <ul> <li>CPU usage</li> <li>Response times</li> <li>Program size</li> </ul> </li> </ul> I should note that I won't go in too much detail about the control engineering topics; just enough to motivate the design of the program. The main takeaways of the talk will be: <ul> <li>Rust's rich type system lets you validate parts of your program, like the system initialization, at compile time eliminating a whole class of logic bugs.</li> <li>Zero cost abstractions give you the high performance required to target microcontrollers with just a few KBs of RAM and that operate at tens of MHz.</li> <li>Memory safety enables fearless multitasking, even on a system without an OS.</li> </ul> Jorge Aparicio Rivera "Embedded in Rust", personal blog Old footage of the robot Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 H.2214 rust_distributed_kv_store TiKV - building a distributed key-value store with Rust A transactional key-value store powered by Raft Rust devroom It’s not an easy thing to build a modern Key-Value database which supports the distributed transaction, horizontal scalability, etc. But this is exactly what we are doing and we have built such a database from scratch using Rust. The database is named TiKV. In this talk, I will share how we use Rust to build the storage, to support replication across geographically distributed data networks, to implement an RPC framework, to inject failure for tests, and to monitor the key metrics of the whole cluster. To build a distributed Key-Value store from scratch, we need to consider many things. In this talk, I will share with you the following experiences when we build TiKV. <ol> <li>Why another database? The key features of a modern distributed Key-Value store: horizontal scalability, auto failover, transactional API, etc.</li> <li>How we build the TiKV core system, including the backend storage engine, the gRPC framework, the consensus replication mechanism, etc.</li> <li>How we use the failure injection test to guarantee data safety.</li> <li>How we monitor the cluster and diagnose the problems.</li> <li>The future plan.</li> </ol> Siddon Tang TiKV on GitHub Futures and gRPC in Rust Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 H.2214 rust_qt_binding_generator Qt GUIs with Rust Rust Qt Binding Generator Rust devroom Build a graphical application with Qt and Rust. Qt is a mature GUI library. Rust is a new, exciting and strict programming language. You can build most of your application logic in Rust and write the GUI in QML or Qt Widgets. This talks will walk through how to do this with Rust Qt Binding Generator. Jos van den Oever Rust and QML: a timely example Rust Qt Binding Generator Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:25 H.2214 rust_nodejs_neon Writing Node.js Modules in Rust An introduction to Neon Rust devroom There's always some use cases where you need a systems language inside your node.js application. Neon is Rust bindings for writing safe and fast native Node.js modules. This talk is mainly about Neon, I'll go through the current state of project, a few examples, problems and also the future of the project. Farid Nouri Neshat Slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:25 H.2214 rust_demystifying_parsing Demystifying Rust parsing Language parsing and automatic binding generation Rust devroom Usually, the topic of parsing the Rust source code is associated with the Rust compiler itself, which for many is an uncharted territory. However, parsing by itself can (and should) be used out of the context of the Rust compiler: given the wealth of information that we can extract out of the code, we can do a lot of thing with it. In this talk, we'll discuss several interesting applications for the Rust parser and the abstract syntax trees it produces, with practical examples of Mozilla bindgen (automatic generation of Rust library bindings based on C source code) and a Java binding generator written by the author for a large-scale open source library. Some prior basic knowledge of compilers and parsing is expected. The intended audience is Rust developers who want to learn more about the internal implementation of the Rust compiler and to practically apply this knowledge in their projects. Nikita Baksalyar The C header generator that will be referenced in the talk Alternative Rust parser based on Nom, which doesn't depend on the nightly compiler Parser internal to the Rust compiler Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:25 H.2214 rust_rustfix_automatic_fixes rustfix …and the journey to getting better code automatically Rust devroom Rust programmers often seem happy to get compiler errors. Understandably so, the compiler is known to not just catch what would in other languages become a run time bug, but also to be quite helpful. On top of that, the <a href="https://github.com/rust-lang-nursery/rust-clippy">clippy</a> project adds more than 200 additional lints, to catch even more errors, but also help guide users towards writing more idiomatic code. This talk is about the dream of automatically fixing many of these errors (based on compiler-provided suggestions) with <a href="https://github.com/killercup/rustfix">rustfix</a>. Pascal Hertleif rustfix on Github Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 15:30 00:25 H.2214 rust_miri_const_evaluation Reaching const evaluation singularity An introduction into miri and Rust's const evaluation Rust devroom The Rust interpreter <code>miri</code> has been merged into rustc to be its new const evaluator. This merge not only fixed various bugs in the old const evaluator, it opened up the avenue for many new features. Ever wanted to do a <code>for</code> loop in a constant? Want to parse a <code>toml</code> file into a static <code>Config</code> struct and report parsing errors as compile-time errors? Well, now you can do all that (pending RFCs for the details). In this talk I will present miri's design, its usage in the compile-time evaluator as well as future features that are enabled by it Oliver Schneider Repository of miri Initial merge of miri into rustc Removal of all old const eval in favour of miri http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:25 H.2214 rust_embedding_wasm Rust - embedding WebAssembly for scripting WebAssembly in non-Javascript environments Rust devroom Rust is associated with performance, memory safety and control of memory usage. Embedding dynamic runtimes such as for Lua or Javascript for dynamic scripting within the Rust-App would introduce an huge overhead. A WebAssembly-engine seems to be a good choice as compact and portable runtime environment. JIT-compiler may be used in future to transform WASM files to native code. The talk will present WebAssembly technology and the benefits and pitfalls integrating it into a Rust-app. Small routines are implemented in C++/Rust and compiled to Wasm. The Rust-App is loading the wasm-code as plugin at runtime to execute dynamic tasks. Frank Rehberger I contributed integration tests to this project, that I can use as demonstrators for this talk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 H.2214 rust_testing_mocking Testing in Rust A Primer in Testing and Mocking Rust devroom ABSTRACT Rust is designed for building low-level systems processes that are reliable and safe. Nevertheless, it is still important for developers to ensure their code is doing the right thing. To achieve this, Rust has a rich set of built-in testing tools for writing unit tests. In this talk we cover general unit testing techniques for Rust. We will also demonstrate how to mock out complex dependencies using the double crate. Examples will range from simple cases to complex cases that you'll often see when testing real world systems. The talk is suitable for both novice and experienced Rust developers, as well as non-Rust developers who are interested in learning more about the language. DETAILED OVERVIEW Rust is designed for building low-level systems processes that are reliable and safe. Nevertheless, it is still important for developers to ensure their code is doing the right thing. To achieve this, Rust has a rich set of built-in testing tools for writing unit tests. When writing unit tests, we often need to mock dependencies that are complex to set up or access external resources (e.g. databases and APIs). Rust's heavy emphasis on generic metaprogramming and borrow semantics make mocking dependencies non-trivial. Thankfully, the double crate (https://github.com/DonaldWhyte/double) abstracts the complexities of mocking in Rust away from you. In this talk we cover general unit testing techniques for Rust. We will also demonstrate how to mock out dependencies using double. Examples will range from simple cases to complex cases that you'll often see when testing real world systems. By the end of the talk, viewers will be able to: <ul> <li>write test modules and documentation tests</li> <li>mock out complex dependencies for simpler / more deterministic unit tests</li> <li>perform powerful matching on generated outputs</li> </ul> This talk is suitable for both novice and experienced Rust developers, as well as non-Rust developers who are interested in learning more about the language. Donald Whyte Mocking framework used for examples in talk Presentation I've given at other conferences: C++ testing/mocking using Google Mock Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 01:00 H.3227 bofupipe Upipe developers meeting BOFs (Track A - in H.3227) bof Upipe developers annual meeting. Christophe Massiot Submit feedback 14:00 01:00 H.3227 blockchain_meet_and_greet Blockchain developers meet&greet BOFs (Track A - in H.3227) bof Meet and greet for blockchain developers. (Follows the talk on Monero in Janson.) Martin Bähr Submit feedback 09:00 00:15 AW1.120 sdrintro Intro to the SDR Devroom ..and updates from the community Software Defined Radio devroom Once again, we meet in Brussels, at FOSDEM, to talk about the state of free software SDR. The intro will recap the year, and give some updates on what's new and great in the SDR world. Philip Balister Martin Braun Sylvain Munaut http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:15 00:30 AW1.120 recappingdarpa Recapping DARPA's First Big Hackfest Software Defined Radio devroom An overview of the DARPA Bay Area SDR Hackfest (darpahackfest.com). In November of 2017, the United States Defense Advanced Research Projects Agency (DARPA) held its first large-scale Hackfest. The DARPA Bay Area SDR Hackfest focused on using software defined radio (SDR) to control unmanned aerial vehicles (UAV), otherwise known as drones. The week-long Hackfest involved a set of Missions that were tackled by eight teams selected earlier in the year, a series of speakers to give two talks per day, and an open Hacker Space to allow anyone who wanted room to hack, explore, and work on projects. DARPA created this event to explore a number of questions. First, who else is working in the field of SDR and UAVs that might be able to contribute to the DARPA mission? What new ideas and innovations might prove significant to the future of SDR and UAV technology in the future? And how does free and open source software (FOSS) enable talented engineers and scientists to answer hard technical challenges quickly? The event produced interesting results, and in this talk, we will examine what came out of the Hackfest and think about the future purposes of these kinds of events and ways of engaging the developer communities. Tom Rondeau DARPA Hackfest DARPA's Homepage Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:45 00:30 AW1.120 passiveradar (Yet another) passive RADAR using DVB-T receiver and SDR. Software Defined Radio devroom We demonstrate the use of affordable DVB-T receivers used as general purpose software defined radio interfaces for collecting signals from a non-cooperative reference emitter on the one hand, and signals reflected from non-cooperative targets on the other hand, to map the range and velocity in a passive radar application. Issues include frequency and time synchronization of the DVB-T receivers, mitigated by appropriate digital signal processing relying heavily on cross-correlations. Passive radar uses existing non-cooperative emitters as signal sources for mapping non-cooperative target range and possibly velocity. The attractive features of this strategy is the lack of dedicated broadband source for RADAR application, low cost from the use of existing emitters, and stealth since the operator is undetectable. This measurement technique has become accessible to the amateur with the availability of low cost receivers ideally suited for software defined radio processing. In the framework of passive radar applications, two receivers must be synchronized to record simultaneously the reference channel and the signal reflected by the targets: cross correlation will then finely identify the reference signal delay in the measurement signal and allow for target identification. In the case of moving targets, a brute force approach similar to Doppler compensation in GPS acquisition is applied for the cross correlation to coherently accumulate energy: the range-Doppler maps hint at the distance to the target and its velocity. Most interestingly, in the latter context, clutter (signals reflected from static targets) is separated from the moving target which becomes well visible even in a complex environment. In this presentation, we discuss the details of real time acquisition and signal post-processing for passive radar application, while addressing some of the challenges of diverting DVB-T receivers from their original application. While passive radar has been demonstrated with FM broadcast emitters, analog television emitters, or wifi, we shall here consider the broadband signal provided by digital terrestrial television broadcast signal. Jean-Michel Friedt range-doppler movie of two planes landing (cross-correlation) range-doppler movie of two planes landing (auto-correlation) manuscript describing the results range-doppler movie of a ship crusing towards the port of Sendai (cross-correlation) slides of the presentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:15 00:30 AW1.120 radar In the SpOOTlight: gr-radar Measuring EM backscatter, free and easy Software Defined Radio devroom gr-radar is an out-of-tree module (OOT) for GNU Radio that came about during a Google Summer of Code. Let's take a look at this OOT together, see what it can do, and see what it could become! In 2014, during the Google Summer of Code (GSoC), Stefan Wunsch took existing radar codes and freed them by publishing them as an OOT. The module was extended by several others, mostly students from the Comunications Engineering Lab at KIT, Karlsruhe, Germany. This presentation will take the toolbox and check out it's current capabilities, giving a short introduction into radar, the toolbox itself, and what it could become. Martin Braun Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:45 00:30 AW1.120 spectrumscanner Efficient implementation of a spectrum scanner on a software-defined radio platform Software Defined Radio devroom One of the important tasks of national regulators is to detect abusive usage of the radio-frequency (RF) spectrum. This talk presents the implementation of an opportunistic spectrum scanner on a software-defined radio platform, whose aim is to continuously scan the RF spectrum and to detect whether any signals are present. The implementation is done on a USRP-N210 software-defined radio, a popular and cheap model. One major bottleneck of USRP-based implementations is the limited CPU computation power, which does not allow to process RF signals at high sample rates continuously. In the proposed implementation, most computation is done on the USRP FPGA, such that the host CPU is relieved and is only used to store data and coordinate the scanning. We present the details of the FPGA and the software architecture, as well as some experimental results that show the efficiency of the proposed spectrum scanner. Francois Quitin https://github.com/fquitin/energy_detection_system Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:30 AW1.120 gfdm An optimized GFDM software implementation for low-latency Software Defined Radio devroom We present an open source GFDM implementation in GNU Radio. It is optimized for high throughput and low-latency. Future mobile communication standards in the realm of Industry 4.0 will require low latency waveforms in conjunction with high spectral efficiency. GFDM is a promising candidate to meet these requirements. Having an open source implementation helps researchers to experiment with this waveform early on in the process. Johannes Demel GR Con paper HiFlecs project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:45 00:25 AW1.120 dlrcafe DLR-CAFE: CUDA Filterbank Updates Brand-New: Arbitrary Resamplers for everyone Software Defined Radio devroom This talk is aimed at giving an update on my efforts to open source my CUDA Polyphase Filterbank library DLR-CAFE, the Satellite Networks Department Coprocessor Accelerated Filterbank Extension Library, developed at the German Aerospace Centre (DLR). It will contain a short introduction to the newest addition to the library, a Polyphase Filterbank Arbitrary Resampler. Following this, I will give a brief update on my progress to release the library into the Open Source wilderness. Jan Krämer Video recording (mp4) Video recording (WebM/VP9) CAFE Github Repo Submit feedback 12:15 00:30 AW1.120 physicsmathsdr Physics, Math, and SDR Recognize, measure, and correct the inevitable Software Defined Radio devroom This talk is about IQ imbalance, DC offsets, Noise Figure, and Intermodulation Distortion and how to simulate, measure, and, where possible, correct each in GNU Radio. Derek Kozel Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:45 00:20 AW1.120 plutosdr Stupid Pluto Tricks Real world things you can do with a PlutoSDR Software Defined Radio devroom The ADALM-PLUTO SDR can be used as both a streaming (to GNU Radio device) as well as a standalone SDR, since it includes a single core ARM A9, and runs Linux inside. Although it requires closed source tools (Xilinx), they are zero cost, and with a little time, custom firmware images can be created, allowing the device to be a standalone radio platform. This talk will show a few different things that can be done, including a ADS-B receiver, an instrument to measure Noise Pollution, a stealth RF capture device (to investigate RF), and a cell phone jammer detector. The ADALM-PLUTO SDR can be used as a RF streaming device over USB 2 to Linux's Industrial I/O (IIO) clients like GNU Radio, or custom applications in C, C++, or python. These applications can also be run directly on the device, and the userspace library (libiio) abstracts the transport (USB, network, serial, or local) away from the application. With a single line code change, and a cross compiler, applications can move from being run on a host, or locally on the device. It's even easier if you are using devices like Raspberry Pi, since you don't need a cross compiler. This talk will go through a few quick demos, showing (1) how to build custom firmware images; (2) how to track airplanes overhead; (3) How and why RF noise pollution is bad, and how it can be tracked/monitored; and (4) investigate portable cell phone jammers, that are being sold on the internet (for research purposes only). Five minutes will be spent on each topic, and code on github will be pointed to. Robin Getz PLUTO SDR page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:15 00:30 AW1.120 gr_runtime The GNU Radio runtime Reinventing a very fast wheel Software Defined Radio devroom In the last decade the GNU Radio project and its ecosystem has grown a lot. Unfortunately not all parts of the project have got attention equally. A lot of new and missing functionality can be found in so-called Out-of-Tree modules (OOTs). The struggle to add changes to OOTs which are incompatible to the GNU Radio core is real. The GNU Radio runtime needs some fresh ideas so new development with GNU Radio will be possible and rewarding. This presentation will try to give an quick overview about the current structure and inner workings of the GNU Radio runtime and take a dive into how a new runtime can be implemented to make GNU Radio future-proof. Andrej Rode Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:45 00:25 AW1.120 grccpp C++ Code Generation with GRC Software Defined Radio devroom This talk introduces C++ output functionality for the GNU Radio Companion, which was my ESA Summer of Code in Space project this summer. Håkon Vågsether My SOCIS blog My C++ generation branch My GitHub Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:15 00:45 AW1.120 sdr_lora_aes LoRa Reverse Engineering and AES EM Side-Channel Attacks using SDR Software Defined Radio devroom LoRa is a novel wireless modulation scheme designed for low data rate, low-power and long-range communications. In this presentation, we will discuss the various processing stages taking place on the LoRa PHY layer, including coding, whitening, interleaving, modulation and preamble detection. We will subsequently learn how hardware LoRa radios can be reverse engineered in order to build our own LoRa decoder with GNU Radio and software defined radios. The concept of PHY-layer fingerprinting will also be briefly explained, showing how we can identify individual LoRa radios using only their raw radio signals and a neural network. Finally, we will see how software defined radios can be leveraged to perform electromagnetic side-channel attacks on the AES encryption scheme, which is used by LoRa and various other wireless protocols. Such attacks enable the recovery of an unknown secret key given a set of known plaintexts and proximal measurements of the electromagnetic spectrum taken during the encryption process. Pieter Robyns Github repository for my decoder, gr-lora Github repository for my fingerprinting code and paper My website listing all of my projects Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:30 AW1.120 osrt Intro to Open Source Radio Telescopes Software Defined Radio devroom The Open Source Radio Telescope initiative is a group of educators and radio astronomy enthusiasts, trying to bring the world of radio astronomy closer to the people. We provide projects and education to anyone who wants to join. Find more about the project at: http://opensourceradiotelescopes.org/ Martin Braun Sue Ann Heatherly Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:20 AW1.120 weatherstation Free your Weather Station! War Stories from hacking Weather Stations Software Defined Radio devroom Short presentation on hacking the Oregon Scientific WeatherStation with a proprietary interface. To free the data within. Short presentation on hacking an Oregon Scientific WeatherStation with a proprietary interface. The Weather Station itself was provided with a USB port, with some clunky Microsoft Windows Software to dump the data to CSV. Pulling the data directly out of the Weather Station by the port provided was not going to be an option. Instead Open Source software came to the rescue; in the form of a Arduino Sketch implementing Manchester Encoding with a €2 RXB6 module. With this, I was able to intercept the 433 Mz Sensor Data and upload to the internet with WeeWX. This is a story of a €12 investment and Open Source, opening a World of Weather Data. Ray Kinsella Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 AW1.120 claimspace Claim Space, the Libre Way, using SDRs Software Defined Radio devroom So many things happened from the FOSDEM 2017 in the SatNOGS project. The successful deployment and data reception of the UPSat satellite, high power amateur rocket launches and realtime telemetry decoding, automatic decoding of LEO satellite signals from our crowd-sourced network of ground stations are some of the milestones achieved. And all these with the help of Software Defined Radios! In this talk, we present briefly the UPSat and the High Power Rocketry project and then the version 3 of the SatNOGS project. In the new version we have developed several decoders that operate in realtime during a LEO satellite pass. Combined with the SatNOGS rotator that tries to point as accurate as possible to the satellite trajectory, the decoder searches for transmitted frames. The successfully decoded frames are then uploaded automatically on the SatNOGS database for visualization and further analysis. Currently, SatNOGS project incorporates decoders for many popular in LEO satellite missions transmission schemes such as AFSK1200, APRS1200, (G)FSK9600, APRS9600, APT, DUV, CW, LRPT using the GNU-Radio toolkit. In addition, decoders for APT and LRPT are producing on the fly the weather images transmitted by the corresponding meteorological satellites. For the most interesting of the available decoders, we present the design and the implementation details among with a live decoding demo from a IQ captured observation. All of the available decoders are running in realtime on the RPi3 platform. To achieve this, several design decisions were made (RF performance vs realtime operation) and we discuss some of them. Manolis Surligas Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 AW1.120 byor BYOR: Bring-your-own-radio hacking session Bring your device, show us what it can do! Software Defined Radio devroom This will be a FOSDEM first: Instead of a panel, this year's interactive time slot will be a bring-your-own-radio hack session. Bring your stuff, show us what it can do! We will have the mic open for demonstrating, but you can also huddle (as far as the room permits) around your devices and show them off. Martin Braun Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:20 AW1.121 dns_zonemaster Zonemaster Comprehensive tool for DNS validation DNS devroom DNS is the backbone of the Internet. When one is not able to access to a content (such as a website), the first thing to do is to verify the DNS connectivity. This talk will provde an overview of an open source DNS checking tool called "Zonemaster" (https://github.com/dotse/zonemaster), developed and maintained by Afnic (www.afnic.fr) and IIS (www.iis.se). The talk will further delve into the architecture, different components (Engine, API, GUI, CLI) and its usages for different end-users such as general users, Companies operating DNS, Companies having a DNS portfolio of domain names and DNS geeks. Sandoche Balakrichenan Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:25 00:20 AW1.121 dns_repairing_at_tld_scale Repairing DNS at TLD scale DNS health in .CZ DNS devroom For DNS stability is important to delegate domains to correctly configured servers, but condition can change over the time. We are checking all 1.3 milions of domains regulary and try to poin on common mistakes. Presentation also show, how we deal with term "correct configuration" for atuhoritative DNS server Petr Černohouz Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:50 00:20 AW1.121 dns_bind9_past_present_future BIND 9 Past, Present, and Future The future is scary. But you can't just run back to the past because it's familiar. DNS devroom BIND 9 is now 17 years old, the latest stable version 9.12 was releases in December and the BIND 9 Team has adopted changes to adapt to the ever change Internet landscape. In this talk, I will present BIND 9 colorful past, the current state of development, and the changes that BIND 9 Team has adopted to cope with modern DNS. I will talk about the changes in the development model, release cycles, and also about the planned features that will help BIND 9 Team to be more nimble in adding new features, fixing old issues, spending less time on maintenance, while ensuring the stability for existing users. I believe that existing BIND 9 users will be thrilled. Ondřej Surý BIND 9 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:15 00:30 AW1.121 dns_blame_debugging Blame (and) DNS: debugging tutorial Find out who, where, and how broke your DNS. DNS devroom How to find out who, where, and how broke your DNS resolution? What support line to call? These are hard questions because today's DNS is very complex and even simplest query for an IP address might involve dozen different parties. In this tutorial we will walk though typical scenarios and use common tools to find out why things do not work as we expect and who to contact. Format of the talk is presentation with screencast from live debugging sessions. Attendees are encouraged to bring own laptops with working network, pre-installed command-line tools dig, delv, drill, ping, and a web browser. This might be handy if you want to play with the tools during the talk. Petr Špaček DNSViz Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:50 00:20 AW1.121 dns_living_on_the_edge Living on the Edge Greatly needed stub resolver capabilities for applications and systems with the getdns library DNS devroom To improve system security to the next level, the DNS services used by applications at the end-point need recent standards implemented. Currently typical use of DNS by applications is limited to forwarding requests to the system's stub resolver, which in turn simply forwards it to the recursive resolver in the network which does all the heavy lifting; iterate over the authoritatives, secure the lookups with DNSSEC etc. This first-mile in the DNS eco-system (from application, via stub to the recursive resolver) is completely insecure and exposed. This makes the use of DANE (a secure alternative to the flawed CA based PKIX) impossible and also leaves end-users unprotected to DNS based connection hijacking and very exposed to eavesdropping attacks! To deliver DANE and Privacy to the end-user, we need to address these issues as close to the end-user as possible. The getdns library is a resolver library for applications, providing a versatile stub resolver that takes care of all the difficulties and complexities that arise when these higher security and privacy demands need to be practiced for actual users instead of just networks. For both DANE and DNS Privacy, stub resolvers need to be able to reliably establish the authenticity of data at the remote end. This alone already involves DNSSEC and/or PKIX validation, and might also involve DNSSEC roadblocks avoidance, discovery and anticipating IPv6-only networks (DNS64/NAT64), and reliable trust requirements maintenance (i.e. the KSK rollover). Furthermore, to correctly perform DANE, applications need to learn from the stub resolver the status of the authentication result. In the course of the presentation the following topics will be covered: * the current techniques stub resolvers utilise to reliably do DNSSEC, * the changing architectural role of the stub-resolver system-component (Stub as daemon, as library, as both, dbus interface, nsswitch module), * the stub resolver specific challenges with the root KSK rollover, and * the implementation status of different stub software with respect to the bullet points above. Willem Toorop getdns website DNS privacy website github repo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:15 AW1.121 dns_aggressive_nsec DNSSEC for higher performace How aggressive use of DNSSEC-validated cache boosts DNS performace. DNS devroom "Security slows down everything." Or not? This talk will explain how aggressive use of DNSSEC-validated cache (aka RFC 8198) boosts DNS performance, and why signing your own domain can provide higher security and performance at the same time. Petr Špaček Paper describing Random subdomain attack on DNS Knot DNS authoritative server Knot Resolver Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:35 00:25 AW1.121 dns_melting_the_snow Melting the Snow Using Active DNS Measurements to Detect Snowshoe Spam Domains DNS devroom Snowshoe spam is a type of spam which is hard to detect. This is because the spammer tries to spread out the sending load over many host in order to evade detection. Our method combines active DNS measurements with Machine Learning to detect snowshoe spam domains with a time advantage over regular methods. Snowshoe spam is a type of spam that is notoriously hard to detect. Anti-abuse vendors estimate that 15% of spam can be classified as snowshoe spam. Differently from regular spam, snowshoe spammers distribute sending of spam over many hosts, in order to evade detection by spam reputation systems (blacklists). To be successful spammers need to appear as legitimate as possible, for example, by adopting email best practices, such as the Sender Policy Framework (SPF). This requires spammers to register and configure legitimate DNS domains. Many previous studies have relied on DNS data to detect spam. However, this often happens based on passive DNS data. This limits detection to domains that have actually been used and have been observed on passive DNS sensors. To overcome this limitation, we take a different approach. We make use of active DNS measurements, covering more than 60% of the global DNS namespace, in combination with machine learning to identify malicious domains crafted for snowshoe spam. Our results show that we are able to detect snowshoe spam domains with a precision of over 93%. More importantly, we are able to detect a significant fraction of the malicious domains up to 100 days earlier than existing blacklists, which suggests our method can give us a time advantage in the fight against spam. In addition to testing the efficacy of our approach in comparison to existing blacklists, we validated our approach over a 3-month period in an actual mail filter system at a major Dutch network operator. Not only did this demonstrate that our approach works in practice, the operator has actually decided to deploy our method in production, based on the results obtained. Olivier van der Toorn Project home page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:05 00:30 AW1.121 dns_privacy DNS privacy, where are we? A general examination of the current state of the DNS privacy project DNS devroom The DNS privacy project started in november 2013 at the IETF meeting in Vancouver, following Snowden's revelations. Where are we today? We have a problem statement (RFC 7626), standard solutions (QNAME minimisation, DNS over TLS), running code (such as the getdns library) and actual deployments (such as the Quad9 public resolver). The talk will examine the current state of the project. It is intended for people who have a general knowledge of DNS, but you don't need to be an expert. Unlike HTTP and Web privacy, the issue of privacy for DNS users was never a hot topic. There are no specific rules or regulations about it, and the typical Data Protection Agency, GDPR or not GDPR, is not too interested in the subject. But DNS traffic can be very revealing and has already been used to identify things such as malware communicating with a C&C. If DNS surveillance can be done for the good, it can certainly also be done for evil purposes. This is what motivated the Internet Engineering Task Force to start a work at the Vancouver meeting in november 2013, with a more official start at the London meeting in march 2014. The project followed the classical steps: describing the problem, the threat model, the actual rissk (this is now documented in RFC 7626), then trying to find solutions. While many geeks, when asked about privacy, immediately scream "encryption", privacy actually requires TWO things: encryption to protect against third parties, AND data minimisation, to protect you against the servers you talk to. Hence the development of two solutions, encryption with TLS (RFC 7858) and QNAME minimisation (RFC 7816). There is also running code. The Unbound DNS resolver already knows how to encrypt (upstream and downstream), and can also perform QNAME minimisation, like the Knot resolver. The excellent getdns library also speaks DNS-over-TLS, allowing things like a monitoring plugin to monitor your DNS-over-TLS servers. Android has now DNS-over-TLS in its code base. And there are some public deployments with this technology. The OpenWrt router Turris Omnia already ships, by default, with QNAME minimisation enabled. The Quad9 public DNS resolver accepts DNS-over-TLS. What can we expect in the future? There are some projects to allow encryption between resolver and authoritative server (RFC 7858 only cobvers the stub-to-resolver case), to add padding to more TLS requests (getdns and Knot already do it), but most of the work will probably be on the code and deployment. Stéphane Bortzmeyer Portal on DNS privacy IETF dprive working group Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:40 00:15 AW1.121 dns_openid_discovery DNS-based discovery for OpenID Connect Taking Single-Sign-On to the next level DNS devroom OpenID Connect is a widely deployed standard to implement single-sign-on in the web. While the existing protocol discovery mechanisms might be well-suited for the current social media login deployment status (that is, a handful of islands of identity providers and Facebook&Google coping with 90%+ of the market share), a better mechanism would be needed for a real federated, distributed environment. This lightning talk tries to present the ideas outlined in https://tools.ietf.org/html/draft-sanz-openid-dns-discovery-00 together with a working demo, looking for feedback from the DNS developer community. Marcos Sanz Grossón Project page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:05 AW1.121 welcome_to_the_retrocomputing_devroom Welcome to the Retrocomputing DevRoom A new devroom, for old tech Retrocomputing devroom Pau Garcia Quiles (pgquiles) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:30 AW1.121 dosemu_and_freedos_past_present_future DOSEMU and FreeDOS: past, present and future Retrocomputing devroom DOSEMU (1992) and FreeDOS (1994) are long-running projects which allow you to run DOS applications on Linux and on bare hardware. I will describe their history and current developments. Intended audience: anyone who is interested in DOS and emulation. I will describe past and current developments relating to DOSEMU and FreeDOS. This includes: * The Dosemu2 project, a continuation of DOSEMU coordinated by Stas Sergeev. * Where does DOSEMU fit in among other solutions such as DOSBOX and QEMU? * Use of KVM within Dosemu2 to allow running DOS applications at near-native hardware speed on CPUs that no longer support the vm86() syscall. * FreeDOS 1.2 and an outlook to FreeDOS 2.0. * The GCC IA-16 port with support for far pointers by Rask Ingemann Lambertsen, Andrew Jenner and TK Chia. This finally allows us to compile FreeDOS components using a Free compiler, instead of Open Watcom which has more restrictive licensing terms. Bart Oldeman DOSEMU Dosemu2 FreeDOS GCC IA-16 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:05 00:30 AW1.121 developing_software_on_oric_microcomputers Developing software on ORIC microcomputers OSDK, Oricutron & friends Retrocomputing devroom The ORIC SDK by Defence Force is used to write demos and games for the ORIC range of microcomputers. Along with the Oricutron emulator, they make it possible to cross-develop C and asm programs for these machines. We'll show you how. We'll show installation and usage of the OSDK. François Revol OSDK homepage Defence Force SVN repository ORIC reference site Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:40 00:30 AW1.121 retro_uc Retro-uC An open source microcontroller with retro instruction sets Retrocomputing devroom Presentation about a micro-controller with the proper instruction set for the retro enthusiast and a pilot project to testing the grounds for an open silicon movement. The Retro-uC is an fully open source microcontroller. It uses CPU cores that are battle tested in FPGA re-implementations of vintage computer systems. It implements the MOS6502 instruction set of Commodore 64 fame, the Z80 one of the ZX Spectrum and the Motorola 68000 of Amiga and Atari ST fame. For development, implementations running on FPGA boards are available and are available for interested retro people to use for their own development or as microcontroller. The final goal of the Retro-uC porject is to produce an ASIC by a crowdfunding campaign. After giving an overview of the features and choices made like the memory map the author would like to get freedback from this talk on the compatibility of low volume chip production and retrocomputing. This presentation will only very briefly discuss the implementation of the chip itself; that will be discussed more in depth in a presentation in the CAD and Open Hardware devroom. Staf Verhaegen Microcontroller source code (WIP) Hackaday project page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:15 00:30 AW1.121 netbsd_modern_operating_system_for_retro_battlestation NetBSD - A modern operating system for your retro battlestation Retrocomputing devroom The NetBSD operating systems focus on portability means that over the years since its inception it has ammassed support for a large body of platforms across many CPU architectures with continued support to this day. The NetBSD operating systems focus on portability means that over the years since its inception it has ammassed support for a large body of platforms across many CPU architectures with continued support to this day. Through this effort to provide extensive support many features & sub projects have developed to acomodate supported hardware. Everything from a Sun2 workstation to a Sega Dreamcast to an Amiga and many others. This talk will cover the details of these features which ease supporting such systems. No system newer than 10 years old will be covered! <ul> <li>Introduction to NetBSD and the benefits of extensive support</li> <li>Bootloaders</li> <li>Use of Emulation</li> <li>Automated testing on Amiga, Sega Dreamcast and beyond with Anita</li> <li>Cross compilation support</li> <li>Complimentary hardware projects: USB interface for your Turbo Channel VAX and more</li> <li>Cutest of devices</li> <li>Revival of once deemed dead ISA</li> </ul> Sevan Janiyan Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:50 00:30 AW1.121 fame_development_colecovision_sega_8bit_systems Game development for the ColecoVision and Sega 8-bit systems Developing for Z80-based video game systems using modern free tools Retrocomputing devroom The ColecoVision and Sega Master System are popular video game systems of the 1980s. The central part of the free toolchain is the Small Device C Compiler (SDCC), which features some optimizations particularly suited to the irregular architectures, allowing SDCC to generate efficient code for the Z80. Hardware similarities between the ColecoVision and the Sega 8-bit systems allow to target both in game development, which is supported by cross-platform libraries. The ColecoVision and Sega Master System are popular video game systems of the 1980s. When they appeared, game development was limited to commercial developers and usually done in assembler only. Today, free tools allow anyone to develop for them with relative ease, also in C. The ColecoVision and Sega Master System are popular video game systems of the 1980s. The central part of the free toolchain is the Small Device C Compiler (SDCC), which features some optimizations particularly suited to the irregular architectures, allowing SDCC to generate efficient code for the Z80 (and some other architectures relevant to retrogaming, such as the CPU used in the Game Boy). SDCC is also used as part of larger retrocomputing / -gaming tools, such as z88dk and 8bit Workshop. Besides all being Z80-based, the ColecoVision and the Sega 8-bit systems also use similar graphics and sound chips. This allows to target the simultaneously in game development, which is supported by cross-platform libraries. Some new games have been released on cartridges. Sometimes cartridges from old games are reused, but there are also new PCB designs and newly made game cartridges. Philipp Klaus Krause Small Device C Compiler z88dk libcv and libcvu Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:25 00:30 AW1.121 zxspectrum_in_the_new_millenium ZX Spectrum in the New Millenium Upgrading ROM Cartridge to 512KB Retrocomputing devroom Present the challenges faced to work around the limitations of the existing ZX Spectrum Cartridge interface (limited by definition to 16KB), in order to be able to have up to 512KB using FLASH memory. First present the existing limitations of the Sinclair Interface2 Cartridge hardware implementation. Second, document the problems and challenges presented by it, when trying to use it for something more than a Read Only Memory (ROM) with 16KB Third, document the side band communication implemented in order to transfer information to a smarter Cartridge, that implements a paged memory interface. Fourth, Demonstrate a working sample/prototype (either live, using a real Spectrum or in video format). Check video links. Rui Martins NOXROM Prototype Bank/Paging working NOXROM Firmware 0.54 NOXROM R-Type V3 NOXROM R-Type Level 1 R-Type Boot Level 1 Firmware source code on github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:15 AW1.125 iot_opening IoT DevRoom Opening Overview of the day Internet of Things devroom IoT DevRoom opening Overview of the day Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:50 00:25 AW1.125 home_assistant Turning On the Lights with Home Assistant and MQTT Internet of Things devroom In this presentation you will learn the exact steps for using MQTT JSON Light component of the open source home automation platform Home Assistant for controlling lights through the machine-to-machine protocol MQTT. Practical examples for low cost devices combining together open source hardware with free and open source software will be revealed. The presentation will provide general overview of Home Assistant, details about the software integration of new devices to it through the MQTT protocol and open source MQTT brokers such as Mosquitto. We will do a code review of an open source Linux daemon application for Raspberry Pi, written in the C programming language and based on the Paho library for MQTT client and the piGPIO library used for pulse-width modulation (PWM) control of a RGB LED strip. We will compare it to an implementation of the same features for the microcontroller with WiFi ESP8266 written as a sketch for the Arduino environment. Furthermore, the presentation will include details about reading data from various sensors and their setup in Home Assistant. Home Assistant is a popular open source home automation platform written in Python 3 and perfect to run on a Raspberry Pi. Out of the box is supports popular mass market Internet of Things such as IKEA Trådfri, Philips Hue, Google Assistant, Alexa / Amazon Echo, Nest, KODI and many more. Furthermore Home Assistant provides components for easy integration of Internet of Things through the machine-to-machine protocol MQTT. This presentation will focus on practical examples for using the MQTT JSON Light component for integrating two type of devices controlling 12V RGB LED strips: Raspberry Pi with the open source hardware add-on board ANAVI Light pHAT and the another open source hardware devices with ESP8266 - the cheap WiFi microcontroller compatible with the Arduino IDE. The printed circuit boards (PCB) of both hardware devices used in the examples are designed with free and open source software KiCAD that runs on GNU/Linux distributions. The focus of the presentation will be on the open source software that implements an MQTT client, connects to an open source MQTT broker such as Mosquitto and controls the lights of RGB LED strip through PWM. The exact steps for the integration of new devices in Home Assistant using MQTT will be revealed in details. The presentation is appropriate for open source enthusiasts interested in home automation, engineers, students and even beginners. No previous knowledges about Home Assistant or MQTT is required. Leon Anavi Home Assistant MQTT JSON Light Linux daemon for controlling 12V RGB LED strip with ANAVI Light pHAT on Raspberry Pi over MQTT Arduino sketch for controlling 12V RGB LED strip on ESP8266 Open-source client implementations of MQTT Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:25 00:25 AW1.125 mbed_pagekite Accessing your Mbed device from anywhere using Pagekite How to create a Mbed library for Pagekite Internet of Things devroom When looking at home automation solutions available in the market nowadays, one of the most important and expected features is to be able to control your home automation installation from anywhere in the world using a smartphone app. A vendor of a low-cost home automation solution requested us to add such a feature to their existing IP gateway product, which only allowed for users to control their home automation system with their smartphone while they are connected to their local network at home. We were asked to make it possible to let the smartphone app connect to the IP gateway from anywhere in the world. This vendor's IP gateway hard- and software was based on the Mbed platform, so they needed a solution that could fit within Mbed. First of all, there are a lot of ways to make a device in a local network accessible from anywhere in the world: SSH tunneling, port forwarding with dynamic DNS,... Since our client wanted an open-source, secure, low-cost and easy to set up solution that he could host himself, we opted to go for Pagekite. However, since Mbed does not support OpenSSL, Linux sockets or libev, the existing libpagekite C library was not an option to start from. So we started to implement a Mbed flavour of the library ourselves, and decided to make it open-source Bert Outtier Mbed Pagekite library Test application for Mbed Pagekite library Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:05 00:25 AW1.125 home_automation Home automation - Not as simple as you think Internet of Things devroom Home automation, like most fields in IoT, appears simple. A few lines of code, a couple of data points, and the job appears done. However, integrating computer code into a human life is not so simple. This talk highlights the personal issues involved in this area of IoT software development, and why the code you develop in the lab is often unsuitable for the home. "Simple" functionality like picking a random song, decreasing the volume, and playing a movie take on hidden complexities, that will be uncovered. Steven Goodwin has lived in the automated home he's been building for the last 15 years. The Minerva project contains much of that code, but that's only the start. On one hand it needs some very specific configurations (e.g. which train stations do you use, so it can guestimate your arrival time, and therefore know when to control the heating or put the kettle on), and on the other it needs custom code to reflect your lifestyle. This latter point extends into the conversation of self-awareness of your own living patterns, and how they can be quantified. He'll also comment on AI and service platforms (like Nest) which contain lessons for all IoT products. Steven Goodwin Minerva Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:45 00:25 AW1.125 mirai_iot Mirai and Computer Vision Security and function of connected webcams Internet of Things devroom In this demonstrative session we learn the ropes of IoT nodes with computer vision. We develop a web camera application, consider security, and store or forward data for image processing. Combining a number of components to make a full IoT system solves end to end use cases like secure image processing via webcams. With the limited processing power and storage of embedded systems, we learn to move data across networks, routing via gateways, and messaging to cloud applications that provide back end processing. To this end, we'll put a number of pieces of hardware in operation and take a cookie cutter approach to conclude with a system consisting of: <ul> <li>webcams</li> <li>image sensor hosts</li> <li>IoT gateways</li> <li>cloud servers</li> <li>imaging SDKs</li> </ul> Key learnings include: <ul> <li>Understanding of IoT optics</li> <li>How to connect to AWS IoT via MQTT</li> <li>Collecting video to process with OpenCV</li> <li>Leveraging AWS Rekognition and deep learning</li> </ul> Hardware will be demonstrated in this typically hands on (but adapted to room conditions) session. Novice users are welcome, and we will cut and paste source code with step by step instruction maintaining a level of learning and fun. Michael Schloh von Bennewitz Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:25 00:25 AW1.125 iot_botnet The IoT botnet wars, Linux devices, and the absence of basic security hardening Internet of Things devroom This talk will cover the ongoing battle being waged is leveraging insecure Linux-based Internet of Things (IoT) devices. BrickerBot is an example of a recent malware strain attacking connected devices and causing them to “brick,” making an electronic device completely useless in a permanent denial-of-service (PDoS) attack. Additionally, the Mirai botnet consisted of connected printers, IP cameras, residential gateways, and baby monitors that flooded DNS servers. Mirai was behind the largest DDoS attack of its kind ever in October 2016, with an estimated throughput of 1.2 terabits per second. It leveraged these enslaved devices to bring down large portions of the internet, including services such as Netflix, GitHub, HBO, Amazon, Reddit, Twitter, and DIRECTV. BrickerBot’s goal appears to counter Mirai’s: Bricking insecure Linux devices so that malware such as Mirai can’t subjugate these devices in another DDoS attack. We will take an in-depth look at the anatomy of the attack. We will then dive into basic some security hardening principles which would have helped protect against many of these attacks. Some of the fundamental security concepts we will cover include: Closing unused open network ports Intrusion detection systems Enforcing password complexity and policies Removing unnecessary services Frequent software updates to fix bugs and patch security vulnerabilities Speaker Bio: Greg Di Stefano works as a Software Developer on the open-source Mender.io project: a embedded Linux OTA updater. He has a keen interest in security, and has given talks previously at Embedded World and Embedded Linux conference. GregDiStefano Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:05 00:25 AW1.125 eclipse_iot_3_stacks A Guided Tour of Eclipse IoT: 3 Software Stacks for IoT Internet of Things devroom Whether you’re looking at the constrained devices that make for the "things" of the IoT, gateways that connect them to the Internet, or backend servers, there’s a lot that one needs to build for creating end-to-end IoT solutions. In this session, we will look at the typical software features that are specific to IoT, and see what’s available in the open source ecosystem (and more specifically Eclipse IoT) to implement them. A live demo of the Eclipse IoT Open Testbed for Asset Tracking will allow the audience to see some of the projects (such as Eclipse Kura, or Eclipse Kapua) in action. Benjamin Cabé Eclipse IoT Website Eclipse IoT Asset Tracking testbed/demo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:45 00:25 AW1.125 tizen_rt Tizen:RT A lightweight RTOS platform for low-end IoT devices Internet of Things devroom Overview of Tizen ecosystem, focus on constrained devices support, how to get started with Tizen:RT plus demo on actual device. The Tizen software platform has been designed to target consumer electronics, since 2013 the OS is powering many products on the market (from smart watches to TVs, cameras or even white goods). Even if this Linux based platform is very flexible, the Linux kernel has minimum size requirements, so Tizen can't be deployed on constrained devices (ubiquitous microcontrollers). To also target low end devices part of Tizen's technology was rebased on NuttX RTOS. Seamless connectivity is still provided by IoTivity, while a new IoT features are becoming available to application developers too, this whole stack is Tizen:RT! This presentation will give an overview of Tizen ecosystem, and explain how to get started with Tizen:RT using QEmu, SDK, finally an IoT scenario will be demonstrated using trusted system on module ARTIK 055s. Reference: https://wiki.tizen.org/Category:RT Philippe Coval HTML5 slides (with demo video) Demo video Wiki Sources Need help? Video recording (mp4) Video recording (WebM/VP9) Track news Submit feedback 14:25 00:25 AW1.125 eclipse_iot FOSS Platform for Cloud Based IoT Solutions Eclipse-IOT FOSS Platform for Cloud IoT Internet of Things devroom The Internet of things (IoT) is expected to connect billions of devices. The demand for an open IoT platform technology is increasing to enable and accelerate the development of cross-domain/cross-vendor use cases and face the accompanying challenges like connectivity with a wide range of heterogeneous protocols and large scale messaging. Eclipse IoT on top of today's cloud technology like Kubernetes is a promising software stack for this goal. However, it will only be successful if it is widely adopted. This talk describes the status quo and gives an outlook for future development. It is expected that in the next years billions of devices will be connected to the internet of things (IoT). Many of them will interact with cloud-based solutions to provide additional services on the devices or in the web. To bring IoT to the next level technologies for supporting cross-domain/cross-vendor solutions are needed. There is already a lot FOSS available to provide a technological base for building IoT solutions (e.g. Kubernetes). However, on top of it, software is needed for the connectivity challenges, support of domain-specific protocols, large scale messaging and device management and integration with existing infrastructure. Eclipse IoT aims to address these needs and provide an FOSS IoT framework that makes IoT development fast and simple. In the last year Eclipse IoT has made a lot of progress and the underlying environment in cloud technology has seen a lot of changes. In addition, upcoming challenges like automated driving and connected vehicles have resulted in new projects for better support for the automotive domain. This talk gives you an overview of major Eclipse IoT projects and illustrates its capabilities with a short demo. Steffen Evers Eclipse IoT Working Group Eclipse Kuksa Eclipse OpenADx Cloud Native Computing Foundation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:05 00:25 AW1.125 iot_js IoT.js - A JavaScript platform for the Internet of Things Internet of Things devroom IoT.js - A JavaScript platform for the Internet of Things IoT.js is a javascript platform that aims to provide inter-operable services for IoT world. Powered by JerryScript, an ultra-lightweight modular JavaScript engine, the platform is designed to bring the success of Node.js to constrained IoT devices. To address interoperability, IoT.js has provided a Node.js friendly architecture and comes with a subset of Node.js APIs. Since Samsung OSG first presented IoT.js in FOSDEM in 2016, the platform has been through a rapid growth in last couple of years. With a lot active high-quality contributions from the IoT.js and JerryScript open source community, IoT.js has released version 1.0 in July 2017 which presented a rich set of features, hardware and tool supports for developers. In this talk, we are looking at recent developments in IoT.js and share our vision for future plans. The talk is supported by a demo of iot.js running on constrained device seamlessly connects to node.js for third party cloud access. Ziran Sun Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:45 00:25 AW1.125 dark_side_iot CANCELLED The dark side of Internet of things Privacy and security concerns related to IoT Internet of Things devroom With the advent of the Internet of things, monitoring and controlling everything such as coffee maker, lights, TV, Fridge,etc. over the internet has become a child's play. But are we really making our lives simpler or diving ourselves in a vast ocean which is getting deeper and deeper? In today's world where the security of our data of a major concern, the number of websites are always tracking what we search for, what we watch, our location and now when things are limited to only data, adding another dimension i.e. physical entities is really a big question. From this talk audience will take away an understanding of the privacy concerns related to IoT, and how they may be putting their personal information at risk by connecting my physical entities to the internet. Is it really safe to connect things to the internet? Talk Structure: <pre><code>General Discussion on What Is IoT and its future The pros and cons of connecting things to the internet How exploiters can breach the security and know our lifestyles With a smart home rigged with cameras, can provide an intruder with victims' various details including lifestyles and visible passwords.That might result in identity theft with all the access codes including the biotech passwords. Would suggest the methods for handling the security threats with channelled password inputs and multi-level user verification implementation. Implementing basic IoT attacks: accessing the devices using physical, remote or local netowork During the session, we would implement some basic IOT attacks (eg. a quadcopter with development board mounted to demonstrate sniffing attacks) Live demo & session on increasing security: Participants will learn how to increase the security and bypass few of these attacks. Taking steps beyond: We would also discuss the mechanism that can be adopted to ensure internet privacy. </code></pre> Dipesh Monga Submit feedback 16:25 00:25 AW1.125 oss7_dash7 OSS-7: an opensource DASH7 stack When active RFID meets IoT and how to use DASH7 to build flexible IoT solutions Internet of Things devroom In this talk we will introduce how the flexibility of the DASH7 Alliance Protocol can be used to solve a lot of IoT use cases. Starting from a simple embedded application which measures sensor values we will demonstrate how the full stack approach of DASH7 enables you to (re-)configure the behavior of the network stack and application, over the air, without touching the application code. Different communication schemes will be discussed together with the trade-offs for aspects like energy consumption and down-link latency. We show how the simple but powerful API (based on file operations) allows to approach a network like a distributed database which you can address based on data queries instead of using node addresses. Finally, we will also discuss the implementation of OSS-7, related tools and the road forward. Glenn Ergeerts project website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:05 AW1.126 geo_intro Intro Geospatial devroom Geospatial devroom Johan Van de Wauw Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:05 00:25 AW1.126 geo_freewat Join the FREEWAT family FREEWAT (FREE and open source software tools for WATer resource management) Geospatial devroom FREEWAT (FREE and open source software tools for WATer resource management) is an HORIZON 2020 project financed by the EU Commission under the call WATER INNOVATION: BOOSTING ITS VALUE FOR EUROPE. FREEWAT's main result is an open source and public domain GIS integrated modelling environment (the FREEWAT platform) for the simulation of water quantity and quality in surface water and groundwater with an integrated water management and planning module. The modelling environment is designed as a composite plugin in QGIS v2.X. It comprises tools for the analysis, interpretation and visualization of hydrogeological and hydrochemical data and quality issues, also focusing on advanced time series analysis. It interfaces models related to the hydrological cycle and water resources management: flow models, transport models, crop growth models, management and optimization models. And it contains tools to perform model calibration, sensitivity analysis and uncertainty quantifications. Finally, the some additional tools are present for general GIS operations to prepare input data, and post-processing functionalities (module OAT – Observation and Analysis Tool). Pieter Jan Haest project website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:30 AW1.126 geo_bicycle Bicycle-sharing stations: profiling and availability prediction Geospatial devroom This presentation will show an exploratory data analysis about bicycle-sharing stations in two French cities (Lyon and Bordeaux). Keywords: Data Science, Prediction, Machine Learning, Python, Open Data, GIS Thanks to Open Data portals, bicycle-sharing availability data are freely accessible. The main issue linked to these data is to predict bicycle availability for each sharing station. The talk will follow a classic data workflow: <ul> <li>get and format the data</li> <li>explore and visualize</li> <li>process and predict</li> </ul> After a short introduction to Luigi, a data pipeline Python library, the second part will show how to cluster sharing stations starting from their hourly availability profile. The clustering effort will be done with KMeans, one of the most popular unsupervised Machine Learning models. Then, some features engineering methods will be carried out in order to prepare the data for availability prediction. As a consequence a short-term (/e.g./ one hour) bicycle availability prediction will be proposed. A word will be said about the set of Python libraries used in this project: luigi, pandas, seaborn, scikit-learn, folium or xgboost. Raphaël Delhome Oslandia blog article about a bike sharing stations clustering Related Open Source project Oslandia blog article about shared-bike availability prediction Open bike data Rest API Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:30 AW1.126 geo_blink Pronto Raster: A C++ library for Map Algebra Geospatial devroom The Pronto Raster library is a C++ library for Map Algebra operations. Map Algebra is a long established conceptual framework for geographical data analysis. It is a versatile and highly generic framework, classifying local, focal, and zonal operations. However existing libraries and tools that implement Map Algebra operations are not as generic and instead of a limited set of specific functions. The Pronto Raster library aims to overcome this and provides an efficient computational framework that allows efficient implementation of local, focal and zonal operations using user-specified functions. The library uses GDAL to access and write raster data. A central concept of the library is the Raster, which is essentially a Range that iterates over the cells in a raster of values. The core focal and zonal operations produce Expression Templates that model the Raster concept. Therefore the outcome of zonal or focal operations on one or more Rasters is another Raster that does not hold data itself but refers to the data in the input rasters and combines the data lazily once the outcome Raster is iterated over. It thus becomes possible to combine and nest operations on rasters without creating temporary files. An additional benefit is that it is trivial to apply functions to only compute a subsection of the output Raster, which in turn makes the library very amenable to future parallelization. Alex Hagen-Zanker project website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 AW1.126 geo_gdal GDAL Tips and Tricks GDAL installation, Python usage, and Cloud GeoTIFFs Geospatial devroom I've learned a lot about using GDAL over the years at Planet, from how to manage the installation to using it in Python and ending up with some modern use-case with Cloud-optimized GeoTIFFs Jeremy Mayeres Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 AW1.126 geo_grass GRASS GIS in the sky GRASS GIS as high-performance remote sensing toolbox Geospatial devroom <a href="http://grass.osgeo.org">GRASS GIS</a> has contained remote sensing tools for decades, catering to the needs of users since the first generations of Landsat satellites. In this talk we will present the current efforts of integrating modern data sources and modern approaches into GRASS GIS. Tools exist for pre-processing recent very high resolution images, object-based image analysis (OBIA), Lidar data handling, etc. At the same time, efforts have gone into ensuring the scalability of tools for huge data sets. The presentation will provide a short brief on the general state of GRASS GIS development, go on to an overview of the remote sensing tools available, to end with a use case on how to use GRASS GIS for time series processing in a high performance cluster/grid computing environment. <a href="http://grass.osgeo.org">GRASS GIS</a> has been existing for over 30 years by now and provides a very large and diverse set of state-of-the-art tools for the analysis of spatial data. Less known by many, remote sensing tools have been part of it almost from the beginning. GRASS GIS provides a <a href="https://grass.osgeo.org/grass72/manuals/imageryintro.html">series of imagery analysis tools</a> for pre-processing (radiometric correction, cloud detection, pansharpening, etc), creating derived indices (vegetation indices, texture analysis, principal components, fourier transform, etc), classifying (management of training zones, different classifiers, validation tools), and producing other derived products such as evapotranspiration and energy balance models. Next to these tools for satellite images, other tools exist for the handling of aerial photography for <a href="https://grasswiki.osgeo.org/wiki/Orthorectification_digital_camera">creation of orthophotos</a>, and for the import and analysis of <a href="https://grasswiki.osgeo.org/wiki/LIDAR">Lidar data</a>. In addition to these tools, efforts have gone into integrating current state-of-the-art methods such as object-based image analysis and machine learning. A <a href="http://www.mdpi.com/2072-4292/9/4/358/htm">complete toolchain</a> exists to segment images using different algorithms, to create superpixels, to collect statistics characterizing the resulting objects, and to apply machine learning algorithms for classification. New modules also include unsupervised segmentation parameter optimization and active learning. Options for pixel-based classification have also been enlarged to a host of machine learning algorithms. A specific aspect of treating the rapidly increasing amounts of satellite data is the scalability of tools. GRASS GIS has a long tradition of computational efficiency and work is continuously ongoing to increase both computational speed and the handling of huge datasets. Most relevant tools provide the choice to treat data either completely in memory, if enough RAM is available, or with a disk-based tiling scheme that allows treating data much larger than available memory resources would otherwise allow. Through its modular structure, GRASS GIS also allows to easily parallelize certain operations, thus opening the door to the use of cluster/grid computing environments. The presentation will provide a brief, general introduction to the state of GRASS GIS development, focusing on the recent release of version 7.4. It will then provide an overview of the different elements in the remote sensing toolbox of GRASS GIS. It will end with an explanation of how these tools can be used in grid/cluster computing environments, demonstrated through an example of processing large time series of satellite data. Markus Neteler Moritz Lennert Markus Metz GRASS GIS homepage Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 AW1.126 geopandas GeoPandas: easy, fast and scalable geospatial analysis in Python Geospatial devroom The goal of GeoPandas is to make working with geospatial vector data in python easier. GeoPandas (https://github.com/geopandas/geopandas) extends the pandas data analysis library to work with geographic objects and spatial operations. Pandas is a package for handling and analysing tabular data, and one of the drivers of the popularity of Python for data science. GeoPandas combines the capabilities of pandas and shapely (python interface to the GEOS librabry), providing geospatial operations in pandas and a high-level interface to multiple geometries to shapely. It combines the power of whole ecosystem of geo tools by building upon the capabilities of many other libraries including fiona (reading/writing data with GDAL), pyproj (projections), rtree (spatial index), ... Further, by working together with Dask, it can also be used to perform geospatial analyses in parallel on multiple cores or distributed across a cluster. GeoPandas enables you to easily do operations in python that would otherwise require a spatial database such as PostGIS. Joris Van den Bossche Slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 AW1.126 geo_biggeo Open source Big Geospatial Data analytics Geospatial devroom Big Spatial Data technology based on geospatial attributes for the Cloud is relatively new to the developer community and organisational ecosystem. To find the latest proven software one has to look across the Atlantic Ocean, where a suite of specialised open spatial solutions is emerging. For us in Europe this creates opportunities to innovate traditional mapping services into higher value added business information provision. Meet the innovative projects from across The Big Pond such as GeoGig (versioning/data history), GeoMesa (database) and GeoWave (distributed storage). Building upon Hadoop, Spark and Cassandra we are able to integrate the latest technology for robust and affordable geospatial solutions, to deploy Big Spatial Data answers to Big Data challenges. Every day sensors, satellites and social media generate quintillions of bytes and a large portion of the data is location aware. The geographical perspective is especially important with Big Data as it allows us to derive new insights and explanations often unrecognized without a spatial eye: to see the unseen. This trend enables our European open communities to go beyond traditional mapping and grow into the realm of IoT, LiDAR, Smart Cities and the Connected Car. However, Big Spatial Data technology based on geospatial attributes for the Cloud is relatively new to the developer community and organisational ecosystem. To find the latest proven software one has to look across the Atlantic Ocean, where a suite of specialised open spatial solutions is emerging. For us in Europe this creates opportunities to innovate traditional mapping services into higher value added business information provision. Meet the innovative projects from across The Big Pond such as GeoGig (versioning/data history), GeoMesa (database) and GeoWave (distributed storage). Building upon Hadoop, Spark and Cassandra we are able to integrate the latest technology for robust and affordable geospatial solutions, to deploy Big Spatial Data answers to Big Data challenges. Use cases involve improving situational understanding, real time monitoring, better decision-making and actionable intelligence. No need for us to re-invent the wheel, when adoption of this cutting edge technology and to build upon it will be key to keep us abreast of European Big Data developments. Marc Vloemans Location Matters Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 AW1.126 geo_mysql Spatial Support in MySQL 8.0 Geospatial devroom MySQL 8.0 is right around the corner, and the most important new spatial feature is support for geography and ellipsoidal coordinate reference systems (CRSs). The final release is not out yet, but there is a release candidate, so we know what to expect. In this talk we'll go on a tour of the spatial support in MySQL with a focus on the new features in 8.0, especially those related to geography and ellipsoidal CRSs. What can MySQL do? Which ellipsoids/CRSs does MySQL support? Can I create my own? Which functions can I use? How does it work? Are there limitations? These questions, and more, will be answered by this talk. Norvald H. Ryeng Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:30 AW1.126 geo_boost Distance computation in Boost.Geometry Geospatial devroom What is the shortest distance between two administrative units in a city? How similar are two hurricane trajectories? In the heart of both questions there is distance computation. In this talk we will discuss distance computation in Boost.Geometry, the library that is currently being used to provide GIS support to MySQL. We study and implement several families of algorithms for distance such as iterative, series approximation, elliptic arc length, flat earth approximation, spherical. We show particular examples using those algorithms to compute distance between points or polygons. Finally we compare them w.r.t. performance and accuracy. Our ultimate goal is a distance function that given a user defined accuracy utilize the most efficient algorithm. We sum up by briefing next steps of development in Boost.Geometry and ideas for GSoC'18. Vissarion Fysikopoulos Boost Geometry Documentation Boost Geometry Code Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:30 AW1.126 geo_rock Building Rock Climbing Maps with OpenStreetMap Geospatial devroom Traditionally natural rock climbing walls and routes have been developed on a volunteer-basis and openly shared among the climbing community. However, Open-license data set for climbing routes in electronic format is not widely available. OpenBeta Initiative project is building an open source app to make it easier for rock climbers to contribute climbing routes and GPS-coordinates to OpenStreetMap. Traditionally natural rock climbing walls and routes have been developed on a volunteer-basis and openly shared among the climbing community. However, Open-license data set for climbing routes in electronic format is not widely available. OpenBeta Initiative project is building an app to make it easier for rock climbers to contribute climbing routes and GPS-coordinates to OpenStreetMap. In this lightning talk I will discuss how OpenBeta app uses various open source GIS frameworks and ways to overcome integration challenges with OpenStreetMap. Project website: https://openbeta.io Viet Nguyen OpenBeta Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:30 AW1.126 geo_osm_from_scratch Building OSM based web app from scratch How to find the way through the open source jungle Geospatial devroom There are a lot of tools to build a web app from scratch - as a novice you have to find your way through alle these tools and pick the right ones. If you are an OpenStreetMap enthusiast and want to create a simple web mapping application based on OSM data you have the choice among a huge amount of software and tools. If you are, in addition, a hobby developer with a low budget but without a strong background regarding IDEs, toolsets, provider services, databases and so on, you will be lost in the jungle… I will describe you how I found the way through this jungle as a novice and how I built my web app finde.cash! (www.findatm.cash) from scratch. I will cover the following topics: <ul> <li>Programming language (JavaScript, TypeScript, PHP)</li> <li>IDE (Eclipse, Aptana, WebStorm)</li> <li>WebServer (Local vs remote, MacOS/Windows/Linux)</li> <li>Mapping library (OpenLayers, Leaflet)</li> <li>Responsive Web Design (ZURB Foundation, Bootstrap, other)</li> <li>OSM data retrieval (PostGIS DB, OSM API 0.6, Overpass API)</li> <li>Additional functionality (Geolocation, Point in Polygon, Distance)</li> <li>Routing (MapBox, OSRM, route360.net)</li> <li>Own SVG Icons (GIMP, InkScape, Illustrator)</li> <li>Version Control/Publishing (Git, GitHub)</li> </ul> OpenStreetMap is a database storing a huge amount of map relevant data and there should be a lot more small web applications using this data for useful maps! Finding the right tool chain is crucial to get it up and running. Nils Vierus WebApp to find next ATM (www.findatm.cash) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 AW1.126 geo_cityzen Privacy aware city navigation with CityZen app The free open source app that let's you explore your city and contribute to OSM Geospatial devroom Presenting the reasons of the initiation of the CityZen project and the vision for the near future featuring blockchain principles. Navigating our cities using free software community based mobile apps in 'private mode' might sound like an easy task in 2017, but with a little research you will be quickly disappointed. There are related platforms out there, but some of them are lacking good User Experience, others are not community lead or are getting away from the free software freedoms due to their partnerships with companies that do not respect our privacy online. These are only some of the reasons the CityZen app was born in Tirana, as an OSM based Android app that helps us navigate our cities without tracking our location and activities. At the same time the app offers easy mobile optimized OpenStreetMap editing for easy contributions on the go. CityZen aims to be empowered by the community in terms of development and promotion and as a digital wallet for cryptocurrency used to make payments for goods and services from POIs easily through the app. Soon CityZen will apply blockchain as a decentralized process for the management of the cryptocoin based revenue that will be gathered through the app making it one of the few platforms out there used to help you find physical POIs and buy goods without giving away your real identity. Redon Skikuli Github repo Twitter profile Official website Localisation platform. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:30 AW1.126 geo_subway Every subway network in the world Geospatial devroom The first subway station was mapped in OpenStreetMap eleven years ago. Since then, people have been adding station and routes in each of 170 cities with subway or light rail systems. But only a few months ago the mapped routes were first used for routing. Unsurprisingly, the quality of data was bad. In this talk Ilya will explain the subway mapping principles, show common errors, talk about the community's reaction to tidying up metro systems, and present the tool to extract metro routes from OSM into easy-to-use data structures, which is used for the MAPS.ME application. Ilya Zverev GitHub repository for the tool Subway validation results Help making Public Transport in OSM better! Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:30 AW1.126 geo_mapnik Rendering map data with Mapnik and Python Geospatial devroom Mapnik is an open source toolkit for rendering maps, probably best known for producing the map tiles for openstreetmap.org. It provides a stylesheet language, input handlers for different GIS data formats, and C++ and Python API bindings. Mapnik is an open source toolkit for rendering maps, probably best known for producing the map tiles for openstreetmap.org. It provides a stylesheet language, input handlers for different GIS data formats, and C++ and Python API bindings. I'll take a quick tour of the different aspects of Mapnik, using the Python API bindings: <ul> <li>input data formats</li> <li>style sheets</li> <li>output graphics formats</li> </ul> As an application I'll show step by step how to combine OSM and GPX data into a printable PDF map. Hartmut Holzgraefe Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 AW1.126 geo_pointcloud Efficient and interactive 3D point cloud processing Combining the strengths of pdal, ipyvolume and jupyter Geospatial devroom I will demonstrate the tools we use to process large scale point cloud datasets, and our interactive workflow which enables us to quickly fine-tune custom 3D modelling algorithms. With the advent of many extensive openly acessible point cloud datasets (like Flanders' region-wide lidar dataset), processing those point clouds becomes increasingly challenging, requiering efficient, robust algorithms. While off-the-shelf algorithm exist for common tasks like ground/non-ground segmentation, advanced 3D modelling still remains mostly in the realm of tailor-made algorithms. Starting from established processing tools like pdal, I'll show an interactive workflow to iteratively explore and develop custom 3D modelling algorithms, through the web-based jupyter interface and in particular the ipyvolume library. Time allowing, I will discuss some work in progress for pdal, as well as upcoming tools in the jupyter ecosystem. Mathieu Carette Static html presentation Blog post Code / dynamic presentation Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:30 AW1.126 geo_fosdem AMENDMENT Mapping FOSDEM for accessibility Geospatial devroom Since last edition of FOSDEM, different volunteers have been working to create an indoor map of FOSDEM, complete with routing for wheelchairs/accessibility/... This map is available at https://nav.fosdem.org/ . It is created using C3NAV, an application built for the Chaos Communication Congress. In this application I want to focus on the application, how the map was built, why plain Openstreetmap was not sufficient, but especially I hope to get some feedback: where could we improve, how can we improve integration with OSM/other applications/... Please not that this talks replaces the talk "3D OSM Plugin API for ESA-NASA Web WorldWind" because unfortunately the presenter could not get a travel permit. Johan Van de Wauw https://github.com/c3nav https://nav.fosdem.org Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:25 K.3.201 managing_build_infrastructure_of_debian_derivative Managing build infrastructure of a Debian derivative Distributions devroom Apertis is a Debian-derived platform for infotainment in automotive vehicles. Being a Debian derivative, Apertis doesn’t use typical Debian infrastructure software, so a infrastructure to build it had to be created using Jenkins, Open Build Service and other tools to provide continuous integration and package and image builds. Having managed the build infrastructure of Apertis for some time, I’m going to share my experience about the challenges of working on it, and how we solve issues we are confronted with. Andrew Shadura This talk at DebConf17 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:25 K.3.201 grub_upstream_and_distros_cooperation GRUB upstream and distros cooperation Distributions devroom The presentation will discuss current state of GRUB upstream development and cooperation with distributions. Some time ago the GRUB maintainership has changed to streamline project maintenance. Right now maintainers try to improve various developments aspects including patch review process and cooperation with distros. So, they would like to highlight current challenges and know better what are the current distro requirements in regards to GRUB. The presentation will show GRUB maintainers point of view in regards to cooperation. It will also discuss the issues related to the patches in distros which have never been usptreamd. The GRUB maintainers have some solution proposals for the problem which will be presented too. However, they also expect that distro maintainers will express their opinions during Q&A session. Daniel Kiper GRUB website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:55 K.3.201 distributions_are_not_democracies Distributions are not democracies and that's okay Distributions devroom This session will explore many different governance and decision making models in the Distribution world. Few projects aspire to operate under wholly democratic principles. This talk will explore some of the many flaws and problems with this approach, and how projects often struggle to operate democratically and at scale. Alternatively the session will also discuss the benefits, and weaknesses of less democratic governance models, such as Technical Committees, Governing Boards, and Benevolent Dictators for Life. Finally the talk will explore a simple, but scalable model of Distribution governance, empowering, enabling, and supporting the contributors in your project to create an environment where "Those that do, decide". This talk will go into some detail about the various different governance and decision making processes of various Distribution projects. This will include both technical and organisational decision making within those projects. Examples will include the very democratic processes within the Debian Project, the more dictatorial processes within the Linux Kernel and Ubuntu, and hybrid models like seen in the Fedora Project. Care will be made to not be too judgemental or divisive, but the session will make factual observations about the strengths and weaknesses about each example. Those strengths and weaknesses will focus on both the benefits and problems technically to the project (ie. how well it helps projects put together good code), and socially (ie. how well it helps projects be sustainable communities of hopefully happy people). It will be the speakers conclusion that both democratic and dictatorial models are ultimately flawed and neither scale well, nor actually provide an engaging environment for new contributors to join a long established project. The session will then present a model that focuses on the empowerment of contributors, "those that do, decide", explaining how such a model has long, ancient roots in the origins of many open source projects. The talk will briefly hypothesise why the model is rarely found in distribution projects today, but present in some detail the core principles which Open Source projects should embrace from this philosophy, and (using openSUSE as an example), explain how to establish a healthy series of checks and balances to ensure a community following this model is both self sustainable, and relatively insulated to the problems with more democratic or dictatorial governance models often cause over time. Richard Brown Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:55 K.3.201 developing_enterprise_and_community_distros Developing Enterprise and Community distributions at the same time, impossible ? openSUSE / SUSE example: Tumbleweed / Leap and SLE Distributions devroom Starting with openSUSE Leap 42.2, a lot of cooperation has been done to bridge gaps between openSUSE and SUSE Linux Enterprise distributions. Things have been improving nicely with openSUSE Leap 42.3. We'll go into details on what this cooperation means for both openSUSE contributors and for SUSE and how we ensure it takes place. We'll share a few statictics, discuss on the new SLE15 development and how is done in harmony with openSUSE Tumbleweed (rolling release). This talk is to share with other distributions on our best practises, learned over time, and how we enforce them. We also want to share how beneficial this work is, for all parties. We are also eager to learn from other distributions on how they work in similar environements and if we can learn from them. Frederic Crozat Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:50 K.3.201 introducing_buildstream Introducing BuildStream A distribution agnostic build tool Distributions devroom In this talk, I will be introducing our new distribution agnostic build tool which we presently use in GNOME for the purpose of unifying our software build story, allowing us to achive multiple goals using the same flexible build metadata. I will talk about the motivations behind creating BuildStream, how it has been helping us so far, and how the rich feature set we've created can help software developers and integrators. The target audience for this talk includes software developers who have the need or experience of creating packages and bundles for various downstreams as well as software integrators and distributors in general. Many build systems available today are tightly coupled with a given distribution mechanism, be it packaging technology for specific distributions, or bundling technology for specific platforms. As a result, the build metadata created for building for one platform cannot normally be reused for another target, and upstream maintainers typically need to maintain various sets of build metadata to get their software out to users on different platforms. One of our goals in BuildStream is to reduce the redundancy of build metadata overall, by providing a declarative format and build system which allows one to model build pipelines flexibly, allowing the same build metadata to be leveraged to perform different tasks. Another goal for us is to bring the software developer and the integrator closer together. By providing a workflow where the developer of a single module is easily capable of testing their changes against an integrated system, or an integrator can easily change a line of code at any level of the stack and quickly test the integrated result, we hope to bridge the gap between development and integration. Tristan Van Berkom BuildStream project wiki page Introducing BuildStream blog post Bootable disk images blog post GNOME continuous conversion migration process blog post Presentation at GUADEC 2017 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 K.3.201 flatpak_and_your_distribution Flatpak and your distribution Distributions devroom Flatpak uses unprivileged Linux containers to install and sandbox desktop apps. Some Linux distributions are getting excited about Flatpak, while others are not so sure yet. This talk aims to describe what Flatpak is good for, how it can help your distribution, and how your distribution can help Flatpak. This talk is intended for an audience of distribution developers who are aware of the general purpose and structure of Flatpak, but perhaps not the finer details. The same speaker will be giving an introduction to Flatpak in the Packaging devroom on Saturday. Topics I plan to cover are: <ul> <li>Flatpak for backports within a distro</li> <li>Flatpak for upstream apps, especially the ones this distro doesn't have</li> <li>Non-use-cases: things the distro can do better another way</li> <li>Building better Flatpak runtimes from distro packages</li> <li>License compliance</li> </ul> Simon McVittie Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:55 K.3.201 unix_windows_gentoo Unix? Windows? Gentoo! POSIX? Win32? Native Portability to the max! Distributions devroom In need to support Unix, Linux and Windows? Within one application ecosystem? Having a C/C++ application to natively support both Unix/Linux and Windows operating systems is known to be a mess for both the application's Source Code and Build System. Nevertheless, developers still are expected to provide exactly that - depending on the nature and lifetime of an application. This talk is about how SSI Schäfer IT Solutions is achieving the goal of concurrently providing support for both operating system worlds within one single C/C++ application ecosystem, which was originally targetting the Unix world only. While the compilers (talking about GNU gcc and Microsoft cl.exe here) usually do have little difference in supporting various C/C++ standards, there's major difference between their commandline interface, as well as various kernel features provided by Unix/Linux and Windows operating systems. To minimize the impact on both the application's Source Code and Build System, various helper libraries and applications have evolved over time. This talk is about how Cygwin is able to run Gentoo Prefix these days - which itself does run on multiple Unix/Linux operating systems on one hand, and some wrapper around the Microsoft Visual Studio toolchain - called Parity, providing a commandline interface similar to the (more popular) MinGW toolchain on the other hand. Michael Haubenwallner Gentoo Prefix Homepage Unix? Windows? Gentoo! (slides) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:55 K.3.201 distributing_os_images_with_casync Distributing OS Images with casync Distributions devroom casync is a project that combines the idea of the rsync algorithm with git's idea of a content-addressable file systems into one tool for efficient delivery of OS images over the Internet. It has a focus on simplicity, accuracy and security. casync is a new tool for delivering OS images over the Internet. It takes inspiration from the well-known tools rsync and git, and combines them in a new tool for efficient, high-frequency delivery of OS images over the Internet. It is suitable of delivering VM, container, IoT, OS images. In this talk I'd like to explain both the usecase and the technical background of the tool. Lennart Poettering casync Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:15 K.3.201 half_rolling_repository_model The half rolling repository model The golden intersection for desktop users? Distributions devroom Since shortly after its inception over 10 years ago, Chakra has been shipping based on a unique half-rolling repository model. We call it half-rolling, because even though we provide frequent updates to all the applications and the desktop environment we ship, we are more conservative in updating the packages at the core of the system. This model aims at providing a stable system to users while at the same time enabling them to enjoy the latest versions of their favorite applications and games. In this talk I will explain the details behind the half-rolling release model, the advantages and disadvantages it has for users and the challenges we face in Chakra's implementation. In Chakra's half-rolling release model, packages like the linux kernel, xorg server, graphics drivers, systemd and other important system libraries upon which these packages might depend upon are updated periodically, usually a couple of times per year. All the applications and the libraries they require, together with Plasma, KDE's desktop environment that is the default and only option for Chakra, are updated continuously. Our experience so far has shown that the half-rolling release model can fit into a variety of user profiles. Chakra's user base includes casual users, enthusiasts, developers, gamers, small businesses, and school labs. We believe other distributions could benefit from similar implementations. Whether you are a user or a developer, your distribution's choice of release model can affect your options, workflow and system's status. This talk is intended to inform those looking for alternatives to the traditional fully rolling or standard release models that the majority of distributions adopt and learn more on the possibilities provided by the half-rolling release model. Neofytos Kolokotronis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:50 00:10 K.3.201 spawny_a_different_approach Spawny A different approach on logging in Distributions devroom Legacy displaymanagers are heavily relying on the design of the xserver, such as detecting if a window manager grabs the root window. Since wayland is getting more and more attention on modern distributions, its time for something which is, platform independent, toolkit independent and lightweight. Legacy displaymanagers are heavily relying on the design of the xserver, such as detecting if a window manager grabs the root window. Since wayland is getting more and more attention on modern distributions, its time for something which is, platform independent, toolkit independent and lightweight. Spawny is a software that aims for this. It has a minimal API for a reliable way of logging a user into a system. Core design decisions are: - Always giving a user the possibility to login, even after sessions are crashing - Support every single application that can be started from a tty, as a session in a greeter UI The presentation will give a overview of a few design decisions, core features, how it works, and how to work with it. Marcel Hollerbach The github repository Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 01:30 K.3.401 introduction Introduction to LLVM Building simple program analysis tools and instrumentation LLVM Toolchain devroom The goal of this talk is to introduce programmers with C++ experience to tool building with LLVM. My expectation is people know C++, have heard of, but not used LLVM. Examples provided on the slides will be small but useful snippets, and it is the expectation you will be able to build the examples provided within a few hours. Mike Shah Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:35 00:30 K.3.401 wcet Connecting LLVM with a WCET tool LLVM Toolchain devroom During my master project i worked on combining LLVM with a WCET tool. Worst-Case-Execution-Time (WCET) is the longest time a program can execute, typically measured in cycles. This information is typically of interest for code that has timing requirements such embedded systems in cars. The project involved combining an open-source tool called SWEET with LLVM. This involves using datastructures in LLVM to output the interface-language to the tool SWEET. As a proof-of-concept, the ARM Cortex-m0 has been chosen and an attempt has been made to automatically generate a WCET analysis during compilation. This talk will explain my findings in the project and explain the concept of WCET in general. The SWEET tool is an open-source tool that allows the computation of the Worst-Case-Execution-Time of software (WCET). WCET is important for software that has hard real-time requirements. (example: interrupt routine that needs to finish within a pre-determined set of cycles). SWEET interprets its own language and does not work on a processors instruction set architecture (ISA) or high-level languages like C or C++. The language SWEET uses is called ALF (artist2 flow language). This ALF language is what makes SWEET so special, it is possible to transform an ISA to ALF. The binary does not have to be de-compiled, ALF can be generated from the compiler. For example: an add instruction like add r0, r1, r2. { store { addr 32 { fref 32 r } { decunsigned 32 0 }} { add 32 { load 32 { addr 32 { fref 32 r } { decunsigned 32 1 }}} { load 32 { addr 32 { fref 32 r } { decunsigned 32 2 }}} { decunsigned 1 0 } } } The goal of this project is to generate ALF code using semantic information available in LLVM (information about what the instructions is doing like the computation). For this purpose things like the dag-pattern and register classes are used. During the project the arm thumb architecture was chosen to generate ALF for as an example. It is expected that this could be used for other architectures as well. Rick Veens Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:20 00:40 K.3.401 security Compiler-assisted Security Enhancement LLVM Toolchain devroom This talk will be about adding features to LLVM that improve the security of the code.T We will briefly talk about side channel attacks by focusing on information leakage due to timing behaviour and introduce the concept of 'bit-slicing' as a possible countermeasure against such kind of leakage. We'll then talk about the LADA and the SECURE projects and about my contribution: the addition to LLVM of several tools that can automatically transform sensible regions of the code into 'bit-sliced' format. We will discuss then the benefits and the limits of such transformations. Information leakage via side channels is a widely recognized threat to cyber security. In particular small devices are known to leak information through physical channels, i.e. power consumption, electromagnetic radiation, and timing behaviour. Several implementation techniques and countermeasures are arising nowadays against this kind of threats, but still only fully equipped testing labs with skilled people can afford to test new implementations against leakage attacks. The LADA project (University of Bristol, Cryptography Research Group) aims at bringing the skill of a testing lab to the desk of a developer of standard consumer devices, without the need for domain specific knowledge. In such context I focused on the information leakages that are due to the execution time and investigated 'bit-slicing' as a possible countermeasure. I then started the design of a tool for LLVM (an LLVM pass) that works on the intermediate representation and that can transform the selected parts of the code into an equivalent 'bit-sliced' version. Bit-slicing is just one of many features that can be added to LLVM in order to improve the security of the code. Since my work is still in progress, the aim of my talk is to discuss the design of my tool, explain its limits and how it should be used, but also to collect any ideas about other security features that may be added to LLVM. Paolo Savini Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:05 00:40 K.3.401 ctuanalysis CANCELLED Efficient use of memory by reducing size of AST dumps in cross file analysis by clang static analyzer Memory reduction in CTU analysis LLVM Toolchain devroom CANCELLED The remote presentation didn't happen. Clang SA works well with function call within a translation unit. When execution reaches a function implemented in another TU, analyzer skips analysis of called function definition. For handling cross file bugs, the CTU analysis feature was developed (Mostly by Ericsson people)[2]. The CTU model consists of two passes. The first pass dumps AST for all translation unit, creates a function map to corresponding AST. In the second pass when TU external function is reached during the analysis, the location of the definition of that function is looked up in the function definition index and the definition is imported from the containing AST binary into the caller's context using the ASTImporter class. During the analysis, we need to store the dumped ASTs temporarily. For a large code base this can be a problem and we have seen it practically where the code analysis stops due to memory shortage. Not only in CTU analysis but also in general case clang SA analysis reducing size of ASTs can also lead to scaling of clang SA to larger code bases. We are basically using two methods:- 1) Using Outlining method[3] on the source code to find out AST that share common factors or sub trees. We throw away those ASTs that won't match any other AST, thereby reducing number of ASTs dumped in memory. 2) Tree prunning technique to keep only those parts of tree necessary for cross translation unit analysis and eliminating the rest to decrease the size of tree. Finding necessary part of tree can be done by finding the dependency path from the exploded graph where instructions dependent on the function call/execution will be present. A thing to note here is that prunning of only those branches whose no child is a function call should be done. Clang SA works well with function call within a translation unit. When execution reaches a function implemented in another TU, analyzer skips analysis of called function definition. For handling cross file bugs, the CTU analysis feature was developed (Mostly by Ericsson people)[2]. The CTU model consists of two passes. The first pass dumps AST for all translation unit, creates a function map to corresponding AST. In the second pass when TU external function is reached during the analysis, the location of the definition of that function is looked up in the function definition index and the definition is imported from the containing AST binary into the caller's context using the ASTImporter class. During the analysis, we need to store the dumped ASTs temporarily. For a large code base this can be a problem and we have seen it practically where the code analysis stops due to memory shortage. Not only in CTU analysis but also in general case clang SA analysis reducing size of ASTs can also lead to scaling of clang SA to larger code bases. We are basically using two methods:- 1) Using Outlining method[3] on the source code to find out AST that share common factors or sub trees. We throw away those ASTs that won't match any other AST, thereby reducing number of ASTs dumped in memory. 2) Tree prunning technique to keep only those parts of tree necessary for cross translation unit analysis and eliminating the rest to decrease the size of tree. Finding necessary part of tree can be done by finding the dependency path from the exploded graph where instructions dependent on the function call/execution will be present. A thing to note here is that prunning of only those branches whose no child is a function call should be done. In CTU model in the first pass while dumping AST in memory the outlining algorithm can be applied to reduce the memory occupied by AST dumps. The outlining algorithm can be summarized by the following steps:- To reduce the size of the tree, we can eliminate ASTs that won’t match anything else in a first pass (that is, if you don’t care about matching sub trees anyway). A hashing scheme that would store pointers to trees. Two trees would be in the same bucket if they could possibly match. They would be in different buckets if they definitely cannot match (like a bloom filter kind of setup). Then we can flatten the trees in each bucket, use the outlining technique there, and then end up with a factorization that way. (1) Construct every AST. (2) Say two ASTs “could be equal” if they are isomorphic to each other. (3) Bucket each ASTs based off the “could be equal” scheme. (4) For each bucket with more than one entry, flatten out the ASTs and run the outlining technique on the trees. At the end of each iteration, throw out the suffix tree built to handle the bucket. Here the main point to note here is that we are eliminating AST which won’t match anything, this reduces a large number of ASTs in memory. We are using a fast subtree isomorphism algorithm for matching ASTs which takes O((k^(1.5)/logk) n ) , where k and n are the numbers of nodes in two ASTs. For Tree pruning we are using the exploded graph concept to find the execution path when an externally defined function is called, focussing only on the variables or instructions which are affected as a result of that function call. We find like these all paths where an external function call is there, we keep these paths/branches in AST and eliminate all other branches of AST thereby reducing size of AST. References [1]http://llvm.org/devmtg/2017-03//assets/slides/crosstranslationunitanalysisinclangstatic_analyzer.pdf [2] https://www.youtube.com/watch?v=7AWgaqvFsgs [3] https://www.youtube.com/watch?v=yorld-WSOeU&t=1060s Siddharth Shankar Swain Submit feedback 12:50 00:40 K.3.401 rustdebug LLVM, Rust, and Debugging LLVM Toolchain devroom Debugger support for Rust is good but not great. This talk will discuss the difficulties specific to Rust, and will outline a plan to modify LLVM, LLDB, and the Rust compiler to improve the Rust debugging story. Rust is a systems programming language that originated at Mozilla. Because Rust's type system differs from that of C++, it presents some debuginfo generation challenges to LLVM. This talk provides a brief introduction to Rust with an emphasis on these differences; outlines the Rust-specific difficulties faced by LLVM and debuggers; and proposes a plan for fixing these problems. The talk is intended to be interactive, in that feedback on the proposed plan is actively encouraged. There will also be some discussion of coordination with the DWARF standard and with gdb. Tom Tromey Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:35 00:40 K.3.401 heterogenousd Heterogeneous Computing with D Using the PTX and SPIR-V targets with a system programming language LLVM Toolchain devroom GPU programming is popular with scientists who need massive parallel computing power. DCompute is an extension of LDC, the LLVM-based D compiler, which uses the PTX and SPIR-V targets of LLVM for a smooth integration in a system programming language. GPU programming is popular with scientists who need massive parallel computing power. However, programming requires learning new programming languages and integrating additional compilers into the build system, making it difficult to use. Since LLVM supports GPU targets, it makes sense to extend an existing compiler. DCompute is an extension of LDC, the LLVM-based D compiler. This allows the user to write OpenCL and CUDA kernels in D. In this talk, I show what steps were necessary to integrate not only the code generation for conventional CPUs but also the code generation for GPUs. I also look at where the use of LLVM could be improved and which challenges still exist in LLVM. Kai Nacke DCompute: GPGPU with Native D for OpenCL and CUDA DCompute: Running D on the GPU Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:20 00:40 K.3.401 raincodelabs LLVM @RaincodeLabs Current and future uses of LLVM in Raincode Labs products LLVM Toolchain devroom Raincode labs is the largest independent compiler company in the world, with a wide scope of products and services and more than 25 years of experience. Some of our products are based on LLVM and in this presentation I will talk about how we are currently using LLVM as well as presenting some plans on how we will use LLVM in the future. This talk is given from the point of view of users of LLVM, aiming to show which parts have been of help to us and where we have found things lacking. It aims to provide relevant information to both developers and users of LLVM. Johan Fabry http://raincodelabs.com Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:05 00:40 K.3.401 crosscompile How to cross-compile with LLVM based tools LLVM Toolchain devroom In theory the LLVM tools support cross-compilation out of the box, with all tools potentially containing support for all targets. In practice getting it to work is more complicated, configuration options have to be given and the missing parts of the toolchain need to be provided. In this presentation we will go through the steps needed to use an X86 linux host to cross-compile an application to run on an AArch64 target, using as many of the LLVM tools as possible. We'll cover: - Getting hold of the LLVM tools and libraries. - Providing the missing bits that LLVM doesn't provide. - The configuration options needed to make it work. - Running the application using an emulator. This talks is primarily aimed at users of LLVM based tools on Linux, with no specific knowledge of LLVM internals required for the majority of the material. The LLVM based tools and libraries we will be using are: - Clang (including the integrated assembler). - LLD. - Compiler-rt. - Libc++, libc++abi and libunwind. Some of these components can be provided pre-built, for others such as the libraries we may need to build them ourselves. The main missing part of the toolchain that we have to provide is the C-library such as libc provided by either a multiarch Linux distribution or a standalone Linaro GCC release. For the primary example we'll build and run a Linux application that can be run on the qemu user mode emulator. Peter Smith Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:50 00:05 K.3.401 easyjit Easy::jit: just-in-time compilation for C++ LLVM Toolchain devroom Finally! The wonders of just-in-time compilation are available in C++: runtime specialization, code derived from data structures, and many more! Easy::jit provides a simple interface over the LLVM's just-in-time compiler. No specific compiler knowledge is required! A single function call serves as the specification for the generated code and entry point for the just-in-time compiler. The user can precisely control when the compilation is launched, do it in a separate thread if desired or cache the generated code, and manage the lifetime of the generated code. int baz(int a, int b) { ... } int foo(int a) { <pre><code>// compile a specialized version of baz auto baz_2 = easy::jit(baz, _1, 2); // mimics std::bind return baz_2(a); // run ! </code></pre> } The call to <code>easy::jit</code> generates a mix of compiler directives and runtime library calls, that are picked up by an especial LLVM pass. This pass embeds metadata and bitcode versions of the C++ code in the resulting binary. A runtime library parses the metadata and bitcode, and generates assembly code based on the runtime library calls in the code. This talk introduces the Easy::jit library, the approach of a compiler-assisted library, its current limitations, and tries to gather feedback from experts and potential users. Juan Manuel Martinez Caamaño Code for the first version of Easy::jit. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:05 K.3.401 literate Literate Programming meets LLVM Passes LLVM Toolchain devroom Where is the documentation of the LLVM Pass InstCombine? Is it accurate? Is there any default example? Is it tested? Compiler guys love generated code. So in our obfuscating compiler, we have a declarative format to specify tons of stuff on our passes: its name, it's application level, its documentation, a sample usage, its options (with default values, help string etc), but also it's priority in the pass pipeline and a few other stuff specific to a code obfuscator. And everything is consistent, from sphinx-generated documentation to inline help and even tests! Let's have a look at this, and maybe influence the way it's done in LLVM. Serge Guelton (serge-sans-paille) Talk at LLVM Dev Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:10 00:05 K.3.401 dragonffi DragonFFI Foreign Function Interface and JIT using Clang/LLVM LLVM Toolchain devroom This talk will present DragonFFI, a Clang/LLVM-based library that allows calling C functions and using C structures from any languages. It will show how Clang and LLVM are used to make this happen, and the pros/cons against similar libraries (like (c)ffi). In 2014, Jordan Rose and John McCall from Apple presented a talk about using Clang to call C functions from foreign languages. They showed issues they had doing it, especially about dealing with various ABI. DragonFFI provides a way to easily call C functions and manipulate C structures from any language. Its purpose is to parse C libraries headers without any modifications and transparently use them in a foreign language, like Python or Ruby. In order to deal with ABI issues previously demonstrated, it uses Clang to generate scalar-only wrappers of C functions. It also uses generated debug metadata to have introspection on structures. Here is an example of the Python API: <pre><code>$ python >>> import pydffi >>> lib = pydffi.FFI() >>> lib.cdef("#include <stdio.h>", ["puts"]) >>> lib.puts("Hello world!") Hello world! >>> lib.compile("int foo(int a) { puts("hi!"); return a+1; }") >>> lib.foo(4) hi! 5 >>> lib.cdef("struct A { int a; short b; }") >>> C = lib.A(a=4,b=5) >>> print(C.a,C.b) 4,5 >>> lib.compile('void dump(struct A* obj) { printf("From C: %d %d\n", obj->a, obj->b"); }') >>> lib.dump(C) From C: 4, 5 </code></pre> A high-level API provides the easy loading of a C library, that uses the previous API under the hood: <pre><code>>>> lib = pydffi.LoadLibrary("/lib/libc.so.6", headers=["stdio.h","stdlib.h"], defines=[], include_paths=[]) >>> lib.puts("Hello FFI!") Hello FFI! </code></pre> This talk will present the tool, how Clang and LLVM are used to provide these functionalities, and the pros and cons against what other similar libraries like (c)ffi [0] [1] are doing. It also aims at gathering feedbacks and user needs that wouldn't be covered. Code is available <a href="https://github.com/aguinet/dragonffi">on github</a>. [0] https://sourceware.org/libffi/ [1] https://cffi.readthedocs.io/en/latest/ Adrien Guinet Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:20 00:40 K.3.401 uniqueprocessor A unique processor architecture meeting LLVM IR and the IoT LLVM Toolchain devroom A typical LLVM backend consists of complex passes lowering LLVM IR into valid and efficient machine code (MC). Complexity of the translation process originates from the inherent gap between LLVM IR and any mainstream instruction set architecture (ISA). Processors and their ISAs have been designed historically to be programmed by human assembly developers. Recent ISAs gained more complex features based on hardware considerations. To date, ISAs are designed with no respect for the IR of compilers. Hence, translation between IR and MC keeps being a complicated task. What about lifting the target machine to meet LLVM Assembly instead of lowering LLVM IR to meet an unrelated ISA? A lifted target machine can simplify backend development. One may wonder, however, what else can be gained from such an endeavor? The answers to these questions might be relevant for those who are interested in hardware architectures and likewise for those working with compiler and application development. This talk reveals how we realize a processor whose ISA is tailor-made to suit LLVM IR; what we expect from a rich ISA matching LLVM Assembly; and how we plan to utilize this technology to implement a multi-purpose architecture for IoT devices. Imsys is a Swedish semiconductor SME with its proprietary processor architecture. Imsys processors provide a flexible, low-cost, and energy-efficient platform thanks to a microprogrammable microarchitecture implemented in the hardware core, which enables dynamic soft-reconfiguration as well. Imsys processor cores are small and energy-efficient by design as the architecture is mostly implemented in dense, low-power, read-only memory rather than in logic circuits. Operations are defined at a relatively high level of abstraction and coded in a way which results in an efficient utilization of the different parts of the core. Hence, silicon area and power consumption are minimized. The basic instruction set architecture (ISA) implemented in microcode is extensible with domain-specific instructions. Microcoded operations for signal processing and cryptographic features are already available for integration as special instructions or autonomous background processes in any ISA. That makes it possible to compile high-level software to an efficiently executed small footprint binary application. A new generation of processors is currently being developed with an ISA designed specifically for LLVM. ISAL, the Imsys ISA for LLVM, provides a set of instructions matching LLVM Assembly. Besides easing the development of a corresponding LLVM backend, the tailor-made rich ISA is expected to (1) provide outstanding code density and (2) propagate software complexity into highly efficient microcode implementation of ISAL instructions. Therefore, the LLVM toolchain can easily turn high-level software into high efficiency binary code with respect to memory footprint, execution time, and energy consumption. That can be done without worrying about target-specific details since the step between LLVM IR and ISAL machine code is minimal. The next generation Imsys processor featuring ISAL and a software ecosystem around it are planned to be released in 2018. The proposed lightning talk provides a brief insight into how it is possible with the help of microcoding to define ISAL so that it meets LLVM IR. Our driving incentives in selecting this way of action are also discussed, especially considering how an ISA designed for LLVM helps exploiting inherent characteristics of our processor technology in order to make the platform appealing in the IoT market. Dávid Juhász Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:20 K.4.201 osd_welcome Welcome & Chatting Open Source Design devroom Please feel free to come earlier, before talks start, to meet us! Victoria Bondarchuk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:20 K.4.201 osd_usability_made_simple CANCELLED Usability made simple Behind every useful software stands a usable software Open Source Design devroom Please note that this talk has been cancelled as Renata is no longer able to attend FOSDEM. Test the usability of any Open Source software in just a few steps with minimal resources, to get useful feedback for designers and usable interfaces for users. We’ll go through the complete process of testing step by step and answering all the how-tos, using examples from the tests conducted for GNOME applications. We’ll discuss about: <ul> <li>Choosing the right way to test</li> <li>Picking the right users to test with</li> <li>Deciding which tools to use</li> <li>Analyzing the results</li> </ul> Most importantly, learn how to effectively share the results and have an impact on the development decision making process. Renata Gegaj Renata's Blog on Usability Testing Jim Hall’s heat map technique to present usability test results GNOME Usability Test Results (Part 1) GNOME Usability Test Results (Part 2) Submit feedback 10:30 00:20 K.4.201 osd_crash_course_on_remote_usability_testing A crash course on remote, moderated usability testing Open Source Design devroom I’m going to show you that you don’t need to be a researcher or have a huge budget to conduct remote, moderated usability testing. In this talk I’ll cover: <ul> <li>The value of remote, moderated usability testing.</li> <li>Sourcing users.</li> <li>Writing a script.</li> <li>Speaking with users.</li> <li>How to share your findings with an open source community.</li> </ul> GitLab is an integrated product that unifies issues, code review, CI and CD into a single user interface. GitLab is a remote-only organization and just like our team, our users are spread across the globe. Conducting remote, moderated usability testing allows us to quickly connect with GitLab users anywhere in the world. Usability testing is a technique used to evaluate a product by testing it with representative users. Moderated usability testing provides us with a lot of in-depth qualitative research about our users’ needs. It can help us to uncover usability problems that we weren’t aware of and to generate solutions to solve these problems. Conducting remote, moderated usability testing needn’t be expensive nor do you have to be a researcher. I’m going to show how you can run your own remote usability studies on your open-source projects with a limited budget. Sarah O'Donnell Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:20 K.4.201 osd_so_we_have_free_web_fonts_now_what So we have free web fonts; now what? Open-source fonts dominate the web, but not print or embedded publishing. Why not? Open Source Design devroom The number of free-software fonts has exploded, thanks to CSS webfont services like Google Fonts and Open Font Library. But open fonts have yet to make gains in document-creation systems beyond web pages: print-on-demand publishing, print-on-demand merchandise, eReaders and EPUB generation, games, and bundled with FOSS applications. This talk will look at the obstacles, bottlenecks, and disconnects behind this situation and explain what needs to happen next in order to move forward. The number of free-software fonts has exploded since 2011, thanks primarily to CSS webfont services like Google Fonts and Open Font Library. But open fonts have yet to make gains in document-creation systems beyond web pages. This is attested to by the lack of open fonts used in other service types and communities of practice, including print-on-demand publishing, print-on-demand merchandise, eReaders and EPUB generation, games, and even in the default fonts bundled into binary packages of free-software applications like LibreOffice. This talk will look at the obstacles, bottlenecks, and disconnects that have prevented open fonts from reaching the hands of users beyond the CSS @font-face directive. These issues include missing or proprietary-format source files, licensing cruft, the user experience of discoverability and installation, build tools for font binaries, and character coverage. We will also discuss solutions, including what distributions and upstream application projects can do to mitigate these issues as well as what the broader free-software community can do to advocate for the usage of free-software fonts in documents and display typography outside of the browser window. Nathan Willis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:20 K.4.201 osd_self_host_your_visual_assets_with_free_software Self-host your visual assets with Free Software Introducing Identihub Open Source Design devroom We are going to introduce Identihub, a self hosted solution for visual asset hosting licensed under the AGPL v3 license and show how to easily make your SVG files convertable for non designers Free Open Source Software often fails to gain wider traction due to focusing on its technical aspects over other aspects. While Documentation, Design and Marketing quickly fall behind. Let's have a look at basic steps we can take as free software maintainers to offer potential contributors access to visual assets the same way we offer them access to our source code. We are going to make the process easy by introducing Identihub, a self hosted solution for visual asset hosting licensed under the AGPL v3 license. We will go through easily making your SVG files convertable for non designers without the need to send files back and forth via email. Elio Qoshi Identihub Landing Page Ura Design Website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:20 K.4.201 osd_our_open_source_design_collective Our Open Source Design collective and group photo Open Source Design devroom For everyone who doesn’t know what exactly we do, this is a short intro to our collective: We work to raise the profile of good design in open source software, and connect developers & designers to make it happen. We run an Open Source Design community forum, organize design tracks at well-known events like FOSDEM (hello ;), FOSSASIA and OpenTechSummit, have a job board to get designers involved, provide open design resources to developers & designers, and more. We will also take our GROUP PHOTO during this session! :) A few of the news from last year include: <ul> <li>Organization of our first Open Source Design Summit in Berlin! https://opencollective.com/opensourcedesign/events/opensourcedesign-summit</li> <li>Another year of organizing the Design/Art/Community track at FOSSASIA: https://2017.fossasia.org/tracks.html#2017-03-19-Design,Art,Community</li> <li>First time organizing an Open Source Design track at OpenTechSummit Berlin-Potsdam: https://2017.opentechsummit.net/programm/tracks.html#2017-05-25-OpenSourceDesign</li> <li>Setting up our community discussion forum: https://discourse.opensourcedesign.net/</li> <li>Kicking off new local meetups: https://discourse.opensourcedesign.net/c/meetups – among them a very active one in NYC!</li> <li>Attending a bunch of events and giving talks related to Open Source Design https://discourse.opensourcedesign.net/c/events</li> <li>Lots more work on the website, like integrating comments into the job board, and adding subsites for resources and projects</li> <li>OpenDesign.io joined forces with us! :) https://twitter.com/OpenDesignIO/status/923990916758691841</li> <li>Becoming an FSFE associated organization: https://fsfe.org/associates/associates.en.html</li> <li>Getting a 1000 $ donation from Discourse https://twitter.com/discourse/status/928591869763883008</li> <li>Getting funding from Wikimedia Germany for our Summit and stickers, posters & cards!</li> <li>Probably lots more we forgot to list! :)</li> </ul> Jan-Christoph Borchardt Open Source Design Open Source Design job board Open Source Design events Our Open Source Design community forum :) Funding at Open Collective Our Github organization Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:20 K.4.201 osd_improving_gitlabs_navigation_and_design_system Improving GitLab's Navigation and Design System How we approached and strengthened our commitment to the revised navigation of GitLab and the GitLab Design System. Open Source Design devroom A brief introduction to what GitLab is and what remote working means. How did we improve and ship our revised navigation, plus how are we creating a consistent design language and system. In the release 9.4 of GitLab we took a big step toward improving our navigation here at GitLab. We conducted several rounds of exploration and research, plus took an initial opt-in approach when we introduced this new feature. In this talk, we'll go in-depth about why this was necessary and how we came to this conclusion. We'll go over what lessons are learned and how we continue to improve. After this, we'll go why it is so important to have a solid design language and system. What is our approach to taking on such a daunting task and how will our future goals benefit from this. All of the topics above are told from the perspective of a fully remote design team working with open source software, including a wide community. Dimitrie Hoekstra Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 13:00 00:20 K.4.201 osd_cultural_interpretations_of_design_and_openness Cultural interpretations of Design and Openness Open Source Design devroom I'm not a designer, but I've lived and worked in 3 different continents with both proprietary and open source software, and find my appreciation and idea of what "good design" is has changed with my experience and exposure. As I moved from software development to community outreach and marketing, I learn more about how design affects every aspect of the product and promotion. To top it off, I've encountered many different understanding of what openness is, especially when related to design. In this presentation I'd like to share some observations and lessons learned, and hope it can help designers, especially open source designers, navigate and negotiate the diversity in cultures and expectations. Carol Chen Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 13:30 00:20 K.4.201 osd_ecosystems_of_professional_libre_graphics_use Ecosystems of Professional Libre Graphics Use Open Source Design devroom Libre Graphics magazine spent five years showing off excellent work done with Free/Libre and Open Source graphics software. We showed off the work of individuals and small studios doing exciting work with F/LOSS tools. While exciting things are happening in the world of F/LOSS design, the perception of F/LOSS graphics tools as somehow less-than or other-than the “industry standard” for graphic designers persists. This presentation looks at problems of F/LOSS adoption, especially for graphic design. It asks the question “What kinds of ecosystems do we need to have to successfully do Libre Graphics (including F/LOSS, Free Cultural licenses, and Open Standards) in professional contexts?” Libre Graphics magazine spent five years showing off excellent work done with Free/Libre and Open Source graphics software. Our aim when we started was to challenge the idea that F/LOSS tools weren’t up to the job of doing professional graphic design work, especially in print. We published eight issues of a beautifully-printed, tactile, keepable paper magazine. We showed off the work of individuals and small studios doing exciting work with F/LOSS tools. In the two years since we stopped making Libre Graphics magazine, a lot of exciting things have happened in the world of F/LOSS design. But one of the problems that keeps hanging on is the perception of F/LOSS graphics tools as somehow something less-than or other-than the “industry standard” set of tools that graphic designers are meant to use. This presentation looks at problems of F/LOSS adoption, especially for graphic design. It asks the question “What kinds of ecosystems do we need to have to successfully do Libre Graphics (including F/LOSS, Free Cultural licenses, and Open Standards) in professional contexts?” ginger coons Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:20 K.4.201 osd_icon_themes Icon Themes Reusable icon variables and mappings for customizable user interfaces Open Source Design devroom Software platforms need to be highly extensible and customizable, since developers need to build on top of them and provide the best experience for users. Some users put more focus on the styling and visual aspect of their customization, others need it to be highly accessible or responsive, while others just like to have diversity in their choices. Being able to provide multiple icon sets inside a platform is still a difficult task because of the variety of ways icons can be provided: as images, as font sets, as SVG, etc. I will present a solution for creating and using icon themes, also mentioning the limitations and the difficulties we had in implementing such a solution on our platform. Several icon libraries will be compared, showcasing the reasons, decisions and the compatibility and mapping issues we faced during the process. Ecaterina Moraru Video recording (mp4) Video recording (WebM/VP9) Talk Slides Submit feedback 14:30 00:20 K.4.201 osd_interface_animation_from_the_future Interface Animation from the Future Open Source Design devroom Animation can make interfaces better because it allows interface changes to explained visually, making them easier to grasp. However, when animating interfaces is important to consider the spatial model that is created by animations. Otherwise, it can lead to contradictions that make an interface more instead of less confusing. This talk introduces semantic animation, a way of designing interfaces that avoids contraditions by thinking about interfaces as a collection of components rather than a series of screens. Animation is the future of interface design. It enables us to make interfaces more understandable by offloading processes from the user’s brain to the screen. However, in many cases animations are simply added as transitions between independently designed screens. This can result in animations contradicting each other spatially. I co-wrote an <a href="https://alistapart.com/article/motion-with-meaning-semantic-animation-in-interface-design">article</a> about why this is a problem, and outlined a solution: Designing semantic components which change over time, and then using these to compose interfaces. The industry seems to largely agree that this is the way forward, but there are very few interfaces implementing these ideas in a holistic way. I believe the main reason for this is that the current generation of toolkits and layout technologies is built for static layouts with strict hierarchies. This makes it prohibitively difficult to build interfaces where components move fluidly between different states. I will talk about some of the challenges designing and implementing semantic animation both in prototypes and real-world applications, and give some general guidance on how you can make your applications more semantic. Tobias Bernard A List Apart Article on Semantic Animation Transitional Interfaces by Pasquale D’Silva Slides Slides (Github repository) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:20 K.4.201 osd_the_case_against_it_just_works_or_how_to_avoid_idiocracy The case against "It just works" or how to avoid #idiocracy Design, education, politics and fake news. Open Source Design devroom Design is more than usability testing and click analytics. Design always carried the dominant ideas of the era and championed them, forming cultures along the way. Today's design is immensely influenced by Steve Jobs and his "Just Works" and "Automagically" mantras. While recognizing the significance of the democratization of technology, it was done in a way that for the first time completely hides the way things work from their users. In fact it goes to great lengths to lock users out of their gadgets. Open source is about, among other things, freedom to study. In this spirit open source design isn't only about the sources of design documents, it's about facilitating the study of the inner workings: Let's create designs that are easy to use yet teach the user how the system we are designing works. Informed users will be able to better understand why a result is not what they expected, will be able to solve more of the possible problems, and the result is being happier both with the system and with themselves. In this presentation, we will study how design was once overtly political, along with a few notable historical design movements, analyze the current state of design, how it came to be and its effects on human intellect, and then propose a new design direction inspired in part by video games where the goal isn't to blindly guide our users to their goal, but teach them how to achieve what they need, using our software as a tool and make feel rewarded with the results of their efforts, and not the results of an "automagical" piece of software. Michael Demetriou The source of the presentation A repo to gather examples of transparent design Deeply Artificial Trees, video used in the presentation 3D House Design in AutoCAD 2018, video used in the presentation The open source design collective Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:20 K.4.201 osd_the_open_decision_framework The Open Decision Framework How to make everybody happy Open Source Design devroom The Open Decision Framework is a process for making transparent and inclusive decisions in organizations that embrace open source principles. It was introduced by Red Hat in 2016 (see link below). I got involved in this project by translating the framework in French and then I started to use it in my own company to resolve complex situations. https://github.com/red-hat-people-team/open-decision-framework An "Open decision" should be transparent, inclusive, and customer-centric. This framework is a process to reach actionable agreements through participatory practices such as : clearly sharing problems, collaborating purposefully with multiple stakeholders to secure diverse opinions, collecting comprehensive feedback, managing relationships and expectations across competing needs and priorities. More generally, open decisions facilitate well-functioning meritocracies. Open source communities are meritocratic to the extent that they pragmatically value concrete contributions over formal titles and encourage ideas from all corners of an organization. The Open Decision Framework is built around four steps : 1- Ideation 2- Planning and research 3- Design, development, and testing 4- Launch The framework itself is an open source project, hosted at github and released under CC BY-SA. You can fork it and adapt it to your own organization. Contributions are welcome ! Damien Clochard Project on Github What is the Open Decision Framework Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:20 K.4.201 osd_teleport_local_filesharing_app Teleport: Local filesharing app Open Source Design devroom Teleport is an app for quickly sending files on the local network. It is designed with user experience in mind and to integrate nicely with GNOME. I'll talk about my journey developing Teleport, my first GTK app, in collaboration with Tobias Bernard. Teleport is an app for quickly sending files on the local network. Sadly, sharing files between two computers in the same room is still an unsolved problem in 2017. Of course there's USB keys, shared network folders, cloud storage services, and messaging apps, but they all have severe drawbacks in terms of speed, privacy, or user experience. The Apple ecosystem has AirDrop to cover this use case, but there is nothing comparable to it on GNU/Linux. That's what Teleport is trying to fix: It offers a dead-simple interface for what should be a dead-simple task: Open the app on both machines, choose a file, the receiver gets a notification, the file is sent. Unlike many FOSS apps, Teleport is design-driven. A designer was involved from the very beginning, and the entire app is built around providing a great end-user experience. Teleport is a fully native GTK+3 app written in C, and integrates seamlessly with the GNOME desktop. Thanks to Flatpak, you can already use it on most GNU/Linux distributions [1]. I'll talk about my journey building this app (my first GTK app) from scratch, my collaboration with Tobias Bernard, the designer on the project, and my experience with the documentation and developer tools for the GNOME platform. [1] http://frac-tion.com/teleport-flatpak Julian Sparber Source Code Teleport Flatpak Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:20 K.4.201 osd_pitch_your_project Pitch your project Present your FOSS project to designers and get them to contribute Open Source Design devroom This session has become a bit of a tradition in the Open Source Design devroom. Every year we close by inviting FOSDEM attendees to introduce their projects to the designers in the room, and tell them the type of the design contributions they need. I thought we might want to do this again. Belen Barros Pena Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:30 K.4.401 hwenablement_uefi_for_dummies Programming UEFI for dummies What I have learned while tweaking FreePascal to output UEFI binaries Hardware Enablement devroom With the upcoming end of legacy mode in UEFI firmware on PCs, every alternative and hobbyist operating systems, bare metal programmers and wannabe OS developers will have to deal with UEFI on modern hardware. After presenting the binary format of UEFI applications, I will focus on the use of UEFI APIs through EFI system table and UEFI protocols so you can get started. Don’t be afraid by “FreePascal” in the subtitle : the core of this presentation is language agnostic. Olivier Coursière UEFI target for Freepascal Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:30 K.4.401 rustyarm_rust_on_embedded_platforms Rustarm AKA A project looking at Rust for Embedded Systems Rust on embedded platforms Hardware Enablement devroom Rustyarm is a project in the Physical Computing group at the University of West of England looking at application of Rust on embedded micro controllers. UWE Sense is a new hardware and software platform for IoT, build with ARM micro controllers, Bluetooth LE and LoRaWAN, which runs a software stack written completely in Rust. While UWE Sense is a close to the metal implementation, UWE Audio, a new hardware platform for studying high performance audio using ARM micro controllers, uses Rust to implement a monadic reactive graph, supporting both an offline compiler and and Embedded DSL. UWE Audio uses safe Rust, for example, describing domain clock as generic associated types, providing both compile time guarantees that multiple streams will not be incorrectly sequenced at different sample rates, and the ability to dynamically compile for different parts of the system. In this talk I will provide a high-level overview of the Rustyarm project, including how using Rust has made this project interesting, but also enabled providing guarantees with respect to the audio scheduler, for example. However, Rust has some short comings in the embedded domain and we provide details on some of these and what we and the wider community are doing to address them. As an example of Rust’s application in the embedded domain we present early work on UWE Audio and hardware and software platform for building digital music instruments, which as already noted is programmed with solely in Rust. Rustyarm is a project in the Physical Computing group at the University of West of England looking at application of Rust on embedded micro controllers. UWE Sense is a new hardware and software platform for IoT, build with ARM micro controllers, Bluetooth LE and LoRaWAN, which runs a software stack written completely in Rust. While UWE Sense is a close to the metal implementation, UWE Audio, a new hardware platform for studying high performance audio using ARM micro controllers, uses Rust to implement a monadic reactive graph, supporting both an offline compiler and and Embedded DSL. UWE Audio uses safe Rust, for example, describing domain clock as generic associated types, providing both compile time guarantees that multiple streams will not be incorrectly sequenced at different sample rates, and the ability to dynamically compile for different parts of the system. In this talk I will provide a high-level overview of the Rustyarm project, including how using Rust has made this project interesting, but also enabled providing guarantees with respect to the audio scheduler, for example. However, Rust has some short comings in the embedded domain and we provide details on some of these and what we and the wider community are doing to address them. As an example of Rust’s application in the embedded domain we present early work on UWE Audio and hardware and software platform for building digital music instruments, which as already noted is programmed with solely in Rust. During the talk I will give a demonstration of UWE Audio and our embedded audio DSL, written in Rust. I also plan to have a number of the UWE Sense modules for people to look at, there is an App that that they can download, which talks to the sensors and logs dat to an open cloud infrastructure. The App is not developed in Rust, Nativescript is used, but the software for the sensors is. I don't plan to talk in detail about this part of our work, but I can provide links to our website and our partners, which will be launched in December 2017, and links to the software repos. Full disclosure: UWE Audio is a reasonably new project and while we have a working system it would be misleading to say it is a complete project. For example, as our hardware platform has two ARM micro-processors, one for the control domain and one for the audio/cv domain our current compiler produces to Rust programs that are compiled separately and flashed to the devices. Our long term goal is to have the controller deploy DSP graphs to the audio processor dynamically via a Rust based API, simply in concept to OpenCL, but we are still quite a long way from reaching that final goal. That being said the project has been driven from the start with the goal of investigating Rust as an alternative to C for embedded programming and it's particular application in the audio domain and for this I believe it would be an interesting talk at FOSDEM. Benedict Gaster (cuberoo_) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 K.4.401 hwenablement_mainline_linux_on_motorola_droid_4 Mainline Linux on Motorola Droid 4 Hardware Enablement devroom Sebastian will present the current state of Linux kernel support for the Motorola Droid 4 (a smartphone from 2012), what has been done to reach it and describe the required work left to use it properly. The target audience are non-kernel developers, that might be interested in starting kernel work. The work has been documented here: https://www.elektranox.org/droid4/ Sebastian Reichel Blog about the ongoing Linux kernel work for the Droid 4 Page from Tony Lindgren (OMAP maintainer) about Droid 4 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 K.4.401 hwenablement_simplifying_soc_enablement_in_linux ... like real computers! Making distributions work on single board computers Hardware Enablement devroom Installing an operating system on single board computers (SBCs or "Fruit-Pis") is very board specific and requires a lot of hand holding. If at all, standard distributions support only a small number of them explicitly, which leads to a lot of board specific images and distributions. This talk will show how this situation can be improved, to the point where off-the-shelf Linux (or BSD) distributions can be installed on those boards, without those distros knowing about each and every one of them. Key ingredients are standardized firmware interfaces like UEFI, stable device trees and on-board memory like SPI flash. This should make using ARM based SBCs as easy as using (x86) PCs today: like "real computers". On top of this ways to simplify and speed up mainline Linux kernel support are explored. Enabling kernel support for new SoCs usually takes a while, especially if the effort is driven by the community. This delays distribution support, up to a point where a certain SoC or board might become slightly dated when it's finally supported. Using more device tree features and less hardcoded kernel data would reduce the code required to support new SoCs, ideally reaching a point where new SoCs could be at least booted with existing (distribution!) kernels, just by providing the proper device tree blob. This talk describes the idea and gives an example by looking at what can be done on Allwinner SoCs. Andre Przywara Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:30 K.4.401 hwenablement_booting_it_successfully_with_mainline Booting it successfully for the first time with mainline Hardware Enablement devroom While things have gotten a lot better, new hardware bring-up sometimes still feels like pulling teeth. With the right methodology, tools and techniques, a significant amount of time, energy (and sanity) can be saved while enabling a new board to run Linux. In this talk, we'll discuss the phased process involved in new board bring-up and the challenges it can pose, from reviewing initial schematic design to the successful upstreaming of any necessary bootloader and kernel patches. We'll also provide some examples of the process based on a board that was recently made compatible with mainline. This presentation will help embedded hardware and software developers better understand the problems they can face during the bring-up of a board and will hopefully encourage them to work together when designing a new embedded board. Cooperation is important during the demanding work of a board bring-up in order to avoid respins of the board as much as possible as well as save time and money. The audience is anyone interested in the ‘fuzzy’ line between hardware and software, with the focus being hardware and software developers working on kernel drivers and hardware bring-up. Attendees can expect a description on how to bring-up a new board, including tips to take into account in the schematic design phase and much more. Enric Balletbo Serra Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 K.4.401 linuxboot AMENDMENT LinuxBoot: Linux as Firmware Replace most of your firmware with Linux Hardware Enablement devroom Let Linux do it: Linux as Firmware Tired of reinventing the wheel by implementing drivers for firmware again and again? Not with LinuxBoot! What? LinuxBoot is a firmware for modern servers that replaces specific firmware functionality like the UEFI DXE phase with a Linux kernel and runtime. Why? LinuxBoot improves boot reliability by replacing lightly-tested firmware drivers with hardened Linux drivers. LinuxBoot improves boot time by removing unnecessary code, resulting in a 20x faster boot time (typical value). LinuxBoot allows customization of the initrd runtime to support site-specific needs (both device drivers as well as custom executables). LinuxBoot and its precursors are a proven approach for almost 20 years in military, consumer electronics, and supercomputing systems – wherever reliability and performance are paramount. This talk replaces the talk "SITL bringup with the IIO framework" by Bandan Das Philipp Deppenwiese LinuxBoot project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 K.4.401 fpga_manager What's new with FPGA manager Overview and Updates Hardware Enablement devroom After a brief overview of the Linux Kernel FPGA manager framework and it's (short) history, we'll look at what's new with the FPGA Manager framework in the Linux Kernel, what's still missing, outlook on how to fix things, and leave some time for discussion. Moritz Fischer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:40 K.4.401 hwenablement_linux_as_spi_slave Linux as an SPI Slave Adding SPI slave support to Linux Hardware Enablement devroom The SPI bus connects a master with one or more slave devices. So far, Linux always assumed the master role. In v4.13, Linux finally gained slave support. In this presentation, Geert will talk about adding SPI slave mode support to the existing SPI subsystem, and using a Linux system as an SPI slave. He will show what makes SPI special, and cover possible use cases and limitations of Linux-based SPI slave mode. Finally he will demonstrate how he modified Linux to add support for SPI slave mode. The SPI (Serial Peripheral Interface) bus is ubiquitous in many (embedded) systems. Devices connected to an SPI bus have master and slave roles. Traditionally, the Linux kernel always assumed the SPI master role. In v3.19, Linux received i2c slave support. This sparked the question if Linux could ever become an SPI slave, controlled by an external SPI master, too. In v4.13, that question was finally answered with a "yes"; but not wholeheartedly. In this presentation, Geert will talk about adding SPI slave mode support to the existing SPI subsystem, and using a Linux system as an SPI slave. This can increase the roles and functionalities Linux can perform in embedded systems. Attendees can expect an overview of the SPI bus and the differences between SPI master and slave roles, and a comparison with other simple buses. They will understand the challenges of using Linux as an SPI slave, and can consider the implications when designing SPI protocols for use with Linux systems acting as an SPI slave. They will learn how to write SPI slave handlers for Linux, implementing the slave-side of an SPI protocol. Geert Uytterhoeven Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:40 00:20 K.4.401 hwenablement_gnuk_token_and_gnupg_scdaemon Gnuk Token and GnuPG scdaemon Hardware Enablement devroom Gnuk is an implementation of USB cryptographic token for GnuPG. It conforms OpenPGP card specification, implements USB CCID protocol, and supports modern ECC, i.e., Ed25519 and X25519. I started the project in 2010, and to enable better support, I joined GnuPG development. I had a talk in FOSDEM2012. It wasn't go well as I expected in 2012. I needed to design my own free hardware design for reference hardware. That's FST-01. I needed to design and implement True Random Number generator of my own. That's NeuG. For better control of hardware resource, I develop a thread library named Chopstx. In 2016, at OpenPGP.conf, I realized that people generally hesitate new hardware. Thus, in 2017, I modified Chopstx so that it can run on GNU/Linux as emulation. Now, a user can run Gnuk on normal GNU/Linux as an emulation, by USBIP, without real physical hardware device. In short, my talk is: Everything is free software (firmware on the device, driver on host), and hardware has free hardware design, but that's not enough. Emulation is useful, hopefully. Yutaka Niibe Gnuk Homepage Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:30 K.4.401 hwenablement_improving_linux_laptop_battery_life Improving Linux Laptop Battery Life Reducing Linux Power Consumption Hardware Enablement devroom Modern laptops can use a lot less energy then laptops from a decade ago. But in order to actually get this low energy usage the operating system needs to make efficient use of the hardware. Linux supports a lot of hardware power-saving features, but many of them are disabled by default because they cause problems on certain devices or in certain, often corner-case, circumstances. This talk will describe and look into recent efforts to enable more power-saving features by default in such a way that this will not cause regressions. The end goal of these efforts is to shave of at least 2 watt of the typical idle power-consumption of 6-9 watt for recent (Hasswell or newer) laptops. The goal is to achieve this saving on an OOTB Fedora Workstation install without the user needing to do any manual tweaks. Hans de Goede Blog post about SATA powermanagement Fedora Improved Laptop Battery Life wiki page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:30 K.4.401 hwenablement_adding_a_mouse_to_libratbag Adding support for a mouse in libratbag Hardware Enablement devroom Libratbag is a daemon to configure on-board settings on gaming mice. It has drivers to support many different mice vendors and models. Clients, like the GUI application Piper, interact with the daemon via DBUS. The on-board settings include button-mappings, resolutions, and LED colors and patterns. The vendors all use different protocols to configure the mice, and every mouse model must have a separate .SVG and configuration file. This talk will cover the steps to add support for a mouse. From reverse engineering the protocol, writing the driver for libratbag, and creating a .SVG to be displayed in Piper. If you own an unsupported device then you can bring it to the conference, and we can look at adding support for it after the talk. Libratbag is a daemon to configure on-board settings on gaming mice. It has drivers to support many different mice vendors and models. Clients, like the GUI application Piper, interact with the daemon via DBUS. The on-board settings include button-mappings,resolutions, and LED colors and patterns. The vendors all use different protocols to configure the mice, and every mouse model must have a separate .SVG and configuration file. This talk will cover the steps to add support for a mouse. From reverse engineering the protocol, writing the driver for libratbag, and creating a .SVG to be displayed in Piper. If you own an unsupported device then you can bring it to the conference, and we can look at adding support for it after the talk. Thomas H. P. Andersen Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:20 K.4.401 hwenablement_thunderbolt_3_and_linux Thunderbolt 3 and Linux Hardware Enablement devroom Thunderbolt 3 is a relatively new technology to connect peripherals to a computer. Devices connected via Thunderbolt can be DMA masters and thus read system memory without interference of the operating system (or even the CPU). Version 3 of the interface provides security levels in order to mitigate the aforementioned security risk that connected devices pose to the system. As result of this connected devices need to be to be authorized by userspace via a new kernel interface. The new kernel interface additionally supports updating the firmware of devices and the host controller. After an overview of the thunderbolt technology the specifics of the userspace enablement on GNU/Linux will be presented. Christian Kellner (gicmo) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:20 00:20 K.4.401 hwenablement_open_source_bios_at_scale Open Source BIOS at Scale We gave it a try, it worked. You can jump in! Hardware Enablement devroom At Online/Scaleway, we built a BIOS based on coreboot, FSP and TianoCore. We are using it at scale in our datacenters. This talk will go through Why and How we did it. We will detail the Pros and Cons of the approach. Spoiler: we’re happy with the result! Julien Viard de Galbert Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:20 K.4.401 hwenablement_automating_secure_boot_testing Automating Secure Boot testing Hardware Enablement devroom Short talk about the status and challenges of Secure Boot testing automation at Red Hat, done as part of the kernel UEFI testing. The talk aims to cover the tools and platforms used for testing, as well as the coverage that it currently provides. Erico Nunes Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:30 K.4.401 hwenablement_using_kvm_to_sandbox_firmware Using KVM to sandbox firmwares from the Linux Kernel or: How I learned to stop worrying and love EFI Runtime Services Hardware Enablement devroom This talk will present a proof of concept (and RFC) done on arm64 platforms to use KVM to isolate EFI Runtime Services from the Linux Kernel. Security improvements and limitations of this solution will be detailed. A strong focus will be kept on the flexibility of this approach and how it could be used on other architectures or for other types of firmwares isolation. As part of an internship for ARM during the summer 2017, I developed hypervisor-based security solutions for the Linux kernel. One of the experiments I did there resulted in an RFC available on the Linux Kernel Mailing List. In an effort to share this experiment with the broader community, I would like to detail the observed problems that led to my patchset and the inner working of the proposed solution. While KVM is generally used by userspace tools (such as QEMU) to create general-purpose virtual machines, the proposed patchset adds an internal API to KVM so that it can be used by the kernel itself to spawn lightweight sandboxes. This internal KVM API can then be used to sandbox EFI Runtime Services on arm64 platforms and circumvent some of the security and stability problems those firmwares could cause otherwise. Florent Revest First RFC Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:20 K.4.401 hwenablement_eoma68_progress_report Crowdsupply EOMA68 Progress Report A summary of the past year working on fulfilling the pledges from the EOMA68 August 2016 Crowdsupply Campaign Hardware Enablement devroom 2,500 people kindly backed the EOMA68 Libre Laptop and EOMA68-A20 Computer Card Crowdsupply Campaign last year. This talk will briefly outline the progress and some of the strange-seeming decisions that have had to have been made. It's also worth noting that at the beginning of the year, Intel! Announced! The World's! First! Ever! Modular! Computer Card! - in reality they're actually about 6th down a long list. We're not worried about them copying the concept, and will explain why during the talk (one hint: Intel backdoor spyware co-processor...) Also the reasoning behind why the project also includes the creation of an entirely new 3D Printer (the Riki200) and also a new 3D printer Controller PCB will be explained (big hint: cost. Incredibly, an entire 3D printer's components can be sourced in Shenzhen for LESS money than a western-designed and manufactured DuetWifi 3D Controller Board!) Luke Kenneth Casson Leighton Riki200 3D Printer RD3D Controller Board EOMA68 Crowdsupply page EOMA68 Open Standard Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:35 00:05 K.4.601 welcome_perl Welcome to the Perl devroom Perl Programming Languages devroom A short introduction Claudio Ramirez Wendy G.A. van Dijk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:40 00:40 K.4.601 perl_docker_mozilla How Carton, Docker, and CircleCI Saved my Sanity Or how I stopped using RPMs and learned to love Docker Perl Programming Languages devroom In this talk I talk provide a bit of background on how bugzilla.mozilla.org vendored all its dependencies using a combination of Carton + CircleCI + Docker, and a more in-depth look at three particular tasks that would have been impossible without this work. This talk should prepare you to go ahead and make even your really old legacy application use Carton. Dylan Hardison Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:20 00:40 K.4.601 4_web_services 4 Perl web services I wrote and that you may like Perl Programming Languages devroom I'll present 4 web services I wrote with Mojolicious a Perl web framework. Simple to install and simple to use, they promote users' privacy. One is an URL shortener, one is made for images sharing, the third is for files sharing with end-to-end encryption and the last is about URLs visits statistics. Luc Didry (Framasky) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:40 K.4.601 perl_physics Perl in the Physics Lab Perl Programming Languages devroom Let's visit our university lab. We work on low-temperature nanophysics and transport spectroscopy, typically measuring current through experimental chip structures. That involves cooling and temperature control, dc voltage sources, multimeters, high-frequency sources, superconducting magnets, and a lot more fun equipment. A desktop computer controls the experiment and records and evaluates data. Some people (like me) want to use Linux, some want to use Windows. Not everyone knows Perl, not everyone has equal programming skills, not everyone knows equally much about the measurement hardware. I'm going to present our solution for this, Lab::Measurement (see also https://www.labmeasurement.de/ ). We implement a layer structure of Perl modules, all the way from the hardware access and the implementation of device-specific command sets to high level measurement control with live plotting and metadata tracking. Current work focuses on a port of the entire stack to Moose, to simplify and improve the code. Andreas K. Huettel Lab::Measurement Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:40 00:40 K.4.601 ci_classroom Testing for testing Using CI in the classroom Perl Programming Languages devroom "Although I have been using GitHub for assignment submission for a long time, it has been only this year, when after being fired from the Free Software Office of the university of Granada I lost the class assistant, when I felt the dire need to do some automatic checks on the assignments the students of a cloud computing class turned it. This was not only running some tests on the code; since the students have total freedom on the language and other aspects of their project, it had to check things that went from the presence of some files to the use of GitHub issues for organization of the tasks. This was eventually solved with a Perl script that tested every pull request made by students. And this has had a number of interesting and mostly positive side effects on the student behavior and performance, which will be examined and presented in this presentation, where I will do no theater and dress with a single tee. Promised. Take home message is one that I have trying to drive home since the beginning, when I was talking about how Perl saved a conference I was organizing: Perl is an incredible tool for automating simple tasks that nobody thought could actually be automated; and automating things has many implications for the automator and the automatees; so Perl and daily life are always interesting and winning combinations. Juan Julián Merelo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:20 00:40 K.4.601 perl_music Perl in Computer Music Perl Programming Languages devroom Perl has modules that can be used in many aspects of computer music - that is music generated where somewhere along the line a computer is involved. It can interface with MIDI, sound synthesis, analysis, and various music making tools. The talk will present some ways of using Perl to express a musician's creativity. Uri Bruck Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:20 K.4.601 tttransition Template toolkit translations Perl Programming Languages devroom Recently, I released Log::Report::Template, which extends Template Toolkit with a simple way to use translations. The (gnu) gettext translation infrastructure, where translations are organized via PO-files, is implemented by various perl modules. They do all extend the original (printf) formatted strings in some way or the other. Log::Report has extended the power of the translatable message ids much further than other modules, also adding features specific for generating HTML. Mark Overmeer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:20 K.4.601 cpan_github Releasing to CPAN and GitHub Perl Programming Languages devroom The previous 17 years, I published over 1000 distributions for 65 modules to CPAN. Some modules saw over 100 versions, because my workflow was: release often. This works very well when you work alone and regularly with your modules. Recently, my needs shifted a little. There are some (minor) advantages to use GIT. And once that transfer is made, the step to GitHub is made. Everyone has his/her own way of releasing, with tricks to improve the process. I will demonstrate how my process works and how I changed my workflow. It will demonstrate how I load my whole history into git and github with little effort. Mark Overmeer Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:40 00:40 K.4.601 sympa_sympatic AMENDMENT Presenting the Sympa Mailing List Manager and the new Sympatic CPAN module Perl Programming Languages devroom Sympa is a mailing list management software, and as such it provides a couple of standard features which most mailing list software programs provide. In addition to this basic set of features, you may customize the software given the specifications you have for your mailing service. The talk was rescheduled from 15:00 on the same day. Marc Chantreux Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:20 00:40 K.4.601 perl6_extending_disco_era_crypto The Dynamo After Diffie Extending Disco-Era Crypto For Ubiquitous Secure Frameworking With Integral Mathematics (with Perl6) Perl Programming Languages devroom The talk will be a 40 minute walkthrough of a perl6 Diffie-Hellman based example solution for biharmonic equations including references/quotes to a small number of mathematicians, a few concepts surrounding the Reimann conjecture and its fallacy of synchronicity without a grounded base, and then promoting the potential of a perfect solution to the biharmonic equation as satisfying the crux of Arzela's theorem I(Phi(n)) >= I(U) with a ubiquitous potential data structure (Phi). The code in question is currently in use in the Nuclear Industry in FORTRAN, C/#/++ & Python, I'm retailoring the talk with students & my takeaway goal is to get a feel on how extension into a rapid development framework might be received in the community. The talk will be very flexible and there will absolutely be an option of not going very deep at all into the maths if the reception is not there. James Ellis Osborne III Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:40 K.4.601 perl6_jupyter AMENDMENT Perl 6 on Jupyter Perl Programming Languages devroom The Jupyter project provides a language-agnostic client-server protocol for a Read-Eval-Print Loop (REPL) and a serialization format for a REPL session. In this talk, we explore the use and implementation of a Perl 6 server ("kernel") and how it interacts with various clients, such as a web client ("notebook") and a console client. We focus on distinctive aspects of using Rakudo Perl 6 in this environment, such as using the Perl 6 metamodel's introspection capabilities for autocompletion, discovery and entry of unicode operators, and using Perl 6's asynchronous primitives for concurrent operations. We also investigate possibilities for widgets, magics, and interactive data visualization. The talks was reschedules from 13:40 on the same day. Brian Duggan Github Repository slides Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:40 00:40 K.4.601 software_necromancy Software necromancy with Perl Perl Programming Languages devroom Making ancient software work again using Perl. Two case studies of how I’ve recovered old software. First, I recover a late 80s 4GL using <code>Regexp::Grammars</code> to save software after its run-time died from bitrot. Second, I use Perl to drive OpenGL and glue some games written in Turbo Pascal to SDL. Dave Lambley Pascal games Perl OpenGL demo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:20 00:40 K.4.601 perl6_grammar_common Recycle Parsers With Grammar::Common in Perl 6 Perl Programming Languages devroom Perl 6 grammars and regular expressions are incredibly powerful, but with great power comes great risk of mangling Spider-Man quotes. Let's look at some of the common language patterns and learn together how to refactor them into reusable modules, complete with pluggable actions including Abstract Syntax Trees and Just-In-Time evaluators, all ready for you to add to your language parser. Jeffrey Goff Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:50 UA2.114 (Baudoux) mgmt Next Generation Config Mgmt: Reactive Systems Config Management devroom The main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture And a: * Declarative, Functional, Reactive programming language. The tool has two main parts: the engine, and the language. This presentation will demo both and include many interactive examples showing you how to build reactive, autonomous, real-time systems. Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project. The main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture And a: * Declarative, Functional, Reactive programming language. The tool has two main parts: the engine, and the language. This presentation will demo both and include many interactive examples showing you how to build reactive, autonomous, real-time systems. Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project. A number of blog posts on the subject are available: https://ttboj.wordpress.com/?s=mgmtconfig Attendees are encouraged to read some before the talk if they want a preview! James Shubin Project homepage Recording of me giving a talk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:50 UA2.114 (Baudoux) deployment_provisioning_orchestration Provisioning vs Configuration Management Deployment vs Orchestration A rose by any other name... Config Management devroom There's a lot of confusion around the differences between the various terms used when talking about configuring systems. Is Jenkins an orchestration tool or a deployment tool? Can Puppet provision systems? Is Ansible config management or and orchestration? In this talk, we're going to boil down the core of each term and talk about the approaches used and where things cross over. Names, as we know, are one of the hardest things in computer science. And in the DevOps space, we frequently see 4 terms come up again and again, and people often blur the lines between what each one is doing: Deployment vs Provisioning vs Orchestration vs Configuration Management It's easy to get mixed up between the terms, especially as a lot of the vendors who specialised in one area have started expanding into other areas to diversify their offerings and create a one-stop solution. In this talk, we're going to discuss the differences between each term, what tools and approaches work well for each, how the lines have blurred in the container world and what the future might hold. Peter Souter Submit feedback 11:00 00:25 UA2.114 (Baudoux) decade_augeas A decade of config surgery with Augeas Config Management devroom Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. The tool, and this description, recently turned 10 years old, a milestone that I will celebrate with a stroll down memory lane, looking at Augeas' original goals and subsequent achievements over the past decade. Over that time, it has become an important building block for configuration management tools like Puppet and Salt, and is used by tools such as EFF's Let's Encrypt, OSQuery, and libvirt. I will talk about some of the basic patterns for using Augeas to perform surgery on configuration files, share some tips on how to get the most out of its tree structure, and how to use it to perform idempotent changes. I will also talk about a few areas where Augeas can be improved, and where it's use could be simplified. David Lutterkort Main site for Augeas Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:25 UA2.114 (Baudoux) cockpit Cockpit: A Linux Sysadmin Session in your Browser Config Management devroom Cockpit is an open source project that has built the new system admin UI for Linux. It turns Linux server into something discoverable and usable. Its goal is to remove the steep learning curve for Linux deployments. But more than that, it's a real Linux session in a web browser. Cockpit is an open source project that has built the new system admin UI for Linux. It turns Linux server into something discoverable and usable. Its goal is to remove the steep learning curve for Linux deployments. Cockpit lets you immediately dive into things like storage, network configuration, system log diagnosis, container troubleshooting and Kubernetes orchestration. All while being zero-footprint: It goes away when not in use. Cockpit interacts well with other management configuration tools, it reacts instantly to system changes made elsewhere. We'll look at how Cockpit is an actual linux user session that you drive through your browser, running with user privileges, and accesses to the native system APIs and tools. You'll be able to build new pieces of sysadmin UI as fast as you write a shell script. In fact we'll do it on stage in a few minutes. Stef Walter Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:25 UA2.114 (Baudoux) terraform_maturing Terraform is maturing problems we've seen in puppet and their solutions Config Management devroom Terraform seems to be the configuration management of the cloud: a tool that allows us to define our infrastructure as code so it becomes automatable and testable. It suffers from a bunch of issues though. These issues have been encountered and solved before in other tools like puppet, but the story very much resembles that one. This session will draw some parallels between early puppet and early terraform days and explain what we can do to make these changes in a better way. Walter Heck Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:25 UA2.114 (Baudoux) puppet_key_value Breaking with conventional Configuration File Editing Puppet with a Key/Value API in a User Study Config Management devroom While on top-level configuration management tools usually have key/value interfaces, in the layer below other techniques are used, such as: <ul> <li>Rewriting configuration files with templates (ERB templates, ...)</li> <li>Specify replacements (file_line, Augeas, ...)</li> </ul> In this talk, we will discuss a new approach using a key/value interface in every layer of configuration access, implemented in Puppet-Libelektra. Different to other key/value APIs Puppet-Libelektra is independent of the concrete configuration file format, abstracts from the syntax, and supports validation. In a time-consuming user study we found the key/value interface to be significantly faster to use. Because of integrated validation it is also more safe, and because of local tooling it is easier to use. Puppet-Libelektra is already used in practice: Elektra's web and build server is managed using Puppet-Libelektra. Markus Raab Puppet-Libelektra Elektra Website Elektra Build Server Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 UA2.114 (Baudoux) painless_puppet_providers Painless Puppet Providers Config Management devroom Puppet's most powerful extension point is providing "native" types and providers. Ruby fragments that describe how puppet can interact with resources in our systems. This has been part of puppet's core code since the very first days, but adoption has been hampered by the API being tied up deeply into puppet's internals. The new Resource API project provides a coherent, and decoupled way to define new resource types. It is based on Puppet4+ data types, making validation a breeze. The backend provider is a simple ruby class with well-defined API requirements. Together, this makes the new providers easier to read, and write, as well as easier testable. In this talk I'll give an overview of the new API, and how to write providers using it. Basic Ruby and Puppet knowledge recommended. David Schmitt main code base example code specification docs Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 UA2.114 (Baudoux) cumin_automation Cumin: Flexible and Reliable Automation for the Fleet Real life examples from the Wikimedia Foundation Config Management devroom Cumin is a Python API and CLI that provides a flexible and scalable way to execute multiple commands on cluster of hosts in parallel. It has a fine-grained hosts selection mechanism that allows to dynamically query multiple backends and combine their results. In addition to some built-in backends such as PuppetDB, SSH known hosts files, OpenStack API, it's possible to plug-in external backends. The current transport layer is SSH, although additional transport layers could be easily added. There are multiple execution strategies available and fine-tunable to suit different orchestration requirements. The executed commands outputs are automatically grouped for readability. The talk will describe the reasons that led us to the development of Cumin and its features and show its current usage at the Wikimedia Foundation for automation and orchestration. Riccardo Coccioli Cumin Documentation Cumin at the Wikimedia Foundation Cumin Source Code Cumin on PyPI Cumin Demo Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 00:50 UA2.114 (Baudoux) high_available_foreman Highly Available Foreman A presentation about Highly Available Foreman including common pitfalls and decisions you'll have to make. Config Management devroom This talk will demo a 2 node Foreman cluster with a separate 2 node Smart Proxy Cluster. I will start by presenting some of the architecture choices. I will then demo some of the tips and tricks you can use to achieve HA. I will finally share some of the future planned designs for HA and how this process could be simplified in the future. Sean O'Keeffe Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:50 UA2.114 (Baudoux) network_automation Network Automation Journey A systems engineer NetOps perspective Config Management devroom Network devices play a crucial role; they are not just in the Data Center. It's the Wifi, VOIP, WAN and recently underlays and overlays. Network teams are essential for operations. It's about time we highlight to the configuration management community the importance of Network teams and include them in our discussions. This talk describes the personal experience of systems engineer on how to kickstart a network team into automation. Most importantly, how and where to start, challenges faced, and progress made. The network team in question uses multi-vendor network devices in a large traditional enterprise. NetDevOps, we do not hear that term as frequent as we should. Every time we hear about automation, or configuration management, it is usually the application, if not, it is the systems that host the applications. How about the network systems and devices that interconnect and protects our services? This talk aims to describe the journey a systems engineer had as part of an automation assignment with the network management team. Building from lessons learned and challenges faced with system automation, how one can kickstart an automation project and gain small wins quickly. Where and how to start the journey? What to avoid? What to prioritise? How to overcome the lack of network skills for the automation engineer and lack of automation and Linux/Unix skills for network engineers. What challenges were faced and how to overcome them? What fights to give up? Where do I see network automation and configuration management as a systems engineer? What are the status quo and future expectations? Walid Shaari Network Automation Journey, A systems engineer NetOps perspective Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:50 UA2.114 (Baudoux) zero_downtime_deployments_ansible Zero Downtime Deployment with Ansible Config Management devroom Ansible is a radically simple and lightweight provisioning framework which makes your servers and applications easier to provision and deploy. By orchestrating your application deployments you gain benefits such as documentation as code, testability, continuous integration, version control, refactoring, automation and autonomy of your deployment routines, server- and application configuration. Ansible uses a language that approaches plain English, uses SSH and has no agents to install on remote systems. It is the simplest way to automate and orchestrate application deployment, configuration management and continuous delivery. In this talk you will be given an introduction to Ansible and learn how to provision Linux servers with a web-proxy, a database and some other packages. Furthermore we will automate zero downtime deployment of a Java application to a load balanced environment. We will cover how to provision servers with: * an application user * a PostgreSQL database * nginx with a load balanced reverse proxy * an init script installed as a service * zero downtime deployment of an application that uses the provisioned infrastructure Stein Inge Morisbak Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:05 UA2.220 (Guillissen) welcome_legal_policy Welcome to the Legal and Policy Issues devroom Legal and Policy Issues devroom Welcome to and overview of the seventh year of the Legal and Policy Issues devroom Tom Marble Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:05 00:25 UA2.220 (Guillissen) gdpr_identity_management Capture the GDPR with Identity management Crafting Identity management tool to handle GDPR requirements Legal and Policy Issues devroom Capture the GDPR with Identity management A new era of Data Privacy begins this year and May approaches unstoppably. The media present the GDPR on a daily basis in volumes no one has expected. The whole commercial sector is hyped with articles about the GDPR, recommendations, warnings and in the end MYTHS! The GDPR is not only multinational corporations’ concern any more. Individuals and small entrepreneurs are looking for the answers too. This makes space for speculations and many partial solutions are offered in a form of a GDPR project draft templates or migration of processing into the new safe environment without appropriate paperwork. Even software solutions usually offer only partial safety measures and you will need a bunch of them to fulfill the GDPR project. A complete solution exists only as cooperation of legal person analyzing interpretation of EU legislative and IT technician able to incorporate those requirements into daily operations. The complete solution still does not mean 100% compliance because there are so many threats you can never be utterly safe from. This presentation will tell what you must not omit to be compliant, how to give effects to the rights of data subjects and how to craft your GDPR solution. We will discuss lawful basis for data processing, consent requirements and tools able to manage them effectively. In the end, we may think about the design of identity management tool that combines the advantages of identity management into one solution dealing with various GDPR issues. Included GDPR areas in light of Identity management: Lawful basis and consent management, risk assessment, data breach tool, DPO’s control tool and data subject’s rights control tool. I intent to speak about how to think about GDPR solution, what is required and how to achieve it by either customizing existing tool or designing a brand new tool of your own preferences. As a lawyer working amid programmers, in this speech I will be considering both fields of view and looking for conjunctions. Touched areas of speech are lawful basis management, consent management, risk assessment, data breaches, DPO and rights of data subjects. Juraj Benculak May blog about GDPR Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 00:25 UA2.220 (Guillissen) ai_right_to_be_forgotten Artificial intelligence dealing with the right to be forgotten Legal and Policy Issues devroom The right to be forgotten subsequens the ruling of privacy law, encountering difficulties in terms of defining its applicability in the context of continuous tech evolution. Artificial intelligence development particularly raises problems due to the nature of machine learning and the obvious differences between the memory process of humans and AI systems. The law does not have an answer apart from the general ruling of the right to be forgotten, lacking a particular focus on the context of AI nature and applicability. How does an analysis of the current legislation look like and also what can one implement de lege ferenda in order to assure the required attention to the AI context? Privacy law is on the spotlight of the modern rechtsstaat and determined in the doctrine different opinions in how the ruling of it is appropriate. Considering the amplitude of human interactions and the juridical nature of personality rights, it encounters an accelerated evolution. The right to be forgotten, one of the component of this area, reached its first peak due to the ruling of the European Court of Justice in the matter of Google's search engine, stating that as a data controller it has to conform to the 95/46/EC Directive, the states being held to implement those principles in the national legislation. Considering the evolution of technology, a question that arises is how do the states and international entitites de lege lata apply the notion of the right to be forgotten in the context of artificial intelligence and also what could be done in order to have consistent juridical norms in this area. The right to be forgotten will be analysed as concept, juridical nature, doctrine debates regarding this notion and also how does it interfere with artificial intelligence. A description of the psychological memory and AI system of "remembering" will be done in comparison, emphasising the aspects that could be relevant in the compliance with the spirit of the right to be forgotten. Considering that the fundamental differences between how human and machine learning memory processes work, it will be determined a common ground of how can deletion be considered an act of forgetting. Also, the analysis will continue on the path of finding potential legal and policy adaptations to the current statutory law. Cristina Rosu Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:25 UA2.220 (Guillissen) understanding_usc_501 Understanding 26 U.S.C. § 501, and Organizational Governance ... and why understanding all this matters outside the U.S. Legal and Policy Issues devroom We often hear about the charitable organizations registered in the United States Federal tax system, but talking about the implications is sometimes taboo. I'll try and talk about these issues openly, and discuss some of the consequences (both +ive & -ive) for public software. I'll provide a list of a few well-known organizations, and explain why it both matters and doesn't. Lastly I'll present some reporting that I did while researching this presentation. We often hear about the charitable organizations registered in the United States Federal tax system, but talking about the implications is sometimes taboo. I'll try and talk about these issues openly, and discuss some of the consequences (both +ive & -ive) for public software. I'll provide a list of a few well-known organizations, and explain why it both matters and doesn't. Lastly I'll present some reporting that I did while researching this presentation. James Shubin A previous legal talk I gave in 2016 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:25 UA2.220 (Guillissen) research_software_licenses Researchers and Software Licenses The story of what we are doing at the German Aerospace Center (DLR) to prevent licensing disasters Legal and Policy Issues devroom In science and engineering, more and more software is published as Open Source software or uses other Open Source projects. Due to the different licenses with their requirements and restrictions as well as the resultant license compatibility issues, scientists and engineers must be aware of these issues. Ideally, they have some basic understanding about Open Source licensing. Unfortunately, in practice this understanding is not present, especially if more than one Open Source license is involved. But how do you teach scientists and engineers knowledge about open source licenses? In this talk, we describe our strategy at the <a href="http://www.dlr.de">German Aerospace Center</a> (DLR) to awake the awareness among our domain scientists for licensing issues and to enable and support them in using and publishing Open Source software without facing licensing problems. Our strategy is based on providing hands-on material and training courses first, instead of starting issuing "official" but impractical process guides. Our current focus is on knowledge sharing between peer scientists using online tools as well as face-to-face workshops. Thereby collected findings and feedback from DLR scientists have proven to be helpful to improve existing documentation and to identify further steps. Our strategy is based on years of experience and permanently updating and extending our initial approach. We want to share the so gained knowledge with other projects, rearchers, and companies to help the Open Source communities found there to improve. Andreas Schreiber Open Source at DLR Knowledge Exchange about Open Source at the German Aerospace Center (OpenSym 2017 paper/poster) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:25 UA2.220 (Guillissen) licenses_and_contracts_eu_us Comparative Law of Licenses and Contracts in the US, UK and EU Legal and Policy Issues devroom This session will be a panel of lawyers from the US, the UK, and the EU. We will take on the evergreen question "it is a license or a contract," describing how their respective system distinguishes the two. Each panelist will begin by surveying their legal system's general jurisprudence on the definition of license and contract and describing how their respective system distinguishes the two. The panelists will then apply these legal concepts to some exemplar free software licenses and offer predictions on how and to what extent one accused of breaching the license would be held accountable. Pamela Chestek Andrew Katz Michaela MacDonald Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:25 UA2.220 (Guillissen) foss_inside_companies Advocating For FOSS Inside Companies Legal and Policy Issues devroom Companies who use and contribute to free and open source often have internal advocates who make policy decisions, help with tooling recommendations, and teach others about the importance of free and open source. Different offices and departments will often have differences in the ways they are managing using, contributing to, and releasing free and open source software. The panel will explore the different approaches companies have to this work. Richard Fontana Carol Smith Jilayne Lovejoy Max Sills Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:25 UA2.220 (Guillissen) usability_survey_of_licenses A Usability Survey of Free Software Licenses Legal and Policy Issues devroom We want software creators to use FOSS licenses. We also know people make mistakes in the process, or don't even try because they've heard it's "too complicated." Just like with software, we would do well to study these failures and use them as opportunities to improve the usability of our licenses. This talk aims to start that process by identifying known problems and considering some possible solutions. Usability issues that will be addressed in this talk include: <ul> <li>License presentation</li> <li>Where a work's license is declared</li> <li>How a work's license is declared</li> <li>How creators learn to apply a license</li> <li>License drafting</li> </ul> In his work as the FSF's license compliance engineer, Brett had the opportunity to investigate the licensing of many projects for information. He saw what creators do, both right and wrong. He was also deeply engaged in the drafting processes for GPLv3 and MPLv2, and was able to compare and contrast where the resulting licenses succeeded and fell short at improving usability. Brett Smith Submit feedback 12:30 00:25 UA2.220 (Guillissen) outsourcing_distribution_requirements Outsourcing Source Code Distribution Requirements Legal and Policy Issues devroom A well-known obligation in some FOSS licenses is the requirement to provide "complete corresponding source code" (CCSC). After the initial collection and packaging of the CCSC, its provision imposes a burden that may persist for a very long time. Ensuring that the CCSC is always available is not a simple matter, especially considering that the original development team might change structure, people might be replaced or change roles, legal entities may disappear, etc. In this talk we will present the possibility of using Software Heritage, an independent, non-profit third party, in order to outsource CCSC provision. As part of the exploration, we will review the legal obligations in popular copyleft licenses, explain the burden of long-term CCSC hosting, describe the hosting infrastructure in place, and propose a publishing workflow that might help FOSS producers painlessly comply with the licenses. Stefano Zacchiroli Alexios Zavras Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 00:25 UA2.220 (Guillissen) too_young_to_rock_n_roll Too young to rock'n'roll (and to contribute) Issues with minors (children) contributing to FOSS projects Legal and Policy Issues devroom Young people obviously are big users of technology. While this carries its own legal questions, wanting children to be creative and maybe contribute to technology is a really difficult topic. Licences, hosting terms of service, contributor agreements - all these legal documents are made by adults, for adults, and minors often struggle to be able to agree them, even with parental consent. We want to look at what the issues are and raise awareness for the importance of contributions by children. For many developers, contributing to open source projects is a trivial thing to do. Fire up GitHub, fork that project, do some changes, commit, push, create pull request - done! Also, for most project maintainers, getting contributions looks as easy - jsut have someone log in to GitHub, fork,… and so on. But everyone of us also knows that most of the time, we do not care too much about analysing the terms we submit to. As a contributor, we don't really care about the project's licence as long as it is free, and as a maintainer, we expect contributors to do exactly that. Same goes for the terms of use of our favourite Git hosting service, translation tool, you name it. One thing that makes things very easy for adult developers is that we are legally able to accept just about anything that might be written in such terms - but at least one subgroup of developers can't: children younger than a certain age limit. <ul> <li>All US based websites are legally forced to prohibit registration by people younger than 13 years (simply put)</li> <li>German children are not allowed to accept any terms that cut legal rights they normally have</li> <li>…</li> </ul> If any free software project has children as a target group, we (the people at Teckids e.V.) strongly believe it should make contributions by minors as easy as its usage. This involves caring about all legal documents that might get in the way. In this podium, we would like to raise some awareness and discuss experiences, ideas, possibilities, and the like in order to make the FOSS world a good place for everyone, independent of their age. Dominik George Niels Hradek Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:25 UA2.220 (Guillissen) harmonize_or_resist Harmonize or Resist? A Global Survey of Strategies for Freedom and Free Software Legal and Policy Issues devroom There's a lot of pressure from the US (and some of it's allies) to "harmonize" with American ideas about patents and copyrights. The response by different nations has been wildly different -- some have chosen to play along while others have chosen to resist. What makes sense for one country won't make sense for another and it's all in the details. This talk examines existing legal patterns, the state of local economies and varying trade relationships in an effort to survey what kinds of resistance are possible or effective. There's a lot of pressure from the US (and some of it's allies) to "harmonize" with American ideas about patents and copyrights. The response by different nations has been wildly different -- some have chosen to play along while others have chosen to resist. What makes sense for one country won't make sense for another and it's all in the details. This talk examines existing legal patterns, the state of local economies and varying trade relationships in an effort to survey what kinds of resistance are possible or effective. These issues have implications for not only free software activists, but for anyone who is concerned about local sovereignty and freedom of expression. Laws are written for the powerful to help them maintain their power, and resistance is always difficult. But what if we could share not only our code, but our strategies for passing laws, rearranging policy and carving out a safe place for free software and free culture to flourish? This is a top level survey of the global state of software patents and copyright law. Both local and global policies affect our ability to build things that are needful or locally useful, even when they aren't profitable. Local innovation is our best chance to solve many of our local problems, so let's get to it! Deb Nicholson Slides http:// Submit feedback 14:00 00:25 UA2.220 (Guillissen) sites_communicate_licensing People can't care when they don't know Improving how major sites communicate licensing information Legal and Policy Issues devroom We go through a lot of work and angst as a community over licensing -- what is free, what is not, what is open source, what is compatible with what, which software is to use which license. Then, after all the work put into these decisions, the result is hidden away, only to be seen or become relevant in the event of some legal challenge or insider decision. Licensing information is by and large not sufficiently communicated to end users, even though we are trying to build a movement of users who prefer freely licensed software. Two years ago in this Devroom, I talked about license choosers like Github's choosealicense.com, and how they might influence license selection for new projects. In response to that talk, Github made some important improvements. How are they doing now, and what about other sites and systems where users frequently obtain software, like Google Play, the Chrome Web Store, and the Firefox Add-ons library? Too often we find that such sites do not display license information at all in key places, or if they do, it's in a way that is not as clear or as strong as many of us in the free software movement would like to see. How can users prefer free software when they aren't given the info they need to choose it? I'll survey the scene, highlight some examples, and talk about how they can be addressed while considering the objections/concerns of the site operators. John Sullivan Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:30 00:25 UA2.220 (Guillissen) public_money_public_code Public money, public code, the Italian way Hacking Italian Administrations to get to the code (in a legal way) Legal and Policy Issues devroom FSFE has recently launched the campaign "Public Money, Public code”, which promotes legislation requiring that publicly financed software developed for the public sector is made publicly available under a Free and Open Source Software licence. However, under the Italian Digital Administration Code, we already have a provision (amended in 2016) which seems to have similar effects. We tried to use it as a legal hack to make available the source code of publicly financed whistleblowing software. The campaign "Public Money, Public code”, recently launched by the FSFE, aims at convincing the representatives to propose legislation requiring that publicly financed software developed for the public sector is made publicly available under a Free and Open Source Software licence. However, under the Italian Digital Administration Code (d.lgs 82/2005) we already have a provision (amended in 2016), in art. 69, which states that all public administrations have a duty to make available custom-made publicly financed software, together with the documentation, and to release it under an open licence, in free use, to other public administrations and other legal entities (with a few exceptions, regarding public security, national defense and the electoral process). We tried to use art. 69 as a legal hack to make available the source code of publicly financed whistleblowing software, from some municipalities and publicly controlled companies. The outcome has not been entirely satisfactory. The talk will be given by Giovanni Battista Gallus (fellow) and Fabio Pietrosanti (President) of the Hermes Center for Transparency and Digital Human Rights. The mission of the Hermes Center is to promote and develop in the society the awareness of and the attention to transparency and accountability, be they related to the society-at-large or not. Our goal is to increase the citizens’ involvement in the management of matters of public interest and to boost the active participation of workers and employees to the correct management of corporations and companies they work for. Giovanni Battista Gallus: Lawyer, ISO27001 Lead Auditor, freesoftware advocate, Former President of @CircoloGT, Nexa Fellow. ITLaw, privacy, security & drones. Copyright, Criminal, Data Protection/Privacy and IT and New Technologies law are his main areas of expertise. In the last two years, he is devoting a significant part of his pratice to the legal aspects of UAVs (drones) After a cum laude degree in Law in Italy, he moves to Great Britain for the Master of Laws in Maritime Law e Information Technology Law at the University College London – UCL. Afterwhile, he earns a PhD. In 2009 he obtains the European Certificate on Cybercrime and Electronic Evidence (ECCE). He is ISO 27001:2005 Certified Lead Auditor (Information Security Management System). Member of the Bar of Cagliari since 1996, admitted to the Supreme Court since 2009, he is a member of the Department “Informatica Giuridica” at the Università Statale of Milan and he is a teacher at the Post-Graduate Course in Digital crime and Digital Forensics. Fellow of Nexa Center on Internet e Society and of the Hermes Center for Transparency and Digital Human Rights. Author of several publications on the above mentioned areas and speaker at the main national and international congresses, he sides his legal profession an intense teaching activity, mainly in the field of copyright, Free/Open Source Software, data protection, IT security and digital forensics. Former President of Circolo dei Giuristi Telematici, founded in 1998, first initiative to gather IT law experts in Italy. Fabio Pietrosanti: Fabio Pietrosanti has been part of the hacking digital underground with the nickname “naif” since 1995, while he’s been a professional working in digital security since 1998. President and co-founder of the Hermes Center for Transparency and Digital Human Rights, he is active in many projects to create and spread the use of digital tools in support of freedom of expression and transparency. Member of Transparency International Italy, owner of Tor’s anonymity nodes, Tor2web anonymous publishing nodes, he is among the founders of the anonymous whistleblowing GlobaLeaks project, nowadays used by investigative journalists, citizen activists and the public administration for anti-corruption purposes. He is an expert in technological innovation in the field of whistleblowing, transparency, communication encryption and digital anonymity. As a veteran of the hacking and free software environment, he has participated to many community projects such as Sikurezza.org, s0ftpj, Winston Smith Project, Metro Olografix, among others. Professionally, he has worked as network security manager, senior security advisor, entrepreneur and CTO of a startup in mobile voice encryption technologies. Giovanni Battista Gallus Fabio Pietrosanti (naif) Hermes Center Website [Italian] Asking for the code to the Municipality of Venice [Italian] Asking for the code to the Municipality of Naples Article by Simone Aliprandi and Carlo Piana, FOSS in the Italian public administration: fundamental law principles (2013) Professional website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:25 UA2.220 (Guillissen) open_data_licenses What's the difference between all those open data licenses? Legal and Policy Issues devroom My talk will briefly review the major open data licenses including the differences between them and their interaction with free software licenses. Particular emphasis will be placed on thier application to databases. There are only a few popular open data licenses with a focus on open database licensing, but there is very little guidance on the differences between them. This talk will explain the differences between them, why they exist, and when you might prefer one over the other. I will also discuss sui generis database right, why it exists and how is it different than the traditional copyrights. This talk will be a whirlwind introduction to the common open data licenses that exist. I will outline the the major open data licenses including: * Creative Commons Zero Public Domain Dedication (CC0) * Open Data Commons Public Domain Dedication and Licence (PDDL) * Open Data Commons Attribution License (ODC-By) * Open Data Commons Open Database License (ODbL) * Creative Commons Attribution (CC BY) * Creative Commons Attribution-ShareAlike (CC BY-SA) Will also review some lesser known open data licenses including the recently released licenses created by the Linux foundation. We will look at what uses the authors may have had in mind that motivated them to create the licenses. * Community Data License Agreement – Permissive, Version 1.0 * Community Data License Agreement – Sharing, Version 1.0 * United Kingdom's Open Government License * Canadian Open Government License. We will discuss why do open data licenses exist and how are they different then free software licenses. We will look at the structure of the licenses to see the legal differences the licenses grant and how they operate. For example will discuss which of these are public domain dedications, licenses, or agreements. We will also talk about when or if that even matters. After looking at the structure of the licenses we will turn to looking whats differences between the licenses matter for content creators and ask does it matter which license you use. We will also delve into special considerations of database licensing like the protection and use of personal data, and how the "thin" copyright protection provided to databases impacts the design of open data licenses. Finally we will ask do you need to use an open data license in your free software project? Marc Jones Submit feedback 15:30 00:25 UA2.220 (Guillissen) future_of_copyleft The Future of Copyleft: Data and Theory Legal and Policy Issues devroom Using (copylefted!) data from the 32 repositories and 2.5M projects covered by libraries.io, we'll survey the state of copyleft. This will include the growth of AGPL, the reciprocal scope of the GPL, and what stacks copyleft has been most successful in. We'll then use the data to inform a look at theory and discuss where copyleft might be going: where is copyleft's success? where and how is that relevant in the modern software landscape? what directions might future copyleft licenses take? General note: scheduling permitting (they're also running a dev room), I may be joined by Andrew Nesbitt or Ben Nickolls, co-founders of Libraries.io. Many of the various assessments of license "popularity" have been skewed either by using a very limited data set (e.g., Debian, Fedora, which cover ~1/100th of FOSS) or by being proprietary/unreproducible (Black Duck, etc.) In this talk I'll discuss another open data source by diving into the licensing data from Libraries.io, which we believe to be the largest open repository of information about packaged FOSS. Because it includes dependency data, it can tell us not only about numeric usage, but also about relative importance and position in the stack of various licenses; and since it has a notion of "stack" (tied to repositories) it can inform some of our intuitions about how license usage varies by stack. We'll use this to assess (The biggest shortcoming of the Libraries.io data is that, because there are no "repos" per se, it does not cover C/C++/core operating system components; I'll also discuss this in the talk.) After discussing the current state of copyleft using data, we'll discuss what the future of copyleft might look like. This discussion will be informed by the data, but not limited to the data. Among other things, I'll discuss the theoretical value of copyleft in a world where FOSS has "won", indicated demand for copyleft in the culture and data space (e.g., institutional partners pushing for data in CC 4 & CDLA; interest in non-licensing solutions), License Zero, the legal challenges of copyleft in the SaaS space, and the growing concerns about developer sustainability. [Tidelift, my company, is working in this sustainability space, but obviously I'll avoid making the talk a pitch for the company.] I will likely conclude (contingent on some further data analysis) that there continues to be interest and demand for copyleft, but that a major driver of the perceived (and in some cases very real) decline of GPL + friends is a result of the inadequacy of our current copyleft legal tools. My hope is that this will be a call to action to the community to continue innovating around copyleft. Luis Villa Data set. Previous writings on licensing. Previous talks on FOSS. Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:25 UA2.220 (Guillissen) legal_issues_with_open_fonts Gutenberg to Google Fonts: the sordid history of typeface licensing issues Legal issues for projects working with open fonts Legal and Policy Issues devroom Fonts sit at a peculiar crossroads in the software license-compliance world. They contain executable instructions as well as static, visual data. They are binary files that, even when "open", are often shipped without source code. They are sensitive to namespace collision problems but are only exposed in user interfaces by name. The files themselves are governed by copyright, but the design they encode is not considered copyrightable in the US and other jurisdictions. Furthermore, the typemaking industry has long vacillated on the appropriateness of reviving, reusing, and extending earlier works as new designs. This talk provides an overview of the intellectual-property law and the community norms that concern sharing, reusing, and extending typeface designs. It will help developers navigate the intellectual-property and license-compliance issues they may encounter when using and redistributing free-software and open-source fonts. Fonts sit at a peculiar crossroads in the software license-compliance world. They contain executable instructions as well as static, visual data. They are binary files that, even when "open", are often shipped without source code. They are sensitive to namespace collision problems but are only exposed in user interfaces by name. The files themselves are governed by copyright, but the design they encode is not considered copyrightable in the US and other jurisdictions. Furthermore, the typemaking industry has long vacillated on the appropriateness of reviving, reusing, and extending earlier works as new designs. This talk provides an overview of the intellectual-property law and the community norms that concern sharing, reusing, and extending typeface designs. It highlights several specific issues relevant to modern digital font projects: • The law has struggled to keep up with industry practices on the subject of copying a competitor's type design. In the cold-metal era, foundries routinely copied and sold designs originating from the competition, even mechanically reproducing metal type in bulk. When digital fonts arrived in the 20th Century, the files themselves were originally not regarded as intellectual property, and wholesale copying picked up once again. Today, the files are considered copyrighted, but the designs are not. This can leave users in an uncertain position, as modern tools allow designs to be copied digitally, without copying the original file, and the law has not drawn clear lines around what practices are permissible. • Reviving a historical typeface is generally considered an acceptable practice if the design process begins with primary materials (such as metal types, proofs, or out-of-copyright prints). There is fierce disagreement, however, about how far in the past a designer must go before a typeface is considered fair game; revivals of typefaces that were "works for hire" by a corporate foundry or printer in particular are controversial because ownership of the intellectual property is debatable. Moreover, there is disagreement about how the original designers of a typeface can and should be credited in a revival, particularly when the revival makes alternations and updates. Users need to be particularly aware of these issues when selecting typefaces for branding and advertising purposes, which can attract public criticism. • Font names can attract more attention than the visual design itself, for the simple reason that installed fonts are, traditionally, searchable and accessible on computer systems only by their name. Name collisions between fonts are increasingly common, yet little effort has gone into addressing these collisions through trademark law. • The leading license used for free-software fonts, the SIL Open Font License (OFL), is often misunderstood, and those misunderstandings can place developers and users of open fonts in a bind on compliance issues. For example, the OFL does not require source-code availability, but it does include restrictions limiting the circumstances under which the fonts can be sold. It also includes an optional clause that, at the licensor's discretion, requires users to change the user-visible name of the font if any alteration is made to the binary, including common practices like subsetting the font to deliver it over the web. Downstream projects that user OFL-licensed fonts and assume that the OFL is broadly compatible with common free-software licenses may not be aware when license-compliance problems occur. There are no easy answers for resolving these issues in free software, but this talk will provide developers and communities with advice for identifying and coping with licensing issues relating to the fonts that they utilize in their projects. Nathan Willis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:30 00:25 UA2.220 (Guillissen) organizers_panel Organizer's Panel Legal and Policy Issues devroom The organizers of the Legal & Policy Issues DevRoom will reflect on recent developments in software freedom policy and law, and will discuss some of the topics and issues raised in this year's and past year's DevRooms. Tom Marble Bradley M. Kuhn Karen Sandler Richard Fontana Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:30 02:00 UB2.147 cert_lpi_3 LPI Exam Session 3 Certification certification <h3>LPI offers discounted certification exams at FOSDEM</h3> As in previous years, the Linux Professional Institute (LPI) will offer discounted certification exams to FOSDEM attendees. LPI offers level 1, level 2 and level 3 certification exams at FOSDEM with an almost 50% discount. For further information and instructions see <a href="https://fosdem.org/certification">https://fosdem.org/certification</a>. LPI Team Submit feedback 12:00 01:00 UB2.147 cert_libreoffice_1 LibreOffice Exam Session 1 Certification certification LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs. In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals. The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute. LibreOffice Team Submit feedback 13:30 01:00 UB2.147 cert_libreoffice_2 LibreOffice Exam Session 2 Certification certification LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs. In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals. The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute. LibreOffice Team Submit feedback 15:00 01:00 UB2.147 cert_libreoffice_3 LibreOffice Exam Session 3 Certification certification LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs. In the future, LibreOffice Certifications will be extended to Level 1 and Level 2 Support professionals. The LibreOffice Certification is not targeted to end users, although Certified Training Professionals will be able to provide such a service upon request (although not as a LibreOffice Certification). In general, end user certification is managed by organizations with a wider reach such as the Linux Professional Institute. LibreOffice Team Submit feedback 10:00 00:30 UB2.252A (Lameere) web_development_in_c Introduction to web development in C++ with Wt 4 A server-side web framework written in C++ Embedded, mobile and automotive devroom This talk is an introduction to <a href="https://www.webtoolkit.eu">Wt</a>, a server-side web framework written in C++. Wt 4 is the latest version and introduces a more modern C++11-based API. <a href="https://www.webtoolkit.eu">Wt</a> is a server-side web framework written in C++. Unlike many server-side web frameworks, Wt is widget-based. It is designed to deliver a development experience similar to desktop UI frameworks, abstracting away the underlying web technologies. If JavaScript support is unavailable, it will even fall back to plain HTML automatically. This allows C++ developers to quickly develop highly interactive applications. Because it's written in C++, Wt is especially well-suited for embedded platforms. Wt 4, released in September 2017, updates its API to use C++11. The result is that the API of Wt 4 is more clear and exception safe, relies on fewer Boost dependencies, and compiles faster. This talk will be an introduction to Wt 4 for C++ programmers. We will show how to make a "hello world"-style web application with Wt, and demonstrate some selected features of Wt. By the end of the talk, the audience should have enough knowledge to get started with Wt 4. No knowledge of older versions of Wt is required. Roel Standaert Wt website GitHub project page CppCon 2017: Migrating a C++03 library to C++11 case study: Wt 4 Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 UB2.252A (Lameere) autonomous_robot How to build autonomous robot for less than 2K€ Build a robot doing Simultaneous Localisation And Mapping cheaply Embedded, mobile and automotive devroom Telepresence, Delivery Boy, Security and Follow Me in one PULUrobot. PULUrobot solves the autonomous mobile robotics complexity issue without expensive parts, without compromise. By fearless integration and from-scratch design, our platform can do SLAM, avoid obstacles, feed itself, and carry payload over 100kg, for less than 2000EUR. Application ecosystem can be born around it, as we offer a ready-made Open Source (GPLv2) solution in a tightly coupled HW-SW codesign. No need to solve a ROS module puzzle, or pay $50000 for a closed product anymore! Pulu Robotics Oy's chief HW/SW designer Antti Alhonen presents the new open source startup to the community. Pulu Robotics Oy was founded in July, 2017, in Finland, to solve our own needs, with an efficient team of three. No one had prior knowledge on robotics. By studying the market and other startups, we realized the common mistake is to use "robotic modules" as building blocks. They are highly expensive, provide little bang for buck, often are inefficient, and require complex software middleware (such as ROS) as the glue inbetween. Due to our combined background in mechanical, electrical, software and manufacturing design, we took the approach of designing as much as possible by ourselves. A Bill-of-Materials example: instead of spending $100 on a BLDC motor driver module, our $100 main PCB integrates two such motor controllers - and a 100W li-ion charger, 5V 10A power supply, MEMS compass, accelerometer, two 3-axis gyroscopes, power IO, and a powerful microcontroller. Having low-level calculation resources available right where the sensor data is first acquired means good data synchronization, low-latency reaction, and this simplifies the higher level software requirements. We actually love the power of embedded! During the process, we found out that we simply don't need ROS - we already solved most of the puzzle on the lowest level possible, simply and efficiently. It's often said that it's hard and slow to develop custom HW/SW from scratch. This has clearly not been the case: it took us 4 months from total zero to completely design all the electronics, embedded software, simple prototype Simultaneous Localization and Mapping (SLAM) software, etc., to build the first actual prototype that could autonomously explore its surroundings, perform navigation tasks, and find its own charger. At that point, we thought about the open source business model, established the company, thinking: this is too good to keep in our own basement. The code footprint for embedded, higher level backend, and user interface frontend is currently 30 000 lines total. We still have a long way to go. We are now selling the very first generation of robots for the early adopters, hoping to give a kick start to the open source community as soon as possible. Behind the curtains, we are focusing on the development of our next 3D sensor system, which will replace the current scanning 2D lidar with a 360x90 degree full 3D distance data, and do it for the same price we currently pay for the Scanse 2D lidar used in the first small-scale production batch. Miika Oja (PuluMan) Pulurobotics website Pulurobotics Blog Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 01:00 UB2.252A (Lameere) nand_on_linux Drive your NAND within Linux Forget the word "nightmare" Embedded, mobile and automotive devroom NAND flash chips are almost everywhere, sometimes hidden in eMMCs, sometimes they are just parallel NAND chips under the orders of your favorite NAND controller. Each NAND vendor follows its own rules. Each SoC vendor creates his preferred abstraction for interacting with these chips. Handling all of that requires some abstraction, and guess what? That is currently being enhanced in Linux, and that is what this talk is about! NAND flash chips are almost everywhere, sometimes hidden in eMMCs, sometimes they are just parallel NAND chips under the orders of your favorite NAND controller. Each NAND vendor follow its own rules. Each SoC vendor creates his preferred abstraction for interacting with these chips. Handling all of that requires some abstraction, and guess what? That is currently being enhanced in Linux! A new interface, called "exec_op" is showing up. It has been designed to match the most diverse situations. It should ease the support of advanced controllers as well as the implementation of vendor-specific NAND flash features. This talk will start with some basics about NAND memories, especially their weaknesses and how we get rid of them. It will also show how the interaction between NAND chips and NAND controllers has been standardized over the years and how it is planned to drive NAND controllers within Linux, through the abstraction of the MTD layer (Mass Technology Device) and the NAND framework. Miquèl Raynal Patch series improving the NAND framework (exec_op) Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:30 UB2.252A (Lameere) open_autonomous_vehicles O’PAVES: An open platform for autonomous vehicle tinkerers Embedded, mobile and automotive devroom O’PAVES (Open Platform for Autonomous VEhicle Systems) aims at providing an open source and open hardware platform for the prototyping and development of autonomous vehicles. In the current state of the project, what we have is a remote controlled car, but with sensors that you would find on an autonomous vehicle such as IMU and distance sensors. The goal is not necessarily to implement the autonomous feature ourselves, but to allow users to do it by either modify the firmware or add and external computer such as a Raspberry Pi or OpenMV to to add autonomous driving features. The hardware is open and was designed with FOSS tools such as Kicad and FreeCAD. It’s made of a PCB that act as the frame of the car, 3D printed parts, off the shelf parts from pololu.com (battery, motors, sensors) and and Crazyflie 2.0 nano drone. The drone (without its motors) is connected to the O’PAVES board using an extension port. This solution makes the platform easy to build because most of the very small electronic assembly is already done on the drone. The software is developed in Ada and also only uses FOSS tools like the GNAT compiler or the AdaDriversLibrary. The project is hosted on GitHub: https://github.com/adacore/opaves In this 25 minutes talk I want to present the state of the project, explain how you can build and hack the platform and show some of the tools and techniques that we used to develop the project. I will bring one of the prototype with me and at least show a video demo if not a live demo. Fabien Chouteau Hackaday project page GitHub repo of the project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:30 00:30 UB2.252A (Lameere) rapid_spi_over_usb Rapid SPI Device Driver Development over USB Embedded, mobile and automotive devroom On the quest for a cheap and easy way to connect some simple SPI devices to my laptop it was surprising to not find anything suitable available. To connect the SPI device to a Linux laptop over USB in order to develop a SPI kernel driver for it and having a rapid development and test cycle. None of the solutions to access the SPI device over libusb in userspace would work for me. I needed a SPI master controller inside the kernel to work with the variety of devices and kernel subsystems. On the quest for a cheap and easy way to connect some simple SPI devices to my laptop it was surprising to not find anything suitable available. The idea is neither new nor innovative and surely there must have been something already. Maybe the use-case was to special. To connect the SPI device to a Linux laptop over USB in order to develop a SPI kernel driver for it and having a rapid development and test cycle. None of the solutions to access the SPI device over libusb in userspace would work for me. I needed a SPI master controller in kernelspace to work with the variety of devices and kernel subsystems. After some research I settled on the MCP2210 chip. With its cheap and easy to get development boards and an out-of-tree driver as a good start. Maybe it is also something others are looking for and it is surely worth demonstrating and explaining. Stefan Schmidt Out of tree mcp2210 driver My mcp2210 development branch Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:00 01:00 UB2.252A (Lameere) state_of_the_art_uboot Implementing state-of-the-art U-Boot port, 2018 edition How to port U-Boot to a new system using best practices. Embedded, mobile and automotive devroom This presentation is a practical guide to implementing U-Boot bootloader port to a new system from scratch. At the beginning, two main pilars of contemporary U-Boot, device tree (DT) support and driver model (DM), are explained. This is followed by an in-depth look at the crucial subsystems, clock, pinmux, serial, block and a few other commonly used ones. Finally, systems with limited resources and multi-stage booting is discussed. The talk includes examples and experiences from platforms recently added to mainline U-Boot. This presentation is a practical guide to implementing U-Boot port to a new system from scratch. U-Boot is the de-facto standard bootloader for embedded systems, there is plenty of U-Boot ports, yet vast majority of those are implemented in sub-optimal way. This talk first explains the U-Boot internals, the driver model (DM) and it's interaction with device tree (DT), as understanding these is vital to understanding the implementation of core subsystems. The core subsystems are explained in detail afterward to allow developers implement drivers the intended way without hacks and workarounds. Unfortunately, not all systems have plenty of resources, but U-Boot caters for those as well. The final part of the talk discusses the U-Boot SPL, the preloader which initializes the hardware, DRAM and starts U-Boot and finer parts of this procedure, which tends to have plenty of pitfalls. Marek Vasut Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:00 01:00 UB2.252A (Lameere) image_capture_on_embedded_linux Image capture on embedded linux systems Embedded, mobile and automotive devroom Image capture is one of the most broad and complex fields of today's computing applications. Capturing and displaying images with an embedded platform poses additional challenges, introduced by the rapidly increasing complexity of dedicated hardware blocks often found on modern Systems On Chip designed for mobile and industrial computing. Using real world examples of image sensors, connection buses and processing blocks this presentation provides an overview of current industry standard technologies with an introduction to Video4Linux2 kernel framework for driver development and its userspace APIs. Image capture on Embedded Linux systems Talk outline: - light, colors, pixels From the definition of color, color encoding schemes and color spaces, the talk describes how images are sampled, digitalized and transmitted. <ul> <li>image sensors The architecture of an image sensor, what data can produce from a raw matrix of photo-optic receivers and how to control it from the connected system on chip.</li> <li>image transmission and capture SoC have nowadays very complex interfaces for receiving and elaborating images. We'll present some of them, with different technologies and provide some details on how images are stored in memory and presented to userspace.</li> <li>the Video4Linux2 framework We'll provide an introduction to a very simple and a slightly more complex architectures describing some core components of the framework and device driver bindings in device tree.</li> </ul> Jacopo Mondi Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 01:00 UB2.252A (Lameere) arm64_and_fpga ARM64 + FPGA and more: Linux on the Xilinx ZynqMP Opportunities and challenges from a powerful and complex chip Embedded, mobile and automotive devroom The Xilinx Zynq UltraScale+ MPSoC (aka ZynqMP) is a powerful and complex chip featuring 64-bit cores, 32-bit realtime cores, a large FPGA, a GPU, video codecs and dedicated power management and security units. Luca will first give a brief overview of the hardware architecture and how it differs from other SoCs. Then he will explain with technical details how Linux can fully leverage the SoC resources. FPGA and booting issues will be covered in detail, but using the hardware accelerators and software support will also be discussed. The main topics covered will be: <ul> <li>Overview of the hardware.</li> <li>Available software support from Xilinx and from the community.</li> <li>How the peculiar CPU+FPGA design effectively allows to design "your own SoC", with the technical steps to implement this with Linux.</li> <li>Why booting is nontrivial on this SoC and the currently available ways to boot Linux.</li> <li>Handling the H.264/H.265 hardware codecs.</li> <li>GPU support issues.</li> </ul> Focus will be given to how much open source technologies can be used with the ZynqMP SoCs, why this matters, and the current status of open source resources with respect to the alternatives. Luca Ceresoli Xilinx ZynqMP web page Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:00 00:50 UB2.252A (Lameere) new_gpio_interface_for_linux New GPIO interface for linux user space GPIO character device API and libgpiod Embedded, mobile and automotive devroom Since linux 4.8 the GPIO sysfs interface is deprecated. Due to its many drawbacks and bad design decisions a new user space interface has been implemented in the form of the GPIO character device which is now the preferred method of interaction with GPIOs which can't otherwise be serviced by a kernel driver. The character device brings in many new interesting features such as: polling for line events, finding GPIO chips and lines by name, changing & reading the values of multiple lines with a single ioctl (one context switch) and many more. In this presentation Bartosz will showcase the new features of the GPIO UAPI, discuss the current state of libgpiod (user space tools for using the character device) and tell you why it's beneficial to switch to the new interface. Bartosz Golaszewski Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:20 UD2.119 documentjs_to_document_a_styleguide_and_source_code Automating style guide documentation How we at Zalando Retail Dept automated our Styleguide & source code and reduced the gap for contribution Tool the Docs devroom <h2>An automated approach for documenting a styleguide and the source code</h2> <h3>Introduction</h3> This talk is about how, we at Zalando Retail Core, are tackling the problem of providing our developers a great experience when they are using our styleguide. The talk will show that in using Markdown as the documentation format, a couple of convention, documentation.js for generating Markdown from jsdocs comments and our own Styleguide web application, we were able speed up our styleguide and source code documentation and the developer experience. Additionally, without relying on any static generator project with their own convention we are now able to fully control and change the user experience of our styleguide and are owning the whole documentation tool chain. <h2>An automated approach for documenting a styleguide and the source code</h2> <h3>Introduction</h3> This talk is about how, we at Zalando Retail Core, are tackling the problem of providing our developers a great experience when they are using our styleguide. The talk will show that in using Markdown as the documentation format, a couple of convention, documentation.js for generating Markdown from jsdocs comments and our own Styleguide web application, we were able speed up our styleguide and source code documentation and the developer experience. Additionally, without relying on any static generator project with their own convention we are now able to fully control and change the user experience of our styleguide and are owning the whole documentation tool chain. <h3>Details</h3> As part of the talk , I want to show attendees: <ul> <li>The benefit of using Markdown as a shared data object for documenting</li> <li>tightly Coupling documentation of our to the repository and the domain instead of separating it into different projects. Documentation for React components is part of their JSDocs, a dedicated docs/ folder for creating high level description (How to use it the component vs. it's internal methods and API).</li> <li>How relying on Markdown helped us reduce the maintenance cost as we were able to involve also our UX designers -> shared ownership thanks</li> <li>How having full control on behaviour of the styleguide web application helped us to develop our own design and implement it as a normal web application rather then providing templates an understanding API's of existing static site generators.</li> <li>We take our documentation serious and therefore any PR needs to update the documentation (if necessary) -> PR templates are really helpful here.</li> <li>Using a CI solution helped us also to automatically build generate and test our markdown files, check if our styleguide application is working with these new applications (regression testing of our app)</li> </ul> The talk will be about our decision process and our current workflow in generating up-to-date documentation as part of the development process. Ferit Topcu Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:25 00:30 UD2.119 docbook_documentation_at_suse DocBook Documentation at SUSE Automatically Ensuring Quality of SUSE Documentation Tool the Docs devroom In the SUSE documentation team, we have been using DocBook XML for years. But then, even with all our experience and the strictness of XML, we still make mistakes. So we have been adding QA tools to our tool belt which we are presenting in this talk: <ul> <li>The SUSE Documentation Style Checker which we use to check for consistent terminology, writing style, correct spelling, "soft" XML rules that don't fit the DTD, and gotchas</li> <li>Travis, the CI tool which you probably know and hopefully love and which we use to make sure our documentation validates when it enters our Git repo</li> <li>dapscompare which we use during the development of our layout stylesheets to check for unintended consequences and for issues with tool dependencies</li> </ul> Using these tools helps us ensure good formal quality, so that human reviewers can focus on the content. It also helps with make translation efficient. Stefan Knorr Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:20 UD2.119 test_api_docs_with_dredd Test your API docs! It's tested or it's broken Tool the Docs devroom Today many API docs are driven by API description formats, such as Swagger/OpenAPI, API Blueprint, and so on. I'm working on an Open Source tool (Dredd), which takes verifies whether the implementation is according to the description. This enables a whole new workflow to API designers - they can design before implementing, and then ensure the implementation is in sync with the design. Honza Javorek Dredd Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:25 00:30 UD2.119 docs_like_code_in_drupal Docs like code in Drupal Introducing Open DevPortal, an open source CMS based documentation tool Tool the Docs devroom When documenting software it makes sense to treat your docs like code. Doing so allows documentarians to collaborate much easier with developers. While most teams have chosen for static site generators to implement this methodology, we identified a number of use cases where it would make much more sense to use a CMS based system. In this talk I explain why, and introduce a new open source project, based on Drupal, that can import Markdown and Open API specifications. What is docs like code When to use a CMS for your docs How we built a markdown and Open API importer in Drupal -current features Auto filling tags Validation CI/CD to submit -difficulties -future plans Use cases -Developer portals -Enabling upstream contributions in distribution docs Kitti Radovics Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:00 00:30 UD2.119 automating_documentation_with_sphinx_extensions A lion, a head, and a dash of YAML Extending Sphinx to automate your documentation Tool the Docs devroom The Sphinx documentation tool provides tremendous extensibility and theming options; options which are massively underutilized. We demonstrate how you can go about writing your own extensions and themes for Sphinx and ultimately how you treat your docs like code. If you work in open source, then it's increasingly likely that you've come across the Sphinx documentation tool. Originally written by and for the Python community, the past few years have seen an increasingly rapid adoption by non-Python projects. Recent adopters of Sphinx include the Linux kernel, Open vSwitch and the Dataplane Development Kit (DPDK), while other projects such as QEMU are preparing plans to migrate. Meanwhile, the Python ecosystem itself has only grown in strength and communities such as OpenStack have adopted the tool and have made extensive use of it. Unfortunately, despite the widespread adoption and existence of multiple extensions, Sphinx is not always a very well understood tool. Extensions provide a pathway to greater functionality, for example, automatically generating documentation or generating docs in different output formats. Themes, meanwhile, provide a way to give a consistent, project-focused feel to your docs. The OpenStack community makes significant use of these extensibility features, which allow us to solve a number of problems in an automated manner. <ul> <li>How can I avoid documenting a command line application twice: once in code and once in my docs?</li> <li>How can I take a large dataset and automatically convert this into multiple human-readable documents?</li> <li>How can I move documents about without breaking links?</li> <li>How can I automatically spell-check my documents?</li> <li>How can I style my docs to match my project website?</li> </ul> Through this talk we will demonstrate how each of the above problems, and how many more, can be solved in an easy and automated manner through the power of Sphinx extensions and themes. We also demonstrate how you can share your extensions and themes with the world, if you're so inclined Stephen Finucane Sphinx Homepage Sphinx Git Repo Sphinx Contrib Organization Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:35 00:25 UD2.119 mallard_pintail_and_other_duck_topics Mallard, Pintail, and other duck topics topic-oriented help at the GNOME project Tool the Docs devroom Mallard completely reinvented topic-oriented help for GNOME. Learn about Mallard's unique topic organization system. Discover Ducktype, a lightweight but semantic format with all the power of Mallard. And witness Pintail, the all-in-one one documentation site builder built from the ecosystem of Mallard tools. Shaun McCance Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:05 00:25 UD2.119 finding_a_home_for_docs Finding a home for docs How to choose the right "path" for documentation in open source projects Tool the Docs devroom Where docs are stored can impact open source projects in a variety of ways. This talk will present some options, considerations, and guidelines for making an informed decision when choosing a path for docs in current and future projects. Deciding where to store documentation, particularly for open source projects, can raise a number of questions. Do users or contributors need to read the docs offline? Do you keep a docs record for older versions, and if so, how and where do you store them, and how do you handle new releases? Is there a point where documentation content, versioning, style, and assets become too unweildy to store with code? As a documentarian working on a number of open source projects, as well as providing site deployment support to even more, I’ve seen and tried a variety of strategies to answer these questions. I’ll share a handful of successful approaches, how they came about, and the pros and cons of each. Audience members will leave with guidelines for choosing the best “path” for docs in current and future open source projects. This talk will look at process-type aspects (like considerations for reducing contributor friction), and the OSS tooling that can help address some of these considerations. All of it is in the context of documenting and working with open source projects. As an example, you might decide that the actual docs website (generated with an open source site generator) is too bulky to store in the code repo (impacting clone times for new contributors). On the other hand, you might want to keep the text content of the docs in the code repo, because they can be accessed offline after cloning, and code-updating PRs can easily include corresponding docs updates. One option for handling this dual-repo setup is an open source tool called Markdown Magic, which can run during the site generator build, and pull marked content from code comments or markdown files in the main repo. I've actually used this setup myself, and can speak from experience about some of the conveniences, inconveniences, and gotchas to watch out for when using that tool/strategy. Jessica Parsons Video recording (mp4) Video recording (WebM/VP9) Slides Submit feedback 12:40 00:25 UD2.119 code_babelfish_a_universal_code_parser_for_source_code_analysis Babelfish: a universal code parser for source code analysis Source Code Analysis devroom As the amount of written code increases exponentially, better and more scaling source code analysis tools are required. Babelfish offers a foundation on which these tools can be built. Babelfish aims to be a universal code parser that scales. Native parsers provided by each language ecosystem are used to get a native AST. This AST is then converted to a language-independent format that includes universal annotations for language features, which allows both a generic language-independent analysis and a more detailed language-specific analysis. Language drivers are built on top of containers to allow easy deployment of many different languages in a generic way. An SDK is provided to develop these drivers, providing the annotation language, conversion tools, etc. A server is in charge of handling the different drivers, language detection, scaling the number of running instances, etc. Finally, libraries and clients for different languages are provided to give language analysts the needed foundation to be able to write the code analysis tools they want. In this talk, we want to explain in more detail the architecture and components of Babelfish to reach both language analysists interested in building tools on top of it and potential contributors to the project. Francesc Campoy Babelfish documentation Github project organization Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:10 00:25 UD2.119 code_migrating_code_with_smacc Migrating code with SmaCC Source Code Analysis devroom SmaCC is a LALR/GLR parser generation framework written in Smalltalk. It has support for creating abstract syntax trees (ASTs) and source code transformations. Several software projects have been migrated to other languages using SmaCC. Many companies have large software projects that have been developed over decades. Many times these projects use older technologies that may not support newer features that are wanted, and it may be difficult to hire resources that want to work with the older technologies. To solve these issues, sometimes companies decide to use a rules-based migration to convert their code base to a new language. Over the past 20 years, I have worked on several such migration projects and have developed SmaCC for such projects. Creating a rules-based migrator is similar to normal software development. Instead of creating classes and methods, you create transformation rules. A typical migration project may need hundreds if not thousands of transformation rules. SmaCC supports both imperative, code-based, transformations as well as declarative, pattern-based, transformations. While an individual rule may be simple and easy to implement, there can be interactions between the rules that cause problems when running in a group. SmaCC provides support for debugging the rules. It has a custom debugger that knows about AST nodes and transformation rules, as well as a previewer that shows what rule changed a particular piece of code. Together all of these SmaCC features, from the AST generation to the custom debug support, allow me to more quickly migrate projects. John Brant Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:40 00:25 UD2.119 code_moldable_analysis_with_moose Moldable analysis with Moose Source Code Analysis devroom Software systems are widely diverse. Each has its unique structure, stakeholders and requirements. Given this reality, often successfully extracting valuable insights from a software system requires software analyses tailored to the context of that system. This is the main goal of Moose, an open-source platform for software and data analysis: empower programmers to craft custom analyses cheaply. Instead of providing predefined tools, Moose focuses on moldable tools that enable programmers to create their own analyses. We can measure the cost of a custom analysis in terms of minutes, instead of days. This demo will show ways in which Moose can enable custom analyses. For example, we'll look into extracting dependencies between components in Angular and investigate the usage of deprecated classes in Java. Andrei Chis The Moose platform Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:25 UD2.119 code_reviving_the_meta_compiler_dream Langkit: source code analyzers for the masses Reviving the meta-compiler dream Source Code Analysis devroom Langkit is a framework that aims to make it easy to create a source code analyzer for a language, by specifying its syntax and high level semantics in a domain specific language, and compiling this specification to a library that clients can use to implement any tool that needs syntactic and information about source code for that language. Modern programming environments are heavily multi-languages. Where programmers had to use one or two languages at most, most developpers today have to juggle with an order of magnitude more languages. But people are still using pretty basic text editors and tools, with very little source awareness. Libraries for automated source code analysis are still pretty scarce. Solutions for analysis of incorrect code are still often ad-hoc and proprietary, and every language implementor has to re-invent the wheel several times. Langkit is a framework that aims to change that to some extent, making it easy to specify your language's syntax and high level semantics in a domain specific language, and compiling this specification to a library that clients can use to implement any tool that needs syntactic and information about source code for that language. Generated engines support out of the box includes: Ada, C, and Python APIs for the engine, support for embedding into long lived applications, high performance parsing. Also, since Langkit knows a lot about your language, it can be used to auto-generate, or ease the generation of: <ul> <li>Source code unparsers (pretty-printers)</li> <li>Source code highlighters</li> <li>Auto completion servers</li> <li>Language servers (implementing for example the Microsoft Language Server Protocol)</li> <li>Static analyzers</li> </ul> This talk will go over the Langkit architecture, what is doable with Langkit, and the design choices and compromises that have been made. Raphaël Amiard Pierre-Marie De Rodat Link to Langkit's sources Link to Libadalang, main lib using langkit Link to Langkit's tutorial Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:40 00:20 UD2.119 code_finding_inter_procedural_bugs_at_scale_with_infer_static_analyzer Finding inter-procedural bugs at scale with Infer static analyzer Source Code Analysis devroom Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer has been successfully deployed at Facebook, where it identifies hundreds of potential bugs per month in mobile apps and backend code. This talk will present Infer, and how it can be used to help developers move fast and with more confidence. Jules Villard Infer website Infer on GitHub Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:05 00:20 UD2.119 code_tree_sitter Tree-sitter A new parsing system for programming tools Source Code Analysis devroom Developer tools that support multiple languages generally have very limited regex-based code-analysis capabilities. Tree-sitter is a new parsing system that aims to change this paradigm. We're in the process of integrating Tree-sitter into both GitHub.com and Atom, which will allow us to analyze code accurately and in real-time, paving the way for better syntax highlighting, code navigation, and refactoring support. We'll demo some new features that Tree-sitter has enabled in GitHub.com and Atom, discuss its implementation, and share thoughts on ways it could be used in the future. Max Brunsfeld The core library that we'll discuss - Tree-sitter The Go parser for Tree-sitter Node.js bindings for Tree-sitter Haskell bindings for Tree-sitter Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:20 UD2.119 code_parsing_posix_s_hell Parsing Posix [S]hell Yann Regis-Gianas Source Code Analysis devroom Parsing the POSIX shell language is challenging: lexical analysis depends on the parsing context ; parsing is specified by an ambiguous BNF grammar annotated with adhoc rules ; the language specification is informal... and, the icing on the cake: statically parsing a shell script is actually undecidable! Forget about your textbooks! Existing implementations of shell interpreters contain hand-crafted character-level non-modular syntactic analyzers and yes, their source code are very hard to read. What if you had to program the parser of a shell script verifier? Would you accept to throw away your favorite lexer and parser generators which had let you write high-level declarative implementations for decades? Would you accept to mix lexing, parsing and evaluation in a single large bowl of spaghetti code? Of course not. You would hardly trust such a parser. In this talk, we will introduce "Morbig", a modular, high-level and interoperable parser for POSIX shell. The implementation of Morbig relies on key features of Menhir, an LR(1) parser generator for OCaml. Yann Regis-Gianas Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:55 00:20 UD2.119 code_how_to_generate_transform_analyze_refactor_java_code JavaParser: where should we head? How to generate, transform, analyze, refactor Java code Source Code Analysis devroom As developers we provide great tools to automatize the tasks done by others but we still do most of our work manually. We have the possibility to taste our own medicine and build tools to process code. We could do that for generating reports, verifying code quality, or even migrating code. For example, we could build tools to adapt the code to use a new version of a certain library. We can do all of this using JavaParser and JavaSymbolSolver, two open-source libraries. As a core committer of JavaParser and the maintainer of JavaSymbolSolver I would love to have a chance to present the work that me and the other contributors have done in the last few years. The talk would provide an overview of what is possible to achieve using these libraries. We hope we can get new ideas and directions from the community to further improve these libraries. If you want to find out more about JavaParser we are writing a short book on this, which is available for free here: https://leanpub.com/javaparservisited Federico Tomassetti Book on JavaParser The project website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:20 00:20 UD2.119 code_graph_based_analysis_of_javascript_repositories Graph-based analysis of JavaScript repositories Incremental static analysis of JavaScript source code defined by declarative queries Source Code Analysis devroom Analyzing full JavaScript projects in real-time is hard. Writing maintainable and scalable tools is even harder. We'd like to provide instant feedback to the developers and our project presents a working prototype. The uniqueness of such a general framework consists of two rules: <ul> <li>make the analysis incremental: do not run the full check on every commit, but on the changed and affected parts we achieve incremental evaluation based on the <a href="http://docs.inf.mit.bme.hu/ingraph/">ingraph engine</a></li> <li>use declarative queries: the common visitor-collector pattern results in bad developer experience, complex plugins/plugin system and huge maintenance overhead as the project grows we use <a href="https://www.opencypher.org/">openCypher</a> to query the AST and ASG, this keeps the analysis rules as simple as possible</li> </ul> Our tool parses the JS input with <a href="http://shift-ast.org/">Shift Java</a>, feeds the AST and ASG to Ingraph and upon a code change it evaluates the predefined queries. Developers working on a project usually change only one or two JS modules from the hundreds. While the static analysis query is defined to run through the whole project, ingraph ensures only the affected nodes are queried - the execution remains instant even with tens of millions of nodes. Adam Lippai Submit feedback 16:45 00:10 UD2.119 code_diy_java_static_analysis DIY Java Static Analysis Presenting the internals of SonarJava : a static analyzer for Java written in Java Source Code Analysis devroom How can you build a static analyzer from scratch in Java for Java ? Let's go through different tools useful for this purpose : Syntax, Semantic and Symbolic Execution and find bugs without executing the code ! The talk is a dive into the internals of SonarJava, an open source static analyzer for SonarQube. The aim of the talk is to explain how we stack up different technology and tools (around compiler frontend) to build up rules to detect all kind of code smells issues but also some more advanced bugs like resource leaks and null pointer exceptions. Come discover how static analysis is a way to do this by discovering the internals of the Java Analyzer of SonarQube. What are the difficulties to understand the Java Language ? How you can leverage what has been openly achieved with SonarJava and what are the next steps in terms of java static analysis to discover even trickier bugs in your code. Nicolas Peru Github SonarJava Source SonarJava website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:05 UD2.120 (Chavanne) containers_welcome Welcome Introduction to the containers devroom Containers devroom Introduction to the containers devroom. Stéphane Graber Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:10 00:20 UD2.120 (Chavanne) containers_scientific The State of Containers in Scientific Computing Containers devroom Containers are gaining significant traction as a means of deploying and distributing software in the scientific computing space. With a plethora of solutions to choose from, this talk will go into why there is a tendency for custom container runtimes in this area of computing. We will discuss portability, performance, security and ease of use, as well as direct hardware access as driving factors. As new processor architectures and specialized hardware for machine learning emerge, some of those factors will affect larger parts of the container community. This talk will give an overview of (some of) the currently available container solutions and how they enable scientists to move their software stacks between machines and work in a reproducible way. The technical challenges and implementations of interfacing with the host system for access to hardware and highly optimized system libraries will be presented. Experiences of running containers on thousands of nodes at NERSC will be shared, which includes the good and the bad parts. The drawbacks of running portable but unoptimized code inside of containers and how that can have a profound impact on the performance of production workloads and what a solution for that could look like, will be addressed. Wrapping up I'd like to show how some of the work done in the scientific space can benefit the broader community and facilitate discussion about that. Georg Rath NERSC Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:35 00:20 UD2.120 (Chavanne) containers_automated_deployments Automated Linux Containers deployment for fun and profit. How we deploy system containers for our developers development environments. Containers devroom How we use LXD, Puppet, Jenkins, Bash and PyLXD to create system containers for our developers development environments in Emesa. For the past year we have been migrating all of our production servers running on bare-metal to system containers based on LXC/LXD as well as our production application from CentOS to Ubuntu. Although we are already using containers for most of our systems, our production environment is still not quite there yet. We have decided to start already the process of automating the deployment of our development environment, moving from a single shared development environment to a multitude of system containers, where developers have root access to their own containers making use of the flexibility, simplicity and security features provided by LXC and LXD. In this presentation I will explain how we are using Jenkins/Bash/PyLXD for developers to create containers with a single click via Jenkins to a cluster of LXD servers and Puppet/Hiera/Bash to provision the containers after they are launched successfully in the LXD cluster. If time allows it I will also show a quick demo of a container being created on our development environment. David Negreira Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:00 00:25 UD2.120 (Chavanne) containers_desktop You want a Clean Desktop OS? Containerize it Containers devroom Containers are all the rage, alongside cloud and DevOps. Sometimes they also induce rage. In this talk, we will take a look at using Fedora Atomic on your desktop, when it makes sense, and what the potential benefits vs drawbacks of having a container-based OS on your desktop are for you as a developer. You will learn: <ul> <li>what Atomic Host is</li> <li>how it compares to CoreOS</li> <li>that you can use container-based OS on your desktop machine as well</li> <li>if and why that makes sense from a developer's perspective</li> <li>how to do it effectively</li> </ul> The talk is beginner-friendly, but some existing knowledge of containers is advised. Sanja Bonic Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:30 UD2.120 (Chavanne) containers_lsm Making Linux Security Modules available to Containers Stacking and Namespacing the LSM Containers devroom Containers would like to be able to make use of Linux Security Modules (LSMs), from providing more complete system virtualization to improving container confinement. To date containers access to the LSM has been limited but there has been work to change the situation. This presentation will discuss the current state of LSM stacking and namespacing. The work being done on various security modules to support namespacing, the infrastructure work being done to improve the LSM, an examination of the remaining problems, and provide a demo of a container leveraging LSM stacking so that the host is using a different security module than that of the container. John Johansen Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:05 00:20 UD2.120 (Chavanne) containers_build_oci How to build and run OCI containers A shallow dive on the OCI container configuration and an overview of the available tools Containers devroom In this talk you can expect to learn what OCI containers are, how to build them and why you may want them. The first part will be a brief introduction to OCI containers followed by the motivation behind our use-case at the OpenStack/Magnum project and the Container Service at CERN. How we leverage OCI containers and why we chose them to offer container infrastructure to our users, meaning running kubernetes, etcd, flanneld, OpenStack-specific daemons, CERN-specific tools, the docker daemon and cri-o. The second part will be a shallow dive on how to run and build OCI containers from scratch and most importantly how to populate the famous config.json file, the heart of the OCI configuration. This part will include examples on how to use docker, runc, rkt, atomic and buildah. Spyros Trigazis OpenStack/Magnum Docs Containers on the CERN Cloud Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:30 00:20 UD2.120 (Chavanne) containers_rkt_kubernetes State of the rkt container runtime and its Kubernetes integration A look at the progress of rkt and rktlet, the Kubernetes CRI implementation of rkt Containers devroom This presentation will give an update on the rkt project, what new features were implemented recently and what’s coming up. It will also give an update on the state of the rkt implementation of the Kubernetes Container Runtime Interface (CRI), rktlet. rkt is a modern container runtime, built for security, efficiency, and composability. It is one of the container runtimes supported by Kubernetes. But the current implementation (“rktnetes”), is an in-tree implementation and doesn’t support the Container Runtime Interface (CRI), which is an interface created to provide a well defined method for adding support for additional container runtimes to Kubernetes. rkt's work-in-progress CRI implementation is called rktlet. This presentation will give an update on the rkt project, what new features were implemented recently and what’s coming up. It will then give an update on the state of rktlet: conformance progress, which features are missing, and what workarounds should be removed before it becomes a complete implementation of the CRI. Iago Lopez Galeiras Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:55 00:10 UD2.120 (Chavanne) containers_physical_migration Turning physical systems into containers Migrating to system containers Containers devroom System containers such as those that LXD can run are effectively Linux systems but without a Linux kernel. So wouldn't it be nice to just be able to take an existing physical system or virtual machine and transfer it over the network to a LXD host, then boot it as a container without needing any manual transfer process? This is what I'll be demoing in this short talk, using a small piece of software that uses the LXD migration API to stream a system over the network to a remote LXD server, turning it into a container. Stéphane Graber Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:10 00:40 UD2.120 (Chavanne) containers_landlock File access-control per container with Landlock Containers devroom Linux has multiple access-control systems, including SELinux, AppArmor, Smack or Tomoyo, that can enforce a security policy. However, it may be challenging to create and maintain such a policy per container. Moreover, a dynamically configured and unprivileged access control may better fit to container needs. In this talk, we present a Linux Security Module (LSM) proposal called Landlock, leveraging eBPF to create flexible access-control rules. Landlock can be used as a new security layer, composing with namespaces, cgroups, seccomp and other LSMs, to sandbox applications and containers. We highlight the last Landlock patchset (v8) which brings a new way to restrict access to files. Mickaël Salaün Landlock website Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:55 00:20 UD2.120 (Chavanne) containers_lxd_clustering Introduction to LXD clustering Multi-node deployments with one big virtual LXD Containers devroom This demo introduces the new LXD clustering feature and show how to scale a single-node deployment to a fault-tolerant multi-node one, sharing information about containers, storage pools and networks in the same database. Free Ekanayaka Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:20 00:20 UD2.120 (Chavanne) containers_containerd containerd 1.0 Project Update the how, why, brief history of containerd, and its use today as a core container runtime Containers devroom Containerd, a minimal container runtime created out of the original Docker engine, has now been a Cloud Native Computing Foundation (CNCF) member project since March 2017. Intended for use not just by the Docker engine as a lower layer container runtime and management layer above an OCI compliant executor, the expectation is that Kubernetes will use containerd as well as other projects that need a straightforward, embeddable container runtime without vendor control or opinionated behavior. This project update will overview how we arrived at a "containerd 1.0" feature complete state from the original containerd implementation, and how it is being embedded and used in various projects like "cri-containerd" for Kubernetes and the recent Docker engine releases. We'll also look at the ease with which containerd can be embedded via its client library to offer container lifecycle management to any broader application. Containerd, a minimal container runtime created out of the original Docker engine, has now been a Cloud Native Computing Foundation (CNCF) member project since March 2017. Intended for use not just by the Docker engine as a lower layer container runtime and management layer above an OCI compliant executor, the expectation is that Kubernetes will use containerd as well as other projects that need a straightforward, embeddable container runtime without vendor control or opinionated behavior. This project update will overview how we arrived at a "containerd 1.0" feature complete state from the original containerd implementation, and how it is being embedded and used in various projects like "cri-containerd" for Kubernetes and the recent Docker engine releases. We'll also look at the ease with which containerd can be embedded via its client library to offer container lifecycle management to any broader application. Phil Estes Containerd website containerd GitHub project Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:45 00:20 UD2.120 (Chavanne) containers_lttng LTTng: The road to container awareness Kernel and userspace tracing in a containerized world Containers devroom The LTTng kernel and user-space tracer were designed for traditional Linux hosts but can also be used in a container environment. While we currently lack high-level functions and integration with container technologies, the raw data can be gathered and analysed by the seasoned lttng user. This talk will detail what is currently available, what we would like to add and hopefully what the community would expect from a container aware version of LTTng. These are the majors topics that will be covered : <ul> <li>LTTng kernel tracer <ul> <li>Namespace contexts</li> <li>Namespaces in the statedump</li> </ul> </li> <li>LTTng UST userspace tracer <ul> <li>Running the session daemon on the host or in the containers</li> <li>Adding namespace contexts</li> <li>Trace correlation between host and containers</li> </ul> </li> <li>LTTng analyses, python analysis scripts <ul> <li>Adding container awareness to current analyses</li> <li>Containers specific analyses</li> </ul> </li> </ul> Michael Jeanson LTTng LTTng Github Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:10 00:25 UD2.120 (Chavanne) containers_kubernetes_security Kubernetes Security Best Practices Containers devroom Containers give developers the ability to isolate applications from one another, but that’s not enough. Resource isolation is much different that security isolation. How do we make applications deployed in containers more secure? How do we apply existing tools like SELinux and AppArmor, and seccomp to our containers running in Kubernetes? How can we apply policy to our network and services to make sure applications only have access to what they need and nothing more? Kubernetes provides the ability to secure containers, and secure access to the API. But it also has a flexible enough architecture to allow for applying network and service policy to various pods and services. In this talk we will learn about the risks and attack surfaces and how to use tools like SELinux, AppArmor and seccomp to improve the security of containers deployed in Kubernetes. We’ll then go up the stack and learn how to apply network policy to containers to further improve security. Finally we will look at the Istio service mesh and how we can add authentication, mutual TLS, and access policies to whole services greatly reducing application attack surfaces. Ian Lewis Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:40 00:20 UD2.120 (Chavanne) containers_syscall_forwarding Forwarding system calls to userspace Using Seccomp to intercept system calls and forwarding them to a handler in userspace Containers devroom In this talk, I will describe SECCOMPUSERNOTIF, a new seccomp return type under development to forward syscalls to another userspace daemon. This would allow container engines to transparently hook syscalls like mount or modprobe, enabling applications inside containers to use these syscalls without modification. Tycho Andersen Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:05 00:20 UD2.120 (Chavanne) containers_casync Exploring container image distribution with casync Experiments with the Content-Addressable Data Synchronization Tool Containers devroom Container engines like Docker and rkt download container images containing applications to be executed. With Kubernetes – a container orchestration system – updates to a new version of an application can be propagated on the nodes automatically. When the new version has only a few changes compared to the previous versions, this results in downloading the same content again, wasting network bandwidth. With casync – a content-addressable data synchronization tool – we could do better. I’ll start by introducing the current container image distribution mechanisms used in the Docker Registry and in the App Container Image Discovery protocol. I’ll quickly mention other ideas around saving network bandwidth, like bittorrent in quay.io. Then, I'll present my experiments with casync (Content-Addressable Data Synchronization Tool) and show how much the network usage can be reduced in a Kubernetes cluster. Alban Crequy casync Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:30 00:20 UD2.120 (Chavanne) containers_optimized_migration Optimized container live-migration Incremental live-migration of LXD system containers with CRIU Containers devroom LXD has supported container migration between hosts for a long time. Recently we have not just implemented optimized transfers of container storage for non-live migration and live migration but also optimized transfers of the container's memory state for the live migration case. This talk will give an overview how live and non-live migration works and what was done to tweak performance. The LXD daemon supports container migration. It supports non-live migration in which case the container's filesystem will be transferred in an optimized way. In addition to non-live migration LXD has been supporting live migration of containers. This means that volatile process information associated with a given container is migrated in addition to the filesystem. Part of this volatile information is the container's memory state at a given point in time. A container can either be live-migrated by dumping the memory state to disk once and transferring it or by performing a series of memory dumps that aim to minimize the delta between each consecutive dump in order to guarantee an optimized and more reliable way of transferring the container's memory state. This is achieved by making use of CRIU's pre-dump features. This talk will outline the steps that were taken to optimize filesystem and memory transfer when migrating container's between hosts. Christian Brauner Adrian Reber Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:55 00:25 UD2.120 (Chavanne) containers_workload_security Everything you need to know about containers security Linux Containers and Docker security solutions Containers devroom Security is important but not everyone cares about it until something bad happens. In this talk, I’ll speak about main tips for integrating Security into Containers.I will share my knowledge and experience and help people learn to focus more on Containers Security. In this talk I will review the state of the art of application security practices and talk about best security practices to create more secure containers. And we look at organizational, process, and technology innovations to secure applications in ways that incorporate, but go beyond, testing for vulnerabilities, by looking at what developers can do before checking in code and what application security looks like in production. These could be the main talking points: -How to Integrate security into iteration and pipeline application development. Integrating security into the iteration and pipeline application development involves automating as many security tests as possible so that they run all other automated tests. These tests should be performed on every code commit, and even in the earliest stages of a software project. -How to integrate preventive security controls into shared source code repositories and shared services. Shared source code repositories allows anyone to discover and reuse the collective knowledge of the organization, not only for code, but also for toolchains, deployment pipeline and security. Security information should include mechanisms or tools for safeguarding applications and environments, such as specifc libraries for security support. Also, is important putting security artifacts into the version control system that Containers use for detecting vulnerablities in specific third party libraries. -How to secure your development environments. Is important ensure that all environments minimize security risk. This involves generating automated tests to ensure that all appropriate settings have been correctly applied for configuration hardening, database security, key lengths, and so on. It also involves using tests to scan environments using security vulnerablities scanner.I will show the main tools for detecting vulnerabilities within container images. José Manuel Ortega LXC Security Docker Security Anchore cloud.Discover, Analyze, and Certify Container Images Docker bench Security Python Docker client Lynis security auditing tool Seccomp for docker Apparmor for docker Secrets in docker swarm Security best practices Docker security tools 5 Tips for Securing Docker Containers for Early Adopters Video recording (mp4) Video recording (WebM/VP9) Submit feedback 16:25 00:20 UD2.120 (Chavanne) containers_containing_memory Containing container memory Snapshots and live migration with CRIU Containers devroom This talk is about how CRIU deals with application memory during container checkpoint, restore and live migration. We present techniques we use to create exact snapshot of a process memory layout during checkpoint and then how we recreate that exact layout at the time of restore. We present optimizations for reducing the snapshots footprint and for making container live migration livelier. Mike Rapoport CRIU wiki http://man7.org/linux/man-pages/man2/userfaultfd.2.html Video recording (mp4) Video recording (WebM/VP9) Submit feedback 09:00 00:45 UD2.218A vai_k8s_cinder Black Blocks: Kubernetes, meet OpenStack Cinder Virtualization and IaaS devroom As kubernetes clusters take on more workloads, the need for persistent storage has only increased. Users want to connect more storage devices and use them efficiently. Cinder has been solving this use case in Openstack for a long time and can be integrated with any kubernetes cluster regardless of its cloud provider. By deploying a standalone cinder service and a new external provisioner to a cluster, pods can access almost any volume that cinder is able to provision. Complex operations such as cloning, snapshots, and migration become services of the cluster. This presentation will describe and demonstrate a cinder external provisioner, enumerate its advantages, discuss challenges especially around deployment, and propose collaboration opportunities between Openstack and kubernetes. Adam Litke Upstream project Slides Submit feedback 09:45 00:45 UD2.218A vai_dragonflow_ecosystem Dragonflow - An open network services ecosystem Virtualization and IaaS devroom Managing cloud networking using SDN gives cloud providers unprecedented control over their network. With a wave of their hand, bits can flow in any way, form, and manner. We’d like to leverage this newfound magic to support a multitude of new services. Enter Dragonflow. Dragonflow is a fully distributed SDN controller, responsible for first-to-market features such as distributed SNAT and distributed DHCP. It is completely open-source and is an official Openstack project. It supports many networking services such as L2, routing, DHCP, security groups, and trunk ports. Additionally, it supports container networking through strong collaboration with the Kuryr project. One of Dragonflow’s strongest points is that it’s extensible. Plugging in new services and getting them to work together is incredibly easy. In this talk we will discuss Dragonflow as an open platform for network applications, and the ecosystem of these services. Dima Kuznetsov Video recording (mp4) Video recording (WebM/VP9) Submit feedback 10:30 00:45 UD2.218A vai_qemu_live_dev_operations Live Block Device Operations in QEMU Virtualization and IaaS devroom QEMU is an open source machine emulator and virtualizer when used in combination with hypervisors such as Xen or KVM, the Linux Kernel-based Virtual Machine. This talk will focus on QEMU's Block Layer, and in particular it will examine the four main types of (potentially long-running) live block operations: 'stream', 'commit', 'mirror', and 'backup' in detail. After setting some context, we will see what they are, where they're used, and how they can be invoked via the QMP (QEMU Machine Protocol) interface or the libvirt API. We will also see how these can be combined with other QEMU features like its built-in Network Block Device (NBD) server or the "Dirty Bitmaps" infrastructure to provide neat solutions like live migration with non-shared storage, incremental backups, and so forth. Why should you care? The QEMU Block Layer is the bedrock of modern storage virtualization features that we now take for granted -- a robust QCOW2 file format, point-in-time snapshots, advanced disk configuration, complex image backing chains, and much more. Although some of these features are accessible via the libvirt API or high-level management software like OpenStack, it is instructive to look under the hood. Audience: This session is geared towards anyone using or developing open source virtualization software, specifically in the KVM, Xen, QEMU and libvirt ecosystem. The talk will be set in context such that operators of higher-level software such as OpenStack might also gain an appreciation for the details. Kashyap Chamarthy Video recording (mp4) Video recording (WebM/VP9) Submit feedback 11:15 00:45 UD2.218A vai_k8s_vm_load_balancing Kubernetes load balancing for virtual machines (Pods) Virtualization and IaaS devroom Due to the fact that a Kubernetes cluster is very dynamic and its state changes over time, its initial scheduling decision might turn out to be a sub-optimal one with respect to the cluster's ever-changing state. This brings us to the need of a load balancing/rescheduling mechanism that will work on top of Kubernetes. KubeVirt is a virtual machine management add-on for Kubernetes, which aims to provide a common ground for virtualization solutions on top of Kubernetes. Scheduling in Kubernetes is the process of binding pending pods to nodes and is performed by a component of Kubernetes called the kube-scheduler. Once a pod is bound to a node, it will remain there until it shuts down, but what about the cluster’s dynamic state? ,How will we handle virtual machines running on pods in light of cluster workload changes? In this talk we will cover the following topics: <ul> <li>The need for load balancing in the context of KubeVirt (and VM migration concept)</li> <li>Review an existing Kubernetes incubator project - Descheduler, that tackles this need for containers</li> <li>How a dry-run functionality for kubernetes scheduler will benefit load balancing and other scenarios (and how it might be done)</li> <li>Present an optional algorithm for load balancing using dry-run scheduling</li> </ul> Yanir Quinn Kubernetes - Load balancing for virtual machines Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:00 00:45 UD2.218A vai_device_assignment_k8s Device Assignment for VMs in Kubernetes Virtualization and IaaS devroom Assigning a host device to a VM is commonly supported task by virtualization management software. Because of performance requirements of modern workloads, the same could be said for container orchestration tools. But it is not the same assignment - as VM and containers have varying degree of isolation, it is done at different system layers. How could we bring device assignment to infrastructure that handles both VMs and containers, such as KubeVirt? The talk aims to * introduce KubeVirt, a Kubernetes add-on to manage virtual machines, * give overview of device assignment in Kubernetes and in VM management software oVirt, * present an idea of combining these two. Martin Polednik Video recording (mp4) Video recording (WebM/VP9) Submit feedback 12:45 00:45 UD2.218A vai_ovirt_recovery Automate oVirt Disaster Recovery Solution With Ansible See How Ansible Makes oVirt Recovery A Piece Of Cake Virtualization and IaaS devroom Even the best system administrator cannot always avoid any and every disaster that may plague his data center, but he should have a contingency plan to recover from one - and an administrator that manages his virtual data centers with oVirt is of course no different. This session will showcase how Ansible can be used to leverage the new APIs introduced in oVirt 4.2 to create a fully-fledged DR strategy. Even the best system administrator cannot always avoid any and every disaster that may plague his data center, but he should have a contingency plan to recover from one - and an administrator that manages his virtual data centers with oVirt is of course no different. This session will showcase how Ansible can be used to leverage the new APIs introduced in oVirt 4.2 to create a fully-fledged DR strategy. Agenda: <ul> <li>Introduction to oVirt Storage Architecture</li> <li>Why do we need Disaster Recovery?</li> <li>How Disaster Recovery was supported before oVirt 4.2</li> <li>Integrate Ansible with oVirt</li> <li>User perspective: New added features</li> <li>Putting all the pieces together: Disaster Recovery scenarios - theory and practice</li> <li>Future ideas and roadmap</li> </ul> There is no need for special skills or knowledge, although familiarity with oVirt and/or with Ansible is a plus. Maor Lipchuk Video recording (mp4) Video recording (WebM/VP9) Submit feedback 13:30 00:45 UD2.218A vai_vectors_meet_virtualization Vectors Meet Virtualization challenges from our new data processing overlords Virtualization and IaaS devroom As workloads have grown and computing has become more data intensive there has been a move to improve the data crunching capabilities of modern processors. Traditional scalar instruction sets have been augmented by extensions borrowing techniques from super computers in the form of SIMD or Vector processing instructions. In the world of virtualisation these new instructions offer a number of new challenges. From efficient emulation for code generating JIT's such as QEMU to increased latency when multiplexing multiple machines under KVM. This talk will briefly examine the history of SIMD instructions before introducing ARM's innovative Scalable Vector Extensions. We will then discuss the challenges involved in virtualising them both in software and hardware alike. Alex Bennée Slides in HTML http:// Video recording (mp4) Video recording (WebM/VP9) Submit feedback 14:15 00:45 UD2.218A vai_qemu_jungle Finding your way through the QEMU parameter jungle Virtualization and IaaS devroom This talk provides a survey of the different ways that can be used to configure devices and backends of QEMU via its command line options. QEMU is a quite complex application, with lots of command line parameters and many different ways to configure its devices, backends and other options. Many of the interfaces are legacy that are kept to stay compatible with older versions of QEMU, other interfaces are well architected and the preferred way of configuration nowadays. This talk will give you a good survey of how to use QEMU directly from the command line and hopefully help to understand how and why some parameters have to be specified in a certain way. If you are new to running QEMU directly from the command line, or if you ever asked yourself a question like "what is the difference between '-net' and '-netdev'", then this is definitely the right talk for you! Thomas Huth Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:00 00:45 UD2.218A vai_diskimage_builder diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Virtualization and IaaS devroom diskimage-builder: Building Linux Images for Cloud / Virtualization / Container Each virtualization, cloud or container platform needs images as base. There are many (specialized) tools to generate them. If your organization needs a set of e.g. different distributions with the same packages installed and the same configuration, diskimage-builder might be the tool to choose: it can generate a wide range of different distributions (e.g. RedHat/CentOS, Ubuntu, Debian, OpenSuse, Gentoo, ...) as a virtual machine or even docker images for a couple of architectures. Images are known to run on a wide range of virtualization and cloud services, like OpenStack, VmWare, AWS EC2, OTC, KVM, docker (and even bare metal). diskimage-builder is highly configurable by means of 'elements': predefined and/or easy to write extensions. The talk is a general (technical) introduction to diskimage-builder with a short in-depth chapter about the new block device layer like: images, loop devices, partitioning, lvm, mounting, fs, and fstab handling. 1: OS Images What are OS images? 2: Building OS Images Traditionally each environment / distribution introduces its own image creation procedure / tool. Example: debootstrap for Debian, kickstart configuration for RedHat based systems, … 3: Many to Many Relation The problem: each tool must be configured or adapted to your needs. Diagram: Many configuration files -> Many tools -> Many images Problem: much work; unclear: resulting images might differ in functionality 4: One to Rule Them All diskimage-builder solves this problem: you can see it as an abstraction layer. One configuration -> Images for different OS / distributions / architectures 5: Examples 6: Features Supported architectures: arm64, i386, amd64/x86_64, powerpc Supported distributions: Debian, Ubuntu, Fedora, RedHat, Centos, OpenSuse, Gentoo (typically the stable and the last-stable version) Tested environments: VmWare, OpenStack, KVM, AWS EC2, Docker. 7: "Elements": Batteries Included There are many (~100) predefined (so called) elements for configuration / adaption. Additional are available in the Internet, e.g. ready to use element for building a Raspberry Pi Image. Example: disk-image-create debian-minimal vm puppet-master Example elements 8: Short introduction: What is an "Element" 10: In Depth: New Block Device Layer A. Concept (layer) B. How it works. C. Configuration example. D. Block Device Layer’s MBR Module Why parted could not be used. No other usable library available. 11: Development Insights SLOW development cycle (CI slow / no developers / mostly no reviewers) Many developers want exactly their features / bug-fix and mostly never review other. Reality vs. Ideal world 12: Advantages / Disadvantages + Speed + Universal configuration <ul> <li>Only limited set of functions / systems are tested during CI</li> <li>Large docker images with some unused packages</li> </ul> 13: Best Practice 14: Resources / Contact diskimage-builder: IRC / Mailing List / Links / GIT My Name / Email Address Andreas Florath Video recording (mp4) Video recording (WebM/VP9) Submit feedback 15:45 00:45 UD2.218A vai_openstack_gdpr_compliance Openstack compliance with GDPR 25th of May 2018 s closer than you think Virtualization and IaaS devroom The General Data Protection Regulation (GDPR) is already effective but will be enforced starting from 25th of May 2018, this leave companies few months to ensure compliance for their Openstack deployments. In this session we'll discuss best practices and challanges of this task. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. During this talk we'll go through OpenStack configurations and policies to identify sensible areas, discussion what Privacy by Design means in terms of OpenStack, and illustrate best practice to set up a compliant architecture. This session will not go into a legal discussion but will be focused on technical aspects and will try to provide attendees with a set of best practices to adopt while managing their own Openstack cluster. Vincenzo Di Somma Submit feedback 14:00 02:00 UD2.Corridor keysigning GPG Keysigning Keysigning keysigning The FOSDEM 2018 GPG Keysigning The keysigning event takes place in the corridor on the second level of the U building. There is no fixed end time. Previous editions last for approximately one hour per 100 keys on the list. You must register before the conference to take part. Please bring the printed list, a pen and appropriate form of identification with you the event. Please note that you must register your key a week in advance of the conference. FOSDEM Staff Submit feedback 09:00 02:30 J1.106 global_diversity_help Mozilla TechSpeakers CFP-help Drop-in session. All welcome. Global Diversity CFP Day maintrack Ask Mozilla TechSpeakers your public speaking, conference- and CFP (call-for-proposals)-related questions at the Mozilla booth, hear some tips & tricks about public speaking and some inspiration for nailing your next conference submission. Cannot make it to the <a href="https://www.globaldiversitycfpday.com/events/50">Global Diversity CFP Day Brussels workshop</a>? Or do you simply want to ask a few questions about public speaking or writing conference proposals? Drop by the Mozilla booth on Sunday, February 4 at FOSDEM between 10:00-12:00 and 14:00-16:00 and as talk to some seasoned veteran Mozilla TechSpeakers about public speaking, or ask them questions about public speaking/cfp-s in general or your talk (idea). Mozilla TechSpeakers About Mozilla TechSpeakers Submit feedback 14:00 02:00 K.Level.2 global_diversity_mozilla_booth Mozilla TechSpeakers CFP-help Mozilla Booth drop-in session. All welcome. Global Diversity CFP Day maintrack Ask Mozilla TechSpeakers your public speaking, conference- and CFP (call-for-proposals)-related questions at the Mozilla booth, hear some tips & tricks about public speaking and some inspiration for nailing your next conference submission. Cannot make it to the <a href="https://www.globaldiversitycfpday.com/events/50">Global Diversity CFP Day Brussels workshop</a>? Or do you simply want to ask a few questions about public speaking or writing conference proposals? Drop by the Mozilla booth on Sunday, February 4 at FOSDEM between 14:00-16:00 and as talk to some seasoned veteran Mozilla TechSpeakers about public speaking, or ask them questions about public speaking/cfp-s in general or your talk (idea). Mozilla TechSpeakers About Mozilla TechSpeakers Submit feedback