Do Linux Distributions Still Matter With Containers? - TIB AV-Portal

Do Linux Distributions Still Matter With Containers?

00:00

6

Formale Metadaten

Titel

Do Linux Distributions Still Matter With Containers?

Untertitel

Yes, because stopped statically compiling things for a reason...

Serientitel

Anzahl der Teile

561

Autor

Lizenz

CC-Namensnennung 2.0 Belgien:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.

Identifikatoren

10.5446/44243 (DOI)

Herausgeber

Erscheinungsjahr

Sprache

Inhaltliche Metadaten

Fachgebiet

Genre

Abstract

In the beginning there was compiling and static linking. My first programs when I was 10 years old worked like that. Then, we discovered dynamic linking. This was great because we could now patch one library and all of the programs would pick up the change on restart. But we created another problem - dependencies. Throughout the history of computing we have solved one problem and created another. Containers are no different. This talk will walk through why we invented Linux distros and why we should continue to appreciate them in a world full of container images... In the beginning there was compiling and static linking. My first programs when I was 10 years old worked like that. Then, we discovered dynamic linking. This was great because we could now patch one library and all of the programs would pick up the change on restart. But we created another problem - dependencies. Throughout the history of computing we have solved one problem and created another. Containers are no different. This talk will walk through why we invented Linux distros and why we should continue to appreciate them in a world full of container images. The short answer is yes. Yes, they still matter because of several reasons: A linux distribution is a bunch of human beings that work together to create a dependency tree of software packages. This dependency tree is still convenient in container images There is a TON of knowledge embedded in systemd unit files on how to properly start/stop commonly used daemons Mapping CVEs to packages with meta data is still useful in a container Standardized C libraries like glibc are used by binaries, interpreters like Python, and even virtual machines managers like the JVM Critical libraries like libssl, openssl, and hardware accelerated bridges, are useful to everyone Linux distros are a connection point with gravity which builds community. Community is what solves problems Host and container image portability (glibc actually can take different code paths depending on what hardware is made available by the kernel. Also, glibc has a min/max kernel version that it supports well when compiled)

FOSDEM 201986 / 561

1

24:45

How to write pylint plugins

2

25:20

How to build your own Ethereum client

3

27:01

How to build a FreeBSD CI/CD environment based on pot container

4

53:49

How should lawyers behave? Legal "Ethics" and Free Software

5

21:39

How Online Backup works in MyRocks and RocksDB

6

31:25

How Kubernetes used gRPC to encrypt secrets with an external Key Management Service and Go for Javascript developers

7

30:21

How and why (not) to use the 127.0.0.53 nameserver, systemd-resolved and resolvctl

8

15:27

How a Connect-X device driver works

9

24:36

horizon EDA - what's new

10

30:09

11

30:38

Hikar - Free and Open Source Android Augmented Reality for walkers - v0.2

12

24:10

High end augmented reality using Javascript

13

20:09

Hey, A Blockchain-Based Social Network

14

37:31

Hardware/Software Co-Design for Efficient Microkernel Execution

15

24:27

Hands on debugging with Delve

16

53:09

Handling Security Flaws in an Open Source Project

17

24:44

Hacking NodeJS applications for fun and profit

18

30:10

Hackers gotta eat

19

23:05

GWL: GNU Workflow Language

20

25:31

Guile 3: Faster programs via just-in-time compilation

21

25:10

gtk-rs: newest and future developments

22

24:52

GStreamer embedded state of the union 2019

23

21:04

GStreamer 1.16 and beyond

24

18:14

gRPC, Protobufs and Go... OH MY!

25

26:06

Greenfield: An in-browser Wayland compositor

26

29:24

GraphHopper Routing Engine - New Features

27

17:49

Graph usage in EFL

28

29:47

GraalVM: Polyglot Development Platform with Great Toolability

29

45:51

Hacking PostgreSQL

30

15:10

gr-soapy: A handy SDR hardware interface module for GNU Radio

31

15:40

Good Will Snapping

32

42:40

GObject subclassing in Rust for extending GTK+ & GStreamer

33

32:38

Go Lightning Talks - Come speak!

34

23:23

Go containers? Go serverless?

35

25:10

GNU Radio with a Rusty FPGA

36

43:23

GNU Radio in 2019: Facts and Plans

37

30:10

GNU Mes - Reduced Binary Seed bootstrap for GNU Guix

38

35:19

Gluster Container Storage

39

25:53

Global Consent Manager

40

30:10

Git database with bitmap index

41

21:34

Getting to Closer to a Software Help Language

42

39:57

Gephi JS: Exploring the dystopian future of a Javascript Gephi

43

26:57

GNU Radio meets Scapy

44

29:30

GBForth: Using Forth to understand the Game Boy

45

26:07

Futatabi: Multi-camera instant replay with slow motion

46

29:46

FST-01SZ (Flying Stone Tiny 01 revision ShenZhen)

47

25:10

From Zero to Portability

48

36:07

From Oracle to Apache - News from Apache NetBeans

49

25:10

From jQuery to React

50

22:51

Fritzing - the past, the present and the future

51

47:08

FreeIPA and cross-distribution packaging experience

52

38:22

FreeBSD in Audio Studio

53

35:10

FreeBSD Graphics

54

24:10

Fractalide and Cantor

55

16:02

FOSDEM infrastructure review

56

44:55

Forest: An Open Source Quantum Software Development Kit

57

44:54

FLOSS, the Internet and the Future

58

20:35

59

29:39

Flickerfree boot

60

22:28

Firefox is your Marionette

61

30:21

Firecracker, should it work only with a single runtime?

62

35:06

Fine-grained Distributed Application Monitoring Using LTTng

63

21:34

Fighting spam for fun and profit

64

09:30

Feature store: the missing data layer in ML pipelines?

65

26:53

Fearless Multimedia Programming

66

25:10

Extending syslog-ng in Python: Best of both worlds

67

25:34

Extending Numba

68

12:35

Exporting Ceph Object Storage data to the outside world

69

17:23

Exponential speedup in progress

70

22:00

Experience with wisp

71

21:38

Evolution of file system and disk management in HelenOS

72

21:37

Etherlime: open source blockchain development tool

73

15:24

Enrich your NIC's capabilities with DPDK Soft NIC

74

25:47

Enough: How journalism can benefit from free software

75

29:48

Extend Emacs in C or Other Languages

76

26:59

Embracing Language Servers for Blockchain Development

77

20:32

Embedded FreeBSD on a five-core RISC-V processor using LLVM How hard can it be?

78

49:21

ELI5: ZFS Caching

79

20:34

ElasticSearch Correctness and perfOrmance Validator

80

48:09

81

25:52

Dynamic answer generation with Lua

82

13:48

Drawing PCBs with Inkscape

83

20:10

Dotting the ethics i and crossing the t

84

11:58

Documenting Validator Requirements

85

13:59

Document Redaction with LibreOffice

86

48:21

Do Linux Distributions Still Matter With Containers?

87

30:09

DNS Privacy panel

88

28:34

DNS and the Internet's architecture: the DoH dilemma Impacts of DNS-over-HTTPS on how the Internet works

89

36:05

Distributed ledgers finally brought me a usable digital identity!

90

21:03

Distributed Computing with Ada and CORBA using PolyORB

91

20:33

Displaying other Application data into a Wiki

92

26:21

Discover GraphQL with Python, Graphene and Odoo

93

08:49

94

24:30

Developing data structures for JavaScript

95

22:11

Designing for Security

96

24:43

Designing Command-Line Tools People Love

97

25:39

Design Automation in Wonderland

98

22:40

Demystifying Coroutines and Asynchronous Programming in Python

99

24:22

Deep Dive: Kubernetes Metrics with Prometheus

100

29:24

Deduplication on large amounts of code

101

29:57

Decoding Meteor-M2: QPSK, Viterbi, Reed Solomon and JPEG

102

30:09

D-Wave's Software Development Kit

103

22:13

D-Wave Hybrid Framework

104

22:43

Declare your Linux Network state!

105

28:28

Decentralizing the Web Despite Itself

106

36:35

Debug info in optimized code - how far can we go?

107

15:22

Debian Java: Insights and challenges

108

50:10

Ceph Data Services in a Multi- and Hybrid Cloud World

109

50:10

Data Modeling, Normalization and Denormalization

110

30:09

D-Wave's Software Development Kit

111

22:13

112

19:24

CubicWeb: a browser for the web of data

113

40:13

Crostini: A Linux Desktop on ChromeOS

114

24:11

Cross browser extensions

115

15:37

Creating a Computing Revolution: from Personal Computers to Personal Servers

116

36:23

Critical Path Analysis

117

23:14

Couple scientific simulation codes with preCICE

118

24:07

Countless, Beautiful Contribution

119

20:10

Controlling the Execution of Parallel Algorithms in Ada

120

18:44

Continuous Localization

121

21:15

Continuous Integration to compile and test Navit

122

29:36

Containing the RDMA plasma

123

30:09

Consorting with Industry

124

15:10

Console oriented services: wttr.in, cheat.sh, rate.sx

125

25:10

Consistent PKCS#11 in Operating Systems

126

09:39

Connecting .NET Core to D-Bus

127

25:10

Configurations: Do you prove yours ?

128

26:17

Condition Monitoring & Transfer Learning

129

23:50

Compute the QOS of your infrastructure with DEPC

130

20:10

Component-based Design System and Development

131

24:34

Complex cameras are (were?) complex

132

40:40

Compiling the Linux kernel with LLVM tools

133

33:15

Companies and Communities

134

28:54

Community Data Are Not Community Metrics

135

27:02

Coming: a Tool for Mining Change Pattern Instances from Git Commits

136

23:49

Collabora Office as an app on iOS

137

15:21

138

50:10

Codifying infrastructure with Terraform for the future

139

25:06

Code anomalies in Kotlin programs

140

30:10

Coaching for Open Source Communities 2.0

141

13:46

Cloud Native Security 101

142

09:45

FOSDEM 2019 - Closing

143

18:12

Clang plugins in LibreOffice - global analyses across a large codebase

144

26:45

CK: an open-source framework to automate, reproduce, crowdsource and reuse experiments at HPC conferences

145

27:06

CI/CD for embedded development with an ESP8266, Arduino-cli, Gitlab-ci, Raspberry Pi, and Kubernetes

146

29:10

Challenges With Building End-to-End Encrypted Applications - Learnings From Etesync

147

24:59

Challenges in Monitoring Distributed Storage Environment and how Tendrl addresses them

148

39:28

Ceph storage with Rook

149

23:53

Cappulada: Smooth Ada Bindings for C++

150

46:58

Can Anyone Live in Full Software Freedom Today?

151

24:55

Call C++ from Rust with the cpp crate

152

29:45

Building production-grade networking software with FD.io CSIT

153

25:18

Pantheon Doc team expedition

154

27:50

Building open source scientific equipment

155

26:06

Building modern desktop apps in Go

156

20:10

Building Immersive Experiences with the Web

157

27:37

Building an LLVM-based tool

158

23:26

Building a Multi-Node SIP Platform Using OpenSIPS

159

18:51

160

27:53

Building a Community Metrics Strategy

161

23:27

Bring JavaScript to the Internet of Things - From Embedded Device to Smart Gateway

162

22:15

Breaking the 100 bits per second barrier with Matrix

163

52:39

Breaking PostgreSQL at Scale

164

22:59

Breaking Down Language Barriers

165

20:29

Breaking the Messaging Silos with COI: Chat Over IMAP

166

16:06

bmclib: A Baseboard Management Controller library

167

43:18

Blockchain: The Ethical Considerations

168

26:18

169

21:14

Beyond the webrtc.org monoculture

170

43:45

Beyond The First Steps

171

44:13

Better loop mounts with NBD

172

25:10

Base64 is not encryption

173

15:11

API Client Library Automation

174

39:47

Automated firewall testing

175

25:45

Automate Kubernetes Workloads with Ansible

176

15:41

Autocrypt - Automating E-Mail Encryption

177

32:01

Augmented Network Visibility with High-Resolution Metrics

178

30:10

Async PHP Requests & Reactive Responses with PHP-FPM

179

29:28

Astor: A Program Repair Library for Java

180

20:10

Asterisk WebRTC frontier: make client SIP Phone with sipML5 - Janus Gateway

181

20:38

The State of Asterisk

182

39:31

Around the world with Postgres extensions

183

24:58

Apache Lucene and Apache Solr 8

184

23:16

Analysis of the behavior of mobile applications and its consequences for our privacy

185

11:27

VIRTIO status update

186

20:40

An Update on NetBSD (no, not that kind of update)

187

23:47

Automated Analysis of TLS 1.3

188

25:13

Tezos Introduction

189

30:48

An operator centric way to update application containers with AtomFS

190

28:27

Introduction to Production Profiling and Diagnostics

191

1:40:16

An Introduction to Ada for Beginning and Experienced Programmers

192

25:03

An End-to-End LTE Testbed in Three Clicks

193

20:14

AI image search with Go & Tensorflow

194

50:01

Advocating For FOSS Inside Companies Redux

195

15:22

Add enterprise 2FA to your ownCloud in 15 minutes

196

57:16

ActivityPub panel

197

20:59

A year of LXD development

198

28:43

A year of Container Kernel Work

199

22:08

A roadmap for the Hurd?

200

20:10

A quick update on singularity 3.0

201

20:21

Get your data back under control

202

28:28

A new approach to container isolation with Nabla

203

46:06

A microkernel written in Rust: Porting the UNIX-like Redox OS to Armv8

204

26:41

A low latency GPU engine based reset mechanism for a more robust UI experience

205

26:55

A Guiler's Year of Racket

206

20:46

A follow-up on LTTng container awareness

207

42:18

A Deepdive into Tantivy

208

21:00

containerd update

209

14:36

A brief story about friendship

210

17:47

.NET on the Web with Mono WebAssembly

211

27:02

"Enlightening" KVM

212

28:38

"Collaboration in Open Source Is the Better Way"

213

30:09

214

24:16

25 Years of FreeBSD

215

54:20

2019: 50 Years of *x: A Computer Odyssey and Why it is important

216

14:13

10 years of open source test case management

217

15:59

0 A.D., a libre real-time strategy game

218

23:42

Multilingual Kubernetes

219

44:49

Multicloud CI/CD with OpenStack and Kubernetes

220

21:47

Monitoring Kubernetes and Virtualization

221

15:22

222

17:48

Mobile design with device-to-device networks

223

40:09

Mining Source Code^3

224

22:25

Minimalism versus Types

225

46:43

Migrating from Adobe Connect - the Victory of FOSS Over Proprietary Software

226

18:44

Minimalism matters

227

40:13

Migrating a Big Data Cluster from Linux to FreeBSD

228

15:09

MicroPython – Python for Microcontrollers

229

35:10

Microkernel virtualization under one roof

230

38:09

Microkernel lightning talks

231

26:28

Microcontroller Firmware from Scratch

232

22:39

Mgmt Config: The Road to 0.1

233

23:43

Merging System and Network Monitoring with BPF

234

49:51

235

14:47

Memory Management

236

21:20

Memex: Battling Information Overload

237

27:55

Medical image reconstruction using the .NET Framework

238

39:16

Mattermost’s Approach to Layered Extensibility in Open Source

239

52:34

Matrix in the French State and introducing...Matrix 1.0

240

26:39

Mastering Application/Service Configuration

241

22:08

MariaDB and MySQL — what statistics optimizer needs

242

21:26

Managing Virtual Machines and Containers in a Deeply Integrated UI

243

39:20

Managing and Monitoring Ceph with the Ceph Manager Dashboard

244

15:09

MALT: MALloc Tracker

245

10:09

MALT & NUMAPROF, Memory Profiling for HPC Applications

246

23:19

Making your Python code write your Python code

247

47:59

Creating the next hit game with FOSS tools

248

23:06

249

53:37

Making Sense of so many License Compliance Tools

250

50:51

Make your own language with Racket

251

16:07

Make XMPP Sprint Again

252

30:10

oVirt: Make Room! Make Room!

253

14:59

Maemo Leste: Mobile Hacker OS

254

25:10

M3 and a new age of metrics and monitoring in an increasingly complex world

255

25:07

Lucene Upgrade in Jira 8.0

256

44:06

257

25:09

Weaving Computation

258

30:21

Grafana Loki: Like Prometheus, but for logs

259

41:05

llvm.mix Multi-stage compiler-assisted specializer generator built on LLVM

260

20:00

LLVM for the Apollo Guidance Computer

261

40:57

Linux distributions, lifecycles, and containers

262

28:57

Linux and USB Audio Class 3

263

34:14

Linking OpenStreetMap and Wikidata

264

29:31

FOSDEM 2019 - Lightning Talks

265

34:37

libsigmf: Human Tools for Extra-Terrestrial and AI Radio

266

22:39

LibreOffice Online - hosting your documents

267

26:14

LibreOffice: the origins of a community fork

268

23:52

269

23:50

Leveraging ceph-mgr modules for fun

270

05:10

Let's use centralized log collection to make incident response teams happy

271

39:03

Lessons in TableGen

272

13:24

Lesson learned from Retro-uC and search for ideal HDL for open source silicon

273

25:10

Less painful E2E tests with Cypress.io

274

16:36

LemonLDAP::NG 2.0

275

15:10

Leela Chess Zero

276

50:10

Learning to Rank

277

26:21

Learning about Deep Learning: Applications for OpenJDK/Java Verification

278

13:20

LAVA federated testing

279

48:13

Latest evolution of Linux IO stack, explained for database people

280

18:43

LATERAL derived table in MySQL

281

32:05

Latency SLOs done right

282

30:30

Kubelet Istio: Kubernetes Network Security Demystified

283

28:38

284

29:03

KiCad Project Status 2019

285

43:25

Keeping Track of Stateful Infrastructure

286

25:10

JavaScript for open computing education

287

24:14

JavaScript: If you love it, set it free

288

26:23

Java and Containers

289

22:06

Checkpoint Restore

290

20:29

Introduction to reSIProcate

291

25:55

Introduction to OpenAPI Specification

292

10:41

Introduction to dpdk-burst-replay tool

293

28:24

CERN Open Hardware Licence 2.0

294

45:29

Introducing rust-prometheus

295

16:58

Machine Learning: From Lab to Production with Kubeflow

296

18:00

Introducing kubectl-trace

297

15:31

Introducing DBus-ASIO

298

23:42

Interactive Computing with F# Jupyter

299

27:59

Intel GFX CI: Validation done the Linux way

300

10:10

Gstreamer loves WPEWebKit

301

25:32

Inclusion Includes You

302

28:21

Improving SmartArt import in LibreOffice Impress

303

30:10

Improving LibreOffice quality together

304

20:55

Improve your SQL

305

30:10

Improve your On-Ramps for New Participants

306

15:10

IMAP, JMAP and the future of open email standards

307

25:10

IGT GPU Tools - the past, the present, the future

308

16:26

ID4me: using the DNS as a directory for identities

309

35:20

Hyperledger Fabric

310

30:10

HWallet: The simplest Bitcoin hardware wallet

311

27:44

Hundred* thousand rides a day

312

51:09

Huge pages and databases

313

1:00:10

314

21:06

WebXR - Beyond Games & 360 Videos

315

15:10

How we use Gluster

316

30:47

How We Modified an Agent-based Automation System to Become an Agentless One

317

09:20

NFS-Ganesha Weather Report

318

21:35

319

29:27

New interoperability, i18n and LibreLogo improvements of LibreOffice

320

07:55

Neuropil - Secure Interaction for Things

321

33:51

Neural commit message suggester

322

49:18

Netflix and FreeBSD

323

09:49

Nakadi: Streaming Events for 100s of Teams

324

24:33

MySQL Replication - Advanced Features

325

22:58

MySQL and the CAP theorem: relevance & misconceptions

326

20:10

MySQL 8.0 Document Store: How to Mix NoSQL & SQL in MySQL 8.0

327

20:10

MySQL 8.0 Component Infrastructure

328

10:42

My 10 year journey with FOSSASIA: A woman's pathway to open source

329

38:25

Multiplex graph analysis with GraphBLAS

330

13:47

Open source virtual prototyping for faster hardware and software co-design

331

16:44

Open source software security testing

332

25:00

Open Source Geolocation

333

25:03

Open Source Firmware at Facebook

334

22:23

An OSD Case Study

335

44:59

Microsoft's Open Source Journey

336

29:40

Open Source at DuckDuckGo

337

15:09

Open Software deserves Open Hardware

338

13:55

Open Food Network

339

27:01

One image to rule them all

340

30:40

On Observability

341

26:10

Now what? Following through on your community guidelines

342

27:33

No evidence of communication and implementing a protocol: Off-the-Record protocol version 4

343

14:32

344

26:55

openEMS - An Introduction and Overview

345

36:13

346

25:10

Scale Your Auditing Events

347

05:59

SAYMON - object-oriented monitoring and management for both ICT&IoT

348

42:37

Sans IO: safe and testable network protocols

349

26:52

Salut à Toi: A Python Based Social Network And More

350

26:44

RustPython: a Python implementation in Rust

351

22:55

RustPräzi: a tool to build an entire call graph of crates.io

352

24:45

353

18:44

354

25:31

Russian crypto algorithms in the OpenSource world

355

15:35

Running Android on the Raspberry Pi

356

29:02

Rspamd in FreeBSD Mail

357

39:32

Roll your own compiler with LLVM

358

27:18

Rewriting Pointer Dereferences in bcc with Clang

359

22:35

Root Zone KSK Rollover update

360

22:16

Retroshare JSON

361

22:03

Resurrecting Personas for LibreOffice

362

23:40

Singularity: Simple. Fast. Secure.

363

27:45

Reinventing MVC pattern for F# web programming

364

27:08

ReFrame: A Regression Testing and Continuous Integration Framework for HPC systems

365

24:29

Reducing Memory Usage of Mesa's Shader Compiler (Again)

366

21:13

Redis Labs & the tragedy of the Commons Clause

367

27:13

Redfish: the new standard for a Software Defined Infrastructure

368

23:37

RecordFlux: Facilitating the Verification of Communication Protocols

369

05:09

370

28:05

371

51:31

Rated Ranking Evaluator: an open-source approach for Search Quality Evaluation

372

26:53

Raspberry Pi history, tips and use case

373

44:37

374

41:17

375

24:15

Quo vadis, LibreOffice extensions?

376

20:40

PWA caching strategies

377

24:59

Protecting Secrets with Hardware

378

20:36

Pulp 3: Ready for a Test Drive

379

26:23

Protect your bits: Introduction to gr-fec

380

20:10

Proof of Pointer Programs with Ownership in SPARK

381

39:35

Promotion of open source and role of standardization in Quantum Computing

382

24:43

Project Trellis and nextpnr: FOSS Tools for ECP5 FPGAs

383

23:46

384

45:10

Profiling PHP applications

385

30:03

Profiling Low-End Platforms using HawkTracer Profiler

386

21:00

Privacy-preserving monitoring of an anonymity network

387

31:04

Preserving numerical algorithms

388

35:09

Predicting PR Comments

389

43:43

PostgreSQL vs. fsync

390

48:34

PostgreSQL Goes to Eleven!

391

22:22

Porting U-Boot to a Modular Device

392

55:29

Porting Debian to the RISC-V architecture

393

50:54

Portable Services are Ready to Use

394

24:51

Pocket Science Lab

395

25:23

Pocket Science Lab

396

28:21

397

20:10

Persistence with Ada Database Objects

398

21:14

Perl 6 as a new tool for language compilers

399

26:01

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

400

20:57

Performance tuning Twitter services with Graal and Machine Learning

401

44:26

PennyLane - Automatic differentiation and machine learning of quantum computations

402

19:57

Patterns and anti-patterns in Open Source participation

403

55:17

Difficulties in having more designers involved in Open Source

404

48:35

Packaging for Mageia Linux with Docker containers

405

21:31

Package software for any distribution with upt

406

48:21

Panel: Open Source .NET

407

17:16

P4: Private Periodic Payments Protocol

408

54:28

Deep dive in the ossia ecosystem

409

42:53

Organizer's Panel -- Now and Forever

410

23:00

Organisational Processes in Decentralized Software

411

14:41

Hardening the Operating Systems against transient faults

412

50:10

Kubic for Container People

413

16:24

414

43:08

OpenJDK Governing Board Q&A

415

23:28

416

42:57

Quantum Computing at Google and in the Cloud

417

21:29

OpenStreetMaps for emergency prep: The view from San Francisco

418

32:13

XWiki: a collaborative apps development platform

419

38:44

ZFS Powered Magic Upgrades

420

25:14

Zink: OpenGL on Vulkan

421

13:40

Will you boot Haiku, on a non intel platform, no BIOS winter?

422

17:29

Writing Network Drivers in High-Level Languages

423

14:30

XR: The present, the future and how to get there.

424

50:27

XDP (eXpress Data Path) as a building block for other FOSS projects

425

26:26

Working with Webhooks

426

17:52

Why JSON when you can DSL?

427

30:10

Why, and How, we compiled Xaml into IL

428

30:39

Who wants you to think nobody uses the AGPL and why

429

20:42

Who needs to know? Private-by-design collaboration

430

25:22

Who needs pandoc when you have Sphinx?

431

25:48

Where is my error gone?

432

30:10

When perf-html Met A11y

433

25:52

Exponential speedup in progress

434

25:47

When and How to use CGo

435

41:27

What's new in the world of seL4

436

50:48

What's new in PostgreSQL 11

437

23:46

What's new in DeepSea An overview of new features

438

38:58

What makes LLD so fast?

439

45:25

440

11:45

Setting up an HPC lab from scratch

441

04:51

Writing Asynchronous SNMP Agents

442

19:17

What are your users kubectl-ing into your Kubernetes cluster?

443

04:17

Welcome to the Legal and Policy Issues devroom

444

25:10

Web Components are the future. And the future is now!

445

22:47

Write Drunk - Test Automated

446

22:46

What did I just agree to?

447

41:23

Walking through walls

448

25:45

Wayland in IVI systems

449

28:57

VR Map: Putting OpenStreetMap Data Into a WebVR World

450

24:17

VoIP Troubleshooting and Monitoring with SIP3

451

10:30

Voice Controlled Radio Enabling broadcast reception for Smart Speakers

452

23:08

VNF development made easy with netmap

453

40:09

What's new in Ceph Nautilus

454

30:10

Virtual IOMMU Implementation using HW Nested Paging

455

25:10

456

14:21

VBoard, making web dashboards in 3D and VR

457

23:32

Validating Big Data Jobs

458

23:06

Uyuni: A world-class open source frontend solution for managing your software-defined infrastructure with Salt

459

21:11

UX at Tor: an Open Approach

460

24:33

Using Progressive Web Apps to control IoT

461

40:10

Using networks to study 18th century French trade

462

29:05

Using eBPF for Linux Performance Analyses

463

30:10

Use kcli with all your virtualization solutions!

464

27:48

Use configmanagement for your ... configmanagement.

465

25:10

USB borne attacks and usable defense mechanisms

466

19:42

Video Analysis using CUDA and OpenCV

467

35:42

Unikraft: Unikernels Made Easy

468

22:50

VR Map: WebXR with Real-World OSM Data

469

20:24

Unifying network filtering rules for the Linux kernel with eBPF

470

37:47

Understanding Source Code with Deep Learning

471

25:16

V4L2: A Status Update

472

23:28

Un-split brain (aka Move Back in Time) MySQL

473

28:32

UEFI Boot for Mere Mortals

474

16:30

TypeScript-It's time to migrate!

475

26:01

Tuning Go GC Parameters

476

25:59

Tree matchings with Behavior Trees

477

22:29

Tracking users with core Internet protocols

478

33:36

Towards a sustainable solution to open source sustainability

479

22:05

Tools for Shrinking Your Containers

480

24:15

To the future with Grav CMS

481

25:55

Time is Important - Developer Centric IoT Platforms

482

19:28

Tiki: Easy setup of wiki-based knowledge management system

483

21:56

TiDB: Distributed, horizontally scalable, MySQL compatible

484

15:35

Theo: The Authorized Keys Manager

485

28:56

What's going on with Storage?

486

20:10

Unified Communications with Pàdé

487

29:11

Tooling for IntelliJ Platform Plugins

488

32:56

The surprising interaction of open source and patent exhaustion

489

17:36

The State of Webassembly in 2019

490

07:47

The state of machine learning operations in 2019: reproducibility, explainability, bias evaluation and beyond

491

25:03

The State of Go

492

19:43

The SReview review system

493

26:43

The Software Developer’s Guide to Open Source Hardware

494

16:32

Skulls - coreboot your X230 the easy way

495

24:33

The right to data portability (and why it's a very bad idea)

496

48:18

The TPM2 software community

497

26:28

The Yoast Design Meeting and how it started us on the path to open source design

498

30:10

The Open Source Community: its past and future

499

30:09

The New Internet

500

25:10

The new EU CyberSecurity Act

501

25:59

The Missing Benchmark Metric: Memory Consumption

502

11:25

The Kitspace BOM Builder

503

28:49

The impact of Meltre and Specdown on microkernel systems (*)

504

45:17

The future of Supervisor Binary Interface(SBI)

505

27:39

The final release of Kodi v18

506

26:29

The Dwingeloo radio telescope goes SDR

507

40:09

The DAO of Bisq

508

48:31

The Current and Future Tor Project

509

22:30

the current and future state of Ethereum

510

34:26

The Container Storage Interface, Explained

511

20:47

Making your MySQL Replication Setup run faster!

512

42:58

The Cloud is Just Another Sun

513

16:48

The brief case for User-space Network Stacks (DPDK and friends)

514

21:24

The art of multiplexing MySQL connections with ProxySQL

515

25:12

Text Markup to PDF with Python

516

19:12

The real cost of not doing user research

517

21:16

The convergence of HPC and BigData

518

29:13

Testing Over 1000 gTLDs for EDNS0

519

22:13

Testing GraphQL in your JavaScript application

520

29:51

Tested for Business: An Open and Transparent Quality Kit

521

24:51

Test complex database systems in a laptop with dbdeployer

522

24:15

Testing your infrastructure and services with the help of OPNFV testperf team

523

22:20

Ten years of Puppet installations: what now?

524

25:10

Templating Languages for Interactive Fiction

525

22:28

Tcl - An Embeddable Long-lever with a Comfortable Grip, that fits in your Pocket.

526

25:50

Tapping Into the Binary Log Change Stream

527

15:42

Sysadmins, too, deserve interface stability

528

30:09

Sustaining FOSS Projects By Democratizing The Sponsorship Process

529

15:36

530

30:51

Taming The Dinosaur: How Eclipse was Performance Tuned

531

19:26

Sustain in Open Source with Gitcoin

532

49:12

SUSI.AI: An Open Source Platform for Conversational Web

533

30:14

Countering Impostor Syndrome Culture

534

26:11

Super-speedy scoring in Lucene 8

535

28:04

536

15:23

Structured Concurrency

537

25:10

Streaming Pipelines for Neural Machine Translation

538

40:24

Storing "Lots Of Small Files" in a Swift cluster

539

21:26

Stories from BIND9 refactoring

540

37:13

Square Kilometre Array

541

27:55

Spoofing GPS is it really the time we think it is, and are we really where we think we are?

542

17:51

Speeding up the Booting Time of a Toro Appliance

543

23:23

Speeding up Programs with OpenACC in GCC

544

30:05

Spatial Reference Systems Transformations with Boost.Geometry

545

28:51

Watching Them Watching Us WebExtensions Exposing Privacy Leaks

546

52:25

Tesla Hacking to FreedomEV!

547

49:01

Solo5: A sandboxed, re-targetable execution environment for unikernels

548

42:55

Solid: taking back the Web through decentralization

549

24:51

SMT-Based Refutation of Spurious Bug Reports in the Clang Static Analyzer

550

36:15

Smelling Source Code Using

551

40:09

SMB3 UNIX Extensions

552

04:00

553

25:10

Solving Polynomial Systems in Python

554

29:42

Set-versioned package dependencies

555

24:41

Securing the JVM

556

26:54

Server side solution for generating ODF reports

557

25:01

Securing Secure Boot on Xen

558

43:24

Secure Web Applications with AWA

559

27:10

SDR Makerspace sdrmaker.space

560

25:19

Making furniture with JavaScript

561

24:41

Onion adventures

Automatisches Abspielen

Sprache

Text

Bild

00:00

Distribution <Funktionalanalysis>Automatische HandlungsplanungKartesische KoordinatenProgrammierumgebungDistributionstheorieBildgebendes VerfahrenKonfigurationsraumElektronische PublikationMailing-ListeRegulärer GraphKonfigurationsdatenbankTypentheorieKontextbezogenes SystemNetzbetriebssystemDokumentenserverRechenschieberMereologieAssoziativgesetzElement <Gruppentheorie>MultiplikationsoperatorSoftwarePhysikalisches SystemPunktRotationsflächeDatenverwaltungDämon <Informatik>SkriptspracheSpezifisches VolumenInformationDifferenteKernel <Informatik>LoginCodeQuaderWeb-SeiteVariableMatchingMixed RealityVerzeichnisdienstSoftwareentwicklerApp <Programm>Projektive EbeneAppletDienst <Informatik>AuswahlverfahrenDefaultGruppenoperationGemeinsamer SpeicherProzess <Informatik>NamensraumOverhead <Kommunikationstechnik>Deskriptive StatistikInhalt <Mathematik>SystemplattformImplementierungComputervirusHardwareBitMini-DiscSchreiben <Datenverarbeitung>Quick-SortStandardabweichungREST <Informatik>ComputeranimationVorlesung/Konferenz

09:06

Prozess <Informatik>ProgrammierumgebungNormalverteilungLokales MinimumArithmetisches MittelInstallation <Informatik>TypentheorieGruppenoperationDisjunktive NormalformNamensraumREST <Informatik>SoftwareentwicklerPhysikalisches SystemPunktDifferenteMechanismus-Design-TheorieKernel <Informatik>BinärcodeRechenschieberNormalvektorInstantiierungBitDämon <Informatik>DistributionstheorieKartesische KoordinatenSchnittmengeDefaultKeller <Informatik>ProgrammfehlerMereologieEinflussgrößeKontextbezogenes SystemElektronischer ProgrammführerVorlesung/Konferenz

11:56

DateiformatFormale SpracheSchnittmengeDefaultCASE <Informatik>SkriptspracheTypentheorieRechter WinkelSoftwareDistributionstheoriePunktInstallation <Informatik>BimodulMultiplikationsoperatorProgrammierumgebungVersionsverwaltungGebäude <Mathematik>AppletResultanteBinärcodeKartesische KoordinatenGNU <Software>Vorlesung/Konferenz

14:44

DistributionstheorieDifferenteDifferenzkernProgrammierumgebungMobiles EndgerätNetzbetriebssystemPunktMakrobefehlVersionsverwaltungKartesische KoordinatenElektronische PublikationCoxeter-GruppeKonfigurationsraumSoftwaretestBildgebendes VerfahrenRechter WinkelCompilerRechenschieberMailing-ListeSchnittmengeGebäude <Mathematik>EinflussgrößeInhalt <Mathematik>Physikalisches SystemKernel <Informatik>SchlüsselverwaltungInstantiierungVerzeichnisdienstDokumentenserverNotebook-ComputerIntelligentes NetzStabilitätstheorie <Logik>MultiplikationsoperatorBildschirmmaskeSoftwareUmwandlungsenthalpieSoftwareentwicklerDatenverwaltungKonfigurationsdatenbankQuellcodeEinfache GenauigkeitVorlesung/Konferenz

20:07

Hash-AlgorithmusLokales MinimumInklusion <Mathematik>VerzeichnisdienstProgrammierumgebungWurzel <Mathematik>Differenz <Mathematik>DatenbankDefaultDämon <Informatik>sinc-FunktionSchnittmengeKonfigurationsraumBitEin-AusgabeAusnahmebehandlungParametersystemMultiplikationsoperatorSoftwaretestGebäude <Mathematik>ComputerarchitekturSoftwareElektronische PublikationInteraktives FernsehenDokumentenserverGraphfärbungSocketVersionsverwaltungDifferentePhysikalisches SystemStellenringPasswortVariableMereologieDistributionstheorieGeradeBildgebendes VerfahrenVirtuelle MaschineProjektive EbeneTypentheorieRechter WinkelMehrplatzsystemVirtuelle RealitätInformationMalwareRoutingHypermediaRhombus <Mathematik>Formation <Mathematik>Repository <Informatik>EindringerkennungEinflussgrößeZahlenbereichMulti-Tier-ArchitekturProgramm/QuellcodeJSON

27:06

Hash-AlgorithmusMultiplikationsoperatorLokales NetzProgramm/Quellcode

28:23

Hash-AlgorithmusServerKanal <Bildverarbeitung>HackerStatistikInklusion <Mathematik>Lokales MinimumDokumentenserverSoftwareentwicklerProgrammierumgebungProzess <Informatik>SkriptspracheSchnittmengeVersionsverwaltungEinflussgrößeKonfigurationsraumElektronische PublikationMereologieDifferenteDistributionstheorieSoftwareComputerarchitekturDisjunktive NormalformUmkehrung <Mathematik>MehrplatzsystemBitCoxeter-GruppeGraphfärbungPerspektiveMultiplikationsoperatorInhalt <Mathematik>MathematikPhysikalisches SystemGamecontrollerObjekt <Kategorie>Installation <Informatik>Wurzel <Mathematik>AdditionProgramm/QuellcodeJSON

34:58

SpezialrechnerInhalt <Mathematik>StellenringCachingOperations ResearchDistributionstheorieGebäude <Mathematik>Inklusion <Mathematik>Hash-AlgorithmusKanal <Bildverarbeitung>ServerMenütechnikCoxeter-GruppeElektronische PublikationVersionsverwaltungMehrplatzsystemProgrammierumgebungGebäude <Mathematik>Wurzel <Mathematik>SoftwareNormalverteilungBitRepository <Informatik>Physikalisches SystemZahlenbereichFormation <Mathematik>SkriptspracheMailing-ListeAdditionQuellcodeBimodulDemo <Programm>DistributionstheorieMultiplikationsoperatorClientFlächeninhaltDigitale PhotographieBrowserLokales MinimumVerzeichnisdienstCASE <Informatik>BenutzerbeteiligungSocketKonfiguration <Informatik>Programm/QuellcodeComputeranimationXMLJSON

40:39

ServerHash-AlgorithmusWurm <Informatik>MathematikPhysikalisches SystemZusammenhängender GraphTopologieProgrammierumgebungBitInhalt <Mathematik>MultiplikationsoperatorVerzeichnisdienstSoftwareGebäude <Mathematik>SoftwaretestVersionsverwaltungCASE <Informatik>Formation <Mathematik>QuellcodeElektronische PublikationKonfigurationsraumGamecontrollerVirtuelle MaschineComputerarchitekturZahlenbereichRepository <Informatik>Coxeter-GruppeDämon <Informatik>Zweiunddreißig BitProzess <Informatik>DokumentenserverSchnittmengeARM <Computerarchitektur>SoftwareentwicklerComputerspielGewicht <Ausgleichsrechnung>Lokales MinimumKernel <Informatik>Distributionstheorie

48:17

PunktwolkeComputeranimation

Transkript: Englisch(automatisch erzeugt)

00:05

Thank you Brian. So thank you very much everybody for waking up so early and coming to this session I know it's very difficult myself. I had some problems this morning to wake up because you know, it's fast and so Saturday night generally you do stuff interesting with friends and you remember that

00:21

You were called by Brian to say hey, you need to give a talk tomorrow morning Oh, I proposed my name. So sorry if it's not exactly the same topic By the way, we can talk about the original topic because I have planned for that and and it's a topic which is also interesting The relevance of Linux distribution at the era of Docker containers. It's something that we can

00:45

address Hopefully I will cover it a bit But if you have questions on those topics if you have concerns and raise your hands and we will try to do our best to answer those points So Let's start. So my name is Bruno Konec. I'm working for

01:01

hardware manufacturer I won't give the name here because I didn't want to support my travels this time So I will use my my association name to present the topic here I've been doing Linux and stuff for the last 25 years and I'm part of different upstream and downstream projects. I'm for this talk. I'm particularly

01:24

Concerned because I'm a major packager and I had some Development to do to be able to package more easily at the container era Okay, so let's start with a few reminders so that everybody is on the same page

01:44

Containers are just Compared to hypervisors or bare-metal environment are really really near to the bare-metal infrastructure the only stuff which is different from the Bare-metal infrastructure is that you have the Engine, which is managing the notion of containers here

02:02

And which is just a thin layer that you put on top of application. So you put An environment which is suitable to isolate the execution of your application if you want So you have name spacing of C groups which are set up by the way By default on your operating system and here in a in a container context

02:23

That's the container engine which creates those Environments of execution for the application before launching the application So no specific overhead because anyway the kernel is doing the job that you use it on the bare-metal that you don't use it On a container environment at the same same cost

02:44

For launching the applications. Just the fact that you have an isolated environment is what is of interest to us in this context So I will talk about Docker because I've started using Docker and adding Docker to the Maggia distribution three or four years ago something like that three years ago and

03:03

It applies to other type of containment engine Of course some stuff are typical to Docker some other stuff are really generic to containers environment So the idea is really to pack everything together to give you a way a new way of delivering application to your users

03:24

Forty years ago you were using tar and A script in the tar file and you were delivering your application to your customer like that or to your users like that After the Linux revolution you had more clever way of doing that which are called packages and

03:41

We are in the distribution dev room so people building distributions are really keen to make packages to Create a suitable environment for delivering application taking care Not only of the application itself and the right place where it should be delivered on the system so having a standard which is a Linux standard base, which gives you all the directories in which you

04:04

Need to install your software The logs are in vlogs. The application is under USR. You have etc for the configuration files, etc, etc So this is standardized this is taking off This is taking care of by the distribution management system and the distribution management system is also creating

04:25

support for the dependencies for the build dependencies of the software and for the installation dependencies of the software Which is a big advantage So that's one of the element why using distribution is still relevant compared to to the Docker environment

04:40

So Docker came and said, okay, there is a new way of packaging application. You can have these Apps in the box that we had in the previous in the previous slide and everything Inside that that box inside that context can be shipped easily to another platform and run easily on another platform So that's really the approach they had is bundle everything

05:02

The approach is to say, okay, if you have one process you want to run you will create one container so if you have an application which is comprised of Seven different daemons running together working together Then you would like to create seven different containers images and seven different containers to host them

05:22

It's working with layers and I will detail that in the next slide You have the notion of image and the notion of container which is an instantiation of the image Which is read-write in which you can work whereas the image is read-only itself You have additional features So if you want to share your images if you want to distribute your images

05:41

Especially inside your environment or outside you have the notion of registry That's what the people from Docker run on the Docker Hub. So when you do a Docker search for an image it it's Interacting with the registry it's trying to find an image which has the name that you gave and it gives you a list of

06:01

dozens of different images Corresponding to what you are looking for You can do exactly the same internally You can have so private registry as well to allow the sharing of images Which is like on distribution when you do repositories in your distribution and you manage packages Inside the repository and you share the packages through repositories

06:23

They created the notion of Dockerfile. So this one is linked to Docker Which is the receipt to create the image So you want to have instructions that helps you build the image on a regular base you can replay it It's like the makefile for building an application. It's a receipt to build the Docker image

06:44

Inside the image everything is volatile. So when the container dies You lose everything Sort of it's stored on your disk in the layer, but you lose everything. So you want to have permanent Information stored in volumes

07:02

Which can be mounted from the hosts inside the container or you can use network attached volumes if If you need that Inside the container you are completely isolated from the world So you need to specify which ports you want to make available to the outside world

07:21

So if you run one daemon inside an image you want to expose the port of that Network service to the outside so that it can communicate with the outside world The goal is to is if you remember JVAP promise, it's Write once, run everywhere. So it's pretty the same on the Docker container image

07:43

It's create once, run everywhere on a given OS You cannot really mix and match between different OSes The stuff I've not written here on the slide that you have a standard describing images which is the OCI and

08:03

it gives you the possibility to Use the same image content with different implementation of container engines So you can take a Docker image and run it run it with Racket or CRU When you want to orchestrate stuff you go a bit up in the stack

08:21

You have the notion of composition. You can create YAML files to give to your engine the information on how to launch The container how to instantiate the container from the image So which type of volumes you want to attach, which type of port you want to expose, which type of environment

08:40

variables you have, which type of networks you have, all that stuff that you can pass on the command line to the Docker command. You can also store it in a YAML file and give that YAML file to someone else And you have the Docker compose upper layer Which will create all the containers from that description based on the virus image that you have

09:01

So HA layers is a swarm of Kubernetes that you can use. Everything is using a REST API Even the command line interface tool, so they always discuss with the Docker daemon on your system using the REST API. It's developed in Go and the composition is redeveloped in Python and it's licensed under the Apache V2.0

09:24

I said in the previous slides there is a layered approach. This is how it's working. So everybody is using the same kernel on your host There is no difference. There is no kernel inside the container image So if you go inside a container image and you use a uname command to look at what is it

09:45

It's the kernel running below on your whole system It's not a kernel coming with the image. That does not mean anything because it's just an isolation of processes So you have the same kernel, it's launching different stacks, different applications

10:01

But it could be a process that you run on your system Or it could be a process that you run in a container on your system. It's the same Then on top of the kernel once you have created that and you have your cgroups and namespace available as feature of your kernel to be able to enable those type of

10:20

working environments, you have the notion of image. So the image is a read-only part of the solution And you can create as many layers as you need to reach a point where you are happy with your image You can have something as simple as just a BusyBox binary. That could be your image

10:42

So you execute Docker, you create an instance based on that image and you will be in an environment where you just have the BusyBox binary And you have the 100 something command that the BusyBox is providing to you in a very small footprint environment That's one way to deal with it. You can use a very small distribution that the Docker guide developed Alpine

11:05

Which is a very small Linux distribution To provide a strict minimum of environments that you need to have something which looks like a Linux environment because BusyBox is really really small Or you can put a full distribution or normal distribution, the minimum set of that distribution

11:22

So for a major distribution, it would be 200 something packages For Fedora, the same for Debian, maybe a bit less, okay So you have the possibility to really create a small layer Which is the base of your distribution and on top of your distribution, you can install packages using your own normal mechanism

11:42

So if you are on Debian, you do a PTK install, if you are on Fedora You do DNF install, if you are on measure.ai you do Europe EMI, but that's the same approach You just use native tools that you have on your distribution to build the context that you want to have You can add scripts, you can add binaries, you can do PIP install, you can do NPM install

12:03

You can do whatever you want inside And that's isolated And once you are happy with the result of the build of the image and the running environment Then you can instantiate one version Which will be the container in which you will have the right to write in it, modify stuff

12:26

And that's where we'll be running your application, on top of it Any questions at that point? Is it obvious for everybody? Good So why do you want to use distribution packages with distribution and packages inside the distribution with containers and VM

12:46

And that probably was what the original speaker was intending to cover more So First why do you want to run containers? Because you already have a distribution What you want is not necessarily polluting your distribution with a ton of stuff that you want to test in a dedicated environment

13:07

Especially when you do stuff like JavaScript, Node.js Type of stuff where very few distributions have package, the whole stack that you would need to develop That does not exist under an RPM format or that format because it's really a moving target

13:25

You would need thousands of dependencies when you do NPM install of something you You get ten thousand of different modules installed Through the network That's a huge work for a distribution And most of the distributions are just packaged in Node.js itself

13:41

So you can do NPM install and then the rest is not packaged because it's moving too fast It's not possible to keep up with that It's not the case of some other languages. You have a lot of Perl modules, a lot of Python modules A lot of Java modules as well, which are available under a package format So you can benefit from the work of the distribution people to have a clear set of packages

14:02

But for moving targets like Node.js, it's really something where you want to isolate it from your native distribution because you don't want to install on a distribution something which is not packaged Why? Because it creates I mean

14:20

manual installation compared to package installation is a direct way to create problems in your environment because you may have Stuff in the standard place and you may have at the same time the same stuff in a non-standard place Under a usr-local for example, if you just do Configure make install for a GNU software It will by default arrive in usr-local and then you will have binaries in usr-local-bin and binaries in usr-bin

14:44

And you don't know which version is which and sometimes you don't point to the right configuration file because you have multiple instances So really if you want to to have a serious Execution environment and also build environment you need to be very clear of what you do And identify clearly where you need to use non-package environments such as Node.js for example

15:05

compared to package environment The advantage that containers bring like VM You're not polluting your running environment You create an isolated place where you can do everything you want at the end is just in that environment And that's something you can send to someone else for test or whatever

15:24

So that's something you should be able to rebuild easily So doing it with VMs You should automate the creation of the VM and the operating system deployment in it And the installation of your application in it, etc. It's easier with containers than with VMs, but that's the same approach

15:40

You want to be able to easily scratch and redo your running environment execution environment if you have problems And so it's easier with docker file to do that and to address that and to rebuild on a regular base Your docker image is to be really up to date

16:01

Containers also bring something which is useful and that I'm using and that's the goal of the talk in fact You can have on a single Linux distribution Tons of other distributions available to make your test So you can automate The portability of your application in different running environments in different distribution You can package for different distribution your software so that it's installable natively for the people using packages from the distribution

16:28

So it's a really easy way to to distribute for for other distributions than the one you have or For I mean i'm running the sixth version of magia, which is the last stable version It has more than one and a half here now

16:42

And we will issue seven in a couple of months But I don't want to run a non-stable distribution. I use my my laptop to work and and I mean working with A development distribution is prone to break my ability to work very often so I prefer to isolate the test I do on the

17:03

Development distribution in a specific environment such as a container and that's the goal Compared to to using natively the development environment and having the compiler the compiler broken for a couple of weeks because There are stuff that we need to to put in place when we move from one version to another etc

17:21

Another advantage of containers with regards to vms is that it's very easy to share your home directory with you with the container So you can attach when you Launch your instance of a container from the image you can say to to that attach my home directory And put it in the home directory of the container environment so that i'm at home and I can use all the

17:46

files that I need to work in my environment, which means for example that allows you to share if you are on a RPM based distribution all the configuration files that are needed to build packages correctly RPM macros, RPM RC you can also keep a look on your SSH keys

18:04

I have my SSH key in the build system of Maggia to be able to push packages and ask for the build system to To recreate the packages I've tested locally You can do the same with other distribution as well. What I do is really generic. It's not linked to Maggia itself

18:22

The only way it's the only place where you really need the VM compared to a container to Do that isolation Is if you need a different kernel between what you're running and what you want to test That's the only only place where it's important for people like me who are doing packaging most of the time

18:40

I don't care I can use a native kernel of my distribution to do the packaging. I'm packaging for 120 different distributions The software i'm upstream for without any problem due to the difference of kernel On the host and inside the packaging environment So that's really feasible

19:02

So, how do you deal with that concretely? So You have the docker registry or you have your own registry or you have your own local images You have a set of images that you can put on your own environment You create those images using a docker file

19:23

I will show you the content of the docker file just after And every time you need to Test something in a different environment than the one you're running you instantiate a container for the distribution, which is your target And inside the container you're building packages that then you can send to your distribution repository

19:42

either using Subversion or git sources depending on the distribution and the package management system of your distribution okay, so Maybe I should turn around And show you the real file instead of the one on the slides for people who want to have a look

20:03

after the presentation But I should be able To show you something else here Which is a real one

20:28

Okay, so I have a way to capture some parameters As input which is not really important. I have a configuration file that I can use To pass some variables and have default variables

20:41

Available in my environment here. So the version of the of the major distribution target temporary directories mirror That I can use to download the dependencies The working directory the architecture are on which I'm working because I can also build for different type of

21:03

Of architectures there is a very convenient project in qemu which allows you for example to run on an x86 machine non x86 binaries As if you were in a virtualization environment except that you are not virtualized You are not in a vm. You're virtualizing the instruction set, but you're not in a vm

21:24

So I'm I started to I was just a raspberry to make some tests with the another architecture to see if it was working here That seems to be very interesting So I get my my information My uid gid because I want to map those inside the container and then I write I generate a docker file here

21:47

I start from What I call a major official repository, which is in fact local to my system. So those are my local Root images for the distribution I can show you if we have time how it's built

22:03

The first thing I do is I update my distribution inside the the image when I build the image I say I want the latest version of every package that I need Then I I can okay, that's not that's commented then you install all the dependencies that you need

22:21

Uh in your environment So I update the repositories and then I install all the dependency packages that have been updated since the last time And I install in that environment because i'm building packages The set of packages I need to build packages So there is a bm command which does the build through rpm build

22:43

Majaia is using subversion for configuration files and stuff like that. We have the image here repo command, which is The interaction with the major official repository and the launch of the build interaction with the build system of major and Some other useful tool like a color diff and studio because I want to be able in my build environment

23:05

So when you're building packages for for a distribution never build as root That's so if you if you take something out of this This talk is never built as root instead of because when you're building a package You don't know what you are launching your your packaging this Set of software which is coming from upstream and those guys may do

23:24

Remove files etc. And if you don't set up the right environment viable You will remove files in a place where you don't expect to remove them So never run as root run as a single user So that's why there is some magic here to create the user in the container image

23:41

Uh associating the right the right uid gid this line is not useful anymore and giving to that user the studio the right to studio in the container And without any password to be able to launch some commands as root when you need them But not when you don't need them and you do you do that on purpose. So every all the builds

24:02

Is done as a single user, but sometimes if you want for example to install the build packages on your environment Then you will need root access to be able to write in the package database that you want to install the package And then I create the home directory of that user. I say that I will be in a workday, which is my

24:22

the place where I have my My major environment I run the container as a user not as root and I launch a bash command and the rest is just some A small part to detect if there is already a container if I force I can remove the the previous image to rebuild an image

24:41

And then I just run So this is the line which is creating the instantiation From the image. So here we are building the image with that receipt once the image is built you instantiate an environment You say I want to remove that environment at the end of the run. I want to map my

25:01

I want to be able to SSH Correctly from my docker container environment. So I need to make some stuff with the with the socket inside the environment and set up the SSH socket inside the environment to the same place where it is outside so I can communicate using my SSH agent Which is already installed on my system

25:22

I just want to mount my home directory under my home directory inside the container And I I use the image which is tagged like that which is the name of what we are creating here in the in the receipt, so How does it work?

25:41

So here I'm running on image ES6 And I can create of course image ES6 environment as well So by default By default so I didn't relaunch anything this morning so I cannot

26:04

Let me just Let me just restart the docker daemon because I may change some stuff since yesterday

26:21

Let's try again So I have a certain number of images. That's why it takes a bit of time So there is a couple of images and you see there are a lot of different distributions that I use

26:41

to build to have different environments to be able to build different software correctly, so that's why it takes a bit of time Is it better now? No, still not no such holes. So I may have lost my network Which is here Where is my mouse?

27:02

Here

27:52

Yeah, I have no No LAN

28:14

So can I use The first time legacy here Complete for the first time one should be better

29:01

Oh, yeah, right

29:21

So the difference of

30:10

64 It should be before

30:35

I'm not pointing to the right image I may see the architecture here

30:41

Okay, so here where am I? I am in a container which has been instantiated from the image which is here You see at the prompt change of course from That perspective here. It's still a major ES6 environment, but this one

31:06

Has 232 packages where has my native distribution? Has 3000 packages so I'm in a completely new different environment. It's a fresh major ES6 environment

31:22

Which has a minimum set of packages that you need to have to run the command which can install additional packages So that's what you want to have you have a bare minimum distribution On which you you are able to use if it's a Debian distribution apt-get If it's a measure, yeah, you are PMI if it's a Federer DNF

31:43

That's just what you want to to be able to do because that plus the network configuration, correct so that you can Touch the repositories and download content from the repositories so where you're here So the stuff which is also not right is that I'm root in that environment

32:02

I should not be root. I should be I should be a single user Let me check yeah, so Yeah, right

32:21

So this is this is the image. So this is the official image. This is the one I use As a base environment, so this is not the image I use to build my packages I can do the same Easily with another version. So if I use a cauldron version Here, I will be now in a different environment

32:45

Which is imagine 7 version Which has a different set of packages Only 219 so nice job for the guy working on that because they reduce the size of the minimum distribution set from 232 to 219 so we have less packages when we want to create a

33:04

a small distribution with major 7 release and here If you look all the packages which are installed or mga7 Whereas of course here all the packages which are installed on my native system or mga6 So I have I have a working major environment here, which is completely different that i'm pointing to the development distribution

33:25

I have all the dependencies of the development distribution. I can really do what I want in that environment easily. Let me try to Just fix that Because there is something wrong here you should never make changes

33:51

Uh, well, that's not that's not very correct. In fact, that's not very correct It's the day before the distribution the presentation. Um, let me check

34:04

Because yesterday I was building some stuff so So I have in my environment normally this one for example so if I go here into

34:20

this one Yeah, which has the um, which has the architecture that was the missing part of my my script script has not been updated for so now I have an image which is Based on the previous image. So this is still a control

34:41

version version 7 But this time I have a bit more packages because in my receipt So if you if we look at the docker file uh that we have for example

35:01

Where is the presentation So if we look at the docker file that we are using here in the presentation, which is which is the same

35:21

in addition to the standard Distribution which has 219 packages I asked to add a couple of additional commands to be able to work So for example, I should have the bm and the mga repo command So let's go back here

35:41

So here here first I am a single user. I'm not root anymore. I change the environment in which I want to run And I have access to the bm command I have access to the mga repo command which were not there before So and I am placed in my in my directory where I have all

36:01

The packages i'm following for majoria that I can rebuild So let's take for example Something related to docker. I have the docker compose. I will do a remove of Everything which is not relevant So all the intermediate Build stuff here. I just keep the sources and the spec file which are the strict minimum. I need to build packages

36:27

so For those not really Familiar with that maybe so the spec file is again a receipt which gives to the rpm system Instructions on how to build a package for the distribution i'm running so it gives you

36:42

some Dependencies at build time that you need to satisfy to be able to build and as docker compose is a python Script it needs a certain number of python modules to be able to build correctly and then it will also Indicate some

37:01

Installation dependencies. So if you install the package on the distribution, you will need to satisfy those dependencies Around python modules needed and then you have the receipt to be able to To build the software in your environment So for the majoria distribution is as simple as doing bm and of course it does not work not because it's a demo

37:22

Because it's it's on purpose. I missed All the dependencies I showed to you that there are build dependencies here and I don't have those if I do rpm pipe grep python I have a certain number of python packages typically

37:46

What is needed to build Python packages and the python 3 and 2 versions as well itself But very few other packages just setup tools is the only one I have for example, I don't have I think it needs The docker package the web socket client, etc. So all those packages are not available yet. So I can say to my system, okay

38:07

I need to be a root because I want to install additional packages and I want to install the packages Which are mentioned in the spec file that I need to have So it says, okay, I want I will default to to using build requires. So which are the build requires that you need?

38:24

Okay, you need a python docker package. Which one do you want and say, okay, let's take the first one And you have recommended packages or optional packages. So I say, okay, I don't want to pollute too much my system So I would say okay do not

38:43

Do not install the recommended packages just the one I really need to build so the list of packages as Dependencies which are needed in my environment are those I will say install those stuff and hopefully if there is a bit of network

39:01

I should be able to download them which does not seem to be the case

39:25

Okay, so maybe the mirror is having an issue because I have the network here Let me check

39:46

District coffee Yeah So I cannot touch the mirror myself either on the web browser, so I need another mirror Let me try

40:41

So let's say okay. This mirror is broken does not want to deliver to me stuff. That's not a big issue Well, that's a problem, but that's not a big issue So I will go in my configuration file and I will change the mirror

41:11

Okay, let's do it the other way around so I will change the mirror the reference to the mirror here

41:26

Inside the configuration file to something which is better Which is the kernel.org mirror, which should be working fine here

41:57

Oh, there is to this trip

42:09

Okay This time should be a bit better So let's try again Okay so when you deal with a mirror, which is up to date and

42:23

available You can download the dependencies to build your software It installs them for you So now you can build your package and this time as all the dependency requirements are satisfied then you can

42:41

Build the package and you have in your environment again All the directories that have been created for example You have the new package which is available here, which has just been built in my environment Which is clean because it has been built using the Maggia Cauldron tools Maggia Cauldron dependencies

43:00

Creating an mga7 version. So everything is completely safe from a build environment And now I can just try to install it and again It's looking at dependencies at install time and it's okay for Installing that package you will need those packages as dependencies. So just say yes

43:25

It will download some additional packages and now you have the package which is here and you can start Testing it in your environment because it's working So you have a strict minimum environment to be able to make tests of one package that you have built here

43:41

Which is exactly what you want to do, and I'm not polluting the rest of my system It's completely isolated and I can do that as many times as I want with different distributions available any question

44:09

Yes

44:21

So generally What happens by distro vendors is they have a build system And on the build system you have a machine with all the targets that you need to support or you want to support So here I'm testing on my local system. I will check that everything is working when I'm done I can use the Maggia repo command to push

44:43

My content to the build system pushing my content is just pushing the subversion Set of files that are under control So in my case here Where is my mouse again, here sorry

45:04

So here is On the build system the subversion Tree that I mirrored locally You can have a look at the different stuff that have been

45:24

Done From the system so you see what happened to the life of the package During its development you see when you have modified the compose file when you have A build a massive build for example for Maggia 7 which happened which changed automatically a certain number of stuff

45:42

okay, and when you are happy with what you have so In your environment what is important or the sources directory And the spec directory so the spec directory contains the spec file that is mandatory to rebuild And the sources directory contains the sources of the values version I have had during time of that component and a shaawan

46:09

File Checking the for the checksum of the of the source file So those are stuff that are in the subversion repository on the repo at in the Maggia build environment And when I launch

46:22

build for me The package it will go to the build system extract from Subversion the right files do the bm command like me on all of the target systems that you need to to support So it will be for x86 I586 Which is the 32-bit version

46:41

Arm 7hl because we are not like Debian because I see you have a Debian t-shirt So we are not as Debian maintaining as many as many architectures that you are maintaining, of course And we have less packages as well as Debian to be clear Only 30 000 when Debian has 50 000 or something like that So that's that's the way it's done. You have your target system on the build infrastructure that are used to build the final system

47:06

So you're building stuff you're testing it Of course, you may have a software which is working nice on x86 and not working on Arm And you will not detect it through this process. You will detect it when your contributors say Hey, it's broken on my on my version and you you have the backzilla you give the architecture on which it's not working

47:24

And people will make tests on that version if they have not done that before Um, that's the way that's the way it's done No It's a dedicated system, which is I think using just fruits for due to to I mean you don't change build system easily

47:43

That's that's one of the problem So, yeah That's the way it's done Any other question? How am I doing with time? Are we here? One more question, okay

48:03

So if there is no no other question, I'll leave you a bit of time to change room and Get another fantastic presentation. Hopefully Thank you very much