open source

Dec 22 2013

FOSDEM 2014 is coming

and with that almost a full week of side events.
For those who don't know FOSDEM, (where have you been hiding for the past 13 years ? ) Fosdem is the annual Free and Open Source Developers European meeting. If you are into open source , you just can't mis this event where thousands of likeminded people will meet.

And if 2 days of FOSDEM madness isn't enough people organise events around it.

Last year I organised PuppetCamp in Gent, the days before Fosdem and a MonitoringLove Hackfest in our office the 2 days after FOSDEM This year another marathon is planned.

On Friday (31/1/2014) the CentOs community is hosting a Dojo in Brussels at the IBM Forum. (Free, but registration required by the venue)

After the success of PuppetCamp in Gent last year we decided to open up the discussion and get more Infrastructure as Code people involved in a CfgMgmtCamp.eu

The keynotes for CfgMgmtCamp will include the leaders of the 3 most popular tools around , both Mark Burgess, Luke Kanies and Adam Jacob will present at the event which will take place in Gent right after Fosdem. We expect people from all the major communities including, but not limited to , Ansible, Salt, Chef, Puppet, CFengine, Rudder, Foreman and Juju (Free but registration required for catering)

And because 3 events in one week isn't enough the RedHat Community is hosting their Infrastructure.next conference after CfgMgmtCamp at the same venue. (Free but registration required for catering)

cya in Belgium next year..

Jul 17 2011

Drupal and Configuration Mgmt, we're getting there ...

For those who haven't noticed yet .. I`m into devops .. I`m also a little bit into Drupal, (blame my last name..) , so one of the frustrations I've been having with Drupal (an much other software) is the automation of deployment and upgrades of Drupal sites ...

So for the past couple of days I've been trying to catch up to the ongoing discussion regarding the results of the configuration mgmt sprint , I've been looking at it mainly from a systems point of view , being with the use of Puppet/ Chef or similar tools in mind .. I know I`m late to the discussion but hey , some people take holidays in this season :) So below you can read a bunch of my comments ... and thoughts on the topic ..

First of all , to me JSON looks like a valid option.
Initially there was the plan to wrap the JSON in a PHP header for "security" reasons, but that seems to be gone even while nobody mentioned the problems that would have been caused for external configuration management tools.
When thinking about external tools that should be capable of mangling the file plenty of them support JSON but won't be able to recognize a JSON file with a weird header ( thinking e.g about Augeas (augeas.net) , I`m not talking about IDE's , GUI's etc here, I`m talking about system level tools and libraries that are designed to mangle standard files. For Augeas we could create a separate lens to manage these files , but other tools might have bigger problems with the concept.

As catch suggest a clean .htaccess should be capable of preventing people to access the .json files There's other methods to figure out if files have been tampered with , not sure if this even fits within Drupal (I`m thinking about reusing existing CA setups rather than having yet another security setup to manage) ,

In general to me tools such as puppet should be capable of modifying config files , and then activating that config with no human interaction required , obviously drush is a good candidate here to trigger the system after the config files have been change, but unlike some people think having to browse to a web page to confirm the changes is not an acceptable solution. Just think about having to do this on multiple environments ... manual actions are error prone..

Apart from that I also think the storing of the certificates should not be part of the file. What about a meta file with the appropriate checksums ? (Also if I`m using Puppet or any other tool to manage my config files then the security , preventing to tamper these files, is already covered by the configuration management tools, I do understand that people want to build Drupal in the most secure way possible, but I don't think this belongs in any web application.

When I look at other similar discussions that wanted to provide a similar secure setup they ran into a lot of end user problems with these kind of setups, an alternative approach is to make this configurable and or plugable. The default approach should be to have it enable, but the more experienced users should have the opportunity to disable this, or replace it with another framework. Making it plugable upfront solves a lot of hassle later.

Someone in the discussion noted :
"One simple suggestion for enhancing security might be to make it possible to omit the secret key file and require the user to enter the key into the UI or drush in order to load configuration from disk."

Requiring the user to enter a key in the UI or drush would be counterproductive in the goal one wants to achieve, the last thing you want as a requirement is manual/human interaction when automating setups. therefore a feature like this should never be implemented

Luckily there seems to be new idea around that doesn't plan on using a raped json file
instead of storing the config files in a standard place, we store them in a directory that is named using a hash of your site's private key, like sites/default/config_723fd490de3fb7203c3a408abee8c0bf3c2d302392. The files in this directory would still be protected via .htaccess/web.config, but if that protection failed then the files would still be essentially impossible to find. This means we could store pure, native .json files everywhere instead, to still bring the benefits of JSON (human editable, syntax checkable, interoperability with external configuration management tools, native + speedy encoding/decoding functions), without the confusing and controversial PHP wrapper.

Figuring out the directory name for the configs from a configuration mgmt tool then could be done by something similar to

  1. cd sites/default/conf/$(ls sites/default/conf|head -1)

In general I think the proposed setup looks acceptable , it definitely goes in the right direction of providing systems people with a way to automate the deployment of Drupal sites and applications at scale.

I`ll be keeping a eye on both the direction they are heading into and the evolution of the code !

Dec 21 2010

The New devops Audience, Drupalistas !

When I first started out giving talks about devops , I realized that I was preaching to the choir, some Barcamps, the Keynote at Loadays , the Dutch Unix Usergroup etc .. lots of people in the audiences knew about the pains we were trying to solve, lots of them already knew some of the tools we use and lots of them already talk a lot with their developers or are part of the deveoplment teams

With our Devoxx talk, Patrick and I started to talk to a different audience , the Java devs , and it was great, we all learned from it. With that experience in mind I submitted a variation of the talk to an audience that is also very important to me ... the Drupal Community .

Devops is gaining importance , while we been practicing devops methodologies since ever, now even the big analyst companies etc are writing and talking about the movement, the drupal community really should also get involved.

So if you care about devops, about devs and ops working together, about continuous integration, continuous deployment, configuration mangement, automation, monitoring and scale, if you've heard about all of the above but have no clue what Puppet, Hudson or Fabric can do for you , vote here for my proposed talk at Drupalcon Chicago,

Nov 03 2010

Bug Zapper

Dear Fedoracommunity,

Over the course of the day I recieved 22^H3 mails from your friendly Bug Zapper.

Most of those bugs where bugs I had reported upon crashes using bug-buddy. Bugs on different desktop tools such as .. synergy, evolution, gwibber , gnome-settings and probably some others

I do understand that I development goes on and on .. and your fancy devs don't care anymore about bugs I reported on Fedora 12 as they are all hacking on Fedora 15 and that I should update more frequently ...

But what I don't get is that non of these bugs was ever touched,
they've been automatically created , and automatically closed

Luis already told us ages ago .. every project needs a bugmaster apparently Fedora replaced that bugmaster with a Bug Zapper.

So can someone please explain my why I should continue to try to improve Fedora by reporting bugs ?

Jun 21 2010

A parallel universe

What happens when you mention Open Office and Firewall in once sentence, in public ?

People start actually building it (French Article)

Then add to that list that there's also people out there that think that running MySQL over NFS is providing them High Availability, or that using DNS Round Robin will provide them a scalable setup,

So yes .. apparently there is indeed a parallel universe out there.

And no .. I don't want to see Webmin in any Appliance .. that is a joke..., or rather a rant ..

Mar 30 2010

11 days till Loadays

That's right .. only 11 more ...
The schedule looks promising, there will be some devops juice, some open spaces, some tutorials, som regular talks .. it really looks promising ... the schedule is packed ,

Apart from the talks, tutorials and open spaces there's also the
Pizza party and the Beer event on saturday ...

No need to register .. just show up ..

Feb 09 2010

Fosdem 2010

Fosdem 2010 was my 10th fosdem Edition (including the first OSDEM)
As every year Fosdem suffered even more from it's own success.

On Friday evening ther was the obligatory Beer event... however as people need to eat to .. the Devops crowd fled the scene

I had made reservations for a 20 something group and with the CentOS crowd joining us (as there was some overlap anyhow) we were 25 when we arrived in the restaurant .

Dinner and Discussions were great .. I learned about some new projects and we had some insightfull dicussions on how fat your thin foil should be ...

After dinner we went back to the Beer Event were lots of Free Beer was tasted ...

Saturday was the first full day of Fosdem, as usual Fosdem was the victim of it's own success , too much interresting stuff to see .. too little time.

Lots of Devrooms had the "FULL" sign put up more than you want as a visitor ...
I never even made it into the Drupal or NoSQL rooms :(

Sadly I had to correct Ploum's first law but for a lot of people .. Fosdem each time means the battle choosing which presentation you'll go to ... If you can even make it to the talk .. as usually the the hallway track is much more interresting :)

The MySQL devroom was on sunday but on saturday the crowd met in an Italian place nearby the Fosdem campus to get to know each other and chat a lot ..
The discussions ranged from French vs Canadaian and the future of Forks

During Saturday afternoon @patrickdebois suggested a Devops Meetup for Breakfast ... and some how that also happened ...

When I arrived at Fosdem on sunday morning they were still there :)

I spent the biggest part of Sunday in and around the MySQL devroom listening to a bunch of interresting talks

My own talk went fairly well given the time constraint .. sqeezing content for an hour in 20 minutes means you can't really go deep into the topics ...
My initial plan was to only focus on Pacemaker integration however the community had voted for the overview talk :)

After my own talk it was almost time to head to the Janson auditorium for the Footnote of Greg Kroah-Hartman, and as on any Fosdem .. there once again had to be Beer

Jan 15 2010

Planet , Drupal Style

So when you setup an aggregator there's this one thing you miss from a regular planet ...the list of blogs with their individual Feeds.

I wanted to use this for planet.loadays.org again and realized I don't know where I got this snippet from or if I wrote it myselve or whatever .. but I do realize that unless I document it here I won't be able to point other people to it again :) So just create a block like this one :

  1. <?php
  2.  
  3.  
  4. $subscriptions = db_query('SELECT title,link,url FROM {aggregator_feed} ORDER BY title');
  5. while ($list = db_fetch_object($subscriptions)) {
  6. print "<a href=\"$list->link\">$list->title</a> (<a href=\"$list->url\">feed</a>)<br>\n";
  7.  
  8. }
  9.  
  10. ?>

Dec 14 2009

Option D

Lots of people writing about Snorkle again today ,Monty Says, help saving MySQL

He gives us different options, a , b or c .. but I , and some others, want an option d

No I don't trust Oracle, it's not like they have been a very good Open Source Citizen, yes they contribute to the kernel and other projects but my feeling says it's only because they have to (Kernel, Xen and others ) not because they Want to (thinking about Unfakable etc) , if they would really want to they probably would work with the CentOS community more etc, and as Monty mentions their InnoDB track record could be better.

But on the other hand I don't think the EU should block the deal because Monty wants his baby back , cheap , as honestly imvho that's what they really want, be able to buy MySQL back for a nice price, either beceause Oracle is being forced by the EU to split up Sun, or eventually the deal doesn't come trough and they can buy MySQL back when Sun really goes belly up (which is what probably happens when option a) is chosen.

According to CNN , Oracle has made some pledges about MySQL earlier today.
My main question there however is about the Opposite of option 5. which is exactly what created the problem.

5. Support not mandatory. Customers will not be required to purchase support services from Oracle as a condition to obtaining a commercial license to MySQL.

Yes we want support, but no we don't want a commercial license with it, we want support on the GPL version, which is a problem lots of Open Source vendors struggle with , some of them
force people wanting to buy support to go for the commercial license. And it is exaclty that upselling that got MySQL in the troubles it has today .

Josh Berkus has a point declaring
Dual Licensing dead, just as I he sees much more future in the Percona like model than in the Dual License model MySQL used to have ..

Dries points to one of the comments on
Lukas Kahwe Smith 's Come On Money er Monty article stating
Monty walks away with several millions in hard cash, while [PHP +] MySQL cheerleaders who bet on "MySQL" franchise only walk away with a cute dolphin T-shirt

Which makes me wonder when I`ll be getting a nice Acquia T-shirt :)

Nov 05 2009

Life with an Android

I've have never been a really an HTC fan, because of the platform they used before, I have been a Ericsson GA628, SH888, then Sony Ericsson fanboy for all my life T39m, K700, K800i , so this is my first attempt into using a different brand of phone , I've been wanting an Open Phone for ages.. but I've been waiting for Godot, er the openMoko, for way to long now so with the introduction of the HTC and my K800i being long overdue for a replacement.

The Good,

So in gereral I`m pretty satisfied with my HTC Hero so far, it's quick/reactive , the wifi has good reception , screen quality is good, the touch screen however will take some time to get used to .. it already happened a couple of times that I accidently started calling the wrong person while I was still browing trough the addressbook. But in short .. I like the phone ..

However there's lots of people out there warning us that the Android isn't really an Open phone, true, lots of the software on it is proprietary, and lots of the software in the Market is cripple or pay ware. However imvho it's a step in the good direction going from a fully closed phone so something already more open...

The Bad

The volume button is to easy to use when in your pocket , hence putting the phone on silent by walking around is not unusable and Camera Autofocus is pretty bad .. no I'm not comparing to my EOS 400D, but to my previos Ericsson phone. the quality of the pictures is shaky and there is no way to cover the lens.

As for the The Ugly I'd have to say Bluetooth support, hey I want to be able to browse / download my addressbook from my Phone to my Bluetooth enabled car , this is a feature I had on my previous phone, and the phone before that ..I want to be able to upload and download files over Bluetooth, works on both my previous phones , I want to be able to send phonebook entries over bluetooth .. so that's pretty much my biggest annoyancy
(unless someone knows solutions for this ?)

So when will Sony Ericsson release their Android in Europe ? I`m hoping they'd keep the features they already had on their previous phones , so I`m hoping for better camera and better bluetooth support ..

We have come a long way for Linux to be present in our daily life , even for Joe Average, at home we watch TV using MythTV, my alarm is a Chumby, the phone in my downstairs office is a TuxScreen ... So I`m wondering when I finally will get a car that is running Linux,