December 03, 2016

So much for my monthly blogging! Here’s what I have been up to in the Open Source world over the last 6 months.

Debian

  • Uploaded a new version of the debian-multimedia blends metapackages
  • Uploaded the latest abcmidi
  • Uploaded the latest node-process-nextick-args
  • Prepared version 1.0.2 of libdrumstick for experimental, as a first step for the transition. It was sponsored by James Cowgill.
  • Prepared a new node-inline-source-map package, which was sponsored by Gianfranco Costamagna.
  • Uploaded kmetronome to experimental as part of the libdrumstick transition.
  • Prepared a new node-js-yaml package, which was sponsored by Gianfranco Costamagna.
  • Uploaded version 4.2.4 of Gramps.
  • Prepared a new version of vmpk which I am going to adopt, as part of the libdrumstick transition. I tried splitting the documentation into a separate package, but this proved difficult, and in the end I missed the transition freeze deadline for Debian Stretch.
  • Prepared a backport of Gramps 4.2.4, which was sponsored by IOhannes m zmölnig as Gramps is new for jessie-backports.
  • Began a final push to get kosmtik packaged and into the NEW queue before the impending Debian freeze for Stretch. Unfortunately, many dependencies need updating, which also depend on packages not yet in Debian. Also pushed to finish all the new packages for node-tape, which someone else has decided to take responsibility for.
  • Uploaded node-cross-spawn-async to fix a Release Critical bug.
  • Prepared  a new node-chroma-js package,  but this is unfortunately blocked by several out of date & missing dependencies.
  • Prepared a new node-husl package, which was sponsored by Gianfranco Costamagna.
  • Prepared a new node-resumer package, which was sponsored by Gianfranco Costamagna.
  • Prepared a new node-object-inspect package, which was sponsored by Gianfranco Costamagna.
  • Removed node-string-decoder from the archive, as it was broken and turned out not to be needed anymore.
  • Uploaded a fix for node-inline-source-map which was failing tests. This turned out to be due to node-tap being upgraded to version 8.0.0. Jérémy Lal very quickly provided a fix in the form of a Pull Request upstream, so I was able to apply the same patch in Debian.

Ubuntu

  • Prepared a merge of the latest blends package from Debian in order to be able to merge the multimedia-blends package later. This was sponsored by Daniel Holbach.
  • Prepared an application to become an Ubuntu Contributing Developer. Unfortunately, this was later declined. I was completely unprepared for the Developer Membership Board meeting on IRC after my holiday. I had had no time to chase for endorsements from previous sponsors, and the application was not really clear about the fact that I was not actually applying for upload permission yet. No matter, I intend to apply again later once I have more evidence & support on my application page.
  • Added my blog to Planet Ubuntu, and this will hopefully be the first post that appears there.
  • Prepared a merge of the latest debian-multimedia blends meta-package package from Debian. In Ubuntu Studio, we have the multimedia-puredata package seeded so that we get all the latest Puredata packages in one go. This was sponsored by Michael Terry.
  • Prepared a backport of Ardour as part of the Ubuntu Studio plan to do regular backports. This is still waiting for sponsorship if there is anyone reading this that can help with that.
  • Did a tweak to the Ubuntu Studio seeds and prepared an update of the Ubuntu Studio meta-packages. However, Adam Conrad did the work anyway as part of his cross-flavour release work without noticing my bug & request for sponsorship. So I closed the bug.
  • Updated the Ubuntu Studio wiki to expand on the process for updating our seeds and meta-packages. Hopefully, this will help new contributors to get involved in this area in the future.
  • Took part in the testing and release of the Ubuntu Studio Trusty 14.04.5 point release.
  • Took part in the testing and release of the Ubuntu Studio Yakkety Beta 1 release.
  • Prepared a backport of Ansible but before I could chase up what to do about the fact that ansible-fireball was no longer part of the Ansible package, some one else did the backport without noticing my bug. So I closed the bug.
  • Prepared an update of the Ubuntu Studio meta-packages. This was sponsored by Jeremy Bicha.
  • Prepared an update to the ubuntustudio-default-settings package. This switched the Ubuntu Studio desktop theme to Numix-Blue, and reverted some commits to drop the ubuntustudio-lightdm-theme package fom the archive. This had caused quite a bit of controversy and discussion on IRC due to the transition being a little too close to the release date for Yakkety. This was sponsored by Iain Lane (Laney).
  • Prepared the Numix Blue update for the ubuntustudio-lightdm-theme package. This was also sponsored by Iain Lane (Laney). I should thank Krytarik here for the initial Numix Blue theme work here (on the lightdm theme & default settings packages).
  • Provided a patch for gfxboot-theme-ubuntu which has a bug which is regularly reported during ISO testing, because the “Try Ubuntu Studio without installing” option was not a translatable string and always appeared in English. Colin Watson merged this, so hopefully it will be translated by the time of the next release.
  • Took part in the testing and release of the Ubuntu Studio Yakkety 16.10 release.
  • After a hint from Jeremy Bicha, I prepared a patch that adds a desktop file for Imagemagick to the ubuntustudio-default-settings package. This will give us a working menu item in Ubuntu Studio whilst we wait for the bug to be fixed upstream in Debian. Next month I plan to finish the ubuntustudio-lightdm-theme, ubuntustudio-default-settings transition, including dropping ubuntustudio-lightdm-theme from the Ubuntu Studio seeds. I will include this fix at the same time.

Other

  • At other times when I have had a spare moment, I have been working on resurrecting my old Family History website. It was originally produced in my Windows XP days, and I was no longer able to edit it in Linux. I decided to convert it to Jekyll. First I had to extract the old HTML from where the website is hosted using the HTTrack Website Copier. Now, I am in the process of switching the structure to the standard Jekyll template approach. I will need to switch to a nice Jekyll based theme, as as the old theming was pretty complex. I pushed the code to my Github repository for safe keeping.

Plan for December

Debian

Before the 5th January 2017 Debian Stretch soft freeze I hope to:

Ubuntu

  • Add the Ubuntu Studio Manual Testsuite to the package tracker, and try to encourage some testing of the newest versions of our priority packages.
  • Finish the ubuntustudio-lightdm-theme, ubuntustudio-default-settings transition including an update to the ubuntustudio-meta packages.
  • Reapply to become a Contributing Developer.
  • Start working on an Ubuntu Studio package tracker website so that we can keep an eye on the status of the packages we are interested in.

Other

  • Continue working to convert my Family History website to Jekyll.
  • Try and resurrect my old Gammon one-name study Drupal website from a backup and push it to the new GoONS Website project.

on December 03, 2016 11:52 AM

December 02, 2016

Hi!

I’ve uploaded Mesa 12.0.4 for xenial and yakkety to my testing PPA for you to try out. 16.04 shipped with 11.2.0 so it’s a slightly bigger update there, while yakkety is already on 12.0.3 but the new version should give radeon users a 15% performance boost in certain games with complex shaders.

Please give it a spin and report to the (yakkety) SRU bug if it works or not, and mention the GPU you tested with. At least Intel Skylake seems to still work fine here.

 


on December 02, 2016 10:28 PM
En la Ubucon Europe pude conocer de primera mano los avances de Ubuntu Touch en el Fairphone 2.

Ubuntu Touch & Fairphone 2
El Fairphone 2 es un móvil único. Como su propio nombre indica, es un móvil ético con el mundo. No usa mano de obra infantil, construido con minerales por los que no corrió la sangre y que incluso se preocupa por los residuos que genera.

Delantera y trasera
En el apartado de software ejecuta varios sistemas operativos, y por fin, Ubuntu es uno de ellos.

Tu elección
El port de Ubuntu está implementado por el proyecto UBPorts, que está avanzando a pasos de gigante cada semana.

Cuando yo probé el móvil, me sorprendió la velocidad de Unity, similar a la de mi BQ E4.5.
La cámara es suficientemente buena. Y la duración de la batería es aceptable.
Me encantó especialmente la calidad de la pantalla, con sólo mirarla se nota su nitidez.
Respecto a las aplicaciones, probé varias de la Store sin problema.

Carcasa
En resumen, un gran sistema operativo, para un gran móvil :) Un win:win

Si te interesa colaborar como desarrollador de este port, te recomiendo este grupo de Telegram: https://telegram.me/joinchat/AI_ukwlaB6KCsteHcXD0jw

All images are CC BY-SA 2.0.
on December 02, 2016 05:54 PM

This is largely based on a presentation I gave a couple of weeks ago. If you are too lazy to read, go watch it instead😉

For 20 years KDE has been building free software for the world. As part of this endeavor, we created a collection of libraries to assist in high-quality C++ software development as well as building highly integrated graphic applications on any operating system. We call them the KDE Frameworks.

With the recent advance of software bundling systems such as Snapcraft and Flatpak, KDE software maintainers are however a bit on the spot. As our software is building on such a vast collection of frameworks and supporting technology, the individual size of a distributable application can be quite abysmal.

When we tried to package our calculator KCalc as a snap bundle, we found that even a relatively simple application like this, makes for a good 70 MiB snap to be in a working state (most of this is the graphical stack required by our underlying C++ framework, Qt).
Since then a lot of effort was put into devising a system that would allow us to more efficiently deal with this. We now have a reasonably suitable solution on the table.

The KDE Frameworks 5 content snap.

A content snap is a special bundle meant to be mounted into other bundles for the purpose of sharing its content. This allows us to share a common core of libraries and other content across all applications, making the individual applications just as big as they need to be. KCalc is only 312 KiB without translations.

The best thing is that beside some boilerplate definitions, the snapcraft.yaml file defining how to snap the application is like a regular snapcraft file.

Let’s look at how this works by example of KAlgebra, a calculator and mathematical function plotter:

Any snapcraft.yaml has some global attributes we’ll want to set for the snap

name: kalgebra
version: 16.08.2
summary: ((TBD))
description: ((TBD))
confinement: strict
grade: devel

We’ll want to define an application as well. This essentially allows snapd to expose and invoke our application properly. For the purpose of content sharing we will use a special start wrapper called kf5-launch that allows us to use the content shared Qt and KDE Frameworks. Except for the actual application/binary name this is fairly boilerplate stuff you can use for pretty much all KDE applications.

apps:
  kalgebra:
    command: kf5-launch kalgebra
    plugs:
      - kde-frameworks-5-plug # content share itself
      - home # give us a dir in the user home
      - x11 # we run with xcb Qt platform for now
      - opengl # Qt/QML uses opengl
      - network # gethotnewstuff needs network IO
      - network-bind # gethotnewstuff needs network IO
      - unity7 # notifications
      - pulseaudio # sound notifications

To access the KDE Frameworks 5 content share we’ll then want to define a plug our application can use to access the content. This is always the same for all applications.

plugs:
  kde-frameworks-5-plug:
    interface: content
    content: kde-frameworks-5-all
    default-provider: kde-frameworks-5
    target: kf5

Once we got all that out of the way we can move on to actually defining the parts that make up our snap. For the most part parts are build instructions for the application and its dependencies. With content shares there are two boilerplate parts you want to define.

The development tarball is essentially a fully built kde frameworks tree including development headers and cmake configs. The tarball is packed by the same tech that builds the actual content share, so this allows you to build against the correct versions of the latest share.

  kde-frameworks-5-dev:
    plugin: dump
    snap: [-*]
    source: http://build.neon.kde.org/job/kde-frameworks-5-release_amd64.snap/lastSuccessfulBuild/artifact/kde-frameworks-5-dev_amd64.tar.xz

The environment rigging provide the kf5-launch script we previously saw in the application’s definition, we’ll use it to execute the application within a suitable environment. It also gives us the directory for the content share mount point.

  kde-frameworks-5-env:
    plugin: dump
    snap: [kf5-launch, kf5]
    source: http://github.com/apachelogger/kf5-snap-env.git

Lastly, we’ll need the actual application part, which simply instructs that it will need the dev part to be staged first and then builds the tarball with boilerplate cmake config flags.

  kalgebra:
    after: [kde-frameworks-5-dev]
    plugin: cmake
    source: http://download.kde.org/stable/applications/16.08.2/src/kalgebra-16.08.2.tar.xz
    configflags:
      - "-DKDE_INSTALL_USE_QT_SYS_PATHS=ON"
      - "-DCMAKE_INSTALL_PREFIX=/usr"
      - "-DCMAKE_BUILD_TYPE=Release"
      - "-DENABLE_TESTING=OFF"
      - "-DBUILD_TESTING=OFF"
      - "-DKDE_SKIP_TEST_SETTINGS=ON"

Putting it all together we get a fairly standard snapcraft.yaml with some additional boilerplate definitions to wire it up with the content share. Please note that the content share is using KDE neon’s Qt and KDE Frameworks builds, so, if you want to try this and need additional build-packages or stage-packages to build a part you’ll want to make sure that KDE neon’s User Edition archive is present in the build environments sources.list deb http://archive.neon.kde.org/user xenial main. This is going to get a more accessible centralized solution for all of KDE soon™.

name: kalgebra
version: 16.08.2
summary: ((TBD))
description: ((TBD))
confinement: strict
grade: devel

apps:
  kalgebra:
    command: kf5-launch kalgebra
    plugs:
      - kde-frameworks-5-plug # content share itself
      - home # give us a dir in the user home
      - x11 # we run with xcb Qt platform for now
      - opengl # Qt/QML uses opengl
      - network # gethotnewstuff needs network IO
      - network-bind # gethotnewstuff needs network IO
      - unity7 # notifications
      - pulseaudio # sound notifications

plugs:
  kde-frameworks-5-plug:
    interface: content
    content: kde-frameworks-5-all
    default-provider: kde-frameworks-5
    target: kf5

parts:
  kde-frameworks-5-dev:
    plugin: dump
    snap: [-*]
    source: http://build.neon.kde.org/job/kde-frameworks-5-release_amd64.snap/lastSuccessfulBuild/artifact/kde-frameworks-5-dev_amd64.tar.xz
  kde-frameworks-5-env:
    plugin: dump
    snap: [kf5-launch, kf5]
    source: http://github.com/apachelogger/kf5-snap-env.git
  kalgebra:
    after: [kde-frameworks-5-dev]
    plugin: cmake
    source: http://download.kde.org/stable/applications/16.08.2/src/kalgebra-16.08.2.tar.xz
    configflags:
      - "-DKDE_INSTALL_USE_QT_SYS_PATHS=ON"
      - "-DCMAKE_INSTALL_PREFIX=/usr"
      - "-DCMAKE_BUILD_TYPE=Release"
      - "-DENABLE_TESTING=OFF"
      - "-DBUILD_TESTING=OFF"
      - "-DKDE_SKIP_TEST_SETTINGS=ON"

Now to install this we’ll need the content snap itself. Here is the content snap. To install it a command like sudo snap install --force-dangerous kde-frameworks-5_*_amd64.snap should get you going. Once that is done one can install the kalgebra snap. If you are a KDE developer and want to publish your snap on the store get in touch with me so we can get you set up.

The kde-frameworks-5 content snap is also available in the edge channel of the Ubuntu store. You can try the games kblocks and ktuberling like so:

sudo snap install --edge kde-frameworks-5
sudo snap install --edge --devmode kblocks
sudo snap install --edge --devmode ktuberling

If you want to be part of making the world a better place, or would like a KDE-themed postcard, please consider donating a penny or two to KDE

postcard04

on December 02, 2016 02:44 PM

Welcome to our November edition. We begin with details on our latest partnership with Docker. Next up, we bring you a co-hosted webinar with PLUMgrid exploring how enterprises can build and manage highly scalable OpenStack clouds. We also have a number of exciting announcements with partners including Microsoft, Cloud Native Computing Forum and Open Telekom Cloud. Take a look at our top blog posts for interesting tutorials and videos. And finally, don’t miss out on our round up of industry news.

docker

A Commercial Partnership With Docker

Docker and Canonical have announced an integrated Commercially Supported (CS) Docker Engine offering on Ubuntu providing Canonical customers with a single path for support of the Ubuntu operating system and CS Docker Engine in enterprise Docker operations.

As part of this agreement Canonical will provide Level 1 and Level 2 technical support for CS DOcker Engine backed by Docker, Inc providing Level 3 support.
Learn more

Webinar: Secure, scale and simplify your OpenStack deployments

In our latest on-demand webinar, we explore how enterprises and telcos can build and manage highly scalable OpenStack clouds with BootStack, Juju and PLUMgrid. Arturo Suarez, Product Manager for BootStack at Canonical, and Justin Moore, Principal Solutions Architect, at PLUMgrid, discuss common issues users run into when running OpenStack at scale, and how to circumnavigate them using solutions such as BootStack, Juju and PLUMgrid ONS.

Watch on-demand

In Other News

Microsoft loves Linux. SQL Server Public Preview available on Ubuntu

Canonical announced that the next public release of Microsoft’s SQL Server is now available for Ubuntu. SQL Server on Ubuntu now provides freedom of choice for developers and organisations alike whether you use on premises or in the cloud. With SQL Server on Ubuntu, there are significant cost savings, performance improvements, and the ability to scale & deploy additional storage and compute resources easier without adding more hardware. Learn more

Canonical launches fully managed Kubernetes and joins the CNCF

Canonical recently joined The Cloud Native Computing Foundation (CNCF), expanding the Canonical Distribution of Kubernetes to include consulting, integration and fully-managed on-prem and on-cloud Kubernetes services. Ubuntu leading the adoption of Linux containers, and Canonical’s definition of a new class of application and new approach to operations, are only some of the key contributions being made. Learn more

Open Telekom Cloud joins Certified Public Cloud

T-Systems, a subsidiary of Deutsche Telekom, recently launched its own Open Telekom Cloud platform, based on Huawei’s OpenStack and hardware platforms. Canonical and T-Systems have announced their partnership to provide certified Ubuntu images on all LTS versions of Ubuntu to users of their cloud services. Learn more

Top blog posts from Insights

Industry News

Ubuntu Cloud in the news

OpenStack & NFV

Containers & Storage

Big data / Machine Learning / Deep Learning

on December 02, 2016 12:01 PM

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Debian LTS

In the 11 hours of (paid) work I had to do, I managed to release DLA-716-1 aka tiff 4.0.2-6+deb7u8 fixing CVE-2016-9273, CVE-2016-9297 and CVE-2016-9532. It looks like this package is currently getting new CVE every month.

Then I spent quite some time to review all the entries in dla-needed.txt. I wanted to get rid of some misleading/no longer applicable comments and at the same time help Olaf who was doing LTS frontdesk work for the first time. I ended up tagging quite a few issues as no-dsa (meaning that we will do nothing for them as they are not serious enough) such as those affecting dwarfutils, dokuwiki, irssi. I dropped libass since the open CVE is disputed and was triaged as unimportant. While doing this, I fixed a bug in the bin/review-update-needed script that we use to identify entries that have not made any progress lately.

Then I claimed libgc and and released DLA-721-1 aka libgc 1:7.1-9.1+deb7u1 fixing CVE-2016-9427. The patch was large and had to be manually backported as it was not applying cleanly.

The last thing I did was to test a new imagemagick and review the update prepared by Roberto.

pkg-security work

The pkg-security team is continuing its good work: I sponsored patator to get rid of a useless dependency on pycryptopp which was going to be removed from testing due to #841581. After looking at that bug, it turns out the bug was fixed in libcrypto++ 5.6.4-3 and I thus closed it.

I sponsored many uploads: polenum, acccheck, sucrack (minor updates), bbqsql (new package imported from Kali). A bit later I fixed some issues in the bbsql package that had been rejected from NEW.

I managed a few RC bugs related to the openssl 1.1 transition: I adopted sslsniff in the team and fixed #828557 by build-depending on libssl1.0-dev after having opened the proper upstream ticket. I did the same for ncrack and #844303 (upstream ticket here). Someone else took care of samdump2 but I still adopted the package in the pkg-security team as it is a security relevant package. I also made an NMU for axel and #829452 (it’s not pkg-security related but we still use it in Kali).

Misc Debian work

Django. I participated in the discussion about a change letting Django count the number of developers that use it. Such a change has privacy implications and the discussion sparked quite some interest both in Debian mailing lists and up to LWN.

On a more technical level, I uploaded version 1.8.16-1~bpo8+1 to jessie-backports (security release) and I fixed RC bug #844139 by backporting two upstream commits. This led to the 1.10.3-2 upload. I ensured that this was fixed in the 1.10.x upstream branch too.

dpkg and merged /usr. While reading debian-devel, I discovered dpkg bug #843073 that was threatening the merged-/usr feature. Since the bug was in code that I wrote a few years ago, and since Guillem was not interested in fixing it, I spent an hour to craft a relatively clean patch that Guillem could apply. Unfortunately, Guillem did not yet manage to pull out a new dpkg release with the patches applied. Hopefully it won’t be too long until this happens.

Debian Live. I closed #844332 which was a request to remove live-build from Debian. While it was marked as orphaned, I was always keeping an eye on it and have been pushing small fixes to git. This time I decided to officially adopt the package within the debian-live team and work a bit more on it. I reviewed all pending patches in the BTS and pushed many changes to git. I still have some pending changes to finish to prettify the Grub menu but I plan to upload a new version really soon now.

Misc bugs filed. I filed two upstream tickets on uwsgi to help fix currently open RC bugs on the package. I filed #844583 on sbuild to support arbitrary version suffix for binary rebuild (binNMU). And I filed #845741 on xserver-xorg-video-qxl to get it fixed for the xorg 1.19 transition.

Zim. While trying to fix #834405 and update the required dependencies, I discovered that I had to update pygtkspellcheck first. Unfortunately, its package maintainer was MIA (missing in action) so I adopted it first as part of the python-modules team.

Distro Tracker. I fixed a small bug that resulted in an ugly traceback when we got queries with a non-ASCII HTTP_REFERER.

Thanks

See you next month for a new summary of my activities.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

on December 02, 2016 11:45 AM

December 01, 2016

Linux containers (LXC) are one of the hottest technologies in the market today. Developers are adopting containers, especially Docker, as a way to speed-up development cycles and deliver code into testing or production environments much faster than traditional methods. With the largest base of LXC, LXD, and Docker users, Ubuntu has long been the platform of choice for developers driving innovation with containers and is widely used to run infrastructure like Kubernetes as a result. Due to customer demand, Canonical recently announced a partnership with Google to deliver the Canonical Distribution of Kubernetes.


Marco Ceppi, Engineering Manager at Canonical, tells our container story at KubeCon 2016

Explaining Containers and Canonical’s Distribution of Kubernetes

First, a bit of background, containers offer an alternative to traditional virtualization. Containers allow organizations to virtually run multiple Linux systems on a single kernel without the need for a hypervisor. One of the most promising features of containers is the ability to put more applications onto a physical server than you could with a virtual machine. There are two types of containers – machine and process.

Machine containers (sometimes called OS containers) allow developers/organizations to configure, install, and run applications, multiple processes, or libraries within a single container. They create an environment where companies can manage distributed software solutions across various environments, operating systems, and configurations. Machine containers are largely used by organizations to “lift-and-shift” legacy applications from on-premise to the cloud. Whereas process containers (sometimes called application containers) share the same kernel host, they can only run a single process or command. Process containers are especially valuable for creating microservices or API functions calls that are fast, efficient, and optimized. Process containers also allow developers to deploy services and solutions more efficiently and on time without having to deploy virtual machines.

Ubuntu is the container OS (operating system) used by a majority of Docker developers and deployments worldwide, and Kubernetes is the leader in coordinating process containers across a cluster, enabling high-efficiency DevOps, horizontal scaling, and support for 12-factor apps. Our Distribution of Kubernetes allows organizations to manage and monitor their containers across all major public clouds, and within private infrastructures. Kubernetes is effectively the air traffic controller for managing how containers are deployed.

Even as the cost of software has declined, the cost to operate today’s complex and distributed solutions have increased as many companies have found themselves managing these systems in a vacuum. Even for experts, deploying, and operating containers and Kubernetes at scale can be a daunting task. However, by deploying Ubuntu, Juju for software modeling, and Canonical’s Kubernetes distribution helps organizations to make deployment simple. Further, we have certified our distribution of Kubernetes to work with most major public clouds as well as on-premise infrastructure like VMware or Metal as a Service (MaaS) solutions thereby eliminating many of the integration and deployment headaches.

A new approach to IT operations

Containers are only part of the major change in the way we think about software. Organisations are facing fundamental limits in their ability to manage escalating complexity, and Canonical’s focus on operations has proven successful in enabling cost-effective scale-out infrastructure. Canonical’s approach dramatically increases the ability of IT operations teams to run ever more complex and large scale systems.

Leading open source projects like MAAS, LXD, and Juju help enterprises to operate in a hybrid cloud world. Kubernetes extends the diversity of applications which can now be operated efficiently on any infrastructure.

Moving to Ubuntu and to containers enables an organization to reduce overhead and improve operational efficiency. Canonical’s mission is to help companies to operate software on their public and private infrastructure, bringing Netflix-style efficiency to the enterprise market.

Canonical views containers as one of the key technologies IT and DevOps organizations will use as they work to become more cost effective and based in the cloud. Forward-looking enterprises are moving from proof of concepts (POCs) to actual production deployments, and the window for competitive advantage is closing.

For more information on how we can help with education, consulting, and our fully-managed or on cloud Kubernetes services, check out the Canonical Distribution of Kubernetes.

on December 01, 2016 03:00 PM

It’s Season Nine Episode Forty of the Ubuntu Podcast! Alan Pope, Mark Johnson, Martin Wimpress and Dan Kermac are connected and speaking to your brain.

The same line up as last week are here again for another episode.

In this week’s show:

  • We discuss what we’ve been upto recently:
  • We review the nexdock and how it works with the Raspberry Pi 3, Meizu Pro 5 Ubuntu Phone, bq M10 FHD Ubuntu Tablet, Android, Dragonboard 410c, Roku, Chomecast, Amazon FireTV and laptops from Dell and Entroware.

  • We share a Command Line Lurve:

sudo apt install netdiscover
sudo netdiscover

The output looks something like this:

_____________________________________________________________________________
  IP            At MAC Address     Count     Len  MAC Vendor / Hostname
-----------------------------------------------------------------------------
192.168.2.2     fe:ed:de:ad:be:ef      1      42  Unknown vendor
192.168.2.1     da:d5:ba:be:fe:ed      1      60  TP-LINK TECHNOLOGIES CO.,LTD.
192.168.2.11    ba:da:55:c0:ff:ee      1      60  BROTHER INDUSTRIES, LTD.
192.168.2.30    02:02:de:ad:be:ef      1      60  Elitegroup Computer Systems Co., Ltd.
192.168.2.31    de:fa:ce:dc:af:e5      1      60  GIGA-BYTE TECHNOLOGY CO.,LTD.
192.168.2.107   da:be:ef:15:de:af      1      42  16)
192.168.2.109   b1:gb:00:bd:ba:be      1      60  Denon, Ltd.
192.168.2.127   da:be:ef:15:de:ad      1      60  ASUSTek COMPUTER INC.
192.168.2.128   ba:df:ee:d5:4f:cc      1      60  ASUSTek COMPUTER INC.
192.168.2.101   ba:be:4d:ec:ad:e5      1      42  Roku, Inc
192.168.2.106   ba:da:55:0f:f1:ce      1      42  LG Electronics
192.168.2.247   f3:3d:de:ad:be:ef      1      60  Roku, Inc
192.168.3.2     ba:da:55:c0:ff:33      1      60  Raspberry Pi Foundation
192.168.3.1     da:d5:ba:be:f3:3d      1      60  TP-LINK TECHNOLOGIES CO.,LTD.
192.168.2.103   da:be:ef:15:d3:ad      1      60  Unknown vendor
192.168.2.104   b1:gb:00:bd:ba:b3      1      42  Unknown vendor
  • And we go over all your amazing feedback – thanks for sending it – please keep sending it!

  • This weeks cover image is taken from Flickr.

That’s all for this week! If there’s a topic you’d like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

on December 01, 2016 03:00 PM

There are more and more devices around the home (and in many small offices) running a GNU/Linux-based firmware. Consider routers, entry-level NAS appliances, smart phones and home entertainment boxes.

More and more people are coming to realize that there is a lack of security updates for these devices and a big risk that the proprietary parts of the code are either very badly engineered (if you don't plan to release your code, why code it properly?) or deliberately includes spyware that calls home to the vendor, ISP or other third parties. IoT botnet incidents, which are becoming more widely publicized, emphasize some of these risks.

On top of this is the frustration of trying to become familiar with numerous different web interfaces (for your own devices and those of any friends and family members you give assistance to) and the fact that many of these devices have very limited feature sets.

Many people hail OpenWRT as an example of a free alternative (for routers), but I recently discovered that OpenWRT's web interface won't let me enable both DHCP and DHCPv6 concurrently. The underlying OS and utilities fully support dual stack, but the UI designers haven't encountered that configuration before. Conclusion: move to a device running a full OS, probably Debian-based, but I would consider BSD-based solutions too.

For many people, the benefit of this strategy is simple: use the same skills across all the different devices, at home and in a professional capacity. Get rapid access to security updates. Install extra packages or enable extra features if really necessary. For example, I already use Shorewall and strongSwan on various Debian boxes and I find it more convenient to configure firewall zones using Shorewall syntax rather than OpenWRT's UI.

Which boxes to start with?

There are various considerations when going down this path:

  • Start with existing hardware, or buy new devices that are easier to re-flash? Sometimes there are other reasons to buy new hardware, for example, when upgrading a broadband connection to Gigabit or when an older NAS gets a noisy fan or struggles with SSD performance and in these cases, the decision about what to buy can be limited to those devices that are optimal for replacing the OS.
  • How will the device be supported? Can other non-technical users do troubleshooting? If mixing and matching components, how will faults be identified? If buying a purpose-built NAS box and the CPU board fails, will the vendor provide next day replacement, or could it be gone for a month? Is it better to use generic components that you can replace yourself?
  • Is a completely silent/fanless solution necessary?
  • Is it possibly to completely avoid embedded microcode and firmware?
  • How many other free software developers are using the same box, or will you be first?

Discussing these options

I recently started threads on the debian-user mailing list discussing options for routers and home NAS boxes. A range of interesting suggestions have already appeared, it would be great to see any other ideas that people have about these choices.

on December 01, 2016 01:11 PM

November’s reading list

Canonical Design Team

Here are the best links shared by the design team during the month of November:

  1. BARBICAN | Urban Poetry
  2. The Future of Web Education
  3. A new algorithm for finding a visual center of a polygon
  4. This Map of the World Just Won Japan’s Prestigious Design Award
  5. Ten things I wish I knew as a UX Research team of one
  6. Designing a Usable Dashboard
  7. DesignOps at Airbnb: How we manage effective design at scale
  8. The Coming Revolution in Email Design

Thank you to Jamie, Karl, Matthew and me for the links this month!

on December 01, 2016 10:07 AM

Ubuntu Core Gadget Snaps

Zygmunt Krynicki

Gagdet snaps, the somewhat mysterious part of snappy that few people grok. Being a distinct snap type, next to kernel, os and the most common app types, it gets some special roles. If you are on a classic system like Ubuntu, Debian or Fedora you don't really need or have one yet. Looking at all-snap core devices you will always see one. In fact, each snappy reference platform has one. But where are they?

Up until now the gadget snaps were a bit hard to find. They were out there but you had to have a good amount of luck and twist your tongue at the right angle to find them. That's all changed now. If you look a https://github.com/snapcore you will see a nice, familiar pattern of devicename-gadget. Each repository is dedicated to one device so you will see a gadget snap for Raspberry Pi 2 or Pi 3, for example.

But there's more! Each of those github repositories is linked to a launchpad project that automatically mirrors the git repository, builds the snap and uploads it to the store and publishes the snap to the edge channel!

The work isn't over, as you will see the gadget snaps are mostly in binary form, hand-made to work but still a bit too mysterious. The Canonical Foundations team is working on building them in a way that is friendlier to community and easier to trace back to their source code origins.

If you'd like to learn more about this topic then have a look at the snapd wiki page for gadget snaps.
on December 01, 2016 08:29 AM

November 30, 2016

Today, Amazon announced a new web service named Amazon Polly, which converts text to speech in a number of languages and voices.

Polly is trivial to use for basic text to speech, even from the command line. Polly also has features that allow for more advanced control of the resulting speech including the use of SSML (Speech Synthesis Markup Language). SSML is familiar to folks already developing Alexa Skills for the Amazon Echo family.

This article describes some simple fooling around I did with this new service.

Deliver Amazon Polly Speech By Phone Call With Twilio

I’ve been meaning to develop some voice applications with Twilio, so I took this opportunity to test Twilio phone calls with speech generated by Amazon Polly. The result sounds a lot better than the default Twilio-generated speech.

The basic approach is:

  1. Generate the speech audio using Amazon Polly.

  2. Upload the resulting audio file to S3.

  3. Trigger a phone call with Twilio, pointing it at the audio file to play once the call is connected.

Here are some sample commands to accomplish this:

1- Generate Speech Audio With Amazon Polly

Here’s a simple example of how to turn text into speech, using the latest aws-cli:

text="Hello. This speech is generated using Amazon Polly. Enjoy!"
audio_file=speech.mp3

aws polly synthesize-speech \
  --output-format "mp3" \
  --voice-id "Salli" \
  --text "$text" \
  $audio_file

You can listen to the resulting output file using your favorite audio player:

mpg123 -q $audio_file

2- Upload Audio to S3

Create or re-use an S3 bucket to store the audio files temporarily.

s3bucket=YOURBUCKETNAME
aws s3 mb s3://$s3bucket

Upload the generated speech audio file to the S3 bucket. I use a long, random key for a touch of security:

s3key=audio-for-twilio/$(uuid -v4 -FSIV).mp3
aws s3 cp --acl public-read $audio_file s3://$s3bucket/$s3key

For easy cleanup, you can use a bucket with a lifecycle that automatically deletes objects after a day or thirty. See instructions below for how to set this up.

3- Initiate Call With Twilio

Once you have set up an account with Twilio (see pointers below if you don’t have one yet), here are sample commands to initiate a phone call and play the Amazon Polly speech audio:

from_phone="+1..." # Your Twilio allocated phone number
to_phone="+1..."   # Your phone number to call

TWILIO_ACCOUNT_SID="..." # Your Twilio account SID
TWILIO_AUTH_TOKEN="..."  # Your Twilio auth token

speech_url="http://s3.amazonaws.com/$s3bucket/$s3key"
twimlet_url="http://twimlets.com/message?Message%5B0%5D=$speech_url"

curl -XPOST https://api.twilio.com/2010-04-01/Accounts/$TWILIO_ACCOUNT_SID/Calls.json \
  -u "$TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN" \
  --data-urlencode "From=$from_phone" \
  --data-urlencode "To=to_phone" \
  --data-urlencode "Url=$twimlet_url"

The Twilio web service will return immediately after queuing the phone call. It could take a few seconds for the call to be initiated.

Make sure you listen to the phone call as soon as you answer, as Twilio starts playing the audio immediately.

The ringspeak Command

For your convenience (actually for mine), I’ve put together a command line program that turns all the above into a single command. For example, I can now type things like:

... || ringspeak --to +1NUMBER "Please review the cron job failure messages"

or:

ringspeak --at 6:30am \
  "Good morning!" \
  "Breakfast is being served now in Venetian Hall G.." \
  "Werners keynote is at 8:30."

Twilio credentials, default phone numbers, S3 bucket configuration, and Amazon Polly voice defaults can be stored in a $HOME/.ringspeak file.

Here is the source for the ringspeak command:

https://github.com/alestic/ringspeak

Tip: S3 Setup

Here is a sample commands to configure an S3 bucket with automatic deletion of all keys after 1 day:

aws s3api put-bucket-lifecycle \
  --bucket "$s3bucket" \
  --lifecycle-configuration '{
    "Rules": [{
        "Status": "Enabled",
        "ID": "Delete all objects after 1 day",
        "Prefix": "",
        "Expiration": {
          "Days": 1
        }
  }]}'

This is convenient because you don’t have to worry about knowing when Twilio completes the phone call to clean up the temporary speech audio files.

Tip: Twilio Setup

This isn’t the place for an entire Twilio howto, but I will say that it is about this simple to set up:

  1. Create a Twilio account

  2. Reserve a phone number through Twilio.

  3. Find the ACCOUNT SID and AUTH TOKEN for use in Twilio API calls.

When you are using the Twilio free trial, it requires you to verify phone numbers before calling them. To call arbitrary numbers, enter your credit card and fund the minimum of $20.

Twilio will only charge you for what you use (about a dollar a month per phone number, about a penny per minute for phone calls, etc.).

Closing

A lot is possible when you start integrating Twilio with AWS. For example, my daughter developed an Alexa skill that lets her speak a message for a family member and have it delivered by phone. Alexa triggers her AWS Lambda function, which invokes the Twilio API to deliver the message by voice call.

With Amazon Polly, these types of voice applications can sound better than ever.

Original article and comments: https://alestic.com/2016/11/amazon-polly-text-to-speech/

on November 30, 2016 06:30 PM

Ohio LinuxFest 2016

Elizabeth K. Joseph

Last month I had the pleasure of finally attending an Ohio LinuxFest. The conference has been on my radar for years, but every year I seemed to have some kind of conflict. When my Tour of OpenStack Deployment Scenarios was accepted I was thrilled to finally be able to attend. My employer at the time also pitched in to the conference as a Bronze sponsor and by sending along a banner that showcased my talk, and my OpenStack book!

The event kicked off on Friday and the first talk I attended was by Jeff Gehlbach on What’s Happening with OpenNMS. I’ve been to several OpenNMS talks over the years and played with it some, so I knew the background of the project. This talk covered several of the latest improvements. Of particular note were some of their UI improvements, including both a website refresh and some stunning improvements to the WebUI. It was also interesting to learn about Newts, the time-series data store they’ve been developing to replace RRDtool, which they struggled to scale with their tooling. Newts is decoupled from the visualization tooling so you can hook in your own, like if you wanted to use Grafana instead.

I then went to Rob Kinyon’s Devs are from Mars, Ops are from Venus. He had some great points about communication between ops, dev and QA, starting with being aware and understanding of the fact that you all have different goals, which sometimes conflict. Pausing to make sure you know why different teams behave the way they do and knowing that they aren’t just doing it to make your life difficult, or because they’re incompetent, makes all the difference. He implored the audience to assume that we’re all smart, hard-working people trying to get our jobs done. He also touched upon improvements to communication, making sure you repeat requests in your own words so misunderstandings don’t occur due to differing vocabularies. Finally, he suggested that some cross-training happen between roles. A developer may never be able to take over full time for an operator, or vice versa, but walking a mile in someone else’s shoes helps build the awareness and understanding that he stresses is important.

The afternoon keynote was given by Catherine Devlin on Hacking Bureaucracy with 18F. She works for the government in the 18F digital services agency. Their mandate is to work with other federal agencies to improve their digital content, from websites to data delivery. Modeled after a startup, she explained that they try not to over-plan, like many government organizations do and can lead to failure, they want to fail fast and keep iterating. She also said their team has a focus on hiring good people and understanding the needs of the people they serve, rather than focusing on raw technical talent and the tools. Their practices center around an open by default philosophy (see: 18F: Open source policy), so much of their work is open source and can be adopted by other agencies. They also make sure they understand the culture of organizations they work with so that the tools they develop together will actually be used, as well as respecting the domain knowledge of teams they’re working with. Slides from her talk here, and include lots of great links to agency tooling they’ve worked on: https://github.com/catherinedevlin/olf-2016-keynote


Catherine Devlin on 18F

That evening folks gathered in the expo hall to meet and eat! That’s where I caught up with my friends from Computer Reach. This is the non-profit I went to Ghana with back in 2012 to deploy Ubuntu-based desktops. I spent a couple weeks there with Dave, Beth Lynn and Nancy (alas, unable to come to OLF) so it was great to see them again. I learned more about the work they’re continuing to do, having switched to using mostly Xubuntu on new installs which was written about here. On a personal level it was a lot of fun connecting with them too, we really bonded during our adventures over there.


Tyler Lamb, Dave Sevick, Elizabeth K. Joseph, Beth Lynn Eicher

Saturday morning began with a keynote from Ethan Galstad on Becoming the Next Tech Entrepreneur. Ethan is the founder of Nagios, and in his talk he traced some of the history of his work on getting Nagios off the ground as a proper project and company and his belief in why technologists make good founders. In his work he drew from his industry and market expertise from being a technologist and was able to play to the niche he was focused on. He also suggested that folks look to what other founders have done that has been successful, and recommended some books (notably Founders at Work and Work the System). Finaly, he walked through some of what can be done to get started, including the stages of idea development, basic business plan (don’t go crazy), a rough 1.0 release that you can have some early customers test and get feedback from, and then into marketing, documenting and focused product development. He concluded by stressing that open source project leaders are already entrepreneurs and the free users of your software are your initial market.

Next up was Robert Foreman’s Mixed Metaphors: Using Hiera with Foreman where he sketched out the work they’ve done that preserves usage of Hiera’s key-value store system but leverages Foreman for the actual orchestration. The mixing of provisioning and orchestration technologies is becoming more common, but I hadn’t seen this particular mashup.

My talk was A Tour of OpenStack Deployment Scenarios. This is the same talk I gave at FOSSCON back in August, walking the audience through a series of ways that OpenStack could be configured to provide compute instances, metering and two types of storage. For each I gave a live demo using DevStack. I also talked about several other popular components that could be added to a deployment. Slides from my talk are here (PDF), which also link to a text document with instructions for how to run the DevStack demos yourself.


Thanks to Vitaliy Matiyash for taking a picture during my talk! (source)

At lunch I met up with my Ubuntu friends to catch up. We later met at the booth where they had a few Ubuntu phones and tablets that gained a bunch of attention throughout the event. This event was also my first opportunity to meet Unit193 and Svetlana Belkin in person, both of whom I’ve worked with on Ubuntu for years.


Unit193, Svetlana Belkin, José Antonio Rey, Elizabeth K. Joseph and Nathan Handler

After lunch I went over to see David Griggs of Dell give us “A Look Under the Hood of Ohio Supercomputer Center’s Newest Linux Cluster.” Supercomputers are cool and it was interesting to learn about the system it was replacing, the planning that went into the replacement and workload cut-over and see in-progress photos of the installation. From there I saw Ryan Saunders speak on Automating Monitoring with Puppet and Shinken. I wasn’t super familiar with the Shinken monitoring framework, so this talk was an interesting and very applicable demonstration of the benefits.

The last talk I went to before the closing keynotes was from my Computer Reach friends Dave Sevick and Tyler Lamb. They presented their “Island Server” imaging server that’s now being used to image all of the machines that they re-purpose and deploy around the world. With this new imaging server they’re able to image both Mac and Linux PCs from one Macbook Pro rather than having a different imaging server for each. They were also able to do a live demo of a Mac and Linux PC being imaged from the same Island Server at once.


Tyler and Dave with the Island Server in action

The event concluded with a closing keynote by a father and daughter duo, Joe and Lily Born, on The Democratization of Invention. Joe Born first found fame in the 90s when he invented the SkipDoctor CD repair device, and is now the CEO of Aiwa which produces highly rated Bluetooth speakers. Lily Born invented the tip-proof Kangaroo Cup. The pair reflected on their work and how the idea to product in the hands of customers has changed in the past twenty years. While the path to selling SkipDoctor had a very high barrier to entry, globalization, crowd-funding, 3D printers and internet-driven word of mouth and greater access to the press all played a part in the success of Lily’s Kangaroo cup and the new Aiwa Bluetooth speakers. While I have no plans to invent anything any time soon (so much else to do!) it was inspiring to hear how the barriers have been lowered and inventors today have a lot more options. Also, I just bought an Aiwa Exos-9 Bluetooth Speaker, it’s pretty sweet.

My conference adventures concluded with a dinner with my friends José, Nathan and David, all three of whom I also spent time with at FOSSCON in Philadelphia the month before. It was fun getting together again, and we wandered around downtown Columbus until we found a nice little pizzeria. Good times.

More photos from the Ohio LinuxFest here: https://www.flickr.com/photos/pleia2/albums/72157674988712556

on November 30, 2016 06:29 PM

November 29, 2016

As I just posted in the Mission Forum, our KDE Developer Guide needs a new home. Currently it is "not found" where it is supposed to be.

UPDATE: Nicolas found the PDF on archive.org, which does have the photos too. Not as good as the xml, but better than nothing.

We had great luck using markdown files in git for the chapters of the Frameworks Cookbook, so the Devel Guide should be stored and developed in a like manner. I've been reading about Sphinx lately as a way to write documentation, which is another possibility. Kubuntu uses Sphinx for docs.

In any case, I do not have the time or skills to get, restructure and re-place this handy guide for our GSoC students and other new KDE contributors.

This is perhaps suitable for a Google Code-in task, but I would need a mentor who knows markdown or Sphinx to oversee. Contact me if interested! #kde-books or #kde-soc
on November 29, 2016 06:31 AM

I little while back I kicked off a competition to give away a Luma Wifi Set.

The challenge? Share a great community that you feel does wonderful work. The most interesting one, according to yours truly, gets the prize.

Well, I am delighted to share that Garrett Nay bags the prize for sharing the following in his comment:

I don’t know if this counts, since I don’t live in Seattle and can’t be a part of this community, but I’m in a new group in Salt Lake City that’s modeled after it. The group is Story Games Seattle: http://www.meetup.com/Story-Games-Seattle/. They get together on a weekly+ basis to play story games, which are like role-playing games but have a stronger emphasis on giving everyone at the table the power to shape the story (this short video gives a good introduction to what story games are all about, featuring members of the group:

Story Games from Candace Fields on Vimeo.

Story games seem to scratch a creative itch that I have, but it’s usually tough to find friends who are willing to play them, so a group dedicated to them is amazing to me.

Getting started in RPGs and story games is intimidating, but this group is very welcoming to newcomers. The front page says that no experience with role-playing is required, and they insist in their FAQ that you’ll be surprised at what you’ll be able to create with these games even if you’ve never done it before. We’ve tried to take this same approach with our local group.

In addition to playing published games, they also regularly playtest games being developed by members of the group or others. As far as productivity goes, some of the best known story games have come from members of this and sister groups. A few examples I’m aware of are Microscope, Kingdom, Follow, Downfall, and Eden. I’ve personally played Microscope and can say that it is well designed and very polished, definitely a product of years of playtesting.

They’re also productive and engaging in that they keep a record on the forums of all the games they play each week, sometimes including descriptions of the stories they created and how the games went. I find this very useful because I’m always on the lookout for new story games to try out. I kind of wish I lived in Seattle and could join the story games community, but hopefully we can get our fledgling group in Salt Lake up to the standard they have set.

What struck me about this example was that it gets to the heart of what community should be and often is – providing a welcoming, supportive environment for people with like-minded ideas and interests.

While much of my work focuses on the complexities of building collaborative communities with the intricacies of how people work together, we should always remember the huge value of what I refer to as read communities where people simply get together to have fun with each other. Garrett’s example was a perfect summary of a group doing great work here.

Thanks everyone for your suggestions, congratulations to Garrett for winning the prize, and thanks to Luma for providing the prize. Garrett, your Luma will be in the mail soon!

The post Luma Giveaway Winner – Garrett Nay appeared first on Jono Bacon.

on November 29, 2016 12:08 AM

November 28, 2016

Welcome to the Ubuntu Weekly Newsletter. This is issue #489 for the week November 21 – 27, 2016, and the full version is available here.

In this issue we cover:

The issue of The Ubuntu Weekly Newsletter is brought to you by:

  • Paul White
  • Chris Guiver
  • Elizabeth K. Joseph
  • David Morfin
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, content in this issue is licensed under a Creative Commons Attribution 3.0 License BY SA Creative Commons License

on November 28, 2016 10:37 PM
Rustifying IronFunctions

As mentioned in my previous blog post there is new open-source, lambda compatible, on-premise, language agnostic, server-less compute service called IronFunctions.
Rustifying IronFunctions

While IronFunctions is written in Go. Rust is still very much admired language and it was decided to add support for it in the fn tool.

So now you can use the fn tool to create and publish functions written in rust.

Using rust with functions

The easiest way to create a iron function in rust is via cargo and fn.

Prerequisites

First create an empty rust project as follows:

$ cargo init --name func --bin

Make sure the project name is func and is of type bin. Now just edit your code, a good example is the following "Hello" example:

use std::io;  
use std::io::Read;

fn main() {  
    let mut buffer = String::new();
    let stdin = io::stdin();
    if stdin.lock().read_to_string(&mut buffer).is_ok() {
        println!("Hello {}", buffer.trim());
    }
}

You can find this example code in the repo.

Once done you can create an iron function.

Creating a function

$ fn init --runtime=rust <username>/<funcname>

in my case its fn init --runtime=rust seiflotfy/rustyfunc, which will create the func.yaml file required by functions.

Building the function

$ fn build

Will create a docker image <username>/<funcname> (again in my case seiflotfy/rustyfunc).

Testing

You can run this locally without pushing it to functions yet by running:

$ echo Jon Snow | fn run
Hello Jon Snow  

Publishing

In the directory of your rust code do the following:

$ fn publish -v -f -d ./

This will publish you code to your functions service.

Running it

Now to call it on the functions service:

$ echo Jon Snow | fn call seiflotfy rustyfunc 

which is the equivalent of:

$ curl -X POST -d 'Jon Snow' http://localhost:8080/r/seiflotfy/rustyfunc

Next

In the next post I will be writing a more computation intensive rust function to test/benchmark IronFunctions, so stay tune :D

on November 28, 2016 09:47 PM

S09E39.2 – Le CrossOver Number 2 - Ubuntu Podcast

Ubuntu Podcast from the UK LoCo

It’s Le CrossOver #2! Marius Quabeck, Rudy, Martin Wimpress and Max Kristen are connected and speaking to your brain.

Four complete strangers make a podcast during UbuCon Europe 2016 at the Unperfekthaus in Essen, Germany.

That’s all for Le CrossOver #2! If there’s a topic you’d like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

on November 28, 2016 03:00 PM

November 27, 2016

UbuCon Europe in the retrospective

Sujeevan Vijayakumaran

Last weekend the very first UbuCon Europe took place in Essen, Germany. It was the second UbuCon where I was the head of the organisation team. But this one was the first international UbuCon, which had a few more challenges compared to a national UbuCon. ;)

This blog posts focuses on both: the event itself and some information about the organisation.

Thursday

The first unofficial day of the UbuCon was Thursday, where some people already arrived from different countries. We were already ten people from five different countries and we visited the Christmas market in Essen, which opened on that day. Gladly we had Nathan Haines with us, so he could translate all the alcoholic drinks from German to English, because I don't know anything about that. ;)

Friday

The first official day started in the afternoon with a guided tour through Zeche Zollverein. We were 18 people, this time from eight different countries. The tour showed us the history of the local area with the coal mines which were active in the past. They showed us the whole production line from the coal mining to the processing. The tour took two hours and after that we went to the Unperfekthaus, where the first social event of the weekend took place. There, we were roughly fifty persons mostly drinking, eating and talking.

It was also the first chance to see familiar and new faces again!

Saturday

Saturday started with my quick introduction to the event. After that Canonical CEO Jane Silber hold the first keynote where she talked mostly about the IoT and the Cloud. I was glad that she followed my invitation, even though she had to leave after lunch. The day was packed with different talks and workshops.

I sadly couldn't join every talk but the talks from Microsoft about "Bash on Ubuntu on Windows" was quite interesting. Laura Czajkowskis talk about "Supporting Inclusion & Involvement in a Remote Distributed Team" was short but also interesting. The day ended with the raffle and the UbuCon Quiz. Everyone could buy an unlimited amount of raffle ticket for 1€ so there were a few people with more than ten tickets. We mostly had different Ubuntu USB-Sticks, three Ubuntu Books, Microsoft T-Shirts, a Nextcloud Box and the bq Aquaris M10 Tablet which were pretty popular. Funnily some people won more than one prize. The UbuCon Quiz afterwards was funny too. The ultimate answer to every question seemed to be "Midnight Commander" :). After the quiz the second social event started and was joined by about 80 persons.

Sunday

After the long Saturday the started again at around 10 o'clock in the morning. There were different talks and workshops again. Daniel Holbach did a workshop on how to create snaps, Costales did a talk about his navigation app uNav. Later Alan Pope talked about how to bring an app as a snap to the store. Elizabeth K. Joseph was talking on how to build a career with Ubuntu and FOSS and Olivier Paroz talked about Nextcloud and the upcoming features.

The day and also the conference ended on 5pm. At that time many people were already on their way back home.

Conclusion

We've welcomed 130 persons from 17 different countries and three continents. Originally I didn't expect that many people from other countries. In the end there were 55 % attendees from Germany. In the last year we had a similar amount of people who attended the German UbuCon. Personally I'm pretty happy that the event took place without big issues or problems. The biggest problem was just the payment which was rather complicated for most of the people. It was a good decision to use the Unperfekthaus as a venue for our event. We didn't have to organise food and drinks, because that was already included. The projectors were already setted up and even the WiFi worked without problems. The mix of the talks were good too: We had different levels of talks, for beginners and for advanced users and developers.

At this place I want to thank to a lot of people. First of all to Canonicals Community-Team including David Planella, Michael Hall, Daniel Holbach and Alan Pope who helped us with the overall organisation and where always ready when we needed help. Also, thanks to Marius Quabeck and Ilonka O. who joined the weekly hangouts with the Community-Team and helped in a lot of smaller and bigger organisation stuff, too. Jonathan Liebers and Jens Holschbach actually brought the UbuCon to Essen, even though the Unperfekthaus wasn't the first choice. Ilonka and Veit Jahns also helped with the handling of all the submitted talks and workshops. Sarah, Peter and Philipp were on the wrong place at the wrong time and got recruited to handle the registration desk: Thanks and Sorry ;)! Last but not the least Torsten Franz and Thoralf Schilde from the ubuntu Deutschland e.V. who were our legal entity to host the UbuCon and handle all the bills.

Also: Never forget the Sponsors: Microsoft, otris software AG, Nextcloud, bytemine, b1 systems, ubuntu-fr and Ubuntu User.

Besides the help in the organisation I also want to thank every speaker and visitor who actually formed the content of the conference. I'm really glad that so many people said that they liked it and I'm really looking forward for next years UbuCon Europe which will take place in Paris, France!

See you there!

on November 27, 2016 11:30 AM

November 26, 2016

stress-ng is a tool that I have been developing on-and-off for a few years. It is designed to stress kernels to force out bugs, stress CPU and memory and also contains some performance benchmarking metrics too.

stress-ng is now entering the maturity part of the development phase, however, there is always scope to add new stressors and generally improve the tool.   I've just released version 0.07.07 for the Ubuntu Zesty 17.04 release and it contains a few additional features:
  • SIGUSR2 sent to stress-ng will dump out the current system load and memory statistics
  • Sched policy stress tests for different scheduler configurations
  • Add a missing --sockfd-port option
And various bug fixes:
  • Fixed up some minor memory leaks
  • Missing counter stats on bind-mount, fp-error, personality and resources stressors
  • Fix the --fiemap-bytes option
  • Fix up build warnings with various compilers and static analyzers
The major change to stress-ng over the past month was an internal re-working of system call and GNU features to abstract these into a shim layer to reduce the number build conditional #ifdef paths around code. This simplifies portability, so the code now builds more easily across a range of systems and with various versions of gcc and clang and fixes some issues on older kernels too.   This makes the code also faster to statically analyze with cppcheck.

For more details, visit the stress-ng project page or the quick help guide.
on November 26, 2016 10:35 AM

November 25, 2016

We just released the first beta of APT 1.4 to Debian unstable (beta here means that we don’t know any other big stuff to add to it, but are still open to further extensions). This is the release series that will be released with Debian stretch, Ubuntu zesty, and possibly Ubuntu zesty+1 (if the Debian freeze takes a very long time, even zesty+2 is possible). It should reach the master archive in a few hours, and your mirrors shortly after that.

Security changes

APT 1.4 by default disables support for repositories signed with SHA1 keys. I announced back in January that it was my intention to do this during the summer for development releases, but I only remembered the Jan 1st deadline for stable releases supporting that (APT 1.2 and 1.3), so better late than never.

Around January 1st, the same or a similar change will occur in the APT 1.2 and 1.3 series in Ubuntu 16.04 and 16.10 (subject to approval by Ubuntu’s release team). This should mean that repository provides had about one year to fix their repositories, and more than 8 months since the release of 16.04. I believe that 8 months is a reasonable time frame to upgrade a repository signing key, and hope that providers who have not updated their repositories yet will do so as soon as possible.

Performance work

APT 1.4 provides a 10-20% performance increase in cache generation (and according to callgrind, we went from approx 6.8 billion to 5.3 billion instructions for my laptop’s configuration, a reduction of more than 21%). The major improvements are:

We switched the parsing of Deb822 files (such as Packages files) to my perfect hash function TrieHash. TrieHash – which generates C code from a set of words – is about equal or twice as fast as the previously used hash function (and two to three times faster than gperf), and we save an additional 50% of that time as we only have to hash once during parsing now, instead of during look up as well. APT 1.4 marks the first time TrieHash is used in any software. I hope that it will spread to dpkg and other software at a later point in time.vendors.

Another important change was to drop normalization of Description-MD5 values, the fields mapping a description in a Packages files to a translated description. We used to parse the hex digits into a native binary stream, and then compared it back to hex digits for comparisons, which cost us about 5% of the run time performance.

We also optimized one of our hash functions – the VersionHash that hashes the important fields of a package to recognize packages with the same version, but different content – to not normalize data to a temporary buffer anymore. This buffer has been the subject of some bugs (overflow, incompleteness) in the recent past, and also caused some slowdown due to the additional writes to the stack. Instead, we now pass the bytes we are interested in directly to our CRC code, one byte at a time.

There were also some other micro-optimisations: For example, the hash tables in the cache used to be ordered by standard compare (alphabetical followed by shortest). It is now ordered by size first, meaning we can avoid data comparisons for strings of different lengths. We also got rid of a std::string that cannot use short string optimisation in a hot path of the code. Finally, we also converted our case-insensitive djb hashes to not use a normal tolower_ascii(), but introduced tolower_ascii_unsafe() which just sets the “lowercase bit” (| 0x20) in the character.

Others

  • Sandboxing now removes some environment variables like TMP from the environment.
  • Several improvements to installation ordering.
  • Support for armored GPG keys in trusted.gpg.d.
  • Various other fixes

For a more complete overview of all changes, consult the changelog.


Filed under: Debian, Ubuntu
on November 25, 2016 11:43 PM

Ubuntu

Android Studio is a great development environment and is available on Ubuntu. I’m using Ubuntu Mate 16.10 “Yakkety Yak”.
 
First install a Java Development Kit (JDK). OpenJDK is pre-installed or you can use Oracle Java 8 (there is a great guide here). I don’t wish to argue over your choice – I need to use the latter (my tutor does). Download Android Studio here. – I extracted it to /opt; ran the installer; and used my home folder for the SDK. If you are using 64 bit, you need the 32 bit GNU standard C++ library:
sudo apt install lib32stdc++6

Virtualisation support is interesting. I read two tutorial and Google’s guide. The former makes reference to command line options not in version 2.2.2. These posts suggest this is a bug, but it may now be default behaviour. First enable that virtualisation in BIOS (check if enabled using “kvm-ok”).

sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils
sudo adduser dougie kvm
sudo adduser dougie libvirtd

This results in an error.
screenshot-at-2016-11-25-21-16-19

Using the system version of libstdc++.so.6 works. Add the following to /etc/environment:

ANDROID_EMULATOR_USE_SYSTEM_LIBS=1

It seems snappy but with no feedback I’m unsure if accelerated.

So I now have a development environment set up for my project. The next hurdle is to choose a title. So far it is a: development project; distributed application; and uses Android.

on November 25, 2016 10:16 PM

Ansible

LXD (Working example from this post you can find on my GitHub Page)

While working with Ansible since a couple of years now and working with LXD as my local test environment I was waiting for a simple solution to create LXD containers (locally and remote) with Ansible from scratch. Not using any helper methods like shell: lxd etc.

So, since Ansible 2.2 we have native LXD support.
Furthermore, the Ansible Team actually showed some respect to the Python3 Community, and has implemented Python3 Support.

Preparations

First of all, you need to have the latest Ansible Release), or install it in a Python3 Virtual Environment via pip install ansible.

Create your Ansible directory layout

To make your life later a little bit easier, create your Ansible directory structure and turn it to a Git repository.

user@home: ~> mkdir -p ~/Projects/git.ansible/lxd-containers  
user@home: ~> cd ~/Projects/git.ansible/lxd-containers  
user@home: ~/Projects/git.ansible/lxd-containers> mkdir -p {inventory,roles,playbooks}

Create your inventory file

Imagine, you want to create 5 new LXD containers. You can create 5 playbooks to do it, or you can be smart, and let Ansible do it for you.
Working with inventory files is easy, it's simply a file with an INI file structure.

Let's create an inventory file for new LXD containers in ~/Projects/git.ansible/lxd-containers/inventory/containers:

[local]
localhost

[containers]
blog-01 ansible_connection=lxd  
blog-02 ansible_connection=lxd  
blog-03 ansible_connection=lxd  
blog-04 ansible_connection=lxd  
blog-05 ansible_connection=lxd  

We defined now 5 containers.

Create a playbook for running Ansible

We need now an Ansible playbook.

A playbook is just a simple YAML file. You can edit this file with your editor of choice. I personally like Sublime Text 3 or GitHubs Atom, but any other editor (like Vim or Emacs) will do.

Create a new file under ~/Projects/git.ansible/lxd-containers/playbooks/lxd_create_containers.yml:

- hosts: localhost
  connection: local
  roles:
    - create_lxd_containers

Let's go shortly through this:

  • hosts: defines: the hosts to run Ansible on. Using it like this means, this playbook runs on your local machine.
  • connection: local: Ansible will use a local connection, like sshing into your local box.
  • roles: ...: is a list of Ansible roles to be used during this playbook.

You could also write all Ansible tasks in this playbook, but as you want to reuse several tasks for certain workloads, it's a better idea to divide them into roles.

Create the the Ansible role

Ansible Roles are being used for separating repeating tasks from the playbooks.

Think about this example: You have a playbook for all your webservers like this:

- hosts: webservers
  tasks:
    - name: apt update
      apt: update_cache=yes

and you have a playbook for all your database servers like this:

- hosts: databases
  tasks:
    - name: apt update
      apt: update_cache=yes

What do you see? Yes, two times the same task, namely "apt update".

To make our lives easier, instead of writing in every playbook a task to update the systems package archive cache, we create an Ansible role.

Ansible Roles do have a special directory structure, I advise to read the good documention over at the Ansible HQ

Let's start with our role for creating LXD containers:

Create the directory structure

user@home: ~> cd ~/Projects/git.ansible/lxd-containers/roles/  
user@home: ~/Projects/git.ansible/lxd-containers/roles/> mkdir -p create_lxd_containers/tasks  

Now create a new YAML file and name it ~/Projects/git.ansible/lxd-containers/roles/create_lxd_containers/tasks/main.yml with this content:

- name: Create LXD Container
  connection: local
  become: false
  lxd_container:
    name: "{{item}}"
    state: started
    source:
      type: image
      mode: pull
      server: https://cloud-images.ubuntu.com/releases
      protocol: simplestreams
      alias: 16.04/amd64
    profiles: ['default']
    wait_for_ipv4_addresses: true
    timeout: 600
  with_items:
    - "{{groups['containers']}}"

- name: Check if Python2 is installed in container
  delegate_to: "{{item}}"
  raw: dpkg -s python
  register: python_check_is_installed
  failed_when: python_check_is_installed.rc not in [0,1]
  changed_when: false
  with_items:
    - "{{groups['containers']}}"

- name: Install Python2 in container
  delegate_to: "{{item.item}}"
  raw: apt-get update && apt-get install -y python
  when: "{{item.rc == 1}}"
  with_items:
    - "{{python_check_is_installed.results}}"

Let's go through the different tasks

Create the LXD Container

- name: Create LXD Container
  connection: local
  become: false
  lxd_container:
    name: "{{item}}"
    state: started
    source:
      type: image
      mode: pull
      server: https://cloud-images.ubuntu.com/releases
      protocol: simplestreams
      alias: 16.04/amd64
    profiles: ['default']
    wait_for_ipv4_addresses: true
    timeout: 600
  with_items:
    - "{{groups['containers']}}"
  • connection: local: means it's only running on your local machine.
  • become: false: don't use su or sudo to become a superuser.
  • lxd_container: ...: this is the Ansible LXD module definition. Read the documentation about this module here: Ansible LXD Documentation
  • with_items: ...: this is one of the many Ansible loop statements. In this case, we are looping over the Inventory Group 'containers' (which we defined in the inventory file earlier).

The "{{item}}" will be prefilled by the loop from with_items:..., again a hint to read the good documentation of Ansible about loops.

Check if Python2 is installed inside the container

- name: Check if Python2 is installed in container
  delegate_to: "{{item}}"
  raw: dpkg -s python
  register: python_check_is_installed
  failed_when: python_check_is_installed.rc not in [0,1]
  changed_when: false
  with_items:
    - "{{groups['containers']}}"
  • delegate_to:...": this key tells ansible to not use the default connection anymore, but to delegate the connection and the work to the host mentioned in delegate_to.
  • raw:...: This key advises Ansible to use the raw module. Raw means, we don't actually have anything running, no Python for example, which we need for Ansible. So it just using an SSH connection (by default) or for now, it's using a local LXD connection (like lxc exec <container-name> -- <command>). In this case we are executing dpkg -s python, we want to find out of if Python2 is installed.
  • register: ...: during execution of the raw: ... command, Ansible is able to catch the output (stdout, stderr) and the result code of the raw: ... command. register: ... will define a "variable" to store this result. Normally this "variable" is a Python/JSON dictionary for a particular host, but as we are iterating through the 'containers' inventory group, this 'variable' has a results array (which we will use in the next task), where Ansible stores all outputs of all hosts checks. During the task execution but, this 'variable' is still usable as a single result set.
  • failed_when: ...: this will stop the task, if the registered 'variable' is not accessible or the return code is not 0 or 1 (so command returned no success or no real fail, but something else). (more documentation you can find here)
  • changed_when: false: so whenever this tasks runs, it will always change it status, and this would mean Ansible would report one change (i.e. return code changed). To prevent this, we set this to false.(more documentation you can find here)
  • with_items: ...: this is one of the many Ansible loop statements. In this case, we are looping over the Inventory Group 'containers' (which we defined in the inventory file earlier).

The "{{item}}" will be prefilled by the loop from with_items:..., again a hint to read the good documentation of Ansible about loops.

Install Python2 if it is not installed in the container

- name: Install Python2 in container
  delegate_to: "{{item.item}}"
  raw: apt-get update && apt-get install -y python
  when: "{{item.rc == 1}}"
  with_items:
    - "{{python_check_is_installed.results}}"
  • delegate_to:...": this key tells ansible to not use the default connection anymore, but to delegate the connection and the work to the host mentioned in delegate_to.
  • raw:...: This key advises Ansible to use the raw module. Raw means, we don't actually have anything running, no Python for example, which we need for Ansible. So it just using an SSH connection (by default) or for now, it's using a local LXD connection (like lxc exec <container-name> -- <command>). In this case we are executing dpkg -s python, we want to find out of if Python2 is installed.
  • when: ...: this is a conditional. It says, that this task only executes when the codition is met. In this case when the return code equals to 1. This is true when the Python2 install check returned, that Python2 was not installed.
  • with_items: ...: this is one of the many Ansible loop statements. In this case, we are looping over the Inventory Group 'containers' (which we defined in the inventory file earlier).

The "{{item}}" will be prefilled by the loop from with_items:..., again a hint to read the good documentation of Ansible about loops. In this case, we are looping through the result sets of the Python2 install check and the collected results in the 'variable' python_check_is_installed.

Some more informations

In the playbook and in the first task (create LXD containers) we used the a local connection, which means nothing else than Ansible should work on your local workstation.
Inside the Inventory INI file there is this key/value pair: ansible_connection=lxd.

So when the two other tasks who were delegated to the created containers, Ansible would normally use an SSH connection attempt (when you remove the ansible_connection=lxd). With this special configuration in the Inventory INI file it won't try to use SSH towards the containers, but the local LXD connection.

Bringing it all together

Let's start Ansible to do the work we want it to do:

~/Projects/git.ansible/lxd-containers > ansible-playbook -i inventory/inventory playbooks/lxd_create_containers.yml 

PLAY [localhost] ***************************************************************

TASK [setup] *******************************************************************  
ok: [localhost]

TASK [create_lxd_containers : Create LXD Container] ****************************  
changed: [localhost] => (item=blog-01)  
changed: [localhost] => (item=blog-02)  
changed: [localhost] => (item=blog-03)  
changed: [localhost] => (item=blog-04)  
changed: [localhost] => (item=blog-05)

TASK [create_lxd_containers : Check if Python2 is installed in container] ******  
ok: [localhost -> blog-01] => (item=blog-01)  
ok: [localhost -> blog-02] => (item=blog-02)  
ok: [localhost -> blog-03] => (item=blog-03)  
ok: [localhost -> blog-04] => (item=blog-04)  
ok: [localhost -> blog-05] => (item=blog-05)

TASK [create_lxd_containers : Install Python2 in container] ********************  
changed: [localhost -> blog-01] => (item={'changed': False, 'stdout': u'', '_ansible_no_log': False, '_ansible_delegated_vars': {'ansible_host': u'blog-01'}, '_ansible_item_result': True, 'failed': False, 'item': u'blog-01', 'rc': 1, 'invocation': {'module_name': u'raw', 'module_args': {u'_raw_params': u'dpkg -s python'}}, 'stdout_lines': [], 'failed_when_result': False, 'stderr': u"dpkg-query: package 'python' is not installed and no information is available\nUse dpkg --info (= dpkg-deb --info) to examine archive files,\nand dpkg --contents (= dpkg-deb --contents) to list their contents.\n"})  
changed: [localhost -> blog-02] => (item={'changed': False, 'stdout': u'', '_ansible_no_log': False, '_ansible_delegated_vars': {'ansible_host': u'blog-02'}, '_ansible_item_result': True, 'failed': False, 'item': u'blog-02', 'rc': 1, 'invocation': {'module_name': u'raw', 'module_args': {u'_raw_params': u'dpkg -s python'}}, 'stdout_lines': [], 'failed_when_result': False, 'stderr': u"dpkg-query: package 'python' is not installed and no information is available\nUse dpkg --info (= dpkg-deb --info) to examine archive files,\nand dpkg --contents (= dpkg-deb --contents) to list their contents.\n"})  
changed: [localhost -> blog-03] => (item={'changed': False, 'stdout': u'', '_ansible_no_log': False, '_ansible_delegated_vars': {'ansible_host': u'blog-03'}, '_ansible_item_result': True, 'failed': False, 'item': u'blog-03', 'rc': 1, 'invocation': {'module_name': u'raw', 'module_args': {u'_raw_params': u'dpkg -s python'}}, 'stdout_lines': [], 'failed_when_result': False, 'stderr': u"dpkg-query: package 'python' is not installed and no information is available\nUse dpkg --info (= dpkg-deb --info) to examine archive files,\nand dpkg --contents (= dpkg-deb --contents) to list their contents.\n"})  
changed: [localhost -> blog-04] => (item={'changed': False, 'stdout': u'', '_ansible_no_log': False, '_ansible_delegated_vars': {'ansible_host': u'blog-04'}, '_ansible_item_result': True, 'failed': False, 'item': u'blog-04', 'rc': 1, 'invocation': {'module_name': u'raw', 'module_args': {u'_raw_params': u'dpkg -s python'}}, 'stdout_lines': [], 'failed_when_result': False, 'stderr': u"dpkg-query: package 'python' is not installed and no information is available\nUse dpkg --info (= dpkg-deb --info) to examine archive files,\nand dpkg --contents (= dpkg-deb --contents) to list their contents.\n"})  
changed: [localhost -> blog-05] => (item={'changed': False, 'stdout': u'', '_ansible_no_log': False, '_ansible_delegated_vars': {'ansible_host': u'blog-05'}, '_ansible_item_result': True, 'failed': False, 'item': u'blog-05', 'rc': 1, 'invocation': {'module_name': u'raw', 'module_args': {u'_raw_params': u'dpkg -s python'}}, 'stdout_lines': [], 'failed_when_result': False, 'stderr': u"dpkg-query: package 'python' is not installed and no information is available\nUse dpkg --info (= dpkg-deb --info) to examine archive files,\nand dpkg --contents (= dpkg-deb --contents) to list their contents.\n"})

PLAY RECAP *********************************************************************  
localhost                  : ok=4    changed=2    unreachable=0    failed=0   

~/Projects/git.ansible/lxd-containers > lxc list
+---------+---------+-----------------------+------+------------+-----------+
|  NAME   |  STATE  |         IPV4          | IPV6 |    TYPE    | SNAPSHOTS |
+---------+---------+-----------------------+------+------------+-----------+
| blog-01 | RUNNING | 10.139.197.44 (eth0)  |      | PERSISTENT | 0         |
+---------+---------+-----------------------+------+------------+-----------+
| blog-02 | RUNNING | 10.139.197.10 (eth0)  |      | PERSISTENT | 0         |
+---------+---------+-----------------------+------+------------+-----------+
| blog-03 | RUNNING | 10.139.197.188 (eth0) |      | PERSISTENT | 0         |
+---------+---------+-----------------------+------+------------+-----------+
| blog-04 | RUNNING | 10.139.197.221 (eth0) |      | PERSISTENT | 0         |
+---------+---------+-----------------------+------+------------+-----------+
| blog-05 | RUNNING | 10.139.197.237 (eth0) |      | PERSISTENT | 0         |
+---------+---------+-----------------------+------+------------+-----------+

Awesome, 5 containers created and Python2 installed.

Now it's time do to the real work (like installing your app and testing them)

on November 25, 2016 01:50 PM

November 24, 2016

And again it took quite a while to write a new update about my experiments with writing GStreamer elements in Rust. The previous articles can be found here and here. Since last time, there was also the GStreamer Conference 2016 in Berlin, where I had a short presentation about this.

Progress was rather slow unfortunately, due to work and other things getting into the way. Let’s hope this improves. Anyway!

There will be three parts again, and especially the last one would be something where I could use some suggestions from more experienced Rust developers about how to solve state handling / state machines in a nicer way. The first part will be about parsing data in general, especially from untrusted sources. The second part will be about my experimental and current proof of concept FLV demuxer.

Parsing Data

Safety?

First of all, you probably all saw a couple of CVEs about security relevant bugs in (rather uncommon) GStreamer elements going around. While all of them would’ve been prevented by having the code written in Rust (due to by-default array bounds checking), that’s not going to be our topic here. They also would’ve been prevented by using various GStreamer helper API, like GstByteReader, GstByteWriter and GstBitReader. So just use those, really. Especially in new code (which is exactly the problem with the code affected by the CVEs, it was old and forgotten). Don’t do an accountant’s job, counting how much money/many bytes you have left to read.

But yes, this is something where Rust will also provide an advantage by having by-default safety features. It’s not going to solve all our problems, but at least some classes of problems. And sure, you can write safe C code if you’re careful but I’m sure you also drive with a seatbelt although you can drive safely. To quote Federico about his motivation for rewriting (parts of) librsvg in Rust:

Every once in a while someone discovers a bug in librsvg that makes it all the way to a CVE security advisory, and it’s all due to using C. We’ve gotten double free()s, wrong casts, and out-of-bounds memory accesses. Recently someone did fuzz-testing with some really pathological SVGs, and found interesting explosions in the library. That’s the kind of 1970s bullshit that Rust prevents.

You can directly replace the word librsvg with GStreamer here.

Ergonomics

The other aspect with parsing data is that it’s usually a very boring aspect of programming. It should be as painless as possible, as easy as possible to do it in a safe way, and after having written your 100th parser by hand you probably don’t want to do that again. Parser combinator libraries like Parsec in Haskell provide a nice alternative. You essentially write down something very close to a formal grammar of the format you want to parse, and out of this comes a parser for the format. Other than parser generators like good, old yacc, everything is written in target language though, and there is no separate code generation step.

Rust, being quite a bit more expressive than C, also made people write parser generator libraries. They are all not as ergonomic (yet?) as in Haskell, but still a big improvement over anything else. There’s nom, combine and chomp. All having a slightly different approach. Choose your favorite. I decided on nom for the time being.

A FLV Demuxer in Rust

For implementing a demuxer, I decided on using the FLV container format. Mostly because it is super-simple compared to e.g. MP4 and WebM, but also because Geoffroy, the author of nom, wrote a simple header parsing library for it already and a prototype demuxer using it for VLC. I’ll have to extend that library for various features in the near future though, if the demuxer should ever become feature-equivalent with the existing one in GStreamer.

As usual, the code can be found here, in the “demuxer” branch. The most relevant files are rsdemuxer.rs and flvdemux.rs.

Following the style of the sources and sinks, the first is some kind of base class / trait for writing arbitrary demuxers in Rust. It’s rather unfinished at this point though, just enough to get something running. All the FLV specific code is in the second file, and it’s also very minimal for now. All it can do is to play one specific file (or hopefully all other files with the same audio/video codec combination).

As part of all this, I also wrote bindings for GStreamer’s buffer abstraction and a Rust-rewrite of the GstAdapter helper type. Both showed Rust’s strengths quite well, the buffer bindings by being able to express various concepts of the buffers in a compiler-checked, safe way in Rust (e.g. ownership, reability/writability), the adapter implementation by being so much shorter (it’s missing features… but still).

So here we are, this can already play one specific file (at least) in any GStreamer based playback application. But some further work is necessary, for which I hopefully have some time in the near future. Various important features are still missing (e.g. other codecs, metadata extraction and seeking), the code is rather proof-of-concept style (stringly-typed media formats, lots of unimplemented!() and .unwrap() calls). But it shows that writing media handling elements in Rust is definitely feasible, and generally seems like a good idea.

If only we had Rust already when all this media handling code in GStreamer was written!

State Handling

Another reason why all this took a bit longer than expected, is that I experimented a bit with expressing the state of the demuxer in a more clever way than what we usually do in C. If you take a look at the GstFlvDemux struct definition in C, it contains about 100 lines of field declarations. Most of them are only valid / useful in specific states that the demuxer is in. Doing the same in Rust would of course also be possible (and rather straightforward), but I wanted to try to do something better, especially by making invalid states unrepresentable.

Rust has this great concept of enums, also known as tagged unions or sum types in other languages. These are not to be confused with C enums or unions, but instead allow multiple variants (like C enums) with fields of various types (like C unions). But all of that in a type-safe way. This seems like the perfect tool for representing complicated state and building a state machine around it.

So much for the theory. Unfortunately, I’m not too happy with the current state of things. It is like this mostly because of Rust’s ownership system getting into my way (rightfully, how would it have known additional constraints I didn’t know how to express?).

Common Parts

The first problem I ran into, was that many of the states have common fields, e.g.

enum State {
    ...
    NeedHeader,
    HaveHeader {header: Header, to_skip: usize },
    Streaming {header: Header, audio: ... },
    ...
}

When writing code that matches on this, and that tries to move from one state to another, these common fields would have to be moved. But unfortunately they are (usually) borrowed by the code already and thus can’t be moved to the new variant. E.g. the following fails to compile

match self.state {
        ...
        State::HaveHeader {header, to_skip: 0 } => {
            
            self.state = State::Streaming {header: header, ...};
        },
    }

A Tree of States

Repeating the common parts is not nice anyway, so I went with a different solution by creating a tree of states:

enum State {
    ...
    NeedHeader,
    HaveHeader {header: Header, have_header_state: HaveHeaderState },
    ...
}

enum HaveHeaderState {
    Skipping {to_skip: usize },
    Streaming {audio: ... },
}

Apart from making it difficult to find names for all of these, and having relatively deeply nested code, this works

match self.state {
        ...
        State::HaveHeader {ref header, ref mut have_header_state } => {
            match *have_header_state {
                HaveHeaderState::Skipping { to_skip: 0 } => {
                    *have_header = HaveHeaderState::Streaming { audio: ...};
                }
        },
    }

If you look at the code however, this causes the code to be much bigger than needed and I’m also not sure yet how it will be possible nicely to move “backwards” one state if that situation ever appears. Also there is still the previous problem, although less often: if I would match on to_skip here by reference (or it was no Copy type), the compiler would prevent me from overwriting have_header for the same reasons as before.

So my question for the end: How are others solving this problem? How do you express your states and write the functions around them to modify the states?

Update

I actually implemented the state handling as a State -> State function before (and forgot about that), which seems conceptually the right thing to do. It however has a couple of other problems. Thanks for the suggestions so far, it seems like I’m not alone with this problem at least.

on November 24, 2016 11:10 PM

User Managed Services

Harald Sitter

Recently the need occurred for us to run API services from user accounts rather than elevated access (i.e. root). I have since come to like this rather a lot as systemd makes this super easy and in the long run allows more self-management on regular user accounts that need to run daemon services. This is fairly ideal for unprivileged micro services run on shared servers. The basic idea is that every user can run their own systemd services and therefore every user can operate a daemon (if allowed to).

Setting this up initially has some pitfalls though, so I thought I would write down how this is best made to work.

Dependencies

First things first. To make use of this you need systemd, logind and journald. Additionally you’ll need pam_systemd and it needs to be loaded for sessions (distributions will usually set this up automatically for you, if not have fun editing /etc/pam.d/ ;)).

Unit

We will also need the actual systemd service/unit file. Generally, everything is the same as if you were to write a regular system service. Ultimately this also means that you can use the same service file for system-wide use or user-limited use so long as the actual service doesn’t require elevated permissions for anything.

A simple example could be this:

[Unit]
Description=Statifier

[Service]
Environment=PORT=9000
ExecStart=/home/statifier/bin/statifier
Restart=always

[Install]
WantedBy=default.target

Of note is the install target which will enable our service to be started by the default target (i.e. this service would get auto-started on boot).

Configuration

Before we can get started some additional settings are needed

  1. Enable lingering for the user. This allows user services to exist outside active logind sessions, consequently this needs to be done for any new user which should be able to do this.
    loginctl enable-linger $USERNAME
  2. Enable persistent journald logging. This is optional but without it users are not able to read their own logs unless in the systemd-journal system group.
    mkdir /var/log/journal && systemctl restart systemd-journald
  3. Re-log on the lingering user to make sure permissions are properly applied etc.

Installation

To install the service file you’ll want to place it in the home-directory-bound XDG directory as described in the systemd.unit manpage. Usually this would be

~/.config/systemd/user/

Once you placed your .service file in there you’ll probably need to reload the daemon to get it to reload the file systemctl --user daemon-reload

Running

Once everything is configured and installed we can get rocking by running the commands as the user itself.

Start the service with systemctl --user start statifier.service

Verify it started properly with systemctl --user status statifier.service

Enable the service for autostart via target with systemctl --user enable statifier.service

Look at the logs with journalctl  --user statifier.service

Conclusion

By putting everything together you can deploy new code or changes to the service file via sftp and reload and restart the service via ssh systemctl. Allowing for really simple deployment code and no sysadmin involvement beyond the initial setup. And thanks to journald you don’t have to worry about logging since it will gobble up all output and know it came from this service.

I for one love it!

on November 24, 2016 03:09 PM

Imagine AWS Lambda being:

  • On-Premise (host it anywhere)
  • Language Agnostic (writing lambda functions in any language: Go, Rust, Python, Scala, Elixir you name it...)
  • Horizontally Scalable
  • Open-Source

Would be nice wouldn't it?

IronFunction.

Well fear not Iron.io released IronFunctions last week and its all that.

IronFunction supports a simple stdin/stdout API, as well as being able to import your existing functions directly from AWS Lambda.

Getting started!

You can grab the latest code from GitHub or just run it in docker:

docker run --rm -it --name functions --privileged -v $PWD/data:/app/data -p 8080:8080 iron/functions  

Currently IronFunctions supports importing the following languages from AWS Lambda:

The almighty fn tool

The fn tool includes a set of commands to act on Lambda functions. Most of these are described in the getting-started in the repository. One more subcommand is aws-import.
If you have an existing AWS Lambda function, you can use this command to automatically convert it to a Docker image that is ready to be deployed on other platforms.

Credentials

To use this, either have your AWS access key and secret key set in config files, or in environment variables. In addition, you'll want to set a default region. You can use the aws tool to set this up. Full instructions are in the AWS documentation.

Importing

The aws-import command is constructed as follows:

fn lambda aws-import <arn> <region> <image>  
  • arn: describes the ARN formats which uniquely identify the AWS lambda resource
  • region: region on which the lambda is hosted
  • image: the name of the created docker image which should have the format /

Assuming you have a lambda with the following arn arn:aws:lambda:us-west-2:123141564251:function:my-function, the following command:

fn lambda aws-import arn:aws:lambda:us-west-2:123141564251:function:my-function us-east-1 user/my-function  

will import the function code from the region us-east-1 to a directory called ./user/my-function. Inside the directory you will find the function.yml, Dockerfile, and all the files needed for running the function.

Using Lambda with Docker Hub and IronFunctions requires that the Docker image be named <Docker Hub username>/<image name>. This is used to uniquely identify images on Docker Hub. You should use the <Docker Hub username>/<image name> as the image name with aws-import to create a correctly named image.

Publish and Voila!

You can then publish the imported lambda as follows:

./fn publish -d ./user/my-function

Now the function can be reached via http://$HOSTNAME/r/user/my-function

Make sure you check out the importing documentation, and feel free to hang out and ask question on the slack channel.
Join Community

Stay tuned for my next blog post on adding Cargo and Rust support to the Fn Tools :D

on November 24, 2016 01:13 PM

Gwenview Importer is back

Aurélien Gâteau

I spent some time over the last weeks to port Gwenview Importer to KDE Frameworks 5, as I was getting frustrated with importing pictures by hand. It's a straight port: no new features.

Here is a screenshot after I filled my SD Card with random pictures of my daughter and cat for the purpose of illustrating this blog post :)

Gwenview Importer

I missed the KDE Applications 16.12 deadline, but the code is in Gwenview master now, so Gwenview Importer should be in the next KDE Applications release.

on November 24, 2016 06:50 AM

November 23, 2016

Last week the Linux Foundation announced Microsoft becoming a Platinum member.

In the eyes of some, hell finally froze over. For many though, myself included, this was not an entirely surprising move. Microsoft are becoming an increasingly active member of the open source community, and they deserve credit for this continual stream of improvements.

When I first discovered open source in 1998, the big M were painted as a bit of a villain. This accusation was largely fair. The company went to great lengths to discredit open source, including comparing Linux to a cancer, patent litigation, and campaigns formed of misinformation and FUD. This rightly left a rather sour taste in the mouths of open source supporters.

The remnants of that sour taste are still strong in some. These folks will likely never trust the Redmond mammoth, their decisions, or their intent. While I am not condoning these prior actions from the company, I would argue that the steady stream of forward progress means that…and I know this will be a tough pill to swallow for some of you…means that it is time to forgive and forget.

Forward Progress

This forward progress is impressive. They released their version of FreeBSD for Azure. They partnered with Canonical to bring Ubuntu user-space to Windows (as well as supporting Debian on Azure and even building their own Linux distribution, the Azure Cloud Switch). They supported an open source version of .NET, known as Mono, later buying Xamarin who led this development and open sourced those components. They brought .NET core to Linux, started their own Linux certification, released a litany of projects (including Visual Studio Code) as open source, founded the Microsoft Open Technologies group, and then later merged the group into the wider organization as openness was a core part of the company.

Microsoft's Satya Nadella seems to have fallen in love.

Satya Nadella, seemingly doing a puppet show, without the puppet.

My personal experience with them has reflected this trend. I first got to know the company back in 2001 when I spoke at a DeveloperDeveloperDeveloper day in the UK. Over the years I flew out to Redmond to provide input on initiatives such as .NET, got to know the Microsoft Open Technologies group, and most recently signed the company as a client where I am helping them to build the next generation of their MVP and RD community. Microsoft are not begrudgingly supporting open source, they are actively pursuing it.

As such, this recent announcement from the Linux Foundation wasn’t a huge surprise to me, but was an impressive formal articulation of Microsoft’s commitment to open source. Leaders at Microsoft and the Linux Foundation should be both credited with this additional important step in the right direction, not just for Microsoft, but for the wider acceptance and growth of open source and collaboration.

Work In Progress

Now, some of the critics will be reading this and will cite many examples of Microsoft still acting as the big bad wolf. You are perfectly right to do so. So, let me zone in on this.

I am not suggesting they are perfect. They aren’t. Companies are merely vessels of people, some of which will still continue to have antiquated perspectives. Microsoft will be no different here. Of course, for all the great steps forward, sometimes there will be some steps back.

What I try to focus on however is the larger story and trends. I would argue that Microsoft is trending in the right direction based on many of their recent moves, including the ones I cited above.

Let’s not forget that this is a big company to turn around. With 114,000 employees and 40+ years of cultural heritage and norms, change understandably takes time. The challenge with change is that it doesn’t just require strategic, product, and leadership focus, but the real challenge is cultural change.

Culture at Microsoft seems to be changing.

Culture is something of an amorphous concept. It isn’t a specific thing you can point to. Culture is instead the aggregate of the actions and intent of the many. You can often make strategic changes that result in new products, services, and projects, but those achievements could be underpinned by a broken, divisive, and ugly culture.

As such, culture is hard to change and requires a mix of top-down leadership and bottom-up action.

From my experience of working with Microsoft, the move to a more open company is not merely based on product-based decisions, but it has percolated in the core culture of how the company operates. I have seen this in my day to day interactions with the company and with my consulting work there. I credit Satya Nadella (and likely many others) for helping to trigger these positive forward motions.

So, are they perfect? No. Are they an entirely different company? No. But are they making a concerted thoughtful effort to really understand and integrate openness into the company? I think so. Is the work complete? No. But do they deserve our support as fellow friends in the open source community? I believe so, yes.

The post Microsoft and Open Source: A New Era? appeared first on Jono Bacon.

on November 23, 2016 04:00 PM

We the Forum Council are happy to announce that Wild Man and DuckHook have been added as Supermods. Both have shown a willingness to help and have done an exemplary job as moderators, and are now ready to move on to taking a more administrative role on the Forums.


on November 23, 2016 03:39 AM

November 22, 2016

Welcome to the Ubuntu Weekly Newsletter. This is issue #488 for the week November 14 – 20, 2016, and the full version is available here.

In this issue we cover:

The issue of The Ubuntu Weekly Newsletter is brought to you by:

  • Paul White
  • Elizabeth K. Joseph
  • Chris Guiver
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, content in this issue is licensed under a Creative Commons Attribution 3.0 License BY SA Creative Commons License

on November 22, 2016 03:01 AM

November 21, 2016

Me tocó abrir este último día de la Ubucon con una charla sobre uNav. Tras el "You have arrived at your presentation" espontáneo de Nathan, conté la historia y algunos trucos de esta aplicación tan querida por la comunidad y mostré en exclusiva el vídeo original del spot.

uNav's talk
Llenazo :))
Apenas pude llegar a la charla de Daniel sobre snaps que coincidía con la mía.

El resto del día lo pasé compartiendo ratos con distintas personas, más que en las charlas. Rudy me entrevistó para uno de sus geniales podcasts.

De las charlas a las que asistí destaco las de Rudy y Alan, muy dicharacheros y amenos ambos.


Alan's talk

Ubuntu FR are doing an incredible work!!

El día cerró anunciando que sería Paris la siguiente en organizar la 2ª Ubucon Europe, aunque aún sin fecha.

Tras los eventos cada cual se piraba por su lado. Eché en falta mejor organización al respecto. Así que pasamos parte de la noche de nuevo los portugueses y españoles. Incluso cayó la idea de una Ubucon Iberia :))

La noche la cerramos Joan, Gonzalo y Juanfra echando unas partidas al futbolín en un pub.

Me reservo decir quien ganó y perdió :P
Tras los 3 días de Ubucon, me quedo sin lugar a dudas con cada una de las personas que conocí y compartí grandes momentos.


Con Robin de UbuntuFun


Con Sergi y Joan


Hasta la próxima Essen
on November 21, 2016 08:27 PM

live display of current event status for each stack resource

Would you like to be able to watch the progress of your new CloudFormation stack resources like this? (press play)

That’s what the output of the new aws-cloudformation-stack-status command looks like when I launch a new AWS Git-backed Static Website CloudFormation stack.

It shows me in real time which resources have completed, which are still in progress, and which, if any, have experienced problems.

Background

AWS provides a few ways to look at the status of resources in a CloudFormation stack including the stream of stack events in the Web console and in the aws-cli.

Unfortunately, these displays show multiple events for each resource (e.g., CREATE_IN_PROGRESS, CREATE_COMPLETE) and it’s difficult to match up all of the resource events by hand to figure out which resources are incomplete and still in progress.

Solution

I created a bit of wrapper code that goes around the aws cloudformation describe-stack-events command. It performs these operations:

  1. Cuts the output down to the few fields that matter: status, resource name, type, event time.

  2. Removes all but the ost recent status event for each stack resource.

  3. Sorts the output to put the resources with the most recent status changes at the top.

  4. Repeatedly runs this command so that you can see the stack progress live and know exactly which resource is taking the longest.

I tossed the simple script up here in case you’d like to try it out:

GitHub: aws-cloudformation-stack-status

You can run it to monitor your CloudFormation stack with this command:

aws-cloudformation-stack-status --watch --region $region --stack-name $stack

Interrupt with Ctrl-C to exit.

Note: You will probably need to start your terminal out wider than 80 columns for a clean presentation.

Note: This does use the aws-cli, so installing and configuring that is a prerequisite.

Stack Delete Example

Here’s another example terminal session watching a stack-delete operation, including some skipped deletions (because of a retention policy). It finally ends with a “stack not found error” which is exactly what we hope for after a stack has been deleted successfully. Again, the resources with the most recent state change events are at the top.

Note: These sample terminal replays cut out almost 40 minutes of waiting for the creation and deletion of the CloudFront distributions. You can see the real timestamps in the rightmost columns.

Original article and comments: https://alestic.com/2016/11/aws-cloudformation-stack-status/

on November 21, 2016 09:00 AM
A screenshot of Ubuntu Planet showing a blog post by Svetlana Belkin

A screenshot of Ubuntu Planet showing a blog post by Svetlana Belkin

I had almost forgotten about Ubuntu Community Appreciation Day 2016. There is much for me to appreciate this year. I have had to absent myself from many community activities and functions for almost the entire year. There have been random blog posts and I have popped up on mailing lists at the weirdest of times but I have mostly been gone.

Being under audit and investigation for almost the entirety of 2016 can do that to you. Working in a government job also causes such things to happen, too. Thankfully I’m not moving onward and upward to higher office but I’m now thoroughly vetted for all sorts of lateral moves.

The Xubuntu Sticker from SpreadUbuntu.org found at http://spreadubuntu.org/en/material/sticker/xubuntu-sticker made by lyz

The Xubuntu Sticker from SpreadUbuntu.org found at http://spreadubuntu.org/en/material/sticker/xubuntu-sticker made by lyz

I thoroughly appreciate and miss the Xubuntu team. A great distro continues to be made. I wish I was still there to contribute. Life right now says I have other missions to undertake especially as social fabric in the United States of America seems to get all bendy and twisty.

Tomorrow is another day.

on November 21, 2016 03:28 AM

November 20, 2016

Friday November 18 was a productive day for the Kubuntu Community, as three new people were questioned and then elected into Membership. Welcome Simon Quigley, José Manuel Santamaría, and Walter Lapchynski as they package, work on our tooling, promote Kubuntu and help users.

Read more about Kubuntu Membership here: https://community.kde.org/Kubuntu/Membership

on November 20, 2016 10:57 PM

It’s that time of the year where we appreciate the members of our Ubuntu Community, Member or not.

This year I appreciate a group of people and three others.  The group is the one that gone to Ohio Linux Fest this year.  I thank you for all of the fun!

The first person that I appreciate is for his Tweet about me (which explains everything why I choose him), which is  Benjamin Kerensa:

The second person is Simon Quigley who is quite an awesome kid.  Over the last year, he has really changed his attitude and even his behavior where it doesn’t not sound like he is a 14 year-old but older.  Because he is a youngster,  he has a good chance that he will get a job within Open Source, development-wise or anything else.

Last but not least, the last person is Pavel Sayekat. Like Simon, he also has improved and now is helping to get his LoCo, Ubuntu Bangladesh, active again.

Keep it up everyone for making the Community the way it is!

on November 20, 2016 06:06 PM

ucaday-64pxIt’s 20th November 2016, so today marks another Ubuntu Community Appreciation Day. The idea for the event was put together by Ahmed Shams in 2011 and it’s simple but brilliant: once a year (at least), take the time to thank some specific people for their work in Ubuntu.

As I’m at UbuCon Europe this weekend, it’s incredibly easy to pick somebody whose work I’m grateful for. Today I’d like to thank all the event organisers in the Ubuntu world. Without people like Sujeevan Vijayakumaran (in the case of UbuCon Europe), we as a community, wouldn’t be able to get together, learn from each other and have fun together. It takes a set of special skills to organise big and small events, plan ahead, talk to various people and companies, organise sponsors and helpers and it’s something we often take too much for granted.

Thank you everyone who organised the Ubuntu events I’ve been to over the years, no matter if it’s the small meetings in a bar or the crazy big events, like UDSes (thanks Claire, Marianna and Michelle!). You are incredible rockstars and I had some of my best times thanks to you!

on November 20, 2016 07:26 AM

November 19, 2016

None Of Us Are Free

Stuart Langridge

Well you better listen my sisters and brothers,
‘Cause if you do you can hear
There are voices still calling across the years.
And they’re all crying across the ocean,
And they’re cryin’ across the land,
And they will till we all come to understand.

None of us are free
None of us are free
None of us are free, if one of us is chained
None of us are free

And there are people still in darkness,
And they just can’t see the light.
If you don’t say it’s wrong then that says it right.
We got try to feel for each other, let our brothers know that we care.
Got to get the message, send it out loud and clear

None of us are free
None of us are free
None of us are free, if one of us is chained
None of us are free

Now I swear your salvation isn’t too hard too find,
None of us can find it on our own
We’ve got to join together in spirit, heart and mind
So that every soul who’s suffering will know that they’re not alone

None of us are free
None of us are free
None of us are free, if one of us is chained
None of us are free

If you just look around you,
You’re gonna see what I say.
‘Cause the world is getting smaller each passing day
Now it’s time to start making changes,
And it’s time for us all to realize,
That the truth is shining real bright right before our eyes

None of us are free
None of us are free
None of us are free, if one of us is chained
None of us are free.

Application of this to the year 2016, how you should deal with everything that’s happened this year, and how you should stand with your friends and the people around you… is left as an exercise for the reader.

on November 19, 2016 03:28 AM

November 18, 2016

SeaGL 2016

Aaron Honeycutt

I’d like to first thank the amazing Ubuntu community for funding this trip to promote all *buntu’s, provide a face to face for Ubuntu, Kubuntu, and Lubuntu contributors to plan the next cycle and more to come!

After the booth was up and running with people from Ubuntu, Kubuntu, Lubuntu. We had machines running Kubuntu, Lubuntu and a few devices with Ubuntu Touch. We were also showing off both gaming on *buntu and how well the Steam Controller works with it.

Currently Kubuntu does not have a Release Manager and as such we have started talking to Lubuntu’s Walter (wxl) as he has been working as Lubuntu’s RM for a few releases. We quickly realized that we don’t have any documentation on how that is handled. Thanks to Walter we now have a great starting point on how releases are normally worked out, we’ll have to see if Kubuntu needs any extra steps but it’s a step in the right direction.

 

on November 18, 2016 08:00 AM

November 17, 2016

conjure-up Canonical Kubernetes under LXD today!

We've just added the Localhost (LXD) cloud type to the list of supported cloud type on which you can deploy The Canonical Distribution of Kubernetes.

What does this mean? Just like with our OpenStack offering you can now have Kubernetes deployed and running all on a single machine. All moving parts are confined inside their own LXD containers and managed by Juju.

It can be surprisingly time-consuming to get Kubernetes from zero to fully deployed. However, with conjure-up and the driving technology underneath, you can get straight Kubernetes on a single system with LXD, or a public cloud such as AWS, GCE, or Azure all in about 20 minutes.

Getting Started

First, we need to configure LXD to be able to host a large number of containers. To do this we need to update the kernel parameters for inotify.

On your system open up /etc/sysctl.conf *(as root) and add the following lines:

fs.inotify.max_user_instances = 1048576  
fs.inotify.max_queued_events = 1048576  
fs.inotify.max_user_watches = 1048576  
vm.max_map_count = 262144  

Note: This step may become unnecessary in the future

Next, apply those kernel parameters (you should see the above options echoed back out to you):

$ sudo sysctl -p

Now you’re ready to install conjure-up and deploy Kubernetes.

$ sudo apt-add-repository ppa:juju/stable
$ sudo apt-add-repository ppa:conjure-up/next
$ sudo apt update
$ sudo apt install conjure-up
$ conjure-up kubernetes

Walkthrough

We all like pictures so the next bit will be a screenshot tour of deploying Kubernetes with conjure-up.

For this walkthrough we are going to create a new controller, select the localhost Cloud type:

conjure-up Canonical Kubernetes under LXD today!

Deploy the applications:

conjure-up Canonical Kubernetes under LXD today!

Wait for Juju bootstrap to finish:

conjure-up Canonical Kubernetes under LXD today!

Wait for our Applications to be fully deployed:

conjure-up Canonical Kubernetes under LXD today!

Run the final post processing steps to automatically configure your Kubernetes environment:

conjure-up Canonical Kubernetes under LXD today!

Review the final summary screen:

conjure-up Canonical Kubernetes under LXD today!

Accessing your Kubernetes

You can access your Kubernetes by running the following:

$ ~/kubectl --kubeconfig=~/.kube/config

Or if you've already run this once it'll create a new config file as shown in the summary screen.

$ ~/kubectl --kubeconfig=~/.kube/config.conjure-up

Or take a look at the Kibana dashboard, visit http://ip.of.your.deployed.kibana.dashboard:
conjure-up Canonical Kubernetes under LXD today!

Deploy a Workload

As an example for users unfamiliar with Kubernetes, we packaged an action to both deploy an example and clean itself up.

To deploy 5 replicas of the microbot web application inside the Kubernetes cluster run the following command:

$ juju run-action kubernetes-worker/0 microbot replicas=5

This action performs the following steps:

It creates a deployment titled 'microbots' comprised of 5 replicas defined during the run of the action. It also creates a service named 'microbots' which binds an 'endpoint', using all 5 of the 'microbots' pods.

Finally, it will create an ingress resource, which points at a xip.io domain to simulate a proper DNS service.

To see the result of this action run:

Action queued with id: e55d913c-453d-4b21-8967-44e5d54716a0

$ juju show-action-output e55d913c-453d-4b21-8967-44e5d54716a0
results:  
  address: microbot.10.205.94.34.xip.io
status: completed  
timing:  
  completed: 2016-11-17 20:52:38 +0000 UTC
  enqueued: 2016-11-17 20:52:35 +0000 UTC
  started: 2016-11-17 20:52:37 +0000 UTC

Take a look at your newly deployed workload on Kubernetes!
conjure-up Canonical Kubernetes under LXD today!

Mother will be so proud.

This covers just a small portion of The Canonical Distribution of Kubernetes, please visit the charmstore for more in-depth documentation.

on November 17, 2016 11:46 PM

Ubuntu Online SummitEarlier this week the Ubuntu community was busy with the Ubuntu Online Summit. If you head to the schedule page, you can watch all the sessions which happened.

As I’m interested in snaps a lot, I’d like to highlight some of the sessions which happened there, so if you missed them, you can go back and see what happened there:

  • Intro and keynote by Gustavo Niemeyer
    Gustavo (amongst others projects he is involved with) is one of the lead developers of snapd. During his keynote he gives an overview over what the team has been working on in the last time and explains which features all landed in the snap world recently. It quickly gives you an idea of the pace of development and the breadth of new features which landed.
  • Creating your first snap
    This is a session I gave. Unfortunately Didier couldn’t make it as he had lost his voice in the days before. We both worked together on the content for this. Basically, if you’re new to using and creating snaps, watch this. It’s a series of very simple steps you can follow along and gives you enough background to see the bigger picture.
  • Snap roadmap and Q&A
    This was a fun session with Michael Vogt and Zygmunt Krynicki. They are also both lead developers of snapd and they share a lot of their thoughts in their own very fun and very interesting way. After some discussion of the roadmap, they dived right into the almost endless stream of questions. If you want to get an idea of what’s coming up and some of the more general decisions behind snaps, watch this one.
  • Building snaps in Launchpad
    Colin Watson gave this demo of a beautiful new feature in Launchpad. Starting from a github repo (the source could live elsewhere too), the source is pulled into Launchpad, snaps are built for selected releases of Ubuntu and selected architectures and directly pushed to the store. It’s incredibly easy to set up, complements your CI process and makes building on various architectures and publishing the snaps trivial. Thanks a lot for everybody’s work on this!

The other sessions were great too, this is just what I picked up from the world of snaps.

Enjoy watching the videos and share them please!

Thanks a lot to all the session leads as well!

on November 17, 2016 08:36 AM