January 2014 – Page 2 – Simon Lyall's Blog

Linux.conf.au 2014 – Day 3 – Session 1

Systems Administration in the Open by Elizabeth Krumbach Joseph

Works for HP , paid to work on Openstack project

Normally infrasture is maintained by a team
- You interact with them via tickets and email
- Priority determined by the team
Infrastructure team at open stack
- CI system
- Wiki, website, IRC bots
Everything is in a public git repo
- Puppet modules
- git.openstack.org
- Anyone can submit patches
Openstack code review and CI chelleganes
- Lots of individual projects (infrastructure is just another one)
- Syntax checks, testing automated, changes should never break the master
Using
- launchpad
- git
- gerrit
- zuul
- gearman
- jenkins
- nodepool
Probably don’t need that much at most places, but already used by other projects
Anyone on the Internet can look at our changes and/or do code reviews
checks:
- puppet pareser validate
- puppet-lint
- XML
- Alphabetized project files
Peer review
- Multiple eyes on changes prior to merging
- Good infrastructure for developing new solutions (particularly for distributed teams)
- Trains us to be collaborative by default
- No special process to go through commit access
Changes get checked in
- Either puppet master gets updated and applies change
- Or vcsrepo module in puppet pulls in latest version of the project
Can you really manage via git commits
- Cacti to keep eye on server usage
- Puppet dashboards so you can watch your changes get applie(or not)
- Thorough, specific documentation at http://ci.openstack.org
Sometimes you need to login to a server
- More difficult for complicated migrations, upgrades
- Passwords need to be more privately managed
- Other stuff kept in hiera and maintained out of band
Conclusion
- You have the tools you need to figure out and patch the infrastructure
- Priority is largely determined by the patch submitter
- No need to wait for the infrastructure team to figure out and write your change

Linux Filesystems: Where did they come from? by Dave Chinner

Motivation
- Based on previous study that reviewed commits on file systems from git tree
- Focus primary on bug fixes
- Ignored feature work, didn’t look at the people
- Only considered 2.6.x kernels
- Listed Patch type, type of bug fixed
- Only listed by number of commits, not the number of lines
- Listed bugs fixed per release
- But didn’t list “why” some of these things happened
Fire System Technologies
- 1970s
  - Record based
  - small file name sizes
  - File control blocks rather than inodes
  - No Hierarchical namespaces – multiple “user regions” to segregate files
- early 1980s
  - Sector based – complex Cylinder/head/sector mappings and optimisations
  - inode tables
  - bitmaps for free space
  - Resource forks
  - Hierarchical directory structure
    - simple and limited in size and depths
- late 1980s
  - Extents and btrees in research
  - journalling first used
  - full 32 bit address space in use
  - Cylinder roup seek optimisation lead to multiple inode/data groups per file system
- Early 1990s
  - maximising IO, > 4GB file systems. minimising seeks in reasearch.
  - RAID
  - log structured filesystems and copy-on-write
  - 5-10 year gap from research to production
- late 1990s
  - soft updates to replace journaling
  - data transformations (compression, encryption)
  - wandering logs
  - async journalling
- Current tech 00s
  - transperant error correction
  - direct device management (raid itself)
  - reference counted copy-on-write btrees
  - log structured merge trees
Linux file Systems
- Minux FS – 16 bit, 64MB
- 1992 ext File System – 2GB MAx, 255 char file names
- 1993 – ext2 – 4TB max size, a/c/mtime support , group based bitmap allocator, extensible
- 1998 – journaling proposed for ext2
- 1999 – IBM release JFS under GPL
- 2000 – SGI release XFS under the GPL
- 2001 – Ext3 merged, reiser3 merged, JFFS2 merged, First JFS and XFS releases
- 2002 – JFS and XFS merged
- 2004 – Reiser4 released
- 2005 – NILFS released
- 2006 – ext4 first proposed, created
- 2007 – BTRFS concenved
- 2008 – ext4 declared stale, tux3 design first published
- 2009 – BTRFS merged, NILFS2 merged
- 2010 – LogFS merged in 2.6.34
- 2013 – F2FS merged in 3.8
Linux history in git trees
- Complete from 2.4.0
- Older releases mostly intact
- commit date issues, time based search fail
XFS History in a git tree
- Complete from initial commit in 1993
- Older commits mostly intact, some issues

Looking at extN / XFS / btrfs
- When – diffstat
- what – difss and commit messages
- who – commits, mailing lists
EXT file system
- 2500 lines added in 1991 to get it working
- Removed in 2.1.21
ext2
- 1994 – first commit
- 1998 – Steven Tweedy did lots of work
- 2002 – various stuff done
- 2003 – extended attributes originally from XFS added by XFS team
- 2008 – reservation based block allocation backported from ext3
ext3
- 2002 – created
- 2003 – journalling added , extended attributes
- nothing much since then except maintenance
ext4
- 2007- create
- features steadily being added 2007 till now
btrfs
- 2x the amount of code than ext4
- Steady add of features since 2008
- Stuff being added not removed

Sync’d to Linux merge and fix windows every 3 months

xfs
- 1995 release
- 2000 removed a tonne of stuff due to licenses pre-GPL (and it still worked)
- Several other code removals
- Code removals often mechanism being replaced by something better
Compare
- xfs is as old as all others and has had more work done on it most years except recently with btrfs
- btrfs due to overtake xfs as largest filesystem in 2014

Linux.conf.au 2014 – Day 3 – Welcome + Lightning talks

Lightning talks

Storing Passwords
- Salt per per password
- See Aus Govt standards
- Use bcrypt or approved standards
- Don’t write your own
Pyladies Australia
- Setting up in Aus
- Local groups
- Various ways you can help
- australia.pyladies.com
- @pyladiesAU on twitter
Crowd-funding Free Software
- eg kickstarter
- wish was a feed of free software crowdfunding campaigns
- cffsw.modernthings.org
- @crowdfundfloss
- Keep record of old and list existing and upcoming funding rounds
slidelint
- everybody makes same mistakes in slides
- like code lint but for you slides
- eg text to small, too close to edge, low contrast, spelling
- Website version coming
- runs against pdf
- All in python, pluggable, docs
- github.com/mithro/slidelint
Raising Geek Girls
Blue Hackers
- Blue Hackers area near rego desk
- Blue Hacker BOF happened on Tuesday
- Psychologist on campus on Thursday and Friday. Signup in area near desk (anonymous method)
File System for Raspberry Pi
PyCon Australia 2014
- www.pycon-au.org
- Brisbane 1st to 5th August 2014
RapRap based curriculum
- Newer designs are better, can be built in 3 hours
- Idea that High Schools could build various classes around it: art, maths, physics, chemistry
- Idea to create a book around this idea that schools could use
Kiwi PyCon 2014
- Wellington somewhere
- September
- kiwi.pycon.org

Linux.conf.au 2014 – Day 2 – Session 3 – Astronomy Miniconf

Supercomputing and Data Storage Design for the SKA – Stephen Ord

Still in design process but not everything finalised
Square Kilometre Array
- Dense core, spread out arms
- Across Aus and South Africa
- different antenna cover different frequencies
- Main goals of array:
  - Galaxy Evolution, Cosmology and Dark energy
  - The first billion years of the Universe
  - Strong field tests of gravity using pulsars and black holes
  - Cosmic Magnetism
  - Cradle of life – complex molecules around distant stars
Interferometer – Very heavy proccessing required
Lots of data coming in, lots to be archived
MWA ( approx 1% of the size of the SKA)
- 7km of trenching
- 10kn of electrical cable
- 16km of fibre
- 2048 dual pole antennas
- 42 km of coax cable
Way too dense information for me to summarise
Next Generation Archiving System
- Distrubuted, forwards data to various clusters around the world
- Users can subscribe to tags

Desert Fireball Network – with Linux under the bonnet – Martin Cupák

Meteoroid (in space), Meteor (in atmosphere) , Meteorite (on earth)
- Observed from 2 or more locations. 120-30km above surface. Freefall below 30-40km
- Triangulation, analysis, weather model (can move up to 10km sidewise)
- Search trip
- Meteorite!
Types: Stoney, Achondrite, stony-Iron, Iron
History
- Manually operated film cameras (since 1959)
- Automated film cameras (first in 1997, since 2001)
- Digital cameras (ideas and dev since 2010, operation since 2013)
First Meteorite observed, triangulated and found in Czech republic in April 1959
Since 2009 15 automated film cameras across 13 stations in Europe
Nullarbor network of automated film cameras – 3 stations 2005, 4 stations since 2007
- 150km apart
Based on Industrial PC
- Old ones P1 , newer P3
- Microphone picks up sound from meteor going through atmosphere
Software
- Using Redhat 7.3 (released 2002)
- ntpd sync’d
- New System using Centos 5.2
Digital Cameras
- Triggered system
  - sequence of hi-speed HR images fired when event detected
  - 11 images/second
  - Complicated design so put aside for now
- Long exposure system
  - MK-I – 2 built as testbed
    - eBox Pc, 933Mhz, 3xUSB, 1TB HDD, DSLR taking 30s exposures, leo stick uController for power, GPS and camera control, 3G modem, 2x2TB NAS
    - 3G modem lockups
    - Slow CPU
    - SD card unrelaible
    - External HDD a worry
  - MK-II – 10 built, 5 deployed, 60 planned across Australia + USA
    - Industrial PC
    - Video Camera
    - Atom N2600 dual core 1.6GHz
    - 480G SSD
    - 2 X 4TB external HDs
- Kit camera system for enthusiasts
  - Similar to long-exposure system, possibly lower resolution
Goal 60 Cameras, cover 1/3 of Australia. See 15-20 meteorites / year in searchable areas, 500TB data per year
Data available for other uses?

Linux.conf.au 2014 – Day 2 – Session 2 – Open Programming Miniconf

Coming home: a return to PHP’s roots by Adam Harvey

I arrived late for this but he looked like he was having fun
He wrote a PHP micro-framework live in the talk
Cute

Get your PaaS into gear by Katie Miller

An introduction to OpenShift
Platform As A Service, include web servers, databases, storage.
Iaas -> Paas -> Saas
Why?
- Focus on code, not config
- Speed of deployment
- Convenience
- Scalability
- effeciency
Flavours
- Origin – Source can be downloaded
- online – Hosted in Amazon
- Enterprise – Run you own supported
Runs on RHEL
- Runs in containers
- Cartridges (programming environment) within the container
Tissues!

The Cobblers Children Have No Shoes: Development Tools and the Unix Philosophy by Russell Keith-Magee

Django Guy
Over last 30 years – My tools have got appreciable worse
- Libraries, languages and computers better
- Programming tools have not
- Some have got worse
- Not language specific
Debugging
- Borland C – GUI – see where in code you are
- 1994 gdb
- 2013 gdb
Why?
- The Unix philosphy – small, seperate tools
- Cargo Cult
  - Powerful tools only need a CLI
Fully featured IDE?
- Only one tool the GUI
- Maybe a plugin interface, if you are lucky
Keep good bit of Unix philosphy
- Different Window dressing
BeeWare
- Common problem with bad interface – testing
- Current test suite outputs little to screen until it finishes.
- Cricket – runs test suites and lets you look at output while it is running, see progress, what is passing/failing, can browse errors, does just one thing
  - cross platform – uses what Python provides out of the box, uses tk
  - Zero configuration – uses pip and run from command line. Nothing set in tool
  - Integration
- Duvet – Test coverage tool
- Why not a web interface
  - Needs to have a server
  - Live updates are still ard
  - Don’t believe web browsers will be superior to native tools and time soon
pybee.org

A Pseudo-Random Talk on Entropy by Jim Cheetham

Random vs Pseudo-Random vs Cryptographically Secure Pseudo-Random
Some Pseudo-Random generators not as random as was expected
Good PRNG – Mersenne Twister,
Blum Blum Shub – Crypto good if you pick right numbers
Diehard test spot bad random numbers
Random numbers for science – use publish “table” of pre-generated ones
/dev/random very random enviromental noise , /dev/urandom not crypto-good
/dev/random should block if not enough random bits available
RdRand – Source of random data built into chip, measures physical noise, runs through AES, can’t acess original data though
Sources from various hardware generators
Turbit – reads noise from soundcards
OneRNG – Speakers project, Open etc

Linux.conf.au 2014 – Day 2 – Session 1 – Open Programming Miniconf

Keeping Current: Maintaining an internal fork by Benno Rice

FreeBSD contributor, works for EMC isilon division
OneFS file system runs on appliances FreeBSD
OneFS = FreeBSD + stuff
Various add-one. Pretty interfaces, file system, etc
Some changes upstreamed but not others
We maintain a divergent fork of FreeBSD

Strategy:

Don’t maintain a fork
- Version is old. 7.3 from 2010 plus backports
Don’t get behind
- Need to catchup and stay caught up
- Track FreeBSD-current
- Do our own releases
Don’t track branches
- upstream as much as possible to minimise diffs
Upstream as much as possible
- Code checkout 5GB
- Pile it all up approach approach – bulk merge and fix things – no timeline – no way to test
- Pretend we use git approach
  - merge changes from bsd and apply
  - subversion couldn’t do directly, fixed with script
If your tools don’t do what you need fix them
- worlds ugliest rebase – merge in all changes since 7.3
- eventually got there
- merge 20 changesets and then test a bit. bisect changes
- 9 weeks of work to get to FSB v8
Don’t Stop
- Got to keep tracking it forever
- need to work out when to do releases

USB and Android by Joel Stanley

Last 3 years making consumer electronic devices, all talk to USB
Android as a tool
- cheap, portable, lots of connectivity
- No licensing worries vs laptops
- Lots of features
- Works out of the box
USB APIs as of Andriod 4.0
Normally runs in peripheral mode – we are interested in host mode
- Most hardware requires a dongle
- ADB over TCP to debug
- Asus Transformer
Architecture
- libusb – std Linux
- app.so – Same as linux version
- C wrapper – app code created and mait by C, simplyfyin Java
- JNI
- App Classes – calls into C code
- User Interface
Java Naive Interface – JNI
- C can call Java
- Jave can call purpose-written C-code
- Hard to get started with, look at others people code off github
Native Development Kit
- C/C++ cross compiler for targeting Android
- Provided by Google
- Used it to compile shared libs
Android permissions
- Limits access to device files
- No auto access to hardware, can’t hard-code since USB is dynamic
- Get permission in Java code and then change permission so C code can use
https://github.com/shenki/FreeDV-Android

Developing OQGRAPH, a tool for graph based traversal of SQL data in MariaDB by Andrew McDonnell

Graphs = nodes + edges/links
Graph alogrithms – Breadth first, depth first, shortest path
Graphs in the “real world” – maps (how does GPS work), relationships (linkedin, facebook), trees
MariaDB is fork of MySQL
- Being adopted a various distributios
- Used by big companies
Graphs in a SQL RDBMS
- store a graph as a list of edges
OQGraph
- Creates “latch” column that contains a special command executed by the storage engine
- where latch=’breadth_first”
- Project hosted on lauchpad

Linux.conf.au 2014 – Day 2 – Keynote

Kate Chapman– OpenStreetmap for disasters

Background
- Most maps people used are not free
- “The Wikipedia of Maps”
- Goal: A free map of the whole world
- ODbL – Like CC-BY-SA
Humanitarian Openstreetmap Projects (HOT)
1st official activation in 2009 for Gaza
Activatation is a response from the community to a callout
Port-au-prince Jan 12 2010
- Tracing existing satellite photos
- Being used by people on the ground within a week
- Geographic agency build collapsed and many staff killed in earthquake
- Data released by agencies used for maps
- Also covered Northern Haiti which wasn’t as affected by quake
- Created NPO to organise
Project to map Indonesian ahead of time since disaster-prone country
- Map once, use for many things
- Pilot project – West Nusa Tenggara
  - Worked with community to collect data, including demographics data
  - Some existing maps were hand drawn or used “dumb” tools like coral-draw
  - ASM tools distributed
  - Agreement from Govt, NGOs, Companies to make best mapped province in Indonesia
- Mapping Jakarta
  - 267 Urban villages
  - Talked to each head, get person to map data, University students to input the data
  - Varying levels of data quality, in-putted by students
  - Flooding in Jan 2013 – Map uses as basis of maps to show areas affected
  - Creating a training program (training the trainers)
- openstreetmap.or.id
- Data collected (often by Scouts), printed out maps, got people to walk around fill in gap son paper. Add data to online version

Used to create impact models for future floods
3 part training manual created (English and Indonesian)

Eurosha
- Training people to go work for 6 months in various African countries
Other projects to map 200 asian cities that are prone to disasters
Senegal – training and workshops
Project in Japan in Tsunami affected areas
Mapmill –
- Civil Air Patrol takes GPS tagged photos of disaster areas
- People sorted images by damage None/some/bad
American Red Cross
- Fire risk map in Uganda
Philippines – Typhoon Haiyan hit Nov 2013
- Mapped 10,000 buildings in Tacloban before Typhoon hit
- Website allows people to login and see various tasks that can be done
- Post-event Satellite Imagery needed
- US State Dept released satellite imagery for 30 days
- Able to use photos to do before-vs-after maps on damage
github.com/hotosm
digitalhumanitarians.com – various groups
Volunteer in Person for a Project – See website for lists
hot.openstreetmap.org

Linux.conf.au 2014 – Day 1 – Keynote

Keynote – Dr Suelette Dreyfus

The Surveillance state

Our state is out of balance, to much state power
Evolution to the Post-Snowden World
Era of the Whistleblower – Reveals information from inside an organisation
- Doesn’t have to be a traditional employee (eg contractor)
- about serious wrongdoing
- to someone they believe can do something
Today’s public perception of whistleblowers
- Most people think “normal” or “heroes”
- http://whistleblowingsurvey.org
- About 50% of population too much secrecy within organisations
- 80% support people should be supported revealing inside information
- 87% support someone should be able to go to the media
Why the change from traditional views which were much more anti-whistleblower?
- Whistle-blowers, publishers, journalists, academics are harassed, stopped at borders. Live in exile from UK, USA, Australia. Live in Russia

What has the state been doing

Reached a state of security saturation
- So much money being spent it is being wasted on WoW and stupid places
- Extra money being spent produces no additional useful data

Case Study – The inside platform

Cradle to graduation state tracking of children in Victoria – she used “our children”
Move assesment to one-stop-shop
Track individual progress of children, to provide picture of child, tailor teaching
Learning disabilities, behavioural problems, all in one place
What about religious schools, will church attendance and attitude be recorded?
Who has access, how long retained, who will it be shared with? Kept overseas?
Lots of rules around heath data but none in this tender (hard to tell since tender not publicly available)

Sample of Hardware exploit hardware that can be installed on Dell servers

Examples for Dell servers
Multiple vendors targeted
Hacks for Phones and SIM cards

Status of The Surveillance State

Bulk Collection – Met, still to be cross linked
Ongoing Storage – Mostly Met
Capture of all state data – Not yet fully linked
Co-option of big-data players – Being worked on, some push back
Legal – Met
One-View of citizen across all interactions across lifetime – Getting closer

What you can do

“In a time of universal deceit, telling the truth is a revolutionary acts” – George Orwell
Get Political
Write privacy-enhancing software, write defensive/detection software for ordinary people
Get involved in NFPs that give tech support to journalists, NGOs and average citizens
If you work for the Govt, use your voice