To: Computing Officers Date: Mon, 6 May 2013 20:53:39 +0100 (BST) Subject: [cos] FLOSS 2013 Notes... Finally. I made relatively long notes on the talk, but my attention span leads me mostly to note down little nuggets of information rather than much in the way of structure or context. As a result this is rather more fragmented than Chris' account... I wish I could've put it into something more readable but maybe even if you just click on all the links you'll learn something like I did :) Bad Guys: Stephen's talk ------------------------ They most certainly work weekends. Stephen asks for the most commonly hit usernames by account thieves, family-fortunes style. I should've guesed it, having seen a similar pattern in my own (home) logs, and as such failed to win what was, disappointingly, the only bribes on offer in the whole conference. I can't wait to have an excuse to try PANDAS. I note that it's integrated into a lovely Python framework "iPython" which has moved itself from mere shell enhancement to a full scientific workbook, R style. He makes a good observation that corporate desktop uptime might correspond to botnet peak periods... Long Distance Sysadmin: Julian Turnbull --------------------------------------- Some interesting pieces of software raised in this talk. - BackupPC -- http://backuppc.sourceforge.net/faq/BackupPC.html performs de-duplication using rsync's perl API. I didn't know this sort of functionality was available in a conveniently pluggable format... - cvmfs -- https://github.com/cvmfs/cvmfs this looks fun! best comment: "they weren't called thin clients back then..." John Hackett, Bytemark ---------------------- I think Chris covered this best. Their "product" was: https://projects.bytemark.co.uk/projects/custodian/ Mauve was an interesting way of decoupling machine alerting from modality/state tracking/human alert and acknowledgement. It allows acks via Jabber *sigh*! interesting technologies: - http://kr.github.com/beanstalkd/ - I have some need to start doing some queued multiprocessing in my own work but I don't think Informatics is at the scale where this will bring benefits. - redis - This keeps coming up as the most highly-regarded key-value ("NoSQL") store around, but this must be because these people aren't concerned with authentication or any of the other things that PostgreSQL's key-value storage tables can offer. Or maybe they just don't know it's possible... scariest comment: "fairly extensive database" followed by "SQLite". I'm being a little mean, though: It didn't apply to the code itself. A great point to take away about users' expectations not necessarily being nearly as demanding as admins' own standards. JP Mens: Ansible ---------------- http://ansible.cc/ To paraphrase the author, LCFG renders this unnecessary... There was a common theme throughout these talks, as with the previous year's, that many people were solving "problems" all over their infrastructure which would in our world resolve very easily and cleanly to "configuration management would handle this". It's surprising to see the number of ways in which this manifested. Toshaan Bharvani: Orchestration Computing ------------------------------------------ Ah - this involves ansible... which rather demonstrates its verbosity if nothing else. This talk also raised a few interesting ways of saving resources on VMs, including techniques for minimising boot image, sharing the boot kernel, remounting tmpfs to use real RAM, and thoughts on disk splitting. The most interesting thing I learned was that Gentoo can require as little as 80Mb RAM in a functional installation... OK, so we want RHEL6 for many of our use cases, and a resonable management core and dependencies will bump this a little, but what are we doing with an SL6 installroot and licence servers(?!) David Jones, Chris Blower: Lithium ---------------------------------- This one set me thinking about ways of Integrating VMs into configuration management. The Lithium tool was a way of automating Linode operations (with an eye to managing other "cloud" backends with suitable APIs) but it didn't perhaps go far enough to be described as configuration management per se. (Interesting facts about linode include that it works on a deposit-style system: starting a linode instance costs about $20, but destroying it refunds $19...) Scary quote: "separating code and configuration [...] is hard". But to be fair, having your every service in the cloud blurs these bounaries something awful. The point I took away is that our KVMs are fast becoming quick test-bed machines, and we have nice tools to speed up creation/destruction, but there's a level of actual management missing here. It's not just a lack of tools: it's tricky when your cleanly managed resource starts to accumulate data in its virtual disk, leaving you with a nasty data/config/data/config sandwich. - http://mmonit.com/monit/ is a component in waiting... Lightning Talks --------------- And lightning summaries. Don't know if you'll get much from this but why cut it out now? 1. http://netprog.classics.co.uk/ "...and you'll like it..." would not be an unfair way to summarise the speaker's (entertaining) style. The comment I scribbled was "2D Minecraft". 2. Newsflash: ZFS is awesome. 3. chiggs's tales of woe: only 25% of users will do the right thing for any given combination of carrot and stick 4. squinney and python: pandas (uses numpy) and matplotlib (which allows you to plot an arctic roll). Check this out! Also I need to upgrade ipython on DICE. 5. mrichar1: log processing using elasticsearch: logstash / kibana. Seen this before, no less impressive, needs a few rough edges smoothed off. 6. CivicCRM: used to power FLOSS UK. More than just a website. 7. "I hate computers": bytemark.co.uk/symbiosis 8. "ultimate debian database" -- try it for your own domain! - data protection, security, etc. rear their ugly heads. Simon Riggs: PostgreSQL 9.2 ---------------------------- I paid close attention to this one! Short summary: it's great 9.2 features... - new backups as well as replicaton options - pg_stat_statements - replace table works! forthcoming features: - *logical* replication (not statement replication) - stores statements in transaction log; we're interested in this for auditing - internal daemon processes - distributed multi-master replication - firm locking for writes, or last-update wins - online major release upgrades... - filtering, etc. Other cool features: - JSON support - key-value store (for quite a while now) Best just ask me about these if you're curious! Aaron Brady: Real-Time Monitoring at Scale ------------------------------------------ This was an interesting race through monitoring techologies which mentioned lots of popular tools. Comments about moving on to the next technology without ever really having abandoned the ond one were relatable - good job we have major OS upgrades to force us to clean up... "scale" means 400 servers in this case. Talking about : - pingdom - http://munin-monitoring.org/ -- "lot of graphs with almost no work." - for humans, that is. load becomes crazy. - collectd, graphite - trendy RRDtool and graphing. - everyone loves graphite. - ganglia's good too I can't remember which of the above collected the accolade "indistinguishable from a fork bomb", but I think it might have been one I didn't list... Toshaan Bharvani: Open Enterprise Server ---------------------------------------- "...my eyes..." was all I wrote here. I am certain that's a reflection on my caffeine levels rather than the speaker. Bernd Erk: OpenNebula --------------------- Very interesting pluggable VM provisioning "thing". However: - "it's okay, you don't have to use MySQL. It supports SQLite." - machine console via web interface *sigh* - CLI gives lovely stats... (but serial console??) JP Mens: DNS Servers -------------------- - mens.de - dnssexy.net - Went over my head to a large extent, but some names and buzzwords for those who can decipher them. On BIND: - If you run BIND, and aren't unsatisfied with it: don't touch it! - But don't assume a BIND4 upgrade will be the easy opyion - it might be a good time to reevaluate. On everything else: - speaker seems to like "unbound." fast. live injection. python extensions. Though others do similar... - PowerDNS - choice of backend. Split between auth. and 'PowerDNS recursor' The interesting takeaway was that at least two DNS servers allow extensions in Lua script! Always amused to see this low-profile but pervasive and persistent language popping up in places. Tim Fletcher, Brighter Connections: Storage Caching --------------------------------------------------- Started with a good rundown of 'the obvious': - speeding up SANs: avoid thrashing. add spindles, RAM... - caching: NAS is slow, SSDs are fast. So cache locally on SSD. Duh. - We won't get rid of spinning disks for some time. - How do we do the caching? Speaker presented a software option: - flashcache: Kernel Module (dm) from Facebook. Uses FusionIO. blockstore. dangerous if you flush the cache! - scary stuff.