-
Right, good afternoon
-
It is the lightning talks sessions at
DebConf Hamburg 2018
-
We've got seven speakers, and I guess
we'll just get going
-
Starting with Tobias Platn???,
talking about Debian on Power9.
-
Yesterday I, hm no, on friday,
I received my new Power9 machine.
-
A Talos 9 (II).
-
And it has an IBM Power9 processor
-
So, the only distro that I know that will
work is Debian.
-
Then, this is a new PowerPC 64 bits
architecture,
-
that can run in little-endian mode.
-
I downloaded a Debian installer.
-
First, I chosed the stable version, but
-
that crashed during install.
-
And, then I retried a different version,
a daily version.
-
And this one, which is based on Buster,
correctly installed.
-
I can even have a graphical environment,
working out of the box.
-
And, the installer then complained that
there is no boot partition
-
for older PowerPCs, and this boot partition is
not needed, since the TalosII
-
has a newer systems starting with power7
used petitboot.
-
So, that needs to be fixed in the Debian
installer,
-
that it doesn't produce the warning
on Power machines.
-
And now I have a working Debian
installation,
-
which I can use.
-
(thanks) [applause]
-
Thank you very much, that was very quick.
-
Next up is Thimothée Jaussoin,
-
talking about Movim, the XMPP social
platform.
-
Give him a moment to get set up.
-
I think it's a bit better this way.
-
Who already heard about the platform Movim?
-
OK, so we have a couple of people that
know about the project here.
-
Just to present you what I ??? could be a
parallel universe
-
but is actually the current universe we're
living with.
-
Lots of different chat platforms.
-
The same thing on social networks.
-
We keep reinventing the wheel
all the time.
-
We don't have this problem with e-mails
-
hopefully actually the e-mail standards
came way before before all of those
-
proprietary solutions
-
So we have ??? and Google and Microsoft
are still using SMTP, IMAP, for now.
-
So everything is compatible, and we have
a lot of clients on top of that.
-
But for chat, and social networks, it's
not the case.
-
So the idea of Movim is to build a
social platform.
-
In there, we can put a little couple of
ingredients.
-
First, it needs to be Open-Source, for the
transparency, for the fact that you can
-
have feedback and improvements,
for the security part. Bring some trust
-
I think that you guys here know about the
advantages of Free Software, and
-
especially on the communication part,
on social networks, but it's not enough.
-
We also need to be in control, actually
in this social network.
-
So it need to be simple and transparent
-
on the UI but also on the protocol level.
-
On the really deep below stacks.
-
So we'll need to have a strong and reliable
encryption,
-
so don't reinvent also an encryption
- talking about Telegram, here -
-
And, yeah, need some trusts in sights
here.
-
I mean a community, and not a company
that you will blindly trust
-
to take care of all of your communications.
-
But it's not enough.
-
It needs to be decentralized. Because
centralized social networks,
-
even if it's opensource,
-
if it's only one instance, you have to
still trust the instance. So would like to
-
deploy your instance, you would like to
trust someone else,
-
you can only, sometimes, trust only
yourself in seldom cases
-
Decentralization also brings robustness
-
So that's too many times that actually
one server is failing, think Signal
-
had an issue recently, about this kind
of thing there.
-
The issue was with the Amazon servers,
the whole thing didn't worked
-
for a couple of hours.
-
And then, resist against censorship and
control.
-
Same thing with Telegram, I think in
Russia.
-
I'm talking more about the IM part, but
it's also applicable to social networks.
-
It's exactly the same thing, just that the
exchanges of information are a bit different.
-
So, you need these steps but
-
all those platforms here
-
(I just made this conference 3 years
ago, just added Mastodon recently)
-
So i might talk about different sorts
of platforms
-
There is communication between those
platforms, kind of standards that are
-
starting to come in, especially between
Diaspora and Mastodon,
-
but there is still a lot of work to do
there.
-
So, the secret ingredient is about
compatibility, about extensibility.
-
Don't try to reinvent the wheel again,
-
don't try to create another social network,
-
or another IM platform that will have all
those communication troubles.
-
So, I mean a long-term vision.
-
And, actually, the secret ingredient
is standardization, in these things.
-
So, this standard should
have a couple of features,
-
support news feeds, communities, IM, chatroom
presences, know who's online, profiles,
-
video conferencing security, bridges to the Web.
-
And then it will be real-time.
-
And, 1 minute?
-
This protocol actually exists, it's called
XMPP.
-
So the goal of the project is:
- take XMPP implemented
-
- and doing a lot of innovation on
top of the project
-
So, server-side it's a simple XMPP
client, webserver, simple to install
-
(PHP, MySQL PostgreSQL)
-
And user-side, it's also super simple
to use, you need simply a browser,
-
it's responsive, it's light, it's fast and
is built actually for small communities.
-
There are pods all around the world.
-
You're really invited to deploy your own
pods.
-
There is already ten thousands accounts
on the official pod
-
30 languages
-
Debian packages coming soon
-
Thanks to the help of some people
in this room.
-
And, that's it !
-
So if you want more information,
everything is on the website,
-
you can join the chat room.
-
Or, the twitter.
-
[applause]
-
Thank you very much.
-
Next up is Thomas Lange, Mrfai,
talking about dracut.
-
Not Synced
Today, I'm not talking about FAI
but about dracut.
-
Not Synced
dracut is a replacement for initramfs
which is used by most other distributions.
-
Not Synced
If I'm correct, only Ubuntu and Debian
and derivatives are using initramfs-tools
-
Not Synced
All other distributions already moved
to dracut.
-
Not Synced
Today I want to show how you can get
an experience with dracut
-
Not Synced
without deinstalling initramfs-tools.
-
Not Synced
Ben Hutchings did some patches, I think
two years ago, so it's possible.
-
Not Synced
What you have to do, there's a package
called "dracut-core",
-
Not Synced
which does not conflict with
initramfs-tools.
-
Not Synced
I have a virtual machine.
-
Not Synced
So, debian/fai…
-
Not Synced
On this machine, I will now install
the dracut-core package
-
Not Synced
and that's it.
-
Not Synced
We still have one initrd.
-
Not Synced
And now I can say…
-
Not Synced
Oh no, first I have to copy the dracut version
and then I can generate
-
Not Synced
a new initrd with dracut.
-
Not Synced
dracut uses the usual hooks or module
system,
-
Not Synced
it does not use the hooks from the initramfs
things but it already includes
-
Not Synced
a lot of hooks, so for example if you have
a cryptsetup,
-
Not Synced
you do not need the hooks for
initramfs-tools from the cryptsetup package
-
Not Synced
because dracut already includes this
and a lot of other things.
-
Not Synced
After generating a new initrd,
you update your grub and you see
-
Not Synced
we have now two entries in the grub.
-
Not Synced
One with the old initrd which was created
by…
-
Not Synced
the default one is the initrd which is
created by initramfs-tools
-
Not Synced
and here you have the boot entry for
the new dracut initrd
-
Not Synced
and it boots up and works.
-
Not Synced
What we need is that more people are
using it and giving it a try.
-
Not Synced
In your environment, on your hardware,
does dracut work?
-
Not Synced
We had a discussion, like 5 years ago, if
Debian…
-
Not Synced
When will Debian switch from initramfs-tools
to dracut?
-
Not Synced
And still there's no real need because
initramfs-tools works for everybody
-
Not Synced
but I think in the long term, we will
switch it,
-
Not Synced
so please help us, write bug reports
-
Not Synced
or just give it a try, if it works for you
or not.
-
Not Synced
That's it.
-
Not Synced
[Applause]
-
Not Synced
Next up is TecKids talking about
their organization.
-
Not Synced
Ok, those of you who attended the
Skolelinux talk already heard about TecKids.
-
Not Synced
I want to give a few details about what
else we do.
-
Not Synced
TecKids is a non-profit organization based
in Germany, but
-
Not Synced
we're working internationally and
-
Not Synced
we are completely centered around free
software and we do basically everything
-
Not Synced
concerning free software in education in
the context of children and adolescents,
-
Not Synced
young people.
-
Not Synced
More than 50% of our active members
are minors.
-
Not Synced
There's an "s" missing, sorry.
-
Not Synced
They are of course not minor but they are
minors.
-
Not Synced
Sorry, kids, if you are watching this.
-
Not Synced
They're minors and we are a fully
democratic organization
-
Not Synced
like in the FOSS spirit
-
Not Synced
and the most important thing is that we
get children involved with all the parts
-
Not Synced
of the organization, both operational and
tutoring and workshops
-
Not Synced
and working with free software projects,
giving presentations.
-
Not Synced
Normally some children would be here but
as this conference was right in the middle of
-
Not Synced
schooltime, this was not so easy.
-
Not Synced
So what do we do.
-
Not Synced
First of all, we want to get children
interested in programming, in coding,
-
Not Synced
in technical stuff and also in free software.
-
Not Synced
This we do by running youth programs
at free software conferences
-
Not Synced
like the FrOSCon where normally around
100 to 120 children attend and
-
Not Synced
use Debian and all that cool stuff and
learn what they can do with it.
-
Not Synced
We do peer learning, so those children
who already know many things and
-
Not Synced
are very interested, they start tutoring
other children.
-
Not Synced
Of course we have non-tech fun together,
we are outside,
-
Not Synced
there is a social program with staying
over night, having a barbecue and
-
Not Synced
all that stuff that helps building
a community.
-
Not Synced
Those who are even more interested can get
actively involved in preparing workshops,
-
Not Synced
organizing events, preparing talks, looking
at open source projects,
-
Not Synced
helping others get a free messenger
instead of WhatsApp,
-
Not Synced
working on HowTo, how to spread the word
among youths and all of that.
-
Not Synced
And then ??? at conference and raise
awareness,
-
Not Synced
this is our presentation team from
the Chemnitz Linux Days
-
Not Synced
and they are presenting the whole
??? of free software in education
-
Not Synced
at our SchulFrei booth which is
"School free" in German.
-
Not Synced
They are presenting all projects that are
involved in this common booth and
-
Not Synced
care for free software education.
-
Not Synced
If you are interested in that, maybe
because you have children or
-
Not Synced
want to have children or are involved
in education in some way,
-
Not Synced
there are quite a few things that you
can do.
-
Not Synced
You can help working on projects, you
can work with mentoring the children
-
Not Synced
in coding or organisational activities.
-
Not Synced
You can help spreading the word, also
raising awareness that
-
Not Synced
many many software projects do have
some involvement with children,
-
Not Synced
even indirectly, like a web browser
like Firefox,
-
Not Synced
such applications are used by children and
they may have other needs,
-
Not Synced
and they may have other views on that,
-
Not Synced
so it's very important to at least think
about what children or schools or
-
Not Synced
teachers as well do with this software.
-
Not Synced
Pardon? One minute, thank you.
-
Not Synced
We need help with presentations at
conferences,
-
Not Synced
so not every time the same people have to
get a day off at work and travel to conferences
-
Not Synced
there's much more manpower needed.
-
Not Synced
And of course, every ngo, every non-profit
organization is lacking money,
-
Not Synced
so if you have already donated to Debian
and still have money left,
-
Not Synced
you might want to give your money to
the future, which is children.
-
Not Synced
Don't forget donating to Debian.
-
Not Synced
I don't know if I am shot if I don't say that.
-
Not Synced
[laughter]
-
Not Synced
And there's also liberapay, it's a free
donation platform,
-
Not Synced
just have a look at it and if you want to
help us, actively just go to our web site,
-
Not Synced
find some communication means or just
talk to someone you find
-
Not Synced
at any conference who is wearing this
shirt with our logo.
-
Not Synced
Thank you.
-
Not Synced
[Applause]
-
Not Synced
Next up is Thomas Koch, talking about
containers.
-
Not Synced
Almost ready.
-
Not Synced
We do have one more space at the end
if anybody feels, you know,
-
Not Synced
inspired to tell us all the things.
-
Not Synced
I mean, we did have one very last minute
sign up.
-
Not Synced
Meanwhile, I guess I can make
announcements while I'm here.
-
Not Synced
Front desk will be available again
after lunch, as will t-shirts.
-
Not Synced
Anybody who hasn't had a t-shirt yet,
-
Not Synced
basically, if you signed up, you're allowed
to get a t-shirt, come see me,
-
Not Synced
yes, free of charge,
-
Not Synced
come see me at front desk when it's
open again after lunch.
-
Not Synced
Because I do know some people been
reticent to come up and, you know,
-
Not Synced
ask one…
-
Not Synced
I've probably given effectively
a lightning talk on not giving…
-
Not Synced
I think so.
-
Not Synced
Right, here we go.
-
Not Synced
Ein, zwei, ok.
-
Not Synced
Hello, I'm Thomas Koch, I work for Google,
-
Not Synced
I work in support for Google Container
Engine, Google kubernetes engine.
-
Not Synced
Who knows what Kubernetes is?
-
Not Synced
Oh, so few, ok.
-
Not Synced
It's a thing to orchestrate containers
on many many nodes,
-
Not Synced
up to thousands of nodes.
-
Not Synced
It was started by Google, open sourced
by Google in 2015 I believe.
-
Not Synced
First contributor was Red Hat, it is 100%
open source, it's written in Go
-
Not Synced
and by now it has won the market of
managing containers on large nodes.
-
Not Synced
I just was at the KubeCon in Copenhagen
with 4300 participants and
-
Not Synced
every company you can imagine has
an offering about Kubernetes.
-
Not Synced
Just some logos of companies that use or
contribute to Kubernetes
-
Not Synced
and even more logos and these slides are
outdated, so there are even more.
-
Not Synced
Kubernetes, you have some masters that
control kubelet on every node.
-
Not Synced
A kubelet can start containers and can
set up networking stuff
-
Not Synced
and can set up volumes and the basic
concept of computation,
-
Not Synced
the basic primitive is a pod.
-
Not Synced
A pod is one to many containers running
together in one environment
-
Not Synced
so that you have the possibility to have
sidecars running beside your main containers
-
Not Synced
that does additional stuff.
-
Not Synced
It has proven useful in Google's internal
??? container management engine
-
Not Synced
that you want to have certain containers
always running containers
-
Not Synced
and sharing resources.
-
Not Synced
An other important primitive is volumes.
-
Not Synced
Kubernetes can manage your storage and
provision storage to be accessible
-
Not Synced
to your containers.
-
Not Synced
You can combine many parts that provide
the same service to be accessible
-
Not Synced
under the same IP address and so have
failover enable like this
-
Not Synced
and of course then you have controlers
that scale your services,
-
Not Synced
scale down your services, restart failed
pods
-
Not Synced
or drain nodes that you want to take away
-
Not Synced
And my question now is what is the role
of Debian in a world where
-
Not Synced
Kubernetes becomes more and more popular
even if not that many of you have heard about it
-
Not Synced
I believe that Kubernetes will become
even more popular
-
Not Synced
and even as a Debian Maintainer, I'm
enthusiastic about how easy it becomes now
-
Not Synced
to run your stuff in Kubernetes.
-
Not Synced
But you only need a very minimal host
operating system to install Kubernetes
-
Not Synced
on your servers, afterwards you need
a bare image, a base image for your container
-
Not Synced
which is normally also a very minimal image
-
Not Synced
and you don't do "apt-get install apache2"
anymore to have a web server,
-
Not Synced
you take an apache container image and then
you extend this image and
-
Not Synced
put your app onto this image, so you don't
need an apache Debian image anymore
-
Not Synced
in such a world.
-
Not Synced
Will we still need this in Debian?
-
Not Synced
However, nothing is perfect.
-
Not Synced
On KubeCon, I also saw companies offering
-
Not Synced
"Oh, we scan you container images for
outdated libraries" and
-
Not Synced
you have long times to update your cluster
because all the containers need to be stopped
-
Not Synced
you download new images, you start whole
new environments
-
Not Synced
so there are optimizations possible there
-
Not Synced
and people are wondering
-
Not Synced
"Ok, where does my stuff come from?
Is it from a trusted source?"
-
Not Synced
And my crazy thoughts, maybe it's an
opportunity here
-
Not Synced
if Debian would become a source of trusted
binaries or even container images.
-
Not Synced
Thank you.
-
Not Synced
[Applause]
-
Not Synced
Next up, Pierre Pronchery, talking about
Manticore, DeepState and DeforaOS
-
Not Synced
Are you pretty much ready?
-
Not Synced
I think so.
-
Not Synced
Meanwhile, does anybody know any
dance routines, you know,
-
Not Synced
just to bridge over the time, because
I'm not going to.
-
Not Synced
I don't think I know any Jerks.
-
Not Synced
Hopefully nearly there.
-
Not Synced
You fling my phone from me.
-
Not Synced
It's ok, nobody calls me anyway.
-
Not Synced
I'm afraid I haven't got any more
announcements.
-
Not Synced
We are pleased to announce that there
are no current announcements available.
-
Not Synced
The news has been called off.
-
Not Synced
Do you actually have slides?
-
Not Synced
I'm wondering if we should your round.
-
Not Synced
Ok, right, we have the interval act, an
interpretive dance by Andrew Shadura
-
Not Synced
on the nature of git crecord being
for the win.
-
Not Synced
Well, you know, anything to bridge
the time, right?
-
Not Synced
If in doubt, make the font bigger.
-
Not Synced
Maybe I should give a lightning talk
about that.
-
Not Synced
I think I might, just at the very end, I'll
just disguise it as an announcement.
-
Not Synced
Ready?
-
Not Synced
There, no.
-
Not Synced
I prefer that.
-
Not Synced
Yes, but we don't.
-
Not Synced
Why?
-
Not Synced
Did you see what happened earlier?
-
Not Synced
What happened earlier?
-
Not Synced
Please use the hand microphone.
-
Not Synced
Ok.
-
Not Synced
Alright, listen to a man but not me.
-
Not Synced
[laughter]
-
Not Synced
Can you hear me?
-
Not Synced
So, I'm just going to show you a small
utility I wrote.
-
Not Synced
Actually, I didn't write it from scratch,
I just ported it from… Anyway.
-
Not Synced
Let's see, we've got a git diff of
-
Not Synced
things with a Debian package.
-
Not Synced
Lot's of changes, and I forgot to commit
them individually.
-
Not Synced
There's lots of patches and things,
-
Not Synced
I just want to, somehow, sort this out.
-
Not Synced
So I just run "git crecord" and suddenly
I can see all the things here.
-
Not Synced
I can unwrap the diffs…
-
Not Synced
What's happening with the ???
-
Not Synced
I can basically select individual bits
of the diff and…
-
Not Synced
Let's just deselect all things, commit
those, just a few.
-
Not Synced
There were just a few patches ???
-
Not Synced
so I'm going to commit them now,
yes, like refresh patches.
-
Not Synced
Let's say just "Refresh", just enough.
-
Not Synced
Oh, mmh.
-
Not Synced
It's not going to work, because I haven't
got a card
-
Not Synced
and I forgot to disable the…
-
Not Synced
I don't think I can, I don't remember,
I probably can't disable PGP signing unfortunately
-
Not Synced
it's not implemented yet.
-
Not Synced
Anyway.
-
Not Synced
Using this thing you can, it's better than…
-
Not Synced
How is it properly called.
-
Not Synced
It's better than the builtin ???
-
Not Synced
I can't even remember it's name.
-
Not Synced
That one.
-
Not Synced
I didn't exactly hear exactly what he said,
like "git patch something"
-
Not Synced
"git add --patch"
-
Not Synced
And there's an other one which is…
-
Not Synced
There's one a bit more interactive and
one which is a bit less interactive.
-
Not Synced
This is ??? interactive and there
will be more features.
-
Not Synced
It is actually, it was originally written
for mercurial
-
Not Synced
and this was a thing I really missed
when I had to use git
-
Not Synced
and now I don't have to anymore.
-
Not Synced
This is it.
-
Not Synced
It's in Debian, you can apt install it
if you prefer.
-
Not Synced
It's in Debian, you can apt install it
if you prefer,
-
Not Synced
or you can install it from source and
there would be more features later.
-
Not Synced
That's it.
-
Not Synced
Thank you
-
Not Synced
[Applause]
-
Not Synced
Now, Pierre Pronchery talking about
all the things that I said
-
Not Synced
he was going to talk about earlier.
-
Not Synced
One moment please.
-
Not Synced
[Applause]
-
Not Synced
Sorry about that, I didn't really plan
for this,
-
Not Synced
so I made the slides 5 minutes ago.
-
Not Synced
So, I'm Pierre Pronchery, thank you
for having me,
-
Not Synced
even if I'm actually an officiel NetBSD
developer,
-
Not Synced
but I'm been using Debian since 1999,
so maybe I'm alowed,
-
Not Synced
I'm also a security consultant, interested
in Kernel development,
-
Not Synced
security integration, and so on.
-
Not Synced
What you cannot see on the slides
right now is that
-
Not Synced
I'm also on the board of directors
of NetBSD.
-
Not Synced
So actually I'm in a good position to talk
about the project if you'd like to.
-
Not Synced
I would like to talk to you about Manticore
today.
-
Not Synced
It's a symbolic execution tool,
-
Not Synced
basically, it uses a CPU emulator, which
can be hardware assisted of course,
-
Not Synced
to run and analyze programs or algorithms,
so parts of programs on a simulated system
-
Not Synced
and one of the aims is actually
to make them crash
-
Not Synced
so to make extensive fuzzing and be very
efficient at fuzzing by possibly tracing
-
Not Synced
instructions and so on, whatever is going
on inside the program.
-
Not Synced
It supports static Linux binaries in 32-bits
and 64-bits modes,
-
Not Synced
also it supports ARM 32-bits, support is
ongoing for ARM 64-bits,
-
Not Synced
it also works with Ethereum bytecode.
-
Not Synced
There are official releases on GitHub,
it's already packaged in PkgSrc by myself
-
Not Synced
and I'm actually looking for volunteers
to package it for Debian
-
Not Synced
or possibly help me to do so.
-
Not Synced
I'm actually sponsored by Trail of Bits,
the developer of Manticore,
-
Not Synced
to work on this, which is also why
I'm here.
-
Not Synced
The companion to Manticore is called
DeepState,
-
Not Synced
it's specifically meant for Unit Testing
with symbolic execution.
-
Not Synced
It supports not just Manticore but also
an other backend for analyzing
-
Not Synced
running binaries,
-
Not Synced
It's called angr, this other backend,
which was developed as a side node
-
Not Synced
for the Cyber Grand challenge
of DARPA last year.
-
Not Synced
DeepState is currently packaged
in 2 separate packages in PkgSrc
-
Not Synced
by myself again,
-
Not Synced
unfortunately not yet fully upstream
in PkgSrc,
-
Not Synced
but basically I made one package with
??? binaries and then the Python bindings.
-
Not Synced
This is also on GitHub but with no official
release yet,
-
Not Synced
because this is a very young project still
-
Not Synced
so I'm also for a volunteer in Debian
to help me package that.
-
Not Synced
And then, a shameless addition, I'm also
a developer of, the main developer of
-
Not Synced
DeforaOS, an open source desktop
environment, and with some more parts
-
Not Synced
in the project,
-
Not Synced
I have about 50 repositories now in this.
-
Not Synced
I'm therefore also looking for volunteers
to package that into Debian,
-
Not Synced
there are still projects we haven't
packaged yet, as far as I know.
-
Not Synced
So, since I'm here, I figured I could
as well get my PGP key signed,
-
Not Synced
I suppose it's one of the steps to become
a developer
-
Not Synced
and if there are more, I've heard
there are plenty,
-
Not Synced
then please help me out with this, I'll
welcome any assistance doing that.
-
Not Synced
Alright. Thank you.
-
Not Synced
[Applause]
-
Not Synced
Thank you very much.
-
Not Synced
I guess that's it.
-
Not Synced
The next lightning talk session that I'm
aware of is at DebConf18 in Taiwan.
-
Not Synced
I hope to see as many of you as possible
there.
-
Not Synced
Off you go, lunch time.
-
Not Synced
[Applause]
Debconf
