Planet Linux Australia
Does anyone know of a Linux support company that provides 24*7 support to Ruby and PHP applications? I have a client that is looking for such a company.
Also I’m looking for more consulting work. If anyone knows of an organisation that needs some SE Linux consulting, or support for any of the FOSS software I’ve written then let me know. I take payment by Paypal and Bitcoin as well as all the usual ways. I can make a private build of any of my FOSS software to suit your requirements or if you want features that could be used by other people (and don’t conflict with the general use cases) I can add them on request. Small changes start at $100.
Most zombie movies feature shuffling hordes which prefer to eat brains but also generally eat any human flesh available. Because in most movies (pretty much everything but the 28 Days Later series ) zombies move slowly they rely on flocking to be dangerous.
Generally the main way of killing zombies is severe head injury, so any time zombies succeed in their aim of eating brains they won’t get a new recruit for their horde. The TV series iZombie  has zombies that are mostly like normal humans as long as they get enough brains and are smart enough to plan to increase their horde. But most zombies don’t have much intelligence and show no signs of restraint so can’t plan to recruit new zombies. In 28 Days Later the zombies aren’t smart enough to avoid starving to death, in contrast to most zombie movies where the zombies aren’t smart enough to find food other than brains but seem to survive on magic.
For a human to become a member of a shuffling horde of zombies they need to be bitten but not killed. They then need to either decide to refrain from a method of suicide that precludes becoming a zombie (gunshot to the head or jumping off a building) or unable to go through with it. Most zombie movies (I think everything other than 28 Days Later) has the transition process taking some hours so there’s plenty of time for an infected person to kill themself or be killed by others. Then they need to avoid having other humans notice that they are infected and kill them before they turn into a zombie. This doesn’t seem likely to be a common occurrence. It doesn’t seem likely that shuffling zombies (as opposed to the zombies in 28 Days Later or iZombie) would be able to form a horde.
In the unlikely event that shuffling zombies managed to form a horde that police couldn’t deal with I expect that earth-moving machinery could deal with them quickly. The fact that people don’t improvise armoured vehicles capable of squashing zombies is almost as ridiculous as all the sci-fi movies that feature infantry.
It’s obvious that logic isn’t involved in the choice of shuffling zombies. It’s more of a choice of whether to have the jump-scare aspect of 18 Days Later, the human-drama aspect of zombies that pass for human in iZombie, or the terror of a slowly approaching horrible fate that you can’t escape in most zombie movies.
I wonder if any of the music streaming services have a horror-movie playlist that has screechy music to set your nerves on edge without the poor plot of a horror movie. Could listening to scary music in the dark become a thing?
-  https://en.wikipedia.org/wiki/28_Days_Later
-  https://en.wikipedia.org/wiki/IZombie_(TV_series)
Some of the best examples I’ve seen of anarchy working have been in corporate environments. This doesn’t mean that they were perfect or even as good as a theoretical system in which a competent manager controlled everything, but they often worked reasonably well.
In a well functioning team members will encourage others to do their share of the work in the absence of management. So when the manager disappears (doesn’t visit the team more than once a week and doesn’t ask for any meaningful feedback on how things are going) things can still work out. When someone who is capable of doing work isn’t working then other people will suggest that they do their share. If resources for work (such as a sufficiently configured PC for IT work) aren’t available then they can be found (abandoned PCs get stripped and the parts used to upgrade the PCs that need it most).
There was one time where a helpdesk worker who was about to be laid off was assigned to the same office as me (apparently making all the people in his group redundant took some time). So I started teaching him sysadmin skills, assigned work to him, and then recommended that my manager get him transferred to my group. That worked well for everyone.
One difficult case is employees who get in the way of work being done, those who are so incompetent that they break enough things to give negative productivity. One time when I was working in Amsterdam I had two colleagues like that, it turned out that the company had no problem with employees viewing porn at work so no-one asked them to stop looking at porn. Having them paid to look at porn 40 hours a week was much better than having them try to do work. With anarchy there’s little option to get rid of bad people, so just having them hang out and do no work was the only option. I’m not advocating porn at work (it makes for a hostile work environment), but managers at that company did worse things.
One company I worked for appeared (from the non-management perspective) to have a management culture of doing no work. During my time there I did two “annual reviews” in two weeks, and the second was delayed by over 6 months. The manager in question only did the reviews at that time because he was told he couldn’t be promoted until he got the backlog of reviews done, so apparently being more than a year behind in annual reviews was no obstacle to being selected for promotion. On one occasion I raised the issue of a colleague who had done no work for over a year (and didn’t even have a PC to do work) with that manager, his response was “what do you expect me to do”! I expected him to do anything other than blow me off when I reported such a serious problem! But in spite of that strictly work-optional culture enough work was done and the company was a leader in it’s field.
There has been a lot of research into the supposed benefits of bonuses etc which usually turn out to reduce productivity. Such research is generally ignored presumably because the people who are paid the most are the ones who get to decide whether financial incentives should be offered so they choose the compensation model for the company that benefits themselves. But the fact that teams can be reasonably productive when some people are paid to do nothing and most people have their work allocated by group consensus rather than management plan seems to be a better argument against the typical corporate management.
I think it would be interesting to try to run a company with an explicit anarchic management and see how it compares to the accidental anarchy that so many companies have. The idea would be to have minimal management that just does the basic HR tasks (preventing situations of bullying etc), a flat pay rate for everyone (no bonuses, pay rises, etc) and have workers decide how to spend money for training, facilities, etc. Instead of having middle managers you would have representatives elected from each team to represent their group to senior management.
PS Australia has some of the strictest libel laws in the world. Comments that identify companies or people are likely to be edited or deleted.
Lev Lafayette: Teaching High Throughput Computing: An International Comparison of Andragogical Techniques
The importance of High Throughput Computing (HTC), whether through high performance or cloud-enabled, is a critical issue for research institutions as data metrics are increasing at a rate greater than the capacity of user systems . As a result nascent evidence suggests higher research output from institutions that provide access to HTC facilities. However the necessary skills to operate HTC systems is lacking from the very research communities that would benefit from them.
High Performance Computing systems offer excellent metrics for speed and efficiency when using bare metal hardware, a high speed interconnect, and parallel applications. This however does not represent a significant portion of scientific computational tasks. In contrast cloud computing has provided management and implementation flexibility at a cost of performance. We therefore suggest two approaches to make HPC resources available in a dynamically reconfigurable hybrid HPC/Cloud architecture. Both can can be achieved with few modifications to existing HPC/Cloud environments.
This year, the Kernel Summit is divided into two components:
- An invitation-only maintainer summit of 30 people total, and;
- An open kernel summit technical track which is open to all attendees of OSS Europe.
The security session is part of the latter. The preliminary agenda for the kernel summit technical track was announced by Ted Ts’o here:
There is also a preliminary agenda for the security session, here:
Currently, the agenda includes an update from Kees Cook on the Kernel Self Protection Project, and an update from Jarkko Sakkinen on TPM support. I’ll provide a summary of the recent Linux Security Summit, depending on available time, perhaps focusing on security namespacing issues.
This agenda is subject to change and if you have any topics to propose, please send an email to the ksummit-discuss list.
Two months ago, Troy Hunt, the security professional behind Have I been pwned?, released an incredibly comprehensive password list in the hope that it would allow web developers to steer their users away from passwords that have been compromised in past breaches.
While the list released by HIBP is hashed, the plaintext passwords are out there and one should assume that password crackers have access to them. So if you use a password on that list, you can be fairly confident that it's very easy to guess or crack your password.
I wanted to check my active passwords against that list to check whether or not any of them are compromised and should be changed immediately. This meant that I needed to download the list and do these lookups locally since it's not a good idea to send your current passwords to this third-party service.
PLEASE NOTE NEW LOCATION
Tuesday, November 7, 2017
6:30 PM to 8:30 PM
Mail Exchange Hotel
688 Bourke St, Melbourne VIC 3000
Mail Exchange Hotel, 688 Bourke St, Melbourne VIC 3000
Food and drinks will be available on premises.
Linux Users of Victoria is a subcommittee of Linux Australia.November 7, 2017 - 18:30
Eight years ago I installed a pack of 36 Lithium cells in my EV. After about 50,000km and several near-death battery pack experiences (over discharge) the range decreased beneath a useful level so I have just purchased a new pack.
Same sort of cells, CALB 100AH, 3.2V per cell (80km range). The pack was about AUD$6,000 delivered and took an afternoon to install. I’ve adjusted my Zivan NG3 to cut out at an average of 3.6 v/cell (129.6V), and still have the BMS system that will drop out the charger if any one cell exceeds 4.1V.
The original pack was rated at 10 years (3000 cycles) and given the abuse we subjected it to I’m quite pleased it lasted 8 years. I don’t have a fail-safe battery management system like a modern factory EV so we occasionally drove the car when dead flat. While I could normally pick this problem quickly from the instrumentation my teenage children tended to just blissfully drive on. Oh well, this is an experimental hobby, and mistakes will be made. The Wright brothers broke a few wings……
I just took the car with it’s new battery pack for a 25km test drive and all seems well. The battery voltage is about 118V at rest, and 114V when cruising at 60 km/hr. It’s not dropping beneath 110V during acceleration, much better than the old pack which would sag beneath 100V. I guess the internal resistance of the new cells is much lower.
I plan to keep driving my little home-brew EV until I can by a commercial EV with a > 200km range here in Australia for about $30k, which I estimate will happen around 2020.
It’s nice to have my little EV back on the road.
I have returned to cycling a couple weeks ago and I am taking part in the MS Sydney to the Gong Ride - The Ride to Fight Multiple Sclerosis.
Though it would be a huge fun and a great challenge to ride over 80km along the Sydney coast, this is a fundraising event and entry fee only covers event staging costs. Every dollar you DONATE will go directly to ensuring the thousands of Australians with multiple sclerosis are able to receive the support and care they need to live well.
Please DONATE now to support my ride and change the lives of Australians living with multiple sclerosis.
Thank you for your support.
Sanjeev Sharma – When DevOps met SRE: From Apollo 13 to Google SRE
- Author of Two DevOps Bookks
- Apollo 13
- Who were the real heroes? The guys back at missing control. The Astronaunts just had to keep breathing and not die
- Best Practice for Incident management
- Consider Alternatives
- Change it around
- Big Hurdles to adoption of DevOps in Enterprise
- Literature is Only looking at one delivery platform at a time
- Big enterprise have hundreds of platforms with completely different technologies, maturity levels, speeds. All interdependent
- He Divides
- Industrialised Core – Value High, Risk Low, MTBF
- Agile/Innovation Edge – Value Low, Risk High, Rapid change and delivery, MTTR
- Need normal distribution curve of platforms across this range
- Need to be able to maintain products at both ends in one IT organisation
- 6 capabilities needed in IT Organisation
- Planning and architecture.
- Your Delivery pipeline will be as fast as the slowest delivery pipeline it is dependent on
- Modernizing to Microservices based architecture: Refactoring code and data and defining the APIs
- Application Deployment Automation and Environment Orchestration
- Devs are paid code, not maintain deployment and config scripts
- Ops must provide env that requires devs to do zero setup scripts
- Test Service and Environment Virtualisation
- If you are doing 2week sprints, but it takes 3-weeks to get a test server, how long are your sprints
- Release Management
- No good if 99% of software works but last 1% is vital for the business function
- Operational Readiness for SRE
- Shift between MTBF to MTTR
- MTTR = Mean time to detect + Mean time to Triage + Mean time to restore
- + Mean time to pass blame
- Antifragile Systems
- Things that neither are fragile or robust, but rather thrive on chaos
- Cattle not pets
- Servers may go red, but services are always green
- DevOps: “Everybody is responsible for delivery to production”
- SRE: “(Everybody) is responsible for delivering Continuous Business Value”
- Planning and architecture.
Marcus Bristol (Pushpay) – Moving fast without crashing
- Low tolerance for errors in production due to being in finance
- Deploy twice per day
- Just Culture – Balance safety and accountability
- What rule?
- Who did it?
- How bad was the breach?
- Who gets to decide?
- Example of Retributive Culture
- KPIs reflect incidents.
- If more than 10% deploys bad then affect bonus
- Reduced number of deploys
- Restorative Culture
- Blameless post-mortem
- Can give detailed account of what happened without fear or retribution
- Happens after every incident or near-incident
- Written Down in Wiki Page
- So everybody has the chance to have a say
- Summary, Timeline, impact assessment, discussion, Mitigations
- Mitigations become highest-priority work items
- Our Process
- Feature Flags
- Lots of small PRs
- Code Review
- Testers paired to devs so bugs can be fixed as soon as found
- Automated tested
- Pollination (reviews of code between teams)
- Posts to Slack when feature flag has been changed
- Nags about feature flags that seems to be hanging around in QA
- Nags about Flags that have been good in prod for 30+ days
- Every merge
- PRs awaiting reviews for long time (days)
- Missing postmortun migrations
- Status of builds in build farm
- When deploy has been made
- Health of API
- Answer queries on team member list
- Create ship train of PRs into a build and user can tell bot to deploy to each environment
Michael Coté – Not actually a DevOps Talk
- Goal: deliver value, weekly reliably, with small patches
- Management must be the first to fail and transform
- Standardize on a platform: special snow flakes are slow, expensive and error prone (see his slide, good list of stuff that should be standardize)
- Ramping up: “Pilot low-risk apps, and ramp-up”
- Pair programming/working
- Half the advantage is people speed less time on reddit “research”
- Don’t go to meetings
- Automate compliance, have what you do automatic get logged and create compliance docs rather than building manually.
- Crafting Your Cloud-Native Strategy
Sajeewa Dayaratne – DevOps in an Embedded World
- Challenges on Embedded
- Hardware – resource constrinaed
- Debugging – OS bugs, Hardware Bugs, UFO Bugs – Oscilloscopes and JTAG connectors are your friend.
- Environment – Thermal, Moisture, Power consumption
- Deploy to product – Multi-month cycle, hard of impossible to send updates to ships at sea.
- Principles of Devops , equally apply to embedded
- High Frequency
- Reduce overheads
- Improve defect resolution
- Reduce response times
- Small Sonar, Navigation for medium boats, Displays for sail (eg Americas cup). Navigation displays for large ships
- Dev around world, factory in Mexico
- 5 million lines of code
- 61 Hardware Products supported – Increasing steadily, very long lifetimes for hardware
- Complex network of products – lots of products on boat all connected, different versions of software and hardware on the same boat
- Old codebase
- Backward compatible with old hardware
- Needs to support new hardware
- Desire new features on all products
- What does this mean
- Defects were found too late
- Very high cost of bugs found late
- Software stabilization taking longer
- Manual test couldn’t keep up
- Cost increasing , including opportunity cost
- Does CI/CD provide answer?
- But will it work here?
- Case Study from HP. Large-Scale Agile Development by Gary Gruver
- Our Plan
- Improve tolls and archetecture
- Build Speeds
- Automated testing
- Code quality control
- Previous VCS
- Proprietary tool with limit support and upgrades
- Limited integration
- Lack of CI support
- No code review capacity
- Move to git
- Code reviews
- Integrated CI
- Supported by tools
- Had a configurable codebase already
- Fairly common hardware platform (only 9 variations)
- Had runtime feature flags
- Cyclic dependancies – 1.5 years to clean these up
- Singletons – cut down
- Promote unit testability – worked on
- Many branches – long lived – mega merges
- Went to a single Branch model, feature flags, smaller batch sizes, testing focused on single branch
- Improve build speed
- Start 8 hours to build Linux platform, 2 hours for each app, 14+ hours to build and package a release
- Increase speed
- Parallel Builds
- What did
- 4-5hs down to 1h
- Test automation
- Existing was mock-ups of the hardware to not typical
- Started with micro-test
- Unit testing (simulator)
- Unit testing (real hardware)
- Build Tools
- Software tools (n2k simulator, remote control)
- Hardware tools ( Mimic real-world data, re purpose existing stuff)
- UI Test Automation
- Build or Buy
- Functional testing vs API testing
- HW Test tools
- Took 6 hours to do full test on hardware.
- Commit -> pull request
- Automated Build / Unit Tests
- Daily QA Build
- Configuration as code
- Code Quality tools
- Simulate more hardware
- Increase analytics and reporting
- Fully simulated test env for dev (so the devs don’t need the hardware)
- Scale – From internal infrastructure to the cloud
- Grow the team
- Lessons Learnt
- Collect Data
- Get Executive Buy in
- Change your tolls and processes if needed
- Test automation is the key
- Invest in HW
- Focus on good software design for Everything