You are here


Antoine Lefeuvre on The Web, Worldwide: The Culinary Model of Web Design

a list apart - Thu 25th Sep 2014 22:09

We call ourselves information architects, web designers or content strategists, among other job titles in the industry, including the occasional PHP ninja or SEO rockstar. The web does owe a lot to fields like architecture, industrial design, or marketing. I still haven’t met an interaction cook or maitre d’optimization, though. No web makers turn to chefs for inspiration, one might say.

Well, some do. Let me take you, s’il vous plaît, to Lyon, France, where people think sliced bread is the greatest thing since the internet.

Just a hundred miles from the web’s birthplace at CERN in Geneva lies Lyon, France’s second biggest city. It’s no internet mecca, but that doesn’t mean there are no lessons to be learned from how people make the web there. Unlike many places in the world where the latest new thing is everyone’s obsession, entrepreneurs in Lyon are quite interested in… the nineteenth century! What they’re analyzing is their city’s greatest success, its cuisine.

If Lyon’s food scene today is one the world’s best—even outshining Paris’ according to CNN, this is thanks to the Mères lyonnaises movement. These “mothers” were house cooks for Lyon’s rich people, who decided to emancipate and launch their own start-ups: humble restaurants aiming at top-quality food, not fanciness. The movement begun in the nineteenth century only grew bigger in the twentieth, when the Mères passed on their skills and values to the next generation. Their most famous heir is superstar chef Paul Bocuse, who has held the Michelin three-star rating longer than any other, and who began as the apprentice of Mère Eugénie Brazier, the mother of modern French cooking and one of the very first three-star chefs in 1928. “There’s a real parallel between the ecosystem the Mères started and what we want to achieve,” says Grégory Palayer, president of the aptly named local trade association La Cuisine du Web. To recreate the Mères’ recipe for success, the toqués—the nickname meaning both “chef’s hat” and “crazy” that’s given to La Cuisine du Web members—have identified its ingredients: networking, media support, funding, and transmitting skills and knowledge. Not to mention a secret plus: joie de vivre. “Parisians and Europeans are often surprised to see we can spend two hours having lunch,” says Grégory. “This is how we conduct business here!”

Lyon’s designers too have their nineteenth-century hero in Auguste Escoffier, the celebrity chef of his age. He began his career as a kitchen boy in his uncle’s restaurant and ended up running the kitchens in London’s most luxurious hotels. Renowned as “the Chef of Kings and the King of Chefs,” Escoffier was also a serial designer: his creations include Peach Melba, Crêpe Suzette, and the Cuisine classique style. He even experimented in a culinary form of design under constraint while in the army during the 1870 Franco-Prussian War, using horse meat for ordinary meals to save scarce beef for the wounded, and inventing 1,001 recipes with turnip, the only readily available vegetable on the front lines. Escoffier did much to improve and structure his industry. He was the first head of the WACS, the chefs’ W3C, and revolutionized not only French cooking, but the way restaurants worldwide are run, by championing documentation, standardization, and professionalism.

In his talk “Interaction Béchamel” at the Interaction 14 conference in Amsterdam, Lyon’s IxDA leader Guillaume Berry explained how the life and work of Escoffier could influence web design. Guillaume comes from a family of food lovers and makers. Himself a visual designer and an amateur cook, he is greatly inspired in his daily work by cuisine. “It’s all about quality ingredients and preparing them. I’ve realized this while chopping vegetables—a task often neglected or disliked.” The web’s raw ingredients are copy, images, videos: “Even a starred chef won’t be able to cook a proper dish with low-quality ingredients. Don’t expect a web designer to do wonders without great content.”

Just as Escoffier took Ritz customers on a kitchen tour, Guillaume recommends explaining to your clients how their site or app has been cooked. The more open and understood our design processes are, the more their value will be recognized. Have you ever been running late and prepared dinner in a rush? I have and it was, unsurprisingly, a disaster. So tell your clients their website is nothing but a good meal; it takes time to make it a memorable experience.

Looking back at other industries helps us see what’s ahead in ours. What could be the web’s answer to slow food, organic farming, or rawism? “How many interactions a day is it healthy for us to have?” asks Guillaume. He adds, “Cooks have a huge responsibility because depending on how they prepare the food they can make people sick.” Are we designers that powerful? Oh yes, and more—we destroyed the world, after all.

No, the web industry isn’t free of junk food. When we create apps that make a smartphone obsolete after two years: junk food. When we believe email is dead and Facebook is the new communication standard: junk food. When we design only for the latest browsers and fastest connections: junk food.

If we’re ready to move from “more” to “better,” let’s remember these simple rules from Eugénie Brazier: 1. Pick your ingredients very carefully; 2. Home-made first; 3. A flashy presentation won’t save a poor dish.

Categories: thinktime

Symptoms and diseases

Seth Godin - Thu 25th Sep 2014 19:09
A fever is a symptom. There's an underlying disease that causes it. Giving you a fever (sitting in a sauna) doesn't make you sick, and getting rid of the fever (in a cold bath, for example) doesn't always get rid...         Seth Godin
Categories: thinktime

Craige McWhirter: Enabling OpenStack Roles To Resize Volumes Via Policy

Planet Linux Australia - Thu 25th Sep 2014 14:09

If you have volume backed OpenStack instances, you may need to resize them. In most usage cases you'll want to have un-privileged users resize the instances. This documents how you can modify the Cinder policy to allow tenant members assigned to a particular role to have permissions to resize volumes.

  • You've already created your OpenStack tenant.
  • You've already created your OpenStack user.
  • You know how to allocate roles to users in tenants.
Select the Role

You will need to create or identify a suitable role. In this example I'll use "Support".

Modify policy.json

Once the role has been created or identified, add these lines to the /etc/cinder/policy.json on the Cinder API server(s):

"context_is_support": [["role:Support"]], "admin_or_support": [["is_admin:True"], ["rule:context_is_support"]],

Modify "volume_extension:volume_admin_actions:reset_status" to use the new context:

"volume_extension:volume_admin_actions:reset_status": [["rule:admin_or_support"]], Add users to the role

Add users who need priveleges to resize volumes to the role SupportAdmin in their tennant.

The users you have added to the "Support" role should now be able to resize volumes.

Categories: thinktime

Untangling Antoni Gaudí’s multidimensional mysteries

Professor Mark Burry, Director, RMIT Design Research Institute 15 October 2014 - 6:00pm - 7:00pm The R Douglas Wright Lecture 2014 will be delivered by Professor Mark Burry. Professor Burry is the Founding Director of RMIT Design Research Institute. He has published internationally on two main themes: the life and work of the architect Antoni Gaudí, and putting theory into practice with regard to 'challenging' architecture.


read more

Categories: thinktime

It Was Just A Thing

a list apart - Wed 24th Sep 2014 22:09

A little less than two months ago, I wrote about the most dangerous word in software development: just. A lot of assumptions hide behind that seemingly harmless word, but there’s another side to it.

“It was just a thing we built to deploy our work to staging.”

“It was just a little plugin we built to handle responsive tab sets.”

“It was just a way to text a bunch of our friends at the same time.”

Some of the best and most useful things we build have humble beginnings. Small side projects start with a sapling of an idea—something that can be built in a weekend, but will make our work a little easier, our lives a little better.

We focus on solving a very specific problem, or fulfilling a very specific need. Once we start using the thing we’ve built, we realize its full potential. We refine our creation until it becomes something bigger and better. By building, using, and refining, we avoid the pitfalls of assumptions made by the harmful use of the word “just” that I warned about:

Things change when something moves from concept to reality. As Dave Wiskus said on a recent episode of Debug, “everything changes when fingers hit glass.”

But the people who build something shouldn’t be the only ones who shape its future. When Twitter was founded, it was just a way to text a bunch of friends at once. The way that people used Twitter in the early days helped determine its future. Retweets, @username mentions, and hashtags became official parts of Twitter because of those early usage patterns.

Embrace the small, simple, focused start, and get something into people’s hands. Let usage patterns inform refinements, validate assumptions, and guide you to future success. It’s more than okay to start by building “just a thing”—in fact, I suggest it.

Categories: thinktime

Gabriel Noronha: EVSE for Sun Valley Toursit Park

Planet Linux Australia - Wed 24th Sep 2014 21:09

So you might of seen a couple posts about Sun Valley Tourist Park, that is because we visit there a lot to visit grandma and grandpa (wife’s parents) .  So we decided because its outside of our return range we have to charge there to get home if we take the I-MIEV. but with the Electric Vehicle Supply Equipment (EVSE) that comes with the car limits the charge rate to 10amps max. So we convinced the park to install a 32amp EVSE.  This allow us to charge at the I-MIEV full rate of 13amps so 30% faster.

Aeroviroment EVSE-RS at Sun Valley

If you want to know more about the EVSE it’s an Aeroviroment EVSE RS.  It should work fine with the Holden volt, Mitsubishi Outlander PHEV, I-MIEV 2012 or later (may not work with 2010 models) and the Nissan LEAF.

If you are in the central coast and want somewhere to charge you can find the details on how to contact the park on plugshare. It’s available for public use depend on how busy the park is and the driver paying a nominal fee to cover electricity , and the driver phones ahead, during office hours.


Categories: thinktime

Andrew Pollock: [life] Day 238: Picnic play date in Roma Street Parklands with a side trip to the museum

Planet Linux Australia - Wed 24th Sep 2014 21:09

School holidays are a good time for Zoe to have a weekday play date with my friend Kim's daughter Sarah, and we'd lined up a picnic in Roma Street Parklands today.

Zoe had woken up at about 1:30am with a nightmare, and subsequently slept in. It had taken me forever to get back to sleep, so I was pretty tired and slept a bit late too.

We got going eventually, and narrowly missed a train, so had to wait for the next one. We got into the Parklands pretty much on time, and despite the drizzly weather, had a nice morning making our way around the gardens.

The weather progressively improved by lunchtime, and after an early lunch, Kim and kids headed home, and we headed into the museum.

Unfortunately I was wrong about which station we had to get off to go to the museum, and we got off at Southbank rather than South Brisbane and had a long, slow walk of shame to get to the museum.

We used the freebie tickets I'd gotten to see the Deep Oceans exhibit, before heading home. I love the museum's free cloaking service, as it allowed me to divest myself of picnic blankets, my backpack and the Esky while we were at the museum.

While we were making the long walk of shame to the museum, I got a call from the car repairer to say that my car was ready, so after we returned to the rental car at the train station we drove directly to the repairer and collected the car, which involved a lot of shuffling of car contents and car seats. I then thought I'd lost my car key, and that involved an unnecessary second visit back to the car rental place on foot before I discovered it was in my pocket all along.

When we got home, Zoe wanted to play pirates again with our chocolate gold coins. What we wound up playing was a variant of "hide the thimble" in her bedroom, where she hid the chocolate gold coins all over the place, and then proceeded to show me where she'd hidden them all. It was very cute.

There was a tiny bit of TV before Sarah arrived to pick up Zoe.

Categories: thinktime

Andrew Pollock: [life] Day 237: A day with the grandparents and a lot cooking

Planet Linux Australia - Wed 24th Sep 2014 21:09

Yesterday was a pretty full on day. I had to drop the car off to get the rear bumper replaced, and I also had to get to my Thermomix Consultant practical training by 9:30am.

I'd arranged to drop the car off at 8am and then pick up a rental car, and Mum was coming to collect Zoe at 8:30am. Zoe woke up at a good time, and we managed to get going extra early, so I dropped the car off early and was picking up the rental car before 8am.

Mum also arrived extra early, so I used the additional time to swing by the Valley to check my PO box, as I had a suspicion my Thermomix Consultant kit might have arrived, and it had.

I then had to get over to my Group Leader's house to do the practical training, which consisted of watching and giving a demo, with a whole bunch of advice and feedback along the way. It was a long day of much cooking, but it was good to get all of the behind the scenes tricks on how to prepare for a demo, give the demo and have it all run smoothly and to schedule.

I then headed over to Mum and Dad's for dinner. Zoe had had a great day, and my Aunty Peggy was also down from Toowoomba. We stayed for dinner and then headed home. I managed to get Zoe to bed more or less on time.

Categories: thinktime

Tim Serong: Something Like a Public Consultation

Planet Linux Australia - Wed 24th Sep 2014 19:09

The Australian government often engages in public consultation on a variety of matters. This is a good thing, because it provides an opportunity for us to participate in our governance. One such recent consultation was from the Attorney-General’s Department on Online Copyright Infringement. I quote:

On 30 July 2014, the Attorney-General, Senator the Hon George Brandis, and the Minister for Communications Malcolm Turnbull MP released a discussion paper on online copyright infringement.

Submissions were sought from interested organisations and individuals on the questions outlined in the discussion paper and on other possible approaches to address this issue.

Submissions were accepted via email, and there was even a handy online form where you could just punch in your answers to the questions provided. The original statement on publishing submissions read:

Submissions received may be made public on this website unless otherwise specified. Submitters should indicate whether any part of the content should not be disclosed to the public. Where confidentiality is requested, submitters are encouraged to provide a public version that can be made available.

This has since been changed to:

Submissions received from peak industry groups, companies, academics and non-government organisations that have not requested confidentiality are being progressively published on the Online copyright infringement—submissions page.

As someone who in a fit of inspiration late one night (well, a fit of some sort, but I’ll call it inspiration), put in an individual submission I am deeply disappointed that submissions from individuals are apparently not being published. Geordie Guy has since put in a Freedom of Information request for all individual submissions, but honestly the AGD should be publishing these. It was after all a public consultation.

For the record then, here’s my submission:

Question 1: What could constitute ‘reasonable steps’ for ISPs to prevent or avoid copyright infringement?

In our society, internet access has become a necessary public utility.  We communicate with our friends and families, we do our banking, we purchase and sell goods and services, we participate in the democratic process; we do all these things online.  It is not the role of gas, power or water companies to determine what their customers do with the gas, power or water they pay for.  Similarly, it is not the role of ISPs to police internet usage.

Question 2: How should the costs of any ‘reasonable steps’ be shared between industry participants?

Bearing in mind my answer to question 1, any costs incurred should rest squarely with the copyright owners.

Question 3: Should the legislation provide further guidance on what would constitute ‘reasonable steps’?

The legislation should explicitly state that:

  1. Disconnection is not a reasonable step given that internet access is a necessary public utility.
  2. Deep packet inspection, or any other technological means of determining the content, or type of content being accessed by a customer, is not a reasonable step as this would constitute a gross invasion of privacy.
Question 4: Should different ISPs be able to adopt different ‘reasonable steps’ and, if so, what would be required within a legislative framework to accommodate this?

Given that it is not the role of ISPs to police internet usage (see answer to question 1), there are no reasonable steps for ISPs to adopt.

Question 5: What rights should consumers have in response to any scheme or ‘reasonable steps’ taken by ISPs or rights holders? Does the legislative framework need to provide for these rights?

Consumers need the ability to freely challenge any infringement notice, and there must be a guarantee they will not be disconnected.  The fact that an IP address does not uniquely identify a specific person should be enshrined in legislation.  The customer’s right to privacy must not be violated (see point 2 of answer to question 3).

Question 6: What matters should the Court consider when determining whether to grant an injunction to block access to a particular website?

As we have seen with ASIC’s spectacularly inept use of section 313 of Australia’s Telecommunications Act to inadvertently block access to 250,000 web sites, such measures can and will result in wild and embarrassing unintended consequences.  In any case, any means employed in Australia to block access to overseas web sites is exceedingly trivial to circumvent using freely available proxy servers and virtual private networks.  Consequently the Court should not waste its time granting injunctions to block access to web sites.

Question 7: Would the proposed definition adequately and appropriately expand the safe harbour scheme?

The proposed definition would seem to adequately and appropriately expand the safe harbour scheme, assuming the definition of “service provider” extends to any person or entity who provides internet access of any kind to any other person or entity.  For example, if my personal internet connection is also being used by a friend, a family member or a random passerby who has hacked my wifi, I should be considered a service provider to them under the safe harbour scheme.

Question 8: How can the impact of any measures to address online copyright infringement best be measured?

I am deeply dubious of the efficacy and accuracy of any attempt to measure the volume and impact of copyright infringement.  Short of actively surveilling the communications of the entire population, there is no way to accurately measure the volume of copyright infringement at any point in time, hence there is no way to effectively quantify the impact of any measures designed to address online copyright infringement.

Even if the volume of online copyright infringement could be accurately measured, one cannot assume that an infringing copy equates to a lost sale.  At one end of the spectrum, a single infringing copy could have been made by someone who would never have been willing or able to pay for access to that work.  At the other end of the spectrum, a single infringing copy could expose a consumer to a whole range of new media, resulting in many purchases that never would have occurred otherwise.

Question 9: Are there alternative measures to reduce online copyright infringement that may be more effective?

There are several alternative measures that may be more effective, including:

  1. Content distributors should ensure that their content is made available to the Australian public at a reasonable price, at the same time as releases in other countries, and absent any Digital Restrictions Management technology (DRM, also sometimes erroneously termed Digital Rights Management, which does more to inconvenience legitimate purchasers than it does to curb copyright infringement).
  2. Content creators and distributors should be encouraged to update their business models to accommodate and take advantage of the realities of ubiquitous digital communications.  For example, works can be made freely available online under liberal licenses (such as Creative Commons Attribution Share-Alike) which massively increases exposure, whilst also being offered for sale, perhaps in higher quality on physical media, or with additional bonus content in the for-purchase versions.  Public screenings, performances, displays, commissions and so forth (depending on the media in question) will contribute further income streams all while reducing copyright infringement.
  3. Australian copyright law could be amended such that individuals making copies of works (e.g. downloading works, or sharing works with each other online) on a noncommercial basis does not constitute copyright infringement.  Changing the law in this way would immediately reduce online copyright infringement, because a large amount of activity currently termed infringement would no longer be seen as such.

Finally, as member of Pirate Party Australia it would be remiss of me not to provide a link to the party’s rather more detailed and well-referenced submission, which thankfully was published by the AGD. We’ve also got a Pozible campaign running to raise funds for an English translation of the Dutch Pirate Bay blocking appeal trial ruling, which will help add to the body of evidence demonstrating that web site blocking is ineffective.

Categories: thinktime

Feeling the heat

Seth Godin - Wed 24th Sep 2014 19:09
When things get dicey, we notice that some people are feeling the heat. Others are just fine, doing their work, unfazed by the situation. The thing is, it's not the heat that's actually the issue. It's the feeling. How you...         Seth Godin
Categories: thinktime

Craige McWhirter: Resizing a Root Volume for an Openstack Instance

Planet Linux Australia - Wed 24th Sep 2014 17:09

This documents how to resize an OpenStack instance that has it's root partition backed by a volume. In this circumstance "nova resize" will not resize the diskspace as expected.

Assumptions: Shutdown the instance you wish to resize

Check the status of the source VM and stop it if it's not already:

$ nova list +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ | 4fef1b97-901e-4ab1-8e1f-191cb2f75969 | ResizeMe0 | ACTIVE | - | Running | Tutorial= | +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ $ nova stop ResizeMe0 $ nova list +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-----------+---------+-----------+- ------------+---------------------------------------------+ | 4fef1b97-901e-4ab1-8e1f-191cb2f75969 | ResizeMe0 | SHUTOFF | - | Running | Tutorial= | +--------------------------------------+-----------+---------+------------+- ------------+---------------------------------------------+ Identify and extend the volume

Obtain the ID of the volume attached to the instance:

$ nova show ResizeMe0 | grep volumes | os-extended-volumes:volumes_attached | [{"id": "616dbaa6-f5a5-4f06-9855-fdf222847f3e"}] |

Set the volume's state to be "available" to so we can resize it:

$ cinder reset-state --state available 616dbaa6-f5a5-4f06-9855-fdf222847f3e $ cinder show 2f8f0dc2-3c39-48a4-80ad-afe62de095d0 | grep " status " | status | available |

Extend the volume to the desired size:

$ cinder extend 616dbaa6-f5a5-4f06-9855-fdf222847f3e 4

Set the status back to being in use:

$ cinder reset-state --state in-use 616dbaa6-f5a5-4f06-9855-fdf222847f3e Start the instance back up again

Start the instance again:

$ nova start ResizeMe0

Voila! Your old instance is now running with an increased disk size as requested.

Categories: thinktime

Russell Coker: Cheap 3G Data in Australia

Planet Linux Australia - Wed 24th Sep 2014 17:09
The Request

I was asked for advice about cheap 3G data plans. One of the people who asked me has a friend with no home Internet access, the friend wants access but doesn’t want to pay too much. I don’t know whether the person in question can’t use ADSL/Cable (maybe they are about to move house) or whether they just don’t want to pay for it.

3G data in urban areas in Australia is fast enough for most Internet use. But it’s not good for online games or VOIP. It’s also not very useful for Youtube and other online video. There is a variety of 3G speed testing apps for Android phones and there are presumably similar apps for the iPhone. Before signing up for 3G at home it’s probably best to get a friend who’s on the network in question to test Internet speed at your house, it would be annoying to sign up for an annual contract and then discover that your home is in a 3G dead spot.

Cheapest Offers

The best offer at the moment for moderate data use seems to be Amaysim with 10G for $99.90 and an expiry time of 365 days [1]. 10G in a year isn’t a lot, but it’s pre-paid so the user can buy another 10G of data whenever they want. At the moment $10 for 1G of data in a month and $20 for 2G of data in a month seem to be common offerings for 3G data in Australia. If you use exactly 1G per month then Amaysim isn’t any better than a number of other telcos, but if your usage varies (as it does with most people) then spreading the data use over several months offers significant savings without the need to save big downloads for the last day of the month.

For more serious Internet use Virgin has pre-paid offerings of 6G for $30 and 12G for $40 which has to be used in a month [2]. Anyone who uses an average of more than 3G per month will get better value from the Virgin offers.

If anyone knows of cheaper options than Amaysim and Virgin then please let me know.

Better Coverage

Both Amaysim and Virgin use the Optus network which covers urban areas quite well. I used Virgin a few years ago (and presume that it has only improved since then) and my wife uses Amaysim now. I haven’t had any great problems with either telco. If you need better coverage than the Optus network provides then Telstra is the only option. Telstra have a number of prepaid offers, the most interesting is $100 for 10G of data that expires in 90 days [3].

That Telstra offer is the same price as the Amaysim offer and only slightly more expensive than Virgin if you average 3.3G per month. It’s a really good deal if you average 3.3G per month as you can expect it to be faster and have better coverage.

Which One to Choose?

I think that the best option for someone who is initially connecting their home via 3g is to start with Amaysim. Amaysim is the cheapest for small usage and they have an Amaysim Android app and web page for tracking usage. After using a few gig of data on Amaysim it should be possible to determine which plan is going to be most economical in the long term.

Connecting to the Internet

To get the best speed you need a 4G AKA LTE connection. But given that 3G speed is great enough to use expensive amounts of data it doesn’t seem necessary to me. I’ve done a lot of work over the Internet with 3G from Virgin, Kogan, Aldi, and Telechoice and haven’t felt a need to pay for anything faster.

I think that the best thing to do is to use an old phone running Android 2.3 or iOS 4.3 as a Wifi access point. The cost of a dedicated 3G Wifi AP is enough to significantly change the economics of such Internet access and most people have access to old smart phones.

Related posts:

  1. Changing Phone Prices in Australia 18 months ago when I signed up with Virgin Mobile...
  2. Cheap Net Access in Australia The cheapest ADSL or Cable net access in Australia seems...
  3. Aldi Changes, Cheap Telcos, and Estimating Costs I’ve been using Aldi as my mobile phone provider for...
Categories: thinktime

Robert Collins: what-poles-for-the-tent

Planet Linux Australia - Wed 24th Sep 2014 15:09

So Monty and Sean have recently blogged about about the structures (1, 2) they think may work better for OpenStack. I like the thrust of their thinking but had some mumblings of my own to add.

Firstly, I very much like the focus on social structure and needs – what our users and deployers need from us. That seems entirely right.

And I very much like the getting away from TC picking winners and losers. That was never an enjoyable thing when I was on the TC, and I don’t think it has made OpenStack better.

However, the thing that picking winners and losers did was that it allowed users to pick an API and depend on it. Because it was the ‘X API for OpenStack’. If we don’t pick winners, then there is no way to say that something is the ‘X API for OpenStack’, and that means that there is no forcing function for consistency between different deployer clouds. And so this appears to be why Ring 0 is needed: we think our users want consistency in being able to deploy their application to Rackspace or HP Helion. They want vendor neutrality, and by giving up winners-and-losers we give up vendor neutrality for our users.

Thats the only explanation I can come up with for needing a Ring 0 – because its still winners and losers (e.g. picking an arbitrary project) keystone, grandfathering it in, if you will. If we really want to get out of the role of selecting projects, I think we need to avoid this. And we need to avoid it without losing vendor neutrality (or we need to give up the idea of vendor neutrality).

One might say that we must pick winners for the very core just by its, but I don’t think thats true. If the core is small, many people will still want vendor neutrality higher up the stack. If the core is large, then we’ll have a larger % of APIs covered and stable granting vendor neutrality. So a core with fixed APIs will be under constant pressure to expand: not just from developers of projects, but from users that want API X to be fixed and guaranteed available and working a particular way at [most] OpenStack clouds.

Ring 0 also fulfils a quality aspect – we can check that it all works together well in a realistic timeframe with our existing tooling. We are essentially proposing to pick functionality that we guarantee to users; and an API for that which they have everywhere, and the matching implementation we’ve tested.

To pull from Monty’s post:

“What does a basic end user need to get a compute resource that works and seems like a computer? (end user facet)

What does Nova need to count on existing so that it can provide that. “

He then goes on to list a bunch of things, but most of them are not needed for that:

We need Nova (its the only compute API in the project today). We don’t need keystone (Nova can run in noauth mode and deployers could just have e.g. Apache auth on top). We don’t need Neutron (Nova can do that itself). We don’t need cinder (use local volumes). We need Glance. We don’t need Designate. We don’t need a tonne of stuff that Nova has in it (e.g. quotas) – end users kicking off a simple machine have -very- basic needs.

Consider the things that used to be in Nova: Deploying containers. Neutron. Cinder. Glance. Ironic. We’ve been slowly decomposing Nova (yay!!!) and if we keep doing so we can imagine getting to a point where there truly is a tightly focused code base that just does one thing well. I worry that we won’t get there unless we can ensure there is no pressure to be inside Nova to ‘win’.

So there’s a choice between a relatively large set of APIs that make the guaranteed available APIs be comprehensive, or a small set that that will give users what they need just at the beginning but might not be broadly available and we’ll be depending on some unspecified process for the deployers to agree and consolidate around what ones they make available consistently.

In sort one of the big reasons we were picking winners and losers in the TC was to consolidate effort around a single API – not implementation (keystone is already on its second implementation). All the angst about defcore and compatibility testing is going to be multiplied when there is lots of ecosystem choice around APIs above Ring 0, and the only reason that won’t be a problem for Ring 0 is that we’ll still be picking winners.

How might we do this?

One way would be to keep picking winners at the API definition level but not the implementation level, and make the competition be able to replace something entirely if they implement the existing API [and win hearts and minds of deployers]. That would open the door to everything being flexible – and its happened before with Keystone.

Another way would be to not even have a Ring 0. Instead have a project/program that is aimed at delivering the reference API feature-set built out of a single, flat Big Tent – and allow that project/program to make localised decisions about what components to use (or not). Testing that all those things work together is not much different than the current approach, but we’d have separated out as a single cohesive entity the building of a product (Ring 0 is clearly a product) from the projects that might go into it. Projects that have unstable APIs would clearly be rejected by this team; projects with stable APIs would be considered etc. This team wouldn’t be the TC : they too would be subject to the TC’s rulings.

We could even run multiple such teams – as hinted at by Dean Troyer one of the email thread posts. Running with that I’d then be suggesting

  • IaaS product: selects components from the tent to make OpenStack/IaaS
  • PaaS product: selects components from the tent to make OpenStack/PaaS
  • CaaS product (containers)
  • SaaS product (storage)
  • NaaS product (networking – but things like NFV, not the basic Neutron we love today). Things where the thing you get is useful in its own right, not just as plumbing for a VM.

So OpenStack/NaaS would have an API or set of APIs, and they’d be responsible for considering maturity, feature set, and so on, but wouldn’t ‘own’ Neutron, or ‘Neutron incubator’ or any other component – they would be a *cross project* team, focused at the product layer, rather than the component layer, which nearly all of our folk end up locked into today.

Lastly Sean has also pointed out that we have large N N^2 communication issues – I think I’m proposing to drive the scope of any one project down to a minimum, which gives us more N, but shrinks the size within any project, so folk don’t burn out as easily, *and* so that it is easier to predict the impact of changes – clear contracts and APIs help a huge amount there.

Categories: thinktime

Lev Lafayette: Opportunities and Issues in Free Software

Planet Linux Australia - Tue 23rd Sep 2014 22:09

Presentation to Software Freedom Day (Melbourne), September 2014

Categories: thinktime

Andrew McDonnell: Evaluating the security of OpenWRT (part 2) – bugfix

Planet Linux Australia - Tue 23rd Sep 2014 22:09

I had a bug applying the RELRO flag to busybox, this is fixed in GitHub now.

For some reason the build links the busybox binary a second time and I missed the flag.

Also an omission from my prior blog entry: uClibc has RELRO turned on in its configuration already in OpenWRT, so does not need flags passing through to it. However, it is failing to build its libraries with RELRO in all cases, in spite of the flag. This problem doesn’t happen in a standalone uClibc build from the latest uClibc trunk, but I haven’t scoped how to get uClibc trunk into OpenWRT. This may have been unclear they way I described it.

Categories: thinktime

Smaller and smaller

Seth Godin - Tue 23rd Sep 2014 19:09
For a long time, Australians thought of themselves as living on the edge of the Earth, a long haul from markets, from industries and from colleagues. Today, of course, Australia is precisely in the middle. That's because the world keeps...         Seth Godin
Categories: thinktime

Sonia Hamilton: SaltStack Essential Reading

Planet Linux Australia - Tue 23rd Sep 2014 16:09

A list of ‘Essential Reading’ for SaltStack. A collection of useful links, mostly for myself but possibly helpful to others.

Categories: thinktime

Craige McWhirter: Converting an Instance to an Image in OpenStack

Planet Linux Australia - Tue 23rd Sep 2014 15:09
Assumptions: Create a snapshot of the instance

Check the status of the source VM and stop it if it's not already:

$ nova list +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ | 4fef1b97-901e-4ab1-8e1f-191cb2f75969 | Tutorial1 | ACTIVE | - | Running | Tutorial= | +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ $ nova stop Tutorial1 $ nova list +--------------------------------------+-----------+--------+------------+- ------------+---------------------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-----------+---------+-----------+- ------------+---------------------------------------------+ | 4fef1b97-901e-4ab1-8e1f-191cb2f75969 | Tutorial1 | SHUTOFF | - | Running | Tutorial= | +--------------------------------------+-----------+---------+------------+- ------------+---------------------------------------------+

Take a snapshot and check the result:

$ nova image-create --poll Tutorial1 Tutorial1Snapshot Server snapshotting... 100% complete Finished $ nova image-list +--------------------------------------+-------------------+--------+--------+ | ID | Name | Status | Server | +--------------------------------------+-------------------+--------+--------+ | 47e192f8-32b2-4839-8392-a18e3be1b9a6 | Tutorial1Snapshot | ACTIVE | | +--------------------------------------+-------------------+--------+--------+ Convert that snapshot into an image

Obtain the snapshot ID from cinder:

$ cinder snapshot-list +--------------------------------------+------------------------------------ --+----------+-------------------------+------+ | ID | Volume ID | Status | Display Name | Size | +--------------------------------------+------------------------------------ --+----------+-------------------------+------+ | 6a09198d-3b14-438d-a8e2-0473331fa0b7 | 616dbaa6-f5a5-4f06-9855-fdf222847f3 e | deleting | snapshot for Tutorial1 | 10 | +--------------------------------------+------------------------------------ --+----------+-------------------------+------+

Create a volume from that snapshot:

$ cinder create --snapshot-id 6a09198d-3b14-438d-a8e2-0473331fa0b7 2 +---------------------+--------------------------------------+ | Property | Value | +---------------------+--------------------------------------+ | attachments | [] | | availability_zone | MyZone | | bootable | false | | created_at | 2014-09-23T02:19:48.414823 | | display_description | None | | display_name | None | | encrypted | False | | id | 8fc9e82d-bb57-4e74-a48a-93e20c94fe2f | | metadata | {} | | size | 2 | | snapshot_id | 6a09198d-3b14-438d-a8e2-0473331fa0b7 | | source_volid | None | | status | creating | | volume_type | block | +---------------------+--------------------------------------+

Create and upload an image from that volume:

$ cinder upload-to-image 8fc9e82d-bb57-4e74-a48a-93e20c94fe2f TutorialInstance +---------------------+------------------------------------------------------ ----------------------------------------------------------------------------- --------------------------------------------------------------------+ | Property | Value | +---------------------+------------------------------------------------------ ----------------------------------------------------------------------------- --------------------------------------------------------------------+ | container_format | bare | | disk_format | raw | | display_description | None | | id | 8fc9e82d-bb57-4e74-a48a-93e20c94fe2f | | image_id | 83ec0ea1-e41e-475e-b925-96e5f702fba5 | | image_name | TutorialInstance | | size | 2 | | status | uploading | | updated_at | 2014-09-23T02:19:52.000000 | | volume_type | {u'name': u'block', u'qos_specs_id': None, u'deleted' : False, u'created_at': u'2014-08-08T04:04:49.000000', u'updated_at': None, u 'deleted_at': None, u'id': u'7a522201-7c27-4eaa-9d95-d70cfaaeb16a'} | +---------------------+------------------------------------------------------ ----------------------------------------------------------------------------- --------------------------------------------------------------------+

Export your network UUID and image UUID:

$ export OS_IMAGE=83ec0ea1-e41e-475e-b925-96e5f702fba5 $ export OS_NET=c4beeb1d-c04d-43f4-b8fb-b485bcfcf005

Boot an instance from your new image to ensure it works:

$ nova boot --key-name $OS_USERNAME --flavor m1.tiny --block-device source=image,id=$OS_IMAGE,dest=volume,size=2,shutdown=remove,bootindex=0 --nic net-id=$OS_NET --poll Tutorial0 +--------------------------------------+-------------------------------------------------+ | Property | Value | +--------------------------------------+-------------------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | MyZone | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | - | | OS-SRV-USG:terminated_at | - | | accessIPv4 | | | accessIPv6 | | | adminPass | Riuvai8PvHu3 | | config_drive | | | created | 2014-09-23T02:25:14Z | | flavor | m1.tiny (1) | | hostId | | | id | ec354ce2-fed9-4196-829e-483ab7759203 | | image | Attempt to boot from volume - no image supplied | | key_name | DemoTutorial | | metadata | {} | | name | Tutorial0 | | os-extended-volumes:volumes_attached | [] | | progress | 0 | | security_groups | default | | status | BUILD | | tenant_id | djfj4574fn478fh69gk489fn239fn9rn | | updated | 2014-09-23T02:25:14Z | | user_id | hy95g85nmf72bd0esdfj94582jd82j4f8 | +--------------------------------------+-------------------------------------------------+ Server building... 100% complete Finished

Your new image should now be waiting for you to log in.

Categories: thinktime

Glen Turner: Installing OpenVSwitch and Mininet on Raspberry Pi

Planet Linux Australia - Tue 23rd Sep 2014 11:09

OpenVSwitch is a software defined networking switch for Linux. It supports its own protocol and also OpenFlow 1.3. OpenVSwitch is included in the Linux kernel and its user-space utilities ship in Debian Wheezy.

Mininet allows the simple creation of emulated networks, using Linux's namespace feature. Mininet is not packaged in Debian Wheezy.

Raspberry Pi kernel issue #377 enables the kernel features needed by OpenVSwitch and Mininet.

Installing OpenVSwitch

Since all the necessary parts are in packages, simply install the packages:

$ sudo apt-get install ovsdbmonitor openvswitch-switch openvswitch-controller openvswitch-pki openvswitch-ipsec

The packaging is done well, and automatically establishes the necessary databases and public key infrastructure.

Installing Mininet

The main Mininet installation instructions give three choices: we are using “Option 2: installation from source”.

Before going further enable memory control groups in the kernel. Edit the line in /boot/cmdline.txt to append:

cgroup_enable=memory swapaccount=1

Reboot so that those kernel parameters take effect.

Get the source:

$ sudo apt-get install git $ git clone git://

There is an installation script in mininet/utils/ It won't run successfully as Raspberry Pi doesn't keep the Linux kernel in the expected package. In any case it tries to compile OpenVSwitch as a kernel module, which is no longer needed now that OpenVSwitch is part of the stock Linux kernel.

Looking at that script we can do the steps by hand. Starting with installing the runtime dependencies:

$ sudo apt-get install build-essential iperf telnet python-setuptools cgroup-bin ethtool ethtool help2man pyflakes pylint pep8 socat

Now install Mininet into /usr/local:

$ sudo make install

Finally, test that the installation worked:

$ sudo /etc/init.d/openvswitch-controller stop $ sudo mn --test pingall *** Creating network *** Adding controller *** Adding hosts: h1 h2 *** Adding switches: s1 *** Adding links: (h1, s1) (h2, s1) *** Configuring hosts h1 h2 *** Starting controller *** Starting 1 switches s1 *** Waiting for switches to connect s1 *** Ping: testing ping reachability h1 -> h2 h2 -> h1 *** Results: 0% dropped (2/2 received) *** Stopping 1 controllers c0 *** Stopping 1 switches s1 .. *** Stopping 2 links *** Stopping 2 hosts h1 h2 *** Done completed in 6.277 seconds
Categories: thinktime

Global Health Forum: Health security and economic growth in Asia-Pacific - challenges for Australian aid?

Location Bio21 Institute 30 Flemington Rd Parkville, VIC 3010 Australia See map: Google Maps 22 October 2014 - 9:30am - 4:00pm What is the meaning of health security? Where do trade interests meet health needs? What are the health priorities for Australian aid?

This year's Global Health Forum will focus on Australia's challenges in the Asia-Pacific and the Government's new foreign aid strategy. Leading international and local speakers will tackle the strategic challenges as part of a larger debate leading up to the Brisbane meeting of the G20 Group of Finance Ministers and Central Bank Governors. 

Speakers include:

Dr David Evans, Director, Health Systems Financing, WHO Geneva

Professor Soonman Kwon, Seoul National University

read more

Categories: thinktime


Subscribe to KatteKrab aggregator