I attended the MiniDebconf in Toulouse, which was hosted in the larger Capitole du Libre, a free software event with talks, presentation of associations, and a keysigning party. I didn't expect the event to be that big, and I was very impressed by its organization. Cheers to all the volunteers, it has been an amazing week-end! Here's a sum-up of the talks I attended. Du logiciel libre la monnaie libre Speaker: lo s The first talk I attended was, translated to English, "from free software to free money". lo s compared the 4 freedoms of free software with money, and what properties money needs to exhibit in order to be considered free. He then introduced 1, a project of free (as in free speech!) money, started in the region around Toulouse. Contrary to some distributed ledgers such as Bitcoin, 1 isn't based on an hash-based proof-of-work, but rather around a web of trust of people certifying each other, hence limiting the energy consumption required by the network to function. YunoHost Speaker: Jimmy Monin I then attended a presentation of YunoHost. Being an happy user myself, it was very nice to discover the future expected features, and also meet two of the developers. YunoHost is a Debian-based project, aimed at providing all the tools necessary to self-host applications, including email, website, calendar, development tools, and dozens of other packages. Premiers pas dans l'univers de Debian Speaker: Nicolas Dandrimont For the first talk of the MiniDebConf, Nicolas Dandrimont introduced Debian, its philosophy, and how it works with regards to upstreams and downstreams. He gave many details on the teams, the infrastructure, and the internals of Debian. Trusting your computer and system Speaker: Jonas Smedegaard Jonas introduced some security concepts, and how they are abused and often meaningless (to quote his own words, "secure is bullshit"). He described a few projects which lean towards a more secure and open hardware, for both phones and laptops. Automatiser la gestion de configuration de Debian avec Ansible Speaker: J r my Lecour J r my, from Evolix, introduced Ansible, and how they use it to manage hundreds of Debian servers. Ansible is a very powerful tool, and a huge ecosystem, in many ways similar to Puppet or Chef, except it is agent-less, using only ssh connections to communicate with remote machines. Very nice to compare their use of Ansible with mine, since that's the software I use at work for deploying experiments. Making Debian for everybody Speaker: Samuel Thibault Samuel gave a talk about accessibility, and the general availability of the tools in today's operating systems, including Debian. The lesson to take home is that we often don't do enough in this domain, particularly when considering some issues people might have that we don't always think about. Accessibility on computers (and elsewhere) should be the default, and never require complex setups. Retour d'exp rience : mise jour de milliers de terminaux Debian Speaker: Cyril Brulebois Cyril described a problem he was hired for, an update of thousands of Debian servers from wheezy to jessie, which he discovered afterwards was worse than initially thought, since the machines were running the out-of-date squeeze. Since they were not always administered with the best sysadmin practices, they were all exhibiting different configurations and different packages lists, which raised many issues and gave him interesting challenges. They were solved using Ansible, which also had the effect of standardizing their system administration practices. Retour d'exp rience : utilisation de Debian chez Evolix Speaker: Gr gory Colpart Gr gory described Evolix, a company which manages servers for their clients, and how they were inspired by Debian, for both their internal tools and their practices. It is very interesting to see that some of the Debian values can be easily exported for a more open and collaborative business. Lightning talks To close the conference, two lightning talks were presented, describing the switch from Windows XP to Debian in an ecologic association near Toulouse; and how snapshot.debian.org can be used with bisections to find the source of some regressions. Conclusion A big thank you to all the organizers and the associations who contributed to make this event a success. Cheers!
JOINagainst the congress api to get their Twitter account names. My first shot was to Multicorn the new Open Civic Data API I was working on, chuckled and put it aside as a really awesome hack. Enter Docker It wasn't until tianon connected the dots for me and suggested a Docker FDW did I get really excited. Cue a few hours of hacking, and I'm proud to say -- here's Docker FDW. This lets us ask all sorts of really interesting questions out of the API, and might even help folks writing webapps avoid adding too much Docker-aware logic. Abstractions can be fun! Setting it up I'm going to assume you have a working Multicorn, PostgreSQL and Docker setup (including adding the
postgresuser to the
dockergroup) So, now let's pop open a
psqlsession. Create a database (I called mine
dockerfdw, but it can be anything), and let's create some tables. Before we create the tables, we need to let PostgreSQL know where our objects are. This takes a name for the
server, and the
Pythonimportable path to our FDW.
Now that we have the server in place, we can tell PostgreSQL to create a table backed by the FDW by creating a foreign table. I won't go too much into the syntax here, but you might also note that we pass in some options - these are passed to the constructor of the FDW, letting us set stuff like the Docker host.
CREATE SERVER docker_containers FOREIGN DATA WRAPPER multicorn options ( wrapper 'dockerfdw.wrappers.containers.ContainerFdw'); CREATE SERVER docker_image FOREIGN DATA WRAPPER multicorn options ( wrapper 'dockerfdw.wrappers.images.ImageFdw');
And, now that we have tables in place, we can try to learn something about the Docker containers. Let's start with something fun - a join from containers to images, showing all image tag names, the container names and the ip of the container (if it has one!).
CREATE foreign table docker_containers ( "id" TEXT, "image" TEXT, "name" TEXT, "names" TEXT, "privileged" BOOLEAN, "ip" TEXT, "bridge" TEXT, "running" BOOLEAN, "pid" INT, "exit_code" INT, "command" TEXT ) server docker_containers options ( host 'unix:///run/docker.sock' ); CREATE foreign table docker_images ( "id" TEXT, "architecture" TEXT, "author" TEXT, "comment" TEXT, "parent" TEXT, "tags" TEXT ) server docker_image options ( host 'unix:///run/docker.sock' );
SELECT docker_containers.ip, docker_containers.names, docker_images.tags FROM docker_containers RIGHT JOIN docker_images ON docker_containers.image=docker_images.id;
OK, let's see if we can bring this to the next level now. I finally got around to implementing
ip names tags -------------+-----------------------------+----------------------------------------- ruby:latest paultag/vcs-mirror:latest /de-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /ny-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /ar-openstates-to-ocd sunlightlabs/scrapers-us-state:latest 172.17.0.47 /ms-openstates-to-ocd sunlightlabs/scrapers-us-state:latest 172.17.0.46 /nc-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /ia-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /az-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /oh-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /va-openstates-to-ocd sunlightlabs/scrapers-us-state:latest 172.17.0.41 /wa-openstates-to-ocd sunlightlabs/scrapers-us-state:latest /jovial_poincare <none>:<none> /jolly_goldstine <none>:<none> /cranky_torvalds <none>:<none> /backstabbing_wilson <none>:<none> /desperate_hoover <none>:<none> /backstabbing_ardinghelli <none>:<none> /cocky_feynman <none>:<none> paultag/postgres:latest debian:testing paultag/crank:latest <none>:<none> <none>:<none> /stupefied_fermat hackerschool/doorbot:latest /focused_euclid debian:unstable /focused_babbage debian:unstable /clever_torvalds debian:unstable /stoic_tesla debian:unstable /evil_torvalds debian:unstable /foo debian:unstable (31 rows)
DELETEoperations, which turned out to be pretty simple to do. Check this out:
DELETE FROM docker_containers;
This will do a
killafter a 10 second hang behind the scenes. It's actually a lot of fun to spawn up a container and terminate it from
INSERT INTO docker_containers (name, image) VALUES ('hello', 'debian:unstable') RETURNING id;
Spawning containers works too - this is still very immature and not super practical, but I figure while I'm showing off, I might as well go all the way.
id ------------------------------------------------------------------ 0a903dcf5ae10ee1923064e25ab0f46e0debd513f54860beb44b2a187643ff05 INSERT 0 1 (1 row)
SELECT ip FROM docker_containers WHERE id='0a903dcf5ae10ee1923064e25ab0f46e0debd513f54860beb44b2a187643ff05';
Success! This is just a taste of what's to come, so please feel free to hack on Docker FDW, tweet me @paultag, file bugs / feature requests. It's currently a bit of a hack, and it's something that I think has long-term potential after some work goes into making sure that this is a rock solid interface to the Docker API.
ip ------------- 172.17.0.12 (1 row)