Kushal Das

FOSS and life. Kushal Das talks here.

kushal76uaid62oup5774umh654scnu5dwzh4u2534qxhcbi4wbab3ad.onion

Day 4 of Flock 2015

Day four of flock started at 10AM, later than the usual 9am, which was really good as everyone needed that extra hour of sleep. Though I was getting up generally around 5AM, but I managed to get enough sleep on that morning. Came down to the lobby, found people slowly moving into different rooms. I went in the SPC workshop by Dan Walsh. The session started in very informal way. As I already missed his talk on the same topic due to clash with another talk, this was my chance to catch up with updates from him. I also found more copies of "Containers coloring book", another excellent work from Mizmo and Dan's collaboration. Feel free to download, and print the PDF copy. It really explains the security ideas in layman terms.

During lunch I went out with Kevin, Patrick, and Pierre-Yves. The salad was one of the best I had, it was heavy too. Came back to the venue with a full stomach. Only Patrick's explanation about remote client authentication system made sure that I did not fall asleep. He also helped me to enable 2-factor authentication for laptop drive encryption. We had many more discussions about best practices, and how to stay paranoid about security :) He also showed me the great documentation from python-cryptography project. I will explain the use case in a future blog post.

The day ended with another trip to the Belgian beer place. After dinner, many went to more social interactions. But I chose to come back as I had to wake up early next day for the next part of my road trip.

This Flock seems to be very useful as many discussions happened, which in turn helped to resolve many open issues. We also added many new items in our TODO lists, but that is what we expect from any good conference like this one. Having the event venue in the same hotel also helped a lot, many got the required sleep in between without spending time going back and forth between venue and hotel.

Day 3 of Flock 2015

Woke up late, late enough to miss most of the morning keynote, even though I decided to skip breakfast. Spent the time talking till our "Cloud Working Group" meeting started. Brian Exelbierd took some excellent notes from the meeting. Many of the ideas/action items from the meeting are already being worked upon. While the meeting was on, I saw an urgent ping about one of our AWS accounts billing going insane. The whole team jumped into the incident in the next room, first the running instances were taken down, and passwords/tokens got changed. A more detailed look into those instances revealed that they were running due a bug in fedimg (which was already fixed in production, thanks to Ralph), just terminating them was enough to stop any more damage. The whole process once again demonstrated why I feel proud to work with such an excellent team. Sometimes (read always) being paranoid about security is important :) Anyway, I missed a big part of the cloud meeting due to this incident. But I was back before some important discussions took place.

Went out for lunch with a bunch of people from the cloud meeting room. Some good Ethopian food, but sadly not spicy enough :) After lunch, most of the time was spent on talking to many people, these hallway tracks are always the most important part of any conference. We also enjoyed the amazing ginger ale Toshio brought over from South Carolina. Later many of us moved into the docs team tooling meet, and also attended the GPG key signing party in the next room.

In the evening there was another party in the house of George Eastman :)

Setting up storage for docker on Fedora22 cloud image

docker-storage-setup helps to create a LVM thin pool, which can be then used by docker for storage of containers, and images. By starting docker, it automatically starts this service. We can also make sure that it uses a specific block device, and volume group. In this example I am running Fedora 22 Cloud Base image on an Openstack environment, I added a new volume /dev/vdb to the instance.

# cat <<EOF > /etc/sysconfig/docker-storage-setup
DEVS=/dev/vdb
VG=docker-vg
EOF
# sudo docker-storage-setup
  Volume group "vda1" not found
  Cannot process volume group vda1
Checking that no-one is using this disk right now ... OK

Disk /dev/vdb: 5 GiB, 5379194880 bytes, 10506240 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xc8ed8872

Old situation:

>>> Script header accepted.
>>> Created a new DOS disklabel with disk identifier 0x39ca0d62.
Created a new partition 1 of type 'Linux LVM' and of size 5 GiB.
/dev/vdb2: 
New situation:

Device     Boot Start      End  Sectors Size Id Type
/dev/vdb1        2048 10506239 10504192   5G 8e Linux LVM

The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
  Physical volume "/dev/vdb1" successfully created
  Volume group "docker-vg" successfully created
  Rounding up size to full physical extent 8.00 MiB
  Logical volume "docker-poolmeta" created.
  Logical volume "docker-pool" created.
  WARNING: Converting logical volume docker-vg/docker-pool and docker-vg/docker-poolmeta to pool's data and metadata volumes.
  THIS WILL DESTROY CONTENT OF LOGICAL VOLUME (filesystem etc.)
  Converted docker-vg/docker-pool to thin pool.
  Logical volume "docker-pool" changed

I hope this will help you to setup the docker storage properly on Fedora 22 Cloud Image.

Day 2 of Flock 2015

How to start a day with some big mistake? Order a breakfast burger which is big enough to confuse you :) It was tasty, and way bigger than what I thought. May not always the best way to start the day, but a full stomach means inner peace.

After going back to the main room for the keynote, I found Major Hayden is already on stage for starting his keynote. I never found someone explaining impostor syndrome in such hilarious way. He started with a personal story, which many will be able to connect to. It was seriously a great choice for keynote.

At 10am, I had my talk on Tunir. I hope that I was being able to answer the questions in a proper way. Mike asked the best question, what does the name means? :) We had a good discussion at the end about various related topics. After my talk was over, I spent the time till lunch while talking to many people. Topics ranged from lifestyle to temperature.

After lunch I wanted to attend Paul's remote working tips talk, but sadly I had to give my second talk on Fedora Cloud at the same time. The crowd for my talk was diverse, there were at least 3 people who knew nothing about the Cloud WG, and then there were many who take regular participation in the working group. I started with what we do, then moved into how we do it. Remember to have a look at my worknotes to find out the exact steps to create the Fedora Cloud image locally. The talk was heavy in discussions, Matthew pointed out a few of the charts from his keynote. Last part of my talk was about how one can help the Cloud WG. Where we all need immediate help.

After my talk Mike McGrath spoke about "Atomic and container deployment best practices". This particular talk also had a lot useful content for me as I always guessed what could be some good way of deployment, but never had enough practical experience to be sure.

Next there were two back to back talks I really wanted to attend, from Matthias Clasen, and from Peter Robinson, but the CentOS Cloud SIG also decided to meet at the same time. We had some useful discussion on the RDO moving the full development effort on top of CentOS, hardware updates. A major portion of the discussion was also about download statistics. Karanbir pointed out why there is no such system in the CentOS infra, and the arguments for not having it looked solid to me.

The evening dinner/party was in a place which I think is a smaller version of heaven. The National museum of play. Way too much fun to describe in a single blog post.

Day 1 of Flock 2015

So it is on. After looking so many known faces all around that is the thought came in my mind. Got myself registered first, then started taking more portraits so that I can match the faces with the IRC nicks :)

The day started with Ruth welcoming all of us, and the Matthew took over the stage. His keynote had slides full of graphs. He talked about our goal, and how we can map those back into actual TODO things. There will be more updates on the same from council. Remi later thanked the local tech groups who helped us to get few last minute things done.

Next I moved into Dennis' talk on "Fedora Release Engineering going forward". There were long discussions about various things we can do to make process simpler. Having a stable rawhide is also part of points came up. Package signing was another topic, Nick said he will pass around the details about the project/people who are helping the signing pypi packages.

"Containers don't contain." -- Dan Walsh's talk on docker security reminded us of the issues we can have in container world. The best way to run the containers is to use vm(s), and then put the related type of containers in the same vm. He also reminded how containers can attack each other. One of the new thing coming up is the Seccomp, the way to eliminate system call abilities. I also found the new container coloring book in the same. Mo you rock!!!

During lunch I met Arun Sag after 2 years. Good to see the old friends again, sadly no pink slippers for him this time. Gholms helped me to understand the meta-data service in a better way. Btw, did I mention that the lunch was amazing? I went out with Fche for a walk to the riverside, discussed about darkserver, and ABI.

After lunch next talk I attended is about spreading Fedora in schools, I want to talk about it later in a separate blog post.

"What does Red Hat want?" the talk from Denise Dumas (VP of Platform Engineering Red Hat) had all the points about why I love to call Fedora/Red Hat my family. She talked slowly, and explained why Red Hat puts community greater than itself. I will post the link to the video of her talk when it will be published. I think everyone should watch her talk at least once. This will help to reduce many (fictional) frictions we get time to time.

Fedora Engineering team had a team dinner in "The Old Toad". Following Luke for Yorkshire Pudding was a very good decision. Later at night Patrick helped me to design an authentication method which I will be using in the coming days.

Day -1 for the Flock 2015

It is 5:30am, and I am already up. Which may sound great in any other day, but the night before I slept after 2am. The day was the day -1 for Flock 2015 in Rochester. That means meeting lots of old friends through out day/night. Time to put faces behind some of the IRC nicks I know for a long time.

The day started relatively well, other than the super costly breakfast in the venue. A few of us saw some empty chairs and desk in the floor above lobby, and thought of sitting there and hack. A hotel employee came running in, and telling us that we were not allowed there. That led us to move to Java's Cafe few blocks away. The coffee was good, and we all sat around a big table. One of my TODO list item was about syncing with Threebean about fedimg project. He showed the latest script he wrote to dig up fedmsgs from datagrepper related to fedimg. There were a lot of other chitchats, and it increased even more when Denis, and Remy joined us in the table. I had few small queries which Nirik cleared very quickly. I also received a yubikey from him. Later after 1pm we moved to another place for lunch.

Came back to the same Cafe after lunch, we already grew in number. Some people went back to the hotel, and more number of people came in. Met Maxamillion aka Adam Miller for the first time. That also means that our tiny release-infra team (Luke, Adam, and me) were in the same place for the first time :) Patrick Uiterwijk was working on patch which would allow us to burn the version one of the Yubikey, I did the first test of the code, and managed to setup my new key. Pingou helped me to write the initial version of a metadata service using Flask. Later randomuser (Pete Travis) helped me to setup proper firewalld rules so that the local vm(s) can access the metadata on the virbr0.

We moved to a near by dimsum place for dinner. I should say thank you Remy for the tasty dinner. The next stop was the bar just opposite, more people started turning up there. On Luke's suggestion I tried St. Bernardus, which is pretty good. Came back to the hotel around midnight, and found Ruth welcoming everyone. The lobby area was filled with Fedora hackers and lots of alcohol. Met Dave, and Subhendu after a long time. Roshi and Dusty Mabe were two other people whom I wanted to meet for a long time. It is so nice to meet the friends for the first time, when you already spend most of your days with them over IRC. John Dulaney showed me his personal cloud/vm orchestration system. I decided to end my day as getting few hours of sleep is really necessary. The day one of Flock will start in another few hours. Means time to get up from the chair :)

Day 1 of travel for Flock 2015

Yesterday was the second, and final day of travel for Flock. We started our journey from the small town of Williamspor, and continued on US 15 towards New York. The view was gorgeous as usual. The "Text stop" signboards were something completely new for me :)

The state of New York welcomed us with similar kind of open view. We also received a friendly visit from a state police. The rest of the journey was uneventful. Around 1pm, I suddenly saw some big buildings up ahead, Jared confirmed that we can see Rochester. Findng the hotel inside the city was not difficult, but finding the way to get into the hotel from the parking area was difficult. My roommate Pingou, was not checked in yet, so I had to provide my credit card, which of course did not have enough budget. Jared came in as saviour once again. Pingou gave a surprise visit in the afternoon, he was staying with Threebean.

Evening was full with rain, and water clogged cars, and police trying reroute the traffic inside a mall. We went out to watch "Inside Out". Later at night we went to near by Dinosaur Bar-B-Que. One should try their hotest chicken wings. It is not that hot, but very tasty (I am sure Sydney will tell a different story). Came back to hotel totally drenched in the rain. Now in the morning I can feel the city slowly waking up (I am up from 4am). According to the Flock Telegram group, many will reach today.

More posts will come soon.

Day 0 of travel for Flock 2015

My actual travel started two days back when I went to Mumbai from Pune on a train. There is some road blocks in the express way, that is why I chose the train. I stayed in IITB, and took the flight to Washington DC later at night. The flight was okay, but I wish the total journey time reduce to less than 16 hours :)

It took more than 50 minutes to get my luggage, Jared was waiting in front of the arrival gate, I also met his daughter Sydney for the first time. We started the next course of the journey as soon as possible. Jared is the designated driver for the trip, so I just had sit, and relax in the car.

Jared and Sydney

After crossing into Maryland from Virginia, it took us few hours to reach Gettysburg, where we stopped for dinner. I was very excited to learn that on our way we were very near of T.C. Williams high school. May be I will get a chance to visit it in future. The dinner place in Gettysburg is actually the oldest historic home in the town, Dobbin House Tavren. It was built in 1776. The food was really good, I never had that good Apple Pie before in my life. After dinner we spent couple of minutes in one of the battlefields, beside the field there was the famous Cemetery where Lincon gave the Gettysburg Address. We drove another few hours to reach Willamsport where we are staying for the night. The next part of the journey will start in some time, but only after some breakfast :)

Going to Flock 2015

I am going to Flock 2015 in Rochester, NY. I will start my journey from Pune tomorrow. I will be back online mostly on Monday afternoon/evening EST.

Going