Posts Tagged ‘HPLinux’

First attempt to present during the upcoming OpenStack Summit in Paris

2014/08/03

Just before leaving for vacation (Croatia is a great place to visit), I made 2 submissions for the next OpenStack Summit in Paris. It’s the first time I try to submit talks for this event. I could have done before, but this time, it’s very convenient as much nearer from where I live so thought it was a good opportunity to try.

So if you want to see me around for sure, vote for my talks ūüėČ

The first proposal is to have a round table on collaboration and coopetition in OpenStack, with speakers from HP (of course ;-)), Red Hat, SUSE and Mirantis, as I have good candidates in mind for this one that should generate interesting discussions and lower the heat If I can !

The second one is about a collaboration we recently had with ObjectifLibre around cinder improvements to support our MSA storage system. I think this is a good demonstration of collaboration between HP (a large corporation) and one of our VAR (value added reseller – SMB) around Open Source technology and pave the way for hopefully future improvements.

So if you find these talks can help make that Summit better, don’t hesitate to vote for them ! In any case, I’ll try to attend, as I’m more involved in HP Helion OpenStack and being there is definitely what I need to do to improve my network in this area. See you there then (or sooner in Chicago for LinuxCon)

Advertisements

Meet at HP ExpertOne Technology & Solutions Summit Again !

2014/06/13

For those of you working for an HP value added reseller (VAR) and attending the HP ExpertOne Technology & Solutions Summit in (again) Barcelona from the 24th to the 27th of June, feel free to meet during one of the session I’ll (co-)deliver:

For those of you wondering why project-builder.org and MondoRescue versions are not published more regularly, that gives you a hint ūüėČ

See you there to talk of these subjects or something else as you see fit. I’m around the whole week.

Fourth OpenStack Meetup for Rh√īne Alpes

2014/06/04

The fourth meetup for the OpenStack regional group will be organized again by HP at the HP/Intel Solution Center the 1st of July 2014.

We should have presentations about a new deployment tool by Mirantis, HP Helion by HP and Icehouse features and Juno roadmap.

Refer to http://www.meetup.com/OpenStack-Rhone-Alpes/ (in french) for more details and registration for those of you around.

Join us at HP: 5, avenue Raymond Chanas, Eybens, France
Access B10 HP

Do not forget Forj around Helion

2014/05/20

Caveat: I’m an HP employee, but info mentionned here are all public, and opinions/errors are just mine, as usual on my blog.

The recent announce of HP around Helion is really reinforcing investment made by my company in OpenStack and presenting the new involvement in CloudFoundry.

The key takeaway I got from it, after reading most of what was written is that we are providing every 6 weeks (think about it !) a new distribution of OpenStack (current being based on IceHouse), as an Open Source distribution, for which customers will be able to buy support. It’s based on TripleO for the bare metal deployment. This distribution is using HP’s own Linux for the controller and hypervisors nodes which is Debian based. Another interesting feature is the embedded update mechanism provided to make OpenStack updates easier (up to now, was simpler to reinstall a new version, not so much to update).

Another key point is the indemnification program. Martin Fink, who is behind this program, has been a long time advocate of Linux indemnification from HP. It was formely introduced when the SCO story was hot. It’s a strong commitment that HP know the code for both its OpenStack and Linux embedded distribution, believe in its licenses, and in its IP.

And last but not least, we do underline that Open Source business is mostly a service (and hardware for us) play, so we’re announcing OpenStack related services, and from my own tries with debugging OpenStack related issues, it will be probably very well received by customers, as it’s a real job, you need strong people knowing how it works, and where to look in order to debug issues.

And frankly, I feel better when I see 1 billion USD announced from HP in R&D around OpenStack technologies, than I felt when IBM announced last year its billion around PowerPC Linux. I think our dollars will produce more concrete results in the ecosystem (even if every USD dedicated to what is called today at LinuxCon “external” R&D is a good sign of the vitality of our ecossytem and some end up benefiting end customers). I think this part is as important as the one IBM made more than 10 years ago around Linux (not Power related) and shows that OpenStack will really become the commodity IaaS solution for all in a short future. It will for sure help a lot of customers consider that technology as being well supported by us (as well as many others). And reverse the trend we saw this morning when we asked how many companies were using Cloud (not even OpenStack) in their production environement, and only few hands raised !!.

I know this is changing quite a lot how IT departments handle IT today, but if they identify that they need an IaaS, then OpenStack is clearly the way to go: with our Helion announce we also do have the fact that hpcloud.com will soon be available on 20 additional HP data centers, meaning that we do consider it as production ready, even if it takes quite some efforts to reach that level, as we disclosed during an OpenStack meetup by presenting all the test work we do to reach enterprise grade level with a production OpenStack env.

Of course, as Martin Fink said rightly, “traditional” IT doesn’t go away. I have customers still operating mainframes, client-server apps, RDBMs, SMB shares, … and will for a long time. But in this new style of IT HP is promoting, for some new workloads and use cases, scaling out easily, it makes a lot of sense to adopt Cloud to support them. And if you adopt Cloud, then you should definitely look at OpenStack (and HP Helion of course) as the most promising technology to help you build it successfully.

And while it wasn’t part of the Helion announcement, as already presented during our last Discover event (and will be again in June), I think it’s important to remind readers of the availability of the Forj project. For development teams, this tool provides continuous integration √† la OpenStack for just every development team, without the hassle of managing your own jenkins and associated tools. Definitely part for me of the Helion ecosystem and worth sharing around.

Soon back in the air and on the roads…

2014/04/17

There will be possibilities to meet with me in some exotic places (at least for me as I never travelled there before in May !

I’ll first be in Wien, Austria, early May but that’s to celebrate somewhere my 50th birthday (half a century as my kids like to call that ;-)) and during vacations so won’t talk something else than early music or rchitecture and pictures of the nice building over there !!

But after that, I’ll attend the UEFI plugfest in Seatlle again, and be in charge of managing the interface between Linux distributions and HP. So if you plan to attend, and want to test your Linux distribution on nice shiny UEFI hardware platforms, feel free to contact me so we can organize that meeting over there.

The week after that I’ll be in Japan to present again during a LinuxCon event ! I’m very lucky first to be retained as a presenter to talk another time about Mageia. And then to be sponsored by our VP & Deputy General Counsel, Cloud Computing and Open Source Eileen Evans who is leading HP’s Open Source Program Office and allowing me to attend.

So feel free to drop me a mail if you want to chat about any topic I can decently talk about such as Disaster Recovery and Imaging or Continuous Packaging and some other surely HP related !

See you there.

6th Technical Excellence Symposium (TES) in Grenoble 21-27 March 2014

2014/02/20

If you are an HP employee, or a Value Added Reseller (VAR), then I’d like to invite you to come to an Event I’m co-organizing:

TES logo

High Performance Computing and Open Source Linux
Technical Excellence Symposium
17 – 21 March 2014
Grenoble, France

TES fond

The goal is to gain expertise and increase your sales and earnings potential.

You are invited to the 2014 High Performance Computing and Open Source & Linux Technical Excellence Symposium. This highly regarded technological event dedicated to professionals is the unique opportunity to boost your skills and knowledge in just 4.5 days!!

Why should you attend the EMEA HPC & OSL event?

  • Receive an update on the entire HPC and Open Source & Linux solutions including Enterprise Storage, Servers and Networking (EG) portfolio.
  • Reinforce your knowledge in this focus area.
  • Connect with the HP management and peers in the HP Certified Professional Community.

Do not miss this exclusive opportunity to give your career a boost and be part of the HPC and OSL community. This is also an excellent opportunity to get the latest technology updates even if you participated in this event before.

Pre-register today to secure your seat by clicking on the following link: http://hp.inviteo.fr/HPC_OSL_TES2014/

Choose among over 100 technological and solution sessions, a mix of hands-on labs, breakout demos and round tables.

This technical event covers the HP’s broad enterprise products and solutions in an open source environment of high performance computing, web services portfolio and new product introductions (e.g. Moonshot program and big data solutions).

Along the sessions, you will meet the HPC and OSL experts to share knowledge and insights in many key business areas including competitive tools.

Back home and freshly armed with an enhanced skills set, you will be ready to provide a great business value to your customers.

Throughout the event, we will offer detailed tracks on High Performance Computing solutions portfolio using our HP Blade System, ProLiant Scalable servers, Storage Works and Network products and solutions using Open Source & Linux software products and services.

We will have a huge emphasis on topics like Hyperscale products, smart storage, purpose-built servers for big data, Moonshot program wave 2 solutions as well as open cloud solutions.

Our High-level agenda is available. The detailed one will be sent to you after your registration.

In addition, there will be:

  • Sponsor sessions delivered by top names in the industry
  • Presentations by HPC and Open Source experts
  • Evening events

For detailed program information, please visit the event website

Any question? We invite you to contact us at: TES-event_at_hp.com

We are looking forward to meeting you at the 2014 HPC and OSL Technical Symposium!

Gouvernance informatique: Il est temps d’y int√©grer l’Open Source

2014/01/24

Dans le cadre de mes activit√©s pour le Conseil des technologistes d’HP France, j’ai √©crit un article pour le Webzine IT experts sur la l’int√©gration de Open Source et la gouvernance informatique disponible sur http://www.it-expertise.com/gouvernance-informatique-il-faut-integrer-lopen-source/. Un grand merci √† Aur√©lie Magniez pour m’avoir aid√© √† faire cette publication.

Ci-dessous, une version l√©g√®rement modifi√©e qui tient compte de retours et r√©tablit certaines formules auxquelles je tiens, quoique moins journalistiquement correctes et certains liens (jug√©s trop nombreux par le Webzine, mais je tiens √† citer mes sources, et Tim Berners-Lee ne les a pas invent√©s pour que l’on ne s’en serve pas non ? :-))

Bonne lecture !

Aujourd’hui en 2013, toutes les entit√©s, publiques comme priv√©es, en France, comme partout dans le monde, utilisent massivement des Logiciels Free, Libres et Open Source (abr√©g√© en FLOSS (1)). Quelques exemples de cet √©tat de fait sont fournis par la Linux Foundation, comme les 600 000 t√©l√©visions intelligentes vendues quotidiennement fonctionnant sous Linux ou les 1,3 millions de t√©l√©phones Ando√Įd activ√©s chaque jour. Le dernier rapport de top500.org, pr√©sentant les super-calculateurs mondiaux, indique une utilisation de Linux √† 96,4%. Des soci√©t√©s ayant aujourd’hui un impact quotidien sur notre environnement num√©rique telles que FaceBook ou Twitter ont non seulement b√Ęti leur infrastructure sur une grande vari√©t√© de FLOSS, mais ont aussi publi√© de grandes quantit√©s de code et des projets complets sous licence libre. Ceci concerne aussi des acteurs plus classiques du monde de l’informatique comme HP ou IBM.

Ceci peut sembler normal, car on √©volue l√† dans le monde du num√©rique, mais le ph√©nom√®ne touche tous les secteurs comme le montre une r√©cente √©tude de l’INSEE, qui reporte que 43% des entreprises fran√ßaises d’au moins 10 personnes utilisent des suites bureautique FLOSS ou encore que 15% des soci√©t√©s de construction utilisent un syst√®me d’exploitation FLOSS par exemple. Cette large adoption se trouve corrobor√©e par le d√©veloppement de la fili√®re FLOSS en France, comme rapport√© par le CNLL, repr√©sentant en 2013 2,5 milliard d’Euros et 30 000 emplois.

Enfin, le secteur public n’est pas en reste avec la publication en septembre 2012 de la circulaire du premier ministre qui reconnait la longue pratique de l’administration des FLOSS, et incite celle-ci, √† tous les niveaux, √† un “bon usage du logiciel libre”, ce qui se v√©rifie dans certains minist√®res comme celui de l’int√©rieur ou de l’√©conomie. Le minist√®re de l’√©ducation nationale a ainsi d√©ploy√© 23 000 serveurs EOLE sous Linux et utilise de nombreux projets FLOSS pour la gestion multi-fonctions (r√©seau, s√©curit√©, partage) des √©tablissements scolaires.

Services impliqués dans la gouvernance FLOSS

Dans ce contexte d’utilisation g√©n√©ralis√©e, se posent certaines questions quant √† la gouvernance particuli√®re √† mettre en place ou l’adaptation de celle existante pour accro√ģtre l’usage, la distribution, la contribution au FLOSS, tant pour les fournisseurs que pour les utilisateurs de ces technologies. En effet, les FLOSS ont des sp√©cificit√©s tant techniques qu’organisationnelles (rapport √† la communaut√©, m√©thodologie de d√©veloppement, licence utilis√©e) qui ont un impact sur la fa√ßon de les g√©rer dans une entit√©. La Gouvernance Open Source, aujourd’hui, doit donc √™tre partie int√©grante d’une Gouvernance Informatique.

Contrairement √† ce qu’une rapide analyse pourrait laisser penser, ce n’est pas uniquement le service informatique qui est concern√© par l’utilisation des FLOSS. Celle-ci touche la totalit√© de l’entit√© et le mod√®le de gouvernance doit donc √™tre adapt√© en cons√©quence. En effet, le service des achats se voit souvent court-circuit√© par l’utilisation de composants logiciels t√©l√©charg√©s et non achet√©s en suivant les proc√©dures qu’il met en place, le service du personnel ne dispose pas de contrats de travail statuant sur les contributions des employ√©s √† des projets FLOSS (ne parlons pas des stagiaires ou co-traitants), le service juridique doit apprendre √† distinguer la licence Apache de la GPLv2, ou v3, le service de propri√©t√© intellectuelle consid√©rer si telle modification faite √† un projet FLOSS peut ou doit √™tre revers√©e au projet, et dans quel contexte, voire le PDG √©valuer, lors d’une scission de sa soci√©t√© en diff√©rentes entit√©es juridiques, l’impact repr√©sent√© sur la redistribution de logiciels faite √† cette occasion et le respect des licences utilis√©es. Ce ne sont que quelques exemples des questions auxquelles les entit√©s doivent r√©pondre dans le cadre d’une Gouvernance Informatique int√©grant les FLOSS.

Ceci n’est pas un d√©bat oiseux: il y a eu maintenant trop d’exemples allant jusqu’au proc√®s et sur des probl√©matiques de non-respect des licences FLOSS pour que les entreprises et services publics ignorent le probl√®me. Les cons√©quences tant financi√®res que sur leur image de marque peuvent √™tre tr√®s importantes et causer des dommages beaucoup plus graves que ne le repr√©sente la mise en conformit√© (qui consiste le plus souvent en la seule publications des codes sources modifi√©s).

Il ne s’agit pas ici d’√©noncer des √©l√©ments qui tendraient √† restreindre l’utilisation des FLOSS dans une entit√©. Au contraire, les b√©n√©fices de leur utilisation sont aujourd’hui trop √©vidents, la baisse des co√Ľts induite par la mutualisation, les gains technologiques d’avoir des souches logicielles si versatiles et √©prouv√©es doivent juste s’accompagner des mesures de gestion n√©cessaires pour en retirer tous les b√©n√©fices annonc√©s. L’analyse des risques fait partie des choix quotidiens exerc√©s au sein d’une entit√© et de m√™me que pour une d√©marche qualit√©, l’impulsion doit venir du sommet de la hi√©rarchie de l’entit√©. Celle-ci doit soutenir la cr√©ation des instances n√©cessaires √† l’√©tablissement d’une gouvernance FLOSS en leur donnant le pouvoir requis et l’interaction avec les diff√©rents services de l’entit√©.

Composants d’une gouvernance FLOSS

Tout d’abord, il s’agira de d√©velopper la compr√©hension de l’√©cosyst√®me libre au sein de l’entit√© pour en appr√©hender les sp√©cificit√©s.

La premi√®re d’entre elles est la licence gouvernant les FLOSS. Comme pour toute utilisation d’un logiciel, ou d’un service, un utilisateur se voit d√©crit ses droits et ses devoirs au sein de ce document. Ceux-ci diff√®rent selon que la licence est permissive (type Apache v2 par exemple), qui permet une utilisation (y compris pour des d√©veloppement non-FLOSS) et une redistribution avec peu de contraintes (mentions l√©gales et paternit√© par exemple). Elle permet ainsi √† des soci√©t√©s de vendre des versions propri√©taires d’Ando√Įd distribu√© sous Licence Apache v2 embarqu√©es dans leurs t√©l√©phones portables. C’est ce qui permet de consid√©rer cette licence comme “libre”. En regard on donnera √©galement l’exemple des licences de gauche d’auteur (copyleft en anglais, type GPL v2 par exemple), qui permettent une utilisation tant que le logiciel distribu√© s’accompagne des sources (√©ventuellement modifi√©es) servant √† le fabriquer. Elle permet √† des projets comme le noyau Linux d’√™tre d√©velopp√© par des milliers de d√©veloppeurs tout en restant toujours accessible dans toutes ses variantes par la mise √† disposition de son code source, d√Ľ √† cette contrainte. C’est ce qui permet de consid√©rer cette licence comme “libre”. Simplement les libert√©s sont vues ici sous l’angle du projet (qui le reste ad vitam aeternam) plut√īt que sous celui de l’utilisateur comme dans l’autre cas. C’est la raison pour laquelle toutes ces licences sont consid√©r√©es comme Open Source par l’OSI.

Une entit√© doit donc choisir les briques FLOSS qu’elle souhaite utiliser en fonction de l’usage pr√©vu pour respecter les droits et devoirs d’usage codifi√©s dans les licences (ni plus ni moins qu’avec une offre non-FLOSS), sachant que, dans la plupart des cas, l’√©l√©ment d√©clenchant l’application de la licence est la distribution du logiciel. Ainsi une soci√©t√© peut parfaitement utiliser un logiciel sous licence GPL v2, y faire des modifications et ne pas les publier, tant que l’usage reste interne √† sa structure juridique (cas fr√©quent en mode utilisation de logiciel dans un d√©partement informatique). En revanche, si elle l’incorpore √† un produit qu’elle commercialise, elle devra juste se mettre en conformit√© avec la licence et fournir en parall√®le du produit un accc√®s aux dites sources.

Ceci n’est finalement pas si compliqu√©, eu √©gard aux gains √©normes qu’elle peut en retirer en b√©n√©ficiant d’une brique logicielle √©prouv√©e qu’elle n’a ni √† d√©velopper, ni √† maintenir. Dans tous les cas, il est important que son service juridique ait une compr√©hension des droits et devoirs des licences utilis√©es pour apporter le conseil requis, comme lors de la signature de contrats avec tout fournisseur.

On le voit, la formation du service juridique est √† la base de la mise en place de toute gouvernance. D’autre part, il faut organiser au sein de l’entit√© la mise en relation entre ce service juridique et les √©quipes de d√©veloppement. Non seulement pour qu’elles apprennent √† se conna√ģtre, mais aussi pour qu’elles √©changent sur leurs besoins r√©ciproques et qu’elles comprennent comment chacune cherche √† prot√©ger l’entit√© pour laquelle elle oeuvre. Les uns le faisant eu √©gard au respect des r√®gles de droit, ce qui comprend l’explication envers les d√©veloppeurs des licences libres, les autres eu √©gard au mode d’utilisation des composants techniques sp√©cifiques des √©quipes de d√©veloppement.

Personnellement, en tant qu’ing√©nieur de formation, il m’a √©t√© tr√®s b√©n√©fique de discuter avec divers avocats sp√©cialistes des licences libres, pour mieux comprendre leur volont√© de prot√©ger l’entreprise pour laquelle ils travaillent et comment ils devaient le faire dans ce contexte. Et r√©ciproquement, je sais que les informations techniques et exemples parfois complexes d’agr√©gats de composants logiciels les aident en retour √† mieux tenir compte des cas particuliers qui peuvent se faire jour. La communication sur ce sujet doit d√©passer dans l’entit√© les structures classiques et fonctionner comme une communaut√©.

Du reste, la seconde sp√©cificit√© du logiciel libre est le fait qu’il est d√©velopp√© par une communaut√© de personnes partageant un int√©r√™t pour ce logiciel. Il en existe de toute taille (d’un d√©veloppeur assurant tout, jusqu’√† plusieurs centaines de personnes comme les larges fondations comme Apache ou OpenStack). Etudier une communaut√© avant d’utiliser le composant libre qu’elle produit est une bonne pratique pour avoir des informations sur sa vitalit√©, son organisation, sa feuille de route, en plus des caract√©ristiques purement techniques du composant. Certains sites comme Ohloh peuvent aider √† se forger une opinion dans ce domaine, pour les projets suivis. De m√™me qu’il peut √™tre alors pertinent de se poser la question des modes de contributions en retour. Cela peut consister en des correctifs, du code apportant de nouvelles fonctions, de la documentation, des traductions, une animation de communaut√©, de l’achat de prestation intellectuelle aupr√®s de professionnels oeuvrant sur le composant ou un soutien financier √† l’organisation d’un √©v√©nement permettant le rassemblement physique de la communaut√©. Certaines entreprises, comme la Compagnie Nationale des Commissaires aux Comptes t√©moignent de leurs contributions en retour envers un projet tel que LibreOffice.

Comme pr√©c√©demment, chacun de ces aspects pourra faire l’objet d’une √©tude dans le volet Open Source de la Gouvernance Informatique. On notera que la gestion de la propr√©t√© intellectuelle sera √† consid√©rer tout particuli√®rement pour les contributions sous forme de code, et en liaison avec la licence utilis√©e. Mais cet aspect peut aussi avoir un impact sur les contrats de travail des employ√©s, des co-traitants, des stagiaires, afin de d√©terminer sous quelles conditions leurs contributions sont autoris√©es.

Encore une fois, il s’agit d’inciter les entit√©s utilisatrices de logiciels libres √† ne pas se contenter d’√™tre de simples utilisatrices de FLOSS, mais √† √™tre actrices de l’√©cosyst√®me et √† contribuer √† leur tour √† l’am√©liorer en s’int√©grant dans les communaut√©s. Le dynamisme actuel autour des FLOSS est le fait du soutien tr√®s actif de nombreux utilisateurs. Pour ne citer qu’un exemple, on regardera la synergie cr√©√©e autour du projet GENIVI par ses 120+ membres, dont de nombreuses soci√©t√©s hors secteur informatique.

Enfin la derni√®re sp√©cifcit√© du logiciel libre est la m√©thodologie de d√©veloppement utilis√©e par la communaut√©. Quoiqu’elles soient toutes attach√©es √† l’acc√®s au code, elles varient √©norm√©ment d’un projet √† l’autre, en fonction de sa taille, de son style de gouvernance, des outils utilis√©s et de son historique. Mais il est important pour une entit√© qui souhaite interagir avec une communaut√© d’en comprendre la culture. Si le noyau Linux a une m√©thodologie organis√©e autour d’un “dictateur b√©n√©vole” (Linus Torvalds) qui prend les ultimes d√©cisions et de ses lieutenants, nomm√©s, en qui il a toute confiance pour prendre les d√©cisions concernant une branche de d√©veloppement, d’autres projets comme OpenStack cherchent √† adopter le mode le plus “m√©rid√©mocratique” en proc√©dant √† l’√©lection des repr√©sentants techniques des branches du projet par les d√©veloppeurs, et √† celle des repr√©sentants au conseil d’administration par la totalit√© des membres de la fondation, quels que soient leurs r√īles. Le processus d’int√©gration continue d’OpenStack implique des √©tapes pr√©cises pour y ajouter un patch par exemple. Cela n√©cessite d’abord une application sur l’arbre courant sans erreur, avant de devoir recevoir deux votes positifs puis de satisfaire le passage de l’ensemble des tests automatiques pr√©vus. Et ceci s’applique aussi bien aux repr√©sentants techniques des branches du projet qui proposent des centaines de patches par an, ou au contributeur occasionnel faisant une modification mineure de documentation. En revanche, celui qui souhaite soumettre une modification sur le noyau Linux devra passer par des listes de diffusion o√Ļ les √©changes peuvent parfois se r√©v√©ler vifs, et s’adapter aux desiderata potentiellement diff√©rents des mainteneurs de branches.

Bonnes pratiques de gouvernance FLOSS

Face √† tous ces aspects de ce monde foisonnant, certaines bonnes pratiques simples peuvent permettre aux entreprises de faire les bons choix et de s’assurer une utilisation optimale des FLOSS en en tirant le meilleur profit sans mettre √† risque leur bonne r√©putation par des actions mal vues des communaut√©s.

Une premi√®re bonne pratique peut consister √† cr√©er un comit√© Open Source. Par exemple, pour un grand groupe, il peut √™tre utile pour la direction g√©n√©rale de nommer des repr√©sentants des diff√©rents services (achats, ressources humaines, informatique, technique, juridique, propri√©t√© intellectuelle) pour d√©finir la politique √† mettre en place. Ce comit√© devra se r√©unir r√©guli√®rement, tant dans la phase de d√©finition de la partie Open Source de la Gouvernance Informatique, qu’ult√©rieurement pour la r√©viser sur la base des retours des utilisateurs et l’√©volution de projets. Il devra √©galement avoir les moyens associ√©s √† ses missions. Un groupe de travail du Syntec Num√©rique a d√©velopp√©, pour les aider dans cette activit√©, des contrats types pour leurs fournisseurs, leur demandant de pr√©ciser avec leur livraison logicielle, l’inventaire exhaustif des licences utilis√©es. Une pr√©sentation sur les contrats faite au sein de ce groupe pourra √™tre aussi consult√©e avec profit. La FSF France propose aussi des avenants de contrats de travail type pour les employ√©s contribuant √† des projets libres, et l’AFUL des mod√®les √©conomiques et financement de projets FLOSS ou de communaut√©s. Il sera ensuite facile de donner des missions et des pouvoirs plus √©tendus √† ce groupe de personnes quand l’utilisation des FLOSS augmente. Dans le cadre d’une PME, un correspondant FLOSS sera sans doute suffisant (comme il peut y avoir un correspondant s√©curit√© ou CNIL), t√Ęche qui pourra m√™me √™tre sous-trait√©e √† des soci√©t√©s specialis√©es dans le domaine.

Une fois le comit√©/correspondant nomm√© et la politique FLOSS √©tablie, il faudra pr√©voir des cycles de formations. D’une part pour le service juridique pour le cas o√Ļ il manquerait de comp√©tences sur le domaine sp√©cifique des licences libres. La soci√©t√© Alterway propose par exemple une formation par un juriste pour des juristes. D’autre part, en interne, aupr√®s de l’ensemble du personnel pour expliquer cette nouvelle politique FLOSS.

En parall√®le, il est important d’avoir une vision pr√©cise de l’utilisation actuelle des FLOSS dans son entit√©. Notamment pour v√©rifier que leur utilisation est conforme aux licences sous lesquelles ils sont utilis√©s. Les non-conformit√©s sont plus souvent d√Ľes √† la m√©connaissance qu’√† une r√©elle volont√© d’enfreindre les licences. Cette t√Ęche peut para√ģtre fastidieuse de prime abord, mais elle est √† mon sens fondamentale pour se pr√©munir, en particulier si votre activit√© vous am√®ne √† redistribuer du logiciel √† vos clients. Heureusement des outils existent pour automatiser ce travail d’inventaire et faciliter l’analyse des licences utilis√©es. Le premier √† recommander est libre: FOSSology a √©t√© d√©velopp√© par HP pour son utilisation interne, puis rendu libre en 2007 sous licence GPLv2. Il collecte dans une base de donn√©es toutes les meta-donn√©es associ√©es aux logiciels analy√©s (il peut traiter des distributions Linux enti√®res sans probl√®me) et permet l’analyse des licences r√©ellement trouv√©es dans le code depuis une interface Web. De nombreuses entit√©s outre HP comme Alcatel-Lucent, l’INRIA ou OW2 l’utilisent, y compris pour certains, en couplage avec leurs forges de d√©veloppement. Mais son acc√®s libre et sa facilit√© de mise en oeuvre ne le r√©serve pas qu’aux grands groupes et il devrait √™tre syst√©matiquement utilis√© comme compl√©ment naturel d’un gestionnaire de source, ou d’outillage d’int√©gration continue. En compl√©ment, des outils non-FLOSS peuvent √©galement aider √† ce travail d’inventaire en donnant acc√®s √† des bases pr√©√©tablies de composants connus et d√©j√† inventori√©s et fournissent de nombreuses autres fonctions. La soci√©t√© fran√ßaise Antelink, √©manation de l’INRIA, a d√©velopp√© une grande expertise dans ce domaine et a coupl√© son outillage avec FOSSology. D’autres acteurs tels que Blackduck et Palamida ont √©galement un outillage compl√©mentaire √† consid√©rer.

On pourra de plus prévoir ultérieurement un mode de déclaration des usages de FLOSS, voire, si les requêtes sont nombreuses et régulières, créer un comité de revue spécifique en charge de les évaluer et de les approuver.

Enfin certains documents de r√©f√©rence tel que le Guide Open Source du Syntec Num√©rique, les fondamentaux de la Gouvernance des logiciels libres, la vision des grandes entreprises sur la gouvernance et maturit√© de l’Open Source et le site de r√©f√©rence FOSSBazaar pourront permettre un approfondissement des sujets √©voqu√©s et donner des bonnes pratiques additionnelles quant √† la mise en oeuvre d’une gouvernance Open Source.

Et pour ceux qui souhaiteraient √™tre accompagn√©s dans la d√©marche, des soci√©t√©s telles que Smile, Alterway, Linagora, Atos, Inno3 ou HP disposent de prestations d’aide √† la mise en oeuvre d’une gouvernance Open Source. Mais que vous le fassiez seuls ou accompagn√©s, il est temps et j’esp√®re que cet article vous aura donn√© quelques clefs pour int√©grer l’Open Source dans votre politique de Gouvernance Informatique.

(1): Dans tout ce document, on utilise le terme de FLOSS comme terme g√©n√©rique recouvrant aussi bien la notion de ¬ę logiciel libre ¬Ľ, ¬ę Free Software ¬Ľ qu’¬ę Open Source ¬Ľ, tout en sachant que des nuances existent.

Meet at HP ExpertOne Technology & Solutions Summit

2014/01/22

For those of you working for an HP value added reseller (VAR) and attending the HP ExpertOne Technology & Solutions Summit on Barcelona from the 3rd to the 7th of February, feel free to meet during one of the session I’ll (co-)deliver:

For those of you wondering why project-builder.org and MondoRescue versions are not published more regularly, that gives you a hint ūüėČ

See you there to talk of these subjects or something else as you see fit. I’m around the whole week.

Last Day at Linux.conf.au

2014/01/21

Those interested by the previous part of the story can read the previous article on LCA14.

Time goes quick ! It was already time to pack and prepare to fly back. But before, a full day of interesting sessions was ahead of me.

Keynote at LCA

And the first one, the keynote, was particularly impressive. EVen if I must confess that space never really made me dream that much (sorry dale !), I was pretty impressed by the work done to send 15cm3 satellites, that Jonathan Oxer called ArduSat (in reference to the Arduino project), and the willingness to open source everything.

Jonathan Oxer with an ArduSat

Jonathan explained how he worked with the NASA in order to be able to launch his stellites alongside a more “normal” one, in order to benefit from an existing launch. I think that his idea to make them accessible to schools so they can create their own usage of such “tool”. He also underlined that satellite are still considered as a weapon in the USA and thus it wasn’t possible for him to disclose all what he would have liked to do. He mentioned that he is working with Bdale Garbee on trying to relax this.

ArduSat goal

I then attended a session on “Building APIs Developers Love”. While the presentation gave good overall recommendations, I’d have expect a bit more concrete examples, mention of tools to help you doing so, and a bit more code examples.

Darcy Laycock

After this, I was again more interested to follow closely what happens on the OpenStack side, so I followed the 3 sessions around that topic which were following.

The first was from Robert Collins, HP around Diskimage-builder. I was curious to see the commonalities with what I do around MondoRescue. But in fact the tool is really focussing on an OpenStack environment (as it should !) and they don’t need to manage physical setup, as they target virtual machines (IIUC). Also they really build the target image, not analyze an existing content to create an image from it, so the architecture i pretty different. For example when looking at their way to get the kernel needed, they use a qcow2 container in which they look for the kernel they want. On my side, I look in the local file system to do the same. So this shows that we could probably merge some techniques used, but it would take time and need some work. Maybe I can take that in account when refactoring mindi’s code, as I started to do with the new 3.0 version.
Anyway, again another tool to put on the TODO list and to look at.
Robert Collins

Next one was about Log content analysis in the continuous integration process of OpenStack by Clark Boylan, HP. Clark explained the tools they used and integrated to support this activity (Gearman, Logstash, and ElasticSearch), and as usual in the open. In particular, he showed how to extract useful information from billions of lines of log in their CI process.

Clark Boylan

Finally, the last session was on Bare metal provisioning with OpenStack by Devananda van der Veen, HP, who is the PTL for this Ironic project. Again my interest is also in relationship with MondoRescue which does similar stuff. But yet again from a different angle: deploying OpenStack with OpenStack. The project is still new, but progressing rapidly. It aimed at replacing crowbar typically. I really like the way Devananda present as I feel much clever at the end of his presentation, as this is always very clear and easy to get ! He even finished earlier his talk (which was very convenient for me as I had to leave quickly to catch my plane !). He could hav used that time for a short demo (I like demos it help me understand better !)

Devananda van der Veen

As you can see, HP’s involvement in OpenStack is really strong and not only throwing money in the project (thing that we also do !) but bringing expertise, project lead, build resources, code to it.

UWA
LCA is really a great event, focussing on various Open Source and Linux communities. It’s also one of the oldest worldwide, and the locations are always very nice, and people are just awsome there ! That’s why I’ll continue to submit proposals and hopefully be able to attend again in the future if they are retained. However, while I think that LCA’s reputation is well deserved, I think the largest event today for our communities is FOSDEM in Europe, attracting more than two thousands people each year only over a week-end however, but maybe without the same involvement of the Linux Kernel community. I won’t be there this year due to a conflict with another HP event, but I also recommend you to attend as a lot happens there as well.

LCA

Reminder, all the photos I took during the event are available at https://plus.google.com/photos/+BrunoCornec/albums/5966194867275136465

Day 4 at Linux.conf.au

2014/01/19

Those interested by the previous part of the story can read the previous article on LCA14.

This time, even if still tired by night work, I had to be on time in order to attend the keynote.

Matthew Garrett's Keynote

Matthew Garrett was talking about Security in general Secure Boot in particular (a subject he has been covering for a long time now). This was complementary to the Keynote given on Day 1. Matthew insisted on the need, in a post Snowden area, for technologies such as Secure Boot to improve Security which are more and more turned on by default. Having a trusted and verified boot chain is a critical aspect of system security, which Secure Boot provides. And this letting users replacing their keys, so leaving freedom to them (on x86). And today Linux distributions are indeed supporting pretty well Secure Boot on UEFI, as I was able to test myelf during the UEFI Plugfest we had last year. Matthew posed more questions in fact than he gave answers around security: What level of trust to have for hosters, Software or HyperVisors or or Firmware or Hardware manufacturers. Of course as he said rigtly “Imperfect security is better than no security” and he mentionned that most of the attacks are model specific, so we may still have a certain level of trust in our platforms. He also reminded that Security agencies may not be the biggest concern with regards to security.
And BTW as Matthew said “if we don’t trust our Hardware, then why are we running a computer”.

I found that keynote very relevant, and making you think once more to how you treat security and how you can do that better to protect your contents.

Matthew Garrett

After the traditional morning coffee, during which people exchange on various topics of their choices such as shoes, it was time to attend the 2 sessions of the morning.

Coffee pause

The first was on Python Packaging 2.0 by Nick Coghlan which I was curious to see in order to measure the impact on project-builder.org. Unfortunately, it went rapidly into a lot of concepts intimately linked to python, which I’m not savy enough in to follow closely and PEP proposals of evolutions I’d need to read before being able to understand stuff better. So with a doubt a good presentation, but I wasn’t the right audience ūüėČ

Nick Coghlan

And that was the same with the next one. Very good presentation from Katie Miller on functional languages (and in particular Elixir), but that’ very far from what I do and know. I hadn’t a better choice for that time slot, so at least enjoyed the pictures she used.

That was much better after lunch for me. The first session was full, and after having seen it I undertsood why !

Full session on mosh

mosh belongs to this category of small software that rapidly becomes mandatory in your environment. If you use ssh, and screen to manage disconnecitons, then mosh is for you. What does it do for you: well it uses ssh to login to your remote system and after that it does communicate with it using UDP on another port, and keeps the connection available and ready to use, even if you disconnect, and reconnect from another IP e.g. Typical usage when you hibernate to go back home. It also echo locally characters, and underline them when they are also received on the other side. The demo was pretty impressive from that perspective. I alwyas found scren annoying as unable to keep my keyboard shortcuts and here, mosh does the job for you. The only point is that you need an open port on your firewall to go through with the UDP dialog, but that’ a light drawback I’m ready to accept to benefit from the services it provides. Ah; and ^C is just immediate ! That was really a useful and great presentation. Thanks Jim Cheetham to make it obvious it was the tool I needed !

Jim Cheetham

The next session I chose on Petitboot, was also a good one. Again the principle is easy to understand: what if you were using Linux (the kernel) as your boot loader ? Instead of redeveloping each time driver support for each boot loader, and dealing with bugs already solved in the Linux kernel. Thats’ the simple yet powerful idea behind Petitboot. Jeremy explained clearly the advantages of his approach such as native support of a network stack and easy addition of client protocol for http, ftp, nfs… From that initial kernel acting as boot loader, the launch of the “real” kernel is done with kexec. Definitely worth exploring. So again added to my TODO list which never gets empty !

Jeremy Kerr

After the afternoon pause, it was time to go to Bdale’s session. I arrived early in the room, and that was a good choice as 5 minutes before the start the room was completely full, and they prevented more people to enter.

Full room for Bdale

He explained that when the LCA organizer contacted him for a talk in 2013, he was still sorting issues folliwng the fire disaster which occured to his house and wasn’t really thinking to a talk for LCA. But they convinced him to just talk about that, as they really wanted to have him onboard. So that was indeed not a technical talk on IT, rather a technical talk on life during and after such as disaster. That was a shoking story of course, and Bdale, despite the humour he always keep in his talks, was touched even months after the event when he told us the story. He also gave some hints in order to keep important papers outside of the house, or scanning them to keep them on a mobile computer you can get with you. Surprisingly (for me) he insisted on insurance contracts and the good choice he made without really realizing it when he was younger. Maybe insurance company explain more to us in Europe consequences of such choices when we do it. As I’m a bit paranoid on valuable data, I already have scanned docs of the most important ones, and the backup copies I do regularly on a laptop nd on a server to always have many versions of the file for both backup and disaster recovery purposes. Maybe my work oN MondoRescue made me that way ūüôā Bdale received a lot of help from the community during this period and he concluded by saying that people were awesome and he was really meaning at the tone of his voice. Pretty moving presentation I must confess.

Bdale Garbee

I didn’t attend the last session of the day due to a call with my daughter and later I attended the Dinner for Professionals, where I passed most of the time discussing with Thomas Petazzoni again. Robert Collins was HP’s representative to introduce the session and he did it that shortly and with lots of energy !

Robert Collins

Waiting now for the last day !