Posts Tagged ‘Open World Forum’

Paris Open Source Summit maintained


Despite the barbary that occured last friday in Paris, the Paris Open Source Summit (merge of Solutions Linux and Open World Forum) will happen next Wednesday and Thursday, respectiveley 18th and 19th of November 2015 in les Docks Pullman.

I’ll be leading the track Cloud, with a great program and speakers list detailing use cases as well as various tools, approaches, especially on OpenStack. I’ll also deliver a session (even if not on the web site at the moment !) on HP Helion OpenStack.

See you there and let’s continue to talk about freedom, and not only in software !

Open World Forum: improvements needed as well as for the french FLOSS ecosystem


Maybe it could be strange to speak about improvements whereas the event has not yet started, but there are already clearly areas where improvement will be needed if the event wants to continue being a reference one at least in France, and more over at european level.

For such an event, the Web site is key. This is the external face to the world. This year, up to last week it was a complete mess, without valid information. When I announced my various activities during OWF 2014, I gave some links to that Web site in order for people to be able to read more info. As of now, none of these links work anymore 😦

I’ve seen many times requests to update some content with what we were provideing without effect. Looking at the current agenda, I don’t see one of my sessions anymore, timing have changed also in between, … The change of location compared to last year is also a regression from an exhibitor point of view: The Eurosite site has no real structure to allow booth to be managed in a correct way and attendees to encounter sponsors on their booth in a nice way. I can ensure you that it’s very different compared to most events I’m attending such as LinuxCon e.g. where I was this month.

While different, the Solution Linux Event never exhibited such issues. Of course, the program and its role are different. I heard that the idea of uniting forces around a single event was considered. It could be beneficial wrt sponsors, reinforce the impact of the event and attract more audience, more contributions, enlarging the scope by uniting programs which do not overlap too much, proposing a real exhibition area, including communities as well as professionals. Also it could help having a larger group working on the overall program (I’m part of the Linux Solutions conference board, but even if I proposed many times to help, was never really included in the OWF’s one) so each could focus more on its area, and also have a larger set of permanent staff to help with the overall organization and communication.

I look forward to such an evolution and would be very supportive of it. I’m then ready to convince HP as well to continue to sponsor such a central event in France, whereas under its current format, I doubt it could be the case next year of OWF alone.

I’m also thinking it could help the french FLOSS ecosystem to speak with a stronger voice and be listened more by enterprises and the government and the various administration bodies. Today no serious infrastructure solution can be deployed without FLOSS components: Web based technologies, Cloud, Big Data, Software Defined Enterprise, Security, Virtualization (including NFV), SDN, … So it’s really time in France to stop the useless battles between FLOSS companies and unite all of them behind whatever structure that will be representative (such as the CNLL e.g.) to have a stronger voice and develop jobs, companies and business in our country at least. While supporting the OWF 2014, I don’t see the Open Source group of the Syntec Numérique able to play this role. It used to when the right people were involved, it’s not anymore (I know a bit attending the meeting through a conf call system), and hasn’t produced anything useful to the ecostystem since this guide IMO.

The french community of companies delivering FLOSS services/integration/software (the FLOSS providers, term advocated by Laurent Seguin which I like or the incubators I proposed earlier) shouldn’t stay quite: their customers need that they speak with a strong and united voice to defend their ideas and show the advantages of their solutions.

If you want to talk of that or anything else related to Open Source, feel free to come to one of the sessions I’m involved in… if the agenda is indeed correct (and timing respected as everything is very dense) you should find me speaking of FLOSS governance in Namur room at 9:00AM, collaboration in OpenStack at 11:15AM in room Luxembourg or OpenStack community in room Amsterdam at 12:10AM.

Or if you’re still there next week, during the OpenStack Summit, I’ll be at the HP Expert Bar session and around till Friday morning.

Speaking at Open World Forum 2014


So I’ve again been retained as a speaker for the upcoming Open World Forum 2014, which is back in Paris. I was expecting it, as Martin Michlmayr confirmed my proposal on “Open Source Governance: what’s hot?” in the Legal and licensing aspects of open source track. This will be Friday the 31st of October between 1:30 and 3:30PM.

But I’ll also be a panelist in the “Control Your Cloud” track lead by Jean-Pierre Laisné, in a round table dedicated to OpenStack and the coopetition ecosystem around it. I’m right now building the panel with Jean-Pierre, so will announce the list soon. This will be Friday the 31st of October between 4:10PM and 6:10PM.

And finally I was really surprised looking at my info to see that I also had another talk accepted in the DevOps / ALM track lead by Jonathan Clarke ! I’ll talk about “Continuous Packaging with docker and”. Well, my demo, which is due for LinuxCon EMEA, should then be ready and fully working as well as my slideset and content which I still need to develop ! This will be Friday the 31st of October between 9:00 and 12:20AM.

So a busy Friday as it seems. But I’ll also be there on Thursday, and hopefully as well for the OpenStack Summit the week after, but I don’t have a seat for now, so let’s see…

As usual, you can catch me at the end of the talks (even if this time, I won’t have as much time as in other events) and discuss about what you’re interested in that is also of interest to me !

Attending OWF and LinuxCon EMEA in October


I just know it since yesterday, but I’ll be attending Open World Forum 2013 in order to have multiple customer and press related meetings next week near Paris. If you want to talk about Open Source at HP, Linux related topics such as continuous packaging or disaster recovery, you should find me on the HP booth. Won’t speak this time but will also surely be around the governance track.

I’ll also attend LinuxCon EMEA 2013 in Edinburgh later this month. This time I’ll speak about an ITIL Open Source solution stack I’m involved in for a customer, and will explain how you can today, by combining the appropriate tools such as iTop, Centreon/Shinken and OCS/Fusion Inventory set up the bases of an ITIL compliant Open Source management environment, full featured and highly customizable.

Again feel free to come and talk about anything I’m able to reasonably talk (including early music if you want ;-))

Third Day at OWF 2011


Last but not least day at OWF this year. Yep, this is a saturday, but this was the code time for me, so probably the most interesting no 😉 ?

I started the day my making first 2 interviews for the WebTV of the event, one in french and another one in english explaining Open Source at HP. That’s what you get by sponsoring events 😉 So now, my kids can compare me with every other product seen on the TV !! By the way, it allowed me to understand that the professional video world is still unable to use FLOSS only technologies to perform such activities, and if you have spare time, and no defined project to work on, that would be a great addition to our community.

Then it was time to attend the sessions of the day and take some notes to share with you.

Lua and its ecosystem by François Perrad.

Lua is developed in Brazil using a closed development approach (just tar balls), even if it is Open Source since 1993, under the MIT license (which François underlined as important for its adoption by the embedded applications).
It’s a scripting language, fast, powerful and lightweight.

v5.1.4 is the stable version (from 2008)
v5.2 is now ongoing
(Some people still use v4 for its C API and the apps developped with it)

The language is concise but powerful: EBNF Grammar of 1 page and a Reference manual of 100 Pages (with C API, and libs included). It is 12.5 kLOCs and the binary size is 150 kB.
There are only 8 types and 21 keywords.
Lua has a table type like a hash, which allows to make everything.
It also has a userdata type to manipulate C structs/objects e.g.

Lua is portable (written only in C89 – but C++ compatible)
It exists for Linux, OSX, Windows, Android, iOS and Lego (eLUa). Other implementations exist: LuaJIT, LLVM-Lua, MochaLua, Jill (Mobile)

Lua is small but powerful (such as perl, python, ruby, subject of this conf) – It supports regex
François then showed examples of factorial and fibonacci programs written with it.
It is very easy to embed with C programs.

Lua modules are heterogeneous (no CPAN), so build, doc, test and packages are multiple.
Lua has Modules such as sockets, POSIX, XML, DB, wxLua, GTK, JSON, Corba, …

François gave then some application examples: textadept (text editor, 2kLOC C + 6 kLOC Lua), Wireshark (added scripting support with Lua), awesome (Window Manager), redis (key/value tool, server side scripting with Lua)
Lua has too few sponsors: Adobe (Lightroom), SocialMediaPress, CSTUG, OCé.

François complained that there is not a lot of return to the community in term of code from these sponsors. But after all, my take on this is that this is certainly due to the choice of license (permissive) and of development model which doesn’t invite or force contributions to be brought back. One of the reason I chose the GPLv2 for my projects. Clearly it seems interesting if you need to add scripting support to a software. now, IMHO not done to develop applications directly.

Colin Charles (Monty Program AB)
Chief Evangelist on MariaDB (he left when Sun bought MySQL)

Charles gave 3 conferences during the day to paint n state of the Art of MySQL and its ecosysem.
He started by presenting the MySQL Diaspora

Charles started by some MySQL history.
The MysQL release policy is: alpha, beta and GA. 5.0 was released in 2005.
InnoDB was bought by Oracle in 2005, which created problems. The Falcon engine, which was targetted for 6.0, was the solution but it never saw the light.
5.1 was released in 2008. Lots of bugs were present due to an early release and lack of tests. 5.2 was canceled (It should have been open to community contribs)
5.4 was the next release in the roadmap in 2008.
In 2009, Sun was bought by Oracle. As a consequence 5.4 & 6.0 were canceled.
5.5 was realeased in 2010.
5.6 is available at (2011).

InnoDB + memcached in front of it, is the NoSQL approach taken (even if Oracle doesn’t believe in NoSQL, surprise, surprise !!)
Half of the downloads at were for Windows. But most people on Linux, OSX, BSD use the packaged MySQL from their OS which thus reduces the number of downloads for these platforms and gives a wrong impression of the usage. Secondlife e.g. used MySQL out of Debian.
However, distributions tend to include only a small subset of MySQL features. There are only 5 engines compiled in Fedora/RHEL !

Charles underlined that the real uniqueness of MySQL is its ability to use multiple engines very easily (more on that in a dedicated conference below).
He detailed the commercial ecosystem around MySQL for add-ons (InfoBright, TokuDB, ScaleDB, Nitro, SolidDB, RitmarkFS) as well as HardWare vendors too (Kickfire, Virident, Schooner – going away with Oracle) as well as 3rd party engines (that Oracle doesn’t like either)

Charles then gave definition of terms: Fork == do not merge back (Drizzle e.g.) – Branch: rebase all the time (MariaDB, Percona e.g.). He then expained the different MySQL children.

  • Percona started from 5.0 (it took Google/Facebook code on top of MySQL). So Percona is MySQL with InnoDB enhancements (coming from FaceBook/Google) and minimal server changes. They have 1000+ customers in the USA. They provide more fine grained diagnostics. (Google uses MySQL/Percona for Adwords). It provides FlashCache which makes it a great offering for SSD support. They also provide the Percona Toolikit (lots of perl scripts, it is the former maatkit UDFs) to make admin life easier. Their business model is mainly around consulting, and some support.
  • Drizzle is based on MySQL 6.0 whiwh was never released. It took them 3 years to release the GA, just recently, aimed to be the RDBMs for OpenStack. However, due to the time it took, OpenSTack now uses SQL Alchemy which supports multiple RDBMs. Drizzle is Unix only – No Windows. Drizzle has a Micro-kernel architecture so everything is a plugin (including optimizer, query caches, …). Fully written in C++ now (no C anymore), it targets Cloud. It uses a lot of other FLOSS tools (including Google Protocol Buffer). Patches from MariaDB are difficult to integrate as it’s a fork.
  • MariaDB started from 5.1, and is now with 5.5/5.6 also including Percona patches and abandonned patches. MariaDB is Percona and more storage engines and lots of improvements (including µs precision, extended stats for slow query log, threads pool support (eBay), pluggable authentication, virtual columns, NoSQL, subqueries (finally in 5.3 !!), GUI for Windows).
  • Other branches are OurDelta (pet project – died), MepSQL (just Facebook patches, died), XAMPP (Windows)

For NOSQL in MySQL, use MariaDB ! Its HandlerSocket provides 700000 queries/s vs 400000 queries/s for standard MySQL. It also provides Dynamic Columns, memcached interface to InnoDB and NDB (only in the labs of MySQL, MariaDB is waiting for publication to include it – droped in 5.1, maybe back in 5.6/5.7)

MySQL cluster is an external product, which will probably be integrated in main tree with version 5.6/5.7.

From a support perspective, many companies can deliver it: Oracle (MySqL ent), Percona (MySQL, Percona, MariaDB, Drizzle), SkySQL (MySQL, MariaDB, Drizzle, distros), and many others.

Charles announced that just issued a press release about their migration to MariaDB.

He then underlined the difficulty to work with Oracle: There is no public roadmap for MySQL. MySQL is now OpenCore: threads (connection) pool is closed source (original patches from eBay !) with only API for community dev. PAM (AD plugin) code came from MariaDB and is now also closed source. InnoDB Hot Backup however has always been closed source. But xtrabackup is FLOSS. InnoDB has never been Open Source, and they are rebasing from what is published monthly.
These problems comes from the contribution agreement that Oracle forces MySQL contributors to adopt to integrate patches upstream, which gives them the possibility to close the code instead of integrating it inside the public version. Oracle is once again making foes here.

From a performance perspective, XtraDB in 5.5 > InnoDB in 5.5 > XtraDB 5.1.
Connectors remains 100% the same whatever the backend.

Scaling is the issue. Hopefully, working with HP on this we can help Monty programs make progresses on this side.
To a question I asked around Monty Programs, Charles explained that Monty Program is only developing around MySQL. Their business model is to sell 3rd level support and dedicated consulting around development. They have no interface with ordinary customers.

The ecosystem is now in fact split between multiple actors, compared to when MySQL AB was doing everything: Monty Program as the “Lab”, SkySQL for the support and Percona for the consulting, even if the last two overlap a bit.

I was lucky to lunch with Charles, so we could discuss into more details around the community, and some of the points upper were not presented during the formal presentation but are the result of my understanding during our talk. All mistakes are of course mine 😉

During the next session, I had a discussion with Charles Schulz, administrator of the foundation to get some news of this community, and they have lots of plans, some announces that will happen in October, but that I can’t reveal for now. Stay tuned however as it’ll be great !!

Then I attended the second session from Charles Colin around Storage Engines of MySQL/MariaDB

The main engines are: MyISAM, InnoDB, NDB (aka Cluster), Falcon (dead), Archive, Federated(X), Merge, Memory, and the one from Partners, Community, Customers…
The Engines list also includes AWS, OpenLDAP, CSV, Blackhole, Q4M (queuing mecanism), …

Charles then explained the default choices:
MySQL 5.5 => InnoDB by default, MyISAM for temp files
MariaDB 5.5 => XtraDB by default, Aria for temp files (more secure, as crash safe)
Percona 5.5 => XtraDB by default, MyISAM for temp files
Drizzle => HailDB (the only engine), MyISAM for temp files

The value proposition of MySQL/MariaDB around the various engines is unique. It brings flexibilty very easily, from ACID compliant InnoDB, to memory engine for performance, to archive which compresses data up to 80%
There are of course differences between engines with regards to storage (side note advise; use XFS), indexes, memory usage, transactions support (ACID), …
To see what engines are supported in your version, use show engines (12 present in MySQL, 10 in MariaDB)
Engines are plugins handled as loadable modules after 5.1.
There are some commercial engines: InfoBright (Data warehouse), TokuDB (cloud)
To use a specific engine with a table use: create/alter table … engine=XtraDB
Distributions tend to remove engines in their delivery (half only in Fedora/RHEL).

Indexes use all type of algorithms available: B+trees (InnoDB), Red-black trees (memory), R-trees (MyISAM) + hash indexes (memory, NDB, InnoDB).
For MySQL benchmarks, Charles recommended to use mysqlslap, to which I’d also tend to add the excellent HammerOra, which will allow you to make comparison with other RDBMs very easily !

Charles then explained the specifics of some engines:

  • MyISAM: excellent insert perf, small footprint, full text support. No transactions, no foreign key. Usage: log, audit, Datawarehouse. Was preferred earlier. Not usable with DRBD. Tuning hint: Use key_cache_segments = 1 in MariaDB.
  • InnoDB: for OLTP, raw disk support (useful for Windows). Tuning is also required. Use innodb_file_per_table good when locking, innodb_buffer_pool_size to memory*0.8 if dedicated. show engine innodb status gives more stats on MariaDB. InnoDB supports row & statement replication. Hint: Use a primary key (if not, it will be done for you)
  • Archive: good for auditing (can’t delete in it, only SELECT and INSERT), uses libz
  • Federated was disabled in MySQL but FederatedX has replaced it in MariaDB.
  • FederatedX: Used by Cisco to store centrally from routers. Good for synchronous replication.
  • Memory: loosing popularity in favour of memcache (BTW there is also a memcache engine !) Used for lookup, session, temp or calculation tables. Of course, when server goes down, rows are lost.
  • Aria: MariaDB only. Planned to be competing with InnoDB and was concurrent to Falcon (now dead). Crash safe MyISAM, may become ACID.
  • PBXT: ACID. Transactional. Good for SSD storage. Popular in Germany. Supports efficient BLOB. Should be more known.

To install a new engine just issue: INSTALL PLUGIN myengine SONAME ‘’

Charles reminded that a mix and match of engines is frequent.
He underlined that backup is engine dependant. LVM snapshots are a way to solve this.
Monitoring is also engine dependant.
Wordpress uses MyISAm, Wikipedia/mediawiki prefers InnoDB except search, SugarCRM uses MySQL.

Was time for me to take the mic ! and talk about
Continuous packaging with by Bruno Cornec (HP)

Brilliant presentation as usual 😉 Find it online and hopefully at where the Vidéo should appear soon.

Open Build Service by Vincent Untz (SuSE)

I stayed in the room to listen to Vincent, who insisted on the new name of the former OpenSuSE Build system which is now the Open Build Service (Vincent, I’ve now patched my presentation to be aligned ;-))

Even if goals are similar (building more easily packages and supporting a continuous packaging approach, there are still some differences I think between the tools. First, of course, language used to develop them (perl for and Ruby on Rails for obs), but also on pb side the willingness to share metadata across packages, in a VCS and providing a macro system to support it, the support of VMs *and* Virtual Environment* and now *Remote Machines*, with tools such as rpmbootstrap to help users managing them, the standalone aspect of the tool and it’s ease of deployment (just 3 perl packages + 2/3 deps max – fewer LOC). Also pb supports gentoo, and Solaris, and is very easy to extend as everything is now managed through configuration files.

Advantages on obs side are its great Web based interface, its reporting mecanisms, and its capability to rebuild projects based on modifications of other projects. obs announces a very large user base, and packages built, even if when you divide by the number of distro tuples it’s less of course. pb just supports 5 different projects so has a much less reduced installed base.

Vincent did a very good presentation, as usual, showing also how it had a positive impact on the OpenSuSE project by having all the build infrastructure rebuilt to be Open Source (GPL) in order to support the project. Another big plus of their infrastructure is their BaaS approach (Build system as a Service), whereas with pb you need to create it, even if it’s easy. However, Vincent underlined that OBS as BaaS is only accessible for Open SOurce projects. If you’re building other software types, then we are at parity as you need to deploy the tool in-house.

As I underlined at the end of my talk before welcoming Vincent, whatever the tool you use, what is the most important, is to promote continuous packaging, as a good practice of today for projects (Open Source or not). Everybody’s new mantra should become “package early, package always” !

Charles then made his last presentation of the day (busy guy !) on MariaDB.

He reminded that it is a branch of MySQL, community developped, feature enhanced and backward compatible.
Monty Program is the main sponsor of MariaDB (58% of patches come from Monty Program, 42% from commmunity members having commit access)

MySQL is now an Open Source/Core product not a project.
MariaDB is an Open Source project, with the goal to be 100% compatible and a drop-in replacement of MySQL.
It is stable (production ready) and GPLv2. XtraDB (vs InnoDB) is enabled by default.
Charles then covered the various versions published:

  • 5.1: Spend lot of time on build system (Buildbot + VMs 😉 for 5.1. No compiler warnings (contributed back). Table Elimination (aligned with big RDBMs) improves perf. Pool of threads (or connection pool, good for short running queries).
  • 5.2: Pluggable authentication. Easy to write in 1/2 days AD auth/PAM auth as Oracle published recently. Virtual columns. Includes ShpinxSE (Full Text Search Engine)
  • 5.3: NoSQL (HandlerSocket – direct access to InnoDB in perl DeNA, Dynamic columns, Group Commit, Replication, mytop, optimizer, optimized subqueries). That code may not be given back to Oracle due to Oracle recent announcement.

Everything done in the open, ML, bugs, IRC, code, worklog, KB (1400 articles in 1 year, cc-by-sa) …

Future: GIS. Merging takes more and more time. Future may be to fork to solve the Open COre MySQL approach, which would be IMHO good news for the FLOSS world, as it was sith LibreOffice e.g.

Blocks in perl6 by Christian Aperghis-Tramoni

A real course on how perl6 manages some blocks (functions where particularly detailed). Not a lot of notes, here as everything is online, and this was mostly code explanations, so I prefered to follow, rather than taking useless notes that nobody would read anyway ! What I mostly retained is that perl 6 brings some huge differences with regards to perl 5, certainly in the good direction, but will need an adaptation from old perlers such as myself, not following closely perl 6 development as Christian, and also that it’s not yet ready for usage, as lots of features are not there yet, and no optimisation is available, so from a production perspective, it’s unusable now. Perl 5 has for sure a very long life in front of him 🙂

All in all, OWF 2011 was again a great event. However, I would prefer for next year that they concentrate mostly on the Think part, which is quite unique to this conference and makes all its value, whereas code and experiment are already well represented at RMLL or Fosdem. See you there next year hopefully !

Note: Some of my photos related to this event are now available at

Second day at OWF 2011


Humm, took me way too much time to finalyze my notes, but here we go…

After the very dense first day at OWF, I attended again in the morning the Keynote sessions.

Mark Shuttleworth was brilliant as usual. Even if I disagree with his approach of time release (and told him once ;-)) he is an inspiring person, having a vision, that he shared during his “Next five years of cloud and client computing“, and … loving Paris which makes him even more sympathic to french people like me ;-).

Of course, it was more difficult for Nils Brauckman, the SuSE representative to follow him. Which doesn’t mean anything on the qualities of the respective products. Just about their representatives.

The Open Source in the Mobile ecosystem roundtable which followed was covering Android & Meego. I found it valuable, as not being follwing closely this domain, I learned quite a few things,among them the fact that Android still has openess issues, particularly in term of community management, and upstream work. For Meego, these problems do not arise, but the adoption is less obvious, which has since led to the Tizen announcement, 4 days after this event !! The round table also proposed the users view (JC Decaux) on mobile development (rarely presented).

Then Anne Nicolas presented a new company Hupstream and its specific position which is to help companies contributing back to upstream projects, where they don’t know how to do it. The team around her is coming from Mandriva, and is now behind Mageia, which gives them the required credibility to treat correctly with upstream communities, and bring back that experience to end customers for which this jungle seems unpracticle. I’m looking forward their first successes as their model looks promising, and they merit to succeed.

After that talk, I discussed a bit more with the Hupstream team to get fresh news on where they were, and it was after that time to meet with some HP colleagues for lunch. It may sound incredible, but I had not met face to face Didier Patry before, nor Hugo Roy so with Martin Michlmayr and Marc Picornell we ended up passing more time to know each other better, and exchange (sometimes horror) stories around FLOSS, Linux and HP. I really enjoyed that lunch (because I love chocolate ;-)) and due to the high quality of the particpants and their exchange of ideas. Very re-energizing !

Due to that, it was a bit late in the afternon when going back to the event, and as I had no precise session I wanted to see, I was looking around when Laurent Seguin invited me to follow him to a private meeting “Rencontre des Associations”, where various interesting discussions around FLOSS in France were held, which cannot be disclosed… yet.

We ended up at the bar of the OWF, always discussing with Laurent of our respective experiences with various projects and people, sharing again good stories. Laurent is passionate, and full of ideas to make our FLOSS cause progress, and he also contributed largely to the success of the OWF 2011, not speaking about his activities around the AFUL, as a president of that foundation !

It was then time, (again ! I know), to benefit from Paris to enjoy a second concert. This time, it was an early music one at the new Museum Quai Branly. I was lucky to hear one of the groups part of the “Chemin du Baroque” aka Caminos initiative lead by the K617 disc label around the re-discovery of baroque latin american music. The concert was given by the Ensamble Louis Berger (Argentina) lead by Ricardo Massun around Tupasy Maria, la musique baroque des indiens Charcas et Guaranis.

Again what a great day ! But not the last 😉

Note: Some of my photos related to this event are now available at

First day at OWF 2011 – Afternoon


After lunch, it was time to come back in the “Open Source for industrial users” track lead by Gaël Blondelle.

Increasing industries speed to innovate with FLOSS by Dominique Toupin, Ericsson

  • Dominique started by asking a question: Does speed really matter ?
  • He rapidly concluded that yes, of course. He gave some examples of projects initiated by Elon Musk, such as Zip2 sold to Compaq in 1999, Paypal. Or Tesla (Electricity car) and also SpaceX. All were very complex systems elaborated in a short time thanks to Open Source. Same is true for Google/Android.
  • You end up with better features by doing Open Innovation and teaming up experts from different companies.
  • This is also valid inside your company: whole greater than the sum of the parts. And you’re not locked in.
  • Only 15% of RFE are really implemented in commercial products. In FLOSS, when a feature is key, you can do it yourself or buy someoneelse’s time so that it is realized at 100%.
  • People tend to oppose FLOSS to commercial, make to buy. It’s not the case. FLOSS is commercially supported, so just take the best of both worlds to fullfill your need of speed.
  • Requiring tools across the whole chain (and expensive ones) slow down your service activity, whereas using FLOSS tools in development brings speed to the service part. And you gain time with existing knowledge from universities or company acquired.
  • FLOSS allows to dedicate the extra budget gained on licenses costs into the features you need.
  • E/// has an Open Source Core team.

A very pragmatic approch exposed by Dominique, showing clearly tradeoffs needed at industrial level.

Efficient and safe FLOSS strategy by Michel Ruffin, ALU (on behalf of Philippe Richard, VP of Corporate CTO)

  • Size matters: 79000 employees, 27900 patents, 27000 developers, 130 countries, numerous suppliers and outsourcing, multiple acquisitions per year (=> deal with legacy), life cycle from 1 to 20 years. Makes developing the Governance process “interesting”.
  • Trend towards becoming an integrator of FLOSS with more complex SW stacks, reducing however the development costs during time.
  • ALU’s strategy is going to FLOSS to remove supplier lock-in, much more than to reduce costs.
  • Between 20%-80% of FLOSS components in their products (40% in average). Importance to create internal communities to discuss FLOSS related topics. FLOSS adoption means innovation, speed, freedom, new business model (moving from a HW/SW supplier into a service supplier)
  • ALU is a contributor of FLOSS (even if not known). By paying providers (10+MUSD), providing patches/bug fixes to tools, Corba/Mico, Plan9. Also sponsoring OWF, FOSSBazaar, Systematic, OVA, Carrier Grade Linux (LF).
  • For ALU, it matters to respect the philosophy behind the words of the license and thus contribute.
  • Strong FLOSS Governance process started in 2002. Process evolving constantly (taking in account new techno/licenses/acquisition/…) 160 people trained 1 week to be FLOSS validators. 1000 people trained on a basic tutorial. 3500 FLOSS components in ALU DB. Clauses in supplier contracts (propagation to their own suppliers). ALU willing to share the governance process with other companies. ALU would like to standardize these clauses with the Compliance group of the LF.
  • R&D is declaring FLOSS usage. ALU is also automating the BoM by scanning code (BlackDuck/protex and FOSSology)
  • All this is available as much as possible on the Internet (However, I was not able to find easily the oprtal mentioned in Michel’s slides 😦)
  • On top of the process, you need to check that it’s applied (start with CxO, R&D – even if they think they know), Communication). Then improve the process, deal with exceptions, stay flexible, and stronger during time.
  • Resources to support the process needs to be allocated accordingly. Use tools to automate and to detect issues and inform executives.
  • Challenges around stuff like Maven, SPDX adoption, partnership with other companies …

ALU presented a strong Governance model, including now suppliers, and is willing to share best practices with others in order to improve the ecosystem. Network Equipment Providers are clearly taking seriously this area.

Business model of co-development on FLOSS by Denis Pillat, Service Delivery Manager for ALM at ST Microelectronics and Laurent Charles, Enalean

  • Custopmer (ST) funded the development and save on the maintenance by contributing to the product Tuleap (a FLOSS ALM).
  • Customers’ developments are also supported by the partner (Enalean).
  • Strong internal usage of the forge (120000/40000 users) so central, with requirements around robustness and availability (ran 24×7) and long life cycle, but with an improved TCO. If budget is cut, needs independance from provider.
  • ST is not an ISV, team role is to support deployment and integration in ST landscape.
  • Solution retained is a mix of in-house and outsourced solution.
  • Using and adapting a FLOSS costs as it requires backporting features each time with new versions, and ST is not scaled to cope with the rythm of a FLOSS project.
  • Code and features from ST are reviewed with Enalean so easy to integrate. The partnership is of good quality. And also good quality of contributions.
  • For ST, FLOSS increases motivation of contributors with their work recognized and exposition, and they work more on creative parts, and less on maintenance tasks.

I think the presentation would have been more effective if ST would have been the only speaker (or speak more). The track isn’t aimed at promoting companies, but really share return of experience around FLOSS adoption.

TopCased return of experience ( by Pierre Gaufillet, Airbus

  • Pierre first presented some characteristics of an airplane development in size throughout the years:
    • 4 kB for Concorde
    • 4 M for the A320
    • 12M for the A330
    • 500MB for A380
    • Life cycle: 40 years – A300 family (started in 1972 and production stoped in 2007 and support till 2050 = 78 years). Tools need to be there for a very long time.
  • Code is increasing. Quality is mandatory
  • Historically, development of their own tools to check quality. Not their core business. Moved to a buy approch.
  • Internal tools transfered to editors, who tried to sell them on larger scale, which failed as too costly and too specific. Some examples:
    • For Autan (Airbus name) => Attol (Marben) => Attol (Attol-Testware) => RTRT (Rational) => RTRT (IBM)
    • For RTRT they succeeded, but Airbus has anyway problems with the life cycle of this tool.
    • Scade (Airbus + Schneider) => Verilog => CS => Telelogic => Esterel Tech.
    • Geode (Airbus) => Verilog => Telelogic even died !
  • no more control on these tools by Airbus anymore. Sometimes can’t even buy a license anymore.
  • Topcased started in 2004. Reduce dev costs using model based System Engineering.
  • Integrated universities and academic partners.
  • Topcased aims to produce tools for embedded domain on critical system, on the descending branch of the V life cycle.
  • Community around topcased includes Airbus, CS, CNES, Thalès, EADS, Atos, AdaCore, INSA, EnSEEIHT, Toulouse Univs, Inria, Irisa, Laas, Onera at start. Now additional new partners such as Turbomeca, Continental, Obeo, Carnegie Mellon, CEA
  • 2006: First FLOSS release. (One year to solve licensing aspects)
  • 2007: V1.0 and then one major version per year synchro with Eclipse. Minor every 2 months.
  • 45 subprojects from model editors to code plan generator, model simulator to property generator.
  • 2011 first TopCased conference (> 100 persons)
  • Allows competitors to work jointly on components.
  • 12 components are in use today (A350)
  • However, an organization is missing to improve quality and IP control, maturity assessment, VLTS build system, roadmaps. OPEES (ITEA project) aims at fixing that.

I really like this presentation (that I first heard partly during the Think Tank 2010). It clearly shows the huge problems that software development still needs to solve in order to support such life cycles. Raises questions such as how to motivate a community to maintain software for so long time, typically. Also how to preserve build environement, especially when the hardware is changing as rapidly as it is today.

It was then time for me to change session and move to the Governance track lead by Martin Michlmayr.

I contributed briefly to a join talk with Antelink.

Tools for developers to ensure legal integrity of their code by Freddy Munoz, Antelink and Bruno Cornec, HP.

Freddy explained in more details what Guillaume covered in his talk of the morning, and went through the details of Antelink Notifier, Reporter and Search. For myself I covered rapidly FOSSology, giving its main features and also the latests developments realized. Of course, as the project is hosted by the Linux Foundation, as long as they keep the systems away from Internet for forensic, it will be difficult to have access to the project 😦 But hopefully, it will be back soon.

Identify the obligations of FLOSS by Benjamin Jean

  • a License (or contract) is a tool made of rights and obligations, a scope and trigger
  • Writers can be foundations or Companies
  • Number of licenses increases (70 referencesd by OSI, >50 by FSF, 1000 by Black Duck, 400 FOSSology)
  • Benjamin gave some statistics:
    • For Black Duck 43% is GNU GPLv2, 11% is MIT, 7% is Artistic
    • For OpenLogic 32% is Apache, 21% is LGPLv2.1, 14.4% is GPLV2
  • We need clarification: a common nomenclature (detailed and scalable) & descriptive
  • International standardization body is a good way, but very expensive, and not driven
  • Benjamin proposes a first classification based on obligations (to give, to do, to not do.)
  • Rights are harmonized across definitions (some more rights depending on licenses or some missing)
  • The real differences are around trigger, scope and obligations. Benjamin then detailed those:
  • Obligations have no common definition whereas a standard would be useful for projects, industry
  • Scope can be very limited (permissive), limited (GPL/GPL sometimes, CeCILL-C, MPL), standard/legal (EPL, EUPL, OSL) or large (GPL, CeCILL)
  • Trigger: Distribution (GPL), Usage (RPL), External deployments (AGPL, EUPL, …)
  • License compatibility could also be classified between limited and extended. Cf also work done at the Inria, described on their Web site in the Innovation part, Free Software then the guide.
  • This classification can also easily be valid across countries and thus not being dependant of local legal rules.

Benjamin’s approach was extremely sharp and that session was really deserving belonging to the ‘Think’ part of the OWF ! This approach by obligations could really improve the situation of licenses compatibilities and help all the actors of our FLOSS ecosystem.

I had still a bit of time to discuss with him, Martin and Marc Picornell before leaving the event and benefot from the fact I was in Paris to attend a concert at the Chatelet Theater performed by the National Orchestra lead by D. Gatti. Ravel, Dukas, Debussy and Enesco made a radical change for the end of the day !

You can see some of the pictures took during OWF 2011 at

First day at OWF 2011 – Morning


As usual, this event started with a number of keynotes in the morning. Eric Besson was, I must say, boring, just reading a paper, visibly without any idea of what all that was about 😦 Too bad he is the ministery in charge. When will France really take seriously IT and FLOSS in IT in particular !! When everybody is talking about debt reduction, FLOSS is such an opbvious way to contribute, that I’m still puzzled no political voluntarism is in place.

On the contrary, the region and the city showed more willingness to promote FLOSS and to report around their practice. Jean-Paul Planchou, and more over Jean-Louis Missika clearly articulated why FLOSS is so beneficial to the public sector, and why using FLOSS and Open Data is a no-brainer for a public policy, and thus why they will increase its adoption in the future.

Louis Montagne and Jean-Pierre Laisné then opened officially the OWF 2011. We then had a short presentation from Systematic, and jumped to the adoption of Open Data in UK by Nigel Shadbolt, which mentioned clearly that even if a governement doesn’t know what to do of some public data, a lot of citizens do know ! And develop tools to analyze them. This is not just about IT, but really about citizenship and politics in the original sense of the greek work polis !

Werner Knoblich, VP EMEA of Red Hat, then presented the Cloud offering at Red Hat and how its products were to the cloud, what RHEL is to a Linux distribution, or what RHEV is to KVM+libvirt… Stéphane Fermigier interrupted him during his keynote to mention that the Red Hat offering was not Open Source because he had been unable to download the software. Werner insisted on the fact it was as Open Source as the rest of what Red Hat delivers (as soon as it can) and that both CloudForms and DeltaAPI as soon they’ll be out of beta will be available largely for download.

Was then time to chose a session, and I picked up the “Open Source for industrial users” lead by Gaël Blondelle as I tried to contribute to its setup, and I’m interested by the topic, and the fact that some Governances talks were planned during it.
Here are the notes taken during these talks, and some personal comments.

Proper Tooling critical for FLOSS by Philippe-Arnaud Harranger, Atos (

  • FLOSS is attractive
  • Some risks involved (IP, disappearance of projects, security, licenses, …) and addressed by the Governance approach.
  • Need to audit. The key is a proper process. But without tools, they won’t be respected.
  • Mentioned various tools (Antelink, Blackduck, FOSSology, OpenLogic, Palamida, Protecode) – Indicated that most are commercial except FOSSology.
  • P.A.H. introduced Drakkr: methodology and tooling for the Governance, to address the various risks (IP, security, tracking). All this is FLOSS as well. It contains:
    • OpenSource Cartouche (alternative to SPDX). More easy to use, and more community oriented, rather than legal. License Cartouche. rights and obligations linked to FLOSS
    • QSOS is another part. Spider charts available to compare FLOSS components. Competitors openBRR, OSMM, Quallos seem at their end.
    • StratOS: maturity and Strategic analysis of a FLOSS. Based on QSOS.
    • eCos: financial indicators around FLOSS ROI, costs analysis, comparison with proprietay. Other tool is WIBE
    • Also mentioned NVD for security flaws analysis
  • P.A.H Insisted on the fact that tooling (whatever) has to be used to support the process and the governance.

I already mentioned Open Cartouche previously, and I find that whole work of creating a coherent tool set around FLOSS Governance interesting and promising. Probably needs more adoption outside of France.

How to help development team manage FOSS during the whole industrial process by Guillaume Rousseau, Antelink (

  • How to develop best tools for dev teams.
  • Antelink helps you keep control of your SW integration and supply chain. Spinoff of Inria. Inria a major customer (10000 users around the forge).
  • Guillaume mentioned the challenge of dealing with on-shore/off-shore dev teams, contractors and FLOSS.
  • Dev is generally made of internal code, 3rd party FLOSS & commercial and Outsourced dev.
  • Adressing licensing issues asap is key to reduce costs. So needs to be done at the software factory level.
  • Also management of updates and security is key as well (especially 3rd party components).
  • Dev team and lawyers should talk to each other. You have to provide the right tools for dev teams.
  • Antelink is Part of OW2 SQUAT (SW Quality Assurance and Trustworhtiness).
  • Part of the Linux Foundation Open Compliance program working on SPDX.
  • Provides a large FLOSS DB (~1M projects, yes 1.000.000, twice as much as BlackDuck !!). Around the database, they developed a tool suite: Antepedia Notifier, Search and Reporter.
    • Antepedia Notifier plugged around VCS to detect introduction of FLOSS components and act accordingly
    • Antepedia Reporter does on demand analysus and produces reports
    • Antepedia Search allows you to upload components and check their content.

Antelink is clearly to be followed closely, with regards to their ability to store the largest base of code and provide information out of it.

Good Governance drives Innovation by Andrew Aitken, Olliance Group (Blackduck) (

  • BlackDuck has 75% of the market.
  • FLOSS is ubiquitous (85% of enterprises uses it) => management complex.
  • Took Mobile market as an example of growth. Impact of Android (taking the lead in less than 2 years) also on competitors. Complexity of building a complete Smartphone.
  • It’s not easy to manage FLOSS. Need policy (succint, flexible), process and automation (management with spreadsheet doesn’t work anymore).
  • Process is: Acquire, Approve, Catalog, Validate and Monitor.
  • FLOSS ecosysem is too abundant, spread across multiple repos (own ecosystem), thousands of projects (own governance), however more demand for FLOSS developers time than what is available.
  • Transparency, collaboration, meritocracy and OSI licensing are the keys for communities to innovate.
  • Example of innovation:
    • Danish government with its portal.
    • AOL is revamping itself fully based on FLOSS.
    • US Veterans health system open sourced (5 BUSD allocated to it, they pay 0,5 BUSD just for support)
    • New areas: Open Source Ecology, Open Prothetics, Oilgae (algue eating oil), Open Cola, Tropical Disease

Even if Andrew (who is leading the Open Source Think Tank) has lots of connections in the FLSOS ecosystem, and generally interesting talks, this time I didn’t find the presentation much interesting. Too generic, not entering in any level of detail, probably too BlackDuck oriented (original speaker planned was Tim Yeates) and not speaking enough about FLOSS projects. A deception.

FLOSS licensing in the supply chain by Didier Patry, HP (

As an introduction, Didier introduced himself as leading a worldwide team of 12 persons working in Legal at HP around FLOSS. Dider then covered the following topics:

  • At HP compliance is not an option, it’s mandatory. Working with the HP open Source Review Board (OSRB).
  • IP infringement (Contract break) can be in some countries a criminal offense.
  • We could break HP’s reputation if we are not compliant with FLOSS license.
  • We’re seeing new license models coming up, creating compatibility issues.
  • This is also impacting all the digital information world (data, knowledge, …)
  • All that will keep lawyers busy (good for him of course :-).
  • HP puts requirements on suppiers around FLOSS compliance (our telco provider e.g.) which may not completely control the production chain.
  • Risk is not too much with our employees (trained), but with acquisitions (Autonomy e.g. atm) and procurement and the supply chain (thus the requirements on suppliers). Hard to scan fully. So need other way to manage the situation. So HP created a risk rate and identified high risk activities. Didier gave some concrete examples:
  • Usage risks:
    • Internal use is low risk
    • OEM-in/out is high risk
    • Reselling high revenue/volume product is high risk
    • Redistribution via channel partners is medium risk (depends on partner education)
    • Incorporation of critical FLOSS elements into flagship product is high risk
    • Company with single product (WebOS e.g. for Palm) is critical for them so non-compliance is high risk
    • Distribution with no-access to elements afterwards (e.g. to Army/NATO) is high risk
  • Licenses non compliance risk:
    • BSD/MIT and Apache are low risk
    • GPLv2 and 3 is higher risk
    • MPL is also higher risk
    • New FLOSS license are more risky
    • Items without licenses are very risky
  • Suppliers compliance:
    • SW from FLOSS project is low risk
    • SW from entity with strong FLOSS culture is low risk
    • SW from entity with strong corporate partnership is low risk
    • SW from entity with new or weak culture is high risk
    • SW from entity with start-up is high risk
  • Didier from that creates a 3 axes matrix to evaluate the global risk. Example huge difference between internal use of a BSD component vs high volume mixed of licenses SW.
  • Risk mitigation. Legeal protection is:

    • Representation (termination of the contract): good but does not address reputational risk
    • Warranties (damages): better but insufficient to compensate for reputational risk
    • Commitments: best proactive measures:
      e.g. list of FLOSS components in each package. Or easier Identify fully FLOSS components, licenses. Or even more easier again create a critical (black) list of licenses for you or ask for scanning (FOSSology – probably not easy, problem of confidentiality) or ask for external scan report or SPDX certification in the future.
    • Creating local agreements with partners around Governance.

In my opinion (not neutral of course as I’m another HP employee), it was the most interesting talk of the morning. I never had met with Didier before, just had him on the phone, and I was very impressed by his clear and didactic presentation, with the large set of examples he was giving live, and even if I’m aware of it, by the quality of the FLOSS Governance model in place at HP. Definitely worth sharing, and I’m convinced lots of entities could benefit from our views more.

It was then time to take a lunch box and start the set of afternoon sessions !

Meeting during LinuxCon in Prague or OWF in Paris


I’m happy to have been informed that my proposal of presentation around FOSSology for LinuxCon 2011 in Prague has been accepted (too bad the others on MondoRescue or weren’t. Hopefully a next time).

However, for you can attend the presentation during the upcoming Open World Forum in Paris and discuss with me about everything Open Source and Linux and HP !

So some way to meet across Europe soon with you 🙂

Meego IVI: a GENIVI compliant solution


Linux usage has long been strong in the embedded market. And Meego, initially targeting mobile devices and being seen as an Android competitor, has been added new features to make it more IVI oriented. The GENIVI compliance has just been achieved by Meego IVI recently.

Of course I’d have prefered that they use instead of OBS, but that at least shows that these continuous packaging concepts are valid and taken in account by more and more communities.

I think that all these movements to create more standardized environment for dedicated vertical computing usage brings lots of good news: good news for the Open Source community as it improves the its feature set, improve the underlying platform by a larger usage, good news for the car industry as it provides to them a robust, low cost platform they can fully master (with all its features as I described earlier) and build on top, good news for consumers as they may end up having more homogeneous interfaces, and more over open ones given them the possibility to get more info on their own vehicle, or add new features themselves to what their IVI platform gives to them.

The Open World Forum event in September in its industrial track should detail this topic.

With all the recent announcements around WebOS, maybe that could be a new area of development now for this other Linux based platform.