Version 1

Events


Wednesday 09:00


Demystifying systemd - Hands On

Everything you need to know to be successful with systemd - Main stage

It's 2016 and at this point why would anyone care about an init system? Well, apparently not only is process management essential to the operating system, all the hype around things like containers and resource management are making this topic sex...

Wednesday 11:45


Using the Journal Efficiently

The journal is systemd's structure logging. Let's see what it can do for you - Main stage

journalctl is a powerful tool to view and filter log data. In this workshop we'll have a look on how to make use of it and take advantage of its various features.

Wednesday 13:30


Lunch break (Wed)

Main stage

Wednesday 14:30


systemd-nspawn 101

Barcamp

Introduction to systemd's namespace containers.

During the workshop we will see in practical examples the possibilities of systemd-nspawn and show its cooperation with other systemd daemons and tools like systemd-machined, systemd-journald, systemd-run, systemd-networkd, ...

Writing services the systemd way

Harnessing systemd's high-level functionality to make services simpler - Main stage

Historically, services have handled forking, privilege dropping, logging, monitoring, and sandboxing either on their own, using a language-specific framework, or binaries like daemontools. With systemd, this is no longer necessary. In this worksho...

In this workshop, we will build a basic application (framework/language to be determined) that uses: <ul> <li>Socket activation</li> <li>The journal</li> <li>Type=notify for state tracking</li> <li>Watchdog for availability monitoring</li> <li>Advanced unit configuration for sandboxing/isolation</li> </ul> We will primarily be using C and autotools, but the concepts are the same for most languages. Don't worry if you're not fluent in C or autotools; we'll start from scratch.

Wednesday 16:20


Next Generation Config Mgmt: Workshop

mgmt: workshop edition - Barcamp

A presentation about a next generation config management tool, and the specific problems this project solves. Three of the main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture ...

A presentation about a next generation config management tool, and the specific problems this project solves. Three of the main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture This talk will demo a prototype I've built that implements these ideas and which is written in golang. I will also show the automatic edge, automatic grouping and automatic elastic etcd cluster management features. Lastly, I will focus on the systemd service integration work, explain why systemd is a critical dependency for mgmt, and talk about the future networkd integration work. An introductory blog post on the subject is available. https://ttboj.wordpress.com/2016/01/18/next-generation-configuration-mgmt/ Attendees are encouraged to read it before the talk if they are interested! This will be an interactive workshop version of the above talk so that attendees can try the live demos at the same time as the presentation. We will then discuss some of the internals of the project, and finally we will have a short hacking session where you will learn to write your first mgmt resource.

Wednesday 19:00


coreOS meetup

A meetup by the CoreOS people - Main stage

Thursday 10:00


State of the Union/Portable Services

This year's systemd State of the Union, and an Introduction to Portable Services - Main stage

The systemd project in 2016, and where to take it in 2017. A particular focus will be place on the Portable Service project, an effort to make systemd services more self-sufficient and portable between systems.

Thursday 11:05


Tiptoeing into systemd devel community

Main stage

This talk is a mix of presenting some of the new systemd v231 features and a first-hand feedback on how to start contributing to an open source project like systemd. I will present the new features I worked on which are part of systemd v231 and I...

Some of the new features I will talk about during the presentation are: cgtop subtrees visualization, nspawn --notify-ready switch, and {ReadWrite,Only}Paths= and InaccessiblePaths= improvements.

Thursday 11:40


graphical-session.target

Using systemd to run X11/Mir sessions - Main stage

Design, current state, experiences, and bugs/missing features that we ran into in Ubuntu when converting the session-centric upstart-driven graphical sessions (GNOME, Unity, XFCE etc.) to the user-centric systemd/D-Bus model and systemd units.

Ubuntu is currently transitioning from session upstart/D-Bus to user systemd/D-Bus. Both transitions are still fairly unchartered territories in distributions/products, and uncovered a range of design challenges, missing features, and bugs in systemd and some other parts in the plumbing stack. The presentation will be roughly 25 minutes, followed by 20 minutes of Q&A and group discussion.

Thursday 12:20


Lunch break (Thu)

Main stage

Thursday 13:20


Securing services and containers: rkt meets systemd

Main stage

systemd provides many features and knobs to improve the security of traditional Linux services. rkt is a container runtime engine designed with security and modularity in mind. The core execution unit in rkt is a pod, a grouping of one or more app...

#Audience The presentation is aimed at anybody interested in Linux security, familiar with managing traditional services via systemd, or interested in deploying and running containerized services.

Thursday 14:10


What you didn't know about networkd

Main stage

systemd-networkd is core component of systemd. In this talk we'll shed some light on some of the lesser known features of networkd, and how you can make use of it. Topics covered are the DHCP server feature, the automatic IP pool management, the L...

Thursday 15:00


Deploying systemd at scale

Main stage

This talk will focus on the migration of the Facebook fleet to CentOS 7 and its adoption of systemd in a live production environment of hundreds of thousands of physical hosts. We'll discuss the process we used to perform the rollout, how our infr...

Thursday 15:45


Coffee break (Thu)

Main stage

Thursday 16:15


Next Generation Config Mgmt

mgmt: systemd edition - Main stage

A presentation about a next generation config management tool, and the specific problems this project solves. Three of the main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture ...

A presentation about a next generation config management tool, and the specific problems this project solves. Three of the main design features of the tool include: * Parallel execution * Event driven mechanism * Distributed architecture This talk will demo a prototype I've built that implements these ideas and which is written in golang. I will also show the automatic edge, automatic grouping and automatic elastic etcd cluster management features. Lastly, I will focus on the systemd service integration work, explain why systemd is a critical dependency for mgmt, and talk about the future networkd integration work. An introductory blog post on the subject is available. https://ttboj.wordpress.com/2016/01/18/next-generation-configuration-mgmt/ Attendees are encouraged to read it before the talk if they are interested!

Thursday 17:00


Automotive startup and device management

Challenges using systemd in an IVI environment - Main stage

Embedded or small-scale devices are different beasts than your usual desktop machines. And within these, IVI devices pose yet another challenge. During the presentation we will explain which road blocks we had to move, which oddities we faced, why...

Thursday 17:45


Functional Infrastructure

Using Haskell with systemd, dbus, and nspawn for microservices: an experience report - Main stage

At nstack, we’re using systemd, nspawn-containers and dbus to facilitate the construction of ‘algebraic’ infrastructure that allows developers to construct, compile, and compose type-safe microservices that run in the cloud in response to events. ...

Our platform is built from a combination of the systemd ecosystem and the Haskell programming language. In this talk we'll provide an experience report into our use of high-level functional programming with low-level Linux systems infrastructure. This includes: * Building a reproducible packaging system around btrfs and atomic/ostree * Building a language-agnostic typed IDL format on top of dbus * Creating a high-level, type-safe interface into systemd from Haskell using the dbus API * Spooling up typed services on demand as nspawn-containers through systemd * Mapping existing external event sources (e.g. RPC / streams / HTTP) into dbus to trigger services

Thursday 18:25


Talking to systemd from a Web Browser

Main stage

systemd built a D-Bus API that represents the integrated state of a system, its services, resources, logins, and (hopefully soon) networking. D-Bus is powerful and complete, but unfortunately presents barriers for modern development, as apparent from the lack of clients and callers. We think that systemd's API should be trivial to access with web technologies, so we'll show you how to talk to that API directly from a web browser. You'll see how we do this in the Cockpit admin interface, including things like talking to file descriptors, proxying interfaces, watching signals, and authorization. We'll take a look at how we could broaden the work that we've spearheaded in Cockpit to make the systemd API accessible to a larger audience. Lastly, we'll present some of the challenges we encountered when interacting with systemd from a remote system.


Friday 10:00


Demystifying systemd for embedded systems

why systemd pays off in the long run - Main stage

Case study of systemd overhead compared to traditional embedded systems solution and how that evolves on more complex products when fast boot, services babysitting and isolation as well as dynamic behavior are introduced.

Embedded systems often have great goals such as fast boot and reliable execution, management and isolation of services. However due lack of understanding, some myths and great deal of FUD their go with custom hackish implementations based on shell scripts and sysvinit-like replacements like busybox. This presentation will cover experiences to slim down systemd footprint by disabling its components in order to compare apples-to-apples, then show how systemd scales up in a nice linear way, while alternatives start to barf when many components must be put together to cover networking, timed tasks, logging, dynamic device behavior and services babysitting and isolation. The presentation concludes why Ostro Project decided to mandate systemd in this distribution targeted at Internet of Things.

Friday 10:45


Reconciling Systemd and Customer Requirements

Main stage

With systemd there is exactly one way how the core of a modern Linux system works. This is great for standardization across various Linux distributions. However, especially in the embedded world constraints and customer requirements can be quite d...

Friday 11:35


NixOS - Reproducible Linux Distribution built around systemd

Main stage

We will look at how Nix (the package manager) and NixOS (Linux distribution) work, what makes it different from other Linux distributions and how can you in general benefit from (build) reproducible build tool such as Nix.

Topics that will be covered in my talk: - ( 5') Introduction to the topic of reproducibility - ( 5') Basic idea of how Nix works and achieves build reproducibility - (10') How Nix ideas are extended to whole linux distribution and how we (ab)use systemd - (10') Demo: Reproducible & declarative systemd containers with NixOS - ( 5') Demo: Development environments with `nix-shell` & direnv - ( 5') Demo: How do we do system testing with NixOS - ( 4') Demo: How to build and test .deb/.rpm packages with Nix - ( ?') If more time there are many other demos I can do: - How to do kernel development - How to manage NixOS installations in the cloud via NixOps - How to manage vim configuration and plugins with Nix - How to use npm2nix / go2nix / cabal2nix / pypi2nix tools to help you generate Nix expressions - ( 1') Final notes

Friday 12:15


Lunch break (Fri)

Main stage

Friday 13:15


control a physical switch with systemd-networkd and baseboxd

Main stage

Networkd does a great job configuring network devices on a linux host. Using baseboxd the configuration of those devices is mapped to a physical switch.

Networkd listens to netlink events and applies provided configuration to Linux network devices the same way. So does baseboxd, but instead of configuring network devices for your Linux host it is able to configure a physical switch. In this presentation the architectural details of baseboxd are provided. Furthermore we show the relation to networkd and how we use both daemons to manage a whitebox switch to connect a rack of servers. We want to highlight as well the missing parts in networkd and share some ideas how we can improve it.

Friday 14:00


New Wireless Daemon for Linux

Main stage

This presentation is about a new 802.11 wireless daemon for Linux. It is a lightweight daemon handling all aspects around WiFi support for Linux. It is designed with a tiny footprint for IoT use cases in mind.

Friday 14:45


Capability-based IPC on Linux

How bus1 emerged from kdbus - Main stage

Despite being very common on most operating systems, capability-based IPC has never seen wide adoption on regular linux distributions. This talk introduces the bus1 project, an attempt to bring native, capability-based IPC to linux.

The majority of IPC used across most operating systems today uses capability-based security. This includes Android (Binder), macOS (Mach IPC), Solaris (Doors), Windows (COMM, et al.), seL4, and more. Despite the wide-spread adoption, common linux distributions never provided native support for capability-based IPC. The bus1 project is there to change this. This talk will introduce the bus1 project, describe its roots in kdbus, and discuss its integration into today's linux platforms.

Friday 15:30


systemd-resolved as the default DNS resolver

What is missing to enable resolved with DNSSEC on all systemd installations? - Main stage

The DNSSEC functionality in systemd-resolved is complete enough for early adopters. The D-Bus API is very flexible and allows rich functionality to be exposed to clients in a convenient and secure manner. Ability to enable/disable DNSSEC mode for ...

After discussing status quo and the near future, I want to start a discussion on what kind of functionality is missing, and what bugs (if any) are the most pressing for the audience.

Friday 16:00


Coffee break (Fri)

Main stage

Friday 16:30


Apps sandboxing in systemd

Main stage

This talk will explain how it is easy to confine apps and objects using systemd sandbox features. Many projects are taking advantage of Linux features to construct robust sandboxes, the most advanced one is probably Chrome sandbox, a layered appro...

Friday 17:00


What’s next for containers?

Main stage

Of the actual technology, and not hype and politics, where are we with containers? What have we found? In this talk we’ll go through some of the high level shifts in “container ecosystem”, what is happening with container standards, down to what ...

Friday 17:40


Bring your own language: tales from go & rust bindings

Main stage

systemd has a variety of fancy features in its large C codebase, and most of them are exposed via external interfaces. The main integration points are the libsystemd API and services that systemd exposes over D-Bus. However, nowadays a lot of proj...

#Audience The presentation is aimed at anybody interested in modern programming languages (Go/Rust), systemd interoperability and services integration.

Friday 18:20


Fleet: what comes next for the distributed init system

Main stage

Fleet, distributed init system developed by CoreOS, has been actively used by production systems. However, many issues still need to be addressed, such as scalability as well as integration with other projects like systemd. This talk will cover th...

Major issues in fleet can be summarized like the below: * Scalability. Fleet is basically not capable of being scalable well enough to be used with a huge number of units. Most of such issues are resulted from its dependency on etcd v2. A possible solution would be to introduce a gRPC-based communication model. It would be also generally desirable for fleet to be decoupled from etcd as much as possible. * Reconciliation. This must be one of the critical bottleneck in the fleet agent. Due to a monolithic loop in the fleet agent, units are not able to be propagated right away. Introducing an event-based reconciliation could be one of solutions. * Systemd units. Although fleet depends heavily on systemd units, there are always subtle mismatches between unit states of fleet and systemd. Limitation of using templates is also one of such issues.


Saturday 10:00


Hackfest

Main stage

Saturday 13:00


Lunch break (Sat)

Main stage

Saturday 14:00


Hackfest

Main stage

Saturday 16:25


Coffee break (Sat)

Main stage