Daniel Pocock: Debian GSoC 2018 report

Share Button

One of my major contributions to Debian in 2018 has been participation as a mentor and admin for Debian in Google Summer of Code (GSoC).

Here are a few observations about what happened this year, from my personal perspective in those roles.

Making a full report of everything that happens in GSoC is close to impossible. Here I consider issues that span multiple projects and the mentoring team. For details on individual projects completed by the students, please see their final reports posted in August on the mailing list.

Thanking our outgoing administrators

Nicolas Dandrimont and Sylvestre Ledru retired from the admin role after GSoC 2016 and Tom Marble has retired from the Outreachy administration role, we should be enormously grateful for the effort they have put in as these are very demanding roles.

When the last remaining member of the admin team, Molly, asked for people to step in for 2018, knowing the huge effort involved, I offered to help out on a very temporary basis. We drafted a new delegation but didn’t seek to have it ratified until the team evolves. We started 2018 with Molly, Jaminy, Alex and myself. The role needs at least one new volunteer with strong mentoring experience for 2019.

Project ideas

Google encourages organizations to put project ideas up for discussion and also encourages students to spontaneously propose their own ideas. This latter concept is a significant difference between GSoC and Outreachy that has caused unintended confusion for some mentors in the past. I have frequently put teasers on my blog, without full specifications, to see how students would try to respond. Some mentors are much more precise, telling students exactly what needs to be delivered and how to go about it. Both approaches are valid early in the program.

Student inquiries

Students start sending inquiries to some mentors well before GSoC starts. When Google publishes the list of organizations to participate (that was on 12 February this year), the number of inquiries increases dramatically, in the form of personal emails to the mentors, inquiries on the debian-outreach mailing list, the IRC channel and many project-specific mailing lists and IRC channels.

Over 300 students contacted me personally or through the mailing list during the application phase (between 12 February and 27 March). This is a huge number and makes it impossible to engage in a dialogue with every student. In the last years where I have mentored, 2016 and 2018, I’ve personally but a bigger effort into engaging other mentors during this phase and introducing them to some of the students who already made a good first impression.

As an example, Jacob Adams first inquired about my PKI/PGP Clean Room idea back in January. I was really excited about his proposals but I knew I simply didn’t have the time to mentor him personally, so I added his blog to Planet Debian and suggested he put out a call for help. One mentor, Daniele Nicolodi replied to that and I also introduced him to Thomas Levine. They both generously volunteered and together with Jacob, ensured a successful project. While I originally started the clean room, they deserve all the credit for the enhancements in 2018 and this emphasizes the importance of those introductions made during the early stages of GSoC.

In fact, there were half a dozen similar cases this year where I have interacted with a really promising student and referred them to the mentor(s) who appeared optimal for their profile.

After my recent travels in the Balkans, a number of people from Albania and Kosovo expressed an interest in GSoC and Outreachy. The students from Kosovo found that their country was not listed in the application form but the Google team very promptly added it, allowing them to apply for GSoC for the first time. Kosovo still can’t participate in the Olympics or the World Cup, but they can compete in GSoC now.

At this stage, I was still uncertain if I would mentor any project myself in 2018 or only help with the admin role, which I had only agreed to do on a very temporary basis until the team evolves. Nonetheless, the day before student applications formally opened (12 March) and after looking at the interest areas of students who had already made contact, I decided to go ahead mentoring a single project, the wizard for new students and contributors.

Student selections

The application deadline closed on 27 March. At this time, Debian had 102 applications, an increase over the 75 applications from 2016. Five applicants were female, including three from Kosovo.

One challenge we’ve started to see is that since Google reduced the stipend for GSoC, Outreachy appears to pay more in many countries. Some women put more effort into an Outreachy application or don’t apply for GSoC at all, even though there are far more places available in GSoC each year. GSoC typically takes over 1,000 interns in each round while Outreachy can only accept approximately 50.

Applicants are not evenly distributed across all projects. Some mentors/projects only receive one applicant and then mentors simply have to decide if they will accept the applicant or cancel the project. Other mentors receive ten or more complete applications and have to spend time studying them, comparing them and deciding on the best way to rank them and make a decision.

Given the large number of project ideas in Debian, we found that the Google portal didn’t allow us to use enough category names to distinguish them all. We contacted the Google team about this and they very quickly increased the number of categories we could use, this made it much easier to tag the large number of applications so that each mentor could filter the list and only see their own applicants.

The project I mentored personally, a wizard for helping new students get started, attracted interest from 3 other co-mentors and 10 student applications. To help us compare the applications and share data we gathered from the students, we set up a shared spreadsheet using Debian’s Sandstorm instance and Ethercalc. Thanks to Asheesh and Laura for setting up and maintaining this great service.

Slot requests

Switching from the mentor hat to the admin hat, we had to coordinate the requests from each mentor to calculate the total number of slots we wanted Google to fund for Debian’s mentors.

Once again, Debian’s Sandstorm instance, running Ethercalc, came to the rescue.

All mentors were granted access, reducing the effort for the admins and allowing a distributed, collective process of decision making. This ensured mentors could see that their slot requests were being counted correctly but it means far more than that too. Mentors put in a lot of effort to bring their projects to this stage and it is important for them to understand any contention for funding and make a group decision about which projects to prioritize if Google doesn’t agree to fund all the slots.

Management tools and processes

Various topics were discussed by the team at the beginning of GSoC.

One discussion was about the definition of “team”. Should the new delegation follow the existing pattern, reserving the word “team” for the admins, or should we move to the convention followed by the DebConf team, where the word “team” encompasses a broader group of the volunteers? A draft delegation text was prepared but we haven’t asked for it to be ratified, this is a pending task for the 2019 team (more on that later).

There was discussion about the choice of project management tools, keeping with Debian’s philosophy of only using entirely free tools. We compared various options, including Redmine with the Agile (Kanban) plugin, Kanboard (as used by DebConf team), and more Sandstorm-hosted possibilities, such as Wekan and Scrumblr. Some people also suggested ideas for project management within their Git repository, for example, using Org-mode. There was discussion about whether it would be desirable for admins to run an instance of one of these tools to manage our own workflow and whether it would be useful to have all students use the same tool to ease admin supervision and reporting. Personally, I don’t think all students need to use the same tool as long as they use tools that provide public read-only URLs, or even better, a machine-readable API allowing admins to aggregate data about progress.

Admins set up a Git repository for admin and mentor files on Debian’s new GitLab instance, Salsa. We tried to put in place a process to synchronize the mentor list on the wiki, the list of users granted team access in Salsa and the list of mentors maintained in the GSoC portal. This could be taken further by asking mentors and students to put a Moin Category tag on the bottom of their personal pages on the wiki, allowing indexes to be built automatically.

Students accepted

On 23 April, the list of selected students was confirmed. Shortly afterward, a Debian blog appeared welcoming the students.

OSCAL 2018, Albania and Kosovo visit

I traveled to Tirana, Albania for OSCAL’18 where I was joined by two of the Kosovan students selected by Debian. They helped run the Debian booth, comprising a demonstration of software defined radio from Debian Hams.

Enkelena Haxhiu and I gave a talk together about communications technology. This was Enkelena’s first talk. In the audience was Arjen Kamphuis, he was one of the last people to ask a question at the end. His recent disappearance is a disturbing mystery.

DebConf18

A GSoC session took place at DebConf18, the video is available here and includes talks from GSoC and Outreachy participants past and present.

Final results

Many of the students have already been added to Planet Debian where they have blogged about what they did and what they learned in GSoC. More will appear in the near future.

If you like their project, if you have ideas for an event where they could present it or if you simply live in the same region, please feel free to contact the students directly and help them continue their free software adventure with us.

Meeting more students

Google’s application form for organizations like Debian asks us what we do to stay in contact with students after GSoC. Crossing multiple passes in the Swiss and Italian alps to find Sergio Alberti at Capo di Lago is probably one of the more exotic answers to that question.

Looking back at past internships

I first mentored students in GSoC 2013. Since then, I’ve been involved in mentoring a total of 12 students in GSoC and 3 interns in Outreachy as well as introducing many others to mentors and organizations. Several of them stay in touch and it’s always interesting to hear about their successes as they progress in their careers and in their enjoyment of free software.

The Outreachy organizers have chosen a picture of two of my former interns, Urvika Gola (Outreachy 2016) and Pranav Jain (GSoC 2016) for the mentors page of their web site. This is quite fitting as both of them have remained engaged and become involved in the mentoring process.

Lessons from GSoC 2018, preparing for 2019

One of the big challenges we faced this year is that as the new admin team was only coming together for the first time, we didn’t have any policies in place before mentors and students started putting significant effort in to their proposals.

Potential mentors start to put in significant effort from February, when the list of participating organizations is usually announced by Google. Therefore, it seems like a good idea to make any policies clear to potential mentors before the end of January.

We faced a similar challenge with selecting mentors to attend the GSoC mentor summit. While some ideas were discussed about the design of a selection process or algorithm, the admins fell back on the previous policy based on a random selection as mentors may have anticipated that policy was still in force when they signed up.

As I mentioned already, there are several areas where GSoC and Outreachy are diverging, this already led to some unfortunate misunderstandings in both directions, for example, when people familiar with Outreachy rules have been unaware of GSoC differences and vice-versa and I’ll confess to being one of several people who has been confused at least once. Mentors often focus on the projects and candidates and don’t always notice the annual rule changes. Unfortunately, this requires involvement and patience from both the organizers and admins to guide the mentors through any differences at each step.

The umbrella organization question

One of the most contentious topics in Debian’s GSoC 2018 program was the discussion of whether Debian can and should act as an umbrella organization for smaller projects who are unlikely to participate in GSoC in their own right.

As an example, in 2016, four students were mentored by Savoir Faire Linux (SFL), makers of the Ring project, under the Debian umbrella. In 2017, Ring joined the GNU Project and they mentored students under the GNU Project umbrella organization. DebConf17 coincidentally took place in Montreal, Canada, not far from the SFL headquarters and SFL participated as a platinum sponsor.

Google’s Mentor Guide explicitly encourages organizations to consider this role, but does not oblige them to do so either:

Google’s program administrators actually look quite fondly on the umbrella organizations that participate each year.

For an organization like Debian, with our philosophy, independence from the cloud and distinct set of tools, such as the Salsa service mentioned earlier, being an umbrella organization gives us an opportunity to share the philosophy and working methods for mutual benefit while also giving encouragement to related projects that we use.

Some people expressed concern that this may cut into resources for Debian-centric projects, but it appears that Google has not limited the number of additional places in the program for this purpose. This is one of the significant differences with Outreachy, where the number of places is limited by funding constraints.

Therefore, if funding is not a constraint, I feel that the most important factor to evaluate when considering this issue is the size and capacity of the admin team. Google allows up to five people to be enrolled as admins and if enough experienced people volunteer, it can be easier for everybody whereas with only two admins, the minimum, it may not be feasible to act as an umbrella organization.

Within the team, we observed various differences of opinion: for example some people were keen on the umbrella role while others preferred to restrict participation to Debian-centric projects. We have the same situation with Outreachy: some mentors and admins only want to do GSoC, while others only do Outreachy and there are others, like myself, who have supported both programs equally. In situations like this, nobody is right or wrong.

Once that fundamental constraint, the size of the admin team, is considered, I personally feel that any related projects engaged on this basis can be evaluated for a wide range of synergies with the Debian community, including the people, their philosophy, the tools used and the extent to which their project will benefit Debian’s developers and users. In other words, this doesn’t mean any random project can ask to participate under the Debian umbrella but those who make the right moves may have a chance of doing so.

Financial

Google pays each organization an allowance of USD 500 for each slot awarded to the organization, plus some additional funds related to travel. This generally corresponds to the number of quality candidates identified by the organization during the selection process, regardless of whether the candidate accepts an internship or not. Where more than one organization requests funding (a slot) for the same student, both organizations receive a bounty, we had at least one case like this in 2018.

For 2018, Debian has received USD 17,200 from Google.

GSoC 2019 and beyond

Personally, as I indicated in January that I would only be able to do this on a temporary basis, I’m not going to participate as an admin in 2019 so it is a good time for other members of the community to think about the role. Each organization who wants to participate needs to propose a full list of admins to Google in January 2019, therefore, now is the time for potential admins to step forward, decide how they would like to work together as a team and work out the way to recruit mentors and projects.

Thanks to all the other admins, mentors, the GSoC team at Google, the Outreachy organizers and members of the wider free software community who supported this initiative in 2018. I’d particularly like to thank all the students though, it is really exciting to work with people who are so open minded, patient and remain committed even when faced with unanticipated challenges and adversity.

Powered by WPeMatico

Share Button

Fedora Magazine: Edit your videos with Pitivi on Fedora

Share Button

Looking to produce a video of your adventures this weekend? There are many different options for editing videos out there. However, if you are looking for a video editor that is simple to pick up, and also available in the official Fedora Repositories, give Pitivi a go.

Pitivi is an open source, non-linear video editor that uses the GStreamer framework. Out of the box on Fedora, Pitivi supports OGG Video, WebM, and a range of other formats. Additionally, more support for for video formats is available via gstreamer plugins. Pitivi is also tightly integrated with the GNOME Desktop, so the UI will feel at home among the other newer applications on Fedora Workstation.

Installing Pitivi on Fedora

Pitivi is available in the Fedora Repositories. On Fedora Workstation, simply search and install Pitivi from the Software application.

Alternatively, install Pitivi using the following command in the Terminal:

sudo dnf install pitivi

Basic Editing

Pitivi has a wide range of tools built-in to allow quick and effective editing of your clips. Simply import videos, audio, and images into the Pitivi media library, then drag them onto the timeline. Additionally, pitivi allows you to easily split, trim, and group parts of clips together, in addition to simple fade transitions on the timeline.

Transitions and Effects

In addition to a basic fade between two clips, Pitivi also features a range of different transitions and wipes. Additionally, there are over a hundred effects that can be applied to either videos or audio to change how the media elements are played or displayed in your final presentation


Pitivi also features a range of other great features, so be sure to check out the tour on their website for a full description of the features of the awesome Pitivi.

Powered by WPeMatico

Share Button

Luya Tshimbalanga: Retiring ASUS X550ZE and greeting HP Envy x360 Ryzen 5

Share Button


My ASUS X550ZE reached its end of life due to hardware power issue after getting a lot of abuse. From that experience, I have learned a lot about dual Radeon graphic processors working in the open source world and I followed AMD graphic development since then.

Enter HP Envy x360 Convertible 15-cp0xxx Ryzen 5 marking the return to tablet PC. I originally intended to buy the Ryzen 7 version for more performance but the specification is very similar with only a sightly more powerful graphic processor as the difference on Ryzen 5. The model uses a 1 TB hard disk drive with 8 GB DDR4 RAM and I plan to upgrade to a 1TB solid state drive (Samsung Evo version looks suitable).

Installation

 Installing Fedora 29 Beta Design Suite was very smooth after shrinking the partition of Windows 10 and keeping Secure Boot enabled by default.

Post installation 

Some revealing issues:

  • Touchscreen and stylus mode is broken due to acpi bug preventing proper detection.
  • AMD Raven, the name of the APU, works fine but occasionally glitched on log out and reboot. At this time of writing, mesa version is 18.2.2.
  • Battery usage is adequate but has yet to take advantage on improvements currently for Intel based hardware. Running powertop sightly increased the time of battery usage.

The remaining details is on https://fedoraproject.org/wiki/User:Luya/Laptops/HP_Envy_x360

    Powered by WPeMatico

    Share Button

    Ismael Olea: How to cite bibliography ISO/IEC standards

    Share Button

    For my final post-grade work I’m collecting bibliography and as the main work is around ISO/IEC documents I investigated how to to make a correct bibliography entry for these, which I realized is not very well known as you can check in this question in Tex.StackSchange.com.

    I finally chose an style I show here as an example:

    • BibTeX:
      @techreport{iso_central_secretary_systems_2016,
        address = {Geneva, CH},
        type = {Standard},
        title = {Systems and software engineering -- {Lifecycle} profiles for {Very} {Small} {Entities} ({VSEs}) -- {Part} 1: {Overview}},
        shorttitle = {{ISO}/{IEC} {TR} 29110-1:2016},
        url = {https://www.iso.org/standard/62711.html},
        language = {en},
        number = {ISO/IEC TR 29110-1:2016},
        institution = {International Organization for Standardization},
        author = {{ISO Central Secretary}},
        year = {2016}
      }
      
    • RIS:
        TY  - RPRT
        TI  - Systems and software engineering -- Lifecycle profiles for Very Small Entities (VSEs) -- Part 1: Overview
        AU  - ISO Central Secretary
        T2  - ISO/IEC 29110
        CY  - Geneva, CH
        PY  - 2016
        LA  - en
        M3  - Standard
        PB  - International Organization for Standardization
        SN  - ISO/IEC TR 29110-1:2016
        ST  - ISO/IEC TR 29110-1:2016
        UR  - https://www.iso.org/standard/62711.html
        ER  - 
      

      I’ve using this style extensively in a development website http://29110.olea.org/. You can compare details with the official info.

      Both have been generated using Zotero.

    Powered by WPeMatico

    Share Button

    Richard W.M. Jones: Does virt-v2v preserve sparseness?

    Share Button

    A common question is does virt-v2v preserve sparseness (aka thin provisioning) when you convert the guest from VMware to a KVM-based hypervisor like oVirt/RHV or OpenStack? The very short answer is: no. The medium answer is: The question doesn’t really make sense. For the long answer, read on …

    First of all we need to ask what is thin provisioning? For complex and essentially historical reasons when you provision a new guest you have to decide how much maximum disk space you want it to have. Let’s say you choose 10 GB. However because a new guest install might only take, say, 1 GB, you can also decide if you want the whole 10 GB to be preallocated up front or if you want the disk to be thin provisioned or sparse, meaning it’ll only take up 1 GB of host space, but that will increase as the guest creates new files. There are pros and cons to preallocation. Preallocating the full 10 GB obviously takes a lot of extra space (and what if the guest never uses it?), but it can improve guest performance in some circumstances.

    That is what happens initially. By the time we come to do a virt-v2v conversion that guest may have been running for years and years. Now what does the disk look like? It doesn’t matter if the disk was initially thin provisioned or fully allocated, what matters is what the guest did during those years.

    Did it repeatedly fill up the disk and/or delete those files? – In which case your initially thin provisioned guest could now be fully allocated.

    Did it have trimming enabled? Your initially preallocated guest might now have become sparsely allocated.

    In any case VMware doesn’t store this initial state, nor does it make it very easy to find out which bits of the disk are actually backed by host storage and which bits are sparse (well, maybe this is possible, but not using the APIs we use when liberating your guests from VMware).

    In any case, as I explained in this talk (slides) from a few years ago, virt-v2v tries to avoid copying any unused, zeroed or deleted parts of the disk for efficiency reasons, and so it will always make the disk maximally sparse when copying it (subject to what the target hypervisor does, read on).

    When virt-v2v comes to creating the target guest, the default is to create a maximally sparse guest, but there are two ways to change this:

    1. You can specify the -oa preallocated option, where virt-v2v will try to ask the target hypervisor to fully preallocate the target disks of the guest.
    2. For some hypervisors, especially RHV, your choice of backend storage may mean you have no option but to use preallocated disks (unfortunately I cannot give clear advice here, best to ask a RHV expert).

    The basic rule is that when converting guests you need to think about whether you want the guest to be sparse or preallocated after conversion, based on your own performance vs storage criteria. Whether it happened to be thin provisioned when you set it up on VMware years earlier isn’t a relevant issue.

    Powered by WPeMatico

    Share Button

    Richard W.M. Jones: New in nbdkit: Create an ISO image on the fly

    Share Button

    nbdkit is the pluggable Network Block Device server that Eric and I wrote. I have submitted a talk to FOSDEM next February about the many weird and wonderful ways you can use nbdkit as a flexible replacement for loopback mounting.

    Anyway, new in nbdkit 1.7.6 you can now create ISO 9660 (CD-ROM) disk images on the fly from a directory:

    # nbdkit iso /boot params="-JrT"
    # nbd-client -b 512 localhost /dev/nbd0
    # file -bsL /dev/nbd0
    ISO 9660 CD-ROM filesystem data 'CDROM'
    # mount /dev/nbd0 /tmp/mnt
    # ls /tmp/mnt
    config-4.18.0-0.rc8.git2.1.fc29.x86_64
    config-4.19.0-0.rc1.git3.2.fc30.x86_64
    config-4.19.0-0.rc6.git0.1.fc30.x86_64
    efi
    extlinux
    grub2
    [etc]
    # umount /tmp/mnt
    # nbd-client -d /dev/nbd0
    # killall nbdkit
    

    That ISO wouldn’t actually be bootable, but you could create one (eg. an El Torito ISO) by adding the appropriate extra parameters.

    To head off the first question: If you copy files into the directory while nbdkit is running, do they appear in the ISO? Answer: No! This is largely impossible with the way Linux block devices work.

    Powered by WPeMatico

    Share Button

    Fedora Community Blog: Fedora Women’s Day 2018 – Lima, Peru

    Share Button

    Fedora Women's Day 2018 - Lima, Peru

    On Setember 22, 2018 we celebrated the Fedora Women’s Day in Lima, Perú at PUCP (Pontifical Catholic University of Peru). The Fedora Women’s Day event seeks to integrate women in the world of Free Software. This year, I had the opportunity to be one of the organizers.

    Fedora Women's Day 2018 event in Lima, Peru - promotional poster
    Promotional poster design

    Topics

    • What is Free Software? by Giohanny Falla
      • She talked about introduction to Free Software and also made the invitation to the GSoC and the Outreachy.
    • Women to Power by Solanch Ccasa
      • She talked about success stories and the inclusion of women in technology.
    • Fedora Love Python by Lizbeth Lucar
      • She talked about the use and importance of using Python, and they made mini challenges about Python exercises.
    • Design for Enterpreneurs by Sheyla Breña
      • She told us about her experiences as a business designer.

    Attendees

    20 people total attended who did not have knowledge about Linux for the Fedora Women's Day 2018 event in Lima, Peru
    20 people total attended who did not have knowledge about Linux
    • Giohanny Falla introduces Free Software to Fedora Women's Day 2018 attendees in Lima, Peru
      Giohanny Falla introduces Free Software to attendees
    • Attendees create Fedora accounts during Fedora Women's Day 2018 in Lima, Peru. Organizers invited attendees to contribute through whatcanidoforfedora.org
      Attendees create Fedora accounts during the event. Organizers invited attendees to contribute through whatcanidoforfedora.org.
    • Fedora Loves Python session by Lizbeth Lucar. She talked about use and importance of Python. Attendees completed miniretos about Python exercises.
      Fedora Loves Python session by Lizbeth Lucar. She talked about use and importance of Python. Attendees completed miniretos about Python exercises.

    Wrapping up FWD in Lima, Peru

    We finished the talks with “Design for Entrepreneurs“. For the workshop, all attendees tried out Inkscape and Gimp in Fedora. Finally, we took a snack and coffee break.

    • Coffee and snack break for Fedora Women's Day 2018 in Lima, Peru
      Coffee and snack break!
    • Fedora stickers and swag shared with attendees at Fedora Women's Day 2018 event in Lima, Peru
      Fedora stickers and swag shared with attendees

    We ended with questions, answers, and group photos.

    Final group photo with all attendees of Fedora Women's Day 2018 in Lima, Peru
    Final group photo with all attendees of Fedora Women’s Day 2018 in Lima, Peru

    Thanks to the support and organization of the community Penguin Codes, Blender Peru, AIIS PUCP, Diego Balbuena, and Fredy Hernandez.

    The post Fedora Women’s Day 2018 – Lima, Peru appeared first on Fedora Community Blog.

    Powered by WPeMatico

    Share Button

    Adam Young: Creating a Self Trust In Keystone

    Share Button

    Lets say you are an administrator of an OpenStack cloud. This means you are pretty much all powerful in the deployment. Now, you need to perform some operation, but you don’t want to give it full admin privileges? Why? well, do you work as root on your Linux box? I hope note. Here’s how to set up a self trust for a reduced set of roles on your token.

    First, get a regular token, but use the –debug to see what the project ID, role ID, and your User ID actually are:

    In my case, they are … long uuids.

    I’ll trim them down both for obscurity as well as the make it more legible. Here is the command to create the trust.

    openstack trust create --project 9417f7 --role 9fe2ff 154741 154741

    Mine returned:

    +--------------------+----------------------------------+
    | Field              | Value                            |
    +--------------------+----------------------------------+
    | deleted_at         | None                             |
    | expires_at         | None                             |
    | id                 | 26f8d2                           |
    | impersonation      | False                            |
    | project_id         | 9417f7                           |
    | redelegation_count | 0                                |
    | remaining_uses     | None                             |
    | roles              | _member_                         |
    | trustee_user_id    | 154741                           |
    | trustor_user_id    | 154741                           |
    +--------------------+----------------------------------+
    

    On my system, role_id 9fe2ff is the _member_role.

    Note that, if you are Admin, you need to explicitly grant yourself the _member_ role, or use an implied role rule that says admin implies member.

    Now, you can get a reduced scope token. Unset the variables that are used to scope the token, since you want to scope to the trust now.

    $ unset OS_PROJECT_DOMAIN_NAME 
    $ unset OS_PROJECT_NAME 
    $ openstack token issue --os-trust-id  26f8d2eaf1404489ab8e8e5822a0195d
    +------------+----------------------------------+
    | Field      | Value                            |
    +------------+----------------------------------+
    | expires    | 2018-10-18T10:31:57+0000         |
    | id         | f16189                           |
    | project_id | 9417f7                           |
    | user_id    | 154741                           |
    +------------+----------------------------------+
    

    This still requires you to authenticate with your userid and password. An even better mechanism is the new Application Credentials API. It works much the same way, but you use an explicitly new password. More about that next time.

    Powered by WPeMatico

    Share Button

    Alvaro Castillo: Gestiona máquinas virtuales en QEMU/KVM fácilmente con QEMUzier

    Share Button

    QEMUzier es un pequeño script licenciado bajo GPL v2.0 que he laborado para gestionar de forma muy sencilla máquinas virtuales con el software de emulación QEMU modificado para utilizarlo con KVM para obtener virtualización completa en Linux.

    Por el momento está adaptado para utilizarlo en distribuciones Fedora.

    Para poder instalarlo:

    GitLab

    git clone https://gitlab.com/sincorchetes/qemuzier

    GitHub

    git clone https://github.com/sincorchetes/qemuzier

    Cuando ejecutemos el script, hará…

    Powered by WPeMatico

    Share Button

    Fedora Magazine: Design faster web pages, part 2: Image replacement

    Share Button

    Welcome back to this series on building faster web pages. The last article talked about what you can achieve just through image compression. The example started with 1.2MB of browser fat, and reduced down to a weight of 488.9KB. That’s still not fast enough! This article continues the browser diet to lose more fat. You might think that partway through this process things are a bit crazy, but once finished, you’ll understand why.

    Preparation

    Once again this article starts with an analysis of the web pages. Use the built-in screenshot function of Firefox to make a screenshot of the entire page. You’ll also want to install Inkscape using sudo:

    $ sudo dnf install inkscape

    If you want to know how to use Inkscape, there are already several articles in Fedora Magazine. This article will only explain some basic tasks for optimizing an SVG for web use.

    Analysis

    Once again, this example uses the getfedora.org web page.

    Getfedora page with graphics marked

    Getfedora page with graphics marked

    This analysis is better done graphically, which is why it starts with a screenshot. The screenshot above marks all graphical elements of the page. In two cases or better in four cases, the Fedora websites team already used measures to replace images. The icons for social media are glyphs from a font and the language selector is an SVG.

    There are several options for replacing:

    HTML5 Canvas

    Briefly, HTML5 Canvas is an HTML element that allows you to draw with the help of scripts, mostly JavaScript, although it’s not widely used yet. As you draw with the help of scripts, the element can also be animated. Some examples of what you can achieve with HTML Canvas include this triangle pattern, animated wave, and text animation. In this case, though, it seems not to be the right choice.

    CSS3

    With Cascading Style Sheets you can draw shapes and even animate them. CSS is often used for drawing elements like buttons. However, more complicated graphics via CSS are usually only seen in technical demonstration pages. This is because graphics are still better done visually as with coding.

    Fonts

    The usage of fonts for styling web pages is another way, and Fontawesome is quiet popular. For instance, you could replace the Flavor and the Spin icons with a font in this example. There is a negative side to using this method, which will be covered in the next part of this series, but it can be done easily.

    SVG

    This graphics format has existed for a long time and was always supposed to be used in the browser. For a long time not all browsers supported it, but that’s history. So the best way to replace pictures in this example is with SVG.

    Optimizing SVG for the web

    To optimize an SVG for internet use requires several steps.

    SVG is an XML dialect. Components like circle, rectangle, or text paths are described with nodes. Each node is an XML element. To keep the code clean, an SVG should use as few nodes as possible.

    The SVG example is a circular icon with a coffee mug on it. You have 3 options to describe it with SVG.

    Circle element with the mug on top

    Circular path with the mug on top

    single path

    You probably can see the code becomes more complex and needs more characters to describe it. More characters in a file result, of course, in a larger size.

    Node cleaning

    If you open an example SVG in Inkscape and press F2, that activates the Node tool. You should see something like this:

    Inkscape - Node tool activated

    Inkscape – Node tool activated

    There are 5 nodes that aren’t necessary in this example — the ones in the middle of the lines. To remove them, select them one by one with the activated Node tool and press the Del key. After this, select the nodes which define this lines and make them corners again using the toolbar tool.

    Inkscape - Node tool make node a corner

    Inkscape – Node tool make node a corner

    Without fixing the corners, handles are used that define the curve, which gets saved and will increase file size. You have to do this node cleaning by hand, as it can’t be effectively automated. Now you’re ready for the next stage.

    Use the Save as function and choose Optimized svg. A dialogue window opens where you can select what to remove or keep.

    Inkscape - Dialog window for save as optimized SVG

    Inkscape – Dialog window for save as optimized SVG

    Even the little SVG in this example got down from 3.2 KB to 920 bytes, less than a third of its original size.

    Back to the getfedora page: The grey voronoi pattern used in the background of the main section, after our optimization from Part 1 of this series, is down to 164.1 KB versus the original 211.12 KB size.

    The original SVG it was exported from is 1.9 MB in size. After these SVG optimization steps, it’s only 500.4KB. Too big? Well, the current blue background is 564.98 KB in size. But there’s only a small difference between the SVG and the PNG.

    Compressed files

    $ ls -lh
    insgesamt 928K
    -rw-r--r--. 1 user user 161K 19. Feb 19:44 grey-pattern.png
    -rw-rw-r--. 1 user user 160K 18. Feb 12:23 grey-pattern.png.gz
    -rw-r--r--. 1 user user 489K 19. Feb 19:43 greyscale-pattern-opti.svg
    -rw-rw-r--. 1 user user 112K 19. Feb 19:05 greyscale-pattern-opti.svg.gz

    This is the output of a small test I did to visualize this topic. You should probably see that the raster graphic — the PNG — is already compressed and can’t be anymore. The opposite is the SVG, an XML file. This is just text and can compressed, to less then a fourth of its size. As a result it is now around 50 KB smaller in size than the PNG.

    Modern browsers can handle compressed files natively. Therefore, a lot of web servers have switched on mod_deflate (Apache) and gzip (nginx). That’s how we save space during delivery. Check out if it’s enabled at your server here.

    Tooling for production

    First of all, nobody wants to always optimize SVG in Inkscape. You can run Inkscape without a GUI in batch mode, but there’s no option to convert from Inkscape SVG to optimized SVG. You can only export raster graphics this way. But there are alternatives:

    • SVGO (which seems not actively developed)
    • Scour

    This example will use scour for optimization. To install it:

    $ sudo dnf install scour

    To automatically optimize an SVG file, run scour similarly to this:

    [user@localhost ]$ scour INPUT.svg OUTPUT.svg -p 3 --create-groups --renderer-workaround --strip-xml-prolog --remove-descriptive-elements --enable-comment-stripping --disable-embed-rasters --no-line-breaks --enable-id-stripping --shorten-ids

    This is the end of part two, in which you learned how to replace raster images with SVG and how to optimize it for usage. Stay tuned to the Fedora Magazine for part three, coming soon.

    Powered by WPeMatico

    Share Button