A View on FOSDEM 2020

Another year, another FOSDEM edition. As always, since this conference grew so big (fact: if you tried to watch all videos in a row, it’ll take you about 9 weeks!), chances are, every review you read from the conference will contain something different, and therefore, complementary.

This is what I was able to ex­pe­rien­ce. Le­t’s take a look.

A recurrent theme in FOSDEM seems to be the high concurrency. There were lots of people attending, which made it difficult to make it into some dev-rooms, as they were overcrowded. In addition, some very popular dev-rooms got regular-size rooms where not enough people could fit (for example the PostgreSQL one, as opposed to last year). Because of this, I missed quite a few opportunities.

Ho­we­ve­r, ano­ther trait of the con­fe­ren­ce is not on­ly the hi­gh con­cu­rren­c­y, but al­so the hi­gh qua­li­ty of the ta­lks. ­The­re­fo­re, fa­lling ba­ck to so­me any other ta­lk en­ded up on me lear­ning about so­me cool to­pi­c, wi­th the added ele­ment of ­sur­pri­se.

The Talks

On Saturday, I started the morning in the free Java dev-room, and the first talk I watched was Tornado VM: A Java VM for heterogeneous hardware. It introduced the idea of having a VM that takes advantage of different hardware (not just CPU, but also GPUs, and FPGAs as well). Though it was Java-focused, it did mention that the concepts are applicable to other languages as well.

The fo­llo­wed a ta­lk about By­te­Bu­ffers. A rea­lly ni­ce ­pre­sen­ta­tion of the new me­mo­ry ma­na­ge­ment API (co­ming up to Ja­va 14). It pre­sen­ted the ra­tio­na­le, co­m­mon per­for­man­ce is­sues, the goals of ac­ce­s­sing me­mo­ry on and off the hea­p, and su­ch.

Afte­rwar­d­s, I went to the The Hi­dden Ear­ly His­to­ry of Unix.

One of the highlights of the conference was Fixing the Kubernetes clusterfuck. An amazing talk (I highly recommend you watch the video), with a live demonstration of how to hack (and detect) a Kubernetes cluster. It started with a very good introduction to the falco project (how it’s built, how it works, how it integrates with another tools, and its capabilities). It’s a project with interesting features (like for instance the fact that uses eBPF makes it have a minimal overhead).

The next th­ree ta­lks con­ti­nued wi­th the se­cu­ri­ty the­me. The first one of them al­so about con­tai­ner­s: Using SE­Li­nux wi­th ­con­tai­ner runti­mes, The hai­ry is­sue of e2e en­cr­yp­tion in ins­tant me­ss­aging, and Wha­t ­you most like­ly did not know about su­do.

And that clo­sed up the first da­y.

On Sunday, I started by attending two talks about monitoring and observability. On Distributed tracing for beginners we saw a live demo of applying tracing to a Java application, from the ground up, and seeing the metrics with Jaeger. Then came a talk about Grafana: successfully correlate metics, logs, and traces which was a very good continuation. It was also interesting to learn about upcoming features to Grafana (such as linking to traces from the metrics graphs directly, and more integrations).

Afterwards, I attended another talk about SWIM - Protocol to build a cluster, and on the same room came the talk about Implementing protections against Speculative Execution side channel: a really technical and well-presented talk explaining low-level security implications of side channel attacks, and some recommendations on how to avoid some of those issues. The talk introduced the MDS / TAA threat models, and their implications. There were also really good questions asked at the end, that provided very interesting food for thought.

On the evening, I was able to finally make it into the PostgreSQL dev-room, and it was really worth it. The first talk was about The state of full-text search on PostgreSQL 12. It properly explained some of the internals that go on, when we try to use this feature, and some caveats to avoid. It had a really nice introduction to information retrieval, and how it’s implemented in PostgreSQL.

Fi­na­ll­y, RTFM (do­n’t be mis­led —as I wa­s—, by the ti­tle), ­pre­sen­ted four ca­se stu­dies on whi­ch things went sou­th, and wh­y. The lear­nings on all ca­ses, pro­vi­ded va­lua­ble in­si­gh­ts on how to make a be­tter use of our re­la­tio­nal da­ta­ba­se.

Then ca­me the clo­sing ta­lk, ce­le­bra­ting the 20 years of the con­fe­ren­ce.

All in all, ano­ther good edi­tion of the Eu­ro­pean con­fe­ren­ce for open sour­ce. The­re’s sti­ll lo­ts of ma­te­rial that I woul­d ­like to go over in mo­re de­tai­l, and so­me miss­ed ta­lks that I ha­ve to ca­tch up on, but it was a good ex­pe­rien­ce.