Notes from FOSDEM 2023

• Containers
• CI/CD
• Testing and Automation
• Janson
• Conclusions

I attended FOSDEM 2023, a renowned Open Source conference held in Brussels annually. This year’s edition was extra special as it marked the first physical event after three long years of online-only gatherings due to the pandemic.

Containers

I spent a good chunk of my first day immersing myself in the Containers devroom, where I encountered some fascinating talks. One that stood out was Adrian Reber’s discussion on checkpointing and restoring containers. Essentially, this technique allows for freezing a container and its state at a specific moment, then restoring it on another machine or cluster, and so on. The painstaking effort required to extract every single piece of data associated with a process, such as memory and file references, was truly impressive.

The primary tool used to achieve this is CRIU, a C application that offers invaluable insights on how to dump data from a running process and determine its associated resources via kernel APIs. Check out this file (https://github.com/checkpoint-restore/criu/blob/criu-dev/criu/cr-dump.c) if you’re keen to explore further.

static int dump_task_thread(struct parasite_ctl *parasite_ctl, const struct pstree_item *item, int id)
{
	struct parasite_thread_ctl *tctl = dmpi(item)->thread_ctls[id];
	struct pid *tid = &item->threads[id];
	CoreEntry *core = item->core[id];
	pid_t pid = tid->real;
	int ret = -1;
	struct cr_img *img;

	pr_info("\n");
	pr_info("Dumping core for thread (pid: %d)\n", pid);
	pr_info("----------------------------------------\n");

	ret = parasite_dump_thread_seized(tctl, parasite_ctl, id, tid, core);
	if (ret) {
		pr_err("Can't dump thread for pid %d\n", pid);
		goto err;
	}
	pstree_insert_pid(tid);

	core->thread_core->creds->lsm_profile = dmpi(item)->thread_lsms[id]->profile;
	core->thread_core->creds->lsm_sockcreate = dmpi(item)->thread_lsms[0]->sockcreate;

	img = open_image(CR_FD_CORE, O_DUMP, tid->ns[0].virt);
	if (!img)
		goto err;

	ret = pb_write_one(img, core, PB_CORE);

	close_image(img);
err:
	pr_info("----------------------------------------\n");
	return ret;
}

One interesting use case for checkpointing containers is to preserve the state of applications that take a long time to initialize. By checkpointing when initialization is complete, you can achieve near-instant initialization time for future containers with the same app.

During my time at the Containers devroom, I observed several intriguing trends:

• Reproducibility and integrity are major concerns, as demonstrated by the rise of SLSA and related initiatives. Supply-chain attacks in the software world are becoming increasingly common.
• Container tooling is evolving rapidly, with a growing number of tools for building, running, and inspecting containers. Some notable examples include Finch (https://github.com/runfinch/finch) and Lima (https://github.com/lima-vm/lima).

CI/CD

I spent the afternoon amidst a bustling crowd at the CI/CD room, as is typical of the FOSDEM experience! This gave me an opportunity to gain valuable insights into the popular tools dominating the CI/CD landscape.

What struck me the most was the extensive consolidation and standardization efforts currently underway. Given the long-standing prevalence of Jenkins, the vast array of plugins, hacks, and systems revolving around it is a testament to the sheer complexity of the CI/CD world. The need for initiatives to tame this complexity and bring order to the chaos could not be more evident.

If you’re looking to stay up-to-date on the latest developments in the CI/CD world, the CD Foundation projects (https://cd.foundation/projects/) are definitely worth checking out. These projects are particularly interesting and can provide valuable insights into the future of this field.

Testing and Automation

A room with a lot of overlap with the CI/CD, but also really interesting. I particularly enjoyed the talk on Linux Kernel Functional Testing. It’s a prime example of the kind of complexity you encounter when dealing with projects like the Linux Kernel.

Another highlight was discovering tracetest (https://tracetest.io/), which introduced the concept of using traces for testing, without the need to write cumbersome mocks. I found this a truly innovative approach, especially when combined with OpenTelemetry, making it an excellent option for both testing and production-based verification.

Janson

My last few hours at the conference were spent in the Janson room, and I gotta say, some of the less technical talks really hit the spot. Kris Nova delivered an engaging talk on her journey with the Hachyderm mastodon instance, full of powerful and valuable lessons.

Then Matrix 2.0 blew me away with their impressive showcase of features. However, the sheer scale of their project left me feeling a bit uneasy. I’ve seen this before - trying to bite off more than you can chew can result in half-baked products, and lots of complexity lurking in dark corners!

Conclusions

As always, the best part of FOSDEM is being surrounded by a community of like-minded individuals and being inspired by the passion and dedication they pour into their projects. While there were countless sessions I wasn’t able to attend, fortunately, everything is available on the website (https://fosdem.org/2023/), so you can catch up on any missed talks at your leisure.