191 oSC19 openSUSE Conference 2019 2019-05-24 2019-05-26 3 00:15 2019-05-24T11:30:00+02:00 09:30 00:30 Saal (Main Hall) Short Talk 2522-yast-yet-another-suse-talk YaST – Yet another SUSE Talk? Or how are SUSE and the openSUSE community interacting together in 2019 Keynote Presenter: Thomas Di Giacomo In this session we will first briefly describe how the openSUSE community and SUSE have been historically (well since Leap/Tumbleweed, not going back to the days before) collaborating together, e.g. Gnome and SUSE Linux Desktop, KDE and packagehub, then look at some of the more recent activities around MicroOS, container engines and tools, container networking such as Cilium, container management, etc. with respect to Kubic and SUSE CaaS Platform. As this is not only about a company and a community per se but a lot more primarily about people doing things, about contributors and developers, we’ll highlight a few specific example individuals in such a collaboration context, , and then share what we think are the aspects that work and ones where we could improve for both to benefit from. Presenter: Thomas Di Giacomo In this session we will first briefly describe how the openSUSE community and SUSE have been historically (well since Leap/Tumbleweed, not going back to the days before) collaborating together, e.g. Gnome and SUSE Linux Desktop, KDE and packagehub, then look at some of the more recent activities around MicroOS, container engines and tools, container networking such as Cilium, container management, etc. with respect to Kubic and SUSE CaaS Platform. As this is not only about a company and a community per se but a lot more primarily about people doing things, about contributors and developers, we’ll highlight a few specific example individuals in such a collaboration context, , and then share what we think are the aspects that work and ones where we could improve for both to benefit from. false Thomas Di Giacomo 2019-05-24T12:00:00+02:00 10:00 00:15 Saal (Main Hall) Administration 2255-opening-comments Opening Comments openSUSE All volunteers are needed at the opening annoucement. All volunteers are needed at the opening annoucement. false Douglas DeMaio 2019-05-24T12:15:00+02:00 10:15 00:30 Saal (Main Hall) Registration 2258-day-1-registration-booth Day 1 Registration Booth openSUSE Pick up your badge and swag at the registration booth. Pick up your badge and swag at the registration booth. false Douglas DeMaio 2019-05-24T12:45:00+02:00 10:45 00:30 Saal (Main Hall) Short Talk 2429-eos-design-system EOS Design System The solution to bring good UX to all OSS Open Source In the past UX design was a commodity in the paid consumer world, where companies like Facebook, Google, Uber would invest millions on. Today the gap is closing. Enterprise and Open Source applications are in need of better UX too. On the other hand, many companies of all different sizes struggle with today's IT agendas: bleeding edge software, agile development, short time-to-market, etc., and this "new" (and really not so) kid on the block is not making it any easier for developers and designers to keep up: UX design. Companies struggling in this scenario will eventually suffer from a big level of inconsistency in their products portfolio, and sometimes even in one same product. Design Systems can help solve this problem, and a few more. Design Systems serve as a centralized source of information for UX, UI, and other brand-related guidelines that help not only developers find the UI element or component they need, but also designers to build faster prototypes while streamlining the collaboration between the two. But, building a Design System can take a very long time and be very expensive, this is why we're building EOS: an Open Source and customizable Design System. In this presentation, we will talk more about the problem Design Systems solve, how we are building EOS, and how it can be of great benefit to your company or project. More about EOS: http://eosdesignsystem.com In the past UX design was a commodity in the paid consumer world, where companies like Facebook, Google, Uber would invest millions on. Today the gap is closing. Enterprise and Open Source applications are in need of better UX too. On the other hand, many companies of all different sizes struggle with today's IT agendas: bleeding edge software, agile development, short time-to-market, etc., and this "new" (and really not so) kid on the block is not making it any easier for developers and designers to keep up: UX design. Companies struggling in this scenario will eventually suffer from a big level of inconsistency in their products portfolio, and sometimes even in one same product. Design Systems can help solve this problem, and a few more. Design Systems serve as a centralized source of information for UX, UI, and other brand-related guidelines that help not only developers find the UI element or component they need, but also designers to build faster prototypes while streamlining the collaboration between the two. But, building a Design System can take a very long time and be very expensive, this is why we're building EOS: an Open Source and customizable Design System. In this presentation, we will talk more about the problem Design Systems solve, how we are building EOS, and how it can be of great benefit to your company or project. More about EOS: http://eosdesignsystem.com false csanchez@suse.de Jesus Herman-Marina 2019-05-24T13:15:00+02:00 11:15 00:45 Saal (Main Hall) Normal Talk 2480-dnf-vs-zypp-fight DNF vs ZYpp: Fight! A comparison of the two major RPM package managers Open Source In one corner, we have Zypper: the successor to the motley of package management options from Ximian and SuSE. Created after the merger of the Ximian and YaST package manager teams, it was a pioneer in using the SAT solver for package management and proved that it worked well at scale in a large and popular Linux distribution platform (SUSE Linux). It spawned the development of libsatsolver, which became libsolv. Considered by many to be the most advanced and fastest package manager, it is created a class of package managers all on its own. It is used in openSUSE, but is also available in Fedora and other RPM-based Linux distributions. In the other corner, we have DNF: the anointed successor to YUM (Yellowdog Updater, Modified). DNF (Dandified YUM) was forked from YUM to rework the internals to leverage libsolv and offer a saner, more maintainable API. Forged from the blood, sweat, and tears of many package manager developers from Red Hat and others, DNF is built with the lessons in mind from the last decade of software and systems management experiences. A new up and comer, it is used in Fedora, Mageia, OpenMandriva, Yocto, and others. It is also available in openSUSE. How do these two package managers compare? Are they more similar than different? Has DNF made YUM no longer a trash heap? Does ZYpp still rule the roost? This talk explores both package managers and compares them from a technical, usability, and ecosystem perspective. Who knows? Perhaps there are lessons to still be learned for evolving both package managers. In one corner, we have Zypper: the successor to the motley of package management options from Ximian and SuSE. Created after the merger of the Ximian and YaST package manager teams, it was a pioneer in using the SAT solver for package management and proved that it worked well at scale in a large and popular Linux distribution platform (SUSE Linux). It spawned the development of libsatsolver, which became libsolv. Considered by many to be the most advanced and fastest package manager, it is created a class of package managers all on its own. It is used in openSUSE, but is also available in Fedora and other RPM-based Linux distributions. In the other corner, we have DNF: the anointed successor to YUM (Yellowdog Updater, Modified). DNF (Dandified YUM) was forked from YUM to rework the internals to leverage libsolv and offer a saner, more maintainable API. Forged from the blood, sweat, and tears of many package manager developers from Red Hat and others, DNF is built with the lessons in mind from the last decade of software and systems management experiences. A new up and comer, it is used in Fedora, Mageia, OpenMandriva, Yocto, and others. It is also available in openSUSE. How do these two package managers compare? Are they more similar than different? Has DNF made YUM no longer a trash heap? Does ZYpp still rule the roost? This talk explores both package managers and compares them from a technical, usability, and ecosystem perspective. Who knows? Perhaps there are lessons to still be learned for evolving both package managers. false Neal Gompa 2019-05-24T15:00:00+02:00 13:00 00:30 Saal (Main Hall) Short Talk 2534-building-containers-and-images-in-and-for-opensuse Building containers and images in and for openSUSE In this talk I explain how containers based on openSUSE Leap and Tumbleweed should be built and how the process for building and submitting official images works. In this talk I explain how containers based on openSUSE Leap and Tumbleweed should be built and how the process for building and submitting official images works. false favogt 2019-05-24T15:30:00+02:00 13:30 00:45 Saal (Main Hall) Normal Talk 2528-opensuse-microos openSUSE MicroOS A new distro for a new age Cloud and Containers As the world moves more and more towards containerised solutions, a number of real questions start to appear. - What is the perfect platform for running containers atop? - How to use this platform as part of a flexible, scalable, highly available infrastructure fabric? - How to minimize the maintenance and administration of this platform at scale? Many of these problems are well answered in enterprise container offerings, but for developers more interested in the state of containers & kubernetes upstream, new issues start to appear. With such fast moving upstreams, developers and enthusiasts need a platform that can keep up and is closely involved with those upstream developments. This platform needs to not only be able to run containers at scale, but also on single machine, all the while preserving the attributes of low maintenance so the focus can be on the containers, not the base system beneath them. And then the question becomes "What is so special about containers anyway?" - in more and more cases, people are deploying Linux VMs, Cloud instances, or bare metal to do 'just one job', with other jobs being handled by other machines. Can we simplify the Operating System and make it easier to live with if we optimise it for these 'single-purpose' deployments? This talk introduces openSUSE MicroOS, and explains how it addresses the above, being the perfect distribution for this modern age. The session will explore in some detail how MicroOS is developed in lockstep with the Tumbleweed rolling release and can be used for a wide variety of single-purpose systems. This talk will also discuss openSUSE Kubic, the MicroOS variant focused on containers. The talk will share how Kubic collaborates with various upstreams including kubeadm and CRI-O. Transactional Updates, Kubic's system update stack will be demonstrated and the benefits from such an atomic update approach discussed in some detail. Finally the kubictl Kubernetes cluster boostrapping tool will be discussed and some future plans shared for consideration and feedback. As the world moves more and more towards containerised solutions, a number of real questions start to appear. - What is the perfect platform for running containers atop? - How to use this platform as part of a flexible, scalable, highly available infrastructure fabric? - How to minimize the maintenance and administration of this platform at scale? Many of these problems are well answered in enterprise container offerings, but for developers more interested in the state of containers & kubernetes upstream, new issues start to appear. With such fast moving upstreams, developers and enthusiasts need a platform that can keep up and is closely involved with those upstream developments. This platform needs to not only be able to run containers at scale, but also on single machine, all the while preserving the attributes of low maintenance so the focus can be on the containers, not the base system beneath them. And then the question becomes "What is so special about containers anyway?" - in more and more cases, people are deploying Linux VMs, Cloud instances, or bare metal to do 'just one job', with other jobs being handled by other machines. Can we simplify the Operating System and make it easier to live with if we optimise it for these 'single-purpose' deployments? This talk introduces openSUSE MicroOS, and explains how it addresses the above, being the perfect distribution for this modern age. The session will explore in some detail how MicroOS is developed in lockstep with the Tumbleweed rolling release and can be used for a wide variety of single-purpose systems. This talk will also discuss openSUSE Kubic, the MicroOS variant focused on containers. The talk will share how Kubic collaborates with various upstreams including kubeadm and CRI-O. Transactional Updates, Kubic's system update stack will be demonstrated and the benefits from such an atomic update approach discussed in some detail. Finally the kubictl Kubernetes cluster boostrapping tool will be discussed and some future plans shared for consideration and feedback. false Richard Brown 2019-05-24T16:30:00+02:00 14:30 00:30 Saal (Main Hall) Short Talk 2456-kubernetes-the-hard-way-on-opensuse-cloud-environment "Kubernetes The Hard Way" on openSUSE Cloud environment Let's build your own cloud Cloud and Containers "Kubernetes" is one of the most popular and famous container orchestration open source software. And now, there are so many Kubernetes environments and deployment tools such as SUSE CaaS Platform, minikube, kubeadm, Rancher, GKE/AKS/EKS, etc. So, we can use or build a Kubernetes cluster with them very easily. However, it also prevents opportunities to understand Kubernetes technologies themselves from people who want to know the architecture itself. Therefore, if a Kubernetes cluster gets something wrong, it would be tough challenge to resolve it without such knowledge. For such a situation, here is a very good exercise document - "Kubernetes The Hard Way[0]" which is a tutorial for setting up Kubernetes the hard way on Google Cloud Platform(GCP). People can learn internal architecture of Kubernetes from that. In this session, attendees will get an opportunity to know how to set up a Kubernetes cluster on not only GCP but also an openSUSE OpenStack cloud based on the tutorial, and, will get to know its technology deeply. "Kubernetes The Hard Way"[0] has 14 chapters right now. And it's written for the GCP basically. However, it works on the other clouds (e.g. openSUSE OpenStack Cloud) with some modifications. [0] https://github.com/kelseyhightower/kubernetes-the-hard-way Kubernetes The Hard Way outlines:: 1. Prerequisites 2. Installing the Client Tools 3. Provisioning Compute Resources 4. Provisioning a CA and Generating TLS Certificates 5. Generating Kubernetes Configuration Files for Authentication 6. Generating the Data Encryption Config and Key 7. Bootstrapping the etcd Cluster 8. Bootstrapping the Kubernetes Control Plane 9. Bootstrapping the Kubernetes Worker Nodes 10. Configuring kubectl for Remote Access 11. Provisioning Pod Network Routes 12. Deploying the DNS Cluster Add-on 13. Smoke Test 14. Cleaning Up "Kubernetes" is one of the most popular and famous container orchestration open source software. And now, there are so many Kubernetes environments and deployment tools such as SUSE CaaS Platform, minikube, kubeadm, Rancher, GKE/AKS/EKS, etc. So, we can use or build a Kubernetes cluster with them very easily. However, it also prevents opportunities to understand Kubernetes technologies themselves from people who want to know the architecture itself. Therefore, if a Kubernetes cluster gets something wrong, it would be tough challenge to resolve it without such knowledge. For such a situation, here is a very good exercise document - "Kubernetes The Hard Way[0]" which is a tutorial for setting up Kubernetes the hard way on Google Cloud Platform(GCP). People can learn internal architecture of Kubernetes from that. In this session, attendees will get an opportunity to know how to set up a Kubernetes cluster on not only GCP but also an openSUSE OpenStack cloud based on the tutorial, and, will get to know its technology deeply. "Kubernetes The Hard Way"[0] has 14 chapters right now. And it's written for the GCP basically. However, it works on the other clouds (e.g. openSUSE OpenStack Cloud) with some modifications. [0] https://github.com/kelseyhightower/kubernetes-the-hard-way Kubernetes The Hard Way outlines:: 1. Prerequisites 2. Installing the Client Tools 3. Provisioning Compute Resources 4. Provisioning a CA and Generating TLS Certificates 5. Generating Kubernetes Configuration Files for Authentication 6. Generating the Data Encryption Config and Key 7. Bootstrapping the etcd Cluster 8. Bootstrapping the Kubernetes Control Plane 9. Bootstrapping the Kubernetes Worker Nodes 10. Configuring kubectl for Remote Access 11. Provisioning Pod Network Routes 12. Deploying the DNS Cluster Add-on 13. Smoke Test 14. Cleaning Up false Masayuki Igawa 2019-05-24T17:00:00+02:00 15:00 00:45 Saal (Main Hall) Normal Talk 2531-opensuse-microos-desktop openSUSE MicroOS Desktop A New openSUSE Desktop Distribution? Desktop and Applications Kubic with its MicroOS core is an exciting distribution that takes much of the cool stuff we're doing in Tumbleweed, adds solutions to the problems of updating a running system, and is becoming the perfect base system for running containers. But in openSUSE, running server stuff is only half the fun. Why should servers be the only platform enjoying automatic, atomic, "auto-rollbackable" system updates? Surely desktop users want to be lazy like server admins also? Can the tools and approaches implemented in MicroOS help create the desktop distribution of the future? Let's find out! This talk will introduce the concept of 'openSUSE MicroOS Desktop', a desktop focused variant of MicroOS based on Tumbleweed. Various ideas will be discussed, prototypes will be shown, and feedback will be expected from the audience to help shape this potentially exciting take on the future of openSUSE on Desktops. Kubic with its MicroOS core is an exciting distribution that takes much of the cool stuff we're doing in Tumbleweed, adds solutions to the problems of updating a running system, and is becoming the perfect base system for running containers. But in openSUSE, running server stuff is only half the fun. Why should servers be the only platform enjoying automatic, atomic, "auto-rollbackable" system updates? Surely desktop users want to be lazy like server admins also? Can the tools and approaches implemented in MicroOS help create the desktop distribution of the future? Let's find out! This talk will introduce the concept of 'openSUSE MicroOS Desktop', a desktop focused variant of MicroOS based on Tumbleweed. Various ideas will be discussed, prototypes will be shown, and feedback will be expected from the audience to help shape this potentially exciting take on the future of openSUSE on Desktops. false Richard Brown 2019-05-24T17:45:00+02:00 15:45 00:45 Saal (Main Hall) Normal Talk 2444-opensuse-microos-in-production openSUSE MicroOS in Production Deploying apps using Podman Cloud and Containers This talk will be about deploying comment business applications on openSUSE MicroOS It will have a presentation about the challenges that we face at our company La Sentinelle, Mauritius (https://www.lasentinelle.mu) and how we used openSUSE MicroOS to address those. This talk will be about deploying comment business applications on openSUSE MicroOS It will have a presentation about the challenges that we face at our company La Sentinelle, Mauritius (https://www.lasentinelle.mu) and how we used openSUSE MicroOS to address those. false Ish Sookun 2019-05-24T18:45:00+02:00 16:45 00:30 Saal (Main Hall) Short Talk 2468-deploying-ceph-with-rook-on-kubic-k8s-cluster Deploying Ceph with Rook on Kubic k8s cluster Cloud and Containers In this talk we could see how easy it is to deploy and configure Ceph ready k8s cluster on top of Kubic. And setup Ceph on top of it with Rook (rook.io). We would see couple of examples for Openstack and Vagrant to run such clusters for your CI and development environments. [Link to the presentation](https://github.com/denisok/oSC19-Rook-on-Kubic) In this talk we could see how easy it is to deploy and configure Ceph ready k8s cluster on top of Kubic. And setup Ceph on top of it with Rook (rook.io). We would see couple of examples for Openstack and Vagrant to run such clusters for your CI and development environments. [Link to the presentation](https://github.com/denisok/oSC19-Rook-on-Kubic) false Denis Kondratenko 2019-05-24T19:15:00+02:00 17:15 00:45 Saal (Main Hall) Normal Talk 2393-kubic-with-opensds Kubic with OpenSDS Flexible software defined storage management Cloud and Containers I introduce OpenSDS that is an open source community working to address storage integration challenges. I remark technology. OpenSDS can manage LVM, Ceph, Cinder, and more as a software defined storage. and We can use OpenSDS in Kubernetes through CSI, Flexvolume, and Service Catalog. therefore, Kubernetes can use software defined storage by OpenSDS. I draw overview of Kubernetes - OpenSDS - storage relationship and explain one case of to build on Kubic. This strategy bring us these benefits: - If Administrator create PodPreset at SDS, Application developer don't need to prepare storage. - If Administrator create storage pool, He don't need to create volume each request. And I explain potential of replication with DRBD. Participant can learn SDS strategy on Kubernetes with OpenSDS. and How to build on Kubic. I introduce OpenSDS that is an open source community working to address storage integration challenges. I remark technology. OpenSDS can manage LVM, Ceph, Cinder, and more as a software defined storage. and We can use OpenSDS in Kubernetes through CSI, Flexvolume, and Service Catalog. therefore, Kubernetes can use software defined storage by OpenSDS. I draw overview of Kubernetes - OpenSDS - storage relationship and explain one case of to build on Kubic. This strategy bring us these benefits: - If Administrator create PodPreset at SDS, Application developer don't need to prepare storage. - If Administrator create storage pool, He don't need to create volume each request. And I explain potential of replication with DRBD. Participant can learn SDS strategy on Kubernetes with OpenSDS. and How to build on Kubic. false hashimotosyuta 2019-05-24T15:00:00+02:00 13:00 00:30 Seminarraum 1 Short Talk 2495-thinking-about-opensuse-hcl Thinking About openSUSE HCL Let's Keep HCL Updated openSUSE I have been a part of the Taiwan openSUSE community for almost a year. During this time, I was a volunteer at the openSUSE Asia Summit 2018, and I attended monthly openSUSE meet-ups. It feels great to have a group of people with whom to study and share knowledge. In the new year, I am curious about how I can contribute to the community with my expertise as an OS certification technical manager in the server hardware industry. My job is to ensure the hardware product we make is compatible with as many operating systems as possible. Therefore, the first option I have looked into is the Hardware Compatibility List (HCL). Why does the HCL matter? There are four reasons: 1. For some users, an HCL is mandatory before ordering can be started. 2. It increases the user base; by having an updated HCL, people can easily start to use it. 3. Providing a hardware compatibility process to hardware vendors so they can display openSUSE as a compatible OS to their customers could be a chance to increase visibility to users. 4. Establishing an easy-to-follow hardware testing policy may increase the number of hardware vendors and users available to do the test and to report more bugs, and it will make openSUSE more reliable. The good news is that openSUSE already has an HCL on its wiki page, but we are still facing some challenges. Here, I listed four major problems: 1. The data are entirely outdated. 2. There is much inconsistent information. 3. There is a lack of real data from the real system. 4. Anyone can edit the existing HCL, which could make the data unreliable. To solve the problems, I herein propose three approaches to improve the HCL: 1. Develop a simple test kit to record the hardware information from the testing hardware system and provide the result to the HCL by submitting logs. 2. Leverage the SUSE Yes Certification Program’s result, listing the SUSE-certified servers in the openSUSE HCL. 3. Expand the HCL source from users to hardware vendors to collect HCL data from the source that are more reliable. Ultimately, the HCL could develop into a hardware certification program, which can create more value. Adding more test cases can provide more compatibility between the hardware and openSUSE. In addition, we can create more policies to guide the hardware vendor, and we can even design a logo to prove compatibility in the market. In the end, I will talk about the call to action. If the audiences are interested in the idea, the HCL needs more people to become involved to: 1. Develop a test suite to collect the HW data; it must be expandable for adding more test cases in the future. 2. Create a basic guideline for the people who want to test their hardware and submit the logs to the openSUSE HCL. 3. Form a team/committee to oversee the process of submitting the HCL. I have been a part of the Taiwan openSUSE community for almost a year. During this time, I was a volunteer at the openSUSE Asia Summit 2018, and I attended monthly openSUSE meet-ups. It feels great to have a group of people with whom to study and share knowledge. In the new year, I am curious about how I can contribute to the community with my expertise as an OS certification technical manager in the server hardware industry. My job is to ensure the hardware product we make is compatible with as many operating systems as possible. Therefore, the first option I have looked into is the Hardware Compatibility List (HCL). Why does the HCL matter? There are four reasons: 1. For some users, an HCL is mandatory before ordering can be started. 2. It increases the user base; by having an updated HCL, people can easily start to use it. 3. Providing a hardware compatibility process to hardware vendors so they can display openSUSE as a compatible OS to their customers could be a chance to increase visibility to users. 4. Establishing an easy-to-follow hardware testing policy may increase the number of hardware vendors and users available to do the test and to report more bugs, and it will make openSUSE more reliable. The good news is that openSUSE already has an HCL on its wiki page, but we are still facing some challenges. Here, I listed four major problems: 1. The data are entirely outdated. 2. There is much inconsistent information. 3. There is a lack of real data from the real system. 4. Anyone can edit the existing HCL, which could make the data unreliable. To solve the problems, I herein propose three approaches to improve the HCL: 1. Develop a simple test kit to record the hardware information from the testing hardware system and provide the result to the HCL by submitting logs. 2. Leverage the SUSE Yes Certification Program’s result, listing the SUSE-certified servers in the openSUSE HCL. 3. Expand the HCL source from users to hardware vendors to collect HCL data from the source that are more reliable. Ultimately, the HCL could develop into a hardware certification program, which can create more value. Adding more test cases can provide more compatibility between the hardware and openSUSE. In addition, we can create more policies to guide the hardware vendor, and we can even design a logo to prove compatibility in the market. In the end, I will talk about the call to action. If the audiences are interested in the idea, the HCL needs more people to become involved to: 1. Develop a test suite to collect the HW data; it must be expandable for adding more test cases in the future. 2. Create a basic guideline for the people who want to test their hardware and submit the logs to the openSUSE HCL. 3. Form a team/committee to oversee the process of submitting the HCL. false Joshsi 2019-05-24T15:30:00+02:00 13:30 00:45 Seminarraum 1 Normal Talk 2435-introduction-to-yubikeys-in-opensuse Introduction to YubiKeys (in openSUSE) Everything you should know about YubiKey Desktop and Applications YubiKeys are handy little USB tokens that allow for hardware-based cryptography, which are becoming ever more prevalent. They provide support for a great variety of cryptographic protocols and standards, and offer several modes of operations. While this makes them very versatile, it can also be somewhat confusing, especially when you are only getting in touch with them for the first time. This talk is an introduction to YubiKeys. It will explain what multifactor authentication is about, what kind of problems the YubiKey is addressing, and how the different modes of operation can be used to improve computer security. In this talk two new emerging authentication standards will also be touched upon, namely WebAuthn and FIDO2. These are related to the YubiKey and in combination will make authentication throughout the Internet substantially more secure. More importantly, however, it is very easy to use - even by non-technical people! A live demonstration will show you how a typical workflow looks like. Some advice and good practice, along with a Q&A session will conclude the talk. Recently some effort has been put into packaging and updating the software stack for YubiKeys within openSUSE, so that everything (including the latest generation of YubiKeys) are supported out-of-the box. For this talk no prior knowledge about the topic is required and/or expected. Any cryptographic concepts that are needed for explanation will be introduced on a high-level during the talk. Having basic cryptographic knowledge will definitely make it easier to follow along on some details, though. YubiKeys are handy little USB tokens that allow for hardware-based cryptography, which are becoming ever more prevalent. They provide support for a great variety of cryptographic protocols and standards, and offer several modes of operations. While this makes them very versatile, it can also be somewhat confusing, especially when you are only getting in touch with them for the first time. This talk is an introduction to YubiKeys. It will explain what multifactor authentication is about, what kind of problems the YubiKey is addressing, and how the different modes of operation can be used to improve computer security. In this talk two new emerging authentication standards will also be touched upon, namely WebAuthn and FIDO2. These are related to the YubiKey and in combination will make authentication throughout the Internet substantially more secure. More importantly, however, it is very easy to use - even by non-technical people! A live demonstration will show you how a typical workflow looks like. Some advice and good practice, along with a Q&A session will conclude the talk. Recently some effort has been put into packaging and updating the software stack for YubiKeys within openSUSE, so that everything (including the latest generation of YubiKeys) are supported out-of-the box. For this talk no prior knowledge about the topic is required and/or expected. Any cryptographic concepts that are needed for explanation will be introduced on a high-level during the talk. Having basic cryptographic knowledge will definitely make it easier to follow along on some details, though. false Karol Babioch 2019-05-24T16:30:00+02:00 14:30 00:30 Seminarraum 1 Short Talk 2492-suse-package-hub-from-community-to-enterprise SUSE Package Hub - From Community to Enterprise openSUSE SUSE Package Hub provides open source packages from the Community to SUSE Linux Enterprise Users. This talk shows the current state, explains how to contribute and also gives some insights in the live of Package Hub. SUSE Package Hub provides open source packages from the Community to SUSE Linux Enterprise Users. This talk shows the current state, explains how to contribute and also gives some insights in the live of Package Hub. false Wolfgang Engel 2019-05-24T17:00:00+02:00 15:00 00:45 Seminarraum 1 Normal Talk 2465-geeko-magazine-a-technical-magazine-on-opensuse-edited-on-opensuse Geeko Magazine: A Technical Magazine on openSUSE, edited on openSUSE openSUSE Japan openSUSE User Group publishes a technical magazine every half year. The title of the magazine is Geeko Magazine. It consists of technical articles on openSUSE and applications running on openSUSE. For example, the latest issue of the magazine contains articles like "Launching Kubernetes Cluster with Kubic in 10 minutes", "Accessing to Google Drive from openSUSE", and "How to enable HTTPS with Let's Encrypt." Since 2014, we have published 9 issues of Geeko Magazine. In this talk, after explaining the culture of self-publishing in Japan, I will talk about the process from calling articles from the user group until distributing Geeko Magazine. Another topic is our challenge: editing the magazine on openSUSE. Thereby, we cannot use popular desktop publishing (DTP) applications like Adobe InDesign. Instead of such applications, we have been using Scribus, an OSS DTP application to edit Geeko Magazine. It supports CMYK color and DTP data such as trim marks and bleed areas, required by print shops. However, in 2014, Scribus was not adequate for writing a Japanese document. This is because typesetting rules are much different from English etc. To publish Geeko Magazine, we went OSS way; we have improved Scribus one by one at every issue of the magazine in cooperation with the upstream community. I will talk about a brief summary of those problems we have resolved. Japan openSUSE User Group publishes a technical magazine every half year. The title of the magazine is Geeko Magazine. It consists of technical articles on openSUSE and applications running on openSUSE. For example, the latest issue of the magazine contains articles like "Launching Kubernetes Cluster with Kubic in 10 minutes", "Accessing to Google Drive from openSUSE", and "How to enable HTTPS with Let's Encrypt." Since 2014, we have published 9 issues of Geeko Magazine. In this talk, after explaining the culture of self-publishing in Japan, I will talk about the process from calling articles from the user group until distributing Geeko Magazine. Another topic is our challenge: editing the magazine on openSUSE. Thereby, we cannot use popular desktop publishing (DTP) applications like Adobe InDesign. Instead of such applications, we have been using Scribus, an OSS DTP application to edit Geeko Magazine. It supports CMYK color and DTP data such as trim marks and bleed areas, required by print shops. However, in 2014, Scribus was not adequate for writing a Japanese document. This is because typesetting rules are much different from English etc. To publish Geeko Magazine, we went OSS way; we have improved Scribus one by one at every issue of the magazine in cooperation with the upstream community. I will talk about a brief summary of those problems we have resolved. false Fuminobu Takeyama 2019-05-24T17:45:00+02:00 15:45 00:45 Seminarraum 1 Normal Talk 2513-building-large-health-networks-gnu-health-federation-and-opensuse Building large health networks GNU Health Federation and openSUSE 10 years of Freedom and Equity in Healthcare openSUSE GNU Health is the Free/Libre Health and Hospital Information System that is included in openSUSE. GNU Health combines the socioeconomic determinants of health with state-of-the-art technology in bioinformatics and clinical genetics. It provides holistic picture of the person, from the biological and molecular basis of disease to the environmental determinants of health. In addition, it manages the internal processes of a health institution, such as financial management, billing, stock management, pharmacies or labs (LIMS) The GNU Health Federation introduced in 3.4 series allows to build nationwide federated networks with thousands of heterogeneous nodes. The GNU Health federation is revolutionary, and will allow the community, the health practitioners, the research institutions and the ministries of health to have much better perspective and precise information on the individuals and their context. Having the GNU Health Federation in openSUSE (available both for Tumbleweed and Leap) not only provides the development environment, but the server stability to deploy it in hospitals and large heterogeneous health networks across a country. GNU Health is the Free/Libre Health and Hospital Information System that is included in openSUSE. GNU Health combines the socioeconomic determinants of health with state-of-the-art technology in bioinformatics and clinical genetics. It provides holistic picture of the person, from the biological and molecular basis of disease to the environmental determinants of health. In addition, it manages the internal processes of a health institution, such as financial management, billing, stock management, pharmacies or labs (LIMS) The GNU Health Federation introduced in 3.4 series allows to build nationwide federated networks with thousands of heterogeneous nodes. The GNU Health federation is revolutionary, and will allow the community, the health practitioners, the research institutions and the ministries of health to have much better perspective and precise information on the individuals and their context. Having the GNU Health Federation in openSUSE (available both for Tumbleweed and Leap) not only provides the development environment, but the server stability to deploy it in hospitals and large heterogeneous health networks across a country. false Luis Falcon 2019-05-24T19:15:00+02:00 17:15 00:45 Seminarraum 1 Normal Talk 2501-re-thinking-spec-files Re-Thinking Spec Files New features for rpmbuild openSUSE Right now many RPM spec files contain large parts of boiler plate code. In the current development cycle of RPM we try to help reducing this clutter. We hope we can make packaging easier by providing means to have pre-arranged building blocks and offer more control over larger sets of packages. This will also change the relation between RPM as a multipurpose tool and the single package/packager by adding a layer in between take will take care of common tasks. This talk will give a overview of the changes already done and still planned and will allow for discussion and feed back. Right now many RPM spec files contain large parts of boiler plate code. In the current development cycle of RPM we try to help reducing this clutter. We hope we can make packaging easier by providing means to have pre-arranged building blocks and offer more control over larger sets of packages. This will also change the relation between RPM as a multipurpose tool and the single package/packager by adding a layer in between take will take care of common tasks. This talk will give a overview of the changes already done and still planned and will allow for discussion and feed back. false Florian Festi 2019-05-24T17:00:00+02:00 15:00 01:30 Seminarraum 2 Short Workshop 2234-gpg-key-signing-party GPG key signing party Get you key signed, sign other people's key Open Source IMPORTANT: Bring your GPG key and an official document that helps people identify yourself. And ID card, driver license or passport is ok. But, to make people trust you, your name on that document may be the same that you put on your GPG key, and people may recognize you on your document's photo. With GPG you can send and receive encrypted information. But, in order to be sure that the information is sent to and received from the right person, a trusted network is necessary. Imagine that you receive an encrypted message from your friend. What happens if someone has supplanted your friend's identity? The message is securely transmitted to you, but the source is dangerous. Imagine that you send an encrypted message to your friend. What happens if someone has supplanted your friend's identity? The message is securely transmitted, but to the wrong person. In order to assure that we are sending the message to and receiving it from the right person, we need to first sign her/his key. In this workshop, we will help you to get your GPG key signed by others and help you signing other's GPG keys. This trusted network is very important and signing someone's key should be taken carefully and seriously. Signing a wrong key causes a weak point in the network of trust. And without a reliable network of trust, the communication through GPG encryption wouldn't make any sense. There are two ways of providing your public key to the participants. 1. You can upload your public key to a key server like https://keyserver.ubuntu.com (preferred method). 2. If you don't want to upload your key to a key server, you can send me your public key by email to sergiolindo [dot] empresa [at] gmail [dot] com. You can send your public key encrypted with my public key. Send the keys to sergiolindo [dot] empresa [at] gmail [dot] com - My public key ID: 0x48fe093f3efcc910 - My public key fingerprint: 1C0D 4C1E 049B 0180 4028 E09E 48FE 093F 3EFC C910 IMPORTANT: Bring your GPG key and an official document that helps people identify yourself. And ID card, driver license or passport is ok. But, to make people trust you, your name on that document may be the same that you put on your GPG key, and people may recognize you on your documents photo. IMPORTANT: Bring your GPG key and an official document that helps people identify yourself. And ID card, driver license or passport is ok. But, to make people trust you, your name on that document may be the same that you put on your GPG key, and people may recognize you on your document's photo. With GPG you can send and receive encrypted information. But, in order to be sure that the information is sent to and received from the right person, a trusted network is necessary. Imagine that you receive an encrypted message from your friend. What happens if someone has supplanted your friend's identity? The message is securely transmitted to you, but the source is dangerous. Imagine that you send an encrypted message to your friend. What happens if someone has supplanted your friend's identity? The message is securely transmitted, but to the wrong person. In order to assure that we are sending the message to and receiving it from the right person, we need to first sign her/his key. In this workshop, we will help you to get your GPG key signed by others and help you signing other's GPG keys. This trusted network is very important and signing someone's key should be taken carefully and seriously. Signing a wrong key causes a weak point in the network of trust. And without a reliable network of trust, the communication through GPG encryption wouldn't make any sense. There are two ways of providing your public key to the participants. 1. You can upload your public key to a key server like https://keyserver.ubuntu.com (preferred method). 2. If you don't want to upload your key to a key server, you can send me your public key by email to sergiolindo [dot] empresa [at] gmail [dot] com. You can send your public key encrypted with my public key. Send the keys to sergiolindo [dot] empresa [at] gmail [dot] com - My public key ID: 0x48fe093f3efcc910 - My public key fingerprint: 1C0D 4C1E 049B 0180 4028 E09E 48FE 093F 3EFC C910 IMPORTANT: Bring your GPG key and an official document that helps people identify yourself. And ID card, driver license or passport is ok. But, to make people trust you, your name on that document may be the same that you put on your GPG key, and people may recognize you on your documents photo. false SLindoMansilla 2019-05-24T18:00:00+02:00 16:00 01:30 Hacker Room Short Workshop 2609-obs-get-together OBS get together! openSUSE OBS Community get together. Bring any topic you ever wanted to discuss with the OBS developers and community or just drop by to chat with us. We would be happy to have you there. :) OBS Community get together. Bring any topic you ever wanted to discuss with the OBS developers and community or just drop by to chat with us. We would be happy to have you there. :) false Ana Maria Martinez Gomez bgeuken 2019-05-25T11:30:00+02:00 09:30 00:30 Saal (Main Hall) Registration 2261-day-2-registration-booth Day 2 Registration Booth openSUSE Pick up your badge and swag at the registration booth. Pick up your badge and swag at the registration booth. false Douglas DeMaio 2019-05-25T12:00:00+02:00 10:00 00:45 Saal (Main Hall) Normal Talk 2555-cilium-bpf-the-future-of-linux-networking-and-security-keynote-thomas-graf-cilium Cilium & BPF - The Future of Linux Networking and Security (Keynote Thomas Graf, Cilium) Keynote Linux is the dominant platform to run microservices using cloud-native architectures. These modern architectures impose new challenges on the platform serving the applications. We'll take a peek at BPF and Cilium and how it revolutionizes both networking and security to enable platforms built on top of it to fully utilize the benefits of cloud-native architectures. Thomas Graf is Co-Founder & CTO at Isovalent and creator of the Cilium project. Before this, Thomas has been a Linux kernel developer at RedHat for many years. Linux is the dominant platform to run microservices using cloud-native architectures. These modern architectures impose new challenges on the platform serving the applications. We'll take a peek at BPF and Cilium and how it revolutionizes both networking and security to enable platforms built on top of it to fully utilize the benefits of cloud-native architectures. Thomas Graf is Co-Founder & CTO at Isovalent and creator of the Cilium project. Before this, Thomas has been a Linux kernel developer at RedHat for many years. false tgraf 2019-05-25T13:00:00+02:00 11:00 00:45 Saal (Main Hall) Normal Talk 2351-opensuse-on-arm openSUSE on ARM What happened since a year openSUSE This talk will give an overview of what happens since about a year for openSUSE on ARM. What is the current status and what is on the TODO list. This talk will give an overview of what happens since about a year for openSUSE on ARM. What is the current status and what is on the TODO list. false Guillaume Gardet 2019-05-25T13:45:00+02:00 11:45 00:15 Saal (Main Hall) Lighting Talk 2498-why-you-should-choose-opensuse-kubic Why you should choose openSUSE Kubic? openSUSE Kubic is really fun! Cloud and Containers In the past few years, the development of container application technology has advanced by leaps and bounds. But for people who want to enter a containers word still hard for them. Most of people stop at the first step that use Kubernetes to setup environment. As a opsnSUSE user I’m glad we have openSUSE Kubic. I would like to share people who frustrated to build container. All they should do are use openSUSE Kubic. They need new tools that make them easy to set up cluster and maintain. OpenSUSE Kubic is great platform to run containers and to learn how to containerize. Hope through my experience of use Kubic can share it for people who want to join open source and containers word. There always have a best way to help you management your IT infrastructure and work smart. In the past few years, the development of container application technology has advanced by leaps and bounds. But for people who want to enter a containers word still hard for them. Most of people stop at the first step that use Kubernetes to setup environment. As a opsnSUSE user I’m glad we have openSUSE Kubic. I would like to share people who frustrated to build container. All they should do are use openSUSE Kubic. They need new tools that make them easy to set up cluster and maintain. OpenSUSE Kubic is great platform to run containers and to learn how to containerize. Hope through my experience of use Kubic can share it for people who want to join open source and containers word. There always have a best way to help you management your IT infrastructure and work smart. false kimlin 2019-05-25T14:00:00+02:00 12:00 00:15 Saal (Main Hall) Lighting Talk 2537-state-of-transactional-update State of transactional-update News & file system layout anatomy openSUSE You may have heard about transactional updates already - that thing that will force you to reboot your system just like on Windows. Well, it still does, but it also provides a huge benefit compared to your regular updates: It won't break your currently running system. transactional-update is the default update mechanism on openSUSE Kubic and when using the "Transactional Server" role in openSUSE Leap or Tumbleweed. This talk is intended for both existing users and newcomers and will feature the following contents: - Give an overview of the design - Highlight the most important changes since last year, including the all-new _/etc_ handling - Give a general overview of the file system layout You may have heard about transactional updates already - that thing that will force you to reboot your system just like on Windows. Well, it still does, but it also provides a huge benefit compared to your regular updates: It won't break your currently running system. transactional-update is the default update mechanism on openSUSE Kubic and when using the "Transactional Server" role in openSUSE Leap or Tumbleweed. This talk is intended for both existing users and newcomers and will feature the following contents: - Give an overview of the design - Highlight the most important changes since last year, including the all-new _/etc_ handling - Give a general overview of the file system layout false Ignaz Forster 2019-05-25T15:00:00+02:00 13:00 00:45 Saal (Main Hall) Normal Talk 2345-lora-for-the-kernel LoRa for the kernel Adding support for LPWA wireless technologies Open Source At ELCE 2018 I presented a project to implement Linux kernel drivers for LoRa Low-Power Wide Area Network (LPWAN) wireless technology. The project is since evolving to cover more chipsets and other technologies. This is a brief overview of what is being worked on and how to participate. It will also explain how openSUSE Tumbleweed aarch64 has been used as base for most of the kernel development. At ELCE 2018 I presented a project to implement Linux kernel drivers for LoRa Low-Power Wide Area Network (LPWAN) wireless technology. The project is since evolving to cover more chipsets and other technologies. This is a brief overview of what is being worked on and how to participate. It will also explain how openSUSE Tumbleweed aarch64 has been used as base for most of the kernel development. false Andreas Färber 2019-05-25T15:45:00+02:00 13:45 00:15 Saal (Main Hall) Lighting Talk 2570-suse-developer-program SUSE DEVELOPER PROGRAM Open Source LEARN WHAT SUSE IS DOING TO HELP THE DEVELOPERS COMMUNITY CREATING APPLICATIONS AND SOLUTIONS IN AN EASIER AND QUICKER WAY AND HOW YOU CAN CONTRIBUTE TO THAT EFFORT! LEARN WHAT SUSE IS DOING TO HELP THE DEVELOPERS COMMUNITY CREATING APPLICATIONS AND SOLUTIONS IN AN EASIER AND QUICKER WAY AND HOW YOU CAN CONTRIBUTE TO THAT EFFORT! false Marco Varlese FSzekely timirnich 2019-05-25T16:00:00+02:00 14:00 00:45 Saal (Main Hall) Normal Talk 2432-introducing-pagure Introducing Pagure A new lightweight and powerful Git-centered forge, now in openSUSE! Open Source Pagure is a new, full-featured Git repository service for the web, written in Python. It is similar to other popular Git-based forges, allowing developers and contributors to share and collaborate on code and content. It also has some unique features not found in any other Git forge providing the basis for decentralized, federated software code hosting and development. It's fully free and open source software, and it's included in openSUSE Leap 15.1 and openSUSE Tumbleweed! The agenda of the presentation: - What is Pagure - History of Pagure - Current state and features of Pagure - Current ecosystem around Pagure - Plans for the future of Pagure - Demo of Pagure on openSUSE Pagure is a new, full-featured Git repository service for the web, written in Python. It is similar to other popular Git-based forges, allowing developers and contributors to share and collaborate on code and content. It also has some unique features not found in any other Git forge providing the basis for decentralized, federated software code hosting and development. It's fully free and open source software, and it's included in openSUSE Leap 15.1 and openSUSE Tumbleweed! The agenda of the presentation: - What is Pagure - History of Pagure - Current state and features of Pagure - Current ecosystem around Pagure - Plans for the future of Pagure - Demo of Pagure on openSUSE false pingou 2019-05-25T17:00:00+02:00 15:00 00:30 Saal (Main Hall) Short Talk 2486-opensuse-leap-15-x-kernels-status-quo openSUSE Leap 15.x Kernels: Status Quo The saga continues: after the legendary Leap 42.3 trilogy, we entered a new era of Leap 15.x. This talk will look over the past Leap 15.0 kernel and the ongoing Leap 15.1 kernel development, which new feature are armed, how they are managed and how they are processed. The saga continues: after the legendary Leap 42.3 trilogy, we entered a new era of Leap 15.x. This talk will look over the past Leap 15.0 kernel and the ongoing Leap 15.1 kernel development, which new feature are armed, how they are managed and how they are processed. false Takashi Iwai 2019-05-25T17:30:00+02:00 15:30 00:30 Saal (Main Hall) Short Talk 2396-opensuse-testing-an-overview openSUSE testing - an overview openSUSE How is software within the openSUSE ecosystem tested? What kind of tests exist? Who is doing what? This talk will try to present an overview of how "testing" is done for software developed in the openSUSE ecosystem. The workflow of software contributions to the openSUSE distributions will be shown from testing perspective from upstream source code repos to feedback from users in the released products. Used tools will be mentioned, the testing approaches as well as the people involved. The relation to SLE testing will be described. As this "overview" will not be able to cover all approaches used by the community feedback by the audience in the Q&A part of the talk will be appreciated. Of course, openQA will be included but it is certainly not the only solution to be mentioned ;) Slides are available on https://okurz.github.io/osc19-testing/#/ How is software within the openSUSE ecosystem tested? What kind of tests exist? Who is doing what? This talk will try to present an overview of how "testing" is done for software developed in the openSUSE ecosystem. The workflow of software contributions to the openSUSE distributions will be shown from testing perspective from upstream source code repos to feedback from users in the released products. Used tools will be mentioned, the testing approaches as well as the people involved. The relation to SLE testing will be described. As this "overview" will not be able to cover all approaches used by the community feedback by the audience in the Q&A part of the talk will be appreciated. Of course, openQA will be included but it is certainly not the only solution to be mentioned ;) Slides are available on https://okurz.github.io/osc19-testing/#/ false Oliver Kurz 2019-05-25T18:00:00+02:00 16:00 00:45 Saal (Main Hall) Normal Talk 2507-suse-security-retrospective-for-last-year SUSE Security retrospective for last year Situation normal - all fine openSUSE Another year - another security retrospective. The talk will introduce the SUSE security team and its members, our areas of work and responsibilities. The talk will show some statistics and interesting details of last year security issues, and go in detail on some of the specific codenamed ones. A special focus will be on updated classification and overview of last years Meltdown and Spectre like CPU issues, describing them and the mitigations that SUSE has been deployed. As the SUSE security team has grown in the last year, we also increased our work in both proactive security and related areas, which the talk will briefly highlight Another year - another security retrospective. The talk will introduce the SUSE security team and its members, our areas of work and responsibilities. The talk will show some statistics and interesting details of last year security issues, and go in detail on some of the specific codenamed ones. A special focus will be on updated classification and overview of last years Meltdown and Spectre like CPU issues, describing them and the mitigations that SUSE has been deployed. As the SUSE security team has grown in the last year, we also increased our work in both proactive security and related areas, which the talk will briefly highlight false Marcus Meissner 2019-05-25T19:00:00+02:00 17:00 01:00 Saal (Main Hall) Lighting Beer Talks 2423-lighting-beer-and-wein-not-wine-talks Lighting Beer and Wein (Not Wine) Talks Open Source If there is something we like at openSUSE that is talks and beer and wine, and this time we want to combine them. We are going to to have a session with lightning talks, short talks of 5 minutes maximum each, where there is only one rule: The speaker muss always hold a beer or a glass of wine while giving the presentation. Everybody can submit a proposal. It doesn't matter if you are already an experienced openSUSE contributor or if you are just starting. We want to hear everybody! You just need an interesting and original topic related to open source or openSUSE to join the fun at the openSUSE conference. And if you don't drink alcohol, don't worry, we'll also provide beer-free beer (water ;-) ## Submitting a lightning talk If you want to give a lightning talk, please submit it by sending a mail to osc19@cboltz.de with the following information: ### My talk - title - short description - I'll have slides: [ ] yes [ ] no - I'll do a live demo etc. and need to use my own laptop: [ ] yes [ ] no ### About me - name - I'd like to drink [ ] beer [ ] wine [ ] water You can submit your lightning talk until friday (2019-05-24) evening 22:00. The notification if your lightning talk gets accepted will be sent until saturday (2019-05-25) 11:00. If your talk gets accepted and you want to use slides, please send them by mail until 16:00 so that we can use one laptop for all speakers. ### Schedule * Netiquette - Ish Sookun * Using Yubikeys to secure your systems - Jochen Hein * Open Source Education at TH Nürnberg - Sarah Julia Kriesch * YaST - What's new in Leap 15.1 - Ancor Gonzalez Sosa * An update on YaST Configuration Management - Inobach Gonzalez Sosa * Saying "no" to liberate your work - John Kawohl * and maybe yours? - I still accept submissions! If there is something we like at openSUSE that is talks and beer and wine, and this time we want to combine them. We are going to to have a session with lightning talks, short talks of 5 minutes maximum each, where there is only one rule: The speaker muss always hold a beer or a glass of wine while giving the presentation. Everybody can submit a proposal. It doesn't matter if you are already an experienced openSUSE contributor or if you are just starting. We want to hear everybody! You just need an interesting and original topic related to open source or openSUSE to join the fun at the openSUSE conference. And if you don't drink alcohol, don't worry, we'll also provide beer-free beer (water ;-) ## Submitting a lightning talk If you want to give a lightning talk, please submit it by sending a mail to osc19@cboltz.de with the following information: ### My talk - title - short description - I'll have slides: [ ] yes [ ] no - I'll do a live demo etc. and need to use my own laptop: [ ] yes [ ] no ### About me - name - I'd like to drink [ ] beer [ ] wine [ ] water You can submit your lightning talk until friday (2019-05-24) evening 22:00. The notification if your lightning talk gets accepted will be sent until saturday (2019-05-25) 11:00. If your talk gets accepted and you want to use slides, please send them by mail until 16:00 so that we can use one laptop for all speakers. ### Schedule * Netiquette - Ish Sookun * Using Yubikeys to secure your systems - Jochen Hein * Open Source Education at TH Nürnberg - Sarah Julia Kriesch * YaST - What's new in Leap 15.1 - Ancor Gonzalez Sosa * An update on YaST Configuration Management - Inobach Gonzalez Sosa * Saying "no" to liberate your work - John Kawohl * and maybe yours? - I still accept submissions! false Christian Boltz 2019-05-25T20:15:00+02:00 18:15 00:15 Saal (Main Hall) Administration 2252-conference-photo Conference Photo openSUSE Join us outside near the Beer Garden for the Conference Photo. Join us outside near the Beer Garden for the Conference Photo. false Douglas DeMaio 2019-05-25T20:30:00+02:00 18:30 00:45 Saal (Main Hall) Normal Talk 2606-a-lottery-with-amazon A Lottery with Amazon Entertainment Play a Heads and Tails Game with Amazon following the Lighting Beer Talks. The winner will receive an Amazon Echo Play a Heads and Tails Game with Amazon following the Lighting Beer Talks. The winner will receive an Amazon Echo false Douglas DeMaio 2019-05-25T12:45:00+02:00 10:45 01:30 Seminarraum 1 Short Workshop 2510-kanku-continuous-integration-the-easy-way kanku - continuous integration the easy way Kanku is a tool for developers or admins to run their software/setup in predefined images. This workshop is intended to give you the ability to setup kanku on your laptop and/or your server and learn howto create your own kanku jobs. Kanku is a tool for developers or admins to run their software/setup in predefined images. This workshop is intended to give you the ability to setup kanku on your laptop and/or your server and learn howto create your own kanku jobs. false Frank Schreiner 2019-05-25T15:00:00+02:00 13:00 01:30 Seminarraum 1 Short Workshop 2399-finding-debugging-and-fixing-reproducible-builds-issues-in-opensuse Finding, Debugging and Fixing reproducible builds issues in openSUSE get your hands dirty in this workshop openSUSE In this session, I will give a practical introduction to our tools that make it easy to find, debug and fix reproducible builds issues in openSUSE. Includes a short introduction of "Why". Includes a short tour of the various sources of non-determinism. required resources: * https://en.opensuse.org/openSUSE:Reproducible_Builds * a laptop or remote machine capable of running KVM can be useful Attendees can prepare by reading https://raw.githubusercontent.com/bmwiedemann/reproducibleopensuse/devel/howtodebug In this session, I will give a practical introduction to our tools that make it easy to find, debug and fix reproducible builds issues in openSUSE. Includes a short introduction of "Why". Includes a short tour of the various sources of non-determinism. required resources: * https://en.opensuse.org/openSUSE:Reproducible_Builds * a laptop or remote machine capable of running KVM can be useful Attendees can prepare by reading https://raw.githubusercontent.com/bmwiedemann/reproducibleopensuse/devel/howtodebug false Bernhard M. 2019-05-25T17:00:00+02:00 15:00 03:00 Seminarraum 1 Long Workshop 2438-hands-on-with-yubikeys Hands-on with YubiKeys Setting up and using YubiKeys in openSUSE Desktop and Applications YubiKeys are handy little USB tokens that allow for hardware-based cryptography, which are becoming ever more prevalent. They provide support for a great variety of cryptographic protocols and standards, and offer several modes of operations. While this makes them very versatile, it can also be somewhat confusing, especially when you are only getting in touch with them for the first time. Recently some effort has been put into packaging and updating the software stack for YubiKeys within openSUSE, so that everything (including the latest generation of YubiKeys) are supported out-of-the box. In this workshop we are going to cover some use-cases of the YubiKey and show in a hands-on fashion how we can setup a typical openSUSE installation (server and/or workstation) to make use of the YubiKey for authentication and/or encryption. The following topics / use-cases will be covered: - Generic introduction * Multifactor authentication * Explanation of different One-Time-Password (OTP) standards (Yubico OTP, HOTP, TOTP, etc.) * Some explanation of U2F / FIDO2 - Configuring YubiKeys using yubikey-manager and yubikey-manager-qt * Explanation of different slots and their usage * Using different slots for different modes / services, etc. * Setting up a customized slot for personal usage - Configuring PAM to use a YubiKey as additional factor * Explanation of PAM stack in general * Explanation of different PAM modules that are available for YubiKeys (pam_yubico, pam_u2f, etc.) * Configuring PAM stack to use YubiKey as additional factor (2FA) - Using the YubiKey as GPG smartcard * Explanation of GPG smartcard in general * Using YubiKey for signatures and encryption/decryption * Using gpg as ssh-agent for hardware-based SSH authentication (with remote servers, etc.) Depending on time and interest the following topic(s) will also be covered: - Using the YubiKey as PIV card * Explanation about PIV terminology (slots, PKCS#11, X509, etc.) * Setting up the YubiKey as PIV smart card - Using the YubiKey as additional factor in various applications, e.g. OpenVPN, etc. For this talk basic Linux knowledge will be required. You don't need to be a full-time Linux admin, but you should be able to install software packages and edit files on the command line. If you want to follow along with your own hardware, you will need a Laptop (pre-installed with Leap 15.0 or Tumbleweed) and at least one YubiKey. Everything else will be shown and explained during the workshop. YubiKeys are handy little USB tokens that allow for hardware-based cryptography, which are becoming ever more prevalent. They provide support for a great variety of cryptographic protocols and standards, and offer several modes of operations. While this makes them very versatile, it can also be somewhat confusing, especially when you are only getting in touch with them for the first time. Recently some effort has been put into packaging and updating the software stack for YubiKeys within openSUSE, so that everything (including the latest generation of YubiKeys) are supported out-of-the box. In this workshop we are going to cover some use-cases of the YubiKey and show in a hands-on fashion how we can setup a typical openSUSE installation (server and/or workstation) to make use of the YubiKey for authentication and/or encryption. The following topics / use-cases will be covered: - Generic introduction * Multifactor authentication * Explanation of different One-Time-Password (OTP) standards (Yubico OTP, HOTP, TOTP, etc.) * Some explanation of U2F / FIDO2 - Configuring YubiKeys using yubikey-manager and yubikey-manager-qt * Explanation of different slots and their usage * Using different slots for different modes / services, etc. * Setting up a customized slot for personal usage - Configuring PAM to use a YubiKey as additional factor * Explanation of PAM stack in general * Explanation of different PAM modules that are available for YubiKeys (pam_yubico, pam_u2f, etc.) * Configuring PAM stack to use YubiKey as additional factor (2FA) - Using the YubiKey as GPG smartcard * Explanation of GPG smartcard in general * Using YubiKey for signatures and encryption/decryption * Using gpg as ssh-agent for hardware-based SSH authentication (with remote servers, etc.) Depending on time and interest the following topic(s) will also be covered: - Using the YubiKey as PIV card * Explanation about PIV terminology (slots, PKCS#11, X509, etc.) * Setting up the YubiKey as PIV smart card - Using the YubiKey as additional factor in various applications, e.g. OpenVPN, etc. For this talk basic Linux knowledge will be required. You don't need to be a full-time Linux admin, but you should be able to install software packages and edit files on the command line. If you want to follow along with your own hardware, you will need a Laptop (pre-installed with Leap 15.0 or Tumbleweed) and at least one YubiKey. Everything else will be shown and explained during the workshop. false Karol Babioch 2019-05-25T12:45:00+02:00 10:45 01:30 Seminarraum 2 Short Workshop 2483-improving-opensuse-s-software-portal Improving openSUSE's software portal openSUSE openSUSE's software portal at https://software.opensuse.org is the go-to place to download the openSUSE distributions or to discover new software. It is connected to our powerful Build Service (https://build.opensuse.org), giving users the ability to easily search for packages, even if they are not part of the official repositories. In this workshop we will work together on improving the software portal, from gathering ideas to implement new features. Anyone is welcome to join, basic knowledge of Ruby on Rails, HTML, CSS (especially Bootstrap) is appreciated but not strictly necessary. openSUSE's software portal at https://software.opensuse.org is the go-to place to download the openSUSE distributions or to discover new software. It is connected to our powerful Build Service (https://build.opensuse.org), giving users the ability to easily search for packages, even if they are not part of the official repositories. In this workshop we will work together on improving the software portal, from gathering ideas to implement new features. Anyone is welcome to join, basic knowledge of Ruby on Rails, HTML, CSS (especially Bootstrap) is appreciated but not strictly necessary. false Alexander Graul 2019-05-25T15:00:00+02:00 13:00 03:00 Seminarraum 2 Long Workshop 2540-from-source-to-the-package From source to the package all with the power of the command line Open Source This will be a technical workshop on how you can get a rpm package out of some source code. And all this with the osc (opensuse-commander) command line tool. This will include the basic topics: - using a source tarball - getting the source from a VCS system - writing a basic spec file - make some local checks to see if everything is alright - upload the package to the Open Build Service - get it into Factory And all this with the osc (opensuse-commander) command line tool. After this tutorial you will be able to create a package in the Open Build Service and install it on your system. This will also cover some advanced topics like: - using constraints to get more power - build process investigation - writing proper changelog messages - building containers - Github triggers This will be a technical workshop on how you can get a rpm package out of some source code. And all this with the osc (opensuse-commander) command line tool. This will include the basic topics: - using a source tarball - getting the source from a VCS system - writing a basic spec file - make some local checks to see if everything is alright - upload the package to the Open Build Service - get it into Factory And all this with the osc (opensuse-commander) command line tool. After this tutorial you will be able to create a package in the Open Build Service and install it on your system. This will also cover some advanced topics like: - using constraints to get more power - build process investigation - writing proper changelog messages - building containers - Github triggers false Marco Strigl 2019-05-25T18:00:00+02:00 16:00 01:30 Seminarraum 2 Short Workshop 2567-suse-developer-program-for-data-scientist SUSE DEVELOPER PROGRAM FOR DATA SCIENTIST Open Source IN THIS WORKSHOP YOU WILL LEARN HOW TO BUILD A CONTAINER BASED ON OPENSUSE-LEAP GPU ENABLED TO INSTALL AND RUN MACHINE LEARNING FRAMEWORKS LEVERAGING JUPITER NOTEBOOKS. IN THIS WORKSHOP YOU WILL LEARN HOW TO BUILD A CONTAINER BASED ON OPENSUSE-LEAP GPU ENABLED TO INSTALL AND RUN MACHINE LEARNING FRAMEWORKS LEVERAGING JUPITER NOTEBOOKS. false Marco Varlese Alessandro Festa 2019-05-25T13:00:00+02:00 11:00 00:45 Galerie Normal Talk 2516-integrating-kiwi-into-your-application-stack-our-use-case Integrating Kiwi into your application stack - our use case. How - and why - we built Kiwi into our application stack Embedded Systems Our business was somewhat dependent on Suse Studio's REST API to build customised VM images for part of our application solution.With the shuttering of that service we were left with no clear way to build these images. With the 'Next Generation' releases of Kiwi - now rewritten in Python, however, we have been able to integrate it into the our customer on-boarding process - based on a Django workflow - so that our customers receive the latest stable build of the VM every time. This enables our customers to get up to speed faster using our solution. This talk will explain our methodology and our reasoning that we followed to achieve our goal. Our business was somewhat dependent on Suse Studio's REST API to build customised VM images for part of our application solution.With the shuttering of that service we were left with no clear way to build these images. With the 'Next Generation' releases of Kiwi - now rewritten in Python, however, we have been able to integrate it into the our customer on-boarding process - based on a Django workflow - so that our customers receive the latest stable build of the VM every time. This enables our customers to get up to speed faster using our solution. This talk will explain our methodology and our reasoning that we followed to achieve our goal. false Patrick Fitzgerald 2019-05-25T15:00:00+02:00 13:00 00:45 Galerie Normal Talk 2390-iot-programming-with-opensuse IoT programming with openSUSE . Small networked devices, commonly named Internet of Things (IoT), lead the next revolution in information technology. This talk will present the software and tools available on openSUSE to participate in this revolution. We will especially look at the 'Arduino' IDE to program Arduino, ESP8266, Wemos, ESP32, and similar devices. Small networked devices, commonly named Internet of Things (IoT), lead the next revolution in information technology. This talk will present the software and tools available on openSUSE to participate in this revolution. We will especially look at the 'Arduino' IDE to program Arduino, ESP8266, Wemos, ESP32, and similar devices. false Klaus Kämpf 2019-05-25T16:00:00+02:00 14:00 00:45 Galerie Normal Talk 2450-open-source-firmware Open Source Firmware ... and I finally had my personal bootsplash screen :) Open Source Firmware is found in all computing devices, including PCs, laptops, networking equipment, printers, embedded devices such as IoT and industrial controllers, mobile phones, tablets, and more. The community around open source firmware has grown over the last years, allowing for more exchange in the development and granting freedom to end users. Prominent projects like U-Boot, Tianocore, coreboot and others teach how firmware works and welcome contributions. This talk provides a brief introduction into firmware, an overview of the general build process, a perception of the current state of development on two platforms, an end user report, and a summary of the first Open Source Firmware Conference, which was supported by the openSUSE project. Firmware is found in all computing devices, including PCs, laptops, networking equipment, printers, embedded devices such as IoT and industrial controllers, mobile phones, tablets, and more. The community around open source firmware has grown over the last years, allowing for more exchange in the development and granting freedom to end users. Prominent projects like U-Boot, Tianocore, coreboot and others teach how firmware works and welcome contributions. This talk provides a brief introduction into firmware, an overview of the general build process, a perception of the current state of development on two platforms, an end user report, and a summary of the first Open Source Firmware Conference, which was supported by the openSUSE project. false Daniel Maslowski 2019-05-25T17:00:00+02:00 15:00 00:45 Galerie Normal Talk 2357-installing-opensuse-only-with-saltstack Installing openSUSE only with SaltStack Using Salt as an alternative to AutoYaST openSUSE When we want to install openSUSE in out laptop we will use YaST. It will take care of all the details required for a correct partitioning, bootloader installation, time zone selection, network configuration, software selection, etc, etc. But when we want to install 100 nodes in our cloud, each one with a different hardware profile and a different role in our infrastructure, we need something different. AutoYaST can help with this, but there are some limitations, as we need to provide XMLs adjusted for those hardware profiles and roles, and we need a different tool to orchestrate those multiple installations. Can be done, but we can do better. SaltStack is a tool used to manage configuration and provisioning of machines, and we propose use this tool to drive the installation of openSUSE for big deployments. I want to show a WIP installer based on Salt, that can be naturally integrated in any other Salt-based solution, and I would like to talk about the ways that we can improve it in the future. When we want to install openSUSE in out laptop we will use YaST. It will take care of all the details required for a correct partitioning, bootloader installation, time zone selection, network configuration, software selection, etc, etc. But when we want to install 100 nodes in our cloud, each one with a different hardware profile and a different role in our infrastructure, we need something different. AutoYaST can help with this, but there are some limitations, as we need to provide XMLs adjusted for those hardware profiles and roles, and we need a different tool to orchestrate those multiple installations. Can be done, but we can do better. SaltStack is a tool used to manage configuration and provisioning of machines, and we propose use this tool to drive the installation of openSUSE for big deployments. I want to show a WIP installer based on Salt, that can be naturally integrated in any other Salt-based solution, and I would like to talk about the ways that we can improve it in the future. false Alberto Planas 2019-05-25T18:00:00+02:00 16:00 00:45 Galerie Normal Talk 2519-open-build-service-obs-development-has-increased-exponentially Open Build Service (OBS) development has increased exponentially OBS Team will briefly explain the evolution of the OBS in the last year, and also some of the impressive features that have been included recently. We will introduce the advances of OBS, not only the Frontend but also those related with the Backend and OSC (command line tool). We will also give some hints about the upcoming features we have in mind for the future of OBS. Sounds interesting, right? Don't miss this talk and take advantage of knowing all the improvements that can make your work easier using OBS. OBS Team will briefly explain the evolution of the OBS in the last year, and also some of the impressive features that have been included recently. We will introduce the advances of OBS, not only the Frontend but also those related with the Backend and OSC (command line tool). We will also give some hints about the upcoming features we have in mind for the future of OBS. Sounds interesting, right? Don't miss this talk and take advantage of knowing all the improvements that can make your work easier using OBS. false David Kang 2019-05-26T11:30:00+02:00 09:30 00:30 Saal (Main Hall) Registration 2264-day-3-registration-booth Day 3 Registration Booth openSUSE Pick up your badge and swag at the registration booth. Pick up your badge and swag at the registration booth. false Douglas DeMaio 2019-05-26T12:00:00+02:00 10:00 00:30 Saal (Main Hall) Short Talk 2372-atomic-updates-and-etc Atomic Updates - and /etc? How to handle updates of config files in /etc openSUSE The great thing on atomic updates as used e.g. with transactional-update is, that your system is always in a defined state. But what happens with changes in /etc? With normal updates, changes are done immediately to /etc during the updates. With atomic updates, they are only visible with the next reboot. Which means, changes between update and reboot to /etc can create a conflict. There are several strategies by other distributions, like three-way-diff and patching, symlinks, ignoring the problem, etc. In this talk I will mention the biggest challenges we see, which solutions do exist, what are the advantages and what the disadvantages and which impact this will have on normal distributions like openSUSE Tumbleweed. This talk is to create awareness for the problem and as base for discussions, it will not provide a solution for every problem. It's targeting application developers and distribution developers, as this are the areas were changes would be necessary. The great thing on atomic updates as used e.g. with transactional-update is, that your system is always in a defined state. But what happens with changes in /etc? With normal updates, changes are done immediately to /etc during the updates. With atomic updates, they are only visible with the next reboot. Which means, changes between update and reboot to /etc can create a conflict. There are several strategies by other distributions, like three-way-diff and patching, symlinks, ignoring the problem, etc. In this talk I will mention the biggest challenges we see, which solutions do exist, what are the advantages and what the disadvantages and which impact this will have on normal distributions like openSUSE Tumbleweed. This talk is to create awareness for the problem and as base for discussions, it will not provide a solution for every problem. It's targeting application developers and distribution developers, as this are the areas were changes would be necessary. false Thorsten Kukuk 2019-05-26T13:00:00+02:00 11:00 00:45 Saal (Main Hall) Normal Talk 2237-state-of-ceph State of Ceph What's new in Nautilus and what's coming next? Open Source What's new in Nautilus and what's coming next? This talk focuses on the new features and implementations of Ceph Nautilus and also includes an outlook about what's planned and coming next. If you want to learn what's new in Nautilus and also learn about new features within Ceph, this is the right talk for you. What's new in Nautilus and what's coming next? This talk focuses on the new features and implementations of Ceph Nautilus and also includes an outlook about what's planned and coming next. If you want to learn what's new in Nautilus and also learn about new features within Ceph, this is the right talk for you. false Kai Wagner 2019-05-26T13:45:00+02:00 11:45 00:15 Saal (Main Hall) Lighting Talk 2219-what-can-you-do-with-a-self-hosted-alternative-to-office365-google-apps-and-others What can you do with a self-hosted alternative to Office365, Google Apps and others A small selection of the nearly 200 apps for Nextcloud Desktop and Applications Nextcloud is by far the easiest way to get a complete, 100% open source, fully self-hosted solution that can replace Office 365 or Google Apps. From file sync and collaborative document editing to chat & video calls, mail, calendar and password management, you can do almost anything with the apps on our expansive app store. In this lightning talk I'll quickly present #nextcloud and what it can do for you! One example: create a document, share it with your team, discuss it in the comments, add it to a video chat session & edit it together during a call. And did you know you can create a poll with Nextcloud? That there's a Kanban app? GPX tracker? Sensor logger? Radio player? Join the talk to hear more! Nextcloud is by far the easiest way to get a complete, 100% open source, fully self-hosted solution that can replace Office 365 or Google Apps. From file sync and collaborative document editing to chat & video calls, mail, calendar and password management, you can do almost anything with the apps on our expansive app store. In this lightning talk I'll quickly present #nextcloud and what it can do for you! One example: create a document, share it with your team, discuss it in the comments, add it to a video chat session & edit it together during a call. And did you know you can create a poll with Nextcloud? That there's a Kanban app? GPX tracker? Sensor logger? Radio player? Join the talk to hear more! false FrankKarlitschek 2019-05-26T15:00:00+02:00 13:00 00:45 Saal (Main Hall) Normal Talk 2378-annual-discussion-with-opensuse-board Annual Discussion with openSUSE Board openSUSE The openSUSE Board will present the outcome of their last F2F meeting, where they started driving its collective agenda for the next year. After that, everybody is welcome to ask questions, give feedback, make suggestions and present ideas. The openSUSE Board will present the outcome of their last F2F meeting, where they started driving its collective agenda for the next year. After that, everybody is welcome to ask questions, give feedback, make suggestions and present ideas. false Douglas DeMaio 2019-05-26T16:00:00+02:00 14:00 00:45 Saal (Main Hall) Normal Talk 2282-business-applications-as-free-software-demystifying-fud Business Applications as Free Software - Demystifying FUD You should not believe everything that Big Money tells you..... Open Source Everyone knows that Free Software such as Linux, Apache or PostgreSQL are the backbone of many data centers (DC) and cloud offerings. The Internet as we know it today would not exist without Free & OpenSource Software (FOSS) But the more Free Software leaves the DC and gets closer to the 'Enduser', the more myth are build around FOSS. Linux on a Desktop? GIMP Instead of Photoshop? Running your business on a Free ERP-System? Fear, Uncertainty and Doubts (FUD) are spread to protect market share for proprietary solutions. In this talk I will take a look at some FUD, and share some thoughts about answers to the myths. Everyone knows that Free Software such as Linux, Apache or PostgreSQL are the backbone of many data centers (DC) and cloud offerings. The Internet as we know it today would not exist without Free & OpenSource Software (FOSS) But the more Free Software leaves the DC and gets closer to the 'Enduser', the more myth are build around FOSS. Linux on a Desktop? GIMP Instead of Photoshop? Running your business on a Free ERP-System? Fear, Uncertainty and Doubts (FUD) are spread to protect market share for proprietary solutions. In this talk I will take a look at some FUD, and share some thoughts about answers to the myths. false Axel Braun 2019-05-26T16:45:00+02:00 14:45 00:45 Saal (Main Hall) Normal Talk 2525-identity-in-openstack-the-challenge-of-multitenancy Identity in OpenStack: the Challenge of Multitenancy Cloud and Containers Keystone is the OpenStack component responsible for identity management and user authentication and authorization, which has unique challenges in cloud-like environments where secure sharing of resources is an essential requirement and yet is fundamental to the core idea of collaborative computing. This introductory talk will give an overview of the keystone project, including: * The many ways users and applications can securely authenticate with keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos * The implications for authorization in a multitenant environment and how role-based access control is designed in keystone * How keystone relates to projects outside of the OpenStack ecosystem such as Kubernetes Keystone is the OpenStack component responsible for identity management and user authentication and authorization, which has unique challenges in cloud-like environments where secure sharing of resources is an essential requirement and yet is fundamental to the core idea of collaborative computing. This introductory talk will give an overview of the keystone project, including: * The many ways users and applications can securely authenticate with keystone, including SAML2.0, OpenID Connect, X.509 and Kerberos * The implications for authorization in a multitenant environment and how role-based access control is designed in keystone * How keystone relates to projects outside of the OpenStack ecosystem such as Kubernetes false Colleen Murphy 2019-05-26T12:00:00+02:00 10:00 00:30 Galerie Short Talk 2489-rust-packaging-cross-distro-collaboration-done-right Rust packaging: Cross-distro collaboration done right Yes, distros can work together! openSUSE When you are looking on the distribution and how they package things, they do it in so much different way. Even between RPM-based distributions, there are different macro, different package names and so on. People inside distributions tend to just write something what suit their needs and start using it. With Rust we've taken different approach: we've designed prototype in Fedora and then before officially using it, showed to other people (openSUSE, Mageia, Debian), asked for feedback, worked with them to suit their needs and only after that went and started using it in Fedora. It didn't work out fully with Debian because the ecosystem is too different, but even there we've made agreement on the filesystem paths and basic principles. When you are looking on the distribution and how they package things, they do it in so much different way. Even between RPM-based distributions, there are different macro, different package names and so on. People inside distributions tend to just write something what suit their needs and start using it. With Rust we've taken different approach: we've designed prototype in Fedora and then before officially using it, showed to other people (openSUSE, Mageia, Debian), asked for feedback, worked with them to suit their needs and only after that went and started using it in Fedora. It didn't work out fully with Debian because the ecosystem is too different, but even there we've made agreement on the filesystem paths and basic principles. false Igor Raits 2019-05-26T13:00:00+02:00 11:00 00:45 Galerie Normal Talk 2336-opensuse-artwork-branding-ui-and-ux openSUSE Artwork, Branding, UI and UX What's wrong and what could be better openSUSE openSUSE's brand image and software have been evolving for a long time, and in that time a lot of stuff was defined. There is YaST, there is geeko, both are industry standard, both function as a way to differentiate the distribution. However not everything that is openSUSE is great, in many cases, there are some serious omissions in terms of how openSUSE is sold through the eyes of potential users. This talk would function as a way to highlight some of the issues that will require further development in upcoming years, to support future devices, use cases for the distribution, ease of use, as well what we should improve in terms of presentation of the brand itself. openSUSE's brand image and software have been evolving for a long time, and in that time a lot of stuff was defined. There is YaST, there is geeko, both are industry standard, both function as a way to differentiate the distribution. However not everything that is openSUSE is great, in many cases, there are some serious omissions in terms of how openSUSE is sold through the eyes of potential users. This talk would function as a way to highlight some of the issues that will require further development in upcoming years, to support future devices, use cases for the distribution, ease of use, as well what we should improve in terms of presentation of the brand itself. false Jacob Michalskie 2019-05-26T13:45:00+02:00 11:45 00:15 Galerie Lighting Talk 2405-the-art-of-advocacy-with-linux The Art of Advocacy with Linux Advocacy tricks Open Source Through this Lighting Talk I'd like to share some thoughts on the importance of Advocacy for the use of Linux distributions by various actors, starting with students or home users, to continue with Universities, Public Institutions and Governments. Educating the new generation to use Linux is something that should be seen of high importance. As there is a lot of progress done today with different Linux distros being massively used, a lot of improvements made in terms of the interface, security etc more efforts can be put in Advocacy. If today, as experienced users of Free Software, we understand our potential in getting more people to use Linux and we invest a little bit of our time in advocating it, we will definitely bring new users, some of which will definitely become new contributors. Awareness of Linux, and FOSS is spread largely by word of mouth, using grass roots movements and social media. You can teach others how to use it, run a workshop in a school, teach a student how to install Linux, show different environments and tools. Another step, which requires more efforts and planning, can be to bring Linux in the Government as well. This is something we cannot do alone, but you can try to support organizations and communities who do a lot of work in this direction. We keep hearing on migrations to various FLOSS projects by different governments, yours can be the next one, and you can be part of that great change. Through this Lighting Talk I'd like to share some thoughts on the importance of Advocacy for the use of Linux distributions by various actors, starting with students or home users, to continue with Universities, Public Institutions and Governments. Educating the new generation to use Linux is something that should be seen of high importance. As there is a lot of progress done today with different Linux distros being massively used, a lot of improvements made in terms of the interface, security etc more efforts can be put in Advocacy. If today, as experienced users of Free Software, we understand our potential in getting more people to use Linux and we invest a little bit of our time in advocating it, we will definitely bring new users, some of which will definitely become new contributors. Awareness of Linux, and FOSS is spread largely by word of mouth, using grass roots movements and social media. You can teach others how to use it, run a workshop in a school, teach a student how to install Linux, show different environments and tools. Another step, which requires more efforts and planning, can be to bring Linux in the Government as well. This is something we cannot do alone, but you can try to support organizations and communities who do a lot of work in this direction. We keep hearing on migrations to various FLOSS projects by different governments, yours can be the next one, and you can be part of that great change. false Redon Skikuli 2019-05-26T16:00:00+02:00 14:00 00:45 Galerie Normal Talk 2240-ae-dir-authorized-entitites-directory Æ-DIR -- Authorized Entitites Directory Identity and Access Management with OpenLDAP Open Source This talk will present a concept and real-world implementation of an identity and access management system (IAM) purely based on OpenLDAP. The main goal of Æ-DIR (besides challenging Unicode handling in various software with its name) is to follow the delegation, need-to-know and least-privilege principles as strictly as possible. The visibility of user, group, sudoers, etc. is limited by OpenLDAP’s set-based ACLs. All systems and services, no exception(!), have to individually authenticate to be authorized to access Æ-DIR. The talk will give some additional information about the secure base configuration of OpenLDAP and a special NSS/PAM caching demon developed for lower resource usage. This talk will present a concept and real-world implementation of an identity and access management system (IAM) purely based on OpenLDAP. The main goal of Æ-DIR (besides challenging Unicode handling in various software with its name) is to follow the delegation, need-to-know and least-privilege principles as strictly as possible. The visibility of user, group, sudoers, etc. is limited by OpenLDAP’s set-based ACLs. All systems and services, no exception(!), have to individually authenticate to be authorized to access Æ-DIR. The talk will give some additional information about the secure base configuration of OpenLDAP and a special NSS/PAM caching demon developed for lower resource usage. false stroeder