Watching #heartbleed (aka CVE-2014-0160) fly by in my twitter stream this week, I keep wishing we could all just pause time for a couple of weeks and properly reflect on all the angles here.

Some of the things I’d love to have more time to dig into:

OpenStack, Meritocracy and Diversity

These days, any time I reach for the word “meritocracy” when I want to explain something about OpenStack’s technical community and its governance, I give pause.

Clearly, in some circles, the concept of “meritocracy” has been seriously discredited and represents a system whereby elites perpetuate their power by tilting the rules in favour of themselves.

I’m not much of a political thinker and my understanding of internal American politics is pretty limited (think watching The West Wing and vaguely following the spectacle of a presidential election) so the first time I really encountered the term was in the context of the GNOME project. From the GNOME Foundation Charter:

GNOME is a Meritocracy

A corporation, organization or individual should not be granted a place in the foundation unless its presence is justified by the merits of its contribution. Money cannot buy influence in the GNOME project: show us the code (or documentation, or translations, or leadership, or webmastering…).

and, subsequently, other projects like the ASF. From How The ASF Works:

When the group felt that the person had “earned” the merit to be part of the development community, they granted direct access to the code repository, thus increasing the group and increasing the ability of the group to develop the program, and to maintain and develop it more effectively.

We call this basic principle “meritocracy”: literally, government by merit.

What is interesting to note is that the process scaled very well without creating friction, because unlike in other situations where power is a scarce and conservative resource, in the apache group newcomers were seen as volunteers that wanted to help, rather than people that wanted to steal a position.

Being no conservative resource at stake (money, energy, time), the group was happy to have new people coming in and help, they were only filtering the people that they believed committed enough for the task and matched the human attitudes required to work well with others, especially in disagreement.

To me, the “power” we’re talking about here is the ability, permission or empowerment to get stuff done which advances the project. In some projects that means commit access, but ultimately it means building up the respect and trust of the other contributors to the project such that you can more easily influence and drive the direction of the project. You achieve that “power” by getting useful stuff done (defined broadly – code, documentation, translations, leadership, marketing, advocacy, etc.) and all it grants you is the ability to get more useful stuff done. In a healthy project, we want to give that power to more and more people rather than concentrating it in a small elite.

This is what we mean when we say “OpenStack is a technical meritocracy”. I hate to think of those well-meaning principles of project governance being sullied by “meritocracy” being used to explain away the social inequities in U.S. politics. I also don’t like to think of us seeing these principles as some sort of platonic ideal that don’t require us to constantly evaluate how we empower people to help advance OpenStack.

One hint that all is not perfect is the level of diversity within the project. Yes, we have diversity of opinions and a diversity of sponsoring organizations, but we don’t have an impressive level of gender, race or cultural geography.

My good friend from GNOME days, Daniel Veillard, asked this question of the Technical Committee in Hong Kong:

We are in China. There is no Asian on the podium. What can you do to actually try to improve the situation?

Yes, we have a meritocracy and anyone can advance to leadership positions within the project, but we need to recognize that there are extremely difficult language and cultural hurdles in front of many.

An example of these barriers is how we often conduct our Design Summit sessions. Quite regularly – especially when you get a large number of the more established contributors in the room together, folks who are good friends who understand each other well – the discussion can often devolve into a punchy flow of casual in-joke ridden sound-bites. I’m as much to blame for that as anyone, but sometimes I think back and shudder at how hard it must be for someone outside of the “in group” to join that discussion.

I’ve seen a number of examples where a new non-native English speaker has paired with an existing contributor to lead a design summit session about their work. What can work really well is that the existing contributor can help to engage the attendees, slow down the conversation and ensure the new contributor understands the feedback being given … without attempting to take credit for the work of the new contributor. This is just one technique we could use to empower new contributors.

Anyway, in summary – I think OpenStack’s “meritocracy” is a well-meaning model for empowering contributors (and celebrating their contributions) but we should all be on the lookout for ways that we can make a special effort to empower contributors from groups which are not already well represented in the leadership of the project.

Git Rebasing (cont.)

As I said already, git’s interactive rebase tool is seriously useful for preparing a nice, cleanly split up series of patches. And, despite some people’s dire warnings, there’s no reason not to share an in-progress patch series using git so long as you take care to warn others against relying on your tree not rebasing.

Why would a patch series not be complete? One reason might be that a patch introduces a regression. As they say, you often have to break some eggs to make an omelette but, if you value the power of git’s bisection tool, you’ll want each individual patch to be regression free.

Okay, say you’re porting an application from one database framework to another. You might do a bunch of hacking to demonstrate the concept and then send that work out for comment. Only at this point will you go about figuring out polishing the work off and, finally, cleaning the changes up into a nice patch series.

This approach implies that the work will only stop rebasing quite late in the day. Which leaves a problem – how can you possibly collaborate with others if your tree is rebasing? How can you take patches to fix regressions? How can others help you clean up the series?

Here’s one suggestion, based on an approach Stephen Tweedie came up with when we were working together on a series of patches:

  1. Say your branch is called fluffy-piglet. You’ve pushed it out and asked for comments. Don’t rebase this branch again.
  2. Create another branch called fluffy-piglet-rebasing, basing it initially on fluffy-piglet.
  3. Tag both branches with e.g. a -v1 suffix, check that the trees in both tags are identical:
    $> git diff fluffy-piglet fluffy-piglet-rebasing
    $> git show -s --format='%t' fluffy-piglet fluffy-piglet-rebasing
  4. Push the rebasing branch and the v1 tags to your repo.
  5. If you wish to rebase and do some cleanup work on the patches, do so and tag and push the result to the fluffy-piglet-rebasing branch in your repo as in (3) and (4), but using a new suffix.
  6. If you receive some patches, pull them into your fluffy-piglet branch, tag the result and rebase the patches onto the rebasing branch e.g.
    $> git tag fluffy-piglet-v3
    $> git rebase --onto fluffy-piglet-rebasing-v2 fluffy-piglet-v2
    $> git tag fluffy-piglet-rebasing-v3
  7. If you wish to rebase unto latest upstream, you could first enable git’s “reuse recorded resolution” feature:
    $> git config --global rerere.enabled true

    Then you rebase the rebasing branch:

    $> git checkout fluffy-piglet-rebasing
    $> git rebase upstream/master
    $> git tag fluffy-piglet-rebasing-v4

    And then, you merge upstream into the non-rebasing branch:

    $> git checkout fluffy-piglet
    $> git merge upstream/master
    $> git tag fluffy-piglet-v4

    As in (3), you should be able to verify that the two resulting trees are identical.

    If any conflicts needed to be resolved during rebasing, there’s a good chance that having rerere enabled will mean the conflict will be automatically resolved when merging.

  8. Finally, if anyone wants to help you with any of the series cleanup work, just ‘pass the baton’. You basically say, ‘No more rebasing from me after v4, go ahed’ and the other person can work away on the rebasing branch until they are ready to pass control back again.

This certainly isn’t a straightforward workflow, but it gives you:

  • The ability to work with others since folks have a non-rebasing branch to work against
  • The ability to clean up a series using rebase while still having confidence that nothing is being screwed up because you have the pair of tags with identical tree contents
  • The ability to allow others to help clean up the series too

The fact that this workflow is so awkward has its advantages too – it encourages you to clean up the series early and stop rebasing it. This is not a workflow you’d like to use for an extended period of time.

Git Rebasing

For me, ‘git rebase -i’ is perhaps git’s killer feature. I’m a big fan of small, self-contained commits both for ease of patch review and for the sake of useful commit history later. I used to do this on CVS using quilt but git takes a huge amount of the pain out of it.

Ever since I discovered the feature a few years ago, I’ve also been vaguely aware of kernel developers advice to people on rebase … often simplified to OMG no. Never rebase..

When pushed to elaborate, I guess most would say:

Once you share a commit with someone, never rebase it. They may base their work on your commit and by rebasing it, you’re screwing everything up.

One memorable comment from Linus on the subject was “Have the f*cking back-bone to be able to stand behind what you did!”.

In context, this all makes sense. If a kernel developer sends a pull request and it gets merged into one tree, then rebases and that gets merged into another tree and both get merged into Linus’s tree … then yes, you have a bit of a disaster on your hands.

However, I think the rules above are too simplistic for most git newbies. Such newbies are unlikely to see their trees pulled into the whirling vortex of kernel trees so there’s no need to terrify them about using rebase.

My advice is:

  1. If you’re learning git, take the time to understand the rebase command and, especially, the interactive option.
  2. If you’re working on a series of patches, it’s perfectly fine for you to share that series with others even if it’s not finished. That means later rebasing a commit you’ve shared with others.
  3. If you’re worried people might base their work on a commit you plan to rebase later, then you warn people by putting e.g. “v1”, “rebases” or “rebasing” in the repository or branch name.
  4. If someone does base their work on a commit you have rebased, then point them at the Recovering From Upstream Rebase part of git-rebase(1). It’s really not the end of the world, especially in the simpler cases.

Our Bizarre Posting Conventions

I’ve been around open source mailing lists for so long now that I tend to forget that our conventions around sending plain text emails, quoting replies, threading, etc. aren’t necessarily obvious to everyone out there.

That’s especially true for some of the folks working on RHEV-M, many of whom have come from a Windows development background. I eventually realized that saying “just do what everyone else does” wasn’t really good enough and spent some time documenting what all those little conventions are.

I’ve posted some guidelines to the rhevm-api wiki. What am I missing?

Error Handling

I came across a fairly typical error handling mistake today and thought I’d share it.

The code was something like this:

class Factory {
    static Foo getFoo() {
        try {
            // load a .properties file, read a key from it
            return new Foo(propValue);
        } catch (Exception ex) {
            log.error("Failed to find key in properties file: " + ex.toString());
            return null;

and the caller did e.g.


The thing to note here is that the caller is assuming that getFoo() method never returns null.

That’s probably a good assumption on the part of the caller. The factory method should always succeed unless there is a programmer error (e.g. the key does not exist in the .properties file) or a system error (e.g. an I/O error accessing the file). Neither of which the caller should be expected to handle gracefully. That’s what exceptions are for!

In the event of an error, we’d get a NullPointerException from the caller site and an error printed to the logfile. If, for example, you are running this code in a debugger, you’ll be looking at a NullPointerException with no clue as to what caused the exception.

The moral of the story here is to think clearly about when errors should be handled gracefully and when you should just let exceptions be passed back up the stack.

In the end, I added a new exception type:

class FactoryException extends RuntimeException {
    private static final String ERROR_MSG = "Failed to lookup key {0} in file {1}";

    private String propsFile;
    private String propsKey;

    FactoryException(String propsFile, String key, Throwable cause) {
        super(MessageFormat.format(ERROR_MSG, propsFile, key), cause);
        this.propsFile = propsFile;
        this.propsKey = propsKey;

    String getPropsFile() {
        return propsFile;

    String getPropsKey() {
        return propsKey;

and then re-factored the original code:

class Factory {
    static Foo getFoo() {
        try {
            // load a .properties file, read a key from it
            return new Foo(propValue);
        } catch (Exception ex) {
            throw new FactoryException(propsFile, propsKey, ex);

so now if there is an error, rather than getting a fairly useless NullPointerException you get:

FactoryException: Failed to lookup key foo in file bar.properties
Caused by: java.io.FileNotFoundException: ...

If Knowledge is Power …

If knowledge is power, then sharing your knowledge empowers others.


Illumination by Mr. Skinner

In the open-source world, each of us endeavours to strengthen the communities to which we contribute. There is no better way to strengthen a community than empowering your fellow contributors with your knowledge.

There are no excuses in the open-source world for not sharing your knowledge. Our tools and processes are designed to make this happen naturally.

Having discussions on a mailing list allows other contributors to benefit from the information being shared in the discussion. It also ensures that information is archived for future contributors.

Detailed commit messages ensures that current and future developers can fully understand your reasoning for a given change. Pushing your in-progress work to a public branch allows others to take the work on and finish it, even if you don’t have time.

Thinking out loud in bugzilla means that even if your work is not complete on the problem, others can run with your initial ideas or analysis.

Using a public wiki for note taking and giving others access to your jumbled up thoughts, ideas, hints and tips is a great way to open your brain to the world.

A nice side-effect of all this is that if your knowledge is shared openly and archived, you don’t need to have such a good memory! 🙂


RISE UP & SHARE by alyceobvious

In other contexts, it might be good practice to jealously guard your knowledge. If you’re the guy that everyone has to come to because you’re the one guy who knows how to do something, that’s good for your job security, right? Surely, if you share your knowledge freely, that means anyone can do your job?

This is the exact opposite to what should motivate you as you contribute to a community. You absolutely do want to make it possible for others to come along and kick your ass. If somebody appears out of nowhere and starts doing your job better than you could ever have done, then that is an absolutely awesome outcome!


Today, Eoghan Glynn and I announced the first milestone release of a REST API for Red Hat Enterprise Virtualization Manager.

The only current API for RHEV-M is a Windows Powershell plugin which provides a perfectly fine scripting interface for RHEV-M on Windows, but isn’t so easy to call remotely or to integrate with another application. By adding a REST API, we’re adding an integration interface which we hope everyone will find convenient to use.

If you have a 2.2 installation of RHEV-M, it’s a quick and painless process to download our distribution, deploy the WAR to an Java EE application server (e.g. JBoss EAP or AS) and play around with our Apache Felix Karaf based shell. You can also read the API reference guide and jump on our mailing list to give us feedback.

RHEV-M isn’t yet an open-source project, so we’ve had to put a lot of effort into making it possible to develop this REST API in the open. We’ve concentrated our initial efforts on API design and building a prototype implementation of the API on top of the Powershell interface in 2.2. However, in time for the next release of RHEV-M, our plan is to add a compatible implementation of the API directly to the RHEV-M backend. At that time, the API will be a fully supported part of the product.

If you care about integrating with RHEV-M, now is the time to get involved with the API project. While the API is already quite well defined, there is buckets of scope for design changes and adding new features. And, most of all, we want your help!