Why the OpenStack community voting process fails and how to fix it

Open source communities offer a lot of democratic participation. The idea that you contribute to a project and have a say in its governance is a powerful one.  When it doesn’t work, those same projects turn their backs on active contributors and discourage newcomers. The most recent OpenStack elections for Individual members to the Board of Directors is a strong example of how community voting fails and how to fix it.

This time I watched the elections from the distance, as much of an outsider as I have ever been. Now that the results are in, I’m very disappointed to see confirmed four Individual board members — half of the total — whose inaction during 2016 should have not granted them reconfirmation.

It’s also extremely sad to see more than a few very active individuals have not been elected.  Of the eight elected, only one works for a smaller company and only one is mostly an OpenStack user (seven are primarily OpenStack vendors). The Individual members of the OpenStack Foundation were added to the bylaws to keep large corporate interests in check, and clearly this doesn’t seem to be working.

The OpenStack community has a huge problem here: good behavior and personal investments to improve the project don’t get rewarded. On the contrary, affiliation with large companies, spammy promotion, and geographic proximity seem to be more effective at granting a seat on the board. This has discouraged participation already, as some backchannel conversations have confirmed. You have to ask yourself, why would someone like Edgar Magana do what he has done for the short time he’s been on the board, when almost-inactive members get the votes?

A couple of immediate actions can be taken to improve the situation. First, acknowledge that an issue exists at the Board level, where too few small organizations and users are represented. Then, stop tolerating abuse of community resources like planet.openstack.org and use of the OpenStack logo. Actions should have followed OpenStack Foundation’s COO Mark Collier reminder to be nice during the campaign. Mark wrote:

With respect to local user groups and web channels, I think they should remain neutral ground that are open to all local community members.

But then the OpenStack logo (that’s another problem, known and unsolved for many years) was used to promote a single candidate as ‘our APAC‘ candidate. Who’s we exactly? OpenStack AU with the logo of the OpenStack Foundation? From my cursory glance at the candidates, there were others in APAC region, but I bet those candidates didn’t have direct access to the OpenStack AU Twitter feed.

OpenStack Australia suggesting to vote for Kavit as 'our APAC candidate'

And the shared Planet OpenStack (which is syndicated to Reddit and other places) was inundated for a week by the same advertising. My attempt to limit the damage to the community and send a signal was blocked.

One more thing: make the pages of the candidates more meaningful. They’re too wordy now, start with the generic bio and offer no link to hard facts. How many of the 3,000 voters actually read their pages (I bet they don’t, and we can easily find out with Google Analytics)? Members pages should show facts, not generic intention to make the world a better place. I always had the vision to collect data from analytics tools and show those in the individual member pages. Stackalytics already offers a pretty comprehensive view of what each person does, not just code-relate but emails, translations, work on bugs, and I bet more can be added from OpenStack Groups portal.

Communities need constant supervision and nurturing, they can’t be left unattended because as quickly as they have formed, they fall apart or at the very least lose critical focus. OpenStack is under tremendous pressure and now more than ever needs dedicated contributors to keep the project at the center of attention.

Medium is “pivoting”

I’m glad to read Ev Williams finally admitting that:

the broken system is ad-driven media on the internet. It simply doesn’t serve people. In fact, it’s not designed to.

He’s a smart person, I’m sure the next iteration of Medium will be interesting, no matter what the outcome will be.

Source: Renewing Medium’s focus

Prototyping applications with Airtable

Gotta say: using spreadsheet as poor-man’s database makes me feel poor every time. Google Sheets is so convenient that everybody starts a new sheet to hold some information in a table. The problem is, sheets are so convenient that some sheets keep on starting again, and again. Soon the company has 20 sheets holding bad information. It’s the tragedy of the corporate wikis all over again.

Instead I’m one of the few who used to love Microsoft Access: I know, it’s bad as a database but to rapidly prototyping small applications it was awesome. As a poor-mans database, Access was at least credit-worthy compared to spreadsheets.

Unfortunately Google doesn’t have something similar to MS Access so when I discovered Airtable, I got really happy. I’ve prototyped a small application to keep track of conferences and call for papers. Finally I don’t have to keep entering the same data every year in a new sheet and I can keep tables in fairly normalized form. Nice stuff. I wish Google Apps buys it … and the cynical in me says: “so we can have dozens of similar databases instead of hundreds of similar spreadsheets (the same tragedy, at a smaller scale).”

Why you should not use Slack for volunteer communities

Last night I was asked again to join a Slack channel during a community event and I lost it. I lost the patience for this constant push into a walled garden that I can accept only at work. I don’t want my email to be given away to a company so they can brag about their growth rate… and for what in exchange? More work for me to signup, pay attention to terms of service, unsubscribe, remove notifications…

No! No! and NO! Community managers, don’t use Slack and please note:

  • It’s tacky to ask volunteers to surrender their email address to a third party who will use to send “occasionally” unrequested “news and announcements”. No, thank you.
  • It’s annoying to force your volunteers to signup for yet another service. Click click click click email click-verify tutorial etc. No, thank you.
  • It’s wrong to archive your volunteers conversations and credentials in a big fat place where the next criminal will grab them. Because you know it will eventually happen, right? No, thank you.

Slack works so well in work environment because it keeps history, it’s very good on mobile, its notifications can be fine tuned… it’s pervasive, and very effective… at work! But the last thing I want as a volunteer is to spend time to fine tune notifications for each and every group I join.

Also, you can’t expect volunteers to keep up with the history of a channel (hey, hello, hi, wazzup, thank you, great, awesome, gif, gif gif… ), so that Slack feature is not useful.  As a community manager, you should know that there is always one that abuses of the @here @channel @all shortcuts to ask moronic “support” questions in the most populated #general channel. There you have your daily “@all it doesn’t work!” even if there is a channel called #support.

Buzz off, and RTFM! I said it!

There are better ways, not intrusive, easy to start and quit when the meeting is done. Etherpads have chat: do the volunteer work, take notes, share links on the chat. If etherpad is too complicated, I’d accept Google Docs.

Do you just need a temporary channel to chat? Just create one on the fly with freenode web chat, mibbit or any other IRC on web. Hit it and quit it: chances are, the archives of your meeting are not going to be read by anybody anyway. Let your community focus on the asynchronous systems: email works well, forums, your website etc.

You should not give away your community members : they’re not yours to give, in the first place!

DreamHost Gives Free SSL/TLS Certificates with Let’s Encrypt

DreamHost has done the right thing, deciding to let go of a portion of its revenues in favor of free SSL/TLS certificates for everybody.

It’s a great pleasure to work for such a company, knowing every day that customers come first and revenues are a side effect. DreamHost may not be the multi-billion dollar juggernaut in the industry but the people here are helpful, nice, competent and believe in what they do.

Let’s Encrypt is another contribution to a free society, pairing up with the contributions Ceph, Astara and OpenStack, WordPress and many other free software/open source projects directly and indirectly sponsored by DreamHost.

Source: Free SSL/TLS Certificates at DreamHost with Let’s Encrypt

PS: we’re hiring a Cloud Storage engineer.

Meet OpenStack at FOSDEM 2016

The most important gathering of free software and open source enthusiasts in Europe is coming on Jan 30-31, in Brussels and OpenStack will have a table booth there, plus many talks.

I look forward to go there to get the pulse on the open source community regarding the abolition of Safe Harbor provision, and how that impacts users of US-based public clouds, like DreamHost. It’s a complicated issue that I’ve just started looking into. One of the talks I’ll make sure to attend to is Rosario Di Somma’s talk about Magnum in production: he’s been evaluating Magnum for DreamHost and he’ll share the first results of his investigations.

On the OpenStack side of things, Adrien Cunin is the main point of contact and he’s looking for volunteers to preside at the official OpenStack table at FOSDEM. If you have holes in your agenda, please consider adding your name to the etherpad.

What is an OpenStack Powered Compute?

The OpenStack Technical Committee voted a resolution suggesting to the OpenStack Board to modify the definition of “OpenStack Powered Compute” to include statements such as

An `OpenStack Powered Compute`_ Cloud MUST be able to boot a Linux Guest

This is quite a change in OpenStack DefCore efforts, since as Rob says

The fundamental premise of DefCore is that we can use the development tests for API and behavior validation

DefCore has always been about the OpenStack API and carefully avoided checking the implementation of clouds, leaving enough space for vendors to differentiate their products without harming consumers. An ironic twist of fate is now forcing the whole program to take a stand on implementation, too.

Stating that an OpenStack cloud MUST be able to boot a Linux Guest  is the most controversial and I see why the TC is going into this direction: as a OpenStack user, I expect to be able to upload my images in any OpenStack cloud. Given that Linux is the OS of choice for the vast majority of today’s cloud workloads, booting my Linux image is a must have. It’s a practical choice and one that makes a lot of sense.

The problem is that forcing implementation details by the TC is a slippery slope. Will the TC suggest also that any OpenStack cloud must offer a routable IP or boot a VM in less than 5 seconds or that flavor names are always the same across all OpenStack clouds? Granted, all these requests make sense from the perspective of at least some users: there are already lots of unnecessary complications for putting workloads on OpenStack right now.

The question is if those mandates make sense for OpenStack as a whole and I’m not convinced they do. I tend to lean towards two complimentary positions:

  1. make sure that OpenStack Compute Powered clouds are transparent and their behavior is discoverable. Like the OpenStack Foundation exposes the results of the DefCore API compatibility on the Marketplace, I think DefCore should test the implementation of the clouds, public clouds especially and expose the results. This way a user would know that a cloud passes DefCore tests, runs OpenStack upstream code (as done now) and allows uploading/booting Linux guests, offer IPv6 by default, boot in x seconds, has XYZ flavors, allows custom flavors, etc.
  2. DefCore should consider public clouds, hosted private clouds and distributions as different beasts. To me it makes more sense to expect a public cloud to allow uploading Linux guests than mandate the same for a private clod… even less sense for a distribution. The buying process for these is different and the needs for users are different, too.


I’m a candidate for OpenStack Foundation Board of Directors: if you like what you read, remember to vote for me at the 2016 elections

Balancing IRC and email, the secret of success for open collaboration

Are seasoned contributors to OpenStack giving too much importance to IRC, and is that creating bad side effects in other areas of the community?

Since I started contributing more to working groups outside of the OpenStack upstream contributor community, I noticed that email is used in a limited way, with a couple of lists having either very low traffic or low signal/noise ratio. The email lists are often used to share calendar notifications for meetings and their agendas with often little to no discussions. Have we insisted so much in holding weekly meetings “like developers do” that now people think that email discussions are less important?

This weekend a couple of posts on Planet OpenStack talk about IRC: one very good source of information on how to use IRC better from Chris Aedo who suggests to stay more on IRC. He argues:

If you are interested in becoming an OpenStack contributor, having a persistent IRC presence might be one of the most important secrets to success. Anyone who spends time in one of the more active project channels will immediately see the value of synchronous communication here where problems are sometimes solved in minutes.

On the other hand of the spectrum Chris Dent who highlights the chaotic nature of IRC. He mentions that too  much IRC leads to:

no opportunity to be truly away, frequent interruptions, an inflated sense of urgency, and a powerful sense of “oh noes, I’m missing what’s happening on IRC!!!!”—but the killer is the way in which it allows, encourages and even enforces the creation and expression of project knowledge within IRC, leaving out people who want or need to participate but are not synchronous with the discussion.

This last point is crucial: not everybody can be online all the time, some of us have to sleep or go see a movie at times. IRC is often mentioned as a blocker to new community members. I advocate using a bouncer only to get personal messages, not to read the backlogs.

While synchronous communication is crucial for distributed collaboration, a sane habit of using email is as important. The OpenStack community has put so much emphasis on using IRC to hold weekly meeting and to resolve the most controversial conversations in real-time that some new comers now think that synchronous communication is more important than async email.

A sane balance of sync-async communication is more crucial to success of open source collaboration, mixing email and IRC (which is what most of OpenStack upstream developers do, by the way.)

All in all, I think there is also a need to teach people how to hold conversations via email, with proper quoting, no top posting and other nice things to do… but also email sorting and filtering client-side, what not to say (hint: “me too” messages are generally considered noise)… a lost art, as much as using IRC.

Why OpenStack should stop tracking its Net Promoter Score

TL;DR because it makes no sense for OpenStack and it provides too much distraction at a time when the Foundation should focus on addressing more specific and actionable concerns tied to its mission “to inform the roadmap based on user’s opinions and deployment choices.

I’d like the OpenStack community to focus on the fundamental issues of OpenStack adoption, ease and speed of development and ease of use by application developers. There is plenty of evidence that such areas need attention and there are already metrics tracking them: adding Net Promoter Score (NPS) is a distraction.

This is part of the reason why I’m running for Individual Director of the OpenStack Board. Read the rest of my candidacy pitch and hit me with any questions, comments or concerns you have over email, twitter, IRC (@reed), phone call, smoke signals … whatever works for you!

So, there are many strong reasons for removing the Net Promoter Score from the survey altogether. The main objection: NPS is used to track customer loyalty to a brand. For typical corporations, they can identify with precision customers and brand, therefore effectively measure such loyalty.

On the other hand, the OpenStack Foundation has many types of customers, the concept of its products is not exactly defined and ultimately OpenStack can’t be considered a brand in the sense of the original HBR article that launched NPS. The User Survey is answered by everyone from cloud operators or sys-admins to OpenStack upstream developers,  app developers / deployers and even a mystery blob called “Other” in a multiple choice answer. The question, “How likely are you to recommend OpenStack to a friend or colleague?” can be interpreted in too many ways to make any sense. Who exactly is the [Promoter|Detractor], who are their friends and colleagues, what exactly is “OpenStack” to them? Did they get some pieces (which ones?) of OpenStack from a vendor? Did they get the tarballs? Are they skilled to use whatever they have purchased or downloaded for free?

I’d argue that the NPS collected in the Survey in its current form has no value whatsoever.

 - Dilbert by Scott Adams
The OpenStack NPS went from #$ to *&

I asked the User Committee to answer these questions: Is the User Committee convinced that an open source project like OpenStack gets any value from tracking this score? Why exactly is that number tracked in the survey, what exactly does the UC want to get from that number, what actionable results are expected from it?

Stay tuned: I will update this blog post as the conversation continues.

Frank Day added to the list:

NPS is an industry standard measure.

He missed my point unfortunately. I didn’t start this conversation to debate if NPS is an industry standard measure. My question is whether it makes sense to track it for OpenStack when: a- OpenStack is not an industry but it’s an open source collaboration, it has no exact definition of its product (what is OpenStack in the context of the user survey? Only the core? the whole big tent? the tarball from upstream? a distribution from $VENDOR?) and finally, it lacks a definition of who its customers are (the survey has only a vague idea).

If we are to drop NPS, it should only be in exchange for some other measure of satisfaction.

He fails to explain why that should be important for a huge open source collaborative project like OpenStack. And also satisfaction of who, doing what is not clear.

Lauren Sell and Heidi Joy Tretheway gave a more thoughtful answer that I suggest to read in full. Some excerpts:

When we analyzed the latest user survey data, we looked at a demographic variable (user role, e.g. app developer), a firmographic variable (e.g. company size), and deployment stage. We learned that overall, there was no significant difference in NPS scores for people who identified with a specific function, such as app developers, or for companies by size. As a result, we didn’t do further data cuts on demographic/firmographic variables. We did learn that people with deployments in production tended to rate OpenStack more highly (NPS of 43 for production, vs 24 for dev/qa and 20 for POC).

One cause for variance is that unfortunately we’re not comparing apples to apples with the trending data in the latest survey report.

Going forward, I think we should focus on deployments as our trend line.

As a next stepthe independent analyst plans to draw up correlations (particularly for low scores) associated with particular technology decisions (e.g. projects or tools) and attitudinal data from the “your thoughts” section (e.g. we might find that firms that value X highly tend to rate OpenStack lowest).

I replied on the list saying that ultimately all this slicing and dicing is not going to tell us more than what we already know anecdotally and by looking at other data (that the community used to collect), suggesting that resources would better be allocated towards 1-1 interviews with survey respondents and other actions towards the community.

Roland Chan sent an update to the list after the meeting and the committee decided to keep analyzing this score. Heidi Joy will work with the data scientist, which means resources that could be better spent are being used to serve a corporate number.

The hard life of OpenStack application developers

I’m starting to feel the pain of developers attempting to write applications on top of OpenStack clouds: it hurts, and I haven’t come anywhere close to doing anything special.

I started following the getting started tutorial for First App Application For OpenStack (faafo) and I gut stuck on step 1, authentication. There are way too many things that are convoluted, confusing and sometimes carefully hidden (or ridiculously displayed) on Horizon that make it too hard to get started developing apps on OpenStack. I started following the Get Started document for python-libcloud:

You need the following information that you can obtain from your cloud provider:

auth URL
user name
project ID or name (projects are also known as tenants)
cloud region

Looks simple but it’s not. The auth URL doesn’t include the path say libcloud documentation but in practice every cloud I tried behaves differently. DreamHost and Runabove require not only v2.0/ but also /tokens after the base URL (https://keystone.dream.io/v2.0/tokens) while CityCloud and HPCloud seem to work according to the documentation. Some will throw weird errors if you add /tokens. Libcloud is also confusing regarding support for Keystone API v3 (which Citycloud uses): the official docs don’t mention v3 (bug), but a blog post from libcloud maintainer provides examples on how to use it.

Finding the right projectID or name is also challenging because some clouds don’t show the project ID immediately in the web control panel (and not every cloud I tested runs OpenStack Horizon). Chances are you’ll have to find the RC file, which is fairly easy if the cloud you’re targeting is using Horizon.

Even after I found all the pieces, I haven’t managed to authenticate using libcloud on CityCloud, Rackspace (using openstack provider) and HP. Only with OVH I managed to authenticate and get a list of images with my stock Ubuntu 15.04. I managed to authenticate on DreamHost only on Ubuntu 14.04 and on a clean, updated virtualenv.

It took a lot of trials and errors to get rid of the Method Not Allowed errors and get libcloud.common.types.InvalidCredsError: ‘Invalid credentials with the provider’, which at least is hinting that I have guessed the auth_url for Citycloud and HP. But I have no idea why credentials are not accepted, since the username and password are those I use on the Horizon panel on HP and on on the custom Citycloud panel. My guess is that I haven’t guessed correctly the project_name or tenant_id or whatever it’s called. This is too confusing.

OVH seems to works, but it requires the full url:

auth_url = ‘https://auth.runabove.io/v2.0/tokens

it won’t work without /v2.0/tokens.  So, after spending one day reading docs, trying to guess permutations I started thinking that probably libcloud is not a feasible approach.

I’ve started looking at OpenStack Infra homegrown interoperability library shade instead: authentication went smoothly immediately with DreamHost and HP on my machine. At least that part was easy and I managed to make some progress in my test with that, finally. Hopefully by the end of the day I’ll have the FAAFO running on

The end result is that it shouldn’t be this hard, even for a very modest developer like me, following a well written, copy-and-paste tutorial should not be as confusing. A lot of work needs to be done to make OpenStack clouds friendly to app developers.