Two things I wish existed, and would want to make if had lawyer super powers

A friend of mine, Ed asked me this in a private Whatsapp group before tagging me on twitter with this message:

Two things I wished existed

A “Green Oak” Software License

Anything to discourage the use of open source software and services to support the extraction of fossil fuels would be good.

We’ve seen previously that one of the key things stopping fuel and natural gas so far has been the difficulty in raising finance, or getting insurance on new fossil fuel projects. See this thread for more:

So, I think we should make it riskier and more expensive to use open source software to support fossil fuel extraction.

Maybe a thing like a “Green Oak License” – i.e. along the lines of the Blue Oak Model License, but with explicit language about use in the extraction of fossil fuels being forbidden.

If this exists in a sensible form, then it becomes possible to have a conversation about what people building software are comfortable with it being used for, and ideally, for us, as grown up professionals, take more responsibility in how the things we might make are used.

As tech grows up, so must we, and if we say software is eating the world, then maybe this new world should have a different aesthetic, where it’s just not cool to have anything to do with extracting fossil fuels, when the science if so overwhelming, and when we need investment that is going into fossil fuels to go into things like drawing down carbon, or transitioning our economy away from them.

Model policy language for procurement for purchasing to be in-line with net-zero targets

The second thing would be some model language to use in procurement, to basically say:

“this big purchase we make needs to be inline with net-zero targets”

I don’t know what it might be, but creating an incentive that people either can’t complain about being non-competitive, or that people can use to force a conversation in places where a climate emergency has been declared to give these declarations some teeth would be helpful in my view.

Maybe it’s a specific thing to ask for to show this, like a verifiable commitment, the way the WCAG guidelines forced accessibility to be a thing in public sector. You can see precedents set where NYC public schools forced Amazon kindle to be more accessible, which has now ended up creating norms for private sector too, like in the case where a blind man has successfully sued Domino’s Pizza for building an inaccessible site.

Why I think this would help

I say this because I understand more than 50% of UK councils to have declared a climate emergency now.

But without any mechanism to act upon this declaration, I worry that it’s just a feel good gesture, and any momentum from doing it will be lost.

If there’s some legal basis to back up the science, which we all seem be ignoring, at least it can lead to a conversation along the lines of:

“OK, what does acting as if there was a climate emergency look like?”.

The goal here isn’t to penalise people for declaring a climate emergency, but instead to create the legal mechanism to allow the people pushing for it, to push for action, rather than being fobbed off with a response like “we already declared it, we’re done!”.

The people campaigning for things like emergency declarations shouldn’t need to be policy experts or technocrats, but their reasonable wishes of keeping a world safe for their and their friends children should be respected.

I’ve been working with a friend, James Gardner to sketch out some ideas along the lines of a “ten tonne rule”. I’m hoping these two sentences on how to use will outline the idea behind the ten tonne rule:

If any spend will cause more than 10 tonnes of CO2 emissions, rank bids by CO2 emitted over length of the contract.

Suppliers show the workings for their CO2 figures in bids. Favour the lowest.

James has written some more on his site.

How to forward requests with proxy_pass in nginx

I’ve been doing some work of late with The Green Web Foundation, and recently we moved from using Gearman as a queue, to RabbitMQ instead.

RabbitMQ has a management UI that makes it easier to tell what it’s doing, and it also exposes this information at a specific port, (lets say 12345) in the form of a handy dashboard.

You might want to make this easy to see remotely, and if you already use Nginx as a webserver for serving files on the same machine, one thing you can do is serve this dashboard using nginx, using a handy directive called proxy_pass, and setting up an upstream provider, to send requests to another service.

Here’s how it works.

First all, set up a server

server {
  # sample values
  listen 123.123.123.123:80;
  server_name dashboard.thegreenwebfoundation.org;
  # the directory to serve files from
  root  /var/www/dashboard.thegreenwebfoundation.org;


  location / {
        # try to serve file directly, fallback to index.php
        try_files $uri /index.html$is_args$args;
  }

}

Once you have a server, this should be serving files from the directory /var/www/dashboard.thegreenwebfoundation.org.

This works for static files, but in the case of the RabbitMQ dashboard, we have the dashboard being served from a different port.

One way to serve this content on a different port is to define it as an upstream, server, like so, so we can refer to it later:

upstream rabbitmgmnt {
	server localhost:12345;
}

Now we have defined a server listening on 12345, we need a way to send traffic along to this new upstream server. One way is to use the location directive like this – now, any requests sent to dashboard.thegreenwebfoundation.org/rabbit will not be sent along to the upstream rabbitmgnt server.

location /rabbit/ {
        proxy_pass http://rabbitmgmnt/;
  }

Why is this useful?

This is handy as it saves you needing to set up a whole new virtual host.

Note: I’ve abridged the code this example to keep the code easily readable, but you’d almost always serve this over HTTPS, and ideally, you’d try to reduce the possible IP addresses you’ve be able to access this endpoint over.

This post is one for my future self, when I forget how to use nginx again…

Helpful links

RabbitMQ Management plugin – https://www.rabbitmq.com/management.html

Nginx proxy_pass info – http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass

Nginx upstream servers – http://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream

Fellowship-it: an idea to get over the last hurdle when applying for funding

I keep planning to apply for the Shuttleworth fellowship, and failing to apply, because I’m not happy with my final application, so I want to try a weird trick that might help. It might help you too.

My experience

I tried earlier this year, at the last minute, I flaked out, because, after spending hours writing an application, I couldn’t get a good video together that I was happy with, actually make up the last bit of the the submission for the fellowship. I’d keep re-recording, or re-writing what I was going to say.

In a word, I couldn’t ship it.

What if I can’t keep noodling around with the video?

If you’ve ever been to an ignite/pecha kucha event, you’ll be familiar with an interesting hack – to make the night more interesting, and keep the event flowing.

Speakers have 300 seconds, and the slides automatically cycle through the deck – you don’t get control it. It’s scary, but also liberating.

Fellowship-it

Puns seem to be one of the main drivers of my professional career, and and this is no exception. I’m planning to run an event in the last week before the Shuttleworth Fellowship application closes, for others in Berlin or Germany, who are thinking of applying, who:

  • want to apply for the shuttleworth fellowship which closes on Nov 3rd
  • are cool with presenting your idea on a projector in venue in Berlin, from a PDF, or online deck (i.e. not your laptop)
  • are happy presenting in front of a small, friendly supportive audience

This sound like you? If so, here’s the plan:

  • we get venue (I’ve asked co-up but I’m open to other venues, as long as they’re easy to get to, and free)
  • one of us sets up a DSLR or similar camera
  • we take it in turns to present our idea, in one take, to the rest of the audience. We have the projector and the audience to help.
  • we immediately upload the video somewhere we can all access (probably youtube, but I’m not too fussy)

We then have a video uploaded an online, the same day, that we can link to, before the deadline.

Why do this?

I have a hard time getting these applications shipped, and I think others might too.

So, if we can do something to help with the most awkward part of getting these applications over the line, I think it’ll increase the chances of one of us actually getting funded, for whatever project we want to throw the majority of our waking hours at, over the next few years.

If nothing else, it’ll be a good test run, if you DO want to make a video anyway. You’ll get the practice for trying to speak coherently about your project.

If you’re into it

Let’s say we might do on this on the afternoon/evening of Friday Nov 1st, or at some point on Saturday Nov 2nd. That still gives time to see the vid and make the application deadline of Nov 3rd.

If you have a venue in mind, or you fancy doing this, shoot me an email with the subject of Fellowship-it“, and say “I’m up for doing this”, to chris@productscience.net.

You can see more, but that’s enough.

If there’s enough of us in Berlin who want to this I’ll set some time aside to make it happen.

Update: I provisionally have a space now (Co-up, a cool community space in Berlin) and a date – the evening of Nov 2nd.

How much of our internet infrastructure will be underwater in 15 years?

I follow Alexandra Dechamps Sonsino on twitter, and I learn a colossal amount from what she share, but some recent links she shared really got me thinking. I’ve written previously about how tech and the internet plays havoc with our climate because it relies on fossil fuels. It looks like the climate is wreaking havoc right back.

TLDR: Burning fossil fuels to run the internet our worsens climate change. Now rising sea levels look like they’ll swamp our infrastructure back.

This piece from last year in the National Geographic is eye-opening, about how rising sea levels are affecting the operation of the internet. Because commercial firms don’t disclose this, the authors ended up needing to scrape loads of pages to get an idea where all that infra was, and found out this:

Cities like New York, Miami, and Seattle are likely to see up to 12 inches of extra water by 2030—well inside the time range of a mortgage on a house, or the planning horizon for big public infrastructure projects. A foot of extra water wending through some of those cities, the researchers say, would put about 20 percent of the nation’s key internet infrastructure underwater.

They name specific companies in the paper, like AT & T, Century Link and so on, whose infrastructure is at risk. Above a certain size of company, there are climate related financial disclosures it really should be sharing, for the benefit of investors, suppliers,, customers and so on, and there are companies who are doing this.

One good example is Etsy, who last year started integrating environmental reporting with financial reporting.

Here’s what they say, specifically, referring to the Sustainability Accounting boards Standards:

Discussion of the integration of environmental considerations into strategic planning for data center needs. Etsy’s goals include powering our operations with 100% renewable electricity by 2020, and reducing the intensity of our energy use by 25% by 2025.

These goals are included as key considerations as we plan for our computing needs, and have been a focus of our sustainability efforts. When transitioning to a cloud computing infrastructure, we selected Google Cloud Platform, a partner that shares our commitment to 100% renewable electricity. Their highly efficient datacenters are expected to help us save significant energy. Moreover, moving to flexible cloud-based infrastructure should enable us to reduce major idle time and associated energy consumption.

In 2018, Etsy entered into a virtual power purchase agreement for solar energy in Virginia. Once operational, this project is expected to provide us with renewable attributes to apply to our operations and computing infrastructure, furthering our goals of creating a cleaner internet and reducing our impact on the planet. We actively monitor and manage energy consumption from our computing infrastructure.

In 2018, our colocated data centers accounted for 68% of total energy consumed, or 7330 MWh.

From Etsy’s SASB section of their SEC filing for 2018

The paper cited though, Lights Out: Climate Change Risk to InternetInfrastructure goes further. It literally shows where there is projected flooding, and where there is infrastructure where the flooding will happen:

I’m not aware of much in the way of publicly accessible data listing this, and I’m not aware of research like this outside of the states.

It seems kind of useful to know how much of the biggest machine on earth, that many of we use rely on every day, will be underwater in the next few years though, surely?

If you’re working in this field, I’d love to chat. Better yet, come say hi in ClimateAction.tech.

Notes as I learn about tuning MySQL

I’ve been doing some work with MySQL again with the Green Web Foundation. This has involved working with relatively large sets of data, so to make some queries run faster, I’ve found myself looking at the settings it uses by default, and having to understand what queries are doing under the hood. These are some of my notes, mainly for my future self.

Like earlier Postgres, earlier MySQL has smalll memory defaults

When I was last working with servers directly, and having to fiddle around with settings, I learned that early versions of Postgres has defaults to be really conservative about how much RAM the server would assume it could access on a machine.

This is good news in terms of not eating up all your memory, but less good for actual performance, you’d often end up with RAM lying around unused, when it could be put to work making things run faster.

The story is similar with MySQL – if you’re using a version of MySQL like 5.6 or earlier,and no one’s been playing with the settings, you maybe using the default tiny amount of memory, and relying on reads or writes to disk, slowing everything down.

Different storage engines need different kinds of settings

One key difference between the two is that MySQL has the idea of swappable storage engines, where as with PostGres, you only have the one.

What’s more over the last 10 years or so, the old default storage engine for MySQL, MYISAM, given way to the more capable InnoDB storage engine.

This is good if you have new projects, but less so for old ones. What’s more, if you have some tables which use MYISAM, and some which use InnoDB, you now need to thinkg about two sets of settings to tweak.

I’ll list the key settings in each case that I’ve found.

MYISAM

key_buffer_size – MySQL relies on this setting to work out how much space it has to use for storing parts of table’s indexes in memory to quickly find stuff. This isn’t the full picture though – as this only covers indexes.

If there’s actual data that needs to be kept in cache, it relies on whatever the server operating system uses to cache files, to avoid reading from a disk. If you’re using Linux, this means the disk caching that it uses by default to keep commonly used data in memory anyway. But this also means that you need to leave space for it.

InnoDB

innodb_buffer_pool_size – by comparison, InnoDB uses single setting to let you explicitly decide how much RAM you want to allocate as a buffer for indexes and data. This is likely the single most important thing to change if you’re using primarily InnoDB tables. There’s

It also outlines why a mix of MYISAM and InnoDB tables can be a pain – you now have two sets of knobs to twiddle for performance, when it would be so much nicer to just have one set.

Global vs per-thread settings

Like Postgres MySQL supports lots of clients reading or writing at the same time to a given database via a pool of connections. And in addition to setting global settings like innodb_buffer_pool_size, or key_buffer_size, you there are also per client settings – these decide how much memory might either be allocated for a client to have to available for various queries and so on.

In my use case, I’m needing to do a bunch of sorts, and groupings, which rely on creating temporary tables when working. One important setting in this case is tmp_table_size, which decides how much memory is allocated for making temporary tables to speed these actions up (see more in the docs).

This piece from Percona’s blog on MySQL memory usage, even though it’s 13 years old now was pretty helpful.

Understanding queries with EXPLAIN

Just like Postgres, you can add EXPLAIN at the beginning of any queries to get a better understanding of what they’d be doing under the hood then the query runs.

This post from sitepoint explains how to use it – it’s nowhere near as comprehensive as Postgres’s version of EXPLAIN, but it at least tells you how MySQL will try to find the rows you care about.

Setting session level settings for a client

I mentioned before about per client settings, in addition to global settings.

With MySQL, you can set things like read_buffer_size, sort_buffer_size, read_rnd_buffer_size, tmp_table_size, but make them only apply for a given session – this is useful in the case of you having a loads of normal kinds of requests and queries you need to support, but there also being occasional jobs where you it would be really helpful to have much more memory available to make big sorts, and joins and so on.

For this, you can set it in query, like so:

SET SESSION sort_buffer_size = 4 * 1024 * 1024

At the end of the session it’ll be unset, which is useful, as otherwise setting these values globally can overwhelm a server, when you have 300 requests suddenly using this massivelt greedy default.

Creating norms in tech, and the climate crisis

I recently started working to help get a document together to help set some norms in the tech community (such that there is one) about our actions in relation to the climate crisis. So far, it’s been referred to as a climate code of conduct, and there was some push back about using the term code of conduct in this way, and it seemed worth sharing my thoughts here, so I can refer to them later.

Why you might call a normative document about how we work, a Code of Conduct

We have no generally accepted formal code of ethics like other professions in tech.

But one of the closest things we have seen work in a normative sense are Codes of Conduct.

They have changed behaviour at conferences and set norms that would not otherwise be followed, and as a result created a space that is accessible to people who previously did not feel safe.

One of the reasons I think Codes of Conduct can be effective is that they by designed to be universal, normative, inclusive, iterative, and explicit.

Codes of Conduct are explicit about what we consider acceptable, and there are consequences for not following them. There’s also an expectation that they evolve over time, as we learn more about who is being harmed, and try to include them in the conversation.

Crucially, they’re already in use – we currently rely on them to establish norms at conferences, but also for virtual spaces, like open source projects, online communities and so on.

I’m currently not aware of a mechanism that’s as widely used as codes of conduct for setting norms around behaviour, but I’d love to find out if there was.

Why you might not call such a normative document a Code of Conduct

Codes of conduct have previously been applied at or around events, and primarily refer to how attendees address each other inside the space itself.

It’s been a huge amount of work to get them accepted, and many brave people have had to put themselves in harm’s way for this to happen.

Including something as structural as an organisation’s policy around climate change, or a person’s individual decisions about travel, because they’re not directed at a given person, can feel like a stretch of the term Code of Conduct.

You might feel like this , even if someone’s individual decisions result in harm to the people you might want conferences, and by extension, the tech community as it grows -remember, the fastest growing tech communities are not in Europe or North America, bt mostly what you might call the global south now.

The result of this is you might feel really uncomfortable about using the term Code of Conduct in this way – it’s different to how Codes of Conduct have been used previously – and you might worry that it would weaken what a Code of Conduct already stands for.

A different frame – protecting against different kinds of violence

When I first heard the “this weakens a Code of Conduct” argument in tech, I felt pretty miffed, as it felt like taking the one tool in tech communities, that’s been historically useful against oppression of minority groups, as it basically felt like saying:

“screw you, I got mine, and those other people over there don’t matter enough for me to be okay with you using that term”

It seemed to go against everything I read about intersectional theory, and the number of people objectively being harmed by actions we’ve been taking in the global North for the past few decades left a really, really bad taste in my mouth.

I need to stress – I don’t think that’s the case, and I’ve only shared it here as I think it’s more useful to acknowledge emotions when you feel them, and then work to share how you moved on from feeling that way, for the benefit others in a similar situation.

Violence – more forms than just the physical

One term, or way to look at thing that helped me get past this, was understanding how people talk about violence.

It might be useful to understand a specific use of the term violence, and specifically, structural violence as described in Wikipedia as it helped me make a distinction in the two positions above, about using Codes of Conduct. I first came across it when reading Violent Borders.

One way people talk about violence is in terms of behavioural violence (sometimes referred to as direct violence), cultural violence, or structural violence.

  • Behavioural (or direct) violence – might typically refer to one person targeting one person specifically, and generally mistreating them, or causing them harm. This is the probably what we think of the most when we hear the term violence.
  • Cultural violence, as the name suggests is about creating or supporting a culture that legitimises or justifies this kind of direct violence.
  • Structural violence, tends to refer to decisions that result in harm happening to someone, even if we don’t mean to do it. The harm is typically caused in a more widespread, diffuse way, and while the damage done is real, it’s harder to pin it down to a single person, or identify a single person as a target. There might be deliberate policy decisions inflicting structural violence, but generally speaking, it’s much harder to see things like this as a direct form of violence.

Codes of conduct as we have used them so far seem to refer to direct violence (i.e. one person directly treating someone terribly), and cultural violence (stuff that might that lead to, justify or legitimize this kind of direct violence), and as such, they take steps to protect people against them.

I haven’t found any Codes of Conduct or similar in tech, that explicitly refer to structural violence or have explicit safeguards against it.

And yet – many of the problems around the climate, are you might call structural violence.

People choose to run servers that are powered by burning coal, or choose to fly all over the place – someone absolutely booked a flight to do this, to chose one provider over another. There’s a link between these things and a changing climate, and as we’ve seen with heatwaves in India of late, There is a definite human cost.

But it’s not direct violence aimed at a specific person.

Why this matters.

I’m working on a document that currently uses the term of Code of Conduct in the context of Climate, and I’m struggling with this at the mo.

There is no real kind of commonly accepted, effective normative mechanism in tech in use that people explicitly agree to follow, like a code of ethics, or practice, or charter, like other professions.

The Code of Conduct is the closest thing we have that I can think of right now, that is universal, normative, inclusive, iterative, explicit, and most importantly widely used.

The thing is, using the term Code of Conduct to talk about structural decisions and policy in this way, is a departure from how they’ve been used before.

When it comes to the climate crisis, there are clear things we need to do, and that we are are objectively failing to do, and harm is being done to countless people as a result.

I’d find it really useful to learn about other mechanisms that are powerful like Codes of Conduct, in widespread use, and don’t result in this kind of scope creep to how we currently think of Codes of Conduct – if you know any, I’d love you hear form you.

You can leave a comment on this blog post, or contact me the usual ways listed on this site.

Are there open sourced sustainable travel policies online?

I just shared this on LinkedIn, and it seems worth sharing somewhere on a domain I control too, as I’ve had a number of people ask about this over the last few weeks:

Hello there, professional acquaintances on linkedin. Are any of you folks aware of openly published, sustainability polices, or policies around travel for staff in your, or other organisations?

I’ve had a few people ask me, and I tend to work in smaller companies where it’s never been explicitly written down that we try to take surface transport where possible, and if there is travel by plain it must at least be offset, and attempts made in future to minimise it – it’s just been an unspoken norm.

But I know these kinds of policies exist.

Are these *really* considered a source of competitive advantage, such that they would be not be shared openly?

If you’d see one, please drop a comment below, or please get in touch – I know a number of companies where employees are looking for one, and it seems worthwhile thing to have.

I know some people are working on this as a result of the OMG CLIMATE unconference in Berlin, and you can see some notes in this gallery.