Re: [Userops] Why is it hard to move from one machine to another? An analysis.

[Dave Crossland]

Hi

On 10 April 2015 at 14:34, Christopher Allan Webber <address@hidden> wrote:

I think there's an impression that I'm anti-container on this
thread, and I'm not

Well, you did say, 

On 8 April 2015 at 11:22, Christopher Allan Webber <address@hidden> wrote:

 - Pre-built containers are not the solution.  Sorry container people!. 

...

Yikes!  Good luck with the next Shellshock!

 

;p

But more substantially, you starting to sketch a solution: 

On 8 April 2015 at 11:22, Christopher Allan Webber <address@hidden> wrote:

the direction I'm thinking of is
more along the lines of Guix becoming our Glorious Future (TM) assuming
something like GuixOps can happen (go Dave Thompson, go Guix crew!) and
a web UI can be built on top of it with some sort of common recipe
system.

But I don't think our imperative systems like Debian are going away
anytime soon; I certainly don't intend to move all my stuff over to Guix
at this time.  For that reason, I think there needs to be another
program to fit the middle ground: something like salt/ansible/puppet,
but with less insane one-off domain specific languages, with a sharable
recipe system, and scalable both from developer-oriented scripts 

I think that this is totally missing the point of containers.

Tar did not go away when apt came along, because apt is (if you squint) a wrapper around tar. It packages programs into systems.

So imperative systems like Debian are not going away, because lxc is a wrapper around such systems. It packages systems into containers.

And it hits a goldilocks just-right spot that VMs and hypervisors missed as they were too heavy, with meaningful new properties. 

Those properties at a macro-social scale emerge a new context of computing, that the docker/sandstorm/etc companies are trying to monetize.

As I understand it, salt/ansible/puppet/guix provides similar properties within systems. But that conceptually seems like a bare metal mindset to me. 

It reminds me of what I believe happened to HURD in the 80s, which had properties that were meaningful for minicomputers which were so expensive only organizations had them, and where the persnickety administrators had root and users didn't; but in the context of microcomputer computing, micros were cheap enough for individuals to outright own them and have root and no other users, so HURD lost its allure.

In the context of lxc computing, the properties provided by guix are also losing their allure: Transactional upgrades and roll-backs are done outside a system by replacing it wholesale rather than inside it; unprivileged package management doesn't matter because its root privs on the docker host that matters, not inside the container; per-user profiles inside a system don't matter when each user can have their own containers; etc.

The point of containers is that they are doing to systems what http://en.wikipedia.org/wiki/Logical_volume_management did to disks; they mean that a computer isn't logically an individual machine any more, a computer can be the datacenter as a whole. Just as a disk isn't logically a individual disk drive any more, post lvm, many physical drives appear as a single disk, Joyent's Trident makes this so with docker - a smartos data center makes many physical computers appears as a single docker host. 

I suspect that the provision of these properties via lxe wrapper, with 'all the way down' distros like coreos/rancheros/smartos/mirageos - maybe SandstormOS some day? ;) - will become the way not just data centers are run but also our laptops - https://mobile.twitter.com/jperkin/status/520352024249249792 

Our little mini pcs behind the sofa will be a mid-way-point from one to the other. 

> but also having a user-friendly web interface.  I've begun working on this
> tool, and it's called Opstimal.  Expect to hear more about it soon.

The only piece of proprietary software Joyent has left is their web UI.

--

Cheers
Dave