[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Publicity] A thought piece: Docker and Unikernels

Russell, thanks for wading through my stream of consciousness.  I was worried 
I'd torpedoed the discussion and that was not my intent.

Regarding this post, I can completely understand the need for a 'hold your 
horses' position but I think the current post can still be improved in that 
regard.  My suggestions are:

- The section on the benefits of containerisation can be moved to much later in 
the post, in a shorter paragraph. There's no need to start a 'hold your horses' 
post by spurring the horses.

- The paragraph beginning "According to reports from a couple different 
attendees of LinuxCon..." needs to be nearer the top. IMHO this is the meat as 
it describes why Xen matters (and incidentally, is the kind of scenario I 
alluded to).

- The only argument in the piece is about shared kernels. There's probably more 
than this which can be pointed out, e.g if one of your deployments needs an 
upgraded/different host OS, you're stuck having to deal with issues on other 
containers (to keep things in lockstep).

- I feel more should be said about Xen/hypervisors before getting to 
unikernels. At the moment there's only one paragraph. Unikernels make sense in 
the context of Xen (especially now that it's working on ARM — which itself is 
an important point).

- (related to above) The section on unikernels needs more of a lead in. At the 
moment it comes across as a non-sequitur.

- "Mirage OS from Xen Project" is better as "Mirage OS, incubated at Xen 
Project,"

I'm more than happy to help with this post if you'd like actual edits and I can 
clear time this afternoon (UK time). Just invite me to a Google doc where we 
can edit. If you'd prefer to go live as is, I understand that too.

Best wishes,
Amir


On 27 Aug 2014, at 10:12, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:

> Given the recent Docker and VMWare hype, which pretty much seems to be about 
> very little – aka running Docker within VMWare containers and some tools 
> integration. A concept that both AWS and Google have completed a while back, 
> I agree with Russell here. I am not sure how effective it will be, but we 
> should try
> Lars 
> 
> From: Russell Pavlicek <russell.pavlicek@xxxxxxxxxx>
> Date: Wednesday, 27 August 2014 06:01
> To: Sarah Conway <sconway@xxxxxxxxxxxxxxxxxxx>, Libby Clark 
> <lclark@xxxxxxxxxxxxxxxxxxx>
> Cc: Lars Kurth <lars.kurth@xxxxxxxxxx>, George Dunlap 
> <george.dunlap@xxxxxxxxxx>, "publicity@xxxxxxxxxxxxxxxxxxxx" 
> <publicity@xxxxxxxxxxxxxxxxxxxx>
> Subject: RE: [Publicity] A thought piece: Docker and Unikernels
> 
> Sarah/Libby,
> 
> I've attached a slightly modified post.
> 
> I'd rather see this in Linux.com rather than XenProject.org so it won't be 
> mistaken as an "official" Xen Project position.
> 
> Regarding Amir's comments:
> 
> I've finally had the time to give your comments the consideration they are 
> do.  And, while I see your argument and look forward to your development of 
> the concept into a substantial article somewhere (and I am sure the 
> XenProject.org blog will be happy to publish that piece when you have it 
> completed), I don't feel I should severely modify the piece I've written.
> 
> Amir is rightly concerned that my post will be perceived as a (rather myopic) 
> official position paper.  In fact, it is nothing of the sort.  I've written 
> many such pieces over the years to call out what I perceive as dangerous 
> errors in a populist "hive mind" position.  The purpose of the piece is to 
> cry, "Whoa!" to a team of horses which are in danger of inciting an 
> ill-considered stampede.  The carefully detailed whitepapers describing a 
> meticulous counter proposal are still needed, but they will not be heeded 
> until the crowd in motion slows down enough to read.
> 
> My piece is the cry to slow things down.  I look forward to Amir's piece (and 
> others) which give us a reasoned argument for a better direction.  But those 
> pieces will be ignored and trampled unless we can first halt the stampede and 
> get people to slow down enough to heed reason.
> 
> Amir, I have pitched a talk for CPOSC in November about the rise of the 
> unikernel.  I'd be thrilled to see how your workflow justification matures so 
> I can possibly incorporate elements of your thought into that talk (with 
> attribution),  I believe a talk like that would be an excellent place to 
> introduce a more logical positioning of unikernels.
> 
> Russ Pavlicek
> Xen Project Evangelist, Citrix Systems
> Home Office: +1-301-829-5327
> Mobile: +1-301-814-1143
> UK VoIP: +44 1223 852 894
> From: Russell Pavlicek
> Sent: Tuesday, August 26, 2014 4:10 PM
> To: Sarah Conway; Libby Clark
> Cc: Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
> Subject: RE: [Publicity] A thought piece: Docker and Unikernels
> 
> Sarah,
> 
> Let me see what I can do this evening on this.
> 
> Thanks,
> 
> Russ Pavlicek
> Xen Project Evangelist, Citrix Systems
> Home Office: +1-301-829-5327
> Mobile: +1-240-397-0199
> UK VoIP: +44 1223 852 894
> From: publicity-bounces@xxxxxxxxxxxxxxxxxxxx 
> [publicity-bounces@xxxxxxxxxxxxxxxxxxxx] on behalf of Sarah Conway 
> [sconway@xxxxxxxxxxxxxxxxxxx]
> Sent: Tuesday, August 26, 2014 12:48 PM
> To: Libby Clark
> Cc: Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
> 
> Hi Russ,
> 
> Do you have a revised, updated blog to share? If so, please email it so I can 
> review it again. Might want to publish today or tomorrow to catch some of the 
> VMWorld momentum. 
> 
> 
> 
> On Wed, Aug 20, 2014 at 8:42 AM, Libby Clark <lclark@xxxxxxxxxxxxxxxxxxx> 
> wrote:
>> Happy to run on Linux.com if it suits you, Lars.
>> 
>> Sent from my iPhone
>> 
>> > On Aug 20, 2014, at 7:33 AM, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:
>> >
>> > I thought about it and it would be ok on our blog. But we are sort of 
>> > preaching to the converted there, so another channel may be better
>> > Lars
>> > ________________________________________
>> > From: Tzach Livyatan [tzach@xxxxxxxxxxxxxxxxxxxx]
>> > Sent: 20 August 2014 10:06
>> > To: Russell Pavlicek
>> > Cc: Anil Madhavapeddy; Libby Clark; Lars Kurth; George Dunlap; 
>> > publicity@xxxxxxxxxxxxxxxxxxxx
>> > Subject: Re: [Publicity] A thought piece: Docker and Unikernels
>> >
>> > On Wed, Aug 20, 2014 at 5:42 AM, Russell Pavlicek 
>> > <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>> > Revised version.  I've added Libby (whom I saw in the lobby earlier) and 
>> > the Publicity list.  New title.
>> >
>> > Lars has indicated he wants this divorced from the Xen Project blog, since 
>> > it has the potential to irritate some people.  I'm fine with that; I 
>> > irritated people on my own for years.  ;)
>> >
>> > I have a feeling someone in the 11:15 AM slot tomorrow will make this 
>> > piece necessary.
>> >
>> > Comments?
>> > Good post.
>> > Just wanted to point a related 3 parts post from the OSv blog
>> > http://osv.io/blog/blog/2014/06/19/containers-hypervisors-part-1/
>> >
>> >
>> > Russ Pavlicek
>> > Xen Project Evangelist, Citrix Systems
>> > Home Office: +1-301-829-5327<tel:%2B1-301-829-5327>
>> > Mobile: +1-240-397-0199<tel:%2B1-240-397-0199>
>> > UK VoIP: +44 1223 852 894<tel:%2B44%201223%20852%20894>
>> > ________________________________
>> > From: Anil Madhavapeddy [anil@xxxxxxxxxx<mailto:anil@xxxxxxxxxx>]
>> > Sent: Tuesday, August 19, 2014 9:55 AM
>> > To: Russell Pavlicek
>> > Cc: Lars Kurth; George Dunlap; 
>> > sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx>
>> > Subject: Re: A thought piece: Docker and Unikernels
>> >
>> > I need a cup of tea now...
>> >
>> > On 19 Aug 2014, at 08:52, Russell Pavlicek 
>> > <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>> >
>> > Splendid thank you!
>> >
>> > And as to the aggressive tone: welcome to America! ;)
>> >
>> > Sent from my Android phone using TouchDown 
>> > (www.nitrodesk.com<http://www.nitrodesk.com/>)
>> >
>> > -----Original Message-----
>> > From: Anil Madhavapeddy [anil@xxxxxxxxxx<mailto:anil@xxxxxxxxxx>]
>> > Received: Tuesday, 19 Aug 2014, 8:37AM
>> > To: Russell Pavlicek 
>> > [russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>]
>> > CC: Lars Kurth [lars.kurth@xxxxxxxxxx<mailto:lars.kurth@xxxxxxxxxx>]; 
>> > George Dunlap [George.Dunlap@xxxxxxxxxx<mailto:George.Dunlap@xxxxxxxxxx>]; 
>> > sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx> 
>> > [sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx>]
>> > Subject: Re: A thought piece: Docker and Unikernels
>> >
>> > It's an aggressively toned article, but not offensively so.  I like it...
>> >
>> > A couple of minor tweaks:
>> >
>> >> There is no multi-user operating system, no shell scripts, and no massive 
>> >> library of utilities to take up room – or to employ in some nefarious 
>> >> exploit. There is just enough code to make the application run, and 
>> >> precious little for a malefactor to leverage. It's not the “end-all 
>> >> be-all” of security, but it is certainly facing the right direction.
>> >
>> > could have a note on type safety added:
>> >
>> > There is no multi-user operating system, no shell scripts, and no massive 
>> > library of utilities to take up room – or to employ in some nefarious 
>> > exploit. There is just enough code to make the application run, and 
>> > precious little for a malefactor to leverage.  All the code that is 
>> > present is statically type-safe, from the application stack all the way 
>> > down to the device drivers themselves. It's not the “end-all be-all” of 
>> > security, but it is certainly facing the right direction.
>> >
>> >> I fully expect that 5 years from now we will look back at the unikernels 
>> >> of 2014 and see these as the seedlings of what will be a growing forest 
>> >> of unikernel-type systems. Frankly, I can't wait to see what will develop 
>> >> in this space.
>> >
>> > Could note that unikernels and containers may well converge:
>> >
>> >> I fully expect that 5 years from now we will look back at the unikernels 
>> >> of 2014 and see these as the seedlings of what will be a growing forest 
>> >> of unikernel-type systems. They can be viewed as the natural evolution of 
>> >> Linux containers - maintaining their packaging and deployment benefits, 
>> >> but adding much more specialization into the mix to reduce resource 
>> >> wastage and external attack surface.
>> >
>> > -a
>> >
>> >> On 19 Aug 2014, at 07:24, Russell Pavlicek 
>> >> <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>> >>
>> >> Folks,
>> >>
>> >> I woke up this morning with this going through my head.  It was pretty 
>> >> much written in one shot (which I never do), so it may take some 
>> >> polishing, but I think the thoughts are all there.
>> >>
>> >> I see James Bottomley on the Keynote list for Wednesday morning and I 
>> >> anticipate another round of the "Docker has won" message that James has 
>> >> become famous for.
>> >>
>> >> I'd like your feedback.  Ideally, I'd like to propose this for 
>> >> Linux.com<http://Linux.com> in order to temper the flawed notion of 
>> >> Docker as the panacea of virtualuzation, hopefully before the media swell 
>> >> around his prognostications dies down.
>> >>
>> >> What do you think?
>> >>
>> >> Russ Pavlicek
>> >> Xen Project Evangelist, Citrix Systems
>> >> Home Office: +1-301-829-5327<tel:%2B1-301-829-5327>
>> >> Mobile: +1-240-397-0199<tel:%2B1-240-397-0199>
>> >> UK VoIP: +44 1223 852 894<tel:%2B44%201223%20852%20894>
>> >> <Docker has not won the war-the battle is just beginning.odt><Docker has 
>> >> not won the war-the battle is just beginning.pdf>
>> >
>> >
>> > _______________________________________________
>> > Publicity mailing list
>> > Publicity@xxxxxxxxxxxxxxxxxxxx<mailto:Publicity@xxxxxxxxxxxxxxxxxxxx>
>> > http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>> >
>> >
>> 
>> _______________________________________________
>> Publicity mailing list
>> Publicity@xxxxxxxxxxxxxxxxxxxx
>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
> 
> 
> 
> -- 
> Sarah Conway
> PR Manager
> The Linux Foundation
> sconway@xxxxxxxxxxxxxxxxxxx
> (978) 578-5300  Cell
> Skype:  sarah.k.conway
> _______________________________________________
> Publicity mailing list
> Publicity@xxxxxxxxxxxxxxxxxxxx
> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity


_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.