Re: [Publicity] A thought piece: Docker and Unikernels

[Anil Madhavapeddy <anil@xxxxxxxxxx>]

I like the piece as it stands, as long as it doesn't go on the Xen.org blog -- 
it's much more appropriate as an opinion piece on Linux.com.

Many articles will be needed to get the message across, and I'll work with Amir 
on capturing his nuance (which is also very valid -- it's a complex set of 
tradeoffs we're making here).

But this piece should go live soon during VMWorld, ideally...

-anil

On 27 Aug 2014, at 20:36, Russell Pavlicek <russell.pavlicek@xxxxxxxxxx> wrote:

> I've done some work with Sarah and Libby to see if the piece can be 
> reconstructed as requested.  After working with this for a while, I think it 
> falls apart.
> 
> Talking about people using Docker in VMs before revealing the supposed death 
> of hypervisors destroys the premise of the piece: the only logical end point 
> is to assert that the very notion of a "battle" between hypervisors and 
> containers is false.  And that means total rewrite.
> 
> With the concept of a "battle" gone, the punch of the piece is gone.  An 
> argument piece must be punchy. Without the battle, the piece begins a descent 
> into clinical logic, which is useless in a screaming crowd.  Without a total 
> rethink and rewrite, the piece is doomed to failure.
> 
> I don't think the praises of Docker should be moved to the bottom.  If I 
> don't acknowledge the value of Docker early, I will be quickly dismissed as a 
> hypervisor bigot and many people will quit reading before they see that I 
> understand its value.  Also, the best way to put an opponent off balance is 
> to compliment him or her, and then smack them.
> 
> I know this piece isn't all that folks want.  Maybe I'm not smart enough to 
> do that, or maybe I just don't have enough time.  But I know what I have 
> successfully done to wake readers up in the past.  I'm suggesting we go with 
> the attached.  If it isn't what we want, I will scrap it and let someone else 
> do a more appropriate piece.
> 
> Russ Pavlicek
> Xen Project Evangelist, Citrix Systems
> Home Office: +1-301-829-5327
> Mobile: +1-240-397-0199
> UK VoIP: +44 1223 852 894
> ________________________________________
> From: Amir Chaudhry [amc79@xxxxxxxxx]
> Sent: Wednesday, August 27, 2014 9:50 AM
> To: Lars Kurth; Russell Pavlicek
> Cc: Sarah Conway; Libby Clark; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx 
> list
> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
> 
> Russell, thanks for wading through my stream of consciousness.  I was worried 
> I'd torpedoed the discussion and that was not my intent.
> 
> Regarding this post, I can completely understand the need for a 'hold your 
> horses' position but I think the current post can still be improved in that 
> regard.  My suggestions are:
> 
> - The section on the benefits of containerisation can be moved to much later 
> in the post, in a shorter paragraph. There's no need to start a 'hold your 
> horses' post by spurring the horses.
> 
> - The paragraph beginning "According to reports from a couple different 
> attendees of LinuxCon..." needs to be nearer the top. IMHO this is the meat 
> as it describes why Xen matters (and incidentally, is the kind of scenario I 
> alluded to).
> 
> - The only argument in the piece is about shared kernels. There's probably 
> more than this which can be pointed out, e.g if one of your deployments needs 
> an upgraded/different host OS, you're stuck having to deal with issues on 
> other containers (to keep things in lockstep).
> 
> - I feel more should be said about Xen/hypervisors before getting to 
> unikernels. At the moment there's only one paragraph. Unikernels make sense 
> in the context of Xen (especially now that it's working on ARM — which itself 
> is an important point).
> 
> - (related to above) The section on unikernels needs more of a lead in. At 
> the moment it comes across as a non-sequitur.
> 
> - "Mirage OS from Xen Project" is better as "Mirage OS, incubated at Xen 
> Project,"
> 
> I'm more than happy to help with this post if you'd like actual edits and I 
> can clear time this afternoon (UK time). Just invite me to a Google doc where 
> we can edit. If you'd prefer to go live as is, I understand that too.
> 
> Best wishes,
> Amir
> 
> 
> On 27 Aug 2014, at 10:12, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:
> 
>> Given the recent Docker and VMWare hype, which pretty much seems to be about 
>> very little – aka running Docker within VMWare containers and some tools 
>> integration. A concept that both AWS and Google have completed a while back, 
>> I agree with Russell here. I am not sure how effective it will be, but we 
>> should try
>> Lars
>> 
>> From: Russell Pavlicek <russell.pavlicek@xxxxxxxxxx>
>> Date: Wednesday, 27 August 2014 06:01
>> To: Sarah Conway <sconway@xxxxxxxxxxxxxxxxxxx>, Libby Clark 
>> <lclark@xxxxxxxxxxxxxxxxxxx>
>> Cc: Lars Kurth <lars.kurth@xxxxxxxxxx>, George Dunlap 
>> <george.dunlap@xxxxxxxxxx>, "publicity@xxxxxxxxxxxxxxxxxxxx" 
>> <publicity@xxxxxxxxxxxxxxxxxxxx>
>> Subject: RE: [Publicity] A thought piece: Docker and Unikernels
>> 
>> Sarah/Libby,
>> 
>> I've attached a slightly modified post.
>> 
>> I'd rather see this in Linux.com rather than XenProject.org so it won't be 
>> mistaken as an "official" Xen Project position.
>> 
>> Regarding Amir's comments:
>> 
>> I've finally had the time to give your comments the consideration they are 
>> do.  And, while I see your argument and look forward to your development of 
>> the concept into a substantial article somewhere (and I am sure the 
>> XenProject.org blog will be happy to publish that piece when you have it 
>> completed), I don't feel I should severely modify the piece I've written.
>> 
>> Amir is rightly concerned that my post will be perceived as a (rather 
>> myopic) official position paper.  In fact, it is nothing of the sort.  I've 
>> written many such pieces over the years to call out what I perceive as 
>> dangerous errors in a populist "hive mind" position.  The purpose of the 
>> piece is to cry, "Whoa!" to a team of horses which are in danger of inciting 
>> an ill-considered stampede.  The carefully detailed whitepapers describing a 
>> meticulous counter proposal are still needed, but they will not be heeded 
>> until the crowd in motion slows down enough to read.
>> 
>> My piece is the cry to slow things down.  I look forward to Amir's piece 
>> (and others) which give us a reasoned argument for a better direction.  But 
>> those pieces will be ignored and trampled unless we can first halt the 
>> stampede and get people to slow down enough to heed reason.
>> 
>> Amir, I have pitched a talk for CPOSC in November about the rise of the 
>> unikernel. I'd be thrilled to see how your workflow justification matures so 
>> I can possibly incorporate elements of your thought into that talk (with 
>> attribution),  I believe a talk like that would be an excellent place to 
>> introduce a more logical positioning of unikernels.
>> 
>> Russ Pavlicek
>> Xen Project Evangelist, Citrix Systems
>> Home Office: +1-301-829-5327
>> Mobile: +1-301-814-1143
>> UK VoIP: +44 1223 852 894
>> From: Russell Pavlicek
>> Sent: Tuesday, August 26, 2014 4:10 PM
>> To: Sarah Conway; Libby Clark
>> Cc: Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
>> Subject: RE: [Publicity] A thought piece: Docker and Unikernels
>> 
>> Sarah,
>> 
>> Let me see what I can do this evening on this.
>> 
>> Thanks,
>> 
>> Russ Pavlicek
>> Xen Project Evangelist, Citrix Systems
>> Home Office: +1-301-829-5327
>> Mobile: +1-240-397-0199
>> UK VoIP: +44 1223 852 894
>> From: publicity-bounces@xxxxxxxxxxxxxxxxxxxx 
>> [publicity-bounces@xxxxxxxxxxxxxxxxxxxx] on behalf of Sarah Conway 
>> [sconway@xxxxxxxxxxxxxxxxxxx]
>> Sent: Tuesday, August 26, 2014 12:48 PM
>> To: Libby Clark
>> Cc: Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
>> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
>> 
>> Hi Russ,
>> 
>> Do you have a revised, updated blog to share? If so, please email it so I 
>> can review it again. Might want to publish today or tomorrow to catch some 
>> of the VMWorld momentum.
>> 
>> 
>> 
>> On Wed, Aug 20, 2014 at 8:42 AM, Libby Clark <lclark@xxxxxxxxxxxxxxxxxxx> 
>> wrote:
>>> Happy to run on Linux.com if it suits you, Lars.
>>> 
>>> Sent from my iPhone
>>> 
>>>> On Aug 20, 2014, at 7:33 AM, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:
>>>> 
>>>> I thought about it and it would be ok on our blog. But we are sort of 
>>>> preaching to the converted there, so another channel may be better
>>>> Lars
>>>> ________________________________________
>>>> From: Tzach Livyatan [tzach@xxxxxxxxxxxxxxxxxxxx]
>>>> Sent: 20 August 2014 10:06
>>>> To: Russell Pavlicek
>>>> Cc: Anil Madhavapeddy; Libby Clark; Lars Kurth; George Dunlap; 
>>>> publicity@xxxxxxxxxxxxxxxxxxxx
>>>> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
>>>> 
>>>> On Wed, Aug 20, 2014 at 5:42 AM, Russell Pavlicek 
>>>> <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>>>> Revised version.  I've added Libby (whom I saw in the lobby earlier) and 
>>>> the Publicity list.  New title.
>>>> 
>>>> Lars has indicated he wants this divorced from the Xen Project blog, since 
>>>> it has the potential to irritate some people.  I'm fine with that; I 
>>>> irritated people on my own for years.  ;)
>>>> 
>>>> I have a feeling someone in the 11:15 AM slot tomorrow will make this 
>>>> piece necessary.
>>>> 
>>>> Comments?
>>>> Good post.
>>>> Just wanted to point a related 3 parts post from the OSv blog
>>>> http://osv.io/blog/blog/2014/06/19/containers-hypervisors-part-1/
>>>> 
>>>> 
>>>> Russ Pavlicek
>>>> Xen Project Evangelist, Citrix Systems
>>>> Home Office: +1-301-829-5327<tel:%2B1-301-829-5327>
>>>> Mobile: +1-240-397-0199<tel:%2B1-240-397-0199>
>>>> UK VoIP: +44 1223 852 894<tel:%2B44%201223%20852%20894>
>>>> ________________________________
>>>> From: Anil Madhavapeddy [anil@xxxxxxxxxx<mailto:anil@xxxxxxxxxx>]
>>>> Sent: Tuesday, August 19, 2014 9:55 AM
>>>> To: Russell Pavlicek
>>>> Cc: Lars Kurth; George Dunlap; 
>>>> sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx>
>>>> Subject: Re: A thought piece: Docker and Unikernels
>>>> 
>>>> I need a cup of tea now...
>>>> 
>>>> On 19 Aug 2014, at 08:52, Russell Pavlicek 
>>>> <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>>>> 
>>>> Splendid thank you!
>>>> 
>>>> And as to the aggressive tone: welcome to America! ;)
>>>> 
>>>> Sent from my Android phone using TouchDown 
>>>> (www.nitrodesk.com<http://www.nitrodesk.com/>)
>>>> 
>>>> -----Original Message-----
>>>> From: Anil Madhavapeddy [anil@xxxxxxxxxx<mailto:anil@xxxxxxxxxx>]
>>>> Received: Tuesday, 19 Aug 2014, 8:37AM
>>>> To: Russell Pavlicek 
>>>> [russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>]
>>>> CC: Lars Kurth [lars.kurth@xxxxxxxxxx<mailto:lars.kurth@xxxxxxxxxx>]; 
>>>> George Dunlap [George.Dunlap@xxxxxxxxxx<mailto:George.Dunlap@xxxxxxxxxx>]; 
>>>> sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx> 
>>>> [sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx>]
>>>> Subject: Re: A thought piece: Docker and Unikernels
>>>> 
>>>> It's an aggressively toned article, but not offensively so.  I like it...
>>>> 
>>>> A couple of minor tweaks:
>>>> 
>>>>> There is no multi-user operating system, no shell scripts, and no massive 
>>>>> library of utilities to take up room – or to employ in some nefarious 
>>>>> exploit. There is just enough code to make the application run, and 
>>>>> precious little for a malefactor to leverage. It's not the “end-all 
>>>>> be-all” of security, but it is certainly facing the right direction.
>>>> 
>>>> could have a note on type safety added:
>>>> 
>>>> There is no multi-user operating system, no shell scripts, and no massive 
>>>> library of utilities to take up room – or to employ in some nefarious 
>>>> exploit. There is just enough code to make the application run, and 
>>>> precious little for a malefactor to leverage.  All the code that is 
>>>> present is statically type-safe, from the application stack all the way 
>>>> down to the device drivers themselves. It's not the “end-all be-all” of 
>>>> security, but it is certainly facing the right direction.
>>>> 
>>>>> I fully expect that 5 years from now we will look back at the unikernels 
>>>>> of 2014 and see these as the seedlings of what will be a growing forest 
>>>>> of unikernel-type systems. Frankly, I can't wait to see what will develop 
>>>>> in this space.
>>>> 
>>>> Could note that unikernels and containers may well converge:
>>>> 
>>>>> I fully expect that 5 years from now we will look back at the unikernels 
>>>>> of 2014 and see these as the seedlings of what will be a growing forest 
>>>>> of unikernel-type systems. They can be viewed as the natural evolution of 
>>>>> Linux containers - maintaining their packaging and deployment benefits, 
>>>>> but adding much more specialization into the mix to reduce resource 
>>>>> wastage and external attack surface.
>>>> 
>>>> -a
>>>> 
>>>>> On 19 Aug 2014, at 07:24, Russell Pavlicek 
>>>>> <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>>>>> 
>>>>> Folks,
>>>>> 
>>>>> I woke up this morning with this going through my head.  It was pretty 
>>>>> much written in one shot (which I never do), so it may take some 
>>>>> polishing, but I think the thoughts are all there.
>>>>> 
>>>>> I see James Bottomley on the Keynote list for Wednesday morning and I 
>>>>> anticipate another round of the "Docker has won" message that James has 
>>>>> become famous for.
>>>>> 
>>>>> I'd like your feedback.  Ideally, I'd like to propose this for 
>>>>> Linux.com<http://Linux.com> in order to temper the flawed notion of 
>>>>> Docker as the panacea of virtualuzation, hopefully before the media swell 
>>>>> around his prognostications dies down.
>>>>> 
>>>>> What do you think?
>>>>> 
>>>>> Russ Pavlicek
>>>>> Xen Project Evangelist, Citrix Systems
>>>>> Home Office: +1-301-829-5327<tel:%2B1-301-829-5327>
>>>>> Mobile: +1-240-397-0199<tel:%2B1-240-397-0199>
>>>>> UK VoIP: +44 1223 852 894<tel:%2B44%201223%20852%20894>
>>>>> <Docker has not won the war-the battle is just beginning.odt><Docker has 
>>>>> not won the war-the battle is just beginning.pdf>
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Publicity mailing list
>>>> Publicity@xxxxxxxxxxxxxxxxxxxx<mailto:Publicity@xxxxxxxxxxxxxxxxxxxx>
>>>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>>>> 
>>>> 
>>> 
>>> _______________________________________________
>>> Publicity mailing list
>>> Publicity@xxxxxxxxxxxxxxxxxxxx
>>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>> 
>> 
>> 
>> --
>> Sarah Conway
>> PR Manager
>> The Linux Foundation
>> sconway@xxxxxxxxxxxxxxxxxxx
>> (978) 578-5300  Cell
>> Skype:  sarah.k.conway
>> _______________________________________________
>> Publicity mailing list
>> Publicity@xxxxxxxxxxxxxxxxxxxx
>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
> 
> <Docker has not won the war-the battle is just 
> beginning-V4.odt>_______________________________________________
> Publicity mailing list
> Publicity@xxxxxxxxxxxxxxxxxxxx
> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity


_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity