Re: [Publicity] A thought piece: Docker and Unikernels

[Libby Clark <lclark@xxxxxxxxxxxxxxxxxxx>]

Thanks everyone for your input. I'm prepping Russ's latest revision for publication on Linux.com tomorrow (Thursday). I agree that it's too good to scrap, and there's value in publishing it as-is. Especially given the timing this week.Â

On Wed, Aug 27, 2014 at 4:04 PM, Amir Chaudhry <amc79@xxxxxxxxx> wrote:

I'd rather this piece go up as is, than not go up at all.

I do see Russ' point and I should clarify that for me, the idea of a 'battle' between Docker and hypervisors is somewhat false (which obviously affects how I'm approaching this). However, I'm also aware that there may be many people out there who *do* perceive it that way and without pieces like this, will simply repeat the narrative they're already hearing. In that respect, I do think it important that this post go up.

I look forward to seeing it live.

Best wishes,
Amir

On 27 Aug 2014, at 20:43, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote:

> I like the piece as it stands, as long as it doesn't go on the Xen.org blog -- it's much more appropriate as an opinion piece on Linux.com.
>
> Many articles will be needed to get the message across, and I'll work with Amir on capturing his nuance (which is also very valid -- it's a complex set of tradeoffs we're making here).
>
> But this piece should go live soon during VMWorld, ideally...
>
> -anil
>
> On 27 Aug 2014, at 20:36, Russell Pavlicek <russell.pavlicek@xxxxxxxxxx> wrote:
>
>> I've done some work with Sarah and Libby to see if the piece can be reconstructed as requested. After working with this for a while, I think it falls apart.
>>
>> Talking about people using Docker in VMs before revealing the supposed death of hypervisors destroys the premise of the piece: the only logical end point is to assert that the very notion of a "battle" between hypervisors and containers is false. And that means total rewrite.
>>
>> With the concept of a "battle" gone, the punch of the piece is gone. An argument piece must be punchy. Without the battle, the piece begins a descent into clinical logic, which is useless in a screaming crowd. Without a total rethink and rewrite, the piece is doomed to failure.
>>
>> I don't think the praises of Docker should be moved to the bottom. If I don't acknowledge the value of Docker early, I will be quickly dismissed as a hypervisor bigot and many people will quit reading before they see that I
>> understand its value. Also, the best way to put an opponent off balance is to compliment him or her, and then smack them.
>>
>> I know this piece isn't all that folks want. Maybe I'm not smart enough to do that, or maybe I just don't have enough time. But I know what I have successfully done to wake readers up in the past. I'm suggesting we go with the attached. If it isn't what we want, I will scrap it and let someone else do a more appropriate piece.
>>
>> Russ Pavlicek
>> Xen Project Evangelist, Citrix Systems
>> Home Office: +1-301-829-5327
>> Mobile: +1-240-397-0199
>> UK VoIP: +44 1223 852 894
>> ________________________________________
>> From: Amir Chaudhry [amc79@xxxxxxxxx]
>> Sent: Wednesday, August 27, 2014 9:50 AM
>> To: Lars Kurth; Russell Pavlicek
>> Cc: Sarah Conway; Libby Clark; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx list
>> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
>>
>> Russell, thanks for wading through my stream of consciousness. I was worried I'd torpedoed the discussion and that was not my intent.
>>
>> Regarding this post, I can completely understand the need for a 'hold your horses' position but I think the current post can still be improved in that regard. My suggestions are:
>>
>> - The section on the benefits of containerisation can be moved to much later in the post, in a shorter paragraph. There's no need to start a 'hold your horses' post by spurring the horses.
>>
>> - The paragraph beginning "According to reports from a couple different attendees of LinuxCon..." needs to be nearer the top. IMHO this is the meat as it describes why Xen matters (and incidentally, is the kind of scenario I alluded to).
>>
>> - The only argument in the piece is about shared kernels. There's probably more than this which can be pointed out, e.g if one of your deployments needs an upgraded/different host OS, you're stuck having to deal with issues on other containers (to keep things in lockstep).
>>
>> - I feel more should be said about Xen/hypervisors before getting to unikernels. At the moment there's only one paragraph. Unikernels make sense in the context of Xen (especially now that it's working on ARM â which itself is an important point).
>>
>> - (related to above) The section on unikernels needs more of a lead in. At the moment it comes across as a non-sequitur.
>>
>> - "Mirage OS from Xen Project" is better as "Mirage OS, incubated at Xen Project,"
>>
>> I'm more than happy to help with this post if you'd like actual edits and I can clear time this afternoon (UK time). Just invite me to a Google doc where we can edit. If you'd prefer to go live as is, I understand that too.
>>
>> Best wishes,
>> Amir
>>
>>
>> On 27 Aug 2014, at 10:12, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:
>>
>>> Given the recent Docker and VMWare hype, which pretty much seems to be about very little â aka running Docker within VMWare containers and some tools integration. A concept that both AWS and Google have completed a while back, I agree with Russell here. I am not sure how effective it will be, but we should try
>>> Lars
>>>
>>> From: Russell Pavlicek <russell.pavlicek@xxxxxxxxxx>
>>> Date: Wednesday, 27 August 2014 06:01
>>> To: Sarah Conway <sconway@xxxxxxxxxxxxxxxxxxx>, Libby Clark <lclark@xxxxxxxxxxxxxxxxxxx>
>>> Cc: Lars Kurth <lars.kurth@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, "publicity@xxxxxxxxxxxxxxxxxxxx" <publicity@xxxxxxxxxxxxxxxxxxxx>
>>> Subject: RE: [Publicity] A thought piece: Docker and Unikernels
>>>
>>> Sarah/Libby,
>>>
>>> I've attached a slightly modified post.
>>>
>>> I'd rather see this in Linux.com rather than XenProject.org so it won't be mistaken as an "official" Xen Project position.
>>>
>>> Regarding Amir's comments:
>>>
>>> I've finally had the time to give your comments the consideration they are do. And, while I see your argument and look forward to your development of the concept into a substantial article somewhere (and I am sure the XenProject.org blog will be happy to publish that piece when you have it completed), I don't feel I should severely modify the piece I've written.
>>>
>>> Amir is rightly concerned that my post will be perceived as a (rather myopic) official position paper. In fact, it is nothing of the sort. I've written many such pieces over the years to call out what I perceive as dangerous errors in a populist "hive mind" position. The purpose of the piece is to cry, "Whoa!" to a team of horses which are in danger of inciting an ill-considered stampede. The carefully detailed whitepapers describing a meticulous counter proposal are still needed, but they will not be heeded until the crowd in motion slows down enough to read.
>>>
>>> My piece is the cry to slow things down. I look forward to Amir's piece (and others) which give us a reasoned argument for a better direction. But those pieces will be ignored and trampled unless we can first halt the stampede and get people to slow down enough to heed reason.
>>>
>>> Amir, I have pitched a talk for CPOSC in November about the rise of the unikernel. I'd be thrilled to see how your workflow justification matures so I can possibly incorporate elements of your thought into that talk (with attribution), I believe a talk like that would be an excellent place to introduce a more logical positioning of unikernels.
>>>
>>> Russ Pavlicek
>>> Xen Project Evangelist, Citrix Systems
>>> Home Office: +1-301-829-5327
>>> Mobile: +1-301-814-1143
>>> UK VoIP: +44 1223 852 894
>>> From: Russell Pavlicek
>>> Sent: Tuesday, August 26, 2014 4:10 PM
>>> To: Sarah Conway; Libby Clark
>>> Cc: Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
>>> Subject: RE: [Publicity] A thought piece: Docker and Unikernels
>>>
>>> Sarah,
>>>
>>> Let me see what I can do this evening on this.
>>>
>>> Thanks,
>>>
>>> Russ Pavlicek
>>> Xen Project Evangelist, Citrix Systems
>>> Home Office: +1-301-829-5327
>>> Mobile: +1-240-397-0199
>>> UK VoIP: +44 1223 852 894
>>> From: publicity-bounces@xxxxxxxxxxxxxxxxxxxx [publicity-bounces@xxxxxxxxxxxxxxxxxxxx] on behalf of Sarah Conway [sconway@xxxxxxxxxxxxxxxxxxx]
>>> Sent: Tuesday, August 26, 2014 12:48 PM
>>> To: Libby Clark
>>> Cc: Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
>>> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
>>>
>>> Hi Russ,
>>>
>>> Do you have a revised, updated blog to share? If so, please email it so I can review it again. Might want to publish today or tomorrow to catch some of the VMWorld momentum.
>>>
>>>
>>>
>>> On Wed, Aug 20, 2014 at 8:42 AM, Libby Clark <lclark@xxxxxxxxxxxxxxxxxxx> wrote:
>>>> Happy to run on Linux.com if it suits you, Lars.
>>>>
>>>> Sent from my iPhone
>>>>
>>>>> On Aug 20, 2014, at 7:33 AM, Lars Kurth <lars.kurth@xxxxxxxxxx> wrote:
>>>>>
>>>>> I thought about it and it would be ok on our blog. But we are sort of preaching to the converted there, so another channel may be better
>>>>> Lars
>>>>> ________________________________________
>>>>> From: Tzach Livyatan [tzach@xxxxxxxxxxxxxxxxxxxx]
>>>>> Sent: 20 August 2014 10:06
>>>>> To: Russell Pavlicek
>>>>> Cc: Anil Madhavapeddy; Libby Clark; Lars Kurth; George Dunlap; publicity@xxxxxxxxxxxxxxxxxxxx
>>>>> Subject: Re: [Publicity] A thought piece: Docker and Unikernels
>>>>>
>>>>> On Wed, Aug 20, 2014 at 5:42 AM, Russell Pavlicek <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>>>>> Revised version. I've added Libby (whom I saw in the lobby earlier) and the Publicity list. New title.
>>>>>
>>>>> Lars has indicated he wants this divorced from the Xen Project blog, since it has the potential to irritate some people. I'm fine with that; I irritated people on my own for years. ;)
>>>>>
>>>>> I have a feeling someone in the 11:15 AM slot tomorrow will make this piece necessary.
>>>>>
>>>>> Comments?
>>>>> Good post.
>>>>> Just wanted to point a related 3 parts post from the OSv blog
>>>>> http://osv.io/blog/blog/2014/06/19/containers-hypervisors-part-1/
>>>>>
>>>>>
>>>>> Russ Pavlicek
>>>>> Xen Project Evangelist, Citrix Systems
>>>>> Home Office: +1-301-829-5327<tel:%2B1-301-829-5327>
>>>>> Mobile: +1-240-397-0199<tel:%2B1-240-397-0199>
>>>>> UK VoIP: +44 1223 852 894<tel:%2B44%201223%20852%20894>
>>>>> ________________________________
>>>>> From: Anil Madhavapeddy [anil@xxxxxxxxxx<mailto:anil@xxxxxxxxxx>]
>>>>> Sent: Tuesday, August 19, 2014 9:55 AM
>>>>> To: Russell Pavlicek
>>>>> Cc: Lars Kurth; George Dunlap; sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx>
>>>>> Subject: Re: A thought piece: Docker and Unikernels
>>>>>
>>>>> I need a cup of tea now...
>>>>>
>>>>> On 19 Aug 2014, at 08:52, Russell Pavlicek <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>>>>>
>>>>> Splendid thank you!
>>>>>
>>>>> And as to the aggressive tone: welcome to America! ;)
>>>>>
>>>>> Sent from my Android phone using TouchDown (www.nitrodesk.com<http://www.nitrodesk.com/>)
>>>>>
>>>>> -----Original Message-----
>>>>> From: Anil Madhavapeddy [anil@xxxxxxxxxx<mailto:anil@xxxxxxxxxx>]
>>>>> Received: Tuesday, 19 Aug 2014, 8:37AM
>>>>> To: Russell Pavlicek [russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>]
>>>>> CC: Lars Kurth [lars.kurth@xxxxxxxxxx<mailto:lars.kurth@xxxxxxxxxx>]; George Dunlap [George.Dunlap@xxxxxxxxxx<mailto:George.Dunlap@xxxxxxxxxx>]; sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx> [sconway@xxxxxxxxxxxxxxxxxxx<mailto:sconway@xxxxxxxxxxxxxxxxxxx>]
>>>>> Subject: Re: A thought piece: Docker and Unikernels
>>>>>
>>>>> It's an aggressively toned article, but not offensively so. I like it...
>>>>>
>>>>> A couple of minor tweaks:
>>>>>
>>>>>> There is no multi-user operating system, no shell scripts, and no massive library of utilities to take up room â or to employ in some nefarious exploit. There is just enough code to make the application run, and precious little for a malefactor to leverage. It's not the âend-all be-allâ of security, but it is certainly facing the right direction.
>>>>>
>>>>> could have a note on type safety added:
>>>>>
>>>>> There is no multi-user operating system, no shell scripts, and no massive library of utilities to take up room â or to employ in some nefarious exploit. There is just enough code to make the application run, and precious little for a malefactor to leverage. All the code that is present is statically type-safe, from the application stack all the way down to the device drivers themselves. It's not the âend-all be-allâ of security, but it is certainly facing the right direction.
>>>>>
>>>>>> I fully expect that 5 years from now we will look back at the unikernels of 2014 and see these as the seedlings of what will be a growing forest of unikernel-type systems. Frankly, I can't wait to see what will develop in this space.
>>>>>
>>>>> Could note that unikernels and containers may well converge:
>>>>>
>>>>>> I fully expect that 5 years from now we will look back at the unikernels of 2014 and see these as the seedlings of what will be a growing forest of unikernel-type systems. They can be viewed as the natural evolution of Linux containers - maintaining their packaging and deployment benefits, but adding much more specialization into the mix to reduce resource wastage and external attack surface.
>>>>>
>>>>> -a
>>>>>
>>>>>> On 19 Aug 2014, at 07:24, Russell Pavlicek <russell.pavlicek@xxxxxxxxxx<mailto:russell.pavlicek@xxxxxxxxxx>> wrote:
>>>>>>
>>>>>> Folks,
>>>>>>
>>>>>> I woke up this morning with this going through my head. It was pretty much written in one shot (which I never do), so it may take some polishing, but I think the thoughts are all there.
>>>>>>
>>>>>> I see James Bottomley on the Keynote list for Wednesday morning and I anticipate another round of the "Docker has won" message that James has become famous for.
>>>>>>
>>>>>> I'd like your feedback. Ideally, I'd like to propose this for Linux.com<http://Linux.com> in order to temper the flawed notion of Docker as the panacea of virtualuzation, hopefully before the media swell around his prognostications dies down.
>>>>>>
>>>>>> What do you think?
>>>>>>
>>>>>> Russ Pavlicek
>>>>>> Xen Project Evangelist, Citrix Systems
>>>>>> Home Office: +1-301-829-5327<tel:%2B1-301-829-5327>
>>>>>> Mobile: +1-240-397-0199<tel:%2B1-240-397-0199>
>>>>>> UK VoIP: +44 1223 852 894<tel:%2B44%201223%20852%20894>
>>>>>> <Docker has not won the war-the battle is just beginning.odt><Docker has not won the war-the battle is just beginning.pdf>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Publicity mailing list
>>>>> Publicity@xxxxxxxxxxxxxxxxxxxx<mailto:Publicity@xxxxxxxxxxxxxxxxxxxx>
>>>>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Publicity mailing list
>>>> Publicity@xxxxxxxxxxxxxxxxxxxx
>>>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>>>
>>>
>>>
>>> --
>>> Sarah Conway
>>> PR Manager
>>> The Linux Foundation
>>> sconway@xxxxxxxxxxxxxxxxxxx
>>> (978) 578-5300Â Cell
>>> Skype:Â sarah.k.conway
>>> _______________________________________________
>>> Publicity mailing list
>>> Publicity@xxxxxxxxxxxxxxxxxxxx
>>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>>
>> <Docker has not won the war-the battle is just beginning-V4.odt>_______________________________________________
>> Publicity mailing list
>> Publicity@xxxxxxxxxxxxxxxxxxxx
>> http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
>

--

Digital Content Editor

The Linux Foundation

Linux.comÂ

@LibbyMClark

_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity