a greybeard s worst nightmare
play

A Greybeard's Worst Nightmare How Kubernetes and Containers are - PowerPoint PPT Presentation

Nov 24, 2022 •341 likes •675 views

A Greybeard's Worst Nightmare How Kubernetes and Containers are re-defining the Linux OS Daniel Riek Fosdem 2020 1 Introduction Name: Daniel Riek Twitter: llunved Using GNU/Linux since 1994 Co-founded Free Software start-up

  1. A Greybeard's Worst Nightmare How Kubernetes and Containers are re-defining the Linux OS Daniel Riek Fosdem 2020 1

  2. Introduction ● Name: Daniel Riek Twitter: llunved ● Using GNU/Linux since 1994 ● Co-founded Free Software start-up ID-Pro in Europe in 1997 ● Worked at Alcove, a french GNU/Linux company 2001-2003 ● Red Hat, EMEA Sales Engineering 2003-2005 ● Red Hat, ran RHEL Product Management 2005-2011 ● CTO at trading startup Vincorex 2011-2012 ● Product Management at back-up company Acronis 2012-2013 ● Red Hat, managing cross-product integration, container initiative 2013-2017 ● Red Hat, Office of the CTO, Artificial Intelligence since 2017 ○ Working on FOSS AI incl. projects such as https://opendatahub.io and https://github.com/thoth-station

  3. DISCLAIMER So yes, I work at Red Hat, which is a subsidiary of IBM. Red Hat is a Free and Open Source Cloud Software Company. However, while I may use the Red Hat stack as an example, nothing I say here can be misconstrued into an official position of any of my former, current, or future employers. It’s just me.

  4. Greybeard Greybeards fight Balrogs. They hate systemd. They fork distributions.

  5. The Role of the Linux OS Infrastructure or Application Application Platform? View GNU / Linux In abstract representations of the modern software stack, ● the OS is often considered part of the Infrastructure. Infrastructure However, an alternative, application-centric view would View ● consider it’s primary role to provide a common runtime for applications, abstracting from infrastructure.

  6. Meanwhile: Growing Software Stack Complexity Source: www.modulecounts.com

  7. Historic Role of GNU/Linux Breaking the vertical lock-in of Mainframe & Mini-Computers, UNIX MAINFRAME UNIX GNU/Linux - e.g. RHEL Complete vertical integration Vertical integration of Completely Open HW and ISV infrastructure & app platform ecosystem with the GNU/Linux Vendor-controlled OS as the neutral enterprise HW/OS/Ecosystem. Semi-open ecosystem. app platform ISV ECOSYSTEM OPEN APPLICATION CONTENT ISV ECOSYSTEM ISV ECOSYSTEM APPLICATION CONTENT APPLICATION CONTENT LINUX OS / RHEL OPERATING SYSTEM OPERATING SYSTEM INFRASTRUCTURE PHYSICAL ENTERPRISE VIRT PRIVATE CLOUD & PUBLIC CLOUDS APPLICATION PLATFORM APPLICATION PLATFORM INFRASTRUCTURE INFRASTRUCTURE

  8. Early GNU/Linux Stack Management In the beginning there was /usr/local/ - and stow, and binaries mounted on NFS. /MNT/APP3 Servers were special pets. - They were dog-show exhibits. ● ○ Inherited from Unix host tradition. Software often compiled on the production machine. ● COMMON SHARED USER SPACE High-maintenance. ● Fragile due to dependencies on each host's environment: ● LINUX KERNEL Application behaviour depends on the state of the individual ○ machine. Not efficient for managing artifacts. ○ HARDWARE Late-binding based on source-level API. ● Doesn't scale in distributed environments (aka PCs).

  9. Scalability Through Binary Packaging Then, There Be RPM and up2date, yum, dpkg, and apt... Frozen binary distribution, reproducible builds. ● Build once, distribute binary across multiple Linux servers. ○ OPTIONAL APPS Metadata, signatures. ○ Predictable behavior, dependency management. ○ Management of installed artifacts, updates. ○ Transport for a curated content stream from a trusted source. ○ COMMON SHARED USER SPACE Implicit lock into single instance, single version monolithic userspace. ● Implements a late-binding model for deploying software in Ops based ● LINUX KERNEL on an ABI contract. HARDWARE Welcome to Dependency Hell.

  10. Efficiency Through Central Control Finally kickstart, satellite, cfengine, and the likes… OPTIONAL APPS Mass deployment and recipes ● OPTIONAL APPS OPTIONAL APPS Efficiency through automation. Binary distribution at scale. ● OPTIONAL APPS Volatility of late-binding dependency resolution, conflicts & ● compatibility. COMMON SHARED USER SPACE COMMON SHARED USER SPACE Automate the stack composition on machines. ● COMMON SHARED USER SPACE Manage the lifecycle of the software stack. ● COMMON SHARED USER SPACE LINUX KERNEL LINUX KERNEL Centralize management control. ● LINUX KERNEL Components move across dev/test/ops independently. ● LINUX KERNEL Still in Dependency Hell. ● HARDWARE HARDWARE HARDWARE HARDWARE Model still largely used today, sometime with the same components plus newer tools like Ansible.

  11. A Whiff Of Freedom Virtualization, Appliances - Everything is a VM VM 1 VM 2 VM 3 Common model: Deploy as pre-built images, operate as pet ● Predictable initial stack behaviour ● APP 1 APP 2 APP 3 Abstraction from underlying HW ● Existing tools continue to work - it’s just virtual HW ● COMMON COMMON COMMON Multiple instances, multi-tenant ● SHARED SHARED SHARED USER USER USER Still monolithic inside the VM, still dependency conflicts in VM ● SPACE SPACE SPACE LINUX LINUX LINUX KERNEL KERNEL KERNEL Less Dependency Hell - Hello VM Sprawl and inconsistent management. HYPERVISOR HARDWARE

  12. Enterprise Virtualization Infrastructure Abstraction & Density VM VM VM Efficient sharing of physical HW due to sharing infrastructure. ● VM VM VM Linux inherited one VM per service from Windows. ● Multi-tier applications consisting out of multiple service. ○ VM VM VM Heavyweight compared to running multiple processes in a ○ single instance. VM VM VM Efficient cluster management on VM-level, ‘Software Defined’ ● Datacenter Potentially the a single artifact to move across DEV/TEST/PROD if ● COMPUTE NETWORK STORAGE integrated into a full image-based lifecycle. In theory clean delegation. - In practice: shared root access and a lot ● of virtual pets. PHYS PHYS PHYS PHYS HW HW HW HW Liberates your app from the HW lifecycle. Predominant operational paradigm for data centers in the earlier 2010s.

  13. Infrastructure as a Service Cloud Elastic Infrastructure VM VM VM Compute / Storage / Networking on demand ● VM VM VM Opex instead of CAPEX ● Elastically scale up and down as you need it ● VM VM VM Efficiency through scale ● Progressive reduction in cost passed through to customers ● VM VM VM SOMETHING THAT CONNECTS SOMETHING SOMETHING THAT STORES SOMETHING SOMETHING THAT COMPUTES SOMETHING SOMETHING THAT SCALES ON DEMAND

  14. Shifting Paradigms MACRO PREFERENCES & TECHNIQUES TRENDS BEHAVIOR & TOOLS • “Software is eating the world” • Aggregation of services replaces • Move towards Cloud Native monolithic systems behaviors • Business-value driven developers • DevOps enables developers to gaining influence over traditional • Preference to consume most manage rapid pace of change IT current versions • Automation, automation, • Shift from a broadcast-model to • Open source is the default; driving automation…. an on-demand model, SaaS rapid growth in content volume and stack complexity

  15. The (Modern) Cloud Operational paradigm that maximizes time-to-value: Elasticity ● SOMETHING VM VM THAT Developer Velocity through service abstraction, integration, EXECUTES A ● FUNCTION and availability APP APP Encapsulated Operational Excellence ● SOME SOMETHING THAT PROESSES DATA OTHER THING WITH AN Dominated by proprieatry public cloud offerings ● API SOMETHING THAT HAS AN API ‘GNU / Linux Distribution as a Service’ - Without the contributions ● back. SOMETHING THAT CONNECTS SOMETHING ‘Strip-mining’ FOSS and SW innovation in general. ● SOMETHING THAT STORES SOMETHING Move towards service aggregation, vertical integration. ● SOMETHING THAT COMPUTES SOMETHING SOMETHING THAT SCALES ON DEMAND

  16. Cloud Changed How People See Software Centralization of Operational Excellence ● SOMETHING VM VM THAT EXECUTES A FUNCTION 1990 / 2000s: ● APP APP Access to enterprise HW and Software is exclusive. ○ 2005 - 2015: ● SOME SOMETHING THAT PROCESSES DATA OTHER Free Software democratized access. ○ THING WITH AN Commercial offerings (e.g. Red Hat) enable Enterprise use. ○ API SOMETHING THAT HAS AN API You can get integration, stability, maintenance… But you have ○ to figure out how to deploy and operate. SOMETHING THAT CONNECTS SOMETHING 2020: ● SOMETHING THAT STORES SOMETHING The cloud operates your infrastructure and services. ○ SOMETHING THAT COMPUTES SOMETHING You focus on the components that differentiate your business. ○ SOMETHING THAT SCALES ON DEMAND Predominante operational paradigm for IT in the late 2010s

  17. The Cost of Cloud Vertically Integrated Public Cloud Dominated by proprietary public cloud offerings ● SOMETHING VM VM THAT Lock-in with black-box-services ● EXECUTES A FUNCTION Data Gravity ● APP APP Growing life cycle dependency ● High OPEX when scaled SOME ● SOMETHING THAT PROESSES DATA OTHER THING Reproducibility? ● WITH AN API SOMETHING THAT HAS AN API ‘GNU / Linux Distribution as a Service’ - Without the ● contributions back. SOMETHING THAT CONNECTS SOMETHING ‘Strip-mining’ FOSS and SW innovation in general. ● SOMETHING THAT STORES SOMETHING Move towards service aggregation, vertical integration. ● SOMETHING THAT COMPUTES SOMETHING SOMETHING THAT SCALES ON DEMAND

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

To Towards Production-Ru Run Heisenbugs Re Reproduction on Commercial Hardware Shiyou Huang

To Towards Production-Ru Run Heisenbugs Re Reproduction on Commercial Hardware Shiyou Huang

To Towards Production-Ru Run Heisenbugs Re Reproduction on Commercial Hardware Shiyou Huang Bowen Cai and Jeff Huang 1 Whats a coders worst nightmare? https://www.quora.com/What-is-a-coders-worst-nightmare 2 The bug only occurs in

901 views • 50 slides
2 nd semester Topic 5: Navigation nightmare More Than Just a Bad Dream--A Nightmare's Impact on

2 nd semester Topic 5: Navigation nightmare More Than Just a Bad Dream--A Nightmare's Impact on

2 nd semester Topic 5: Navigation nightmare More Than Just a Bad Dream--A Nightmare's Impact on the Waking Brain 1.Read the article You awake with a pounding heart and clammy hands. Relax, you think to yourself it was just a bad dream. But

204 views • 8 slides
NIGHTMARE CREATURES II Game Design Presentation - Confidential Kalisto Entertainment 1999

NIGHTMARE CREATURES II Game Design Presentation - Confidential Kalisto Entertainment 1999

NIGHTMARE CREATURES II Game Design Presentation - Confidential Kalisto Entertainment 1999 1 NIGHTMARE CREATURES II NIGHTMARE CREATURES II Game Overview Working tittle : Nightmare Creatures II Genre : Horror Action- Adventure Game

317 views • 8 slides
UPDATES Recap Christmas in the Sierra Concert Nightmare Before Christmas ALL SHOWS SOLD

UPDATES Recap Christmas in the Sierra Concert Nightmare Before Christmas ALL SHOWS SOLD

UPDATES Recap Christmas in the Sierra Concert Nightmare Before Christmas ALL SHOWS SOLD OUT! Coming Up 12/14 Dinner and Show Nightmare 12/15 Nightmare Before Christmas 12/16 Nightmare Before Christmas 12/22 Holiday

336 views • 6 slides
The 10 Worst Presentation Habits Speakers can be their own worst enemies. Here are our expert's

The 10 Worst Presentation Habits Speakers can be their own worst enemies. Here are our expert's

The 10 Worst Presentation Habits Speakers can be their own worst enemies. Here are our expert's tips on how to make a presentation sing By Carmine Gallo - BusinessWeek As a communications coach for some of America's most admired companies, I work

603 views • 3 slides
Information Geometry in Mathematical Finance: Model Risk, Worst and Almost Worst Scenarios Imre

Information Geometry in Mathematical Finance: Model Risk, Worst and Almost Worst Scenarios Imre

The problem and its history Solution of the Problem Localisation and neighbourhood of worst case distributions Information Geometry in Mathematical Finance: Model Risk, Worst and Almost Worst Scenarios Imre Csisz ar Thomas Breuer PPE

456 views • 21 slides
Imagining Politics beyond Brexit Gone quiet, hasnt it? Last year now seems like a nightmare

Imagining Politics beyond Brexit Gone quiet, hasnt it? Last year now seems like a nightmare

Imagining Politics beyond Brexit Gone quiet, hasnt it? Last year now seems like a nightmare from which we are just awakening. The febrile atmosphere of those days when two Prime Ministers struggled to push a withdrawal agreement through

269 views • 8 slides
Web 2.0 A Security Nightmare? SSL and Webapps Webmontag Karlsruhe, 29.5.2006 Hanno Bck,

Web 2.0 A Security Nightmare? SSL and Webapps Webmontag Karlsruhe, 29.5.2006 Hanno Bck,

Web 2.0 A Security Nightmare? SSL and Webapps Webmontag Karlsruhe, 29.5.2006 Hanno Bck, http://www.hboeck.de/ Web 2.0 for everyone? Web 2.0 applications should be available for the common user Blog in 1 minute, Get your own

254 views • 11 slides
A NIGHTMARE FOR THE INTERVENTIONAL CARDIOLOGIST-DES STENT ANEURYSM! DR VARUN CHAWLA MD,DM

A NIGHTMARE FOR THE INTERVENTIONAL CARDIOLOGIST-DES STENT ANEURYSM! DR VARUN CHAWLA MD,DM

A NIGHTMARE FOR THE INTERVENTIONAL CARDIOLOGIST-DES STENT ANEURYSM! DR VARUN CHAWLA MD,DM LIFECARE INSTITUTE OF MEDICAL SCIENCES & RESEARCH,AHMEDABAD,INDIA Disclosure Statement of Financial Interest I, Dr Varun Chawla DO NOT have a

677 views • 32 slides
Florida Man: The World's Worst Superhero Florida Man: The World's Worst Superhero Miami Herald

Florida Man: The World's Worst Superhero Florida Man: The World's Worst Superhero Miami Herald

Florida Man: The World's Worst Superhero Florida Man: The World's Worst Superhero Miami Herald Who What is Florida Man? Florida Man Intentionally Drove Ferrari 360 Into Ocean At Top Speed Florida Man Finds a WWII Grenade, Places It in His

744 views • 60 slides
Comparison of Efficiency Binary Binomial Procedure (worst- (worst- (amortized) case) case)

Comparison of Efficiency Binary Binomial Procedure (worst- (worst- (amortized) case) case)

Comparison of Efficiency Binary Binomial Procedure (worst- (worst- (amortized) case) case) Make - Heap (1) (1) (1) (lg n ) O (lg n ) (1) Insert (1) O (lg n ) (1) Minimum Extract - Min (lg n ) (lg n ) O (lg n ) ( n

376 views • 16 slides
Django, from nightmare to dream with Best Practices by Stphane Wirtel EuroPython 2017 -

Django, from nightmare to dream with Best Practices by Stphane Wirtel EuroPython 2017 -

Django, from nightmare to dream with Best Practices by Stphane Wirtel EuroPython 2017 - Rimini/y ;-) 11 Luglio 2017 1 / 69 Hello, I am Stphane Python Freelancer Open Source = My Passion/Job PythonFOSDEM CPython contributor PSF, EPS

838 views • 69 slides
The M/o/Vfuscator Turning 'mov' into a soul-crushing RE nightmare { domas / REcon 2015

The M/o/Vfuscator Turning 'mov' into a soul-crushing RE nightmare { domas / REcon 2015

The M/o/Vfuscator Turning 'mov' into a soul-crushing RE nightmare { domas / REcon 2015 REMath (github.com/REMath) Stephen Dolan http://www.cl.cam.ac.uk/~sd601/papers/mov.pdf It is well-known that the x86 instruction set is baroque,

1.93k views • 158 slides
Payroll Tax Train Wreck Resolving Your Clients Payroll Tax Nightmare Eric L. Green, Esq. 1

Payroll Tax Train Wreck Resolving Your Clients Payroll Tax Nightmare Eric L. Green, Esq. 1

Payroll Tax Train Wreck Resolving Your Clients Payroll Tax Nightmare Eric L. Green, Esq. 1 About Tax Rep LLC Tax Rep is a member driven community that helps each other build their representation practice and help taxpayers, with members being

438 views • 29 slides
Speculative Execution Vulnerabilities: From a Simple Oversight to a Technological Nightmare Raoul

Speculative Execution Vulnerabilities: From a Simple Oversight to a Technological Nightmare Raoul

Speculative Execution Vulnerabilities: From a Simple Oversight to a Technological Nightmare Raoul Strackx raoul.strackx@cs.kuleuven.be @raoul_strackx imec-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium Hardwear.io, June 14 th , 2019

1.05k views • 81 slides
Client Alert Opening a Franchise: The American Dream or a Landlords Nightmare? Contact

Client Alert Opening a Franchise: The American Dream or a Landlords Nightmare? Contact

Client Alert Opening a Franchise: The American Dream or a Landlords Nightmare? Contact Attorney Regarding This Matter: In todays challenging and unstable economic client, many Americans, Jonathan L. Neville old and young, rich and

235 views • 6 slides
One Trillion Edges: Graph Processing at Facebook-Scale GraphHPC 2015, Moscow Avery Ching Sergey

One Trillion Edges: Graph Processing at Facebook-Scale GraphHPC 2015, Moscow Avery Ching Sergey

One Trillion Edges: Graph Processing at Facebook-Scale GraphHPC 2015, Moscow Avery Ching Sergey Edunov Maja Kabiljo Facebook Facebook Facebook Dionysios Logothetis Sambavi Muthukrishnan Facebook Facebook Social Graph Social Graph

812 views • 78 slides
Recap: Map-Reduce Map Phase Reduce Phase (per record

Recap: Map-Reduce Map Phase Reduce Phase (per record

Map Reduce (contd.) CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 12 : 590.02 Spring 13 1 Recap: Map-Reduce Map Phase Reduce Phase

564 views • 28 slides
Data Format and Packaging, An Update Kurt Biery 18 March 2020 DUNE DAQ Dataflow Working Group

Data Format and Packaging, An Update Kurt Biery 18 March 2020 DUNE DAQ Dataflow Working Group

Data Format and Packaging, An Update Kurt Biery 18 March 2020 DUNE DAQ Dataflow Working Group Meeting Data Format At the DAQ workshop, it was proposed to focus our data format investigations on A DUNE-specific binary format stored

377 views • 19 slides
Introduction to SystemVerilog Instructor: Nima Honarmand (Slides adapted from Prof. Milders

Introduction to SystemVerilog Instructor: Nima Honarmand (Slides adapted from Prof. Milders

Spring 2015 :: CSE 502 Computer Architecture A Brief Introduction to SystemVerilog Instructor: Nima Honarmand (Slides adapted from Prof. Milders ESE-507 course) Spring 2015 :: CSE 502 Computer Architecture First Things First

732 views • 41 slides
Functional Descriptions as the Bridge between Hypermedia APIs and the Semantic Web Ruben Verborgh

Functional Descriptions as the Bridge between Hypermedia APIs and the Semantic Web Ruben Verborgh

ELIS Multimedia Lab Functional Descriptions as the Bridge between Hypermedia APIs and the Semantic Web Ruben Verborgh Thomas Steiner Davy Van Deursen Sam Coppens Joaquim Gabarro Rik Van de Walle Is following your nose

1.23k views • 41 slides
ADROIT: Detecting Spatio-Temporal Correlated Attack-Stages in IoT Networks NUS-Singtel Cyber

ADROIT: Detecting Spatio-Temporal Correlated Attack-Stages in IoT Networks NUS-Singtel Cyber

ADROIT: Detecting Spatio-Temporal Correlated Attack-Stages in IoT Networks NUS-Singtel Cyber Security R&D Corp. Lab Dinil Mon Divakaran, Rhishi Pratap Singh, Kalupahana Liyanage Kushan Sudheera, Mohan Gurusamy, Vinay Sachidananda Context

745 views • 27 slides
Tool-Assisted Specification and Verification of the JavaCard Platform Gilles

Tool-Assisted Specification and Verification of the JavaCard Platform Gilles

Tool-Assisted Specification and Verification of the JavaCard Platform Gilles Barthe INRIA Sophia-Antipolis, France Joint work with: P . Courtieu, G. Dufay, M. Huisman, L. Jakubiec, B. Serpette, S. Melo de Sousa, S.

694 views • 55 slides
ORC LLVMs Next Generation of JIT API Contents LLVM JIT APIs Past, Present and Future I

ORC LLVMs Next Generation of JIT API Contents LLVM JIT APIs Past, Present and Future I

ORC LLVMs Next Generation of JIT API Contents LLVM JIT APIs Past, Present and Future I will praise MCJIT Then I will critique MCJIT Then Ill introduce ORC Code examples available in the Building A JIT tutorial on llvm.org

3.66k views • 44 slides

More recommend