resurrecting dinosaurs what can possibly go wrong
play

Resurrecting dinosaurs, what can possibly go wrong? How - PowerPoint PPT Presentation

Mar 30, 2023 •152 likes •683 views

Resurrecting dinosaurs, what can possibly go wrong? How Containerised Apps could eat our users. Richard Brown openSUSE Chairman rbrown@opensuse.org Those who cannot remember the past are condemned to repeat it - George Santayana In

  1. Resurrecting dinosaurs, what can possibly go wrong? How Containerised Apps could eat our users. Richard Brown openSUSE Chairman rbrown@opensuse.org

  2. “Those who cannot remember the past are condemned to repeat it” - George Santayana

  3. In the beginning

  4. CC-BY-SA Ruud Koot

  5. Windows 3.1/95 - DLL Hell ● No ABI backwards compatibility ● Most DLLs installed in C:\WINDOWS or C:\WINDOWS\SYSTEM ● Global COM Class IDs ● Service/Maintenance Nightmare

  6. DLL Hell in Real Terms ● Developers had to dev & test Apps on every possible DLL combination ● Then retest every App patch on every possible DLL combination ● AND test every DLL patch on every possible App & DLL combination ● Then cry when it all broke anyway

  7. Windows 2000 to the Rescue ● Side-by-side (SxS) assembly – DLL “Containerisation” – Separate Memory Space for each App and its DLLs – ‘Private DLLs’ loaded from the Application Directory ● Windows File Protection (WFP) – Disk Isolation of System DLLs ● DLL Universal Problem Solver (DUPS) – Audit all the DLLs in use and help migrate ‘legacy’ applications to SxS bundles

  8. CC-BY-SA Xyzzy n

  9. Problem Solved? Right? ● Security nightmare – Security relevant DLLs lurking in countless application folders ● Maintenance nightmare – How are we going to update our app? Oh we’ll ship an updater! ● Legal nightmare – Can we legally redistribute all the DLLs we need to? ● Storage vendor dream – More disk consumption, everyone buying bigger disks!

  10. Meanwhile in Linuxland

  11. CC-BY-NC Dustin Jamison

  12. Distributions – Solving Real Problems ● Security – Security Teams auditing packages, monitoring CVEs & embargoed lists ● Maintenance – Maintainers packaging applications & keeping them updated ● Legal – Lawyers auditing licenses and ensuring compatibility/compliance

  13. In Defence of Shared Libraries/Dependencies ● Not just about using less space on disk ● Distributing fewer libraries have broad benefits – Fewer INSECURE libraries, more easily patched – Less manpower required to maintain/update – Easier to review/ensure legal compliance

  14. Mission Accomplished? ● Compatibility ● Portability ● Pace of Change vs “It just works”

  15. Windows 3.1/95 - DLL Hell ● No ABI backwards compatibility ● Most DLLs installed in C:\WINDOWS or C:\WINDOWS\SYSTEM ● Global COM Class IDs ● Service/Maintenance Nightmare

  16. Compatibility ● Many distributions with many difgerent libraries and apps ● Difgerent apps require difgerent libraries ● Application developers don’t want to worry about what other application developers have chosen as their dependencies

  17. Compatibility ● Many distributions with many difgerent libraries and apps ● Difgerent apps require difgerent libraries ● Application developers don’t want to worry about what other application developers have chosen as their dependencies ● But application developers don’t (ofuen) worry about this ● Distro Maintainers work on this for F/OSS licensed apps

  18. Portability ● Many distributions with many difgerent libraries and toolsets ● Application Developers don’t want to learn dozens of toolsets, nor rebuild & retest their application on a dozen platforms

  19. Portability ● Many distributions with many difgerent libraries and toolsets ● Application Developers don’t want to learn dozens of toolsets, nor rebuild & retest their application on a dozen platforms ● But application developers don’t (ofuen) worry about this ● Distro Maintainers solve the problem for F/OSS licensed apps

  20. Pace of Change vs “It just works” ● Many distributions with fixed release schedules ● Distributions freeze package/library versions to aid ‘stability’ ● Holds back new application versions from users

  21. Pace of Change vs “It just works” ● Many distributions with fixed release schedules ● Distributions freeze package/library versions to aid ‘stability’ ● Holds back new application versions from users ● But application developers don’t need to worry about this ● Rolling Distributions resolve this with increasing efgiciency

  22. Back to the Future!

  23. Containerised Applications to the Rescue ● AppImage, FlatPak, Snappy ● Provides uses with a “Bundle” containing App + Libraries ● Runs the App in some kind of Sandbox or Container

  24. The Big Promises ● Compatibility – SOLVED – Only compatible libraries in the bundle ● Portability – SOLVED – All dependencies in the bundle ● Pace of Change – SOLVED – App developers can distribute at their pace, not a distro pace ● “It just works” - SOLVED

  25. Compatibility & Portability

  26. Compatibility & Portability

  27. Compatibility & Portability ● Containerised Apps at some point make assumptions of a common standard base provided by the Distribution ● No such common base exists in a practical sense

  28. Compatibility & Portability

  29. Compatibility & Portability ● For a Containerised App to be portable, it must contain ALL compatible dependencies which MIGHT not be provided by ANY distribution ● If not, expect crashes

  30. So it’s hopeless? If everything is still liable to break, what is the point? ● Frameworks/Runtimes attempt to mitigate by providing curated ‘Middledistros’ to build Applications for ● The “Real” Solution: A well defined Linux Standard Base?

  31. The Big Promises - Reality ● Compatibility – SOLVED – Only compatible libraries in the bundle ● Portability – SOLVED – All dependencies in the bundle ● Pace of Change – SOLVED – App developers can distribute at their pace, not a distro pace ● “It just works” - ?

  32. Wait a second...

  33. CC-BY-SA Xyzzy n

  34. History Repeating? ● Security nightmare? – Security relevant libs lurking in countless application bundles ● Maintenance nightmare? – How are we going to update our app and every single lib? ● Legal nightmare? – Can we legally redistribute all the libs we need to? ● Storage vendor dream – More disk consumption, everyone buying bigger disks!

  35. “With Great Power…”

  36. “… Comes Great Responsibilities” ● AppImage/FlatPak/Snappy are tools that enable App Developers to directly distribute sofuware without the ‘need’ for Distributions ● Therefore, they must adopt the responsibilities which come with being a distributor of sofuware

  37. Compatibility & Portability Consider everything an App needs that isn’t in the Bundle ● Can this break my App if the ABI changes? – If YES, then move it to the Bundle ● Can I rely on it being there on ALL systems? – If NO, then move it to the Bundle

  38. Compatibility & Portability in Real Teams Application Developers will still need to ● Dev & test Apps on every possible distro ● Then retest every App patch on every possible distro ● Then cry when it all breaks anyway

  39. Broader Responsibilities ● Security – Monitor & rapidly react to CVEs. Audit libraries. Do not assume sandboxing is enough. ● Maintenance – Update all bundled dependencies in a timely manner ● Legal – Review licences of all bundled dependencies and ensure compliance & compatibility

  40. Distributions can be part of the solution ● Distributions should like the promise of Containerised Applications ● Less work & responsibility for us is always good ● Should not be fearful of the transfer of responsibility, but should not encourage it blindly either

  41. Distributions can be part of the solution ● A Common Base (“LSB for the Container Age”) must be considered – Without one, the portability promise is unachievable ● Distributions have decades of tools and talent for dealing with the broader issues. USE THEM ● Don’t reinvent every wheel just because we can

  42. One more thing

  43. Rolling Releases for Everyone? ● To get Applications in the hands of users fast, what model beats a rolling distribution? ● Users can be guaranteed an integrated “built together” experience ● Security/Maintenance burdens less broadly distributed, fewer points of failure, Devs don’t need to be security engineers ● “It just works” can be reached with good tools – OBS & openQA

  44. Join Us at www.opensuse.org

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Google what can possibly go wrong with my Sprint?

Google what can possibly go wrong with my Sprint?

Google what can possibly go wrong with my Sprint? https://samtrepreneur.files.wordpress.com/2016/05/zac-efron-falls-while-running-beach-baywatch.jpg?w=1024 I know about Tell me about Sprint, get Sprint onto the issues build typical

881 views • 55 slides
Artificial Intelligence: What Could Possibly Go Wrong? Jim Dempsey Executive Director Berkeley

Artificial Intelligence: What Could Possibly Go Wrong? Jim Dempsey Executive Director Berkeley

Artificial Intelligence: What Could Possibly Go Wrong? Jim Dempsey Executive Director Berkeley Center for Law & Technology jdempsey@berkeley.edu What Is Artificial Intelligence? No single definition a set of technologies that enable

995 views • 65 slides
What Happened to the Dinosaurs? Dinosaurs were the dominant vertebrate ani- mals of terrestrial

What Happened to the Dinosaurs? Dinosaurs were the dominant vertebrate ani- mals of terrestrial

What Happened to the Dinosaurs? Dinosaurs were the dominant vertebrate ani- mals of terrestrial ecosystems for over 160 mil- lion years from about 230 million years ago to 65 million years ago. Recent research indicates that theropod dinosaurs

702 views • 34 slides
What Happened to the Dinosaurs? Dinosaurs were the dominant vertebrate animals of terres- trial

What Happened to the Dinosaurs? Dinosaurs were the dominant vertebrate animals of terres- trial

What Happened to the Dinosaurs? Dinosaurs were the dominant vertebrate animals of terres- trial ecosystems for over 160 million years from about 230 million years ago to 65 million years ago. Recent research indicates that theropod dinosaurs are

574 views • 40 slides
Why colonize in the first place? The dinosaurs, for example, didnt have a space

Why colonize in the first place? The dinosaurs, for example, didnt have a space

Why colonize in the first place? The dinosaurs, for example, didnt have a space program. And thats why the dinosaurs are not here today. Christopher Columbus Elon Musk Forward

310 views • 12 slides
Resurrecting Laplace's Demon: The Case for Deterministic Models Edward A. Lee Robert S. Pepper

Resurrecting Laplace's Demon: The Case for Deterministic Models Edward A. Lee Robert S. Pepper

Resurrecting Laplace's Demon: The Case for Deterministic Models Edward A. Lee Robert S. Pepper Distinguished Professor UC Berkeley Invited Talk: Synchron December 8, 2016 Bamberg, Germany Context: Cyber-Physical Systems A par/cularly

1.02k views • 68 slides
ZombieNAND: Resurrecting Dead NAND Flash for Improved SSD Longevity Ellis H. Wilson III 1 , 2

ZombieNAND: Resurrecting Dead NAND Flash for Improved SSD Longevity Ellis H. Wilson III 1 , 2

ZombieNAND: Resurrecting Dead NAND Flash for Improved SSD Longevity Ellis H. Wilson III 1 , 2 Myoungsoo Jung 3 Mahmut Kandemir 1 1 Department of Computer Science and Engineering, The Pennsylvania State University 2 Panasas, Inc. 3 Department of

344 views • 16 slides
RESURRECTING EUROPES STUREC GOLD MINE NWR Virtual Small Caps Conference Presentation 1

RESURRECTING EUROPES STUREC GOLD MINE NWR Virtual Small Caps Conference Presentation 1

RESURRECTING EUROPES STUREC GOLD MINE NWR Virtual Small Caps Conference Presentation 1 Important Information This presentation has been prepared and issued by MetalsTech Limited (the Company") to inform interested parties about the C

545 views • 17 slides
Classification of the Dinosauria Dinosaurs are vertebrates Evolve in the Cambrian along with

Classification of the Dinosauria Dinosaurs are vertebrates Evolve in the Cambrian along with

Classification of the Dinosauria Dinosaurs are vertebrates Evolve in the Cambrian along with other multicellular animals Tissues mineralized with calcium phosphate - teeth, bones, spines, plates, scutes Spinal cord usually protected

182 views • 14 slides
Resurrecting the Role of Real Money Balance Effects Jos Dorich Universitat Pompeu Fabra June

Resurrecting the Role of Real Money Balance Effects Jos Dorich Universitat Pompeu Fabra June

Resurrecting the Role of Real Money Balance Effects Jos Dorich Universitat Pompeu Fabra June 22nd , 2008 Motivation No role for money in New Keynesian models. Theoretical argument by Woodford (2003): central banks control interest

416 views • 23 slides
DDH-17 Forward 2017 Design Delegation Holders Seminar Shaun Johnson Manager Airworthiness

DDH-17 Forward 2017 Design Delegation Holders Seminar Shaun Johnson Manager Airworthiness

The Present and the Future: DDH-17 Forward 2017 Design Delegation Holders Seminar Shaun Johnson Manager Airworthiness May 2017 DDHC-17 The major difference between a thing that might go wrong and a thing that cannot possibly go wrong

509 views • 21 slides
Why Exascale Computing will be slightly less disruptive than the comet that killed the dinosaurs

Why Exascale Computing will be slightly less disruptive than the comet that killed the dinosaurs

Why Exascale Computing will be slightly less disruptive than the comet that killed the dinosaurs Numerical Methods for Large-Scale Nonlinear Problems and Their Applica<ons ICERM, Providence,

296 views • 28 slides
Defences Structure of the Courts What is a Crime? a public wrong Wrong committed

Defences Structure of the Courts What is a Crime? a public wrong Wrong committed

Defences Structure of the Courts What is a Crime? a public wrong Wrong committed against the common good or public interest causes harm to society, not just the individual 3 features that make something a public wrong:

474 views • 25 slides
Resurrecting Duckling Imprinting on Mother: Device shares key on 1 st contact with controller

Resurrecting Duckling Imprinting on Mother: Device shares key on 1 st contact with controller

Resurrecting Duckling Imprinting on Mother: Device shares key on 1 st contact with controller Metempsychosis: Upon death, soul progresses to a new body Reverse metempsychosis: Upon death, new soul can enter the body Resistance to

605 views • 21 slides
Part 3 Terroir is fragile Can be lost through: High yields Wrong grape varieties in wrong place

Part 3 Terroir is fragile Can be lost through: High yields Wrong grape varieties in wrong place

Part 3 Terroir is fragile Can be lost through: High yields Wrong grape varieties in wrong place Picking too late (a common problem) Poor work in the winery (e.g. too much oak, wrong sort of oak, Brettanomyces, oxidation) The Natural Wine

469 views • 20 slides
V2 28 May 2015 What Is Wrong With Stat 101? 1 2 V2 2015 USCOTS Whats Wrong with Stat 101?

V2 28 May 2015 What Is Wrong With Stat 101? 1 2 V2 2015 USCOTS Whats Wrong with Stat 101?

V2 28 May 2015 What Is Wrong With Stat 101? 1 2 V2 2015 USCOTS Whats Wrong with Stat 101? Cobb 1: Whats wrong with Stat 101? Comments on Cobb and De Veaux Proposals Context : Peripheral in math; central in statistics. Milo

808 views • 17 slides
Here Beside the Rising Tide: The Dead, the Counterculture, & American Democracy PRELUDE

Here Beside the Rising Tide: The Dead, the Counterculture, & American Democracy PRELUDE

**Do not publish or quote without explicit permission of the author.** 1 Here Beside the Rising Tide: The Dead, the Counterculture, and American Democracy Michael J. Kramer Here Beside the Rising Tide: The Dead, the Counterculture, &

573 views • 32 slides
Unit 1: Introduction to data 3. More exploratory data analysis STA 104 - Summer 2017 PS 1 is

Unit 1: Introduction to data 3. More exploratory data analysis STA 104 - Summer 2017 PS 1 is

Announcements Unit 1: Introduction to data 3. More exploratory data analysis STA 104 - Summer 2017 PS 1 is posted in Sakai, due this Tuesday at 12.30pm. Duke University, Department of Statistical Science Prof. van den Boom Slides posted at

77 views • 3 slides
Debian Science Umbrella for scientific packages or dustbin for scientific code Andreas Tille

Debian Science Umbrella for scientific packages or dustbin for scientific code Andreas Tille

Debian Science Umbrella for scientific packages or dustbin for scientific code Andreas Tille DebConf 17 Montreal, 6th August 2017 Andreas Tille ( DebConf 17 ) Debian Science Montreal, 6th August 2017 Overview Current status 1 Better

1.18k views • 85 slides
Experimental Design Learning Objectives At the end of this lecture, the student should be able

Experimental Design Learning Objectives At the end of this lecture, the student should be able

Section 1.3 Introduction to Experimental Design Learning Objectives At the end of this lecture, the student should be able to: State the steps of conducting a statistical study. Select one step of developing a statistical study, and

928 views • 56 slides
Probabilistic approaches to language and language learning John Goldsmith The University of

Probabilistic approaches to language and language learning John Goldsmith The University of

Probabilistic approaches to language and language learning John Goldsmith The University of Chicago 1 This work is based on the work of too many people to name them all directly. Nonetheless, I must specifjcally acknowledge Jorma Rissanen

1.07k views • 71 slides
Keep Lead from Keep Lead from Lurking Lurking Lead Testing and Lead Testing and Healthy

Keep Lead from Keep Lead from Lurking Lurking Lead Testing and Lead Testing and Healthy

Keep Lead from Keep Lead from Lurking Lurking Lead Testing and Lead Testing and Healthy Healthy Homes to Help Prevent Childhood Lead Poisoning Homes to Help Prevent Childhood Lead Poisoning Oct 30, 2019 Recharge for Resilience Conference

397 views • 20 slides
RECASTING EXPERIMENTAL SEARCHES Michele Papucci LBNL & BCTP Amherst, November 12th, 2015

RECASTING EXPERIMENTAL SEARCHES Michele Papucci LBNL & BCTP Amherst, November 12th, 2015

RECASTING EXPERIMENTAL SEARCHES Michele Papucci LBNL & BCTP Amherst, November 12th, 2015 BSM at the LHC 250-300 analyses SUSY+exotica, CMS+ATLAS, 7+8TeV during run I no significant deviation from the Standard Model, but

389 views • 27 slides
Realization formulae for bounded holomorphic functions on certain domains and an application to

Realization formulae for bounded holomorphic functions on certain domains and an application to

Realization formulae for bounded holomorphic functions on certain domains and an application to the Carath eodory extremal problem Nicholas Young Leeds and Newcastle Universities Joint work with Jim Agler, UCSD and Zina Lykova, Newcastle

656 views • 17 slides

More recommend