From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 14049 invoked from network); 17 Sep 2021 15:56:37 -0000 Received: from minnie.tuhs.org (45.79.103.53) by inbox.vuxu.org with ESMTPUTF8; 17 Sep 2021 15:56:37 -0000 Received: by minnie.tuhs.org (Postfix, from userid 112) id B1D9B9CAD3; Sat, 18 Sep 2021 01:56:35 +1000 (AEST) Received: from minnie.tuhs.org (localhost [127.0.0.1]) by minnie.tuhs.org (Postfix) with ESMTP id 5FF969CAB4; Sat, 18 Sep 2021 01:56:25 +1000 (AEST) Authentication-Results: minnie.tuhs.org; dkim=pass (2048-bit key; unprotected) header.d=iitbombay-org.20210112.gappssmtp.com header.i=@iitbombay-org.20210112.gappssmtp.com header.b="xnSefCj5"; dkim-atps=neutral Received: by minnie.tuhs.org (Postfix, from userid 112) id A2D409CAB4; Sat, 18 Sep 2021 01:56:19 +1000 (AEST) Received: from mail-oi1-f169.google.com (mail-oi1-f169.google.com [209.85.167.169]) by minnie.tuhs.org (Postfix) with ESMTPS id 4CB6B9CAB2 for ; Sat, 18 Sep 2021 01:56:18 +1000 (AEST) Received: by mail-oi1-f169.google.com with SMTP id s20so14574934oiw.3 for ; Fri, 17 Sep 2021 08:56:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iitbombay-org.20210112.gappssmtp.com; s=20210112; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=aRjtquIVjQi9+N0we2L3ZVFY95m+5PHSlVPC4O9S1QU=; b=xnSefCj5ifJF7hi3/AfDJzKQy+95y2yWRVVHZCdl6zHeF33g63bode7CxxDhHaeNAN /brhfqyJtL2H3NsO9f01mbrN5nYsdq1Ey5wnXlVZMnra7yrMJMtAzzdrU8srmK+Ew2dg bem6W9bhZYnZr+jeeCFAyYdh6aMqFY1yjhvzQnA9fn9XJR5vARy8xANxym+jJ+ZvpOT/ bURq1mqamude1D7hThLZtG0KkQCJ9W0S2u6M31cJ7cnt0DEIlBLVBhPp3aZcV2LnPkt+ 1JJrKzpuh9VccLBvx6zdY8hmteicHn2bpdjut51X7wD3OVTKbDXLiPcofi/CRaobsr7S nTFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=aRjtquIVjQi9+N0we2L3ZVFY95m+5PHSlVPC4O9S1QU=; b=WUcIF/vTUP6I3BEJmZsiraa1xgLVq8X6T4Ck/ahGpoRjcfjOPWpnYSvDG5ZhVaZTZX zNVdUSQiFI0J4/fQ7wyAt/u7ol5TAIe5TIjPsWTZQJ1p2rZtNo4AVk9lGo7BGV+QerLz y2IJdUZRZiZvMsf27MpMlagnrsV+URQFeleCy8Efw2es/ujq4bPLBZBDut5fBSNKgii2 1HAEKOGhAZeogFFRf4PYx3wT+lLxA+WhzD7oPt4VGjoA+//P7XXcEYer43951NaMZYZs rLpGAjYVGK5flw16M9fnkLzFzNvPSAkjs2v62izekK/2Qx/uT4uF6jD482XfZGOfawmL URYQ== X-Gm-Message-State: AOAM530+yvKF+SXZtZwYn+l+2TuUWRsGkjX7YIgQcwJsQGSqPfFddcKR 0c8isusjOnaiyJs3Rf1BWMiohOickod5mkak X-Google-Smtp-Source: ABdhPJxePPPXNGNgB6CRqSKoDDl0sCZJ0ynHvJD/N0rFpIWlVVBweL/UC2hqv1p+Cyef/l+dq1ynHQ== X-Received: by 2002:aca:df07:: with SMTP id w7mr4582223oig.110.1631894176560; Fri, 17 Sep 2021 08:56:16 -0700 (PDT) Received: from smtpclient.apple (107-215-223-229.lightspeed.sntcca.sbcglobal.net. [107.215.223.229]) by smtp.gmail.com with ESMTPSA id w184sm912507oie.35.2021.09.17.08.56.14 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 17 Sep 2021 08:56:15 -0700 (PDT) From: Bakul Shah Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Date: Fri, 17 Sep 2021 08:56:13 -0700 References: <202109161934.18GJYFsl881498@darkstar.fourwinds.com> To: TUHS main list In-Reply-To: <202109161934.18GJYFsl881498@darkstar.fourwinds.com> Message-Id: <8A83BD02-E014-4282-A67D-FDD928AF35DE@iitbombay.org> X-Mailer: Apple Mail (2.3654.120.0.1.13) Subject: Re: [TUHS] ATC/OSDI'21 joint keynote: It's Time for Operating Systems to Rediscover Hardware (Timothy Roscoe) X-BeenThere: tuhs@minnie.tuhs.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: The Unix Heritage Society mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tuhs-bounces@minnie.tuhs.org Sender: "TUHS" On Sep 16, 2021, at 12:34 PM, Jon Steinhart wrote: > > It's my opinion that the whole container thing sort of started as a "we > can't secure the underlying system so we'll build something secure on top" > combined with "it's no fun to fix the unnecessary incompatible mess among > virtually identical systems that we've made so we'll build a new fix-it > layer" ideologies. How long until problems are found with containers > it's decided that the way to fix it is to build "safe deposit boxes" that > run in container? Is there ever an end in sight? Recall that previously sysadmins used programs such as ghost to image a system. A completely operational system with all the required software could be created fairly quickly with minimum configuration. If your h/w crashed, you can get up and running fairly quickly on a new machine (provided your unique bits were backed up & restored). The same thing could be done for server machines. By minimizing differences you can apply security patches or put new machines in service quickly. A server machine needs much more than the main service program before it can be put in real service but machines providing the same service need pretty much the same things. When VMs and containers started getting used, the same model could be used for provisioning them. The docker folks simplified this further. Now you can spin up new servers almost trivially (even if later tooling via Kubernetes and such got quite complicated). Seems to me, this provisioning of whole systems is what users of technologies such as jail never quite got it. A couple of points on this: 1) I think this can be simplified even further if one can rely on a fast control plane connection by basically lazily pulling in the contents of each container. 2) If the underlying system provides a capability architecture, you can probably achieve the exact same functionality without containers as the required "many worlds" functionality is already built in. -- Bakul