Operations without the Operating System

Operations without the Operating System

Talk from the Operability conference in London about fundamental problems with the evolution of infrastructure, and how new operating systems and unikernels might provide a solutions.

Some truth and lots of speculation about the future of operations.

98234c645fe8c935edc0fec0186d28b8?s=128

Gareth Rushgrove

September 25, 2015
Tweet

Transcript

  1. Operations without the Operating System Puppet Labs Gareth Rushgrove Ops

    People and Future Technology
  2. Gareth Rushgrove @garethr

  3. Gareth Rushgrove

  4. First, some quotes

  5. These systems had never been designed with security in mind

    and now were becoming hugely complex Gareth Rushgrove
  6. The dense complexity and increasing length of computer code as

    computers where asked to do more and more would make malicious code increasingly hard to find Gareth Rushgrove
  7. Written in 2014 Gareth Rushgrove

  8. Not about Heartbleed Gareth Rushgrove

  9. In a history book about the 1970s Gareth Rushgrove Intercept:

    The Secret History of Computers and Spies by Gordon Corera. Specifically about the Anderson Report, 1972
  10. This talk

  11. Lots of new operating systems have appeared in the last

    year Gareth Rushgrove
  12. Speculation Klaxon

  13. The age of the general purpose operating system is over

    Gareth Rushgrove
  14. What does that mean for operators? Gareth Rushgrove

  15. A New Breed of OS Smaller, faster, more productive?

  16. What server operating systems are you running? Gareth Rushgrove

  17. Gareth Rushgrove I’m guessing most people said:

  18. Gareth Rushgrove Someone will try and be smart and say:

  19. Gareth Rushgrove And someone will hide the fact they’re running:

  20. But elsewhere on the internet… Gareth Rushgrove

  21. Gareth Rushgrove From RedHat, uses RPM-OSTree under the hood

  22. Gareth Rushgrove Built-in service-discovery and clustering support

  23. Gareth Rushgrove Snappy from Ubuntu, basically replaces apt-get with containers

  24. Gareth Rushgrove Docker running on Docker running as PID 1

  25. Gareth Rushgrove Nano is a tiny alternative to Windows Server

    6
  26. Gareth Rushgrove Bonneville provides containers that are really virtual machines

  27. Gareth Rushgrove Clear Linux provides hardware isolation guarantees to containers

  28. Common themes Gareth Rushgrove

  29. Cluster native Read-only file systems Transactional updates Integrated with containers

    Gareth Rushgrove
  30. We’ve seen some of this story before Gareth Rushgrove

  31. Gareth Rushgrove

  32. ESXi, XenServer Gareth Rushgrove

  33. Gareth Rushgrove

  34. What plays out the same and what different is interesting

    Gareth Rushgrove Note, everyone wants to be the VMware of containers
  35. Why The Interest in New Operating Systems And why now?

  36. Lots of homogeneous workloads Gareth Rushgrove

  37. Security is front page news Gareth Rushgrove

  38. I just want somewhere to run my containers Gareth Rushgrove

  39. Size as a proxy for complexity Gareth Rushgrove Can you

    name the 184 default packages in Ubuntu?
  40. Utilisation matters Gareth Rushgrove Only to large organisations who pay

    for software mind
  41. Increasingly interacting with higher level abstractions anyway Gareth Rushgrove Mesos,

    Kubernetes, Cloud Foundry
  42. Piling up Abstractions A brief history of infrastructure

  43. Gareth Rushgrove Operating system Hardware Application Once upon a time…

  44. Gareth Rushgrove Operating system Hardware Runtime Application But your application

    might need a runtime so lets add that
  45. Gareth Rushgrove Operating system Hardware Runtime Application Application Application Application

    Application Application Runtime But hardware is expensive so lets run multiple applications
  46. Gareth Rushgrove Operating system Hypervisor Hardware Runtime Application Applications need

    isolating so lets use virtualisation
  47. Gareth Rushgrove Operating system Hypervisor Hardware Runtime Application Operating system

    Runtime Application Operating system Runtime Application Run multiple virtual machines! Each with there own copy of the OS
  48. Gareth Rushgrove Operating system Hypervisor Hardware Runtime Application Operating system

    Runtime Application Application Application Application But the overhead of virtualisation is expensive so run multiple apps per VM
  49. Gareth Rushgrove Operating system Hypervisor Hardware Container Operating system Runtime

    Application Container runtime I heard you like containers
  50. Gareth Rushgrove Operating system Hypervisor Hardware Container A different OS

    Runtime Application Container runtime Container Operating system Runtime Application Container Even more OS Runtime Application
  51. Hypervisor Hardware Gareth Rushgrove Operating system Container Static binary Container

    runtime Container Static binary Container Static binary Cool folks use static binaries and scratch containers
  52. Gareth Rushgrove Operating system Hardware Container Static binary Container runtime

    Container Static binary Container Static binary Don’t need virtualisation isolation guarantees?
  53. Unikernels A library operating system

  54. What if there is no OS above the hypervisor? Gareth

    Rushgrove
  55. Gareth Rushgrove

  56. Gareth Rushgrove Unikernel Hypervisor Hardware Unikernels compile your application to

    a kernel, which can run on a hypervisor
  57. Compile your application into a Kernel Gareth Rushgrove No userspace

  58. Only include the capabilities/ libraries you need Gareth Rushgrove No

    bash/ssh/sh/apt unless you explicitly include it
  59. Hypervisor/hardware isolation Smaller attack surface area Running less code Enforced

    immutability No default remote access Gareth Rushgrove
  60. The promise of containers, but without needing to pretend the

    intermediary OS doesn’t exist Gareth Rushgrove
  61. Gareth Rushgrove MirageOS

  62. Gareth Rushgrove HaLVM

  63. Gareth Rushgrove Rump Kernel

  64. Gareth Rushgrove LING

  65. Gareth Rushgrove

  66. Gareth Rushgrove

  67. What Happens to Operators? Technical operators anyway, service management folks

    are safe for now
  68. Hypervisor as the platform Gareth Rushgrove 1

  69. Separate team running a hypervisor as a service Gareth Rushgrove

  70. Separate team company running a hypervisor as a service Gareth

    Rushgrove
  71. How many AWS users are Xen experts? Gareth Rushgrove

  72. It happened with Type 1 hypervisors, I posit it will

    happen for Type 2 as well Gareth Rushgrove
  73. Everything else as an application Gareth Rushgrove 2

  74. Firewalls as an application Gareth Rushgrove

  75. Proxies as an application Gareth Rushgrove

  76. Network switches as an application Gareth Rushgrove

  77. Intrusion detection as an application Gareth Rushgrove

  78. Remote shell as an application Gareth Rushgrove

  79. Everyone not running the hypervisor is an application developer Gareth

    Rushgrove
  80. Standards, standards and defacto standards Gareth Rushgrove 3

  81. We need to start agreeing Gareth Rushgrove I don’t have

    time here for a rant about the contributors dilemma, initiation bias and how prototypes never die on GitHub
  82. Platforms Gareth Rushgrove

  83. Containers Gareth Rushgrove

  84. Monitoring Gareth Rushgrove ?

  85. Gareth Rushgrove StatsD

  86. Gareth Rushgrove Metrics 2.0

  87. Publish more schemas and fewer incompatible duplicate implementations Gareth Rushgrove

    We can get to actual Standards after some agreement
  88. Infrastructure is code Gareth Rushgrove 4

  89. Infrastructure as algorithms Gareth Rushgrove

  90. Schedulers Gareth Rushgrove

  91. Back pressure Gareth Rushgrove

  92. Autoscaling Gareth Rushgrove

  93. Composition/configuration Gareth Rushgrove

  94. Configuration with static data won’t be enough Gareth Rushgrove

  95. Learn to programme. This time we mean it Gareth Rushgrove

    If you want this future we need to build it. Probably with static types and safer programming languages
  96. Revolution not evolution Gareth Rushgrove 5

  97. The distance between old infrastructure and new will be huge

    Gareth Rushgrove
  98. Moving between the paradigms will be bigger than moving between

    Linux and Windows today Gareth Rushgrove
  99. Not about tools. About models of interaction and the skills

    required to operate Gareth Rushgrove
  100. We either fix our tech, or the security challenge will

    result in laws and policy that try and fix it for us Gareth Rushgrove I remember when it was legal to run software I wrote myself without cyber insurance. Ah, happy days.
  101. Gareth Rushgrove Remember. Blade Runner is a movie about the

    Government running around fixing bugs in software
  102. Conclusions If all you remember from this talk is…

  103. We still have fundamental problems that date back 40 years

    Gareth Rushgrove
  104. We can build better infrastructure Gareth Rushgrove

  105. Doing so might mean going down different evolutionary paths Gareth

    Rushgrove
  106. We know many of the patterns we want, but we’re

    mainly working backwards Gareth Rushgrove Stripping down our current operating systems isn’t sufficient
  107. This means throwing away things we care about Gareth Rushgrove

    What would you say if I said we don’t need Linux for the general case
  108. Collaborate on hard problems, rather than marvelling about how easy

    it is to build your own Docker PaaS Gareth Rushgrove
  109. Questions? And thanks for listening