Talk for the London Devops meetup. Lots of speculation, talk of economic impact of technology advancement and big ideas. Hypervisors, containers, unikernels, and other future operating system trends.
The End of the GeneralPurpose Operating SystemPuppet LabsGareth RushgroveAnd other stories of the future
View Slide
@garethr
Gareth Rushgrove
This talk
What server operating systemsare you running?Gareth Rushgrove
Gareth RushgroveI’m guessing most people said:
Gareth RushgroveSomeone will try and be smart and say:
Gareth RushgroveAnd someone will hide the fact they’re running:
The future is already here— it's just not very evenlydistributed.Gareth RushgroveWilliam Gibson
The hypervisor of containersThe race to PID 1Your container operating systemThe rise of the UnikernelsGareth Rushgrove
Some problems
Operating systems are really big,both on disk and in memoryGareth Rushgrove
Operating systems take a longtime to boot, and we’re bootingthem more oftenGareth Rushgrove
Operating systems have a lot ofmoving parts that need managingand securingGareth Rushgrove
Our workloads are increasinglysingle purpose, rather thangeneral purposeGareth Rushgrove
If my web application server istalking to a printer something hasgone horribly wrong*Gareth Rushgrove*Or you work for Moo. Hi nice Moo people.
The hypervisor ofcontainers
Gareth RushgroveXen, ESX and HyperV areType 1 hypervisors
Challengers for thehypervisor of containersGareth Rushgrove
Coming from the operatingsystem upGareth Rushgrove
Gareth RushgroveFrom RedHat, usesRPM-OSTree under thehood
Gareth RushgroveBuilt-in service-discoveryand clustering support
Gareth RushgroveSnappy from Ubuntu,basically replaces apt-getwith docker
Gareth RushgroveDocker running onDocker running as PID 1
Common themesGareth Rushgrove
Cluster nativeRead-only file systemsAtomic changesIntegrated with DockerGareth Rushgrove
Don’t count out…Gareth Rushgrove
Gareth RushgroveVMware are already thehypervisor of virtualmachines
Gareth RushgroveDon’t forget theMicrosoft ecosystem, withDocker support incoming
Gareth RushgroveSubplot - the userinterface to the hypervisorof containers
Coming from the userinterface downGareth Rushgrove
The importance of APIsGareth Rushgrove
Gareth RushgroveThe Kubernetes API isbased on years ofexperience at Google
Gareth RushgroveAnother Google Borginspired project. Aurora isused heavily at Twitter
Gareth RushgroveDon’t count out thePlatform as a Servicefolks just yet
Gareth RushgroveAmazon has launched abeta of AWS ElasticCloud Service
Gareth RushgroveAnd with Swarm, Dockerwant to own this userinterface too
The race to PID 1
Gareth RushgroveMeanwhile, at a differentpart of the stack…
Gareth RushgroveNot the real Systemd logo
Gareth RushgroveSystemD coming from theinit system up
Gareth RushgroveDocker coming from theuser interface down
Gareth RushgroveSystemD already containscontainer functionality(systemd-nspawn)
Gareth RushgroveBoth want to ownsupervision of processes
Gareth RushgroveExpect more overlap, and(separate) ecosystems oftools to emerge
The operatingsystem inside acontainer
What’s wrong with runninga full distro in a container?Gareth Rushgrove
Gareth Rushgrove~ » docker imagesREPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZEgarethr/mirageapp latest e524b7c2faaa 2 weeks ago 2.402 MBswarm latest 92d78d321ff2 2 weeks ago 7.19 MBgarethr/realapp latest 0fc02241d533 5 weeks ago 442.5 MBubuntu latest b39b81afc8ca 6 weeks ago 188.3 MBubuntu trusty b39b81afc8ca 6 weeks ago 188.3 MBjeanblanchard/busybox-java latest 906dc9067a40 5 weeks ago 160.2 MBbusybox latest 4986bf8c1536 8 weeks ago 2.433 MBscratch latest 511136ea3c5a 20 months ago 0 B
A base ubuntu containerhas 184 packagesinstalledGareth Rushgrove
Just a few apt-getcommands will see thatincrease to 302 packagesGareth Rushgrove
That’s a lot of things totrack inside what’s meantto be a black boxGareth Rushgrove
Minimal linux distrosGareth Rushgrove
Gareth RushgroveBusyBox
Scratch imagesGareth Rushgrove
Lots of opportunities herefor interesting toolsGareth Rushgrove
The rise of theunikernels
Gareth RushgroveHypervisors are actuallyawesome
Gareth RushgroveStrong isolationguarantees, oftenenforced in hardware
Gareth RushgroveMature tooling andexperienced people
Gareth RushgroveWhat is a unikernel?
Gareth RushgroveA library to build your ownoperating system
Gareth RushgroveNo userspace
Gareth RushgroveYou application iscompiled into a kernel
Gareth RushgroveOperating systemHypervisorHardwareRuntimeApplicationVirtual machines
Gareth RushgroveOperating systemHypervisorHardwareContainerOperating systemRuntimeApplicationContainers
Gareth RushgroveUnikernelHypervisorHardwareUnikernel
Gareth RushgroveDrastically smallersurface area for attack
Gareth RushgroveVery fast to boot, but withstrong isolationguarantees
Gareth RushgroveWarning: researchprojects ahead
Gareth RushgroveMirageOS
Gareth RushgroveErlang on Xen
Conclusions
Understanding technologychange in the large meansunderstanding theeconomics of softwarecompaniesGareth Rushgrove
Don’t expect all this toreplace what we have now,but to run alongside itGareth Rushgrove
Many small devices and theinternet of thingsGareth Rushgrove
Enterprise App StoresGareth Rushgrove
Evolution and revolutionhappen at the same timeGareth Rushgrove
Times they are a-changinGareth RushgroveBob Dylan
Questions?And thanks for listening
garethr
guchey
kentosuzuki
keio_smilab
yoshiiryo1
linedevth
soracom
lmt_swallow
autifyhq
nrryuya
hiashisan
cheng_wei_chen
tmokmss
chriscoyier
phodgson
akosma
sonatard
malarkey
aleyda
paulrobertlloyd
roundedbygravity
marcduiker
bluesmoon
jnunemaker
morganepeng