RE: Future development of Jail (was Re: corporate backers of freebsd)

[Ted Mittelstaedt]

> -Original Message-
> From: Andy Dills [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 02, 2008 9:29 AM
> To: Ted Mittelstaedt
> Cc: freebsd-questions@freebsd.org
> Subject: RE: Future development of Jail (was Re: corporate backers of
> freebsd)
>
>
> On Wed, 2 Jan 2008, Ted Mittelstaedt wrote:
>
> > I don't.  In the entire history of computers every time there has
> > been a horsepower increase, the "normal" software that people run
> > on the system has bloated to consume all available additional
> horsepower.
>
> Really?
>
> So how has the amount of horsepower required to handle centralized radius
> authentication, or provide DNS resolution, or static web service grown
> over the years?
>

Good question and one that I'd suggest you as Microsoft.  You have
apparently never run the Microsot authentication server.

> I'm not talking about the "normal" software that people run on a system.

So am I.

> I've watched for a decade as the load generated by certain services has
> stayed flat, however for security considerations they should not be
> combined onto the same operating envrionment.
>
> Are you trying to tell me that your shell server's utilization has just
> continued to grow over the years, that you've had to continuously upgrade
> the hardware to keep up with the demands of pine, tin, emacs, mutt, vim,
> irc, eggdrop, ezbounce, or whatever your customers are running? Please.
>

I have watched as over the years the number of shell customers has
continued to drop.  Today I think we have no more than 5 left.  And
not for the lack of current versions of those utilities being
available on the shell server.

> > What you are doing is akin to saying that since the modern
> > CPU can virtualize hundreds of 1MB 8086 real-mode "sessions"
> > that we ought to be able to run hundreds of instances of
> > WordPerfect for DOS on a typical modern PC.  Well guess what - WE
> > COULD!  If someone wrote the software to do it, of course.
>
> I'm talking about professionally hosted services, you're talking about
> WordPerfect. Amateur hour starts at 5PM, the signups are over there.
>

No, YOUR talking WordPerfect.  When was the last time you saw a
Linux user running a NON-graphical program?  Programs like
pine and tin are not what the VAST MAJORITY of UNIX users are running.
They are running Gnome programs or Aqua programs on MacOS X.

This in no way should be construed as a comment that programs like
Pine are no good.  On the contrary.  I like it a lot.  But, my life
would be a lot easier if our customers were all running it instead
of the bloatware that they run that does the same job, and that
gets bigger, slower and fatter every new version that comes out.

> > In the future I predict that ordinary standard desktop software is
> > going to require:
> >
> > "numerous processors with numerous cores and several gigs of memory,
> > fast busses and standard multiple gige ports, inexpensive solid state
> > disks"
> >
> > as a MINIMUM system configuration, and people will think NOTHING of
> > it.
> >
> > Code always bloats to fill all available machine power.
>
> Desktop software? Shouldn't you be posting on a linux mailing list?
>

You are talking about running multiple sessions being inevitable.
If your going to restrict this to ONLY server programs - why then you
have your answer as to why jail is a dead-end.  Incidentally, that
is NOT what most people are doing with multiple sessions.  Do you
even know?

The biggest market for multisession software today is Microsoft
Terminal Server.  They aren't running multiple sessions of server
programs on it.  They are running multiple sessions of DESKTOP
SOFTWARE on it.

What use is a program like jail if it can't be used to centralize
user computing to a big powerful system like your talking?  The
ordinary administrators big headaches today AREN'T the server
software.  They are the USER software.  UNIX has had X-Windows
for years that allow you to do this.  Windows now has it with
MS Terminal Server.  That's what is hot in multisession computing
these days.  Not 20 year old character mode programs.

> > > We seem to be very close to having the ability to completely
> > > segregate the
> > > control-plane from the data-plane (using router terminology).
> >
> > We had that ability with commodity cheap desktop hardware a decade
> > ago.  But, nobody wrote software to take advantage of the commodity
> > cheap desktop hardware to do this back then, for the same reasons
> > that the jail developer lost interest today.
>
> Actually, somebody was paying the jail developer, and then

Re: Future development of Jail (was Re: corporate backers of freebsd)

[Karl Triebes]

On Jan 2, 2008 9:28 AM, Andy Dills <[EMAIL PROTECTED]> wrote:
> If you really think what I'm suggesting is that bad of an idea, help me
> understand why the CTO of F5 immediately posted asking for a quote on
> developing this feature?

Just for the record, I'm not the same person as the CTO of F5. I had
someone ask this questions the other day as well. I'm happy as I am.

I hope this doesn't dilute any arguments being put forth.

Cheers,

Karl.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Future development of Jail (was Re: corporate backers of freebsd)

[Andy Dills]

On Wed, 2 Jan 2008, Ted Mittelstaedt wrote:

> I don't.  In the entire history of computers every time there has
> been a horsepower increase, the "normal" software that people run
> on the system has bloated to consume all available additional horsepower.

Really? 

So how has the amount of horsepower required to handle centralized radius 
authentication, or provide DNS resolution, or static web service grown 
over the years?

I'm not talking about the "normal" software that people run on a system. 
I've watched for a decade as the load generated by certain services has 
stayed flat, however for security considerations they should not be 
combined onto the same operating envrionment.

Are you trying to tell me that your shell server's utilization has just 
continued to grow over the years, that you've had to continuously upgrade 
the hardware to keep up with the demands of pine, tin, emacs, mutt, vim, 
irc, eggdrop, ezbounce, or whatever your customers are running? Please.

> What you are doing is akin to saying that since the modern
> CPU can virtualize hundreds of 1MB 8086 real-mode "sessions"
> that we ought to be able to run hundreds of instances of
> WordPerfect for DOS on a typical modern PC.  Well guess what - WE
> COULD!  If someone wrote the software to do it, of course.

I'm talking about professionally hosted services, you're talking about 
WordPerfect. Amateur hour starts at 5PM, the signups are over there.

> In the future I predict that ordinary standard desktop software is
> going to require:
> 
> "numerous processors with numerous cores and several gigs of memory,
> fast busses and standard multiple gige ports, inexpensive solid state
> disks"
> 
> as a MINIMUM system configuration, and people will think NOTHING of
> it.
> 
> Code always bloats to fill all available machine power.

Desktop software? Shouldn't you be posting on a linux mailing list? 

> > We seem to be very close to having the ability to completely
> > segregate the
> > control-plane from the data-plane (using router terminology).
> 
> We had that ability with commodity cheap desktop hardware a decade
> ago.  But, nobody wrote software to take advantage of the commodity
> cheap desktop hardware to do this back then, for the same reasons
> that the jail developer lost interest today.

Actually, somebody was paying the jail developer, and then wasn't. More to 
the point, no, we didn't have the ability a decade ago to seperate CP from 
DP. A decade ago we were dealing with silly things like the maximum size 
of a partition, how to handle USB, how to scale to multiple processors, 
how to acheive line rate on gige, etc.

> > This is such
> > a huge improvement over the status quo that I'm a little bit sad and
> > confused why it seems to be such a low priority with the developers. But
> > they have their hands full and nobody seems to be driven to steer that
> > particular ship.
> >
> 
> In short, and don't take it wrongly, your a young pup.  You have not
> had the experience with the computer business that someone older
> and more jaded has.  Once you have another 20 years under your belt
> and you start seeing that it's the same old, same old, you will
> understand why this is a pipe dream.

In short, don't take it wrongly, but you're an arrogant has-been. If you 
were as wise as you claim, you would be more quick to consider one of the 
more interesting trends in professional computing: 

Legacy systems in a corporate envrionment that don't need to be upgraded 
whatsoever, but are running on failing hardware with no possible 
replacements, running on top of an ancient operating system. 

What are the smart technologists doing to resolve this? They're moving 
these services to a virtual environment running on top of some other 
platform. 

> The day will never come that a corporation can go to Kmart and buy
> a $299 PC and use it as a server to run their entire 1000 person
> operation.  Yet, a $299 commodity PC that you buy from Kmart today,
> has about 100 times more power than a mainframe that this same
> corporation was using 2 decades ago to run their entire 1000 person
> operation.  Using your logic, the sensible thing would be to take
> that 20 year old software and run it on the $299 PC today.  Yet,
> nobody's doing this.  Think for a while about why this is and you
> might begin to understand what is really going on.

It's clear from your post that you have no idea what I'm talking about.


If you really think what I'm suggesting is that bad of an idea, help me 
understand why the CTO of F5 immediately posted asking for a quote on 
developing this feature?

Andy

---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Future development of Jail (was Re: corporate backers of freebsd)

[Ted Mittelstaedt]

> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Andy Dills
> Sent: Monday, December 31, 2007 5:52 PM
> To: Colin Percival
> Cc: Pollywog; Giorgos Keramidas; freebsd-questions@freebsd.org
> Subject: Future development of Jail (was Re: corporate backers of
> freebsd)
>
>
> Over the next 2-3 years, as cheap commodity hardware continues to explode
> with numerous processors with numerous cores and several gigs of memory,
> fast busses and standard multiple gige ports, inexpensive solid state
> disks...down the road I think it will become best common practice
> to setup
> any service on a virtual server, if for no other reason than to abstract
> the operating environment from the hardware to enable greater levels of
> redundancy and to better leverage the unused horsepower of these boxes in
> such a way that doesn't increase exposure and vulnerability.
>

I don't.  In the entire history of computers every time there has
been a horsepower increase, the "normal" software that people run
on the system has bloated to consume all available additional horsepower.

What you are doing is akin to saying that since the modern
CPU can virtualize hundreds of 1MB 8086 real-mode "sessions"
that we ought to be able to run hundreds of instances of
WordPerfect for DOS on a typical modern PC.  Well guess what - WE
COULD!  If someone wrote the software to do it, of course.

In the future I predict that ordinary standard desktop software is
going to require:

"numerous processors with numerous cores and several gigs of memory,
fast busses and standard multiple gige ports, inexpensive solid state
disks"

as a MINIMUM system configuration, and people will think NOTHING of
it.

Code always bloats to fill all available machine power.

> We seem to be very close to having the ability to completely
> segregate the
> control-plane from the data-plane (using router terminology).

We had that ability with commodity cheap desktop hardware a decade
ago.  But, nobody wrote software to take advantage of the commodity
cheap desktop hardware to do this back then, for the same reasons
that the jail developer lost interest today.

> This is such
> a huge improvement over the status quo that I'm a little bit sad and
> confused why it seems to be such a low priority with the developers. But
> they have their hands full and nobody seems to be driven to steer that
> particular ship.
>

In short, and don't take it wrongly, your a young pup.  You have not
had the experience with the computer business that someone older
and more jaded has.  Once you have another 20 years under your belt
and you start seeing that it's the same old, same old, you will
understand why this is a pipe dream.

The day will never come that a corporation can go to Kmart and buy
a $299 PC and use it as a server to run their entire 1000 person
operation.  Yet, a $299 commodity PC that you buy from Kmart today,
has about 100 times more power than a mainframe that this same
corporation was using 2 decades ago to run their entire 1000 person
operation.  Using your logic, the sensible thing would be to take
that 20 year old software and run it on the $299 PC today.  Yet,
nobody's doing this.  Think for a while about why this is and you
might begin to understand what is really going on.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"