[colug-432] Unix Is The Last Operating System

Scott McCarty scott.mccarty at gmail.com
Wed Jun 24 10:11:25 EDT 2015


I am not sure that I believe, as I have seen in many of the DevOps mailing lists and trendy Hackernews discussions, that the general purpose operating system is really going anywhere. It "may" change, but I highly doubt it goes away completely. To refine that statement, I am highly skeptical that work done goes away (i.e. you always need a place to compile and run your apps). That might be a VM, or even a container, but it will exist, so the work necessary to create it will not go away, but change. Also, in the below description, I am talking about Docker containers in the way they are commonly run (with a full OS user space inside).

There are two "main" pieces to a Unix operating system
1. User space
2. Kernel

Things like CoreOS, and RHEL Atomic have a kernel and a minimal user space. With RHEL Atomic, you use a containerized RHEL7 userspace which was compiled on the EXACT same kernel (sane) to do application delivery. On CoreOS, you supposedly use a containerized user space from whatever OS you want, Ubuntu, CentOS, Debian, Alpine Linux (insane?) to do application delivery.

I think people are very confused about mobility for portability. It is sane and good to have a kernel and user space that are developed together, but convenient to have them unhooked at run time. In my definition, mobility allows you to move the container (user space + app) around, which is mobility. Many people are confounding the two these days and saying that you can move the container from kernel to kernel (and minimal user space) without worries, this would be portability, and I believe it is still a dream. Two weeks ago, I had trouble with the CIS Docker Benchmark [3].

The new methodology is, when you need a program, instead of running "yum -y install", you install a container (ex. RHEL Tools Container [1]). This doesn't mean that the container doesn't have a general purpose OS' user space inside of it, one that matches the kernel (e.g. has been compiled with that exact kernel). It also doesn't mean that the purpose built OS' shouldn't or won't have some sort of user space (preferably matching the container user space RHEL Atomic/RHEL).

Just my two cents...

I haven't finished the blog entry that this email is stemmed by, but it WILL be here when I am done [2].

[1]: https://access.redhat.com/articles/1336853
[2]: http://crunchtools.com/docker-in-production/
[3]: http://crunchtools.com/meeting-cis-benchmark/

BTW, I love containers, virtualization, and operating systems :-) I still think there is a place for all three, I just think things are changing in an interesting way...

Best Regards
Scott M

----- Original Message -----
> From: "Rick Troth" <rmt at casita.net>
> To: "Central OH Linux User Group - 432xx" <colug-432 at colug.net>
> Sent: Tuesday, June 23, 2015 8:30:38 AM
> Subject: Re: [colug-432] Unix Is The Last Operating System
> 
> 
> 
> The following caught my attention too.
> 
> On 06/17/2015 10:24 AM, Stephen Potter wrote:
> 
> 
> With so much of the world now virtualized or (dare I say)
> cloud-based,
> when comes the point that we no longer need generic OSes?  When does
> the
> hypervisor become the OS, and the application start to include
> everything it needs to run on the hypervisor directly?   ...
> See below for bi-level op sys.
> 
> 
> 
> ... With the
> hypervisor handling the abstraction of most of the hardware,
> including
> to a large extent process scheduling and memory management even, the
> guest OS becomes much simpler.  There is no longer a need for the
> guest
> to support features such as page sharing or garbage collection.  It
> doesn't need a robust networking stack with all of the lower level
> protocol support.
> Keep in mind that hypervisors commonly support "para" or "full"
> (lately "both" more and more).
> Para-virtualization is especially helpful for stand-alone apps.
> 
> Gotta talk about the bigger virtualization story.
> The mainframe hypervisor is truly incredible.
> I frequently rattle on about it. There are typically two responses:
> For those who know "z" (and maybe actually *like* it) it's preaching
> to the choir.
> For those who don't know it (maybe don't like it, or at least don't
> like/trust IBM) it's dear-in-the-headlights.
> Bummer.
> 
> KVM is just barely beginning to pick-up some of the features of z/VM,
> things like sharing a chunk of memory across guests.
> 
> There's so much more to be done with hypervisors, but the market is
> passing them.
> Hypervisors are more secure than containers, but convenience trumps
> security.
> Well ... there's also performance.
> 
> Containers outperform hypervisors.
> Para-virt outperforms full-virt. (with less risks than containers)
> I AM NOT slamming containers.
> 
> But ... key point from Stephen's comment:
> Prior to popular contemporary virtualization, IBM's "VM" was a
> bi-level operating system product. The hypervisor served the kernel
> role and two or three reduced guest op sys served the "user space"
> role. The hypervisor could always go full-virt, but these
> specialized guest systems leaned on para-virt so they could focus on
> "user space" requirements. Very nice.
> 
> 
> 
> 
> On 06/17/2015 12:27 PM, Scott Merrill wrote:
> 
> 
> Have you seen CoreOS or Project Atomic? https://coreos.com/
> http://www.projectatomic.io/ Both extend the notion of “Just Enough
> OS” (which you may be familiar with from Ubuntu:
> https://en.wikipedia.org/wiki/Ubuntu_JeOS ).
> There's so much more to be done with hypervisors. (Is there an echo
> in here?)
> Reduced systems (JEOS) is understated in that context. We can get he
> bi-level op sys effect from these critters, and without IBM vendor
> lock-in and without limiting hardware. (KVM runs on X86, mainframe,
> POWER, and now ARM)
> 
> TRULY AWESOME STUFF
> 
> 
> 
> On 06/17/2015 11:37 AM, Judd Montgomery wrote:
> 
> 
> 
> On 06/16/2015 09:46 PM, Rick Troth wrote:
> 
> > As for me, I've been griping lately about two or three trends, >
> > especially in Linux. Would like to think that my whining is more
> > due > to love of simplicity than from loathing "who moved my
> > cheese?". > Me too!  I'm thinking about a project to replace
> > systemd with emacs. Judd
> In a JEOS context and/or a para-virt dependent "guest", replacing
> SystemD with *anything* is justified.
> 
> Few admins realize that they can replace ' init ' on any Linux system
> (really any POSIX system) with their own invention. They *can* and
> sometimes they *should*. (For varying values of "sometimes", you
> understand.)
> 
> Bi-level op sys and JEOS are places where "small is beautiful".
> 
> -- R; <><
> 
> 
> 
> 
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
> 



More information about the colug-432 mailing list