|
|
Subscribe / Log in / New account

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

[Posted February 10, 2018 by jake]

In ACMQueue magazine, Bridget Kromhout writes about containers and why they are not the solution to every problem. The article is subtitled: "Complex socio-technical systems are hard; film at 11." "Don't get me wrong—containers are delightful! But let's be real: we're unlikely to solve the vast majority of problems in a given organization via the judicious application of kernel features. If you have contention between your ops team and your dev team(s)—and maybe they're all facing off with some ill-considered DevOps silo inexplicably stuck between them—then cgroups and namespaces won't have a prayer of solving that. Development teams love the idea of shipping their dependencies bundled with their apps, imagining limitless portability. Someone in security is weeping for the unpatched CVEs, but feature velocity is so desirable that security's pleas go unheard. Platform operators are happy (well, less surly) knowing they can upgrade the underlying infrastructure without affecting the dependencies for any applications, until they realize the heavyweight app containers shipping a full operating system aren't being maintained at all."
to post comments

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 10, 2018 10:38 UTC (Sat) by amacater (subscriber, #790) [Link] (8 responses)

It's like looking in a slightly distorting mirror in the fairground hall of mirrors - there's too much here that's familiar to be disturbing any more :)

comparison figures?

Posted Feb 10, 2018 18:30 UTC (Sat) by Herve5 (subscriber, #115399) [Link] (7 responses)

I can't help relating with a recent comment on snap packages baselined on the future Ubuntu LTS :
https://news.slashdot.org/comments.pl?sid=11726523&ci...

comparison figures?

Posted Feb 10, 2018 22:36 UTC (Sat) by stumbles (guest, #8796) [Link]

I'da thought that to be obvious to everyone. Good link though.

comparison figures?

Posted Feb 11, 2018 18:55 UTC (Sun) by popey (guest, #53979) [Link] (5 responses)

The comment is a little misleading because they're looking inside a compressed squashfs file. I left a comment on /. but I doubt anyone will see it among the noise:-

"Disclaimer, I work for Canonical and worked with the VLC devs on the snap.

The snap of VLC is nearer 190MB, not 700MB for data-transfer and on-disk size comparisons. All snaps are loop-mounted squashfs files. What you are "du"ing is the mounted read-only files. The actual snap file is in `/var/lib/snapd/snaps/` and on my system is 189MB. The snap contains not only VLC but a bunch of libraries of course. However the bulk of the space (300MB uncompressed) is taken up by VLC plugins which make the snap a great out of the box experience of many users, whatever their use case.

Sure we need to optimise startup time, and that work is ongoing. We could certainly trim the snap down a bit, and I will be looking at that when I'm back from vacation."

comparison figures?

Posted Feb 12, 2018 10:01 UTC (Mon) by pr1268 (guest, #24648) [Link] (3 responses)

While I do admire your willingness to speak of this (on /. of all places), and also your work at "trim[ming] the snap down a bit", 300 MB is still 1.6 orders of magnitude larger than 4.7 MB.

It all boils down to a trade-off between storage space vs. a "great out of the box experience". I wonder how much more important that becomes when people start amassing Snaps for every application on their system ("Yikes—I don't have any disk space left, but everything works!")

comparison figures?

Posted Feb 12, 2018 10:55 UTC (Mon) by ballombe (subscriber, #9523) [Link] (2 responses)

I a not a fan of containers, but saying that vlc is 4.7 MB is misleading.
I suggest you do:
apt-get remove vlc
apt-get autoremove
apt-get install vlc
On my (not typical) laptop I get:
After this operation, 92.6 MB of additional disk space will be used

Now, of course, if you have already installed other media player, then
you will get a smaller number.
For exampe if I install mplayer first I get:

After this operation, 66.5 MB of additional disk space will be used.

but you are unlikely to get 4.7MB

Now the container story:
A: Maintaining the OS is a pain
B: I have a awesome idea: let replace it by one hundred OS!

comparison figures?

Posted Feb 12, 2018 15:08 UTC (Mon) by niner (subscriber, #26151) [Link] (1 responses)

nine@sunshine:~> sudo zypper rm --clean-deps vlc-noX
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following application is going to be REMOVED:
"VLC Media player"

The following 7 packages are going to be REMOVED:
phonon-backend-vlc vlc vlc-codec-gstreamer vlc-codecs vlc-lang vlc-noX vlc-qt

7 packages to remove.
After the operation, 47.6 MiB will be freed.
Continue? [y/n/...? shows all options] (y): y
(1/7) Removing phonon-backend-vlc-0.8.2-5.2.x86_64 .................................................................................................................................................................................[done]
(2/7) Removing vlc-codec-gstreamer-2.2.6-8.3.x86_64 ................................................................................................................................................................................[done]
(3/7) Removing vlc-codecs-2.2.6-8.3.x86_64 .........................................................................................................................................................................................[done]
(4/7) Removing vlc-lang-2.2.6-8.3.noarch ...........................................................................................................................................................................................[done]
(5/7) Removing vlc-2.2.6-8.4.x86_64 ................................................................................................................................................................................................[done]
(6/7) Removing vlc-qt-2.2.6-8.4.x86_64 .............................................................................................................................................................................................[done]
(7/7) Removing vlc-noX-2.2.6-8.4.x86_64 ............................................................................................................................................................................................[done]
nine@sunshine:~> sudo zypper in vlc-noX
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following 2 NEW packages are going to be installed:
vlc-codec-gstreamer vlc-noX

2 new packages to install.
Overall download size: 3.4 MiB. Already cached: 0 B. After the operation, additional 11.5 MiB will be used.

comparison figures?

Posted Feb 12, 2018 20:06 UTC (Mon) by ballombe (subscriber, #9523) [Link]

vlc-noX has much less dependency than vlc. You have freed at least 36MB in your test.

comparison figures?

Posted Feb 12, 2018 16:36 UTC (Mon) by Otus (subscriber, #67685) [Link]

> What you are "du"ing is the mounted read-only files.

How does the memory use comparison look like, in that case?

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 10, 2018 22:09 UTC (Sat) by flewellyn (subscriber, #5047) [Link] (3 responses)

Social problems cannot be solved with technical solutions.

Whether it's containers, version control systems, voting systems, or cryptocurrencies, this is a lesson people apparently need to learn repeatedly.

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 11, 2018 10:41 UTC (Sun) by HelloWorld (guest, #56129) [Link] (2 responses)

Good tools are necessary to change the culture. How can you expect people to change their behaviour if you don't give them a superior alternative? Why do you think people e. g. use branches today? Because git made that easy and with CVS it was a major pain.

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 11, 2018 14:37 UTC (Sun) by Paf (subscriber, #91811) [Link] (1 responses)

Sure, but that sure seems like a technical solution to social issues (if you can even call them that) created by a specific technical context.

I don’t think the blanket statement that technical changes can’t fix social problems is quite fair, though. I think they can sometimes make certain social issues obsolete by removing the context in which they existed, perhaps?

Imagine fighting over water rights resolved by a new desalinization plant and reliable water use regulation. Ok, so that’s flawed. But there’s something there.

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 11, 2018 21:08 UTC (Sun) by Wol (subscriber, #4433) [Link]

Computerising a messed-up manual setup is still a mess ...

You need to fix what's socially wrong (or at least identify what needs fixing) before you do anything with it. Linus wrote git because he felt the existing solutions were broken, and he designed the tools to fix it. I loved WordPerfect (still do) and feel that when MS pushed Word onto everyone, because the tool was broken it broke everything else...

Technical change can fix social problems in exactly the same way it can create them. If you identify the problem, and design the tool to fix it, then it all works great. The problem is, all too often, technology is pushed where it doesn't belong and creates the problem, or everybody thinks the technology is a silver bullet, nobody spends any effort to actually identify what's wrong with the old system, and the new technology locks the old problems in place.

Cheers,
Wol

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 11, 2018 20:34 UTC (Sun) by frostsnow (subscriber, #114957) [Link] (2 responses)

>Forbidden

>You don't have permission to access /detail.cfm on this server.

Uhh...

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 11, 2018 20:56 UTC (Sun) by flussence (guest, #85566) [Link] (1 responses)

The server doesn't like browsers that don't send a User-Agent header. I didn't think anyone still used the identd security model in this century…

Containers Will Not Fix Your Broken Culture (and Other Hard Truths) (ACMQueue)

Posted Feb 12, 2018 20:33 UTC (Mon) by frostsnow (subscriber, #114957) [Link]

I'd hope that the ACM knew better than security via obscurity. Also, to be pedantic, my UserAgent isn't empty, but it certainly isn't suitable for posting in polite company ;)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds