Internet Infrastructure for Everyone

just_another_sean sends in a story at Wired about a group of engineers trying to build a new server operating system that will make it easier to deploy a multitude of technologies for people and companies that aren't tech giants. "The project is based on Google’s ChromeOS, the new-age laptop operating system that automatically updates itself every few weeks, but unlike ChromeOS, it can run more than just your personal machine. It can run every web service you ever visit, no matter how big. And it will let the companies that run those services evolve their online operations much more quickly — and cheaply — than they can with traditional server software. 'We’ve borrowed a lot of concepts from the browser world,' Polvi explains, 'and applied them to servers.' You can think of CoreOS as a new substrate for the internet. Web giants such as Google and Amazon and big Wall Street financial outfits, including the NASDAQ stock exchange, have built similar server operating systems for their own use, but with CoreOS — an open source software project — Polvi’s startup is creating something anyone can use. 'We’re building Google’s infrastructure for everyone else,' he says. In doing so, Polvi and his team hope this OS can more rapidly fill the security holes that plague our computer servers, while speeding the evolution of the software applications that run atop them."

Sounds like a bunch of bullshit to me

[Anonymous Coward]

Can anyone decipher exactly what it is he's promising? Another layer in the OSI model that tries to reinvent the Java wheel and run everything natively?

Re:Sounds like a bunch of bullshit to me

[ackthpt]

Sounds something like Usenet back in the 80's, before Spam, interwebs, virii and advertising made a train wreck of it all.

let's call it web 3.0

Re:Sounds like a bunch of bullshit to me

[asmkm22]

It almost sounds like their trying to tie server services into the cloud... probably not actual data storage, but the services and functions themselves. Kind of like how if you go install chrome on a new computer, it can port over all of your settings and stuff, or how if you setup a new android device it will automatically load up your apps and contacts, etc.. In this case, I think the idea is to make it so that the hardware is less important, and easier to replace without having to go through the normal motions of reloading from backups or doing some kind of barebones restore. Instead, you just swap out or install whatever new hardware you need to, and "long in" (or whatever the process may be) to get your new server node online and sync'd with the rest of your network without much hassle.

There's a lot of blanks that need to be filled here, like actual data store. I imagine that would still be done in-house with central storage. The basic idea, as I understand it, is actually really cool.

Re:

[asmkm22]

Also, for clarification, when I meant tie it to the cloud, I'm talking about the ability for the OS to be kept updated and maintained in the same way as, say, Google Chrome does. Not by simply hosting a bunch of services in some kind of cloud farm. The servers and all the services would probably be installed and maintained on site.

Re:

[ceoyoyo]

Sure, because it's not like you can keep an OS automatically updated now.

Partitioned apps + automagic updates.

[Valdrax]

With CoreOS, the idea is to build an OS that you can instantly replace whenever you like, without breaking the software applications that run on it.

Google has long done this sort of thing on desktops and laptops. The search giant built its web browser, Chrome, so that it can automatically update the thing whenever it likes, and it eventually extended this arrangement to ChromeOS, which revolves around the Chrome browser. If you own a Chromebook, you get a new operating system every six weeks or so â" and all you have to do is reboot your machine.
[...]
Part of the trick is that Polviâ(TM)s team has pared a server operating system down to the bare minimum. The thing doesnâ(TM)t include all the bells and whistles youâ(TM)ll find in other server OSes, including most versions of Linux, and it cleanly separates the OS from the applications that run atop it.

With CoreOS, all applications sit inside âoecontainersâ â" little bubbles of software code that include everything an application needs to run. These containers then latch onto the main OS through the simplest of interfaces. That means you can easily move applications from OS to OS and from machine to machine â" much as you move shipping containers from boat to boat and train to train â" but it also means you can easily update the OS without disturbing the applications. âoeThe way weâ(TM)re able to consistently update the OS â" and be nimble â" is to make sure we have a consistent way of running applications,â Polvi says.

That's what's being promised. Sounds ambitious.

Re:

[cusco]

all applications sit inside "containers" - little bubbles of software code that include everything an application needs to run.

So they're going back to the way that apps ran under DOS. I always thought that made sense, and since there isn't really a need to save disk space, CPU or memory any more (at least not like there used to be).

Re:

[TCM]

So in other words, they discovered gcc -static and just ship giant binary blobs? Yawn.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[TCM]

Hipster shit.

In other news: botnet sizes at all-time high.

*yawn*

[nurb432]

Sounds like little VMs on a bare bones OS to me. Nothing new here and yet another rehash.

Re:

[Traze]

Well, IMO, this a step further. The OS has little Virtual Apps, not a hyper visor with little OSes. If they can get state for any VA to another machine with minimal overhead, and OS version offset doesn't matter, I can see some potential here.

Re:

[nurb432]

I was thinking in terms of jails, not VMs in the traditional sense. My fault for not being clear.

Re:

[Pichu0102]

Do you mean having applications run into their own little sandboxes that can be effortlessly moved to any other system running this, as opposed to having to move an entire VM to a new server?

Re:

[Traze]

Do you mean having applications run into their own little sandboxes that can be effortlessly moved to any other system running this, as opposed to having to move an entire VM to a new server?

Indeed.

Re: *yawn*

[cripkd]

Yes, that's what out sounds like. This must be one of the most confusing summaries ever. This is not about Chrome, or something being ported to the browser. That part about the web services being available for everyone basically exploded everything to nonsense.

Re:

[K. S. Kyosuke]

It feels like a finer granularization of the existing mainstream ideas. Continue further along that axis, pass through Microkernel Junction and you eventually arrive at Smalltalk Central Station - a bunch of small stateful objects communicating by passing messages.

Mac OSX server

[goombah99]

Uh, isn't this exactly what the GUI tool set for mac OSX server is for? I't s avery powerful suite of tools that lets you manage a suite of macs and the server services that connect them. It strikes a mid point between doing everything possible that your could do from a command line script, and being very easy to use. It's no walk in the park since you need to be fairly savvy about the services you want to provide. It just rolls up the confusing aspects of configuring and corralling all of them into a c

It can do everything

[Russ1642]

Where have I heard this line before? Oh yeah, from con artist salesmen.

Re:

[Jane Q. Public]

"It can do everything"

Except that it's based on Google Chrome... so it DOESN'T do everything that Linux does, and everything it DOES do is reported when it phones home.

Thanks, but the NSA isn't much worse. I'll stick with Linux.

Re:

[Jane Q. Public]

"Troll"? Really?

Give me a break, folks. I wasn't trolling, that is my honest opinion.

Re:

[Anonymous Coward]

You bashed Google, everybody knows that Google gives stuff away for free and wants nothing in return, also they do no evil. Seriously if you point out that they are the world's biggest miners and on-sellers of your personal data you will get down-modded as a troll or flamebait because there are some people here who dont want those facts mentioned.

Brilliant!

[Anonymous Coward]

Let's turn our core infrastructure into shitty, worthless JavaScript crapps that run in a web browser! Now if you're doing any maintenance on the server, one wrong keystroke or closed tab will kill your DNS, mail, LDAP, etc...

Re:

[Russ1642]

If you're worried about getting old maybe you should look into the Cryonics Institute for a chance at immortality.

Troll "story"

[oldhack]

See subject.

Needs IPV6

[bitflusher]

If you want all devices to run everything you need IPV6. ISPs are lagging badly. Even though it is not the hardest thing in the world. France and Asia are switching. My ISP is running a pre-pilot for over 2 years, it runs fine. They are still not roling it out for the rest of the users (probably corp funding that is lacking).

Re:

[Lumpy]

IPV6 is not needed. Not at all in any way. I dont need to connect my watch to my toaster back home vial the internet. I do want to connect to it when I am home so NAT (ZOMG EVIL NAT!!! ZOMG!) works just fine and will work just fine for the next 30 years.

What is needed is ISP's to deliver REAL bandwidth to the home and not the low grade dog food they deliver today.

Re:

[bitflusher]

NAT is a band aid. It works mostly. However you can have the carrier grade NAT I have on my cell Phone any day! it is the future for the next 30 years. It is a band aid over a band aid and we will all have it. I really hope the NAT stuff is here to stay for backwards compatibility but also really hope for the already available real solution to become widespread in the next 3 to 5 years, not 30.

Re:

[Lumpy]

I was a part of the internet when it started and was the wild wild west. Everyone had nearly unlimited ip addresses and NOBODY used them for several reasons.

First nobody put everything on the internet. It's just Dumb to put workstations on the internet... Sally in accounting does not need a public IP and all it does is make her computer easier to target and attack. Hiding behind that router on a separate private network is far more secure. Plus it is easier to defend a single point of entry than it is

Re:

[mars-nl]

I was a part of the internet when it started and was the wild wild west. Everyone had nearly unlimited ip addresses and NOBODY used them for several reasons. First nobody put everything on the internet.

That was then. Now is now. The billion people on Facebook, Twitter, Flickr don't put anything online? Sure, it's all crap, but it sure is not nothing.

It's just Dumb to put workstations on the internet... Sally in accounting does not need a public IP and all it does is make her computer easier to target and attack. Hiding behind that router on a separate private network is far more secure. Plus it is easier to defend a single point of entry than it is to defend a 255.255.0.0 address space from the world.

Bullshit. If in IPv4 your internal network would be 192.168.10.0/24, you can define an IPv6 range for that as well, e.g. 2001:db8:1234:10::/72. And then you put in your firewall:

2001:db8:1234:10::/72 Inbound: DENY ALL

Done. Hard? No. Harder than IPv4? No. Easier? Yes. Sally needs direct connection to Tom in the other branch (for file transfer, video conference,

Re:

[nmr_andrew]

Good luck telling your IPv4 CGN ISP you need a port forwarded.

Just curious - why would you think that the ISP that's unwilling to port forward an IP4 address will be any more willing to forward an IP6 address?/p?

Re:

[nmr_andrew]

Fair enough, I was thinking port forwarding more in the firewall sense than the NAT sense.

Re:

[mars-nl]

Why would my ISP need to firewall my connection? I pay them for access and routing. Not for firewalling and especially not for unfirewalling. They could offer firewalling as an opt-in service (as my ISP does). This is meant for dummy users who tend to be open mail relays without their knowledge etc.

Re:

[TCM]

Another one confusing NAT and packet filters.

Plus it is easier to defend a single point of entry than it is to defend a 255.255.0.0 address space from the world.

What the hell does address space size have to do with how easy it is to "defend from the world"? Do you patch a cable for each individual IP address to your border?

NAT+filter or just filter, which one is simpler? All security comes from the filter, not from NAT. OTOH, all problems come from NAT, not the filter. The question is not whether you have a

Re:

[Qzukk]

Yeah, it's not like companies are going to let us host our own games anymore, not when they can charge us monthly to do it for us.

If you deploy without understanding, you will fail

[gweihir]

There is no way around understanding what you are doing. If you want to have services without that expertise, rent them from a managed service provider. Chances are good they will not mess up as badly as you are certain to do.

Re:

[gweihir]

Possibly. Would make sense.

Already have it....

[Lumpy]

It's called Linux and BSD....

It runs on the worstations, laptops, tablets, servers and even network gear.... no other OS can say that.

Re:

[simonbp]

Yes, as even the summary says, it's based on ChromeOS, which is in turn based on Gentoo Linux. But there is typically more software on a server than a kernel.

The better question is whether they are just making a custom Gentoo Portage repository...

Re:

[exomondo]

It's called Linux and BSD....

CoreOS's kernel is Linux.

ChromeOS on a server

[Shadowhawk]

Not sure how an OS tuned to run on under-powered laptops would be a good choice to use as a server OS. What's the thinking there? Server OS should be stable, whereas if a laptop crashes, "turn it off and back on". It's just a totally different focus, IMHO.

Re:

[Animats]

Not sure how an OS tuned to run on under-powered laptops would be a good choice to use as a server OS.

Me either. Chrome "OS" is mostly a user interface on top of Linux. A server doesn't need a user interface.

If anything, there's an argument for a much simpler server OS than Linux. Something that's more like a virtual machine manager with remote facilities for loading, starting, and monitoring client image. The client images need a minimal OS that's more like a run-time library - no file systems, no drivers, no GUI.

The project home page has better info than TFA

[Morden']

Unlike the article, http://coreos.com/ [coreos.com] front page actually summarizes what they are doing. Stripped down Linux kernel only OS that runs your apps in 'containers'.