• boblin@infosec.pub
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    My point is Kubernetes is a hack (a useful hack!) to synchronize multiple separate, different systems in certain ways. It cannot provide anything close to something like a single system image and it can’t bridge the discrete model of computation that Unix assumes.

    Kubernetes is not intended to provide anything like a single system image. It’s a workload orchestration system, not an operating system. Given a compatible interface (a runtime) Kubernetes can in theory distribute workloads to any OS.

    All these features require a lot of code and complexity to maintain (latest info I can find is almost 2 million as of 2018). Ideally, Kubernetes is capable of what you said, in the same way that ideally programs can’t violate Unix filesystem DAC or other user permissions but in practice every line of code is another opportunity for something to go wrong…

    Just because something has more security features doesn’t mean it’s actually secure. Or that it’s maintainable without a company with thousands of engineers and tons of money maintaining for you. Keeping you in a dependent relationship.

    I’m not going to argue that Kubernetes is not complex. But as I stated previously Kubernetes as a bespoke ecosystem is less complex than configuring the same features with decoupled systems. The requirements for an orchestrator and the challenges (technical, security, human, etc) to manage said orchestrator are higher. All else being equal, Kubernetes has implemented this in a very lean way, delegating networking, storage, and runtime to pluggable providers on the left, and delegating non-basic workload aspects to operators on the right. It’s this extensibility that makes it both popular with operators and makes it appear daunting to a layperson. And going back to security, is has provably shown to have a reduced attack surface when managed by a competent operator.

    So? I don’t expect many of these ideas will be adopted in the mainstream under the monopoly-capitalist market system. It’s way more profitable to keep selling support to manage sprawling and complex systems that require armies of software engineers to upkeep. I think if state investment or public research in general becomes relevant again maybe these ideas will be investigated and adopted for their technical merit.

    So you’re… what, dismissing HTTP because it has been adopted by capitalist market systems? Are you going to dismiss the Fediverse for using HTTP? What about widely adopted protocols? DNS, BGP, IPv4/6, etc?

    How about we bring this part of the discussion back to the roots? You said that HTTP and REST as communication protocols seemed strange to you because Unix has other primitives. I pointed out that those primitives do not address many modern client-server communication requirements. You did not refute that, but you said, and I paraphrase “9P did it better”. I refrain from commenting on that because there’s no comparative implementation of complex Internet-based systems in 9P. I did state though that even if 9P is superior, as you claim, it did not win out in the end. There’s plenty of precedents for this: Betamax-VHS, git-mercurial, etc.

    “Highly available” is carrying a lot of weight there lol. If we can move some of these qualities into a filesystem layer (which is a userspace application on some systems) and get these benefits for free for all data, why shouldn’t we? The filesystem layer and application layer are not 2 fundamentally separate unrelated parts of a whole.

    (My emphasis) It’s not free though. There’s an overhead for doing this, and you end up doing things in-filesystem that have no business being there.

    It’s not a flawed anecdote or a preconception. They had their own personal experience with a cloud tool and didn’t like it.

    *Ahem*:

    “Nobody really uses Kubernetes for day-to-day work, and it shows.”

    That is not an experience, it’s a provably wrong statement.

    The assumption among certain computer touchers is that you can’t use Kubernetes or “cloud” tools and not come away loving them. So if someone doesn’t like them they must not really understand them!

    That’s a very weird assumption, and it’s the first time I’ve heard it. Can you provide a source? Because in my experience the opposite is the case - there’s no community more critical of Kubernetes’ flaws than their developers/users themselves.

    They probably could’ve said it nicer. It’s still no excuse to dismiss criticism because you didn’t like the tone.

    I dismissed the criticism because it makes an appeal to pathos, not to logos. Like I said, there’s plenty of valid technical criticisms of Kubernetes, and even an argument on the basis of ethics (like you’re making) is more engaging.

    I think Kubernetes has its uses, for now. But it’s still a fundamentally limited and harmful (because of its monopolistic maintainers/creators) way to do a kind of distributed computing. I don’t think anyone is coming for you to take your Kubernetes though…

    No my Kubernetes. I use it because it’s academically interesting, and because it does the tasks it is meant to do better than most alternatives. But if CNCF were to implode today and Kubernetes became no longer practical to use then I would just pivot to another system.

    I’m not going to argue whether it’s a harmful way of doing distributed computing based on their maintainers/pedrigee. That’s a longer philosophical discussion than I suspect neither you or I have time for.