[Beowulf] Gentoo in the HPC environment

rf at q-leap.de rf at q-leap.de
Mon Jun 30 09:42:48 PDT 2014


>>>>> "Joe" == Joe Landman <landman at scalableinformatics.com> writes:

    Joe> On 06/30/2014 11:27 AM, Prentice Bisbal wrote:
    >> I second Gavin.
    >>
    Prentice> A lot of people have been mentioning LXC and Docker ans
    Prentice> cures to this problem, and to paraphrase The Princess
    Prentice> Bride, you keep using those words I don't think they mean
    Prentice> what you think they mean. Docker and LXC are great for
    Prentice> isolating running services: apache, DNS, etc. For the most
    Prentice> part, we are stalking about user-space libraries and
    Prentice> programs. I don't see how Docker and LXC could be used or
    Prentice> provide any benefit in this context.

    Joe> We can create a completely repeatable portable mechanism to
    Joe> distribute applications with full dependency chains as part of
    Joe> the distribution, across machines of any linux distro type,
    Joe> without impact core packages (which in the case of specific
    Joe> distros are often non-functional for anything but legacy system
    Joe> work) ... and you don't see the benefit to this?

    Joe> Seriously?

    Joe> Quick show of hands: Anyone running an HPC system, ever run
    Joe> into, say, a dependency hell/nightmare due to a package
    Joe> requirement?

I think your overemphasizing the upside of this approach. Sure, if you
have 2-3 apps like this, it's still feasible to manage. If it becomes a
lot more than that (and in a larger compute center it would), you
essentially have to manage Docker instances like OS installations (minus
kernel). Do you really want to do that for more than a couple of them?

You might say: Well the software vendors are going to supply and manage
the Docker instances. Will you trust them? I'd say: Welcome to the Android app
world, trojans, backdoors, other security holes. And I'm not really
convinced the container isolation is always going to protect us from this.
I believe nobody wants this in their data center.

Don't get me wrong. I also find the Docker concept appealing at first
sight. But I somehow see a security and/or manageability nightmare wave
coming up upon us with it ...

Roland

-------
http://www.q-leap.com / http://qlustar.com
          --- HPC / Storage / Cloud Linux Cluster OS ---


More information about the Beowulf mailing list