- The Future Of The Culture Wars Is Here, And It's Gamergate - "A more important resemblance to the Tea Party, though, is in the way in which it's focused the anger of people who realize the world is changing, and not necessarily to their benefit."
- Close the I.T. delivery gap with and open hybrid cloud architecture - RT @RedHatGov: Whitepaper: Closing the I.T. delivery gap in government with secure, hybrid cloud #govIT
- Build Your Own Multicopter | ArduCopter
- ArduCopter | Multirotor UAV
Wednesday, October 15, 2014
Monday, October 13, 2014
- Instagram - Dusseldorf. Here for CloudOpen.
- Stand By for Weather Map | The Henry Ford Blog
- What Is Gamergate, and Why Is Intel So Afraid of It? | Re/code
- Wanderant travel guide
- Rome2rio: discover how to get anywhere
- The Invention of the Chilean Sea Bass
- Consider the Lobster: 2000s Archive : gourmet.com
- Firebase - Build Realtime Apps
- One Lab’s Quixotic Quest for New Flavors | MIT Technology Review
- The West Wing at 15: Walking, Talking — And Preaching | TIME - "The show embodied the best of Aaron Sorkin’s work and showed signs of its worst excesses. But as with most original voices, you can’t have the one without the other. Nothing walk-and-talked quite like it." Seems pretty fair.
- Gamasutra - 'Gamers' don't have to be your audience. 'Gamers' are over.
Sunday, October 12, 2014
Security continues to top the charts when IT folks are asked what thing most gives them pause about using a cloud—especially a multi-tenant public one. This invites the retort: “Do they think you know how to better secure systems against attackers than Amazon?” Probably not. But “security” in this case often means something quite different than just keeping the bad guys out.
A general observation that isn’t particularly original. Back in 2011, I was writing about how cloud governance was about more than security. More recently, I’ve given many presentations delving into how cloud security was a much broader topic than just security classic.
But the extent to which cloud “security” goes beyond just security classic *most classic concerns still matter as well) was reinforced during a couple of sessions at 451 Research’s Hosting + Cloud Transformation Summit held in Las Vegas last week. And they provided some color about what people mean by that “security” word as well.
In his keynote, Research VP William Fellows reiterated that security—perceived and real—continues to come up regularly in cloud discussions. However, he went on to say that it’s actually jurisdiction which is the number one question. Perhaps not surprising really given the headlines of that the last year but it reinforces that when people voice concerns about security, they are often talking about matters quite different from the traditional Infosec headaches. (Attorney Deborah Salons sat down to do a podcast with me early last year on data governance issues. The link includes a transcript for those who prefer reading.)
Michelle Bailey, VP of Datacenter Initiatives and Digital Infrastructure, fleshed out these security concerns in more detail during her session. The question she was answering was a bit different: “What are the top three things that providers can do about security?” Presumably certain types of security concerns (e.g. malware in a company’s POS systems) aren’t something a provider could be expected to do a lot about. Nonetheless, I expect there’s a high correlation between someone being concerned with some aspect of security and valuing providers who can mitigate that risk.
Data locality comes up here too. This is a hot topic among cloud providers and one of the reasons, besides sheer volume, for their rush to build new data centers. In other words, people want to be able to choose, say, an Amazon region that is sufficiently constrained geographically from the perspective of judicial orders or other authority. It’s about knowing the laws to which they may be subject.
But broadly, I’d characterize the top wants as being fundamentally about visibility and control. Transparency, auditability, verifiable encryption, control over encryption. And indeed pretty much the whole rest of the list is either related characteristics or various standards and documentation to help ensure that cloud providers do the things they promise to do.
Conspicuously lacking is pretty much anything in the vein of physical security or DDOS mitigation or firewall configurations. That’s because, while important, they’re largely viewed as solved problems from the perspective of the cloud provider.
Mind you, given the shared responsibility model that comes into play when you use a cloud provider, you share responsibility for the workloads that you’re running on the cloud provider. You’re still running and patching the operating system running in the cloud. But you know how to do that; you basically do the same thing you do on-premise. (Obligatory plug for Red Hat Enterprise Linux and our Certified Cloud Provider Program here. I should have a new whitepaper out soon.)
For these and other reasons, Michele concluded that “ the end game isn’t public cloud, it’s hybrid cloud. And you can bet on that for the next 5 years.” And that security, among other factors, will lead to hosting providers remaining a "very long tail market” in which messaging, targeting, and matching strengths with customer requirements will continue to offer many opportunities for differentiation.
Sunday, October 05, 2014
Thursday, October 02, 2014
- SproutsIO’s Microfarming Units Can Turn Your Apartment Into a Garden | Xconomy - This looks like gardening I could actually handle
- In the Dark of the Museum by Cathleen Schine | The Gallery | The New York Review of Books - RT @nybooks: Cathleen Schine on “the private secret of every child in New York”: the dioramas at the Museum of Natural History
- Piktochart : Make Information Beautiful - Themes
- Late-Summer Baked Corn | Michael Ruhlman
- The 60-second interview: Sam Sifton, New York Times food editor | Capital New York - RT @JamesPanero: Good journalism never goes stale. Take a bite of the new free Cooking App from @nytdining @SamSifton …
- Matt Buckland on Twitter: "Something to bear in mind when you use a grandiose title on LinkedIn.... http://t.co/HDuRGDh1wC" - RT @ElSatanico: Something to bear in mind when you use a grandiose title on LinkedIn....
- Manual for iPhone
- For Cinephiles, Netflix Is Less and Less an Option | KQED Arts - This is bothersome--although I'd note that at least some of the movies mentioned are available streaming.
- Idevnews | The Four Principles of Successful APIs - RT @AndiMann: Do you know The Four Principles of Successful APIs? @apiacademy via Integration Developer News @CASecurity
- Under The Hood of Cloud Computing: Kubernetes Under The Hood: Etcd - Kubernetes Under The Hood: Etcd by @markllama
- Friends Oral History: Inside the Ratings Juggernaut’s Secret Past | Vanity Fair
- Untitled (http://www.theverge.com/2014/9/22/6827863/apple-iphone-6-plus) - I imagine I'll upgrade to the 6+ but definitely want to hold it in my hand first.
- The Final Segment of the High Line Is Stunningly Refreshing | Vanity Fair
Wednesday, September 24, 2014
Joe runs product management for OpenShift and he brings a great perspective on how these various capabilities dovetail with each other to deliver what's ultimately the most important thing: the developer experience.
Listen to MP3 (0:20:04)
Listen to OGG (0:20:04)
I’m been busy in September but have minimized the travel and even local events, in part to gain some focus time on a number of projects I needed to bang through. With October ‘round the bend though, I’ll be heading into the wild blue yonder again for speaking engagements and other purposes. My current schedule looks like the following. Feel free to reach out if you want to meet, record a podcast, or just have a beer.
- Monktoberfest, October 2nd and 3rd, Portland ME.
- 451 Research Hosting and Cloud Transformation Summit, October 6-8, Las Vegas, NV
- CloudOpen/LinuxCon, October 13-15 Dusseldorf, Germany. I have two sessions. What Manufacturing Teaches us about DevOps and The Cloud in 10,000 Words (or 10 Pictures). The former is a largely new presentation that takes a broad look at the ways in which manufacturing has evolved find parallels (and lessons for) DevOps. It’s a broader take on the process than just relatively recent lean manufacturing approaches and the like (i.e. Deming et al.). The latter is an update to the session that I gave at CloudOpen Chicago in August which looks at some of the important trends around cloud and related technologies (Big Data, IoT).
- CloudExpo, November 4-6, Santa Clara, CA. I’ll be doing a variant of What Manufacturing Teaches us about DevOps. I have passes for the show if you need one.
- Amazon re:Invent, November 11-14, Las Vegas, NV.
- Cloud Law European Summit, November 25, London, UK. I’ll be keynoting on The Hybrid Cloud-the future of cloud computing.
Monday, September 22, 2014
- OpenShift Online Passes a New Milestone | 2 Million Applications and Growing | Openshift Blog - RT @openshift: We've passed a new milestone--2 Million applications and growing
- Hortonworks will ‘not survive as a long-term business’ - Cloudera - Computer Business Review - RT @EMEACloudGuy: Wow @cloudera thats one way to call your "OSS using" customers stupid, never mind the competition -
- The Most Insane Polyphonic Collage You Will Ever See | GOOD - YouTube - RT @good: A cool collage made from the bleeps and bloops of communication history.
- IBM – Transformation Is Commonplace, Evolution Is Hard | Pund-IT - RT @pund_it: Just posted a new Pund-IT report on last week's #ibmstginsights analyst summit and @IBMSTG strategy/market issues:
- Enterprise Mobile Application Platform | FeedHenry - RT @mofoghlu: Great news! Red Hat to acquire @feedhenry in announcement today -- press release here
- A Scientist Stole my Root Beer | Nature's Poisons
- A History of Misses for RadioShack - NYTimes.com
Tuesday, September 09, 2014
My former colleague RedMonk's Stephen O’Grady writing about the diversification of language options and what might follow:
It may be difficult to conceive of a return to a more simple environment, but remember that the Cambrian explosion the current rate of innovation is often compared to was itself very brief – in geologic terms, at least. Unnatural rates of change are by definition unnatural, and therefore difficult to sustain over time. It is doubtful that we’ll ever see a return to the radically more simple environment created by the early software giants, but it’s likely that we’ll see dramatically fewer popular options per category.
Whether we’re reaching apex of the swing towards fragmentation is debatable, less so is the fact that the pendulum will swing the other way eventually. It’s not a matter of if, but when.
In the past, I’ve mildly disagreed with Stephen and his colleague Donnie Berkholz about whether we were really seeing anything more than the usual plethora of languages that see some use and even some hype but don’t have any real impact and eventually fade away. Most of the languages we use today would have been at least passingly familiar to Web 1.0 and enterprise programmers programmers of the dot-com era even if the mix has shifted over time.
However, Stephen and Donnie’s data has made me at least tentatively come to agree that there’s been an increase in fragmentation. Serious infrastructures, platforms, and apps being created with “non-mainstream” languages such as Scala. Go, from Google, is probably the latest major new entry; it’s used in Docker which is one of the hottest software projects happening right now.
Arguably, fragmentation doesn’t matter so much in a microservices world in which all manner of gratuitous differences can be abstracted from the underlying platform. And developers are supposed to be in control after all, aren’t they?
But as Stephen notes, quoting from a number of senior developers, there are limits to all this. Tim Bray, for example, points out that having to stay current in an overly broad toolchain takes away from having the time and attention to actually drain the swamp. And just because you can abstract gratuitous differences from the underlying platform doesn’t make gratuitous differences a good thing. Code usually needs to be maintained after all.
There great choice of tools out there. And it’s important to support that choice in programming platforms (as Red Hat does with our OpenShift PaaS). But, at the same time, that choice can offer a lot of rope and it’s up to developers and programming teams to use that rope for good and not for ill.
Image source: Startapp.com
Fascinating what it gets pretty spot-on and what seems delightfully archaic (e.g. fax from beach), "FaceTime" from a phone booth.
Monday, September 08, 2014
Tuesday, August 12, 2014
- Get ready for your next-generation cloud: lessons learned from first-generation private clouds - BMC Blogs
- John McAfee In Crazytown | TechCrunch - "Hence McAfee, and his warm reception here. He’s an archetype of Def Con’s collective ethos, both good and bad, a cinematically awesome renegade / outlaw / trickster figure. And he’s also living proof, symbolically, that you can make your mark in the world, both technically and with a successful and famous startup, without selling out and turning corporate in any way; that you can accept everything life may offer and still remain fundamentally uncorrupted."
- Seth's Blog: Understanding substitutes
- The creator of Godwin’s Law on the inevitability of online Nazi analogies and the ‘right to be forgotten’ - The Washington Post - "Well, the thing that newspaper publishers know is that once something is out in the streets, it's very hard to go and get it back. Professional journalists have always known that you can't get the newspaper or the magazine back very easily. The traditional media have a more refined awareness of the lack of control over their content once it's out there. But for people who weren't in professional journalism, they haven't had to grapple with it. If they were writing stuff every day, it was probably in a diary that they kept in a drawer in their room."
- The other dude in the car | ROUGH TYPE - RT @derrickharris: Good take on the human aspect of the sharing economy and automation, via @roughtype: The other dude in the car
- Almost Perfect by W. E. Pete Peterson The Rise and Fall of WordPerfect Corporation
- AnandTech | Intel Broadwell Architecture Preview: A Glimpse into Core M - Sort of miss that I don't spend much time with hardware these days. Broadwell overview:
- Migrating to Cloud Native with Microservices - RT @adrianco: Video of my June QCon NY "Migrating to Cloud Native with Microservices" talk was just released
- Typing Errors - Reason.com
- TIME - Breaking News, Analysis, Politics, Blogs, News Photos, Video, Tech Reviews - RT @timbray: By me, at : ”Why We Might Be Stuck With Passwords for a While”
Thursday, August 07, 2014
My former colleague (and frequent host for good beer at events) Stephen O’Grady of RedMonk has written a typically smart piece titled “What is the Atomic Unit of Computing?” which makes some important points.
However, on one particular point I’d like to share a somewhat different perspective in the context of my cloud work at Red Hat. He makes that point when he writes: "Perhaps more importantly, however, there are two larger industry shifts at work which ease the adoption of container technologies… More specific to containers specifically, however, is the steady erosion in the importance of the operating system."
It’s not the operating system that’s becoming less important even as it continues to evolve. It’s the individual operating system instance that’s been configured, tuned, integrated, and ultimately married to a single application that is becoming less so.
First of all, let me say that any differences in perspective are probably in part a matter of semantics and perspective. For example, Stephen goes on to write about how PaaS abstracts the application from the operating system running underneath. No quibbles there. There is absolutely an ongoing abstraction of the operating system; we’re moving away from the handcrafted and hardcoded operating instances that accompanied each application instance—just as we previously moved away from operating system instances lovingly crafted for each individual server. Stephen goes on to write—and I also fully agree—that "If applications are heavily operating system dependent and you run a mix of operating systems, containers will be problematic.” Clearly one of the trends that makes containers interesting today in a way that they were not (beyond a niche) a decade ago is the wholesale shift from pet operating systems to cattle operating systems.
But—and here’s where I take some exception to the “erosion in the importance” phrase—the operating system is still there and it’s still providing the framework for all the containers sitting above it. In the case of a containerized operating system, the OS arguably plays an even greater role than in the case of hardware server virtualization where that host was a hypervisor. (Of course, in the case of KVM for example, the hypervisor makes use of the OS for the OS-like functions that it needs, but there’s nothing inherent in the hypervisor architecture requiring that.)
In other words, the operating system matters more than ever. It’s just that you’re using a standard base image across all of your applications rather than taking that standard base image and tweaking it for each individual one. All the security hardening, performance tuning, reliability engineering, and certifications that apply to the virtualized world still apply in the containerized one.
To Stephen's broader point, we’re moving toward an architecture in which (the minimum set of) dependencies are packaged with the application rather than bundled as part of a complete operating system image. We’re also moving toward a future in which the OS explicitly deals with multi-host applications, serving as an orchestrator and scheduler for them. This includes modeling the app across multiple hosts and containers and providing the services and APIs to place the apps onto the appropriate resources.
Project Atomic is a community for the technology behind optimized container hosts; it is also designed to feed requirements back into the respective upstream communities. By leaving the downstream release of Atomic Hosts to the Fedora community, CentOS community and Red Hat, Project Atomic can focus on driving technology innovation. This strategy encompasses containerized application delivery for the open hybrid cloud, including portability across bare metal systems, virtual machines and private and public clouds. Related is Red Hat's recently announced collaboration with Kubernetes to orchestrate Docker containers at scale.
I note at this point that the general concept of portably packaging applications is nothing particularly new. Throughout the aughts, as an industry analyst I spent a fair bit of time writing research notes about the various virtualization and partitioning technologies available at the time. One such set of techs was “application virtualization.” The term governed a fair bit of ground but included products such as one from Trigence which dealt with the problem of conflicting libraries in Windows apps (“DLL hell” if you recall). As a category, application virtualization remained something of a niche but it’s been re-imagined of late.
On the client, application virtualization has effectively been reborn as the app store as I wrote about in 2012. And today, Docker in particular is effectively layering on top of operating system virtualization (aka containers) to create something which looks an awful lot like what application virtualization was intended to accomplish. As my colleague Matt Hicks writes:
Docker is a Linux Container technology that introduced a well thought-out API for interacting with containers and a layered image format that defined how to introduce content into a container. It is an impressive combination and an open source ecosystem building around both the images and the Docker API. With Docker, developers now have an easy way to leverage a vast and growing amount of technology runtimes for their applications. A simple 'docker pull' and they can be running a Java stack, Ruby stack or Python stack very quickly.
There are other pieces as well. Today, OpenShift (Red Hat’s PaaS) applications run across multiple containers, distributed across different container hosts. As we began integrating OpenShift with Docker, the OpenShift Origin GearD project was created to tackle issues like Docker container wiring, orchestration and management via systems. Kubernetes builds on this work as described earlier.
Add it all together and applications become much more adaptable, much more mobile, much more distributed, and much more lightweight. But they’re still running on something. And that something is an operating system.
[Update: 8-14-2014. Updated and clarified the description of Project Atomic and its relationship to Linux distributions.]
Tuesday, August 05, 2014
Listen to MP3 (0:11:09)
Listen to OGG (0:11:09)