The reason there were so many commercial distributions of open stack was because setting it up reliably end to end was nearly impossible for most mere mortals.
Company’s like meta cloud or mirantis made a ton of money with little more than openstack installers and a good out of the box default config with some solid monitoring and management tooling
And Blue Origin was incorporated a few years prior to SpaceX. They’ve been working on this problem significantly longer than SpaceX, so they were more confident in their approach.
Free software is by its very nature dogmatic. Stallman himself makes cringey jokes and references to the “church of gnu”. It’s more of a way of life than a way to develop software. By design, a religion is only happy with 100%.
Open source is just pragmatic and is very happy with the 99% being open source. It’s more corporate and doesn’t generally care at all about the dogma.
In the US, dark fiber will run you around 100k / mile. Thats expensive for anyone even if they can afford it. I worked in HFT for 15 years and we had tons of it.
DWDM per-wavelength costs are way, way lower than that, and, with the optional addition of encryption, perfectly secure and fast enough for disk replication for most storage farms. I've been there and done it.
Assuming that dark fiber is actually dark (without amplifiers/repeaters), I'd wonder how they'd justify the 4 orders of magnitude (99.99%!) profit margin on said fiber.
That already includes one order of magnitude between the 12th-of-a-ribbon clad-fiber and opportunistically (when someone already digs the ground up) buried speed pipe with 144-core cable.
So that's 5 million bucks for 50 miles? If there are other costs not being accounted for, like paying for the right-of-way that's one thing, but I would think big companies or in this case, a national government, could afford that bill.
Blender has a ton of competitors. They're all commercial and have corporate backing. If anything, blender is the "little guy". It is utterly amazing what Ton has managed to do with Blender.
I would think Maya is the most influential of all of them. Blender is popular among hobbyists and people who aren't able to shell out a few thousand every year, but Maya dominates in the commercial world. Plus many animators are using Unreal Engine just for traditional animation now
Blender is absolutely an underdog in commercial studios. It is used, but it’s the minority tool for professional settings. There are still several areas blender is lacking compared to maya or 3dsmax.
Or if the service didn't support pam_limits because it was legacy trash, you had to hack something into the initscript like `ulimit -n XYZ` and restart it. Now things like this are trivial and easy to solve. Using systemd makes large scale Linux systems administration much easier.
Now it has gone a bit overboard. Some of the stuff like the dns resolver or the nspawn capability seem a bit over the top, but overall, it has massively improved all Linux distributions it is used in.
Never again will I worry about trash buggy init scripts not actually stopping a service due to a stale pid file. Now it puts the service into a control group and can kill all things in the control group even if the service is bad code.
And this was formally updated post 9/11 with the AUMF (Acceptable Use of Military Force) which gave the president quite sweeping powers without direct congressional approval. The caveat is that the AUMF is only for 9/11 responsible countries or affiliates. Given 9/11 was Al Qaeda and they are Sunni, and that Iran is Shia, they are not actually related since they want to also kill each other. Still, these powers are being bastardizes to limit the authority of congress.
The AUMF was an addition to WP so Iran's lack of support for AQ doesn't limit normal WP operations. Additionally sectarian concerns are more malleable than presented. As an example review Iran's long-standing support for Hamas which is Sunni-affiliated.
—Consistent with section 8(a)(1) of the War Powers Resolution, the Congress
declares that this section is intended to constitute specific statutory
authorization within the meaning of section 5(b) of the War Powers
Resolution.
Thomas, what are your thoughts on micro-vms such as kata containers? You can use them as a backend for docker in place of runc.
I'm sure you're well aware, but for the readers, they are isolated with a CPU's VT instructions which are built to isolate VMS. I still think "containers don't contain" in a very Dan Walsh boston accent, but this seems like a respectable start.
QEMU is more well-known and tested than Firecracker; i.e., a hacked version is used in Xen used everywhere in the past decade while Firecracker is primarily an Amazon-only thing. Cloud Hypervisor, Dragonball, and StratoVirt aren't well-known or battle-tested IMO. The problem is none of these possess true manageability and isolation features of any solid type 1 hypervisor which makes Kata equivalent to a user-space application rather than a reliable platform with harder resource isolation guarantees.
Firecracker is probably the 2nd or 3rd most widely deployed hypervisor in production deployments. I think "Amazon-only" isn't doing the rhetorical lifting you mean it to do. The idea that it's "equivalent to a user-space application" makes very little sense.
No, that's true, VMs don't protect against microarchitectural attacks. But neither does shared-kernel isolation; in fact, shared-kernel is even worse at it. So if that's the concern, it doesn't make much sense in the threat model.
reply