I certainly respect the ambition of the Aurae project and wish it all the best. While I’m not opposed to the concept, to me I view these problem spaces as isolated. Assuming PID 1 is a big responsibility and one where I want as much surface area studied by the community as possible. If, in order to get that, I need to handle different steps of the runtime through different subsystems, that’s fine. I don’t consider the learning curve of Systemd for most tasks to be high enough to warrant a replacement.
They’re correct in that some of the logic breaks down with containers, but we have a model with Container-optimized OS with how to more securely lock down a host OS designed from the start to be a Node. While they use the now defunct Upstart as the Init system, I care less about that because they handle more of the common issues, like immutable root filesystem and verified boot along with more frequent updates. In my experience I am less held back by the problems Aurae is attempting to solve and more often held back by issues related to modifications to the Node OS, a problem solved by the Container-optimized OS model.
If I have a locked down Node OS with Integrity Measurement Architecture, Audit, Kernel Page Table Isolation, and some Linux Security Modules and on rare occasions need to drop down into Systemd to perform one specific task, I feel better because there are more eyes and resources looking at each of these problems. If I flatten the problem and assume the liability myself, even if Aurae does an amazing job, the payoff would need to be immense. I just don’t see it yet.
I certainly respect the ambition of the Aurae project and wish it all the best. While I’m not opposed to the concept, to me I view these problem spaces as isolated. Assuming PID 1 is a big responsibility and one where I want as much surface area studied by the community as possible. If, in order to get that, I need to handle different steps of the runtime through different subsystems, that’s fine. I don’t consider the learning curve of Systemd for most tasks to be high enough to warrant a replacement.
They’re correct in that some of the logic breaks down with containers, but we have a model with Container-optimized OS with how to more securely lock down a host OS designed from the start to be a Node. While they use the now defunct Upstart as the Init system, I care less about that because they handle more of the common issues, like immutable root filesystem and verified boot along with more frequent updates. In my experience I am less held back by the problems Aurae is attempting to solve and more often held back by issues related to modifications to the Node OS, a problem solved by the Container-optimized OS model.
If I have a locked down Node OS with Integrity Measurement Architecture, Audit, Kernel Page Table Isolation, and some Linux Security Modules and on rare occasions need to drop down into Systemd to perform one specific task, I feel better because there are more eyes and resources looking at each of these problems. If I flatten the problem and assume the liability myself, even if Aurae does an amazing job, the payoff would need to be immense. I just don’t see it yet.
Hm a few reactions after reading through this and the design doc:
I probably should jump on the Discord, once I crawl out from under a big pile of Oil-related work :)