I was also talking about projects and porting in general. Incidentally, I've been paid to do exactly what we're discussing. (Porting a production program using automated translation.) It works.
You can use any CF tool over ssh, this is not unique to ansible. In doing so, you can also "push" to any CF tool. You can also push by using more integrated tools, such as mcollective with puppet.
Given enough effort, you can do any 'X' with any 'Y'. The point is the design, future design, etc. all support that way and make it easy and robust out of the box.
Well, it's a message bus, and requires initial setup, so you don't get the zero-boostrapping capability, and require the agent to stay running and have an open port continuously open to the server.
Yes, you can initiate local runs on other CM tools, but with ansible the multi-tier orchestration and rolling updates can be accomplished from the central server without it -- just set it up and run from a laptop.
As mentioned, you would need "some sort of process" to config the host -- this is Puppet/Chef/etc. Replacing those is not trivial.
Also, not quite sure I understand config "inside vs outside" being the big idea. You can easily include Puppet manifests and have Puppet run in standalone mode from within the container with no outside access to config. That's not new.
Exactly. A container self-configuring by pulling it's config from an external service is pretty much the same as chef-client pulling down a configuration from the Chef server.
What I want from something like CoreOS is a stripped-down container host that will host stripped-down app containers. I want to package my app in the most-stripped-down fashion possible and deploy it on this stripped-down container host.
The idea of using Chef/Puppet to deploy an app onto a full-blown install of Ubuntu/CentOS/etc. seems like overkill. There's a lot of superfluous crap on that full install that consumes storage, memory, and CPU resources. Having a full OS also creates more attack vectors. If you were an attacker, would you rather root some Rails app on a full install of Ubuntu, complete with shells, compilers, etc., or a box with only the bare essentials required to run that Rails app?
I suppose that an argument for having a full-OS install is to make it easy for things like Chef/Puppet to update the server in situ. Stripped-down containers could make that unnecessary. Imagine an app container so small that it's easier to just blow away the container and create a new one with the freshest software.
>What I want from something like CoreOS is a stripped-down container host that will host stripped-down app containers. I want to package my app in the most-stripped-down fashion possible and deploy it on this stripped-down container host.
Working on a scripting interface to Linux designed so you can configure everything internally to your application (ie it can run as the init process) with no significant dependencies (you can statically link it)[1]. Its not finished yet, but you can configure network interfaces, routing etc. Needs some more examples, build scripts etc...
Puppet could indeed be that process, and certainly replacing it isn't trivial. But I'm excited by the idea that we could replace it, by being able to rely on the configuration being directly available (provided by the OS). We'll have to see what gets created!
What's the advantage of it being built into the OS versus using chef or puppet? There's going to be some kind of process running to handle configuration no matter what. Docker also has Dockerfiles to handle configuration of containers. After seeing this article I looked into config management in Docker and containers and I'm having a hard time seeing why something like puppet/chef isn't the right solution.
Posting bail has nothing to do with being under arrest, and everything to do with remaining detained. For many (particularly non-violent) arrests there is no reason to detain a person until the time of their trial, which is at least a month but can commonly be a year or longer after the original arrest date due to a backlogged court system as well as delays necessary to prepare for a trial. Bail system does favor people that can afford it, but so does the trial system (afford a better lawyer), the healthcare system (afford a better doctor), the housing system (afford a better house in a better area), etc. That's called capitalism.
I agree with you that it does not make sense to detain someone for a non-violent crime unless they are likely to commit more crimes. But then they should be released unconditionally while awaiting their trial, not dependent upon whether they can pay a ransom fee or not. On the other hand a psychopathic murderer is dangerous to society so he should never have the option to pay bail.
The point is to give the defendant a proportionately strong incentive to show up at the trial. The judge has authority to set bail at a level that makes it likely they'll actually stand trial, which has to take into account the defendant's personal resources, the size of the potential punishment, and the level of danger they pose. If Bill Gates was being tried for first degree murder, I'm sure his bail would be set well north of $1 billion.
I could be mistaken, but I don't think the idea is to force poor people to be detained. I think the purpose is to provide an incentive for the accused to show up to their court date. If the person posts the bail themselves, then they get the money back when they show up. If they use a bail bondsman, then a bounty hunter will track them down if they don't show up.
Then why didn't this kid, and anyone else stuck in arrest that can't pay the bail, use a bail bondsman to get out of it? It seems like a reasonable idea but broken in practice. If I wanted to become a fugitive I wouldn't care of I was chased by both bounty hunters and the police.
You still need to pay the bail bondsman 10% of your bail (and you don't get it back). He probably didn't have a spare $50k. The question I have is why was the bail $500k? That seems excessive.
You're arguing for scaling up (vertical) instead of scaling out (horizontal). Both are valid approaches. Scaling out is preferred because your architecture is mode modular and you do not have to constantly buy bigger machines as your usage grows; you just add additional machines with similar capacity. The main problem with scaling up is that price and performance are not linearly related and eventually you will be limited by the performance available to one system. But it's a perfectly valid approach for certain scenarios.
Dropping out is not the opposite of not graduating; you can continue trying to graduate for several years. The actual dropout rate is 7.4%: nces.ed.gov/fastfacts/display.asp?id=16
Thanks for the correction. The Atlantic article should have specified that they meant the four year graduation rate. I did think that 25% seemed too high, but I knew that 1% was much too low.
