| 1 |
On 02/02/2017 01:01 PM, Rich Freeman wrote: |
| 2 |
> On Thu, Feb 2, 2017 at 11:25 AM, Michael Orlitzky <mjo@g.o> wrote: |
| 3 |
>> |
| 4 |
>> If (base == minimal), then all of the upstream defaults need to be added |
| 5 |
>> to package.use for the upstream-defaults profile. That's bad, |
| 6 |
> |
| 7 |
> I'll go further and say that it is unacceptably bad. |
| 8 |
> |
| 9 |
>> but if |
| 10 |
>> (base == upstream-defaults), then the important IUSE defaults need to be |
| 11 |
>> copy/pasted from our ebuilds into the minimal profile. The latter is |
| 12 |
>> more spiritually damning =) |
| 13 |
>> |
| 14 |
> |
| 15 |
> So, I'll admit I've never been one that cared a great deal about |
| 16 |
> minimalism so I appreciate that I may not be the best one to judge |
| 17 |
> this, so let's go ahead and embrace your statement for the purpose of |
| 18 |
> debate. |
| 19 |
> |
| 20 |
> Is there a better way we can have our cake and eat it too? I'll admit |
| 21 |
> that a huge package.use on the minimal profile isn't a whole lot |
| 22 |
> better than a huge package.use on all the other profiles. |
| 23 |
> |
| 24 |
> Do we need another form of syntax in individual ebuilds to try to |
| 25 |
> separate out the various cases you cite? Does anybody care to |
| 26 |
> actually suggest one? |
| 27 |
|
| 28 |
I think that unikernels are something everyone should be aware of |
| 29 |
as they purport to be the latest trend in securing all sorts of systems. |
| 30 |
(a brief read). |
| 31 |
|
| 32 |
http://unikernel.org/ |
| 33 |
|
| 34 |
|
| 35 |
Perhaps we should not have a 'minimal profile', as it means so many |
| 36 |
different things to so many different people. We have not even surveyed |
| 37 |
the user base... |
| 38 |
|
| 39 |
So if we think of all the possible profiles and sub-profiles as being |
| 40 |
organized in a tree structure, it is better to figure out logical |
| 41 |
organization of all profiles, imho. |
| 42 |
|
| 43 |
So how about profiles that are either under the embedded or basic |
| 44 |
'moniker' in the profile tree. So embedded is the least number of |
| 45 |
packages possible, regardless of upstream, where folks build up from |
| 46 |
there to what they want as a finished system. Embedded, clusters, HPC, |
| 47 |
and such are compatible enough for what I'm building to be under the |
| 48 |
same branch of the profile tree. If other folks want their cluster works |
| 49 |
under the basic part of the profile tree that is concerned with |
| 50 |
upstream, then they have their part of the profile tree located there. |
| 51 |
|
| 52 |
And the 'basic' part of the tree is similar to what we now call |
| 53 |
'default' and the names build up in whatever schema those target builds |
| 54 |
desire, like basic+headless, basic+kde, basic+?+whatever..... ? |
| 55 |
|
| 56 |
And is there any reason, if necessary that other needs cannot be |
| 57 |
branched off, as necessary form the profile tree? Perhaps the main root |
| 58 |
is a state diagram of what is need and has links to relevant documents. |
| 59 |
That way the profile tree is a live system that can be enhance or |
| 60 |
modified to serve all of Gentoo's diverse visions. |
| 61 |
|
| 62 |
|
| 63 |
> I still think that we shouldn't encourage users to lightly deviate |
| 64 |
> from all the upstream defaults. There are of course legitimate |
| 65 |
> reasons for doing so, and you and I can probably appreciate when we |
| 66 |
> should do this, but for somebody starting out we're giving them a lot |
| 67 |
> of rope to hang themselves with. |
| 68 |
|
| 69 |
This is only the case because profiles are in general in a mess and |
| 70 |
there are little in the way of conventions. What is so sacrosanct about |
| 71 |
upstream for a truly embedded gentoo system or a gentoo based IoT |
| 72 |
device? How many of the gentoo-embedded devs even bother to read |
| 73 |
gentoo-dev? Your vision seems to me to be tainted by the major distros |
| 74 |
and their visions, not be impolite, but they are way off course for |
| 75 |
secure systems, embedded systems, IoT, HPC and numerous other active |
| 76 |
areas of Linux, imho. |
| 77 |
|
| 78 |
|
| 79 |
Think about it, if upstream is so brilliant, and has our needs 'at |
| 80 |
heart' then why have not the kernel-geniuses bothered to build a |
| 81 |
logical, coherent semantic for kernel configurations, management, |
| 82 |
security testing and such? If fact, if I were to be critical of |
| 83 |
upstream, I'd say those and many other issues should have been addressed |
| 84 |
before the adventures of systemd were dictated upon the larger user |
| 85 |
base. Upstream is an 'ad-hoc' mess, in the old days we called such |
| 86 |
entities a clusterF*. |
| 87 |
|
| 88 |
|
| 89 |
So those of us going back to minimal and basics and such venues, even |
| 90 |
with clusters, could not care less about Mozilla, systemd and thousands |
| 91 |
of other upstream folks that have lost their pathway forward. (deepest |
| 92 |
apologies, but I have very strong feelings about "upstream*". |
| 93 |
|
| 94 |
|
| 95 |
Many of the profiles in this and other recent threads, are just 'ad-hoc' |
| 96 |
naming structures and locations, and that historical flexibility extend |
| 97 |
to the devs is fantastic. This enhance/cleaning need of gentoo profiles |
| 98 |
needs to be well thought out and as flexible semantically as possible. |
| 99 |
|
| 100 |
|
| 101 |
It is absolutely a superior approach to not care at all what upstream |
| 102 |
does, to provide a pathway for embedded gentoo. That is a fundamental |
| 103 |
characteristic of what an embedded system is. Thanke the code, purge |
| 104 |
90+ percent of this, and then install it on a embedded system so |
| 105 |
only what is needed is encluded. On a distro, you can pile on tons |
| 106 |
of uncessary codes, for convenience and not care, but embedded, |
| 107 |
it does matter. That is why so much of Iot is hacked and owned |
| 108 |
by folks with nefarious intentions. Much of 'upstream' is growing |
| 109 |
dumber by the day, and corporate manager and government interlopers |
| 110 |
are just loving the cruft of 'upstream'. |
| 111 |
|
| 112 |
|
| 113 |
Minimal is a close cousin to embedded, and now unikernels and aggressive |
| 114 |
HPC clusters are going that direction too in the name of performance, |
| 115 |
sane-management and reducing attack surfaces for the cloud or HPC |
| 116 |
cluster (not all, but many). |
| 117 |
|
| 118 |
|
| 119 |
Surely a branch of the gentoo profiles tree, could rigorously be focused |
| 120 |
on compatibility with upstream, but that inflexibility, if imposed |
| 121 |
on everyone else, will only serve to further alienate gentoo-embedded |
| 122 |
and serve as a unnecessary wedge between some minimal, HPC and unikernel |
| 123 |
types of gentoo builds. |
| 124 |
|
| 125 |
|
| 126 |
|
| 127 |
> It is like building a kernel |
| 128 |
> answering no to the largest number of questions possible while still |
| 129 |
> actually building something. I'd actually be curious as to what that |
| 130 |
> kernel would even be capable of doing (there are a lot of fairly |
| 131 |
> essential things you can turn off in the kernel). |
| 132 |
|
| 133 |
|
| 134 |
This is a whole other area of valid concern. Their was a GSoC project |
| 135 |
last summer to work on organizing gentooish kernel builds, but that is a |
| 136 |
very big topic. Perhaps the profiles will have to be proposed but not |
| 137 |
formalized until folks go out and do some kernel builds and testing |
| 138 |
associated with a proposed profile organization? |
| 139 |
|
| 140 |
|
| 141 |
> In the same way, we shouldn't be too quick to deviate from upstream |
| 142 |
> defaults ourselves (#4 in your example), beyond actual integration |
| 143 |
> work. |
| 144 |
|
| 145 |
> I'll admit the current state is a bit of a compromise, but I don't |
| 146 |
> think we should change it unless we're changing it to something |
| 147 |
> significantly better. This is a pretty big-impact change. |
| 148 |
|
| 149 |
|
| 150 |
Just formalize some new parts of the profile tree to not be required to |
| 151 |
be upstream compliant. Isn't that part of being a 'meta-distribution'? |
| 152 |
|
| 153 |
In my future (and the future of many others) there will be minimalistic |
| 154 |
builds on clusters where any number to constructs including |
| 155 |
compatibility which will all be solved, at the framework level, not the |
| 156 |
base distro level, to the extent possible. Folks are now running a |
| 157 |
myriad of windows OS versions on linux (&clusters), so I have just read |
| 158 |
about a few days ago. So I'm proposing and working on gentoo |
| 159 |
heterogeneous cluster where one can partition part to be for systemd |
| 160 |
stuffage, part to be HPC, part to be extraordinarily secure, part to be |
| 161 |
aligned with a particularly commercial linux distro, and many other |
| 162 |
differing needs based frameworks. |
| 163 |
|
| 164 |
|
| 165 |
The minimal (lowest level) should be clear of all of those distro |
| 166 |
encumbrances. CoreOS is taking this approach, as their bare metal |
| 167 |
bootstrapping occurs completely and well before systemd or any other |
| 168 |
PID1 schema is invoked or becomes a defacto requirement. Gentoo is all |
| 169 |
about freedom, right? |
| 170 |
|
| 171 |
|
| 172 |
hth, |
| 173 |
James |
Archives