Shadow (dariaphoebe) wrote,

Broken dreams of computing

Going back to when I was a student, I've been interested in distributed computing. I wanted to set up an ideal distributed computing infrastructure, something that would be easy to manage, easy to maintain, and easy to grow, just because it seemed interesting.

Of course, as a student I had no money, so in many cases I needed free pieces where only commercial pieces were available. Worse, in some cases the pieces I wanted didn't exist at all.

Looking back, it's interesting to see what's happened and what hasn't. It's also very depressing. Consider that it's been basically 10 years since I started working on this.

-Single sign-on authentication system. At the time Kerberos 5 wasn't mature. I did some work on it to try to get what I needed, which was mostly authentication-passing. Kerberos 5 is still under-adopted, but by and large what I wanted is there. No true replication of any of the free KDCs, though. Single master solutions suck.

-Web authentication. Well, let's see. Since that time, browsers became proprietary, and so everything which would have been what I wanted became impossible. I don't want to type a password again. I can live with, but don't want, weird translators to make certs from tickets and vice-versa. This one is a horrible failure, but maybe, now that Microsoft is pushing Kerberos, something might be possible in the future. I'm not holding my breath.

-Distributed filesystem. At the time I wanted an open source equivalent of AFS. I did some work on Kerberized NFS, and it went nowhere. I did some work on exporting AFS to Macs with Netatalk (not much beyond the then-state of the art) . I looked at Windows solutions. Of course, now OpenAFS exists, so basically this is one where I can't overly complain. The Windows support is lagging, but extant. Sadly, no disconnected operation in the distributed sources, no read/write replication, a lot off growth stunted by the delay in becoming open source; Now lots of work that might have happened has gone by the wayside because the people have moved on.

-Secure name service. DNSSEC just hasn't gotten there. I stopped following it quite some time ago.

-Secure directory service. Without DNSSEC, it isn't Hesiod. Some encapsulated Kerberos for DNS stuff I found laying around at MIT and adopted never looked promising enough to continue with; It was a hack. NIS or NIS+ would require GSSRPC but at the time there was no melding of the two, and I declined to do the work. These days, the answer is probably LDAP via a secure connection, and that's possible. Maybe someday I'll get some time to play with it, but OpenLDAP seems to be excessively complex, and last I checked was single master. Ew.

-Privilege delegation service. I wanted an adm replacement, since adm was written to be extensible in Scheme, and I thought it was a dead language. Since, I have extended adm to manage Cyrus and krb5, but I still think it's dead. Sadly, nothing comparable has come along.

-Mail service. Cyrus now supports distributed mailboxes, but not replication. Only the lack of replication precludes this solution from meeting my wishes.

-Local disk management. I have depot to merge subsets of a disk tree into a coherent image including overrides, but I also want the ability to selectively link versus copy subdirectories, packages, or file classes (copy shared libraries, link archive libraries) from a distributed filesystem. No system has ever addressed this to the level I want. Nor have I followed through on any of my plans to write one.

-Resource management. I want to be able to easily create a user or a batch of users, create and manage groups, manage groups of machines, and the like. Moira seemed to be the answer here, except it always wanted proprietary databases, and I never got around to porting to any of the free ones. It's not perfect either, but it's closer than anything else I looked at.

-Mailing list management. I want a distributed list service, not just a service on a single mail host. I could probably glue the pieces together and have it, at this point. Maybe one of these days I will.

Some of these are interesting problems. I was going to write a paper surveying local disk management software with zacheiss for LISA, and we never did anything about it. I wonder if I'll ever have time for it. Likewise, I wonder if we'll continue to struggle with problems that should have been solved 10 years ago for the next 10.
  • Post a new comment


    default userpic

    Your IP address will be recorded 

  • 1 comment