Snowden, Cinder demo give OpenStack Summit storage twist
BOSTON — Storage is rarely a focal point at OpenStack Summit keynotes, so it was interesting this week to see a Cinder block storage demo — even if it failed — and Edward Snowden discussing data in the cloud.
The OpenStack Cinder demo hit a technical glitch, but the live video feed from Moscow with the former National Security agency contractor went off without a hitch.
Snowden left the U.S. after his 2013 leak of more than a million documents revealed extensive domestic surveillance operations. He told OpenStack Summit attendees they could help the people who make the decisions on how to build the infrastructure-as-a-service layer — which he said is “increasingly becoming the bones of the Internet.
“You could use [Amazon’s] EC2. You could use Google’s Compute Engine or whatever. These are fine, right. They work. But the problem here is that they’re fundamentally disempowering,” Snowden said. “You give them money, and in exchange you’re supposed to be provided with a service. And that exists. But you’re actually providing them [with] more than money. You’re also providing them with data, and you’re giving up control. You’re giving up influence. You can’t reshape their infrastructure.
“They’re not going to change things and tailor it for your needs,” he continued. “And you end up reaching a certain point where, OK, these are portable to a certain extent. You can containerize things and then shift them around. But you’re sinking costs into an infrastructure that is not yours fundamentally.”
He cautioned that, when running on the stacks of Google or Amazon, “How do you know when it starts spying on you?” Snowden asked. “How do you know when your image has been passed to some adversarial group, whether it’s just taken by an employee and sold to a competitor, whether it’s taking a copy for the FBI, whether legally or illegally. You really don’t have any awareness of this, because it’s happening at a layer that’s hidden from you.”
Snowden said OpenStack could make users “lose that fundamental, inherent silent vulnerability of investing into things” they don’t influence, own, control or shape. He said OpenStack requires “a little bit more of a technical understanding” to build layer by layer and “continues to comply with this very free and open set of values that the open source community, in general, drives all over the place.
“We can start to envision a world where cloud infrastructures are not private in the sense of private corporations, but private in the sense of a person,” Snowden said, where a small business, a large business or a community of technologists could own, control and shape OpenStack and “lay the foundation upon which everybody builds.
“And I think that’s probably one of the most powerful ideas that shapes the history of the internet and, hopefully, will allow us to direct the future of the internet in a more free rather than a more closed way,” Snowden said.
Cinder demo problem
The Cinder block storage service factored into an OpenStack Summit demo gaffe in the context of explaining open “composable” and cloud-native infrastructure. The snafu came during an attempt to show how to run Cinder as a stand-alone service using Docker Compose to spin up containers.
John Griffith, a principal software engineer at NetApp, later explained the problem he confronted on stage: “There’s an interesting race condition that in all of our rehearsals we never hit, where the scheduler container would come up before the database container was actually ready to receive requests,” he said. “And so it would crash the scheduler container.”
Griffith said he had never encountered the problem before, despite running “this exact demo probably at least a hundred times” before the keynote.
“Unfortunately, when you’re doing a keynote live demo in front of a few thousand people, you don’t have the liberty or luxury to just [say], ‘Hey, let me try this again,’ ” Griffith said.
Kendall Nelson, an upstream developer advocate with the OpenStack Foundation, said the demo ran perfectly twice on the morning of the OpenStack Summit keynote and at least a half dozen times the day before.
Nelson said the takeaway would have been that users could deploy Kubernetes and Docker with OpenStack, and use OpenStack services such as Cinder stand-alone, without additional services such as Nova compute.
“Really, one of the most important things to take away from that, too, is the fact that Cinder actually, by itself, can be extremely easy for somebody to deploy and use,” Griffith said. “Somebody could actually download that Compose file and run that Compose file on their own and have an up-and-running Cinder deployment.”
Griffith said developers are increasingly realizing a need for persistent block storage with containers.
“There are, of course, people that say the world should be ephemeral, and there’s no persistence. The reality is that’s not the world we live in,” Griffith said. “Databases are pretty useless if they don’t have any data in them. OpenStack has been working on storage for a long time. The container space hasn’t. So this is actually an opportunity. ‘Hey, here is a storage service. You can plug this in, and now all you have to do is focus on your APIs.'”