i'm on a mid-level laptop, at times with slow or expensive internet, running ubuntu. i want to be able to run nominally-isolated "copies" of my laptop at near-native speed
1. each one should have it's own network config, eg so i can use wireguard or a vpn
2. gui pass-through to the host, eg wayland, for trusted tools, eg firefox, zoom or citrix
3. needs to be lightweight. eg gnome-boxes is dead simple to setup and run and it works, but the resource usage was noticeably higher than native
4. optional - more security is better (ie, i might run semi-untrusted software in one of them, eg from a github repo or npm), but i'm not expecting miracles and accept that escape is possible
5. optional - sharing disk with the host via COW would be nice, so i'd only need to install the env-specific packages, not the full OS
i'm currently working on a podman solution, and i believe that it will work (but rebuilding seems to hammer the network - i'm hoping i can tweak the layers to reduce this). does microsandbox offer any advantages for this use case ?
> 1. each one should have it's own network config, eg so i can use wireguard or a vpn
This is possible right now but the networking is not where I want it to be yet. It uses libkrun's default TSI impl; performant and simplifies setup but can be inflexible. I plan to implement an alternative user-space networking stack soon.
> 2. gui pass-through to the host, eg wayland, for trusted tools, eg firefox, zoom or citrix
We don't have GUI passthrough. VNC?
> 3. needs to be lightweight. eg gnome-boxes is dead simple to setup and run and it works, but the resource usage was noticeably higher than native
It is lightweight in the sense that it is not a full vm
> 4. optional - more security is better (ie, i might run semi-untrusted software in one of them, eg from a github repo or npm), but i'm not expecting miracles and accept that escape is possible
The security guarantees are similar to what typical VMs support. It is hardware-virtualized so I would say you should be fine.
> 5. optional - sharing disk with the host via COW would be nice, so i'd only need to install the env-specific packages, not the full OS
Yeah. It uses virtio-fs and has overlayfs on top of that for COW.
Pretty standard Next app on Vercel. Some pre-fetching. Food pages are cached post-generation. Custom go-based search server behind a Cloudflare cache. Any other questions?
i'm open to non-FOSS licenses (and advocate for and use a class of them), but in this case
1. afaict, the license offers zero rights to the user
2. for me personally, i want more rights for a language than for an app, eg mongo
they're trying to demo low-latency so they more-or-less have to be aggressive with cutting you off. that said, i think they're using filler to buy themselves a second or 2 - try a yes-or-no question
we dont use any fillers- we do some cool stuff with speculative responses though to drop a few milliseconds!
But yes- accuracy versus speed of interrupts is a tradeoff we're working on tuning. sorry to hear it was cutting you off. It could have been audio feedback or hug of death, but it shouldn't be talking over you.
try releasing something under an open-but-not-open-source license as a solo developer or small team. there's a lot of established developers (presumably earning high salaries) that will very vocally badmouth the license choice. i'd seen this happen over and over again eg here, and when i've asked other developers why they open sourced their products they've said the same, and it was one of my concerns when i approached launch
sadly, my market fit was so bad that nobody ever looked at the license ::karma::
note: i have no problem with someone choosing not to use a product with a license they don't like (i do the same). it's the dissing of others that would use it that potentially crosses the line. i'm not even saying it *is* theft, only that there's a valid argument to that effect
There are 2 reasons freemium shared-source-style licenses are bad mouthed:
1. The products get advertised as open source; inviting people to look at it and contribute, the problem being that they are legal minefields, copyright or patents lawsuits that are waiting to happen. This was the biggest complaint against Microsoft's Shared Source initiative back in the day, and it's just as true now.
2. Some companies made their product popular via Open Source, like MongoDB, Redis, Elasticsearch, took all the contributions and the free marketing, then switched; such instances being a bait-and-switch. Elasticsearch in particular is interesting because what they wanted was to withhold security patches from the OSS version, and Amazon got on the way by pushing PRs for patches.
All these cases are more glaring examples of value extraction, benefiting from unpaid labor.
There is nothing wrong with developing proprietary software, but you need to be honest about what you're selling.
- me: solo dev or small team
- you: microsoft, mongo, redis
one of us is being disingenuous, but i don't believe it's me
(username on point ;)
i agree with both your examples being bad. for #2, they required one-sided CLAs while "open source". the alternative to signing the CLA was to fork, which is rarely well-received by the community, ie the same basic issue i raised
FLOSS is great in that it can facilitate collaboration and adoption, but at the expense of greatly limiting the business models. and even then context still matters - eg there's big difference between the kernel with 1000s of independent contributors, and mongo with one party holding CLA rights to the entire codebase (FLOSS in name only, i'd argue)
- for me, what's ultimately important is that people are free and that people that do good work are rewarded
- software licenses are just a tool to help us get there
- non-FLOSS might enable much of that same good while scaling to more business models and software
- they might ultimately be good for society, but getting the details right is hard
- i'm no longer actively working on my own stuff, but my attempt was: https://github.com/db4j/pupl
- note: if i was doing this today, the core limit would be much higher
Seems like they have it registered. I'm sure they've already lawyered up and will protect their trademark. I think they have a pretty strong case. Maybe elon will license it or buy them.
1. each one should have it's own network config, eg so i can use wireguard or a vpn
2. gui pass-through to the host, eg wayland, for trusted tools, eg firefox, zoom or citrix
3. needs to be lightweight. eg gnome-boxes is dead simple to setup and run and it works, but the resource usage was noticeably higher than native
4. optional - more security is better (ie, i might run semi-untrusted software in one of them, eg from a github repo or npm), but i'm not expecting miracles and accept that escape is possible
5. optional - sharing disk with the host via COW would be nice, so i'd only need to install the env-specific packages, not the full OS
i'm currently working on a podman solution, and i believe that it will work (but rebuilding seems to hammer the network - i'm hoping i can tweak the layers to reduce this). does microsandbox offer any advantages for this use case ?