Announcement: Preloaded disposables#146
Conversation
andrewdavidwong
left a comment
andrewdavidwong
left a comment
There was a problem hiding this comment.
Looks great! Here are some minor editing suggestions.
ben-grande
force-pushed
the
announce-preload
branch
from
9bb3cee to
03f7a19
Compare
ben-grande
force-pushed
the
announce-preload
branch
2 times, most recently
from
3592218 to
6de57d2
Compare
ben-grande
force-pushed
the
announce-preload
branch
2 times, most recently
from
51a71c0 to
c38969c
Compare
| Or use the equivalent command-line operation: | ||
|
|
||
| ```shell | ||
| qvm-features dom0 preload-dispvm-max 10 |
There was a problem hiding this comment.
While in theory the exact value doesn't matter as an example, in practice people will use this as-is when trying it out. 10 dispvms is a lot, and will use considerable amount of memory, especially relevant for systems with not a lot of RAM... More preloaded disposables is useful only if you use them quickly one after another (qubes builder likely will be such example), but for normal usage (for example using disposables to view/edit documents) I'd say even 1 or 2 is a reasonable value.
ben-grande
force-pushed
the
announce-preload
branch
from
c38969c to
b98e97b
Compare
|
|
||
| --> | ||
|
|
||
| ## Know issues |
There was a problem hiding this comment.
| ## Know issues | |
| ## Known issues |
| A [disposable](/doc/how-to-use-disposables/) is a lightweight qube that can be | ||
| created quickly and will self-destruct when closed. Disposables are usually | ||
| created in order to host and execute untrusted code, be it on the software | ||
| level a single application (like a viewer, editor or web browser) or the |
There was a problem hiding this comment.
| level a single application (like a viewer, editor or web browser) or the | |
| level of a single application (like a viewer, editor or web browser) or the |
| created quickly and will self-destruct when closed. Disposables are usually | ||
| created in order to host and execute untrusted code, be it on the software | ||
| level a single application (like a viewer, editor or web browser) or the | ||
| hardware level ([PCI passtrough](/doc/how-to-use-pci-devices/)). |
There was a problem hiding this comment.
| hardware level ([PCI passtrough](/doc/how-to-use-pci-devices/)). | |
| hardware level (e.g., for [PCI passthrough](/doc/how-to-use-pci-devices/)). |
| for every new task. Unnamed disposables are ideal for this use case. So, what | ||
| is the problem with them? The caller has to wait for a complete qube startup | ||
| before running the desired application. The delay might seem a minor annoyance | ||
| at first, but over a prolonged period, fatigued users run applications on |
There was a problem hiding this comment.
| at first, but over a prolonged period, fatigued users run applications on | |
| at first, but over a prolonged period, fatigued users tend to reuse |
| is the problem with them? The caller has to wait for a complete qube startup | ||
| before running the desired application. The delay might seem a minor annoyance | ||
| at first, but over a prolonged period, fatigued users run applications on | ||
| already tainted qubes or in the qube itself to avoid the waiting time. |
There was a problem hiding this comment.
| already tainted qubes or in the qube itself to avoid the waiting time. | |
| tainted disposables or run applications in non-disposable qubes to avoid the waiting time. |
| at first, but over a prolonged period, fatigued users run applications on | ||
| already tainted qubes or in the qube itself to avoid the waiting time. | ||
|
|
||
| The problem is not the user's lack of understanding or lack of documentation |
There was a problem hiding this comment.
| The problem is not the user's lack of understanding or lack of documentation | |
| The problem is not the user's lack of understanding or a lack of documentation |
| already tainted qubes or in the qube itself to avoid the waiting time. | ||
|
|
||
| The problem is not the user's lack of understanding or lack of documentation | ||
| but how the user perceives the system. If the system is slow, the user will |
There was a problem hiding this comment.
| but how the user perceives the system. If the system is slow, the user will | |
| but how the user perceives the system. If the system is slow, many users will |
|
|
||
| Yes! It can do better. | ||
|
|
||
| In the project lead's presentation |
There was a problem hiding this comment.
| In the project lead's presentation | |
| Qubes OS project lead Marek Marczykowski-Górecki, in his |
|
|
||
| In the project lead's presentation | ||
| [Qubes OS development status update](https://cfp.3mdeb.com/qubes-os-summit-2024/talk/AWCBJ8/) | ||
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster |
There was a problem hiding this comment.
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster | |
| at Qubes OS Summit 2024, mentioned plans for faster |
| In the project lead's presentation | ||
| [Qubes OS development status update](https://cfp.3mdeb.com/qubes-os-summit-2024/talk/AWCBJ8/) | ||
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster | ||
| disposable qube usage for this release. Here is where preloaded disposables |
There was a problem hiding this comment.
| disposable qube usage for this release. Here is where preloaded disposables | |
| disposables in Qubes OS 4.3. Here is where preloaded disposables |
| [Qubes OS development status update](https://cfp.3mdeb.com/qubes-os-summit-2024/talk/AWCBJ8/) | ||
| at the Qubes OS Summit 2024, it was mentioned that there was intent for faster | ||
| disposable qube usage for this release. Here is where preloaded disposables | ||
| enters. |
There was a problem hiding this comment.
| enters. | |
| enter. |
There was a problem hiding this comment.
Isn't the subject preloaded disposables an it? Here is where it enters?
There was a problem hiding this comment.
preloaded disposables is plural.
| suspended, as appropriate) and resumed (transparently) when a disposable qube | ||
| is requested by the user. | ||
|
|
||
| When the qube is preloaded, the qube application listing or the qube entry |
There was a problem hiding this comment.
| When the qube is preloaded, the qube application listing or the qube entry | |
| When the qube is preloaded, the qube application listing and the qube entry |
| is requested by the user. | ||
|
|
||
| When the qube is preloaded, the qube application listing or the qube entry | ||
| itself is hidden from GUI applications such as the app menu and the Qrexec |
There was a problem hiding this comment.
| itself is hidden from GUI applications such as the app menu and the Qrexec | |
| itself are hidden from GUI applications such as the app menu and the Qrexec |
| When the qube is preloaded, the qube application listing or the qube entry | ||
| itself is hidden from GUI applications such as the app menu and the Qrexec | ||
| Policy Ask prompt. This is by design to avoid contamination. A preload is not | ||
| something you use directly, but indirectly. |
There was a problem hiding this comment.
| something you use directly, but indirectly. | |
| something intended to be used directly, but indirectly. |
| something you use directly, but indirectly. | ||
|
|
||
| The use of preloaded disposables is transparent, indistinguishable from the | ||
| usage of unnamed disposables. Requesting the creation of a new unnamed |
There was a problem hiding this comment.
| usage of unnamed disposables. Requesting the creation of a new unnamed | |
| use of unnamed disposables. Requesting the creation of a new unnamed |
|
|
||
| The use of preloaded disposables is transparent, indistinguishable from the | ||
| usage of unnamed disposables. Requesting the creation of a new unnamed | ||
| disposable will instead mark a preload as used and reply with an already |
There was a problem hiding this comment.
| disposable will instead mark a preload as used and reply with an already | |
| disposable will instead mark a preload as used and reply with an already- |
ben-grande
force-pushed
the
announce-preload
branch
from
b98e97b to
a68d701
Compare
Yes, I implement all the changes manually instead of copying from the Github WebUI to my code editor. I hope that one day the add to batch suggestion actually open an interface where it shows a patch instead of just prompting to commit in browser. About the same errors resurfacing... I don't really know what happened, I verified each suggestion manually. About making things easier, you are welcome to do a last pass when the draft is completed. Thanks for your effort so far. |
ben-grande
force-pushed
the
announce-preload
branch
from
a68d701 to
0332c49
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
0332c49 to
601fef0
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
601fef0 to
2bddc7a
Compare
| A [disposable](/doc/how-to-use-disposables/) is a lightweight qube that can be | ||
| created quickly and will self-destruct when closed. Disposables are usually |
There was a problem hiding this comment.
The new definition introduced in QubesOS/qubes-doc#1554 is better.
| There are two kinds of disposables, unnamed and named. The difference between | ||
| them (besides one having a fixed name) is that unnamed disposables are | ||
| destroyed when closing the first application opened in them while the user | ||
| must explicitly shut down named disposables. |
There was a problem hiding this comment.
I mentioned this about QubesOS/qubes-doc#1554 but it is not exactly true when attaching devices.
There was a problem hiding this comment.
I included this in the glossary and the how to. I am not sure I will add it here.
| GUI daemon only starts the connection with the qube's GUI agent when the | ||
| preload disposable is marked as used. | ||
|
|
||
| [](/attachment/posts/preload-graph_01_stack_stack_0.png) |
There was a problem hiding this comment.
These kind of graphs should provide a full textual description. Maybe the easiest way to do that would be to provide tables too?
There was a problem hiding this comment.
Ideally, matplotlib would automatically generate them. I found out there is matplotlibalt, but installation is only via pip...
See that OpenQA is already generating graphs, which is nice. Matplotalt has an option img_file that can save alt text to JPEG. But for that to hapen on CI, I would need to get a pip package to dom0 using a wrapper to bypass network restrictions (probably there is an integrated script for that already or the curl wrapper CI uses to fetch from local network), or copy the results to a vm, install matplotalt in a vm, generate the results there and them copy them to dom0 so they can be uploaded to OpenQA at the end of the job. @marmarek ?
Or I can fix jjust this case by writing the results manually.
| with `qvm-console-dispvm`. The default qube for those operations is | ||
| `default-mgmt-dvm`: | ||
|
|
||
| [](/attachment/posts/preload-local.png) |
There was a problem hiding this comment.
The alt isn't consistent (should be "qube's settings") and a detailed textual description should be provided.
| If you use the global `default_dispvm` a lot, you can target the global | ||
| preload setting by setting the feature on `dom0`: | ||
|
|
||
| [](/attachment/posts/preload-global.png) |
There was a problem hiding this comment.
A detailed textual description should be provided here too.
ben-grande
force-pushed
the
announce-preload
branch
from
2bddc7a to
0cc4549
Compare
| destroyed when closing the first application opened in them (on most | ||
| workflows) while the user must explicitly shut down named disposables. |
There was a problem hiding this comment.
(on most workflows)
Nice balance between precision and readability!
| with `qvm-console-dispvm`. The default qube for those operations is | ||
| `default-mgmt-dvm`: | ||
|
|
||
| [](/attachment/posts/preload-local.png) |
ben-grande
force-pushed
the
announce-preload
branch
from
0cc4549 to
15b5d0a
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
15b5d0a to
d22444a
Compare
|
This should be good for publishing, I think - the two TODO are for actual publishing (depending on when it happens). |
ben-grande
force-pushed
the
announce-preload
branch
from
d22444a to
a5bc954
Compare
|
OK for review. I was adding a section to compare against industry but may be too much for the news post. |
|
I don't think there is something still preventing this post from being published. |
|
I think you are right. No further review comments.
|
|
@ben-grande
I will add these before we post, unless you will. |
|
The user facing material should be at the head of the post. Otherwise it will be lost or skipped over. |
I tried to do in order of discovery, as per the headers: ## What are disposables?
## Fresh disposable startup time leads to fatigue
## What are preloaded disposables?
### Industry comparison on getting pristine environments faster
## How to use preloaded disposables (User-facing material)
## Performance improvements
### Stacked execution
### Stacked total
### Execution per iteration
### Total per iteration
## Known issues, some soon to be fixedI think that moving the user-facing material to the top would break the discovery. It would explain how to use it before explaining what it is and what problem it is trying to solve. Maybe I can do a TLDR at the top linking to important sections? |
Done. Not pushed yet.
This situation will change, hopefully soon and hopefully before this post is published. Marta is doing a centralized configuration of preload disposable quantity in the global config. That means that both images will become outdated. Apparently there still is a checkbox there.
Can you provide such case? I read your issue on the forum of not being beneficial to preload, but it is not clear to me how should I express that. I am just aware that it was a memory constrained environment, with some qubes already running and not being able to preloaded. But this is less relevant with the introduction of
Can you link to them? |
I wrote this already: While the disposable template remains the global `default_dispvm`, it will
respect the global feature and ignore the per-qube setting.
To remove all the preloaded qubes, set the feature value to `0`, `''` (empty)
or delete the feature by unchecking the box. If the feature is set on `dom0`,
it's better to delete the feature so that the preload setting to be read from
the disposable template itself and not capped to `0`. |
ben-grande
force-pushed
the
announce-preload
branch
from
a5bc954 to
9df4510
Compare
ben-grande
force-pushed
the
announce-preload
branch
from
9df4510 to
464e9c8
Compare
5 participants
Depends:
Graphs are finished, they should be added to
qubes-attachmentand also, I think it is a good idea to update the disposable documentation before this post is published, because the docs is outdated, I will do it this week and reference bits of the documentation in this post.